Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / f09efb86fa6f514a474111c93fd4c4537c52a035 / . / openpower / ext_interfaces / test_vmicert_management.robot
blob: 2fd9c2dbb07ce8e1d8678629b436d055dcacb1a7 [file] [log] [blame]
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]1*** Settings ***
2
3Documentation VMI certificate exchange tests.
4
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]5Library ../../lib/jobs_processing.py
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]6Resource ../../lib/resource.robot
7Resource ../../lib/bmc_redfish_resource.robot
8Resource ../../lib/openbmc_ffdc.robot
9Resource ../../lib/bmc_redfish_utils.robot
10Resource ../../lib/utils.robot
11
12Suite Setup Suite Setup Execution
13Test Teardown FFDC On Test Case Fail
14Suite Teardown Suite Teardown Execution
15
16
17*** Variables ***
18
19# users User Name password
20@{ADMIN} admin_user TestPwd123
21@{OPERATOR} operator_user TestPwd123
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]22@{ReadOnly} readonly_user TestPwd123
23@{NoAccess} noaccess_user TestPwd123
24&{USERS} Administrator=${ADMIN} Operator=${OPERATOR} ReadOnly=${ReadOnly}
25... NoAccess=${NoAccess}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]26${VMI_BASE_URI} /ibm/v1/
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]27
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]28
29*** Test Cases ***
30
31Get CSR Request Signed By VMI And Verify
32 [Documentation] Get CSR request signed by VMI using different user roles and verify.
33 [Tags] Get_CSR_Request_Signed_By_VMI_And_Verify
34 [Template] Get Certificate Signed By VMI
35
36 # username password force_create valid_csr valid_status_code
37 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]38
39 # Send CSR request from operator user.
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]40 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
41
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]42 # Send CSR request from ReadOnly user.
43 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
44
45 # Send CSR request from NoAccess user.
46 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
47
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]48
49Get Root Certificate Using Different Privilege Users Roles
50 [Documentation] Get root certificate using different users.
51 [Tags] Get_Root_Certificate_Using_Different_Users
52 [Template] Get Root Certificate
53
54 # username password force_create valid_csr valid_status_code
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]55 # Request root certificate from admin user.
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]56 admin_user TestPwd123 ${True} ${True} ${HTTP_OK}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]57
58 # Request root certificate from operator user.
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]59 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
60
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]61 # Request root certificate from ReadOnly user.
62 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
63
64 # Request root certificate from NoAccess user.
65 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
66
67
68Send CSR Request When VMI Is Off And Verify
69 [Documentation] Send CSR signing request to VMI when it is off and expect an error.
70 [Tags] Get_CSR_Request_When_VMI_Is_Off_And_verify
71 [Setup] Redfish Power Off
shrsuman1237463d422021-06-17 02:53:25 -0500[diff] [blame]72 [Teardown] Run keywords Redfish Power On stack_mode=skip AND FFDC On Test Case Fail
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]73 [Template] Get Certificate Signed By VMI
74
75 # username password force_create valid_csr valid_status_code
76 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_INTERNAL_SERVER_ERROR}
77
78 # Send CSR request from operator user.
shrsuman1233f70a6a2021-04-08 04:48:07 -0500[diff] [blame]79 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]80
81 # Send CSR request from ReadOnly user.
shrsuman1233f70a6a2021-04-08 04:48:07 -0500[diff] [blame]82 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]83
84 # Send CSR request from NoAccess user.
shrsuman1233f70a6a2021-04-08 04:48:07 -0500[diff] [blame]85 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]86
shrsuman1231b1c2a42020-11-02 23:02:30 -0600[diff] [blame]87Get Corrupted CSR Request Signed By VMI And Verify
88 [Documentation] Send corrupted CSR for signing and expect an error.
89 [Tags] Get_Corrupted_CSR_Request_Signed_By_VMI_And_Verify
shrsuman1231b1c2a42020-11-02 23:02:30 -0600[diff] [blame]90 [Template] Get Certificate Signed By VMI
91
92 # username password force_create valid_csr valid_status_code
93 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
94
95 # Send CSR request from operator user.
