Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / c5dbbdddab8c6875fbe9762e085d2bfa02f6bdac / . / redfish / dmtf_tools / test_redfishtool_certificate.robot
blob: c11feb01af7280f33f65d8248d9d18afc30e951c [file] [log] [blame]
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]1*** Settings ***
2
3
4Documentation Suite to test certificate via DMTF redfishtool.
5
6Library OperatingSystem
7Library String
8Library Collections
George Keishingfbd67002022-08-01 11:24:03 -0500[diff] [blame]9Library JSONLibrary
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]10
11Resource ../../lib/resource.robot
12Resource ../../lib/bmc_redfish_resource.robot
13Resource ../../lib/openbmc_ffdc.robot
14Resource ../../lib/certificate_utils.robot
manashsarma579d8252020-05-28 08:10:51 -0500[diff] [blame]15Resource ../../lib/dmtf_redfishtool_utils.robot
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]16
17Suite Setup Suite Setup Execution
18
Matt Fischer6fb70d92023-10-24 19:06:33 -0600[diff] [blame]19Test Tags Redfishtool_Certificate
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]20
21*** Variables ***
22
23${root_cmd_args} = SEPARATOR=
George Keishingd4ba2492022-01-10 08:27:34 -0600[diff] [blame]24... redfishtool raw -r ${OPENBMC_HOST}:${HTTPS_PORT} -u ${OPENBMC_USERNAME} -p ${OPENBMC_PASSWORD} -S Always
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]25${invalid_value} abc
manashsarma53ccf4d2023-08-29 00:37:19 -0500[diff] [blame]26${keybit_length} ${2048}
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]27
28*** Test Cases ***
29
30
31Verify Redfishtool Replace Server Certificate Valid CertKey
32 [Documentation] Verify replace server certificate.
33 [Tags] Verify_Redfishtool_Replace_Server_Certificate_Valid_CertKey
34
35 Verify Redfishtool Replace Certificate Server Valid Certificate Valid Privatekey ok
36
37
38Verify Redfishtool Replace Client Certificate Valid CertKey
39 [Documentation] Verify replace client certificate.
40 [Tags] Verify_Redfishtool_Replace_Client_Certificate_Valid_CertKey
41
42 Verify Redfishtool Replace Certificate Client Valid Certificate Valid Privatekey ok
43
44
45Verify Redfishtool Replace CA Certificate Valid Cert
46 [Documentation] Verify replace CA certificate.
47 [Tags] Verify_Redfishtool_Replace_CA_Certificate_Valid_Cert
48
49 Verify Redfishtool Replace Certificate CA Valid Certificate ok
50
51
52Verify Redfishtool Client Certificate Install Valid CertKey
53 [Documentation] Verify client certificate installation.
54 [Tags] Verify_Redfishtool_Client_Certificate_Install_Valid_CertKey
55
56 Verify Redfishtool Install Certificate Client Valid Certificate Valid Privatekey ok
57
58
59Verify Redfishtool CA Certificate Install Valid Cert
60 [Documentation] Verify CA Certificate installation.
61 [Tags] Verify_Redfishtool_CA_Certificate_Install_Valid_Cert
62
63 Verify Redfishtool Install Certificate CA Valid Certificate ok
64
65
66Verify Redfishtool Replace Server Certificate Errors
67 [Documentation] Verify error while replacing invalid server certificate.
68 [Tags] Verify_Redfishtool_Replace_Server_Certificate_Errors
69 [Template] Verify Redfishtool Replace Certificate
70
71 Server Empty Certificate Empty Privatekey error
72 Server Empty Certificate Valid Privatekey error
73 Server Valid Certificate Empty Privatekey error
74
75
76Verify Redfishtool Replace Client Certificate Errors
77 [Documentation] Verify error while replacing invalid client certificate.
78 [Tags] Verify_Redfishtool_Replace_Client_Certificate_Errors
79 [Template] Verify Redfishtool Replace Certificate
80
81 Client Empty Certificate Empty Privatekey error
82 Client Empty Certificate Valid Privatekey error
83 Client Valid Certificate Empty Privatekey error
84
85
86Verify Redfishtool Replace CA Certificate Errors
87 [Documentation] Verify error while replacing invalid CA certificate.
