manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 1 | *** Settings *** |
| 2 | |
| 3 | Documentation VMI certificate exchange tests. |
| 4 | |
shrsuman123 | 5fc20cb | 2021-02-02 04:55:47 -0600 | [diff] [blame] | 5 | Library ../../lib/jobs_processing.py |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 6 | Resource ../../lib/resource.robot |
| 7 | Resource ../../lib/bmc_redfish_resource.robot |
| 8 | Resource ../../lib/openbmc_ffdc.robot |
| 9 | Resource ../../lib/bmc_redfish_utils.robot |
| 10 | Resource ../../lib/utils.robot |
| 11 | |
| 12 | Suite Setup Suite Setup Execution |
| 13 | Test Teardown FFDC On Test Case Fail |
| 14 | Suite Teardown Suite Teardown Execution |
| 15 | |
| 16 | |
| 17 | *** Variables *** |
| 18 | |
| 19 | # users User Name password |
| 20 | @{ADMIN} admin_user TestPwd123 |
| 21 | @{OPERATOR} operator_user TestPwd123 |
Prashanth Katti | 7ee2825 | 2020-09-17 01:55:17 -0500 | [diff] [blame] | 22 | @{ReadOnly} readonly_user TestPwd123 |
| 23 | @{NoAccess} noaccess_user TestPwd123 |
| 24 | &{USERS} Administrator=${ADMIN} Operator=${OPERATOR} ReadOnly=${ReadOnly} |
| 25 | ... NoAccess=${NoAccess} |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 26 | ${VMI_BASE_URI} /ibm/v1/ |
shrsuman123 | 5fc20cb | 2021-02-02 04:55:47 -0600 | [diff] [blame] | 27 | |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 28 | |
| 29 | *** Test Cases *** |
| 30 | |
| 31 | Get CSR Request Signed By VMI And Verify |
| 32 | [Documentation] Get CSR request signed by VMI using different user roles and verify. |
| 33 | [Tags] Get_CSR_Request_Signed_By_VMI_And_Verify |
| 34 | [Template] Get Certificate Signed By VMI |
| 35 | |
| 36 | # username password force_create valid_csr valid_status_code |
| 37 | ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
Prashanth Katti | 7ee2825 | 2020-09-17 01:55:17 -0500 | [diff] [blame] | 38 | |
| 39 | # Send CSR request from operator user. |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 40 | operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
| 41 | |
Prashanth Katti | 7ee2825 | 2020-09-17 01:55:17 -0500 | [diff] [blame] | 42 | # Send CSR request from ReadOnly user. |
| 43 | readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
| 44 | |
| 45 | # Send CSR request from NoAccess user. |
| 46 | noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
| 47 | |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 48 | |
George Keishing | 4203fad | 2022-01-31 12:22:33 -0600 | [diff] [blame] | 49 | Get Root Certificate Using Different Privilege Users Role |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 50 | [Documentation] Get root certificate using different users. |
George Keishing | 4203fad | 2022-01-31 12:22:33 -0600 | [diff] [blame] | 51 | [Tags] Get_Root_Certificate_Using_Different_Privilege_Users_Role |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 52 | [Template] Get Root Certificate |
| 53 | |
| 54 | # username password force_create valid_csr valid_status_code |
Prashanth Katti | 7ee2825 | 2020-09-17 01:55:17 -0500 | [diff] [blame] | 55 | # Request root certificate from admin user. |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 56 | admin_user TestPwd123 ${True} ${True} ${HTTP_OK} |
Prashanth Katti | 7ee2825 | 2020-09-17 01:55:17 -0500 | [diff] [blame] | 57 | |
| 58 | # Request root certificate from operator user. |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 59 | operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
| 60 | |
Prashanth Katti | 7ee2825 | 2020-09-17 01:55:17 -0500 | [diff] [blame] | 61 | # Request root certificate from ReadOnly user. |
| 62 | readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
| 63 | |
| 64 | # Request root certificate from NoAccess user. |
| 65 | noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
| 66 | |
| 67 | |
| 68 | Send CSR Request When VMI Is Off And Verify |
| 69 | [Documentation] Send CSR signing request to VMI when it is off and expect an error. |
George Keishing | 4203fad | 2022-01-31 12:22:33 -0600 | [diff] [blame] | 70 | [Tags] Send_CSR_Request_When_VMI_Is_Off_And_Verify |
Prashanth Katti | 7ee2825 | 2020-09-17 01:55:17 -0500 | [diff] [blame] | 71 | [Setup] Redfish Power Off |
shrsuman123 | 7463d42 | 2021-06-17 02:53:25 -0500 | [diff] [blame] | 72 | [Teardown] Run keywords Redfish Power On stack_mode=skip AND FFDC On Test Case Fail |
Prashanth Katti | 7ee2825 | 2020-09-17 01:55:17 -0500 | [diff] [blame] | 73 | [Template] Get Certificate Signed By VMI |
| 74 | |
shrsuman123 | 932759b | 2021-10-19 07:23:22 -0500 | [diff] [blame] | 75 | # username password force_create valid_csr valid_status_code read_timeout |
| 76 | ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_SERVICE_UNAVAILABLE} 60 |
Prashanth Katti | 7ee2825 | 2020-09-17 01:55:17 -0500 | [diff] [blame] | 77 | |
| 78 | # Send CSR request from operator user. |
shrsuman123 | 3f70a6a | 2021-04-08 04:48:07 -0500 | [diff] [blame] | 79 | operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
Prashanth Katti | 7ee2825 | 2020-09-17 01:55:17 -0500 | [diff] [blame] | 80 | |
| 81 | # Send CSR request from ReadOnly user. |
