Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / e05f7bc2b0e443367d1d2bf3f93265a6d6e86e6a / . / openpower / ext_interfaces / test_vmicert_management.robot
blob: 22ae5960c45bfaf04a43fb84886d437816d3e5ab [file] [log] [blame]
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]1*** Settings ***
2
3Documentation VMI certificate exchange tests.
4
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]5Library ../../lib/jobs_processing.py
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]6Resource ../../lib/resource.robot
7Resource ../../lib/bmc_redfish_resource.robot
8Resource ../../lib/openbmc_ffdc.robot
9Resource ../../lib/bmc_redfish_utils.robot
10Resource ../../lib/utils.robot
11
12Suite Setup Suite Setup Execution
13Test Teardown FFDC On Test Case Fail
14Suite Teardown Suite Teardown Execution
15
16
17*** Variables ***
18
19# users User Name password
20@{ADMIN} admin_user TestPwd123
21@{OPERATOR} operator_user TestPwd123
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]22@{ReadOnly} readonly_user TestPwd123
23@{NoAccess} noaccess_user TestPwd123
24&{USERS} Administrator=${ADMIN} Operator=${OPERATOR} ReadOnly=${ReadOnly}
25... NoAccess=${NoAccess}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]26${VMI_BASE_URI} /ibm/v1/
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]27
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]28
29*** Test Cases ***
30
31Get CSR Request Signed By VMI And Verify
32 [Documentation] Get CSR request signed by VMI using different user roles and verify.
33 [Tags] Get_CSR_Request_Signed_By_VMI_And_Verify
34 [Template] Get Certificate Signed By VMI
35
36 # username password force_create valid_csr valid_status_code
37 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]38
39 # Send CSR request from operator user.
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]40 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
41
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]42 # Send CSR request from ReadOnly user.
43 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
44
45 # Send CSR request from NoAccess user.
46 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
47
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]48
49Get Root Certificate Using Different Privilege Users Roles
50 [Documentation] Get root certificate using different users.
51 [Tags] Get_Root_Certificate_Using_Different_Users
52 [Template] Get Root Certificate
53
54 # username password force_create valid_csr valid_status_code
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]55 # Request root certificate from admin user.
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]56 admin_user TestPwd123 ${True} ${True} ${HTTP_OK}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]57
58 # Request root certificate from operator user.
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]59 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
60
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]61 # Request root certificate from ReadOnly user.
62 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
63
64 # Request root certificate from NoAccess user.
65 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
66
67
68Send CSR Request When VMI Is Off And Verify
69 [Documentation] Send CSR signing request to VMI when it is off and expect an error.
70 [Tags] Get_CSR_Request_When_VMI_Is_Off_And_verify
71 [Setup] Redfish Power Off
shrsuman1237463d422021-06-17 02:53:25 -0500[diff] [blame]72 [Teardown] Run keywords Redfish Power On stack_mode=skip AND FFDC On Test Case Fail
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]73 [Template] Get Certificate Signed By VMI
74
75 # username password force_create valid_csr valid_status_code
76 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_INTERNAL_SERVER_ERROR}
77
78 # Send CSR request from operator user.
shrsuman1233f70a6a2021-04-08 04:48:07 -0500[diff] [blame]79 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]80
81 # Send CSR request from ReadOnly user.
shrsuman1233f70a6a2021-04-08 04:48:07 -0500[diff] [blame]82 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]83
84 # Send CSR request from NoAccess user.
shrsuman1233f70a6a2021-04-08 04:48:07 -0500[diff] [blame]85 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]86
shrsuman1231b1c2a42020-11-02 23:02:30 -0600[diff] [blame]87Get Corrupted CSR Request Signed By VMI And Verify
88 [Documentation] Send corrupted CSR for signing and expect an error.
89 [Tags] Get_Corrupted_CSR_Request_Signed_By_VMI_And_Verify
shrsuman1231b1c2a42020-11-02 23:02:30 -0600[diff] [blame]90 [Template] Get Certificate Signed By VMI
91
92 # username password force_create valid_csr valid_status_code
93 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
94
95 # Send CSR request from operator user.
96 operator_user TestPwd123 ${False} ${False} ${HTTP_FORBIDDEN}
97
98 # Send CSR request from ReadOnly user.
99 readonly_user TestPwd123 ${False} ${False} ${HTTP_FORBIDDEN}
100
101 # Send CSR request from NoAccess user.