96 operator_user TestPwd123 ${False} ${False} ${HTTP_FORBIDDEN}
97
98 # Send CSR request from ReadOnly user.
99 readonly_user TestPwd123 ${False} ${False} ${HTTP_FORBIDDEN}
100
101 # Send CSR request from NoAccess user.
102 noaccess_user TestPwd123 ${False} ${False} ${HTTP_FORBIDDEN}
103
shrsuman12368bdcae2021-01-18 00:38:25 -0600[diff] [blame]104Get Root Certificate When VMI Is Off And Verify
105 [Documentation] Get root certificate when vmi is off and verify.
106 [Tags] Get_Root_Certificate_When_VMI_Is_Off_And_Verify
107 [Setup] Redfish Power Off
shrsuman1237463d422021-06-17 02:53:25 -0500[diff] [blame]108 [Teardown] Run keywords Redfish Power On stack_mode=skip AND FFDC On Test Case Fail
shrsuman12368bdcae2021-01-18 00:38:25 -0600[diff] [blame]109 [Template] Get Root Certificate
shrsuman1231b1c2a42020-11-02 23:02:30 -0600[diff] [blame]110
shrsuman12368bdcae2021-01-18 00:38:25 -0600[diff] [blame]111 # username password force_create valid_csr valid_status_code
112 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
113
114 # Request root certificate from operator user.
115 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
116
117 # Request root certificate from ReadOnly user.
118 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
119
120 # Request root certificate from NoAccess user.
121 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
122
123
124Get Root Certificate After BMC Reboot And Verify
125 [Documentation] Get root certificate after bmc reboot and verify.
126 [Tags] Get_Root_Certificate_After_BMC_Reboot_And_Verify
127 [Setup] Run Keywords OBMC Reboot (off) AND Redfish Power On
128 [Template] Get Root Certificate
129
130 # username password force_create valid_csr valid_status_code
131 ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
132
133 # Request root certificate from operator user.
134 operator_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
135
136 # Request root certificate from ReadOnly user.
137 readonly_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
138
139 # Request root certificate from NoAccess user.
140 noaccess_user TestPwd123 ${False} ${True} ${HTTP_FORBIDDEN}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]141
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]142Get Concurrent Root Certificate Requests From Multiple Admin Users
143 [Documentation] Get multiple concurrent root certificate requests from multiple admins
144 ... and verify no errors.
145 [Tags] Get_Concurrent_Root_Certificate_Requests_From_Multiple_Admin_Users
146
147 FOR ${i} IN RANGE ${5}
148 ${dict}= Execute Process Multi Keyword ${5}
149 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
150 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
151 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
152 Dictionary Should Not Contain Value ${dict} False
153 ... msg=One or more operations has failed.
154 END
155
156Get Concurrent CSR Requests From Multiple Admin Users
157 [Documentation] Get multiple concurrent csr requests from multiple admins and verify no errors.
158 [Tags] Get_Concurrent_CSR_Requests_From_Multiple_Admin_Users
159
160 FOR ${i} IN RANGE ${5}
161 ${dict}= Execute Process Multi Keyword ${5}
162 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
163 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
164 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
165 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
166 Dictionary Should Not Contain Value ${dict} False
167 ... msg=One or more operations has failed.
168 END
169
170Get Concurrent Corrupted CSR Requests From Multiple Admin Users
171 [Documentation] Get multiple concurrent corrupted csr requests from multiple admins and verify no errors.
172 [Tags] Get_Concurrent_Corrupted_CSR_Requests_From_Multiple_Admin_Users
173
174 FOR ${i} IN RANGE ${5}
175 ${dict}= Execute Process Multi Keyword ${5}
176 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
177 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
178 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
179 Dictionary Should Not Contain Value ${dict} False
180 ... msg=One or more operations has failed.
181 END
182
shrsuman12382a9a312021-03-26 05:34:32 -0500[diff] [blame]183Get Concurrent Root Certificate Request From Operator Users
184 [Documentation] Get multiple concurrent root certificate from non admin users and verify no errors.