shrsuman123 | 3f70a6a | 2021-04-08 04:48:07 -0500 | [diff] [blame] | 82 | readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
Prashanth Katti | 7ee2825 | 2020-09-17 01:55:17 -0500 | [diff] [blame] | 83 | |
| 84 | # Send CSR request from NoAccess user. |
shrsuman123 | 3f70a6a | 2021-04-08 04:48:07 -0500 | [diff] [blame] | 85 | noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
Prashanth Katti | 7ee2825 | 2020-09-17 01:55:17 -0500 | [diff] [blame] | 86 | |
shrsuman123 | 1b1c2a4 | 2020-11-02 23:02:30 -0600 | [diff] [blame] | 87 | Get Corrupted CSR Request Signed By VMI And Verify |
| 88 | [Documentation] Send corrupted CSR for signing and expect an error. |
| 89 | [Tags] Get_Corrupted_CSR_Request_Signed_By_VMI_And_Verify |
shrsuman123 | 1b1c2a4 | 2020-11-02 23:02:30 -0600 | [diff] [blame] | 90 | [Template] Get Certificate Signed By VMI |
| 91 | |
shrsuman123 | 932759b | 2021-10-19 07:23:22 -0500 | [diff] [blame] | 92 | # username password force_create valid_csr valid_status_code read_timeout |
| 93 | ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_SERVICE_UNAVAILABLE} 60 |
shrsuman123 | 1b1c2a4 | 2020-11-02 23:02:30 -0600 | [diff] [blame] | 94 | |
| 95 | # Send CSR request from operator user. |
| 96 | operator_user TestPwd123 ${False} ${False} ${HTTP_FORBIDDEN} |
| 97 | |
| 98 | # Send CSR request from ReadOnly user. |
| 99 | readonly_user TestPwd123 ${False} ${False} ${HTTP_FORBIDDEN} |
| 100 | |
| 101 | # Send CSR request from NoAccess user. |
| 102 | noaccess_user TestPwd123 ${False} ${False} ${HTTP_FORBIDDEN} |
| 103 | |
shrsuman123 | 68bdcae | 2021-01-18 00:38:25 -0600 | [diff] [blame] | 104 | Get Root Certificate When VMI Is Off And Verify |
| 105 | [Documentation] Get root certificate when vmi is off and verify. |
| 106 | [Tags] Get_Root_Certificate_When_VMI_Is_Off_And_Verify |
| 107 | [Setup] Redfish Power Off |
shrsuman123 | 7463d42 | 2021-06-17 02:53:25 -0500 | [diff] [blame] | 108 | [Teardown] Run keywords Redfish Power On stack_mode=skip AND FFDC On Test Case Fail |
shrsuman123 | 68bdcae | 2021-01-18 00:38:25 -0600 | [diff] [blame] | 109 | [Template] Get Root Certificate |
shrsuman123 | 1b1c2a4 | 2020-11-02 23:02:30 -0600 | [diff] [blame] | 110 | |
shrsuman123 | 68bdcae | 2021-01-18 00:38:25 -0600 | [diff] [blame] | 111 | # username password force_create valid_csr valid_status_code |
| 112 | ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 113 | |
| 114 | # Request root certificate from operator user. |
| 115 | operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
| 116 | |
| 117 | # Request root certificate from ReadOnly user. |
| 118 | readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
| 119 | |
| 120 | # Request root certificate from NoAccess user. |
| 121 | noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
| 122 | |
| 123 | |
| 124 | Get Root Certificate After BMC Reboot And Verify |
| 125 | [Documentation] Get root certificate after bmc reboot and verify. |
| 126 | [Tags] Get_Root_Certificate_After_BMC_Reboot_And_Verify |
| 127 | [Setup] Run Keywords OBMC Reboot (off) AND Redfish Power On |
| 128 | [Template] Get Root Certificate |
| 129 | |
| 130 | # username password force_create valid_csr valid_status_code |
| 131 | ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 132 | |
| 133 | # Request root certificate from operator user. |
| 134 | operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
| 135 | |
| 136 | # Request root certificate from ReadOnly user. |
| 137 | readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
| 138 | |
| 139 | # Request root certificate from NoAccess user. |
| 140 | noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN} |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 141 | |
shrsuman123 | 5fc20cb | 2021-02-02 04:55:47 -0600 | [diff] [blame] | 142 | Get Concurrent Root Certificate Requests From Multiple Admin Users |
| 143 | [Documentation] Get multiple concurrent root certificate requests from multiple admins |
| 144 | ... and verify no errors. |
| 145 | [Tags] Get_Concurrent_Root_Certificate_Requests_From_Multiple_Admin_Users |
| 146 | |
| 147 | FOR ${i} IN RANGE ${5} |
| 148 | ${dict}= Execute Process Multi Keyword ${5} |
| 149 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 150 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 151 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 152 | Dictionary Should Not Contain Value ${dict} False |
| 153 | ... msg=One or more operations has failed. |
| 154 | END |
| 155 | |
| 156 | Get Concurrent CSR Requests From Multiple Admin Users |
| 157 | [Documentation] Get multiple concurrent csr requests from multiple admins and verify no errors. |
| 158 | [Tags] Get_Concurrent_CSR_Requests_From_Multiple_Admin_Users |
| 159 | |
| 160 | FOR ${i} IN RANGE ${5} |
| 161 | ${dict}= Execute Process Multi Keyword ${5} |
| 162 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 163 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 164 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 165 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 166 | Dictionary Should Not Contain Value ${dict} False |