102 noaccess_user TestPwd123 ${False} ${False} ${HTTP_FORBIDDEN}
103
shrsuman12368bdcae2021-01-18 00:38:25 -0600[diff] [blame]104Get Root Certificate When VMI Is Off And Verify
105 [Documentation] Get root certificate when vmi is off and verify.
106 [Tags] Get_Root_Certificate_When_VMI_Is_Off_And_Verify
107 [Setup] Redfish Power Off
shrsuman1237463d422021-06-17 02:53:25 -0500[diff] [blame]108 [Teardown] Run keywords Redfish Power On stack_mode=skip AND FFDC On Test Case Fail
shrsuman12368bdcae2021-01-18 00:38:25 -0600[diff] [blame]109 [Template] Get Root Certificate
shrsuman1231b1c2a42020-11-02 23:02:30 -0600[diff] [blame]110
shrsuman12368bdcae2021-01-18 00:38:25 -0600[diff] [blame]111 # username password force_create valid_csr valid_status_code
112 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
113
114 # Request root certificate from operator user.
115 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
116
117 # Request root certificate from ReadOnly user.
118 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
119
120 # Request root certificate from NoAccess user.
121 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
122
123
124Get Root Certificate After BMC Reboot And Verify
125 [Documentation] Get root certificate after bmc reboot and verify.
126 [Tags] Get_Root_Certificate_After_BMC_Reboot_And_Verify
127 [Setup] Run Keywords OBMC Reboot (off) AND Redfish Power On
128 [Template] Get Root Certificate
129
130 # username password force_create valid_csr valid_status_code
131 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
132
133 # Request root certificate from operator user.
134 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
135
136 # Request root certificate from ReadOnly user.
137 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
138
139 # Request root certificate from NoAccess user.
140 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]141
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]142Get Concurrent Root Certificate Requests From Multiple Admin Users
143 [Documentation] Get multiple concurrent root certificate requests from multiple admins
144 ... and verify no errors.
145 [Tags] Get_Concurrent_Root_Certificate_Requests_From_Multiple_Admin_Users
146
147 FOR ${i} IN RANGE ${5}
148 ${dict}= Execute Process Multi Keyword ${5}
149 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
150 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
151 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
152 Dictionary Should Not Contain Value ${dict} False
153 ... msg=One or more operations has failed.
154 END
155
156Get Concurrent CSR Requests From Multiple Admin Users
157 [Documentation] Get multiple concurrent csr requests from multiple admins and verify no errors.
158 [Tags] Get_Concurrent_CSR_Requests_From_Multiple_Admin_Users
159
160 FOR ${i} IN RANGE ${5}
161 ${dict}= Execute Process Multi Keyword ${5}
162 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
163 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
164 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
165 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
166 Dictionary Should Not Contain Value ${dict} False
167 ... msg=One or more operations has failed.
168 END
169
170Get Concurrent Corrupted CSR Requests From Multiple Admin Users
171 [Documentation] Get multiple concurrent corrupted csr requests from multiple admins and verify no errors.
172 [Tags] Get_Concurrent_Corrupted_CSR_Requests_From_Multiple_Admin_Users
173
174 FOR ${i} IN RANGE ${5}
175 ${dict}= Execute Process Multi Keyword ${5}
176 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
177 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
178 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
179 Dictionary Should Not Contain Value ${dict} False
180 ... msg=One or more operations has failed.
181 END
182
shrsuman12382a9a312021-03-26 05:34:32 -0500[diff] [blame]183Get Concurrent Root Certificate Request From Operator Users
184 [Documentation] Get multiple concurrent root certificate from non admin users and verify no errors.
185 [Tags] Get_Concurrent_Root_Certificate_Request_From_Operator_Users
186
187 FOR ${i} IN RANGE ${5}
188 ${dict}= Execute Process Multi Keyword ${5}
189 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
190 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
191 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
192 Dictionary Should Not Contain Value ${dict} False
193 ... msg=One or more operations has failed.
194 END
195
196Get Concurrent Root Certificate Request From Admin And Non Admin Users
197 [Documentation] Get multiple concurrent root certificate from admin and non admin users
198 ... and verify no errors.
199 [Tags] Get_Concurrent_Root_Certificate_Request_From_Admin_And_Non_Admin_Users
200
201 FOR ${i} IN RANGE ${5}
202 ${dict}= Execute Process Multi Keyword ${5}
203 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
204 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
205 ... Get Root Certificate readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
206 Dictionary Should Not Contain Value ${dict} False
207 ... msg=One or more operations has failed.
