Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / a968ad56cce1e8fa3f90dcd8880b7a86f4cfa491 / . / openpower / ext_interfaces / test_vmicert_management.robot
blob: c0a47135993fd3a02ba4220e1b2730c32a2ea500 [file] [log] [blame]
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]1*** Settings ***
2
3Documentation VMI certificate exchange tests.
4
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]5Library ../../lib/jobs_processing.py
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]6Resource ../../lib/resource.robot
7Resource ../../lib/bmc_redfish_resource.robot
8Resource ../../lib/openbmc_ffdc.robot
9Resource ../../lib/bmc_redfish_utils.robot
10Resource ../../lib/utils.robot
11
12Suite Setup Suite Setup Execution
13Test Teardown FFDC On Test Case Fail
14Suite Teardown Suite Teardown Execution
15
16
17*** Variables ***
18
19# users User Name password
20@{ADMIN} admin_user TestPwd123
21@{OPERATOR} operator_user TestPwd123
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]22@{ReadOnly} readonly_user TestPwd123
23@{NoAccess} noaccess_user TestPwd123
24&{USERS} Administrator=${ADMIN} Operator=${OPERATOR} ReadOnly=${ReadOnly}
25... NoAccess=${NoAccess}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]26${VMI_BASE_URI} /ibm/v1/
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]27
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]28
29*** Test Cases ***
30
31Get CSR Request Signed By VMI And Verify
32 [Documentation] Get CSR request signed by VMI using different user roles and verify.
33 [Tags] Get_CSR_Request_Signed_By_VMI_And_Verify
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]34 [Setup] Redfish Power On
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]35 [Template] Get Certificate Signed By VMI
36
37 # username password force_create valid_csr valid_status_code
38 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]39
40 # Send CSR request from operator user.
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]41 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
42
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]43 # Send CSR request from ReadOnly user.
44 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
45
46 # Send CSR request from NoAccess user.
47 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
48
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]49
50Get Root Certificate Using Different Privilege Users Roles
51 [Documentation] Get root certificate using different users.
52 [Tags] Get_Root_Certificate_Using_Different_Users
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]53 [Setup] Redfish Power On
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]54 [Template] Get Root Certificate
55
56 # username password force_create valid_csr valid_status_code
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]57 # Request root certificate from admin user.
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]58 admin_user TestPwd123 ${True} ${True} ${HTTP_OK}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]59
60 # Request root certificate from operator user.
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]61 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
62
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]63 # Request root certificate from ReadOnly user.
64 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
65
66 # Request root certificate from NoAccess user.
67 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
68
69
70Send CSR Request When VMI Is Off And Verify
71 [Documentation] Send CSR signing request to VMI when it is off and expect an error.
72 [Tags] Get_CSR_Request_When_VMI_Is_Off_And_verify
73 [Setup] Redfish Power Off
74 [Template] Get Certificate Signed By VMI
75
76 # username password force_create valid_csr valid_status_code
77 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_INTERNAL_SERVER_ERROR}
78
79 # Send CSR request from operator user.
shrsuman1233f70a6a2021-04-08 04:48:07 -0500[diff] [blame]80 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]81
82 # Send CSR request from ReadOnly user.
shrsuman1233f70a6a2021-04-08 04:48:07 -0500[diff] [blame]83 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]84
85 # Send CSR request from NoAccess user.
shrsuman1233f70a6a2021-04-08 04:48:07 -0500[diff] [blame]86 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]87
shrsuman1231b1c2a42020-11-02 23:02:30 -0600[diff] [blame]88Get Corrupted CSR Request Signed By VMI And Verify
89 [Documentation] Send corrupted CSR for signing and expect an error.
90 [Tags] Get_Corrupted_CSR_Request_Signed_By_VMI_And_Verify
91 [Setup] Redfish Power On
92 [Template] Get Certificate Signed By VMI
93
94 # username password force_create valid_csr valid_status_code
95 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
96
97 # Send CSR request from operator user.
98 operator_user TestPwd123 ${False} ${False} ${HTTP_FORBIDDEN}
99
100 # Send CSR request from ReadOnly user.
101 readonly_user TestPwd123 ${False} ${False} ${HTTP_FORBIDDEN}
102
103 # Send CSR request from NoAccess user.