| 167 | ... msg=One or more operations has failed. |
| 168 | END |
| 169 | |
| 170 | Get Concurrent Corrupted CSR Requests From Multiple Admin Users |
| 171 | [Documentation] Get multiple concurrent corrupted csr requests from multiple admins and verify no errors. |
| 172 | [Tags] Get_Concurrent_Corrupted_CSR_Requests_From_Multiple_Admin_Users |
| 173 | |
| 174 | FOR ${i} IN RANGE ${5} |
| 175 | ${dict}= Execute Process Multi Keyword ${5} |
| 176 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 177 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 178 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 179 | Dictionary Should Not Contain Value ${dict} False |
| 180 | ... msg=One or more operations has failed. |
| 181 | END |
| 182 | |
shrsuman123 | 82a9a31 | 2021-03-26 05:34:32 -0500 | [diff] [blame] | 183 | Get Concurrent Root Certificate Request From Operator Users |
| 184 | [Documentation] Get multiple concurrent root certificate from non admin users and verify no errors. |
| 185 | [Tags] Get_Concurrent_Root_Certificate_Request_From_Operator_Users |
| 186 | |
| 187 | FOR ${i} IN RANGE ${5} |
| 188 | ${dict}= Execute Process Multi Keyword ${5} |
| 189 | ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 190 | ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 191 | ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 192 | Dictionary Should Not Contain Value ${dict} False |
| 193 | ... msg=One or more operations has failed. |
| 194 | END |
| 195 | |
| 196 | Get Concurrent Root Certificate Request From Admin And Non Admin Users |
| 197 | [Documentation] Get multiple concurrent root certificate from admin and non admin users |
| 198 | ... and verify no errors. |
| 199 | [Tags] Get_Concurrent_Root_Certificate_Request_From_Admin_And_Non_Admin_Users |
| 200 | |
| 201 | FOR ${i} IN RANGE ${5} |
| 202 | ${dict}= Execute Process Multi Keyword ${5} |
| 203 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 204 | ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 205 | ... Get Root Certificate readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 206 | Dictionary Should Not Contain Value ${dict} False |
| 207 | ... msg=One or more operations has failed. |
| 208 | END |
| 209 | |
| 210 | Get Concurrent Root Certificate Request From Different Non Admin Users |
| 211 | [Documentation] Get multiple concurrent root certificate from different non admin users |
| 212 | ... and verify no errors. |
| 213 | [Tags] Get_Concurrent_Root_Certificate_Request_From_Different_Non_Admin_Users |
| 214 | |
| 215 | FOR ${i} IN RANGE ${5} |
| 216 | ${dict}= Execute Process Multi Keyword ${5} |
| 217 | ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 218 | ... Get Root Certificate readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 219 | ... Get Root Certificate noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 220 | Dictionary Should Not Contain Value ${dict} False |
| 221 | ... msg=One or more operations has failed. |
| 222 | END |
| 223 | |
| 224 | Get Concurrent CSR Request From Operator Users |
| 225 | [Documentation] Get multiple concurrent csr request from non admin users and verify no errors. |
| 226 | [Tags] Get_Concurrent_CSR_Request_From_Operator_Users |
| 227 | |
| 228 | FOR ${i} IN RANGE ${5} |
| 229 | ${dict}= Execute Process Multi Keyword ${5} |
| 230 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 231 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 232 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 233 | Dictionary Should Not Contain Value ${dict} False |
| 234 | ... msg=One or more operations has failed. |
| 235 | END |
| 236 | |
shrsuman123 | 94b3657 | 2021-03-10 03:15:53 -0600 | [diff] [blame] | 237 | Get Root Certificate And Send CSR Request Concurrently And Verify |
| 238 | [Documentation] Get root certificate and send csr request concurrently and |
| 239 | ... verify gets root and signed certificate. |
| 240 | [Tags] Get_Root_Certificate_And_Send_CSR_Request_Concurrently_And_Verify |
| 241 | |
| 242 | FOR ${i} IN RANGE ${5} |
| 243 | ${dict}= Execute Process Multi Keyword ${5} |
| 244 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 245 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 246 | Dictionary Should Not Contain Value ${dict} False |
| 247 | ... msg=One or more operations has failed. |
| 248 | END |
| 249 | |
| 250 | Get Concurrent Root Certificate And Send CSR Request And Verify |
| 251 | [Documentation] Get concurrent root certificate and send csr request |
| 252 | ... and verify gets root certificate and signed certificate. |
| 253 | [Tags] Get_Concurrent_Root_Certificate_And_Send_CSR_Request_And_Verify |
| 254 | |
| 255 | FOR ${i} IN RANGE ${5} |
| 256 | ${dict}= Execute Process Multi Keyword ${5} |
| 257 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 258 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 259 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 260 | Dictionary Should Not Contain Value ${dict} False |
| 261 | ... msg=One or more operations has failed. |
| 262 | END |
| 263 | |
