Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / 07d1004a13a6ecf8ad872bdecdcb16da6dea183f / . / ipmi / test_ipmi_cipher.robot
blob: 0c869df5dbfef95cbead53103db293aaa8cf5f2d [file] [log] [blame]
Rahul Maheshwarid4d43fc2019-06-24 00:54:19 -0500[diff] [blame]1*** Settings ***
2Documentation Module to test IPMI chipher functionality.
3Resource ../lib/ipmi_client.robot
4Resource ../lib/openbmc_ffdc.robot
nagarjunb227fabf792022-04-19 11:09:29 +0530[diff] [blame]5Resource ../lib/bmc_network_utils.robot
Rahul Maheshwarid4d43fc2019-06-24 00:54:19 -0500[diff] [blame]6Library ../lib/ipmi_utils.py
George Keishing45511e82019-10-15 01:26:55 -0500[diff] [blame]7Library ../lib/var_funcs.py
Rahul Maheshwarid4d43fc2019-06-24 00:54:19 -0500[diff] [blame]8Variables ../data/ipmi_raw_cmd_table.py
George Keishing45511e82019-10-15 01:26:55 -0500[diff] [blame]9Library String
Rahul Maheshwarid4d43fc2019-06-24 00:54:19 -0500[diff] [blame]10
nagarjunb227fabf792022-04-19 11:09:29 +0530[diff] [blame]11
12Suite Setup IPMI Cipher Suite Setup
George Keishing45511e82019-10-15 01:26:55 -0500[diff] [blame]13Test Setup Printn
Rahul Maheshwarid4d43fc2019-06-24 00:54:19 -0500[diff] [blame]14Test Teardown FFDC On Test Case Fail
15
nagarjunb227fabf792022-04-19 11:09:29 +0530[diff] [blame]16
17*** Variables ***
18${cipher_suite} standard
19&{payload_type} ipmi=0 sol=1
20@{list_index_value} 0x80 0x00
21
22
Rahul Maheshwarid4d43fc2019-06-24 00:54:19 -0500[diff] [blame]23*** Test Cases ***
24
George Keishing45511e82019-10-15 01:26:55 -0500[diff] [blame]25Verify Supported Ciphers
26 [Documentation] Execute all supported ciphers and verify.
27 [Tags] Verify_Supported_Ciphers
28 FOR ${cipher} IN @{valid_ciphers}
29 Run External IPMI Standard Command power status C=${cipher}
30 END
Rahul Maheshwarid4d43fc2019-06-24 00:54:19 -0500[diff] [blame]31
32
George Keishing45511e82019-10-15 01:26:55 -0500[diff] [blame]33Verify Unsupported Ciphers
34 [Documentation] Execute all unsupported ciphers and verify error.
35 [Tags] Verify_Unsupported_Ciphers
36 FOR ${cipher} IN @{unsupported_ciphers}
37 Run Keyword And Expect Error *invalid * algorithm*
38 ... Run External IPMI Standard Command power status C=${cipher}
39 END
Rahul Maheshwarid4d43fc2019-06-24 00:54:19 -0500[diff] [blame]40
41
George Keishing45511e82019-10-15 01:26:55 -0500[diff] [blame]42Verify Supported Ciphers Via Lan Print
43 [Documentation] Verify supported ciphers via IPMI lan print command.
44 [Tags] Verify_Supported_Ciphers_Via_Lan_Print
45
46 ${lan_print}= Get Lan Print Dict
Rahul Maheshwarid4d43fc2019-06-24 00:54:19 -0500[diff] [blame]47 # Example 'RMCP+ Cipher Suites' entry: 3,17
George Keishing45511e82019-10-15 01:26:55 -0500[diff] [blame]48 ${ciphers}= Split String ${lan_print['RMCP+ Cipher Suites']} ,
49 Rprint Vars ciphers
50 Valid List ciphers valid_values=${valid_ciphers}
Rahul Maheshwarid4d43fc2019-06-24 00:54:19 -0500[diff] [blame]51
52
53Verify Supported Cipher Via Getciphers
George Keishing13b7afd2022-05-23 07:36:16 -0500[diff] [blame]54 [Documentation] Verify supported cihpers via IPMI getciphers command.