185 [Tags] Get_Concurrent_Root_Certificate_Request_From_Operator_Users
186
187 FOR ${i} IN RANGE ${5}
188 ${dict}= Execute Process Multi Keyword ${5}
189 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
190 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
191 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
192 Dictionary Should Not Contain Value ${dict} False
193 ... msg=One or more operations has failed.
194 END
195
196Get Concurrent Root Certificate Request From Admin And Non Admin Users
197 [Documentation] Get multiple concurrent root certificate from admin and non admin users
198 ... and verify no errors.
199 [Tags] Get_Concurrent_Root_Certificate_Request_From_Admin_And_Non_Admin_Users
200
201 FOR ${i} IN RANGE ${5}
202 ${dict}= Execute Process Multi Keyword ${5}
203 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
204 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
205 ... Get Root Certificate readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
206 Dictionary Should Not Contain Value ${dict} False
207 ... msg=One or more operations has failed.
208 END
209
210Get Concurrent Root Certificate Request From Different Non Admin Users
211 [Documentation] Get multiple concurrent root certificate from different non admin users
212 ... and verify no errors.
213 [Tags] Get_Concurrent_Root_Certificate_Request_From_Different_Non_Admin_Users
214
215 FOR ${i} IN RANGE ${5}
216 ${dict}= Execute Process Multi Keyword ${5}
217 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
218 ... Get Root Certificate readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
219 ... Get Root Certificate noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
220 Dictionary Should Not Contain Value ${dict} False
221 ... msg=One or more operations has failed.
222 END
223
224Get Concurrent CSR Request From Operator Users
225 [Documentation] Get multiple concurrent csr request from non admin users and verify no errors.
226 [Tags] Get_Concurrent_CSR_Request_From_Operator_Users
227
228 FOR ${i} IN RANGE ${5}
229 ${dict}= Execute Process Multi Keyword ${5}
230 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
231 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
232 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
233 Dictionary Should Not Contain Value ${dict} False
234 ... msg=One or more operations has failed.
235 END
236
shrsuman12394b36572021-03-10 03:15:53 -0600[diff] [blame]237Get Root Certificate And Send CSR Request Concurrently And Verify
238 [Documentation] Get root certificate and send csr request concurrently and
239 ... verify gets root and signed certificate.
240 [Tags] Get_Root_Certificate_And_Send_CSR_Request_Concurrently_And_Verify
241
242 FOR ${i} IN RANGE ${5}
243 ${dict}= Execute Process Multi Keyword ${5}
244 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
245 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
246 Dictionary Should Not Contain Value ${dict} False
247 ... msg=One or more operations has failed.
248 END
249
250Get Concurrent Root Certificate And Send CSR Request And Verify
251 [Documentation] Get concurrent root certificate and send csr request
252 ... and verify gets root certificate and signed certificate.
253 [Tags] Get_Concurrent_Root_Certificate_And_Send_CSR_Request_And_Verify
254
255 FOR ${i} IN RANGE ${5}
256 ${dict}= Execute Process Multi Keyword ${5}
257 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
258 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
259 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
260 Dictionary Should Not Contain Value ${dict} False
261 ... msg=One or more operations has failed.
262 END
263
264Get Root Certificate And Send Multiple CSR Requests Concurrently And Verify
265 [Documentation] Get root certificate and send multiple csr requests concurrently and
266 ... verify gets root certificate and signed certificates.
267 [Tags] Get_Root_Certificate_And_Send_Multiple_CSR_Requests_Concurrently_And_Verify
268
269 FOR ${i} IN RANGE ${5}
270 ${dict}= Execute Process Multi Keyword ${5}
271 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
272 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
273 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
274 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
275 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
276 Dictionary Should Not Contain Value ${dict} False
277 ... msg=One or more operations has failed.
278 END
279
280Get Root Certificate And Send Multiple Corrupted CSR Requests Concurrently And Verify
281 [Documentation] Get root certificate and send multiple corrupted csr requests concurrently and
282 ... verify gets root certificate and error for corrupted csr requests.
283 [Tags] Get_Root_Certificate_And_Send_Multiple_Corrupted_CSR_Requests_Concurrently_And_Verify
284
285 FOR ${i} IN RANGE ${5}
286 ${dict}= Execute Process Multi Keyword ${5}
287 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
288 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
289 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
290 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
291 Dictionary Should Not Contain Value ${dict} False
292 ... msg=One or more operations has failed.