| 264 | Get Root Certificate And Send Multiple CSR Requests Concurrently And Verify |
| 265 | [Documentation] Get root certificate and send multiple csr requests concurrently and |
| 266 | ... verify gets root certificate and signed certificates. |
| 267 | [Tags] Get_Root_Certificate_And_Send_Multiple_CSR_Requests_Concurrently_And_Verify |
| 268 | |
| 269 | FOR ${i} IN RANGE ${5} |
| 270 | ${dict}= Execute Process Multi Keyword ${5} |
| 271 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 272 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 273 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 274 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 275 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 276 | Dictionary Should Not Contain Value ${dict} False |
| 277 | ... msg=One or more operations has failed. |
| 278 | END |
| 279 | |
| 280 | Get Root Certificate And Send Multiple Corrupted CSR Requests Concurrently And Verify |
| 281 | [Documentation] Get root certificate and send multiple corrupted csr requests concurrently and |
| 282 | ... verify gets root certificate and error for corrupted csr requests. |
| 283 | [Tags] Get_Root_Certificate_And_Send_Multiple_Corrupted_CSR_Requests_Concurrently_And_Verify |
| 284 | |
| 285 | FOR ${i} IN RANGE ${5} |
| 286 | ${dict}= Execute Process Multi Keyword ${5} |
| 287 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 288 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 289 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 290 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 291 | Dictionary Should Not Contain Value ${dict} False |
| 292 | ... msg=One or more operations has failed. |
| 293 | END |
| 294 | |
shrsuman123 | b63aa5e | 2021-04-12 06:20:18 -0500 | [diff] [blame] | 295 | Send Concurrent CSR Request And Corrupted CSR Request And Verify |
| 296 | [Documentation] Send concurrent csr request and corrupted csr request |
| 297 | ... and verify gets certificate for valid csr and error for corrupted csr. |
| 298 | [Tags] Send_Concurrent_CSR_Request_And_Corrupted_CSR_Request_And_Verify |
| 299 | |
| 300 | FOR ${i} IN RANGE ${5} |
| 301 | ${dict}= Execute Process Multi Keyword ${5} |
| 302 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 303 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 304 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 305 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 306 | Dictionary Should Not Contain Value ${dict} False |
| 307 | ... msg=One or more operations has failed. |
| 308 | END |
| 309 | |
| 310 | Get Root Certificate Send CSR And Corrupted CSR Request Concurrently And Verify |
| 311 | [Documentation] Get root certificate send csr and corrupted csr requests concurrently and |
| 312 | ... verify gets root certificate and certificate for valid csr and error for corrupted csr. |
| 313 | [Tags] Get_Root_Certificate_Send_CSR_And_Corrupted_CSR_Request_Concurrently_And_Verify |
| 314 | |
| 315 | FOR ${i} IN RANGE ${5} |
| 316 | ${dict}= Execute Process Multi Keyword ${5} |
| 317 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 318 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 319 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 320 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 321 | Dictionary Should Not Contain Value ${dict} False |
| 322 | ... msg=One or more operations has failed. |
| 323 | END |
| 324 | |
| 325 | Send Concurrent CSR Request From Admin And Non Admin Users And Verify |
| 326 | [Documentation] Send concurrent csr requests from admin and non-admin users and verify |
| 327 | ... admin gets certificate and non-admin gets error. |
| 328 | [Tags] Send_Concurrent_CSR_Request_From_Admin_And_Non_Admin_Users_And_Verify |
| 329 | |
| 330 | FOR ${i} IN RANGE ${5} |
| 331 | ${dict}= Execute Process Multi Keyword ${5} |
| 332 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 333 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 334 | ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 335 | Dictionary Should Not Contain Value ${dict} False |
| 336 | ... msg=One or more operations has failed. |
| 337 | END |
| 338 | |
| 339 | Send Concurrent CSR Request From Non Admin Users And Verify |
| 340 | [Documentation] Send concurrent csr request from non admin users |
| 341 | ... and verify gets error. |
| 342 | [Tags] Send_Concurrent_CSR_Request_From_Non_Admin_Users_And_Verify |
| 343 | |
| 344 | FOR ${i} IN RANGE ${5} |
| 345 | ${dict}= Execute Process Multi Keyword ${5} |
| 346 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 347 | ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 348 | ... Get Certificate Signed By VMI noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 349 | Dictionary Should Not Contain Value ${dict} False |
| 350 | ... msg=One or more operations has failed. |
| 351 | END |
| 352 | |
shrsuman123 | a968ad5 | 2021-06-08 06:30:01 -0500 | [diff] [blame] | 353 | Get Root Certificate And Send Corrupted CSR From Admin CSR Request From Operator Concurrently |
| 354 | [Documentation] Get root certificate and send corrupted csr request from admin and |