Rahul Maheshwarid4d43fc2019-06-24 00:54:19 -0500[diff] [blame]55 [Tags] Verify_Supported_Cipher_Via_Getciphers
Rahul Maheshwarid4d43fc2019-06-24 00:54:19 -0500[diff] [blame]56
George Keishing45511e82019-10-15 01:26:55 -0500[diff] [blame]57 # Example output from 'Channel Getciphers IPMI':
58 # ipmi_channel_ciphers:
59 # [0]:
60 # [id]: 3
61 # [iana]: N/A
62 # [auth_alg]: hmac_sha1
63 # [integrity_alg]: hmac_sha1_96
64 # [confidentiality_alg]: aes_cbc_128
65 # [1]:
66 # [id]: 17
67 # [iana]: N/A
68 # [auth_alg]: hmac_sha256
69 # [integrity_alg]: sha256_128
70 # [confidentiality_alg]: aes_cbc_128
Rahul Maheshwarid4d43fc2019-06-24 00:54:19 -0500[diff] [blame]71
George Keishing45511e82019-10-15 01:26:55 -0500[diff] [blame]72 ${ipmi_channel_ciphers}= Channel Getciphers IPMI
73 # Example cipher entry: 3 17
74 Rprint Vars ipmi_channel_ciphers
75 ${ipmi_channel_cipher_ids}= Nested Get id ${ipmi_channel_ciphers}
76 Rpvars ipmi_channel_cipher_ids
77 Valid List ipmi_channel_cipher_ids valid_values=${valid_ciphers}
nagarjunb227fabf792022-04-19 11:09:29 +0530[diff] [blame]78
79
80Verify Cipher Suite And Supported Algorithms Via IPMI Raw Command
81 [Documentation] Verify cipher ID and Supported Algorithms for all Available Channels.
82 [Tags] Verify_Cipher_Suite_And_Supported_Algorithms_Via_IPMI_Raw_Command
83 [Template] Verify Cipher ID and Supported Algorithm For Channel
84
85 FOR ${channel} IN @{active_channel_list}
86 FOR ${name} ${type} IN &{payload_type}
87 FOR ${index_value} IN @{list_index_value}
88 # Input Channel Payload type Index value 0x80 or 0x00
89 ${channel} ${type} ${index_value}
90 END
91 END
92 END
93
94
95Verify Get Cipher Suite Command For Invalid Channels
96 [Documentation] Verify Get Cipher Suite Command For all Invalid Channels.
97 [Tags] Verify_Get_Cipher_Suite_Command_For_Invalid_Channels
98 [Template] Verify Cipher Suite For Invalid Channel
99
100 FOR ${channel} IN @{inactive_channel_list}
101 # Input Channel
102 ${channel}
103 END
104
105
106Verify Get Cipher Suite Raw Command With Invalid Data Length
107 [Documentation] Verify Get Cipher Suite Raw Command With One Extra and Less Byte.
108 [Tags] Verify_Get_Cipher_Suite_Raw_Command_With_Invalid_Data_Length
109 [Template] Verify Cipher Suite Command for Invalid Request Data
110
111 # Byte
112 less
113 extra
114
115
116*** Keywords ***
117
118IPMI Cipher Suite Setup
119 [Documentation] Get active and inactive/invalid channels from channel_config.json file
120 ... in list type and set it as suite variable.
121
122 # Get active channel list and set as a suite variable.
123 @{active_channel_list}= Get Active Ethernet Channel List current_channel=1
124 Set Suite Variable @{active_channel_list}
125
126 # Get Inactive/Invalid channel list and set as a suite variable.
127 @{inactive_channel_list}= Get Invalid Channel Number List
128 Set Suite Variable @{inactive_channel_list}
129
130Verify Standard Cipher Suite For Channel
131 [Documentation] Get the supported algorithms from data/ipmi_raw_cmd_table.py and
132 ... split into list and compare it with the given data list.
133 [Arguments] ${data_list} ${channel_number}
134
135 # Description of argument(s):
136 # data_list cipher suite records in list
137 # e.g [01, c0, 11, 03, 44, 81]
138
139 ${supported_algorithms}= Split String ${IPMI_RAW_CMD['Cipher Suite']['get'][1]}
140 ${cipher_suite_id}= Convert To Integer ${data_list}[2] base=16
141
142 Should Be Equal ${data_list}[0] ${channel_number}
143 Should Be Equal ${data_list}[1] c0
144 Should Be Equal As Integers ${cipher_suite_id} ${valid_ciphers}[0]
145 List Should Contain Value ${supported_algorithms} ${data_list}[3]
146 List Should Contain Value ${supported_algorithms} ${data_list}[4]
147 List Should Contain Value ${supported_algorithms} ${data_list}[5]
148
149Verify Algorithm by Cipher Suite For Channel
150 [Documentation] Spilt the given response data, store it in a list.
