IPMI cipher level integrity test
Changes:
- Added test to execute all cipher supported level.
- Added local IPMI test suite keyword to execute command
with a given cipher level value.
- Added new IPMI_CIPHER_LEVEL global variable.
- Added new default variable IPMI_CIPHER_LEVEL and set
value to 3.
- Added IPMI chipher supported list variable.
Resolves openbmc/openbmc-test-automation#1350
Change-Id: I23075d4e4dfc57b7c5ef5f03e53bc887f24ca6e5
Signed-off-by: George Keishing <gkeishin@in.ibm.com>
diff --git a/data/ipmi_raw_cmd_table.py b/data/ipmi_raw_cmd_table.py
index 57805f6..3a473db 100644
--- a/data/ipmi_raw_cmd_table.py
+++ b/data/ipmi_raw_cmd_table.py
@@ -7,6 +7,10 @@
"""
+# The currently supported cipher level list.
+# Refer: openbmc/meta-openbmc-machines/meta-openpower/meta-ibm/meta-witherspoon/recipes-phosphor/ipmi/phosphor-ipmi-host/cipher_list.json
+valid_cipher_list = [1, 2, 3, 15, 16, 17]
+
IPMI_RAW_CMD = {
# Interface name
'power_supply_redundancy':
diff --git a/lib/ipmi_client.robot b/lib/ipmi_client.robot
index 60c5a45..591919c 100755
--- a/lib/ipmi_client.robot
+++ b/lib/ipmi_client.robot
@@ -15,9 +15,9 @@
${netfnByte}= ${EMPTY}
${cmdByte}= ${EMPTY}
${arrayByte}= array:byte:
-${IPMI_EXT_CMD}= ipmitool -I lanplus -C 3
+${IPMI_EXT_CMD}= ipmitool -I lanplus -C ${IPMI_CIPHER_LEVEL}
${IPMI_USER_OPTIONS} ${EMPTY}
-${IPMI_INBAND_CMD}= ipmitool -C 3
+${IPMI_INBAND_CMD}= ipmitool -C ${IPMI_CIPHER_LEVEL}
${HOST}= -H
${RAW}= raw
diff --git a/lib/resource.txt b/lib/resource.txt
index ac094ae..57d1353 100755
--- a/lib/resource.txt
+++ b/lib/resource.txt
@@ -20,6 +20,8 @@
# IPMI_COMMAND here is set to "External" by default. User
# can override to "Dbus" from command line.
${IPMI_COMMAND} External
+# IPMI chipher default.
+${IPMI_CIPHER_LEVEL} ${3}
# PDU related parameters
${PDU_TYPE} ${EMPTY}
diff --git a/tests/ipmi/test_general_ipmi.robot b/tests/ipmi/test_general_ipmi.robot
index 305ac2e..d1c05c4 100644
--- a/tests/ipmi/test_general_ipmi.robot
+++ b/tests/ipmi/test_general_ipmi.robot
@@ -11,7 +11,6 @@
Test Teardown FFDC On Test Case Fail
-
*** Variables ***
${new_mc_id}= HOST
@@ -20,6 +19,13 @@
*** Test Cases ***
+Verify Supported Cipher List
+ [Documentation] Execute all supported cipher levels and verify.
+ [Tags] Verify_Supported_Cipher_List
+
+ :FOR ${cipher_level} IN @{valid_cipher_list}
+ \ Execute IPMI Command With Cipher ${cipher_level}
+
Set Asset Tag With Valid String Length
[Documentation] Set asset tag with valid string length and verify.
[Tags] Set_Asset_Tag_With_Valid_String_Length
@@ -708,3 +714,19 @@
${physical_interface_count}= Get Length ${mac_unique_list}
[Return] ${physical_interface_count}
+
+
+Execute IPMI Command With Cipher
+ [Documentation] Execute IPMI command with a given cipher level value.
+ [Arguments] ${cipher_level}
+
+ # Description of argument(s):
+ # cipher_level IPMI chipher level value
+ # (e.g. "1", "2", "3", "15", "16", "17").
+
+ ${ipmi_cmd}= Catenate SEPARATOR=
+ ... ipmitool -I lanplus -C ${cipher_level} -P${SPACE}${IPMI_PASSWORD}
+ ... ${SPACE}${HOST}${SPACE}${OPENBMC_HOST}${SPACE}mc info
+
+ ${rc} ${output}= Run And Return RC and Output ${ipmi_cmd}
+ Should Be Equal ${rc} ${0} msg=${output}
diff --git a/tools/generate_argumentfile.sh b/tools/generate_argumentfile.sh
index 9b1f02c..bebc10c 100755
--- a/tools/generate_argumentfile.sh
+++ b/tools/generate_argumentfile.sh
@@ -16,6 +16,7 @@
echo "--variable HTTPS_PORT:$HTTPS_PORT" >> $ARG_FILE
echo "--variable PNOR_IMAGE_PATH:$PNOR_IMAGE_PATH" >> $ARG_FILE
echo "--variable IPMI_COMMAND:$IPMI_COMMAND" >> $ARG_FILE
+echo "--variable IPMI_CIPHER_LEVEL:$IPMI_CIPHER_LEVEL" >> $ARG_FILE
echo "--variable ITERATION:$ITERATION" >> $ARG_FILE
echo "--variable LOOP_TEST_COMMAND:$LOOP_TEST_COMMAND" >> $ARG_FILE
echo "--variable OS_HOST:$OS_HOST" >> $ARG_FILE