George Keishing | 7bc01e9 | 2021-06-15 11:07:14 -0500 | [diff] [blame] | 355 | ... csr from operator concurrently and verify gets root certificate and errors for corrupted |
shrsuman123 | a968ad5 | 2021-06-08 06:30:01 -0500 | [diff] [blame] | 356 | ... and for operator. |
| 357 | [Tags] Get_Root_Certificate_And_Send_Corrupted_CSR_From_Admin_CSR_Request_From_Operator_Concurrently |
| 358 | |
| 359 | FOR ${i} IN RANGE ${5} |
| 360 | ${dict}= Execute Process Multi Keyword ${5} |
| 361 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 362 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 363 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 364 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 365 | Dictionary Should Not Contain Value ${dict} False |
| 366 | ... msg=One or more operations has failed. |
| 367 | END |
| 368 | |
| 369 | Get Root Certificate From Operator And Send Corrupted CSR Request And CSR Request From Admin Concurrently |
| 370 | [Documentation] Get root certificate from operator and send corrupted csr request |
| 371 | ... and csr from admin and verify errors for operator and corrupted csr and signed certificate |
| 372 | ... for valid csr. |
| 373 | [Tags] Get_Root_Certificate_From_Operator_And_Send_Corrupted_CSR_Request_And_CSR_Request_From_Admin_Concurrently |
| 374 | |
| 375 | FOR ${i} IN RANGE ${5} |
| 376 | ${dict}= Execute Process Multi Keyword ${5} |
| 377 | ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 378 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 379 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 380 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 381 | Dictionary Should Not Contain Value ${dict} False |
| 382 | ... msg=One or more operations has failed. |
| 383 | END |
| 384 | |
| 385 | |
| 386 | Get Root Certificate From Operator And Admin Send CSR Request From Admin Concurrently |
| 387 | [Documentation] Get root certificate from operator and admin and |
| 388 | ... and send csr request from admin concurrently and verify error for operator |
| 389 | ... and admin gets root and signed certificate. |
| 390 | [Tags] Get_Root_Certificate_From_Operator_And_Admin_Send_CSR_Request_From_Admin_Concurrently |
| 391 | |
| 392 | FOR ${i} IN RANGE ${5} |
| 393 | ${dict}= Execute Process Multi Keyword ${5} |
| 394 | ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 395 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 396 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 397 | Dictionary Should Not Contain Value ${dict} False |
| 398 | ... msg=One or more operations has failed. |
| 399 | END |
| 400 | |
shrsuman123 | 5e80c02 | 2021-05-25 01:28:39 -0500 | [diff] [blame] | 401 | Send CSR Request From Admin And Operator And Corrupted CSR From Admin Concurrently And Verify |
| 402 | [Documentation] Send csr request from admin and operator and corrupted |
| 403 | ... csr request from admin and verify gets signed certificate for valid csr for admin |
| 404 | ... gets error for operator and error for corrupted csr. |
| 405 | [Tags] Send_CSR_Request_From_Admin_And_Operator_And_Corrupted_CSR_From_Admin_Concurrently_And_Verify |
| 406 | |
| 407 | FOR ${i} IN RANGE ${5} |
| 408 | ${dict}= Execute Process Multi Keyword ${5} |
| 409 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 410 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 411 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 412 | Dictionary Should Not Contain Value ${dict} False |
| 413 | ... msg=One or more operations has failed. |
| 414 | END |
| 415 | |
| 416 | Send Corrupted CSR Requests From Admin And Operator And CSR Request From Admin Concurrently And Verify |
| 417 | [Documentation] Send corrupted csr request from admin and operator and csr request |
| 418 | ... from admin concurrently and verify errors for corrupted csr and gets signed certificate |
| 419 | ... for valid csr from admin. |
| 420 | [Tags] Send_Corrupted_CSR_Requests_From_Admin_And_Operator_And_CSR_Request_From_Admin_Concurrently_And_Verify |
| 421 | |
| 422 | FOR ${i} IN RANGE ${5} |
| 423 | ${dict}= Execute Process Multi Keyword ${5} |
| 424 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 425 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN} |
| 426 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 427 | Dictionary Should Not Contain Value ${dict} False |
| 428 | ... msg=One or more operations has failed. |
| 429 | END |
| 430 | |
| 431 | Send Corrupted CSR Requests From Admin And Operator User Concurrently And Verify |
| 432 | [Documentation] Send corrupted csr requests from admin and operator and |
| 433 | ... verify gets error. |
| 434 | [Tags] Send_Corrupted_CSR_Requests_From_Admin_And_Operator_User_Concurrently_And_Verify |
| 435 | |
| 436 | FOR ${i} IN RANGE ${5} |
| 437 | ${dict}= Execute Process Multi Keyword ${5} |
| 438 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 439 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 440 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN} |
| 441 | Dictionary Should Not Contain Value ${dict} False |