104 noaccess_user TestPwd123 ${False} ${False} ${HTTP_FORBIDDEN}
105
shrsuman12368bdcae2021-01-18 00:38:25 -0600[diff] [blame]106Get Root Certificate When VMI Is Off And Verify
107 [Documentation] Get root certificate when vmi is off and verify.
108 [Tags] Get_Root_Certificate_When_VMI_Is_Off_And_Verify
109 [Setup] Redfish Power Off
110 [Template] Get Root Certificate
shrsuman1231b1c2a42020-11-02 23:02:30 -0600[diff] [blame]111
shrsuman12368bdcae2021-01-18 00:38:25 -0600[diff] [blame]112 # username password force_create valid_csr valid_status_code
113 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
114
115 # Request root certificate from operator user.
116 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
117
118 # Request root certificate from ReadOnly user.
119 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
120
121 # Request root certificate from NoAccess user.
122 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
123
124
125Get Root Certificate After BMC Reboot And Verify
126 [Documentation] Get root certificate after bmc reboot and verify.
127 [Tags] Get_Root_Certificate_After_BMC_Reboot_And_Verify
128 [Setup] Run Keywords OBMC Reboot (off) AND Redfish Power On
129 [Template] Get Root Certificate
130
131 # username password force_create valid_csr valid_status_code
132 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
133
134 # Request root certificate from operator user.
135 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
136
137 # Request root certificate from ReadOnly user.
138 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
139
140 # Request root certificate from NoAccess user.
141 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]142
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]143Get Concurrent Root Certificate Requests From Multiple Admin Users
144 [Documentation] Get multiple concurrent root certificate requests from multiple admins
145 ... and verify no errors.
146 [Tags] Get_Concurrent_Root_Certificate_Requests_From_Multiple_Admin_Users
147
148 FOR ${i} IN RANGE ${5}
149 ${dict}= Execute Process Multi Keyword ${5}
150 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
151 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
152 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
153 Dictionary Should Not Contain Value ${dict} False
154 ... msg=One or more operations has failed.
155 END
156
157Get Concurrent CSR Requests From Multiple Admin Users
158 [Documentation] Get multiple concurrent csr requests from multiple admins and verify no errors.
159 [Tags] Get_Concurrent_CSR_Requests_From_Multiple_Admin_Users
160
161 FOR ${i} IN RANGE ${5}
162 ${dict}= Execute Process Multi Keyword ${5}
163 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
164 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
165 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
166 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
167 Dictionary Should Not Contain Value ${dict} False
168 ... msg=One or more operations has failed.
169 END
170
171Get Concurrent Corrupted CSR Requests From Multiple Admin Users
172 [Documentation] Get multiple concurrent corrupted csr requests from multiple admins and verify no errors.
173 [Tags] Get_Concurrent_Corrupted_CSR_Requests_From_Multiple_Admin_Users
174
175 FOR ${i} IN RANGE ${5}
176 ${dict}= Execute Process Multi Keyword ${5}
177 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
178 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
179 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
180 Dictionary Should Not Contain Value ${dict} False
181 ... msg=One or more operations has failed.
182 END
183
shrsuman12382a9a312021-03-26 05:34:32 -0500[diff] [blame]184Get Concurrent Root Certificate Request From Operator Users
185 [Documentation] Get multiple concurrent root certificate from non admin users and verify no errors.
186 [Tags] Get_Concurrent_Root_Certificate_Request_From_Operator_Users
187
188 FOR ${i} IN RANGE ${5}
189 ${dict}= Execute Process Multi Keyword ${5}
190 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
191 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
192 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
193 Dictionary Should Not Contain Value ${dict} False
194 ... msg=One or more operations has failed.
195 END
196
197Get Concurrent Root Certificate Request From Admin And Non Admin Users
198 [Documentation] Get multiple concurrent root certificate from admin and non admin users
199 ... and verify no errors.
200 [Tags] Get_Concurrent_Root_Certificate_Request_From_Admin_And_Non_Admin_Users
201
202 FOR ${i} IN RANGE ${5}
203 ${dict}= Execute Process Multi Keyword ${5}
204 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
205 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
206 ... Get Root Certificate readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
207 Dictionary Should Not Contain Value ${dict} False
208 ... msg=One or more operations has failed.