293 END
294
shrsuman123b63aa5e2021-04-12 06:20:18 -0500[diff] [blame]295Send Concurrent CSR Request And Corrupted CSR Request And Verify
296 [Documentation] Send concurrent csr request and corrupted csr request
297 ... and verify gets certificate for valid csr and error for corrupted csr.
298 [Tags] Send_Concurrent_CSR_Request_And_Corrupted_CSR_Request_And_Verify
299
300 FOR ${i} IN RANGE ${5}
301 ${dict}= Execute Process Multi Keyword ${5}
302 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
303 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
304 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
305 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
306 Dictionary Should Not Contain Value ${dict} False
307 ... msg=One or more operations has failed.
308 END
309
310Get Root Certificate Send CSR And Corrupted CSR Request Concurrently And Verify
311 [Documentation] Get root certificate send csr and corrupted csr requests concurrently and
312 ... verify gets root certificate and certificate for valid csr and error for corrupted csr.
313 [Tags] Get_Root_Certificate_Send_CSR_And_Corrupted_CSR_Request_Concurrently_And_Verify
314
315 FOR ${i} IN RANGE ${5}
316 ${dict}= Execute Process Multi Keyword ${5}
317 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
318 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
319 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
320 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
321 Dictionary Should Not Contain Value ${dict} False
322 ... msg=One or more operations has failed.
323 END
324
325Send Concurrent CSR Request From Admin And Non Admin Users And Verify
326 [Documentation] Send concurrent csr requests from admin and non-admin users and verify
327 ... admin gets certificate and non-admin gets error.
328 [Tags] Send_Concurrent_CSR_Request_From_Admin_And_Non_Admin_Users_And_Verify
329
330 FOR ${i} IN RANGE ${5}
331 ${dict}= Execute Process Multi Keyword ${5}
332 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
333 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
334 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
335 Dictionary Should Not Contain Value ${dict} False
336 ... msg=One or more operations has failed.
337 END
338
339Send Concurrent CSR Request From Non Admin Users And Verify
340 [Documentation] Send concurrent csr request from non admin users
341 ... and verify gets error.
342 [Tags] Send_Concurrent_CSR_Request_From_Non_Admin_Users_And_Verify
343
344 FOR ${i} IN RANGE ${5}
345 ${dict}= Execute Process Multi Keyword ${5}
346 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
347 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
348 ... Get Certificate Signed By VMI noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
349 Dictionary Should Not Contain Value ${dict} False
350 ... msg=One or more operations has failed.
351 END
352
shrsuman123a968ad52021-06-08 06:30:01 -0500[diff] [blame]353Get Root Certificate And Send Corrupted CSR From Admin CSR Request From Operator Concurrently
354 [Documentation] Get root certificate and send corrupted csr request from admin and
George Keishing7bc01e92021-06-15 11:07:14 -0500[diff] [blame]355 ... csr from operator concurrently and verify gets root certificate and errors for corrupted
shrsuman123a968ad52021-06-08 06:30:01 -0500[diff] [blame]356 ... and for operator.
357 [Tags] Get_Root_Certificate_And_Send_Corrupted_CSR_From_Admin_CSR_Request_From_Operator_Concurrently
358
359 FOR ${i} IN RANGE ${5}
360 ${dict}= Execute Process Multi Keyword ${5}
361 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
362 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
363 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
364 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
365 Dictionary Should Not Contain Value ${dict} False
366 ... msg=One or more operations has failed.
367 END
368
369Get Root Certificate From Operator And Send Corrupted CSR Request And CSR Request From Admin Concurrently
370 [Documentation] Get root certificate from operator and send corrupted csr request
371 ... and csr from admin and verify errors for operator and corrupted csr and signed certificate
372 ... for valid csr.
373 [Tags] Get_Root_Certificate_From_Operator_And_Send_Corrupted_CSR_Request_And_CSR_Request_From_Admin_Concurrently
374
375 FOR ${i} IN RANGE ${5}
376 ${dict}= Execute Process Multi Keyword ${5}
377 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
378 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
379 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
380 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
381 Dictionary Should Not Contain Value ${dict} False
382 ... msg=One or more operations has failed.