208 END
209
210Get Concurrent Root Certificate Request From Different Non Admin Users
211 [Documentation] Get multiple concurrent root certificate from different non admin users
212 ... and verify no errors.
213 [Tags] Get_Concurrent_Root_Certificate_Request_From_Different_Non_Admin_Users
214
215 FOR ${i} IN RANGE ${5}
216 ${dict}= Execute Process Multi Keyword ${5}
217 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
218 ... Get Root Certificate readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
219 ... Get Root Certificate noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
220 Dictionary Should Not Contain Value ${dict} False
221 ... msg=One or more operations has failed.
222 END
223
224Get Concurrent CSR Request From Operator Users
225 [Documentation] Get multiple concurrent csr request from non admin users and verify no errors.
226 [Tags] Get_Concurrent_CSR_Request_From_Operator_Users
227
228 FOR ${i} IN RANGE ${5}
229 ${dict}= Execute Process Multi Keyword ${5}
230 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
231 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
232 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
233 Dictionary Should Not Contain Value ${dict} False
234 ... msg=One or more operations has failed.
235 END
236
shrsuman12394b36572021-03-10 03:15:53 -0600[diff] [blame]237Get Root Certificate And Send CSR Request Concurrently And Verify
238 [Documentation] Get root certificate and send csr request concurrently and
239 ... verify gets root and signed certificate.
240 [Tags] Get_Root_Certificate_And_Send_CSR_Request_Concurrently_And_Verify
241
242 FOR ${i} IN RANGE ${5}
243 ${dict}= Execute Process Multi Keyword ${5}
244 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
245 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
246 Dictionary Should Not Contain Value ${dict} False
247 ... msg=One or more operations has failed.
248 END
249
250Get Concurrent Root Certificate And Send CSR Request And Verify
251 [Documentation] Get concurrent root certificate and send csr request
252 ... and verify gets root certificate and signed certificate.
253 [Tags] Get_Concurrent_Root_Certificate_And_Send_CSR_Request_And_Verify
254
255 FOR ${i} IN RANGE ${5}
256 ${dict}= Execute Process Multi Keyword ${5}
257 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
258 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
259 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
260 Dictionary Should Not Contain Value ${dict} False
261 ... msg=One or more operations has failed.
262 END
263
264Get Root Certificate And Send Multiple CSR Requests Concurrently And Verify
265 [Documentation] Get root certificate and send multiple csr requests concurrently and
266 ... verify gets root certificate and signed certificates.
267 [Tags] Get_Root_Certificate_And_Send_Multiple_CSR_Requests_Concurrently_And_Verify
268
269 FOR ${i} IN RANGE ${5}
270 ${dict}= Execute Process Multi Keyword ${5}
271 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
272 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
273 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
274 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
275 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
276 Dictionary Should Not Contain Value ${dict} False
277 ... msg=One or more operations has failed.
278 END
279
280Get Root Certificate And Send Multiple Corrupted CSR Requests Concurrently And Verify
281 [Documentation] Get root certificate and send multiple corrupted csr requests concurrently and
282 ... verify gets root certificate and error for corrupted csr requests.
283 [Tags] Get_Root_Certificate_And_Send_Multiple_Corrupted_CSR_Requests_Concurrently_And_Verify
284
285 FOR ${i} IN RANGE ${5}
286 ${dict}= Execute Process Multi Keyword ${5}
287 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
288 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
289 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
290 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
291 Dictionary Should Not Contain Value ${dict} False
292 ... msg=One or more operations has failed.
293 END
294
shrsuman123b63aa5e2021-04-12 06:20:18 -0500[diff] [blame]295Send Concurrent CSR Request And Corrupted CSR Request And Verify
296 [Documentation] Send concurrent csr request and corrupted csr request
297 ... and verify gets certificate for valid csr and error for corrupted csr.
298 [Tags] Send_Concurrent_CSR_Request_And_Corrupted_CSR_Request_And_Verify
299
300 FOR ${i} IN RANGE ${5}
301 ${dict}= Execute Process Multi Keyword ${5}
302 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
303 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
304 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
305 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
306 Dictionary Should Not Contain Value ${dict} False
307 ... msg=One or more operations has failed.
