| Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 1 | *** Settings *** |
| 2 | Documentation Test certificate in OpenBMC. |
| 3 | |
| 4 | Resource ../../lib/resource.robot |
| 5 | Resource ../../lib/bmc_redfish_resource.robot |
| 6 | Resource ../../lib/openbmc_ffdc.robot |
| 7 | Resource ../../lib/certificate_utils.robot |
| 8 | |
| 9 | Suite Setup Suite Setup Execution |
| 10 | Test Teardown Test Teardown Execution |
| 11 | |
| 12 | |
| 13 | ** Test Cases ** |
| 14 | |
| 15 | Verify Server Certificate Replace |
| 16 | [Documentation] Verify server certificate replace. |
| 17 | [Tags] Verify_Server_Certificate_Replace |
| 18 | [Template] Replace Certificate Via Redfish |
| 19 | |
| 20 | # cert_type cert_format expected_status |
| 21 | Server Valid Certificate Valid Privatekey ok |
| 22 | Server Empty Certificate Valid Privatekey error |
| 23 | Server Valid Certificate Empty Privatekey error |
| 24 | Server Empty Certificate Empty Privatekey error |
| 25 | Server Expired Certificate error |
| 26 | |
| 27 | |
| 28 | Verify Client Certificate Replace |
| 29 | [Documentation] Verify client certificate replace. |
| 30 | [Tags] Verify_Client_Certificate_Replace |
| 31 | [Template] Replace Certificate Via Redfish |
| 32 | |
| 33 | # cert_type cert_format expected_status |
| 34 | Client Valid Certificate Valid Privatekey ok |
| 35 | Client Empty Certificate Valid Privatekey error |
| 36 | Client Valid Certificate Empty Privatekey error |
| 37 | Client Empty Certificate Empty Privatekey error |
| 38 | Client Expired Certificate error |
| 39 | |
| 40 | |
| Rahul Maheshwari | fa95b09 | 2019-05-22 05:10:59 -0500 | [diff] [blame^] | 41 | Verify Server Certificate View Via Openssl |
| 42 | [Documentation] Verify server certificate via openssl command. |
| 43 | [Tags] Verify_Server_Certificate_View_Via_Openssl |
| 44 | |
| 45 | redfish.Login |
| 46 | |
| 47 | ${cert_file_path}= Generate Certificate File Via Openssl Valid Certificate Valid Privatekey |
| 48 | ${file_data}= OperatingSystem.Get Binary File ${cert_file_path} |
| 49 | |
| 50 | ${certificate_dict}= Create Dictionary |
| 51 | ... @odata.id=/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1 |
| 52 | ${payload}= Create Dictionary CertificateString=${file_data} |
| 53 | ... CertificateType=PEM CertificateUri=${certificate_dict} |
| 54 | |
| 55 | ${resp}= redfish.Post /redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate |
| 56 | ... body=${payload} |
| 57 | |
| 58 | Wait Until Keyword Succeeds 2 mins 15 secs Verify Certificate Visible Via OpenSSL ${cert_file_path} |
| 59 | |
| 60 | |
| Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 61 | *** Keywords *** |
| 62 | |
| 63 | Replace Certificate Via Redfish |
| 64 | [Documentation] Test 'replace certificate' operation in the BMC via Redfish. |
| 65 | [Arguments] ${cert_type} ${cert_format} ${expected_status} |
| 66 | |
| 67 | # Description of argument(s): |
| 68 | # cert_type Certificate type (e.g. "Server" or "Client"). |
| 69 | # cert_format Certificate file format |
| 70 | # (e.g. Valid_Certificate_Valid_Privatekey). |
| 71 | # expected_status Expected status of certificate replace Redfish |
| 72 | # request (i.e. "ok" or "error"). |
| 73 | |
| 74 | redfish.Login |
| 75 | |
| 76 | ${time}= Set Variable If '${cert_format}' == 'Expired Certificate' -10 365 |
| 77 | ${cert_file_path}= Generate Certificate File Via Openssl ${cert_format} ${time} |
| 78 | |
| 79 | ${file_data}= OperatingSystem.Get Binary File ${cert_file_path} |
| 80 | |
| 81 | ${certificate_uri}= Set Variable If '${cert_type}' == 'Server' |
| 82 | ... /redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1 |
| 83 | ... /redfish/v1/AccountService/LDAP/Certificates/1 |
| 84 | |
| 85 | ${certificate_dict}= Create Dictionary @odata.id=${certificate_uri} |
| 86 | ${payload}= Create Dictionary CertificateString=${file_data} |
| 87 | ... CertificateType=PEM CertificateUri=${certificate_dict} |
| 88 | ${resp}= redfish.Post CertificateService/Actions/CertificateService.ReplaceCertificate |
| 89 | ... body=${payload} |
| 90 | |
| 91 | ${cert_file_content}= OperatingSystem.Get File ${cert_file_path} |
| 92 | ${bmc_cert_content}= redfish_utils.Get Attribute ${certificate_uri} CertificateString |
| 93 | |
| 94 | Run Keyword If '${expected_status}' == 'ok' |
| 95 | ... Should Contain ${cert_file_content} ${bmc_cert_content} |
| 96 | ... ELSE |
| 97 | ... Should Not Contain ${cert_file_content} ${bmc_cert_content} |
| 98 | |
| 99 | |
| Rahul Maheshwari | fa95b09 | 2019-05-22 05:10:59 -0500 | [diff] [blame^] | 100 | Verify Certificate Visible Via OpenSSL |
| 101 | [Documentation] Checks if given certificate is visible via openssl's showcert command. |
| 102 | [Arguments] ${cert_file_path} |
| 103 | |
| 104 | # Description of argument(s): |
| 105 | # cert_file_path Certificate file path. |
| 106 | |
| 107 | ${cert_file_content}= OperatingSystem.Get File ${cert_file_path} |
| 108 | ${openssl_cert_content}= Get Certificate Content From BMC Via Openssl |
| 109 | Should Contain ${cert_file_content} ${openssl_cert_content} |
| 110 | |
| 111 | |
| Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 112 | Suite Setup Execution |
| 113 | [Documentation] Do suite setup tasks. |
| 114 | |
| 115 | # Create certificate sub-directory in current working directory. |
| 116 | Create Directory certificate_dir |
| 117 | |
| 118 | |
| 119 | Test Teardown Execution |
| 120 | [Documentation] Do the post test teardown. |
| 121 | |
| 122 | FFDC On Test Case Fail |
| 123 | redfish.Logout |
| 124 | |