| 442 | ... msg=One or more operations has failed. |
| 443 | END |
| 444 | |
shrsuman123 | e05f7bc | 2021-04-23 04:42:05 -0500 | [diff] [blame] | 445 | Get Root Certificate From Admin And Send CSR Requests From Non Admin Concurrently And Verify |
| 446 | [Documentation] Get root certificate from admin and csr requests from |
| 447 | ... non admin users concurrently and verify gets root certificate for admin and |
| 448 | ... errors for non-admins. |
| 449 | [Tags] Get_Root_Certificate_From_Admin_And_Send_CSR_Requests_From_Non_Admin_Concurrently_And_Verify |
| 450 | |
| 451 | FOR ${i} IN RANGE ${5} |
| 452 | ${dict}= Execute Process Multi Keyword ${5} |
| 453 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 454 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 455 | ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 456 | Dictionary Should Not Contain Value ${dict} False |
| 457 | ... msg=One or more operations has failed. |
| 458 | END |
| 459 | |
| 460 | Get Root Certificate And Send CSR Requests From Non Admin Users Concurrently And Verify |
| 461 | [Documentation] Get root certificate and send csr requests from non admin |
| 462 | ... users and verify gets errors. |
| 463 | [Tags] Get_Root_Certificate_And_Send_CSR_Requests_From_Non_Admin_Users_Concurrently_And_Verify |
| 464 | |
| 465 | FOR ${i} IN RANGE ${5} |
| 466 | ${dict}= Execute Process Multi Keyword ${5} |
| 467 | ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 468 | ... Get Root Certificate readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 469 | ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 470 | ... Get Certificate Signed By VMI noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 471 | Dictionary Should Not Contain Value ${dict} False |
| 472 | ... msg=One or more operations has failed. |
| 473 | END |
| 474 | |
| 475 | Send Corrupted CSR Request From Admin And CSR Requests From Non Admin Concurrently And Verify |
| 476 | [Documentation] Send corrupted csr request from admin and csr request from non admin |
| 477 | ... users concurrently and verify gets errors. |
| 478 | [Tags] Send_Corrupted_CSR_Request_From_Admin_And_CSR_Requests_From_Non_Admin_Concurrently_And_Verify |
| 479 | |
| 480 | FOR ${i} IN RANGE ${5} |
| 481 | ${dict}= Execute Process Multi Keyword ${5} |
| 482 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 483 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 484 | ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 485 | Dictionary Should Not Contain Value ${dict} False |
| 486 | ... msg=One or more operations has failed. |
| 487 | END |
| 488 | |
| 489 | Send CSR Request And Corrupted CSR Requests From Non Admin Users Concurrently And Verify |
| 490 | [Documentation] Send csr and corrupted csr request from non admin users |
| 491 | ... and verify gets errors. |
| 492 | [Tags] Send_CSR_Request_And_Corrupted_CSR_Requests_From_Non_Admin_Users_Concurrently_And_Verify |
| 493 | |
| 494 | FOR ${i} IN RANGE ${5} |
| 495 | ${dict}= Execute Process Multi Keyword ${5} |
| 496 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN} |
| 497 | ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN} |
| 498 | ... Get Certificate Signed By VMI noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 499 | ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 500 | Dictionary Should Not Contain Value ${dict} False |
| 501 | ... msg=One or more operations has failed. |
| 502 | END |
| 503 | |
shrsuman123 | 421e610 | 2021-06-23 05:25:57 -0500 | [diff] [blame] | 504 | Get Root Certificate And Send CSR Requests From Admin And Operator Concurrently And Verify |
| 505 | [Documentation] Get root certificate from admin and send csr requests |
| 506 | ... from admin and operator concurrently and verify gets root certificate |
| 507 | ... and signed certificate and gets error for operator. |
| 508 | [Tags] Get_Root_Certificate_And_Send_CSR_Requests_From_Admin_And_Operator_Concurrently_And_Verify |
| 509 | |
| 510 | FOR ${i} IN RANGE ${5} |
| 511 | ${dict}= Execute Process Multi Keyword ${5} |
| 512 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 513 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 514 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN} |
| 515 | Dictionary Should Not Contain Value ${dict} False |
| 516 | ... msg=One or more operations has failed. |
| 517 | END |
| 518 | |
| 519 | |
| 520 | Get Root Certificate And Send Corrupted CSR Requests From Admin And Operator Concurrently And Verify |
| 521 | [Documentation] Get root certificate from admin and send corrupted csr requests |
| 522 | ... from admin and operator concurrently and verify gets root certificate and errors |
| 523 | ... for corrupted csr. |
| 524 | [Tags] Get_Root_Certificate_And_Send_Corrupted_CSR_Requests_From_Admin_And_Operator_Concurrently_And_Verify |
| 525 | |
| 526 | FOR ${i} IN RANGE ${5} |
| 527 | ${dict}= Execute Process Multi Keyword ${5} |
| 528 | ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK} |
| 529 | ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR} |
| 530 | ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN} |