88 [Tags] Verify_Redfishtool_Replace_CA_Certificate_Errors
89 [Template] Verify Redfishtool Replace Certificate
90
91 CA Empty Certificate error
92
93
94Verify Redfishtool Client Certificate Install Errors
95 [Documentation] Verify error while installing invalid client certificate.
96 [Tags] Verify_Redfishtool_Client_Certificate_Install_Errors
97 [Template] Verify Redfishtool Install Certificate
98
99 Client Empty Certificate Empty Privatekey error
100 Client Empty Certificate Valid Privatekey error
101 Client Valid Certificate Empty Privatekey error
102
103
manashsarmac0efe582020-06-15 09:51:48 -0500[diff] [blame]104Verify Redfishtool CA Certificate Install Errors
105 [Documentation] Verify error while installing invalid CA certificate.
106 [Tags] Verify_Redfishtool_CA_Certificate_Install_Errors
107 [Template] Verify Redfishtool Install Certificate
108
109 # cert_type cert_format expected_status
110 CA Empty Certificate error
111
112
George Keishing16b3c7b2021-01-28 09:23:37 -0600[diff] [blame]113Verify Error While Uploading Same CA Certificate Via Redfishtool
manashsarmac0efe582020-06-15 09:51:48 -0500[diff] [blame]114 [Documentation] Verify error while uploading same CA certificate two times.
George Keishing16b3c7b2021-01-28 09:23:37 -0600[diff] [blame]115 [Tags] Verify_Error_While_Uploading_Same_CA_Certificate_Via_Redfishtool
manashsarmac0efe582020-06-15 09:51:48 -0500[diff] [blame]116
117 # Create certificate file for uploading.
118 ${cert_file_path}= Generate Certificate File Via Openssl Valid Certificate 365
119 ${bytes}= OperatingSystem.Get Binary File ${cert_file_path}
120 ${file_data}= Decode Bytes To String ${bytes} UTF-8
121
122 # Install CA certificate.
123 Redfishtool Install Certificate File On BMC ${REDFISH_CA_CERTIFICATE_URI} ok data=${file_data}
124
125 # Adding delay after certificate installation.
126 Sleep 30s
127
128 # Check error while uploading same certificate.
129 Redfishtool Install Certificate File On BMC ${REDFISH_CA_CERTIFICATE_URI} error data=${file_data}
130
131
132Install Server Certificate Using Redfishtool And Verify Via OpenSSL
133 [Documentation] Install server certificate using Redfishtool and verify via OpenSSL.
George Keishing5236ec52022-01-31 12:07:58 -0600[diff] [blame]134 [Tags] Install_Server_Certificate_Using_Redfishtool_And_Verify_Via_OpenSSL
manashsarmac0efe582020-06-15 09:51:48 -0500[diff] [blame]135
136 ${cert_file_path}= Generate Certificate File Via Openssl Valid Certificate Valid Privatekey
137 ${bytes}= OperatingSystem.Get Binary File ${cert_file_path}
138 ${file_data}= Decode Bytes To String ${bytes} UTF-8
139
140 ${certificate_dict}= Create Dictionary
ganesanb4d430282023-04-27 14:33:23 +0000[diff] [blame]141 ... @odata.id=/redfish/v1/Managers/${MANAGER_ID}/NetworkProtocol/HTTPS/Certificates/1
manashsarmac0efe582020-06-15 09:51:48 -0500[diff] [blame]142
143 ${dict_objects}= Create Dictionary CertificateString=${file_data}
144 ... CertificateType=PEM CertificateUri=${certificate_dict}
145
146 ${string}= Convert To String ${dict_objects}
147 ${string}= Replace String ${string} ' "
148 ${payload}= Set Variable '${string}'
149
150 ${response}= Redfishtool Post
151 ... ${payload} /redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate
Alagiridhilipank41e5ad22023-11-10 11:53:32 +0530[diff] [blame]152 ... expected_error=${HTTP_OK}, ${HTTP_NO_CONTENT}
manashsarmac0efe582020-06-15 09:51:48 -0500[diff] [blame]153
154 Wait Until Keyword Succeeds 2 mins 15 secs Verify Certificate Visible Via OpenSSL ${cert_file_path}
155
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]156
Tony Lee2843e392020-10-05 16:17:50 +0800[diff] [blame]157Verify CSR Generation For Server Certificate Via Redfishtool
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]158 [Documentation] Verify CSR generation for server certificate.