383 END
384
385
386Get Root Certificate From Operator And Admin Send CSR Request From Admin Concurrently
387 [Documentation] Get root certificate from operator and admin and
388 ... and send csr request from admin concurrently and verify error for operator
389 ... and admin gets root and signed certificate.
390 [Tags] Get_Root_Certificate_From_Operator_And_Admin_Send_CSR_Request_From_Admin_Concurrently
391
392 FOR ${i} IN RANGE ${5}
393 ${dict}= Execute Process Multi Keyword ${5}
394 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
395 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
396 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
397 Dictionary Should Not Contain Value ${dict} False
398 ... msg=One or more operations has failed.
399 END
400
shrsuman1235e80c022021-05-25 01:28:39 -0500[diff] [blame]401Send CSR Request From Admin And Operator And Corrupted CSR From Admin Concurrently And Verify
402 [Documentation] Send csr request from admin and operator and corrupted
403 ... csr request from admin and verify gets signed certificate for valid csr for admin
404 ... gets error for operator and error for corrupted csr.
405 [Tags] Send_CSR_Request_From_Admin_And_Operator_And_Corrupted_CSR_From_Admin_Concurrently_And_Verify
406
407 FOR ${i} IN RANGE ${5}
408 ${dict}= Execute Process Multi Keyword ${5}
409 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
410 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
411 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
412 Dictionary Should Not Contain Value ${dict} False
413 ... msg=One or more operations has failed.
414 END
415
416Send Corrupted CSR Requests From Admin And Operator And CSR Request From Admin Concurrently And Verify
417 [Documentation] Send corrupted csr request from admin and operator and csr request
418 ... from admin concurrently and verify errors for corrupted csr and gets signed certificate
419 ... for valid csr from admin.
420 [Tags] Send_Corrupted_CSR_Requests_From_Admin_And_Operator_And_CSR_Request_From_Admin_Concurrently_And_Verify
421
422 FOR ${i} IN RANGE ${5}
423 ${dict}= Execute Process Multi Keyword ${5}
424 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
425 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN}
426 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
427 Dictionary Should Not Contain Value ${dict} False
428 ... msg=One or more operations has failed.
429 END
430
431Send Corrupted CSR Requests From Admin And Operator User Concurrently And Verify
432 [Documentation] Send corrupted csr requests from admin and operator and
433 ... verify gets error.
434 [Tags] Send_Corrupted_CSR_Requests_From_Admin_And_Operator_User_Concurrently_And_Verify
435
436 FOR ${i} IN RANGE ${5}
437 ${dict}= Execute Process Multi Keyword ${5}
438 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
439 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
440 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN}
441 Dictionary Should Not Contain Value ${dict} False
442 ... msg=One or more operations has failed.
443 END
444
shrsuman123e05f7bc2021-04-23 04:42:05 -0500[diff] [blame]445Get Root Certificate From Admin And Send CSR Requests From Non Admin Concurrently And Verify
446 [Documentation] Get root certificate from admin and csr requests from
447 ... non admin users concurrently and verify gets root certificate for admin and
448 ... errors for non-admins.
449 [Tags] Get_Root_Certificate_From_Admin_And_Send_CSR_Requests_From_Non_Admin_Concurrently_And_Verify
450
451 FOR ${i} IN RANGE ${5}
452 ${dict}= Execute Process Multi Keyword ${5}
453 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
454 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
455 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
456 Dictionary Should Not Contain Value ${dict} False
457 ... msg=One or more operations has failed.
458 END
459
460Get Root Certificate And Send CSR Requests From Non Admin Users Concurrently And Verify
461 [Documentation] Get root certificate and send csr requests from non admin
462 ... users and verify gets errors.