209 END
210
211Get Concurrent Root Certificate Request From Different Non Admin Users
212 [Documentation] Get multiple concurrent root certificate from different non admin users
213 ... and verify no errors.
214 [Tags] Get_Concurrent_Root_Certificate_Request_From_Different_Non_Admin_Users
215
216 FOR ${i} IN RANGE ${5}
217 ${dict}= Execute Process Multi Keyword ${5}
218 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
219 ... Get Root Certificate readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
220 ... Get Root Certificate noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
221 Dictionary Should Not Contain Value ${dict} False
222 ... msg=One or more operations has failed.
223 END
224
225Get Concurrent CSR Request From Operator Users
226 [Documentation] Get multiple concurrent csr request from non admin users and verify no errors.
227 [Tags] Get_Concurrent_CSR_Request_From_Operator_Users
228
229 FOR ${i} IN RANGE ${5}
230 ${dict}= Execute Process Multi Keyword ${5}
231 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
232 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
233 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
234 Dictionary Should Not Contain Value ${dict} False
235 ... msg=One or more operations has failed.
236 END
237
shrsuman12394b36572021-03-10 03:15:53 -0600[diff] [blame]238Get Root Certificate And Send CSR Request Concurrently And Verify
239 [Documentation] Get root certificate and send csr request concurrently and
240 ... verify gets root and signed certificate.
241 [Tags] Get_Root_Certificate_And_Send_CSR_Request_Concurrently_And_Verify
242
243 FOR ${i} IN RANGE ${5}
244 ${dict}= Execute Process Multi Keyword ${5}
245 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
246 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
247 Dictionary Should Not Contain Value ${dict} False
248 ... msg=One or more operations has failed.
249 END
250
251Get Concurrent Root Certificate And Send CSR Request And Verify
252 [Documentation] Get concurrent root certificate and send csr request
253 ... and verify gets root certificate and signed certificate.
254 [Tags] Get_Concurrent_Root_Certificate_And_Send_CSR_Request_And_Verify
255
256 FOR ${i} IN RANGE ${5}
257 ${dict}= Execute Process Multi Keyword ${5}
258 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
259 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
260 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
261 Dictionary Should Not Contain Value ${dict} False
262 ... msg=One or more operations has failed.
263 END
264
265Get Root Certificate And Send Multiple CSR Requests Concurrently And Verify
266 [Documentation] Get root certificate and send multiple csr requests concurrently and
267 ... verify gets root certificate and signed certificates.
268 [Tags] Get_Root_Certificate_And_Send_Multiple_CSR_Requests_Concurrently_And_Verify
269
270 FOR ${i} IN RANGE ${5}
271 ${dict}= Execute Process Multi Keyword ${5}
272 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
273 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
274 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
275 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
276 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
277 Dictionary Should Not Contain Value ${dict} False
278 ... msg=One or more operations has failed.
279 END
280
281Get Root Certificate And Send Multiple Corrupted CSR Requests Concurrently And Verify
282 [Documentation] Get root certificate and send multiple corrupted csr requests concurrently and
283 ... verify gets root certificate and error for corrupted csr requests.
284 [Tags] Get_Root_Certificate_And_Send_Multiple_Corrupted_CSR_Requests_Concurrently_And_Verify
285
286 FOR ${i} IN RANGE ${5}
287 ${dict}= Execute Process Multi Keyword ${5}
288 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
289 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
290 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
291 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
292 Dictionary Should Not Contain Value ${dict} False
293 ... msg=One or more operations has failed.
294 END
295
shrsuman123b63aa5e2021-04-12 06:20:18 -0500[diff] [blame]296Send Concurrent CSR Request And Corrupted CSR Request And Verify
297 [Documentation] Send concurrent csr request and corrupted csr request
298 ... and verify gets certificate for valid csr and error for corrupted csr.
299 [Tags] Send_Concurrent_CSR_Request_And_Corrupted_CSR_Request_And_Verify
300
301 FOR ${i} IN RANGE ${5}
302 ${dict}= Execute Process Multi Keyword ${5}
303 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
304 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
305 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
306 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
307 Dictionary Should Not Contain Value ${dict} False
308 ... msg=One or more operations has failed.