308 END
309
310Get Root Certificate Send CSR And Corrupted CSR Request Concurrently And Verify
311 [Documentation] Get root certificate send csr and corrupted csr requests concurrently and
312 ... verify gets root certificate and certificate for valid csr and error for corrupted csr.
313 [Tags] Get_Root_Certificate_Send_CSR_And_Corrupted_CSR_Request_Concurrently_And_Verify
314
315 FOR ${i} IN RANGE ${5}
316 ${dict}= Execute Process Multi Keyword ${5}
317 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
318 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
319 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
320 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
321 Dictionary Should Not Contain Value ${dict} False
322 ... msg=One or more operations has failed.
323 END
324
325Send Concurrent CSR Request From Admin And Non Admin Users And Verify
326 [Documentation] Send concurrent csr requests from admin and non-admin users and verify
327 ... admin gets certificate and non-admin gets error.
328 [Tags] Send_Concurrent_CSR_Request_From_Admin_And_Non_Admin_Users_And_Verify
329
330 FOR ${i} IN RANGE ${5}
331 ${dict}= Execute Process Multi Keyword ${5}
332 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
333 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
334 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
335 Dictionary Should Not Contain Value ${dict} False
336 ... msg=One or more operations has failed.
337 END
338
339Send Concurrent CSR Request From Non Admin Users And Verify
340 [Documentation] Send concurrent csr request from non admin users
341 ... and verify gets error.
342 [Tags] Send_Concurrent_CSR_Request_From_Non_Admin_Users_And_Verify
343
344 FOR ${i} IN RANGE ${5}
345 ${dict}= Execute Process Multi Keyword ${5}
346 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
347 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
348 ... Get Certificate Signed By VMI noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
349 Dictionary Should Not Contain Value ${dict} False
350 ... msg=One or more operations has failed.
351 END
352
shrsuman123a968ad52021-06-08 06:30:01 -0500[diff] [blame]353Get Root Certificate And Send Corrupted CSR From Admin CSR Request From Operator Concurrently
354 [Documentation] Get root certificate and send corrupted csr request from admin and
George Keishing7bc01e92021-06-15 11:07:14 -0500[diff] [blame]355 ... csr from operator concurrently and verify gets root certificate and errors for corrupted
shrsuman123a968ad52021-06-08 06:30:01 -0500[diff] [blame]356 ... and for operator.
357 [Tags] Get_Root_Certificate_And_Send_Corrupted_CSR_From_Admin_CSR_Request_From_Operator_Concurrently
358
359 FOR ${i} IN RANGE ${5}
360 ${dict}= Execute Process Multi Keyword ${5}
361 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
362 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
363 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
364 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
365 Dictionary Should Not Contain Value ${dict} False
366 ... msg=One or more operations has failed.
367 END
368
369Get Root Certificate From Operator And Send Corrupted CSR Request And CSR Request From Admin Concurrently
370 [Documentation] Get root certificate from operator and send corrupted csr request
371 ... and csr from admin and verify errors for operator and corrupted csr and signed certificate
372 ... for valid csr.
373 [Tags] Get_Root_Certificate_From_Operator_And_Send_Corrupted_CSR_Request_And_CSR_Request_From_Admin_Concurrently
374
375 FOR ${i} IN RANGE ${5}
376 ${dict}= Execute Process Multi Keyword ${5}
377 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
378 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
379 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
380 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
381 Dictionary Should Not Contain Value ${dict} False
382 ... msg=One or more operations has failed.
383 END
384
385
386Get Root Certificate From Operator And Admin Send CSR Request From Admin Concurrently
387 [Documentation] Get root certificate from operator and admin and
388 ... and send csr request from admin concurrently and verify error for operator
389 ... and admin gets root and signed certificate.
390 [Tags] Get_Root_Certificate_From_Operator_And_Admin_Send_CSR_Request_From_Admin_Concurrently
391
392 FOR ${i} IN RANGE ${5}
393 ${dict}= Execute Process Multi Keyword ${5}
394 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
395 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
396 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
397 Dictionary Should Not Contain Value ${dict} False
398 ... msg=One or more operations has failed.
399 END
400
shrsuman1235e80c022021-05-25 01:28:39 -0500[diff] [blame]401Send CSR Request From Admin And Operator And Corrupted CSR From Admin Concurrently And Verify
402 [Documentation] Send csr request from admin and operator and corrupted
403 ... csr request from admin and verify gets signed certificate for valid csr for admin
404 ... gets error for operator and error for corrupted csr.