| 531 | Dictionary Should Not Contain Value ${dict} False |
| 532 | ... msg=One or more operations has failed. |
| 533 | END |
| 534 | |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 535 | *** Keywords *** |
| 536 | |
| 537 | Generate CSR String |
| 538 | [Documentation] Generate a csr string. |
| 539 | |
| 540 | # Note: Generates and returns csr string. |
shrsuman123 | 5fc20cb | 2021-02-02 04:55:47 -0600 | [diff] [blame] | 541 | ${csr_gen_time} = Get Current Date Time |
| 542 | ${CSR_FILE}= Catenate SEPARATOR=_ ${csr_gen_time} csr_server.csr |
| 543 | ${CSR_KEY}= Catenate SEPARATOR=_ ${csr_gen_time} csr_server.key |
| 544 | Set Test Variable ${CSR_FILE} |
| 545 | Set Test Variable ${CSR_KEY} |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 546 | ${ssl_cmd}= Set Variable openssl req -new -newkey rsa:2048 -nodes -keyout ${CSR_KEY} -out ${CSR_FILE} |
| 547 | ${ssl_sub}= Set Variable |
| 548 | ... -subj "/C=XY/ST=Abcd/L=Efgh/O=ABC/OU=Systems/CN=abc.com/emailAddress=xyz@xx.ABC.com" |
| 549 | |
| 550 | # Run openssl command to create a new private key and use that to generate a CSR string |
| 551 | # in server.csr file. |
| 552 | ${output}= Run ${ssl_cmd} ${ssl_sub} |
Prashanth Katti | 7ee2825 | 2020-09-17 01:55:17 -0500 | [diff] [blame] | 553 | ${csr}= OperatingSystem.Get File ${CSR_FILE} |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 554 | |
| 555 | [Return] ${csr} |
| 556 | |
| 557 | |
| 558 | Send CSR To VMI And Get Signed |
George Keishing | f924895 | 2021-05-28 07:52:37 -0500 | [diff] [blame] | 559 | [Documentation] Upload CSR to VMI and get signed. |
shrsuman123 | 932759b | 2021-10-19 07:23:22 -0500 | [diff] [blame] | 560 | [Arguments] ${csr} ${force_create} ${username} ${password} ${read_timeout} |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 561 | |
| 562 | # Description of argument(s): |
| 563 | # csr Certificate request from client to VMI. |
| 564 | # force_create Create a new REST session if True. |
| 565 | # username Username to create a REST session. |
| 566 | # password Password to create a REST session. |
| 567 | |
| 568 | Run Keyword If "${XAUTH_TOKEN}" != "${EMPTY}" or ${force_create} == ${True} |
| 569 | ... Initialize OpenBMC rest_username=${username} rest_password=${password} |
| 570 | |
| 571 | ${data}= Create Dictionary |
| 572 | ${headers}= Create Dictionary X-Auth-Token=${XAUTH_TOKEN} |
| 573 | ... Content-Type=application/json |
| 574 | |
| 575 | ${cert_uri}= Set Variable ${VMI_BASE_URI}Host/Actions/SignCSR |
| 576 | |
| 577 | # For SignCSR request, we need to pass CSR string generated by openssl command. |
| 578 | ${csr_data}= Create Dictionary CsrString ${csr} |
| 579 | Set To Dictionary ${data} data ${csr_data} |
| 580 | |
shrsuman123 | 932759b | 2021-10-19 07:23:22 -0500 | [diff] [blame] | 581 | ${resp}= Post Request openbmc ${cert_uri} &{data} headers=${headers} timeout=${read_timeout} |
shrsuman123 | 5fc20cb | 2021-02-02 04:55:47 -0600 | [diff] [blame] | 582 | Log to console ${resp.content} |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 583 | |
| 584 | [Return] ${resp} |
| 585 | |
| 586 | |
| 587 | Get Root Certificate |
| 588 | [Documentation] Get root certificate from VMI. |
| 589 | [Arguments] ${username}=${OPENBMC_USERNAME} ${password}=${OPENBMC_PASSWORD} |
| 590 | ... ${force_create}=${False} ${valid_csr}=${True} ${valid_status_code}=${HTTP_OK} |
| 591 | |
| 592 | # Description of argument(s): |
| 593 | # cert_type Type of the certificate requesting. eg. root or SignCSR. |
| 594 | # username Username to create a REST session. |
| 595 | # password Password to create a REST session. |
| 596 | # force_create Create a new REST session if True. |
| 597 | # valid_csr Uses valid CSR string in the REST request if True. |
| 598 | # This is not applicable for root certificate. |
| 599 | # valid_status_code Expected status code from REST request. |
| 600 | |
| 601 | Run Keyword If "${XAUTH_TOKEN}" != "${EMPTY}" or ${force_create} == ${True} |
| 602 | ... Initialize OpenBMC rest_username=${username} rest_password=${password} |
| 603 | |
| 604 | ${data}= Create Dictionary |
| 605 | ${headers}= Create Dictionary X-Auth-Token=${XAUTH_TOKEN} |
| 606 | ... Content-Type=application/json |
| 607 | |
| 608 | ${cert_uri}= Set Variable ${VMI_BASE_URI}Host/Certificate/root |
| 609 | |
| 610 | ${resp}= Get Request openbmc ${cert_uri} &{data} headers=${headers} |
| 611 | |
| 612 | Should Be Equal As Strings ${resp.status_code} ${valid_status_code} |
| 613 | Return From Keyword If ${resp.status_code} != ${HTTP_OK} |
| 614 | |
| 615 | ${cert}= Evaluate json.loads('''${resp.text}''', strict=False) json |
| 616 | Should Contain ${cert["Certificate"]} BEGIN CERTIFICATE |
| 617 | Should Contain ${cert["Certificate"]} END CERTIFICATE |
| 618 | |
| 619 | |
| 620 | Get Subject |
| 621 | [Documentation] Generate a csr string. |
| 622 | [Arguments] ${file_name} ${is_csr_file} |
| 623 | |
| 624 | # Description of argument(s): |
| 625 | # file_name Name of CSR or signed CERT file. |
| 626 | # is_csr_file A True value means a CSR while a False is for signed CERT file. |
| 627 | |