463 [Tags] Get_Root_Certificate_And_Send_CSR_Requests_From_Non_Admin_Users_Concurrently_And_Verify
464
465 FOR ${i} IN RANGE ${5}
466 ${dict}= Execute Process Multi Keyword ${5}
467 ... Get Root Certificate operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
468 ... Get Root Certificate readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
469 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
470 ... Get Certificate Signed By VMI noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
471 Dictionary Should Not Contain Value ${dict} False
472 ... msg=One or more operations has failed.
473 END
474
475Send Corrupted CSR Request From Admin And CSR Requests From Non Admin Concurrently And Verify
476 [Documentation] Send corrupted csr request from admin and csr request from non admin
477 ... users concurrently and verify gets errors.
478 [Tags] Send_Corrupted_CSR_Request_From_Admin_And_CSR_Requests_From_Non_Admin_Concurrently_And_Verify
479
480 FOR ${i} IN RANGE ${5}
481 ${dict}= Execute Process Multi Keyword ${5}
482 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
483 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
484 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
485 Dictionary Should Not Contain Value ${dict} False
486 ... msg=One or more operations has failed.
487 END
488
489Send CSR Request And Corrupted CSR Requests From Non Admin Users Concurrently And Verify
490 [Documentation] Send csr and corrupted csr request from non admin users
491 ... and verify gets errors.
492 [Tags] Send_CSR_Request_And_Corrupted_CSR_Requests_From_Non_Admin_Users_Concurrently_And_Verify
493
494 FOR ${i} IN RANGE ${5}
495 ${dict}= Execute Process Multi Keyword ${5}
496 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN}
497 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN}
498 ... Get Certificate Signed By VMI noaccess_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
499 ... Get Certificate Signed By VMI readonly_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
500 Dictionary Should Not Contain Value ${dict} False
501 ... msg=One or more operations has failed.
502 END
503
shrsuman123421e6102021-06-23 05:25:57 -0500[diff] [blame]504Get Root Certificate And Send CSR Requests From Admin And Operator Concurrently And Verify
505 [Documentation] Get root certificate from admin and send csr requests
506 ... from admin and operator concurrently and verify gets root certificate
507 ... and signed certificate and gets error for operator.
508 [Tags] Get_Root_Certificate_And_Send_CSR_Requests_From_Admin_And_Operator_Concurrently_And_Verify
509
510 FOR ${i} IN RANGE ${5}
511 ${dict}= Execute Process Multi Keyword ${5}
512 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
513 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
514 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${True} ${HTTP_FORBIDDEN}
515 Dictionary Should Not Contain Value ${dict} False
516 ... msg=One or more operations has failed.
517 END
518
519
520Get Root Certificate And Send Corrupted CSR Requests From Admin And Operator Concurrently And Verify
521 [Documentation] Get root certificate from admin and send corrupted csr requests
522 ... from admin and operator concurrently and verify gets root certificate and errors
523 ... for corrupted csr.
524 [Tags] Get_Root_Certificate_And_Send_Corrupted_CSR_Requests_From_Admin_And_Operator_Concurrently_And_Verify
525
526 FOR ${i} IN RANGE ${5}
527 ${dict}= Execute Process Multi Keyword ${5}
528 ... Get Root Certificate ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${True} ${HTTP_OK}
529 ... Get Certificate Signed By VMI ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} ${True} ${False} ${HTTP_INTERNAL_SERVER_ERROR}
530 ... Get Certificate Signed By VMI operator_user TestPwd123 ${True} ${False} ${HTTP_FORBIDDEN}
531 Dictionary Should Not Contain Value ${dict} False
532 ... msg=One or more operations has failed.
533 END
534
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]535*** Keywords ***
536
537Generate CSR String
538 [Documentation] Generate a csr string.
539
540 # Note: Generates and returns csr string.
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]541 ${csr_gen_time} = Get Current Date Time
542 ${CSR_FILE}= Catenate SEPARATOR=_ ${csr_gen_time} csr_server.csr
543 ${CSR_KEY}= Catenate SEPARATOR=_ ${csr_gen_time} csr_server.key
544 Set Test Variable ${CSR_FILE}
545 Set Test Variable ${CSR_KEY}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]546 ${ssl_cmd}= Set Variable openssl req -new -newkey rsa:2048 -nodes -keyout ${CSR_KEY} -out ${CSR_FILE}
547 ${ssl_sub}= Set Variable
548 ... -subj "/C=XY/ST=Abcd/L=Efgh/O=ABC/OU=Systems/CN=abc.com/emailAddress=xyz@xx.ABC.com"
549
550 # Run openssl command to create a new private key and use that to generate a CSR string
551 # in server.csr file.