405 [Tags] Send_CSR_Request_From_Admin_And_Operator_And_Corrupted_CSR_From_Admin_Concurrently_And_Verify
406
407 FOR ${i} IN RANGE ${5}
408 ${dict}= Execute Process Multi Keyword ${5}
409 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
410 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
411 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
412 Dictionary Should Not Contain Value ${dict} False
413 ... msg=One or more operations has failed.
414 END
415
416Send Corrupted CSR Requests From Admin And Operator And CSR Request From Admin Concurrently And Verify
417 [Documentation] Send corrupted csr request from admin and operator and csr request
418 ... from admin concurrently and verify errors for corrupted csr and gets signed certificate
419 ... for valid csr from admin.
420 [Tags] Send_Corrupted_CSR_Requests_From_Admin_And_Operator_And_CSR_Request_From_Admin_Concurrently_And_Verify
421
422 FOR ${i} IN RANGE ${5}
423 ${dict}= Execute Process Multi Keyword ${5}
424 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
425 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN}
426 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
427 Dictionary Should Not Contain Value ${dict} False
428 ... msg=One or more operations has failed.
429 END
430
431Send Corrupted CSR Requests From Admin And Operator User Concurrently And Verify
432 [Documentation] Send corrupted csr requests from admin and operator and
433 ... verify gets error.
434 [Tags] Send_Corrupted_CSR_Requests_From_Admin_And_Operator_User_Concurrently_And_Verify
435
436 FOR ${i} IN RANGE ${5}
437 ${dict}= Execute Process Multi Keyword ${5}
438 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
439 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
440 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN}
441 Dictionary Should Not Contain Value ${dict} False
442 ... msg=One or more operations has failed.
443 END
444
shrsuman123e05f7bc2021-04-23 04:42:05 -0500[diff] [blame^]445Get Root Certificate From Admin And Send CSR Requests From Non Admin Concurrently And Verify
446 [Documentation] Get root certificate from admin and csr requests from
447 ... non admin users concurrently and verify gets root certificate for admin and
448 ... errors for non-admins.
449 [Tags] Get_Root_Certificate_From_Admin_And_Send_CSR_Requests_From_Non_Admin_Concurrently_And_Verify
450
451 FOR ${i} IN RANGE ${5}
452 ${dict}= Execute Process Multi Keyword ${5}
453 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
454 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
455 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
456 Dictionary Should Not Contain Value ${dict} False
457 ... msg=One or more operations has failed.
458 END
459
460Get Root Certificate And Send CSR Requests From Non Admin Users Concurrently And Verify
461 [Documentation] Get root certificate and send csr requests from non admin
462 ... users and verify gets errors.
463 [Tags] Get_Root_Certificate_And_Send_CSR_Requests_From_Non_Admin_Users_Concurrently_And_Verify
464
465 FOR ${i} IN RANGE ${5}
466 ${dict}= Execute Process Multi Keyword ${5}
467 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
468 ... Get Root Certificate readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
469 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
470 ... Get Certificate Signed By VMI noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
471 Dictionary Should Not Contain Value ${dict} False
472 ... msg=One or more operations has failed.
473 END
474
475Send Corrupted CSR Request From Admin And CSR Requests From Non Admin Concurrently And Verify
476 [Documentation] Send corrupted csr request from admin and csr request from non admin
477 ... users concurrently and verify gets errors.
478 [Tags] Send_Corrupted_CSR_Request_From_Admin_And_CSR_Requests_From_Non_Admin_Concurrently_And_Verify
479
480 FOR ${i} IN RANGE ${5}
481 ${dict}= Execute Process Multi Keyword ${5}
482 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
483 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
484 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
485 Dictionary Should Not Contain Value ${dict} False
486 ... msg=One or more operations has failed.
487 END
488
489Send CSR Request And Corrupted CSR Requests From Non Admin Users Concurrently And Verify
490 [Documentation] Send csr and corrupted csr request from non admin users
491 ... and verify gets errors.
492 [Tags] Send_CSR_Request_And_Corrupted_CSR_Requests_From_Non_Admin_Users_Concurrently_And_Verify
493
494 FOR ${i} IN RANGE ${5}
495 ${dict}= Execute Process Multi Keyword ${5}
496 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN}
497 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN}
498 ... Get Certificate Signed By VMI noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
499 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
500 Dictionary Should Not Contain Value ${dict} False
501 ... msg=One or more operations has failed.