Tony Lee2843e392020-10-05 16:17:50 +0800[diff] [blame]159 [Tags] Verify_CSR_Generation_For_Server_Certificate_Via_Redfishtool
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]160 [Template] Generate CSR Via Redfishtool
161
162 # csr_type key_pair_algorithm key_bit_length key_curv_id expected_status
ganesanb8d31f152023-04-27 14:01:55 +0000[diff] [blame]163 Server RSA ${keybit_length} ${EMPTY} ok
164 Server EC ${EMPTY} prime256v1 ok
165 Server EC ${EMPTY} secp521r1 ok
166 Server EC ${EMPTY} secp384r1 ok
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]167
168
Tony Lee2843e392020-10-05 16:17:50 +0800[diff] [blame]169Verify CSR Generation For Client Certificate Via Redfishtool
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]170 [Documentation] Verify CSR generation for client certificate.
Tony Lee2843e392020-10-05 16:17:50 +0800[diff] [blame]171 [Tags] Verify_CSR_Generation_For_Client_Certificate_Via_Redfishtool
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]172 [Template] Generate CSR Via Redfishtool
173
174 # csr_type key_pair_algorithm key_bit_length key_curv_id expected_status
ganesanb8d31f152023-04-27 14:01:55 +0000[diff] [blame]175 Client RSA ${keybit_length} ${EMPTY} ok
176 Client EC ${EMPTY} prime256v1 ok
177 Client EC ${EMPTY} secp521r1 ok
178 Client EC ${EMPTY} secp384r1 ok
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]179
180
Tony Lee2843e392020-10-05 16:17:50 +0800[diff] [blame]181Verify CSR Generation For Server Certificate With Invalid Value Via Redfishtool
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]182 [Documentation] Verify error while generating CSR for server certificate with invalid value.
Tony Lee2843e392020-10-05 16:17:50 +0800[diff] [blame]183 [Tags] Verify_CSR_Generation_For_Server_Certificate_With_Invalid_Value_Via_Redfishtool
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]184 [Template] Generate CSR Via Redfishtool
185
186 # csr_type key_pair_algorithm key_bit_length key_curv_id expected_status
ganesanb8d31f152023-04-27 14:01:55 +0000[diff] [blame]187 Server ${invalid_value} ${keybit_length} prime256v1 error
188 Server RAS ${invalid_value} ${EMPTY} error
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]189
190
Tony Lee2843e392020-10-05 16:17:50 +0800[diff] [blame]191Verify CSR Generation For Client Certificate With Invalid Value Via Redfishtool
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]192 [Documentation] Verify error while generating CSR for client certificate with invalid value.
Tony Lee2843e392020-10-05 16:17:50 +0800[diff] [blame]193 [Tags] Verify_CSR_Generation_For_Client_Certificate_With_Invalid_Value_Via_Redfishtool
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]194 [Template] Generate CSR Via Redfishtool
195
ganesanb8d31f152023-04-27 14:01:55 +0000[diff] [blame]196 Client ${invalid_value} ${keybit_length} prime256v1 error
197 Client RSA ${invalid_value} ${EMPTY} error
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]198
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]199*** Keywords ***
200
201
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]202Generate CSR Via Redfishtool
203 [Documentation] Generate CSR using Redfish.
204 [Arguments] ${cert_type} ${key_pair_algorithm} ${key_bit_length} ${key_curv_id} ${expected_status}
205
206 # Description of argument(s):
207 # cert_type Certificate type ("Server" or "Client").