552 ${output}= Run ${ssl_cmd} ${ssl_sub}
Prashanth Katti7ee28252020-09-17 01:55:17 -0500[diff] [blame]553 ${csr}= OperatingSystem.Get File ${CSR_FILE}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]554
555 [Return] ${csr}
556
557
558Send CSR To VMI And Get Signed
George Keishingf9248952021-05-28 07:52:37 -0500[diff] [blame]559 [Documentation] Upload CSR to VMI and get signed.
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]560 [Arguments] ${csr} ${force_create} ${username} ${password}
561
562 # Description of argument(s):
563 # csr Certificate request from client to VMI.
564 # force_create Create a new REST session if True.
565 # username Username to create a REST session.
566 # password Password to create a REST session.
567
568 Run Keyword If "${XAUTH_TOKEN}" != "${EMPTY}" or ${force_create} == ${True}
569 ... Initialize OpenBMC rest_username=${username} rest_password=${password}
570
571 ${data}= Create Dictionary
572 ${headers}= Create Dictionary X-Auth-Token=${XAUTH_TOKEN}
573 ... Content-Type=application/json
574
575 ${cert_uri}= Set Variable ${VMI_BASE_URI}Host/Actions/SignCSR
576
577 # For SignCSR request, we need to pass CSR string generated by openssl command.
578 ${csr_data}= Create Dictionary CsrString ${csr}
579 Set To Dictionary ${data} data ${csr_data}
580
581 ${resp}= Post Request openbmc ${cert_uri} &{data} headers=${headers}
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]582 Log to console ${resp.content}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]583
584 [Return] ${resp}
585
586
587Get Root Certificate
588 [Documentation] Get root certificate from VMI.
589 [Arguments] ${username}=${OPENBMC_USERNAME} ${password}=${OPENBMC_PASSWORD}
590 ... ${force_create}=${False} ${valid_csr}=${True} ${valid_status_code}=${HTTP_OK}
591
592 # Description of argument(s):
593 # cert_type Type of the certificate requesting. eg. root or SignCSR.
594 # username Username to create a REST session.
595 # password Password to create a REST session.
596 # force_create Create a new REST session if True.
597 # valid_csr Uses valid CSR string in the REST request if True.
598 # This is not applicable for root certificate.
599 # valid_status_code Expected status code from REST request.
600
601 Run Keyword If "${XAUTH_TOKEN}" != "${EMPTY}" or ${force_create} == ${True}
602 ... Initialize OpenBMC rest_username=${username} rest_password=${password}
603
604 ${data}= Create Dictionary
605 ${headers}= Create Dictionary X-Auth-Token=${XAUTH_TOKEN}
606 ... Content-Type=application/json
607
608 ${cert_uri}= Set Variable ${VMI_BASE_URI}Host/Certificate/root
609
610 ${resp}= Get Request openbmc ${cert_uri} &{data} headers=${headers}
611
612 Should Be Equal As Strings ${resp.status_code} ${valid_status_code}
613 Return From Keyword If ${resp.status_code} != ${HTTP_OK}
614
615 ${cert}= Evaluate json.loads('''${resp.text}''', strict=False) json
616 Should Contain ${cert["Certificate"]} BEGIN CERTIFICATE
617 Should Contain ${cert["Certificate"]} END CERTIFICATE
618
619
620Get Subject
621 [Documentation] Generate a csr string.
622 [Arguments] ${file_name} ${is_csr_file}
623
624 # Description of argument(s):
625 # file_name Name of CSR or signed CERT file.
626 # is_csr_file A True value means a CSR while a False is for signed CERT file.
627
628 ${subject}= Run Keyword If ${is_csr_file} Run openssl req -in ${file_name} -text -noout | grep Subject:
629 ... ELSE Run openssl x509 -in ${file_name} -text -noout | grep Subject:
630
631 [Return] ${subject}
632
633
634Get Public Key
635 [Documentation] Generate a csr string.