502 END
503
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]504*** Keywords ***
505
506Generate CSR String
507 [Documentation] Generate a csr string.
508
509 # Note: Generates and returns csr string.
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]510 ${csr_gen_time} = Get Current Date Time
511 ${CSR_FILE}= Catenate SEPARATOR=_ ${csr_gen_time} csr_server.csr
512 ${CSR_KEY}= Catenate SEPARATOR=_ ${csr_gen_time} csr_server.key
513 Set Test Variable ${CSR_FILE}
514 Set Test Variable ${CSR_KEY}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]515 ${ssl_cmd}= Set Variable openssl req -new -newkey rsa:2048 -nodes -keyout ${CSR_KEY} -out ${CSR_FILE}
516 ${ssl_sub}= Set Variable
517 ... -subj "/C=XY/ST=Abcd/L=Efgh/O=ABC/OU=Systems/CN=abc.com/emailAddress=xyz@xx.ABC.com"
518
519 # Run openssl command to create a new private key and use that to generate a CSR string
520 # in server.csr file.
521 ${output}= Run ${ssl_cmd} ${ssl_sub}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]522 ${csr}= OperatingSystem.Get File ${CSR_FILE}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]523
524 [Return] ${csr}
525
526
527Send CSR To VMI And Get Signed
George Keishingf9248952021-05-28 07:52:37 -0500[diff] [blame]528 [Documentation] Upload CSR to VMI and get signed.
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]529 [Arguments] ${csr} ${force_create} ${username} ${password}
530
531 # Description of argument(s):
532 # csr Certificate request from client to VMI.
533 # force_create Create a new REST session if True.
534 # username Username to create a REST session.
535 # password Password to create a REST session.
536
537 Run Keyword If "${XAUTH_TOKEN}" != "${EMPTY}" or ${force_create} == ${True}
538 ... Initialize OpenBMC rest_username=${username} rest_password=${password}
539
540 ${data}= Create Dictionary
541 ${headers}= Create Dictionary X-Auth-Token=${XAUTH_TOKEN}
542 ... Content-Type=application/json
543
544 ${cert_uri}= Set Variable ${VMI_BASE_URI}Host/Actions/SignCSR
545
546 # For SignCSR request, we need to pass CSR string generated by openssl command.
547 ${csr_data}= Create Dictionary CsrString ${csr}
548 Set To Dictionary ${data} data ${csr_data}
549
550 ${resp}= Post Request openbmc ${cert_uri} &{data} headers=${headers}
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]551 Log to console ${resp.content}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]552
553 [Return] ${resp}
554
555
556Get Root Certificate
557 [Documentation] Get root certificate from VMI.
558 [Arguments] ${username}=${OPENBMC_USERNAME} ${password}=${OPENBMC_PASSWORD}
559 ... ${force_create}=${False} ${valid_csr}=${True} ${valid_status_code}=${HTTP_OK}
560
561 # Description of argument(s):
562 # cert_type Type of the certificate requesting. eg. root or SignCSR.
563 # username Username to create a REST session.
564 # password Password to create a REST session.
565 # force_create Create a new REST session if True.
566 # valid_csr Uses valid CSR string in the REST request if True.
567 # This is not applicable for root certificate.
568 # valid_status_code Expected status code from REST request.
569
570 Run Keyword If "${XAUTH_TOKEN}" != "${EMPTY}" or ${force_create} == ${True}
571 ... Initialize OpenBMC rest_username=${username} rest_password=${password}
572
573 ${data}= Create Dictionary
574 ${headers}= Create Dictionary X-Auth-Token=${XAUTH_TOKEN}
575 ... Content-Type=application/json
576
577 ${cert_uri}= Set Variable ${VMI_BASE_URI}Host/Certificate/root
578
579 ${resp}= Get Request openbmc ${cert_uri} &{data} headers=${headers}
580
581 Should Be Equal As Strings ${resp.status_code} ${valid_status_code}
582 Return From Keyword If ${resp.status_code} != ${HTTP_OK}
583
584 ${cert}= Evaluate json.loads('''${resp.text}''', strict=False) json
585 Should Contain ${cert["Certificate"]} BEGIN CERTIFICATE
586 Should Contain ${cert["Certificate"]} END CERTIFICATE
587
588
589Get Subject
590 [Documentation] Generate a csr string.
