1*** Settings ***
2Documentation    Test certificate in OpenBMC.
3
4Resource         ../../lib/resource.robot
5Resource         ../../lib/bmc_redfish_resource.robot
6Resource         ../../lib/openbmc_ffdc.robot
7Resource         ../../lib/certificate_utils.robot
8
9Suite Setup      Suite Setup Execution
10Test Teardown    Test Teardown Execution
11
12
13** Test Cases **
14
15Verify Server Certificate Replace
16    [Documentation]  Verify server certificate replace.
17    [Tags]  Verify_Server_Certificate_Replace
18    [Template]  Replace Certificate Via Redfish
19
20    # cert_type           cert_format                         expected_status
21    Server                Valid Certificate Valid Privatekey  ok
22    Server                Empty Certificate Valid Privatekey  error
23    Server                Valid Certificate Empty Privatekey  error
24    Server                Empty Certificate Empty Privatekey  error
25    Server                Expired Certificate                 error
26
27
28Verify Client Certificate Replace
29    [Documentation]  Verify client certificate replace.
30    [Tags]  Verify_Client_Certificate_Replace
31    [Template]  Replace Certificate Via Redfish
32
33    # cert_type           cert_format                         expected_status
34    Client                Valid Certificate Valid Privatekey  ok
35    Client                Empty Certificate Valid Privatekey  error
36    Client                Valid Certificate Empty Privatekey  error
37    Client                Empty Certificate Empty Privatekey  error
38    Client                Expired Certificate                 error
39
40
41*** Keywords ***
42
43Replace Certificate Via Redfish
44    [Documentation]  Test 'replace certificate' operation in the BMC via Redfish.
45    [Arguments]  ${cert_type}  ${cert_format}  ${expected_status}
46
47    # Description of argument(s):
48    # cert_type           Certificate type (e.g. "Server" or "Client").
49    # cert_format         Certificate file format
50    #                     (e.g. Valid_Certificate_Valid_Privatekey).
51    # expected_status     Expected status of certificate replace Redfish
52    #                     request (i.e. "ok" or "error").
53
54    redfish.Login
55
56    ${time}=  Set Variable If  '${cert_format}' == 'Expired Certificate'  -10  365
57    ${cert_file_path}=  Generate Certificate File Via Openssl  ${cert_format}  ${time}
58
59    ${file_data}=  OperatingSystem.Get Binary File  ${cert_file_path}
60
61    ${certificate_uri}=  Set Variable If  '${cert_type}' == 'Server'
62    ...  /redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1
63    ...  /redfish/v1/AccountService/LDAP/Certificates/1
64
65    ${certificate_dict}=  Create Dictionary  @odata.id=${certificate_uri}
66    ${payload}=  Create Dictionary  CertificateString=${file_data}
67    ...  CertificateType=PEM  CertificateUri=${certificate_dict}
68    ${resp}=  redfish.Post  CertificateService/Actions/CertificateService.ReplaceCertificate
69    ...  body=${payload}
70
71    ${cert_file_content}=  OperatingSystem.Get File  ${cert_file_path}
72    ${bmc_cert_content}=  redfish_utils.Get Attribute  ${certificate_uri}  CertificateString
73
74    Run Keyword If  '${expected_status}' == 'ok'
75    ...    Should Contain  ${cert_file_content}  ${bmc_cert_content}
76    ...  ELSE
77    ...    Should Not Contain  ${cert_file_content}  ${bmc_cert_content}
78
79
80Suite Setup Execution
81    [Documentation]  Do suite setup tasks.
82
83    # Create certificate sub-directory in current working directory.
84    Create Directory  certificate_dir
85
86
87Test Teardown Execution
88    [Documentation]  Do the post test teardown.
89
90    FFDC On Test Case Fail
91    redfish.Logout
92
93