636 [Arguments] ${file_name} ${is_csr_file}
637
638 # Description of argument(s):
639 # file_name Name of CSR or CERT file.
640 # is_csr_file A True value means a CSR while a False is for signed CERT file.
641
642 ${PublicKey}= Run Keyword If ${is_csr_file} Run openssl req -in ${file_name} -noout -pubkey
643 ... ELSE Run openssl x509 -in ${file_name} -noout -pubkey
644
645 [Return] ${PublicKey}
646
647
648Get Certificate Signed By VMI
649 [Documentation] Get signed certificate from VMI.
650 [Arguments] ${username}=${OPENBMC_USERNAME} ${password}=${OPENBMC_PASSWORD}
651 ... ${force_create}=${False} ${valid_csr}=${True} ${valid_status_code}=${HTTP_OK}
652
653 # Description of argument(s):
654 # cert_type Type of the certificate requesting. eg. root or SignCSR.
655 # username Username to create a REST session.
656 # password Password to create a REST session.
657 # force_create Create a new REST session if True.
658 # valid_csr Uses valid CSR string in the REST request if True.
659 # This is not applicable for root certificate.
660 # valid_status_code Expected status code from REST request.
661
662 Set Test Variable ${CSR} CSR
663 Set Test Variable ${CORRUPTED_CSR} CORRUPTED_CSR
664
665 ${CSR}= Generate CSR String
shrsuman1231b1c2a42020-11-02 23:02:30 -0600[diff] [blame]666 ${csr_left} ${csr_right}= Split String From Right ${CSR} == 1
667 ${CORRUPTED_CSR}= Catenate SEPARATOR= ${csr_left} \N ${csr_right}
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]668
669 # For SignCSR request, we need to pass CSR string generated by openssl command
670 ${csr_str}= Set Variable If ${valid_csr} == ${True} ${CSR} ${CORRUPTED_CSR}
671
672 ${resp}= Send CSR To VMI And Get Signed ${csr_str} ${force_create} ${username} ${password}
673
674 Should Be Equal As Strings ${resp.status_code} ${valid_status_code}
675 Return From Keyword If ${resp.status_code} != ${HTTP_OK}
676
677 ${cert}= Evaluate json.loads('''${resp.text}''', strict=False) json
678 Should Contain ${cert["Certificate"]} BEGIN CERTIFICATE
679 Should Contain ${cert["Certificate"]} END CERTIFICATE
680
681 # Now do subject and public key verification
682 ${subject_csr}= Get Subject ${CSR_FILE} True
683 ${pubKey_csr}= Get Public Key ${CSR_FILE} True
684
685 # create a crt file with certificate string
686 ${signed_cert}= Set Variable ${cert["Certificate"]}
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]687 ${testcert_gen_time} = Get Current Date Time
688 ${test_cert_file}= Catenate SEPARATOR=_ ${testcert_gen_time} test_certificate.cert
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]689
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]690 Create File ${test_cert_file} ${signed_cert}
691 ${subject_signed_csr}= Get Subject ${test_cert_file} False
692 ${pubKey_signed_csr}= Get Public Key ${test_cert_file} False
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]693
694 Should be equal as strings ${subject_signed_csr} ${subject_csr}
695 Should be equal as strings ${pubKey_signed_csr} ${pubKey_csr}
696
697
698Suite Setup Execution
699 [Documentation] Suite setup execution.
700
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]701 Remove Files *.csr *.key *.cert
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]702 # Create different user accounts.
703 Redfish.Login
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]704 Redfish Power On
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]705 Create Users With Different Roles users=${USERS} force=${True}
706
707
708Suite Teardown Execution
709 [Documentation] Suite teardown execution.
710
shrsuman1235fc20cb2021-02-02 04:55:47 -0600[diff] [blame]711 Remove Files *.csr *.key *.cert
manashsarmab7af8172020-07-16 05:05:44 -0500[diff] [blame]712 Delete BMC Users Via Redfish users=${USERS}
713 Delete All Sessions
714 Redfish.Logout