309 END
310
311Get Root Certificate Send CSR And Corrupted CSR Request Concurrently And Verify
312 [Documentation] Get root certificate send csr and corrupted csr requests concurrently and
313 ... verify gets root certificate and certificate for valid csr and error for corrupted csr.
314 [Tags] Get_Root_Certificate_Send_CSR_And_Corrupted_CSR_Request_Concurrently_And_Verify
315
316 FOR ${i} IN RANGE ${5}
317 ${dict}= Execute Process Multi Keyword ${5}
318 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
319 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
320 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
321 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
322 Dictionary Should Not Contain Value ${dict} False
323 ... msg=One or more operations has failed.
324 END
325
326Send Concurrent CSR Request From Admin And Non Admin Users And Verify
327 [Documentation] Send concurrent csr requests from admin and non-admin users and verify
328 ... admin gets certificate and non-admin gets error.
329 [Tags] Send_Concurrent_CSR_Request_From_Admin_And_Non_Admin_Users_And_Verify
330
331 FOR ${i} IN RANGE ${5}
332 ${dict}= Execute Process Multi Keyword ${5}
333 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
334 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
335 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
336 Dictionary Should Not Contain Value ${dict} False
337 ... msg=One or more operations has failed.
338 END
339
340Send Concurrent CSR Request From Non Admin Users And Verify
341 [Documentation] Send concurrent csr request from non admin users
342 ... and verify gets error.
343 [Tags] Send_Concurrent_CSR_Request_From_Non_Admin_Users_And_Verify
344
345 FOR ${i} IN RANGE ${5}
346 ${dict}= Execute Process Multi Keyword ${5}
347 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
348 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
349 ... Get Certificate Signed By VMI noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
350 Dictionary Should Not Contain Value ${dict} False
351 ... msg=One or more operations has failed.
352 END
353
shrsuman123a968ad52021-06-08 06:30:01 -0500[diff] [blame^]354Get Root Certificate And Send Corrupted CSR From Admin CSR Request From Operator Concurrently
355 [Documentation] Get root certificate and send corrupted csr request from admin and
356 ... csr from operator concurrently and verify gets root certicate and errors for corrupted
357 ... and for operator.
358 [Tags] Get_Root_Certificate_And_Send_Corrupted_CSR_From_Admin_CSR_Request_From_Operator_Concurrently
359
360 FOR ${i} IN RANGE ${5}
361 ${dict}= Execute Process Multi Keyword ${5}
362 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
363 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
364 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
365 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
366 Dictionary Should Not Contain Value ${dict} False
367 ... msg=One or more operations has failed.
368 END
369
370Get Root Certificate From Operator And Send Corrupted CSR Request And CSR Request From Admin Concurrently
371 [Documentation] Get root certificate from operator and send corrupted csr request
372 ... and csr from admin and verify errors for operator and corrupted csr and signed certificate
373 ... for valid csr.
374 [Tags] Get_Root_Certificate_From_Operator_And_Send_Corrupted_CSR_Request_And_CSR_Request_From_Admin_Concurrently
375
376 FOR ${i} IN RANGE ${5}
377 ${dict}= Execute Process Multi Keyword ${5}
378 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
379 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
380 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
381 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
382 Dictionary Should Not Contain Value ${dict} False
383 ... msg=One or more operations has failed.
384 END
385
386
387Get Root Certificate From Operator And Admin Send CSR Request From Admin Concurrently
388 [Documentation] Get root certificate from operator and admin and
389 ... and send csr request from admin concurrently and verify error for operator
390 ... and admin gets root and signed certificate.
391 [Tags] Get_Root_Certificate_From_Operator_And_Admin_Send_CSR_Request_From_Admin_Concurrently
392
393 FOR ${i} IN RANGE ${5}
394 ${dict}= Execute Process Multi Keyword ${5}
395 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
396 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
397 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
398 Dictionary Should Not Contain Value ${dict} False
399 ... msg=One or more operations has failed.
400 END
401
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]402*** Keywords ***
403
404Generate CSR String
405 [Documentation] Generate a csr string.
406
407 # Note: Generates and returns csr string.