151 [Arguments] ${response_data} ${channel_number}
152
153 # Description of argument(s):
154 # response_data response data of get channel cipher suite ipmi raw command
155 # e.g 01 c0 11 03 44 81 ---> list of algorithms by cipher suite (0x80 in request data 3rd byte)
156 # ${channel_number} Interface channel number
157
158 @{expected_data_list}= Split String ${response_data}
159
160 Run Keyword If '${cipher_suite}' == 'standard'
161 ... Verify Standard Cipher Suite For Channel ${expected_data_list} ${channel_number}
162
163Verify Supported Algorithm For Channel
164 [Documentation] Compare the supported algorithms got from ipmi_raw_cmd_table with
George Keishing13b7afd2022-05-23 07:36:16 -0500[diff] [blame]165 ... given response.
nagarjunb227fabf792022-04-19 11:09:29 +0530[diff] [blame]166 [Arguments] ${response_data} ${channel_number}
167
168 # Description of argument(s):
169 # response_data response data of get channel cipher suite ipmi raw command.
170 # channel_number Interface Channel Number.
171
172 # expected data will be like " 01 03 44 81 ".
173 ${expected_data}= Catenate ${channel_number} ${IPMI_RAW_CMD['Cipher Suite']['get'][1]}
174
175 Should Be Equal ${expected_data} ${response_data}
176
177Verify Cipher ID and Supported Algorithm For Channel
178 [Documentation] Verify Cipher ID and Supported Algorithm on given channel.
179 [Arguments] ${channel_num} ${payload_type} ${index_value}
180
181 # Description of argument(s):
182 # channel_num Interface channel number.
183 # payload_type IPMI(0x00) or Sol(0x01).
184 # index_value 0x80 for list algorithm by cipher suite.
185 # 0x00 for supported algorithms.
186
187 ${cmd}= Catenate ${IPMI_RAW_CMD['Cipher Suite']['get'][0]}
188 ... ${channel_num} ${payload_type} ${index_value}
189
190 ${resp}= Run External IPMI Raw Command ${cmd}
191 ${resp}= Strip String ${resp}
192
193 # channel 14 represents current channel in which we send request.
194 ${channel_num}= Run Keyword If '${channel_num}' == '14'
195 ... Convert To Hex ${CHANNEL_NUMBER} length=2
196 ... ELSE
197 ... Convert To Hex ${channel_num} length=2
198
199 Run Keyword If '${index_value}' == '0x80'
200 ... Verify Algorithm by Cipher Suite For Channel ${resp} ${channel_num}
201 ... ELSE
202 ... Verify Supported Algorithm For Channel ${resp} ${channel_num}
203
204Verify Cipher Suite For Invalid Channel
205 [Documentation] Execute cipher suite ipmi cmd for invalid channel and verify Error code.
206 [Arguments] ${channel_number}
207
208 # Description of argument(s):
209 # channel_number Interface channel number.
210
211 ${cmd}= Catenate ${IPMI_RAW_CMD['Cipher Suite']['get'][0]} ${channel_number} 00 00
212
213 Verify Invalid IPMI Command ${cmd} 0xcc
214
215Verify Cipher Suite Command for Invalid Request Data
216 [Documentation] Verify Cipher Suite Command with Invalid data Length.
217 [Arguments] ${byte_length}
218
219 # Description of argument(s):
220 # byte_length extra or less.
221
222 ${req_cmd}= Run Keyword If '${byte_length}' == 'less'
223 ... Catenate ${IPMI_RAW_CMD['Cipher Suite']['get'][0]} ${CHANNEL_NUMBER} 00
224 ... ELSE
225 ... Catenate ${IPMI_RAW_CMD['Cipher Suite']['get'][0]} ${CHANNEL_NUMBER} 00 00 01
226
227 Verify Invalid IPMI Command ${req_cmd} 0xc7