591 [Arguments] ${file_name} ${is_csr_file}
592
593 # Description of argument(s):
594 # file_name Name of CSR or signed CERT file.
595 # is_csr_file A True value means a CSR while a False is for signed CERT file.
596
597 ${subject}= Run Keyword If ${is_csr_file} Run openssl req -in ${file_name} -text -noout | grep Subject:
598 ... ELSE Run openssl x509 -in ${file_name} -text -noout | grep Subject:
599
600 [Return] ${subject}
601
602
603Get Public Key
604 [Documentation] Generate a csr string.
605 [Arguments] ${file_name} ${is_csr_file}
606
607 # Description of argument(s):
608 # file_name Name of CSR or CERT file.
609 # is_csr_file A True value means a CSR while a False is for signed CERT file.
610
611 ${PublicKey}= Run Keyword If ${is_csr_file} Run openssl req -in ${file_name} -noout -pubkey
612 ... ELSE Run openssl x509 -in ${file_name} -noout -pubkey
613
614 [Return] ${PublicKey}
615
616
617Get Certificate Signed By VMI
618 [Documentation] Get signed certificate from VMI.
619 [Arguments] ${username}=${OPENBMC_USERNAME} ${password}=${OPENBMC_PASSWORD}
620 ... ${force_create}=${False} ${valid_csr}=${True} ${valid_status_code}=${HTTP_OK}
621
622 # Description of argument(s):
623 # cert_type Type of the certificate requesting. eg. root or SignCSR.
624 # username Username to create a REST session.
625 # password Password to create a REST session.
626 # force_create Create a new REST session if True.
627 # valid_csr Uses valid CSR string in the REST request if True.
628 # This is not applicable for root certificate.
629 # valid_status_code Expected status code from REST request.
630
631 Set Test Variable ${CSR} CSR
632 Set Test Variable ${CORRUPTED_CSR} CORRUPTED_CSR
633
634 ${CSR}= Generate CSR String
shrsuman1231b1c2a42020-11-02 23:02:30 -0600[diff] [blame]635 ${csr_left} ${csr_right}= Split String From Right ${CSR} == 1
636 ${CORRUPTED_CSR}= Catenate SEPARATOR= ${csr_left} \N ${csr_right}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]637
638 # For SignCSR request, we need to pass CSR string generated by openssl command
639 ${csr_str}= Set Variable If ${valid_csr} == ${True} ${CSR} ${CORRUPTED_CSR}
640
641 ${resp}= Send CSR To VMI And Get Signed ${csr_str} ${force_create} ${username} ${password}
642
643 Should Be Equal As Strings ${resp.status_code} ${valid_status_code}
644 Return From Keyword If ${resp.status_code} != ${HTTP_OK}
645
646 ${cert}= Evaluate json.loads('''${resp.text}''', strict=False) json
647 Should Contain ${cert["Certificate"]} BEGIN CERTIFICATE
648 Should Contain ${cert["Certificate"]} END CERTIFICATE
649
650 # Now do subject and public key verification
651 ${subject_csr}= Get Subject ${CSR_FILE} True
652 ${pubKey_csr}= Get Public Key ${CSR_FILE} True
653
654 # create a crt file with certificate string
655 ${signed_cert}= Set Variable ${cert["Certificate"]}
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]656 ${testcert_gen_time} = Get Current Date Time
657 ${test_cert_file}= Catenate SEPARATOR=_ ${testcert_gen_time} test_certificate.cert
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]658
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]659 Create File ${test_cert_file} ${signed_cert}
660 ${subject_signed_csr}= Get Subject ${test_cert_file} False
661 ${pubKey_signed_csr}= Get Public Key ${test_cert_file} False
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]662
663 Should be equal as strings ${subject_signed_csr} ${subject_csr}
664 Should be equal as strings ${pubKey_signed_csr} ${pubKey_csr}
665
666
667Suite Setup Execution
668 [Documentation] Suite setup execution.
669
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]670 Remove Files *.csr *.key *.cert
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]671 # Create different user accounts.
672 Redfish.Login
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]673 Redfish Power On
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]674 Create Users With Different Roles users=${USERS} force=${True}
675
676
677Suite Teardown Execution
678 [Documentation] Suite teardown execution.
679
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]680 Remove Files *.csr *.key *.cert
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]681 Delete BMC Users Via Redfish users=${USERS}
682 Delete All Sessions
683 Redfish.Logout