208 # key_pair_algorithm CSR key pair algorithm ("EC" or "RSA").
209 # key_bit_length CSR key bit length ("2048").
210 # key_curv_id CSR key curv id ("prime256v1" or "secp521r1" or "secp384r1").
211 # expected_status Expected status of certificate replace Redfishtool request ("ok" or "error").
212
213 ${certificate_uri}= Set Variable If
214 ... '${cert_type}' == 'Server' ${REDFISH_HTTPS_CERTIFICATE_URI}/
215 ... '${cert_type}' == 'Client' ${REDFISH_LDAP_CERTIFICATE_URI}/
216
217 ${certificate_dict}= Create Dictionary @odata.id=${certificate_uri}
218
219 ${csr_dict}= Create Dictionary City=Austin CertificateCollection=${certificate_dict}
rramyasr-in8e6ebd22023-02-20 09:44:23 -0600[diff] [blame]220 ... CommonName=${OPENBMC_HOST} Country=US Organization=xyz
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]221 ... OrganizationalUnit=ISL State=AU KeyBitLength=${key_bit_length}
222 ... KeyPairAlgorithm=${key_pair_algorithm} KeyCurveId=${key_curv_id}
223
224 # Remove not applicable field for CSR generation.
George Keishingc5dbbdd2025-05-07 13:55:17 +0530[diff] [blame^]225 IF '${key_pair_algorithm}' == 'EC'
226 Remove From Dictionary ${csr_dict} KeyBitLength
227 ELSE IF '${key_pair_algorithm}' == 'RSA'
228 Remove From Dictionary ${csr_dict} KeyCurveId
229 END
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]230
ganesanb85c22652023-04-22 16:08:30 +0000[diff] [blame]231 ${expected_resp}= Set Variable If
232 ... '${expected_status}' == 'ok' ${HTTP_OK}, ${HTTP_NO_CONTENT}
manashsarmae12c8472020-07-24 07:15:47 -0500[diff] [blame]233 ... '${expected_status}' == 'error' ${HTTP_BAD_REQUEST}
234
235 ${string}= Convert To String ${csr_dict}
236
237 ${string2}= Replace String ${string} ' "
238
239 ${payload}= Set Variable '${string2}'
240
241 ${response}= Redfishtool Post
242 ... ${payload} /redfish/v1/CertificateService/Actions/CertificateService.GenerateCSR
243 ... expected_error=${expected_resp}
244
245 # Delay added between two CSR generation request.
246 Sleep 5s
247
248
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]249Verify Redfishtool Install Certificate
250 [Documentation] Install and verify certificate using Redfishtool.
251 [Arguments] ${cert_type} ${cert_format} ${expected_status} ${delete_cert}=${True}
ganesanb85c22652023-04-22 16:08:30 +0000[diff] [blame]252 ... ${install_type}=install
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]253
254 # Description of argument(s):
255 # cert_type Certificate type (e.g. "Client" or "CA").
256 # cert_format Certificate file format
257 # expected_status Expected status of certificate install Redfishtool
258 # request (i.e. "ok" or "error").
259 # delete_cert Certificate will be deleted before installing if this True.
260
George Keishingc5dbbdd2025-05-07 13:55:17 +0530[diff] [blame^]261 IF '${cert_type}' == 'CA'
262 Delete All CA Certificate Via Redfishtool ${delete_cert}
263 ELSE IF '${cert_type}' == 'Client'
264 Redfishtool Delete Certificate Via BMC CLI ${cert_type} ${delete_cert}
265 END
ganesanb85c22652023-04-22 16:08:30 +0000[diff] [blame]266
Sridevi Rameshe54be142025-05-05 00:52:45 -0500[diff] [blame]267 IF "${install_type}" != "install" and "${file_status}" != "Not Found"
268 RETURN
269 END
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]270
271 ${cert_file_path}= Generate Certificate File Via Openssl ${cert_format}
272 ${bytes}= OperatingSystem.Get Binary File ${cert_file_path}
273 ${file_data}= Decode Bytes To String ${bytes} UTF-8
274
275 ${certificate_uri}= Set Variable If
276 ... '${cert_type}' == 'Client' ${REDFISH_LDAP_CERTIFICATE_URI}
277 ... '${cert_type}' == 'CA' ${REDFISH_CA_CERTIFICATE_URI}
278
279 ${cert_id}= Redfishtool Install Certificate File On BMC
280 ... ${certificate_uri} ${expected_status} data=${file_data}
281 Logging Installed certificate id: ${cert_id}
Yi Hu02d32762024-03-07 14:34:34 -0800[diff] [blame]282 Set Test Variable ${cert_id}
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]283
284 # Adding delay after certificate installation.