George Keishing | 538f174 | 2022-03-14 05:00:55 -0500 | [diff] [blame] | 628 | ${subject}= Run Keyword If ${is_csr_file} |
| 629 | ... Run openssl req -in ${file_name} -text -noout | grep Subject: |
| 630 | ... ELSE |
| 631 | ... Run openssl x509 -in ${file_name} -text -noout | grep Subject: |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 632 | |
| 633 | [Return] ${subject} |
| 634 | |
| 635 | |
| 636 | Get Public Key |
| 637 | [Documentation] Generate a csr string. |
| 638 | [Arguments] ${file_name} ${is_csr_file} |
| 639 | |
| 640 | # Description of argument(s): |
| 641 | # file_name Name of CSR or CERT file. |
| 642 | # is_csr_file A True value means a CSR while a False is for signed CERT file. |
| 643 | |
| 644 | ${PublicKey}= Run Keyword If ${is_csr_file} Run openssl req -in ${file_name} -noout -pubkey |
| 645 | ... ELSE Run openssl x509 -in ${file_name} -noout -pubkey |
| 646 | |
| 647 | [Return] ${PublicKey} |
| 648 | |
| 649 | |
| 650 | Get Certificate Signed By VMI |
| 651 | [Documentation] Get signed certificate from VMI. |
| 652 | [Arguments] ${username}=${OPENBMC_USERNAME} ${password}=${OPENBMC_PASSWORD} |
| 653 | ... ${force_create}=${False} ${valid_csr}=${True} ${valid_status_code}=${HTTP_OK} |
shrsuman123 | 932759b | 2021-10-19 07:23:22 -0500 | [diff] [blame] | 654 | ... ${read_timeout}=20 |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 655 | |
| 656 | # Description of argument(s): |
| 657 | # cert_type Type of the certificate requesting. eg. root or SignCSR. |
| 658 | # username Username to create a REST session. |
| 659 | # password Password to create a REST session. |
| 660 | # force_create Create a new REST session if True. |
| 661 | # valid_csr Uses valid CSR string in the REST request if True. |
| 662 | # This is not applicable for root certificate. |
| 663 | # valid_status_code Expected status code from REST request. |
| 664 | |
| 665 | Set Test Variable ${CSR} CSR |
| 666 | Set Test Variable ${CORRUPTED_CSR} CORRUPTED_CSR |
| 667 | |
| 668 | ${CSR}= Generate CSR String |
shrsuman123 | 1b1c2a4 | 2020-11-02 23:02:30 -0600 | [diff] [blame] | 669 | ${csr_left} ${csr_right}= Split String From Right ${CSR} == 1 |
| 670 | ${CORRUPTED_CSR}= Catenate SEPARATOR= ${csr_left} \N ${csr_right} |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 671 | |
| 672 | # For SignCSR request, we need to pass CSR string generated by openssl command |
| 673 | ${csr_str}= Set Variable If ${valid_csr} == ${True} ${CSR} ${CORRUPTED_CSR} |
| 674 | |
| 675 | ${resp}= Send CSR To VMI And Get Signed ${csr_str} ${force_create} ${username} ${password} |
shrsuman123 | 932759b | 2021-10-19 07:23:22 -0500 | [diff] [blame] | 676 | ... ${read_timeout} |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 677 | |
| 678 | Should Be Equal As Strings ${resp.status_code} ${valid_status_code} |
| 679 | Return From Keyword If ${resp.status_code} != ${HTTP_OK} |
| 680 | |
| 681 | ${cert}= Evaluate json.loads('''${resp.text}''', strict=False) json |
| 682 | Should Contain ${cert["Certificate"]} BEGIN CERTIFICATE |
| 683 | Should Contain ${cert["Certificate"]} END CERTIFICATE |
| 684 | |
| 685 | # Now do subject and public key verification |
| 686 | ${subject_csr}= Get Subject ${CSR_FILE} True |
| 687 | ${pubKey_csr}= Get Public Key ${CSR_FILE} True |
| 688 | |
| 689 | # create a crt file with certificate string |
| 690 | ${signed_cert}= Set Variable ${cert["Certificate"]} |
shrsuman123 | 5fc20cb | 2021-02-02 04:55:47 -0600 | [diff] [blame] | 691 | ${testcert_gen_time} = Get Current Date Time |
| 692 | ${test_cert_file}= Catenate SEPARATOR=_ ${testcert_gen_time} test_certificate.cert |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 693 | |
shrsuman123 | 5fc20cb | 2021-02-02 04:55:47 -0600 | [diff] [blame] | 694 | Create File ${test_cert_file} ${signed_cert} |
| 695 | ${subject_signed_csr}= Get Subject ${test_cert_file} False |
| 696 | ${pubKey_signed_csr}= Get Public Key ${test_cert_file} False |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 697 | |
| 698 | Should be equal as strings ${subject_signed_csr} ${subject_csr} |
| 699 | Should be equal as strings ${pubKey_signed_csr} ${pubKey_csr} |
| 700 | |
| 701 | |
| 702 | Suite Setup Execution |
| 703 | [Documentation] Suite setup execution. |
| 704 | |
shrsuman123 | 5fc20cb | 2021-02-02 04:55:47 -0600 | [diff] [blame] | 705 | Remove Files *.csr *.key *.cert |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 706 | # Create different user accounts. |
| 707 | Redfish.Login |
shrsuman123 | 5fc20cb | 2021-02-02 04:55:47 -0600 | [diff] [blame] | 708 | Redfish Power On |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 709 | Create Users With Different Roles users=${USERS} force=${True} |
| 710 | |
| 711 | |
| 712 | Suite Teardown Execution |
| 713 | [Documentation] Suite teardown execution. |
| 714 | |
shrsuman123 | 5fc20cb | 2021-02-02 04:55:47 -0600 | [diff] [blame] | 715 | Remove Files *.csr *.key *.cert |
manashsarma | b7af817 | 2020-07-16 05:05:44 -0500 | [diff] [blame] | 716 | Delete BMC Users Via Redfish users=${USERS} |
| 717 | Delete All Sessions |
| 718 | Redfish.Logout |