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]408 ${csr_gen_time} = Get Current Date Time
409 ${CSR_FILE}= Catenate SEPARATOR=_ ${csr_gen_time} csr_server.csr
410 ${CSR_KEY}= Catenate SEPARATOR=_ ${csr_gen_time} csr_server.key
411 Set Test Variable ${CSR_FILE}
412 Set Test Variable ${CSR_KEY}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]413 ${ssl_cmd}= Set Variable openssl req -new -newkey rsa:2048 -nodes -keyout ${CSR_KEY} -out ${CSR_FILE}
414 ${ssl_sub}= Set Variable
415 ... -subj "/C=XY/ST=Abcd/L=Efgh/O=ABC/OU=Systems/CN=abc.com/emailAddress=xyz@xx.ABC.com"
416
417 # Run openssl command to create a new private key and use that to generate a CSR string
418 # in server.csr file.
419 ${output}= Run ${ssl_cmd} ${ssl_sub}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]420 ${csr}= OperatingSystem.Get File ${CSR_FILE}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]421
422 [Return] ${csr}
423
424
425Send CSR To VMI And Get Signed
George Keishingf9248952021-05-28 07:52:37 -0500[diff] [blame]426 [Documentation] Upload CSR to VMI and get signed.
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]427 [Arguments] ${csr} ${force_create} ${username} ${password}
428
429 # Description of argument(s):
430 # csr Certificate request from client to VMI.
431 # force_create Create a new REST session if True.
432 # username Username to create a REST session.
433 # password Password to create a REST session.
434
435 Run Keyword If "${XAUTH_TOKEN}" != "${EMPTY}" or ${force_create} == ${True}
436 ... Initialize OpenBMC rest_username=${username} rest_password=${password}
437
438 ${data}= Create Dictionary
439 ${headers}= Create Dictionary X-Auth-Token=${XAUTH_TOKEN}
440 ... Content-Type=application/json
441
442 ${cert_uri}= Set Variable ${VMI_BASE_URI}Host/Actions/SignCSR
443
444 # For SignCSR request, we need to pass CSR string generated by openssl command.
445 ${csr_data}= Create Dictionary CsrString ${csr}
446 Set To Dictionary ${data} data ${csr_data}
447
448 ${resp}= Post Request openbmc ${cert_uri} &{data} headers=${headers}
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]449 Log to console ${resp.content}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]450
451 [Return] ${resp}
452
453
454Get Root Certificate
455 [Documentation] Get root certificate from VMI.
456 [Arguments] ${username}=${OPENBMC_USERNAME} ${password}=${OPENBMC_PASSWORD}
457 ... ${force_create}=${False} ${valid_csr}=${True} ${valid_status_code}=${HTTP_OK}
458
459 # Description of argument(s):
460 # cert_type Type of the certificate requesting. eg. root or SignCSR.
461 # username Username to create a REST session.
462 # password Password to create a REST session.
463 # force_create Create a new REST session if True.
464 # valid_csr Uses valid CSR string in the REST request if True.
465 # This is not applicable for root certificate.
466 # valid_status_code Expected status code from REST request.
467
468 Run Keyword If "${XAUTH_TOKEN}" != "${EMPTY}" or ${force_create} == ${True}
469 ... Initialize OpenBMC rest_username=${username} rest_password=${password}
470
471 ${data}= Create Dictionary
472 ${headers}= Create Dictionary X-Auth-Token=${XAUTH_TOKEN}
473 ... Content-Type=application/json
474
475 ${cert_uri}= Set Variable ${VMI_BASE_URI}Host/Certificate/root
476
477 ${resp}= Get Request openbmc ${cert_uri} &{data} headers=${headers}
478
479 Should Be Equal As Strings ${resp.status_code} ${valid_status_code}
480 Return From Keyword If ${resp.status_code} != ${HTTP_OK}
481
482 ${cert}= Evaluate json.loads('''${resp.text}''', strict=False) json
483 Should Contain ${cert["Certificate"]} BEGIN CERTIFICATE
484 Should Contain ${cert["Certificate"]} END CERTIFICATE
485
486
487Get Subject
488 [Documentation] Generate a csr string.
489 [Arguments] ${file_name} ${is_csr_file}
490
491 # Description of argument(s):
492 # file_name Name of CSR or signed CERT file.