285 Sleep 30s
286
287 ${cert_file_content}= OperatingSystem.Get File ${cert_file_path}
288
George Keishingc5dbbdd2025-05-07 13:55:17 +0530[diff] [blame^]289 IF '${expected_status}' == 'ok'
290 ${bmc_cert_content}= Redfishtool GetAttribute ${certificate_uri}/${cert_id} CertificateString
291 Should Contain ${cert_file_content} ${bmc_cert_content}
292 END
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]293
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]294
ganesanb85c22652023-04-22 16:08:30 +0000[diff] [blame]295Delete All CA Certificate Via Redfishtool
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]296 [Documentation] Delete all CA certificate via Redfish.
ganesanb85c22652023-04-22 16:08:30 +0000[diff] [blame]297 [Arguments] ${delete_cert}=${True}
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]298
ganesanb4d430282023-04-27 14:33:23 +0000[diff] [blame]299 ${cmd_output}= Redfishtool Get /redfish/v1/Managers/${MANAGER_ID}/Truststore/Certificates
George Keishing4fc24152025-04-11 21:27:56 +0530[diff] [blame]300 ${cmd_output}= Convert String To JSON ${cmd_output}
George Keishingfbd67002022-08-01 11:24:03 -0500[diff] [blame]301 ${cert_list}= Set Variable ${cmd_output["Members"]}
ganesanb85c22652023-04-22 16:08:30 +0000[diff] [blame]302 ${uri_length}= Get Length ${cert_list}
303 ${file_status}= Set Variable If
304 ... "${uri_length}" == "0" Not Found
305 ... "${uri_length}" != "0" Found
306 ${cert_id}= Set Variable If
307 ... "${uri_length}" != "0" ${cert_list[-1]["@odata.id"].split("/")[-1].strip()}
308 ... "${uri_length}" == "0" None
309 Set Test Variable ${cert_id}
310 Set Test Variable ${file_status}
Sridevi Rameshe54be142025-05-05 00:52:45 -0500[diff] [blame]311
312 IF "${file_status}" != "Found" or "${delete_cert}" != "${True}"
313 RETURN
314 END
315
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]316 FOR ${cert} IN @{cert_list}
manashsarma579d8252020-05-28 08:10:51 -0500[diff] [blame]317 Redfishtool Delete ${cert["@odata.id"]} ${root_cmd_args}
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]318 END
319
320
321Redfishtool Delete Certificate Via BMC CLI
322 [Documentation] Delete certificate via BMC CLI.
ganesanb85c22652023-04-22 16:08:30 +0000[diff] [blame]323 [Arguments] ${cert_type} ${delete_cert}=${True}
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]324
325 # Description of argument(s):
326 # cert_type Certificate type (e.g. "Client" or "CA").
327
George Keishingc5dbbdd2025-05-07 13:55:17 +0530[diff] [blame^]328 # Check if cert type is Client else set to CA parameters.
329
330 ${certificate_file_path}= Set Variable If '${cert_type}' == 'Client'
331 ... /etc/nslcd/certs/cert.pem ${ROOT_CA_FILE_PATH}
332
333 ${certificate_service}= Set Variable If '${cert_type}' == 'Client'
334 ... phosphor-certificate-manager@nslcd.service
335 ... phosphor-certificate-manager@authority.service
336
337 ${certificate_uri}= Set Variable If '${cert_type}' == 'Client'
338 ... ${REDFISH_LDAP_CERTIFICATE_URI}
339 ... ${REDFISH_CA_CERTIFICATE_URI}
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]340
341 ${file_status} ${stderr} ${rc}= BMC Execute Command
342 ... [ -f ${certificate_file_path} ] && echo "Found" || echo "Not Found"
343
ganesanb85c22652023-04-22 16:08:30 +0000[diff] [blame]344 Set Test Variable ${file_status}
Sridevi Rameshe54be142025-05-05 00:52:45 -0500[diff] [blame]345
346 IF "${file_status}" != "Found" or '${delete_cert}' != "${True}"
347 RETURN
348 END
349
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]350 BMC Execute Command rm ${certificate_file_path}
351 BMC Execute Command systemctl restart ${certificate_service}
352 BMC Execute Command systemctl daemon-reload
353
354
355Redfishtool Install Certificate File On BMC
356 [Documentation] Install certificate file in BMC using POST operation.
357 [Arguments] ${uri} ${status}=ok &{kwargs}
358
359 # Description of argument(s):
360 # uri URI for installing certificate file via Redfishtool.
361 # e.g. "/redfish/v1/AccountService/LDAP/Certificates".
362 # status Expected status of certificate installation via Redfishtool.
363 # e.g. error, ok.
364 # kwargs A dictionary of keys/values to be passed directly to
365 # POST Request.
366
367 Initialize OpenBMC 20 ${quiet}=${1} ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
368
369 ${headers}= Create Dictionary Content-Type=application/octet-stream
370 ... X-Auth-Token=${XAUTH_TOKEN}
371 Set To Dictionary ${kwargs} headers ${headers}
372
George Keishing7ffc3a52022-08-18 04:10:24 -0500[diff] [blame]373 ${resp}= POST On Session openbmc ${uri} &{kwargs} expected_status=any
ganesanb85c22652023-04-22 16:08:30 +0000[diff] [blame]374 ${cert_id}= Set Variable If
375 ... '${resp.status_code}' == '${HTTP_OK}' ${resp.json()["Id"]}
376 ... '${resp.status_code}' == '${HTTP_NO_CONTENT}' ${resp.json()["Id"]} -1
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]377
George Keishingc5dbbdd2025-05-07 13:55:17 +0530[diff] [blame^]378 IF '${status}' == 'ok'
379 Should Contain Any "${resp.status_code}" ${HTTP_OK} ${HTTP_NO_CONTENT}
380 ELSE IF '${status}' == 'error'
381 Should Be Equal As Strings ${resp.status_code} ${HTTP_INTERNAL_SERVER_ERROR}
382 END
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]383
384 Delete All Sessions
385
George Keishing409df052024-01-17 22:36:14 +0530[diff] [blame]386 RETURN ${cert_id}
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]387
388
389Verify Redfishtool Replace Certificate
390 [Documentation] Verify replace server certificate.
391 [Arguments] ${cert_type} ${cert_format} ${expected_status}
392
393 # Description of argument(s):
394 # cert_type Certificate type (e.g. "Client", "Server" or "CA").
395 # cert_format Certificate file format
396 # (e.g. "Valid_Certificate_Valid_Privatekey").
397 # expected_status Expected status of certificate replace Redfishtool
398 # request (i.e. "ok" or "error").
399
400 # Install certificate before replacing client or CA certificate.