493 # is_csr_file A True value means a CSR while a False is for signed CERT file.
494
495 ${subject}= Run Keyword If ${is_csr_file} Run openssl req -in ${file_name} -text -noout | grep Subject:
496 ... ELSE Run openssl x509 -in ${file_name} -text -noout | grep Subject:
497
498 [Return] ${subject}
499
500
501Get Public Key
502 [Documentation] Generate a csr string.
503 [Arguments] ${file_name} ${is_csr_file}
504
505 # Description of argument(s):
506 # file_name Name of CSR or CERT file.
507 # is_csr_file A True value means a CSR while a False is for signed CERT file.
508
509 ${PublicKey}= Run Keyword If ${is_csr_file} Run openssl req -in ${file_name} -noout -pubkey
510 ... ELSE Run openssl x509 -in ${file_name} -noout -pubkey
511
512 [Return] ${PublicKey}
513
514
515Get Certificate Signed By VMI
516 [Documentation] Get signed certificate from VMI.
517 [Arguments] ${username}=${OPENBMC_USERNAME} ${password}=${OPENBMC_PASSWORD}
518 ... ${force_create}=${False} ${valid_csr}=${True} ${valid_status_code}=${HTTP_OK}
519
520 # Description of argument(s):
521 # cert_type Type of the certificate requesting. eg. root or SignCSR.
522 # username Username to create a REST session.
523 # password Password to create a REST session.
524 # force_create Create a new REST session if True.
525 # valid_csr Uses valid CSR string in the REST request if True.
526 # This is not applicable for root certificate.
527 # valid_status_code Expected status code from REST request.
528
529 Set Test Variable ${CSR} CSR
530 Set Test Variable ${CORRUPTED_CSR} CORRUPTED_CSR
531
532 ${CSR}= Generate CSR String
shrsuman1231b1c2a42020-11-02 23:02:30 -0600[diff] [blame]533 ${csr_left} ${csr_right}= Split String From Right ${CSR} == 1
534 ${CORRUPTED_CSR}= Catenate SEPARATOR= ${csr_left} \N ${csr_right}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]535
536 # For SignCSR request, we need to pass CSR string generated by openssl command
537 ${csr_str}= Set Variable If ${valid_csr} == ${True} ${CSR} ${CORRUPTED_CSR}
538
539 ${resp}= Send CSR To VMI And Get Signed ${csr_str} ${force_create} ${username} ${password}
540
541 Should Be Equal As Strings ${resp.status_code} ${valid_status_code}
542 Return From Keyword If ${resp.status_code} != ${HTTP_OK}
543
544 ${cert}= Evaluate json.loads('''${resp.text}''', strict=False) json
545 Should Contain ${cert["Certificate"]} BEGIN CERTIFICATE
546 Should Contain ${cert["Certificate"]} END CERTIFICATE
547
548 # Now do subject and public key verification
549 ${subject_csr}= Get Subject ${CSR_FILE} True
550 ${pubKey_csr}= Get Public Key ${CSR_FILE} True
551
552 # create a crt file with certificate string
553 ${signed_cert}= Set Variable ${cert["Certificate"]}
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]554 ${testcert_gen_time} = Get Current Date Time
555 ${test_cert_file}= Catenate SEPARATOR=_ ${testcert_gen_time} test_certificate.cert
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]556
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]557 Create File ${test_cert_file} ${signed_cert}
558 ${subject_signed_csr}= Get Subject ${test_cert_file} False
559 ${pubKey_signed_csr}= Get Public Key ${test_cert_file} False
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]560
561 Should be equal as strings ${subject_signed_csr} ${subject_csr}
562 Should be equal as strings ${pubKey_signed_csr} ${pubKey_csr}
563
564
565Suite Setup Execution
566 [Documentation] Suite setup execution.
567
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]568 Remove Files *.csr *.key *.cert
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]569 # Create different user accounts.
570 Redfish.Login
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]571 Redfish Power On
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]572 Create Users With Different Roles users=${USERS} force=${True}
573
574
575Suite Teardown Execution
576 [Documentation] Suite teardown execution.
577
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]578 Remove Files *.csr *.key *.cert
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]579 Delete BMC Users Via Redfish users=${USERS}
580 Delete All Sessions
581 Redfish.Logout