George Keishingc5dbbdd2025-05-07 13:55:17 +0530[diff] [blame^]401 IF '${cert_type}' == 'Client'
402 Verify Redfishtool Install Certificate ${cert_type} ${cert_format} ${expected_status}
403 ... ${False} replace
404 ELSE IF '${cert_type}' == 'CA'
405 Verify Redfishtool Install Certificate ${cert_type} ${cert_format} ${expected_status}
406 ... ${False} replace
407 END
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]408
409 ${cert_file_path}= Generate Certificate File Via Openssl ${cert_format}
410 ${bytes}= OperatingSystem.Get Binary File ${cert_file_path}
411 ${file_data}= Decode Bytes To String ${bytes} UTF-8
412
413 ${certificate_uri}= Set Variable If
414 ... '${cert_type}' == 'Server' ${REDFISH_HTTPS_CERTIFICATE_URI}/1
415 ... '${cert_type}' == 'Client' ${REDFISH_LDAP_CERTIFICATE_URI}/1
416 ... '${cert_type}' == 'CA' ${REDFISH_CA_CERTIFICATE_URI}/${cert_id}
417
418 ${certificate_dict}= Create Dictionary @odata.id=${certificate_uri}
419 ${dict_objects}= Create Dictionary CertificateString=${file_data}
420 ... CertificateType=PEM CertificateUri=${certificate_dict}
421 ${string}= Convert To String ${dict_objects}
422 ${string}= Replace String ${string} ' "
423 ${payload}= Set Variable '${string}'
424
ganesanb85c22652023-04-22 16:08:30 +0000[diff] [blame]425 ${expected_resp}= Set Variable If
426 ... '${expected_status}' == 'ok' ${HTTP_OK}, ${HTTP_NO_CONTENT}
George Keishing365dd462023-10-12 18:56:00 +0530[diff] [blame]427 ... '${expected_status}' == 'error' ${HTTP_NOT_FOUND},${HTTP_INTERNAL_SERVER_ERROR}
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]428
429 ${response}= Redfishtool Post
Anusha Dathatrif5103462020-06-18 05:40:43 -0500[diff] [blame]430 ... ${payload} /redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate
431 ... expected_error=${expected_resp}
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]432
433 ${cert_file_content}= OperatingSystem.Get File ${cert_file_path}
manashsarma03fcac12023-04-05 01:01:27 -0500[diff] [blame]434 Sleep 5s
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]435 ${bmc_cert_content}= Redfishtool GetAttribute ${certificate_uri} CertificateString
436
George Keishingc5dbbdd2025-05-07 13:55:17 +0530[diff] [blame^]437 IF '${expected_status}' == 'ok'
438 Should Contain ${cert_file_content} ${bmc_cert_content}
439 ELSE
440 Should Not Contain ${cert_file_content} ${bmc_cert_content}
441 END
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]442
443
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]444Redfishtool GetAttribute
445 [Documentation] Execute redfishtool for GET operation.
446 [Arguments] ${uri} ${Attribute} ${cmd_args}=${root_cmd_args} ${expected_error}=""
447
448 # Description of argument(s):
449 # uri URI for GET operation (e.g. /redfish/v1/AccountService/Accounts/).
450 # Attribute The specific attribute to be retrieved with the URI.
451 # cmd_args Commandline arguments.
452 # expected_error Expected error optionally provided in testcase (e.g. 401 /
453 # authentication error, etc. ).
454
George Keishing4fc24152025-04-11 21:27:56 +0530[diff] [blame]455 ${rc} ${cmd_output}= Run And Return RC And Output ${cmd_args} GET ${uri}
George Keishingc5dbbdd2025-05-07 13:55:17 +0530[diff] [blame^]456 IF ${rc} != 0 Is HTTP Error Expected ${cmd_output} ${expected_error}
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]457
George Keishing4fc24152025-04-11 21:27:56 +0530[diff] [blame]458 ${cmd_output}= Convert String To JSON ${cmd_output}
George Keishingfbd67002022-08-01 11:24:03 -0500[diff] [blame]459
George Keishing409df052024-01-17 22:36:14 +0530[diff] [blame]460 RETURN ${cmd_output["CertificateString"]}
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]461
462
manashsarma26d0e832020-05-26 05:46:55 -0500[diff] [blame]463Suite Setup Execution
464 [Documentation] Do suite setup execution.
465
466 ${tool_exist}= Run which redfishtool
467 Should Not Be Empty ${tool_exist}
468
469 # Create certificate sub-directory in current working directory.
470 Create Directory certificate_dir