From f630068299fc0e0fd6032e4558f2c9a3fd9c844d Mon Sep 17 00:00:00 2001 From: Aleksandra Maciaga Date: Wed, 4 Mar 2020 17:11:30 +0100 Subject: Add validation of recieved message and refactor code Signed-off-by: Aleksandra Maciaga Issue-ID: AAF-997 Change-Id: Idea7fba7cf33ff605c9f0980f82066b19559d29b --- plans/aaf/certservice/cmpServers.json | 18 +++++------ plans/aaf/certservice/docker-compose.yml | 2 +- .../aaf/certservice/scripts/ejbca-configuration.sh | 4 ++- plans/aaf/certservice/setup.sh | 2 +- tests/aaf/certservice/assets/valid.csr | 1 - tests/aaf/certservice/assets/valid.key | 1 - tests/aaf/certservice/assets/valid_client.csr | 1 + tests/aaf/certservice/assets/valid_client.pk | 1 + tests/aaf/certservice/assets/valid_ra.csr | 1 + tests/aaf/certservice/assets/valid_ra.pk | 1 + tests/aaf/certservice/cert-service-test.robot | 28 ++++++++--------- .../resources/cert-service-keywords.robot | 36 +++++++++++++++++++--- .../resources/cert-service-properties.robot | 9 ++++-- 13 files changed, 70 insertions(+), 35 deletions(-) delete mode 100644 tests/aaf/certservice/assets/valid.csr delete mode 100644 tests/aaf/certservice/assets/valid.key create mode 100644 tests/aaf/certservice/assets/valid_client.csr create mode 100644 tests/aaf/certservice/assets/valid_client.pk create mode 100644 tests/aaf/certservice/assets/valid_ra.csr create mode 100644 tests/aaf/certservice/assets/valid_ra.pk diff --git a/plans/aaf/certservice/cmpServers.json b/plans/aaf/certservice/cmpServers.json index f461edc7..d6557c52 100644 --- a/plans/aaf/certservice/cmpServers.json +++ b/plans/aaf/certservice/cmpServers.json @@ -1,23 +1,23 @@ { "cmpv2Servers": [ { - "caName": "TEST", - "url": "http://127.0.0.1/ejbca/publicweb/cmp/cmp", + "caName": "Client", + "url": "http://aafcert-ejbca:8080/ejbca/publicweb/cmp/cmp", "issuerDN": "CN=ManagementCA", "caMode": "CLIENT", "authentication": { - "iak": "xxx", - "rv": "yyy" + "iak": "mypassword", + "rv": "mypassword" } }, { - "caName": "TEST2", - "url": "http://127.0.0.1/ejbca/publicweb/cmp/cmpRA", - "issuerDN": "CN=ManagementCA2", + "caName": "RA", + "url": "http://aafcert-ejbca:8080/ejbca/publicweb/cmp/cmpRA", + "issuerDN": "CN=ManagementCA", "caMode": "RA", "authentication": { - "iak": "xxx", - "rv": "yyy" + "iak": "mypassword", + "rv": "mypassword" } } ] diff --git a/plans/aaf/certservice/docker-compose.yml b/plans/aaf/certservice/docker-compose.yml index 83aff56b..384158ab 100644 --- a/plans/aaf/certservice/docker-compose.yml +++ b/plans/aaf/certservice/docker-compose.yml @@ -2,7 +2,7 @@ version: "2.1" services: ejbca: - image: primekey/ejbca-ce + image: primekey/ejbca-ce:6.15.2.5 hostname: cahostname container_name: aafcert-ejbca ports: diff --git a/plans/aaf/certservice/scripts/ejbca-configuration.sh b/plans/aaf/certservice/scripts/ejbca-configuration.sh index cdff77de..7ec1fa3a 100755 --- a/plans/aaf/certservice/scripts/ejbca-configuration.sh +++ b/plans/aaf/certservice/scripts/ejbca-configuration.sh @@ -8,9 +8,11 @@ configureEjbca() { ejbca.sh config cmp addalias --alias cmpRA ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value mypassword + ejbca.sh config cmp updatealias --alias cmpRA --key responseprotection --value pbe ejbca.sh config cmp dumpalias --alias cmpRA ejbca.sh config cmp addalias --alias cmp ejbca.sh config cmp updatealias --alias cmp --key allowautomatickeyupdate --value true + ejbca.sh config cmp updatealias --alias cmp --key responseprotection --value pbe ejbca.sh ra addendentity --username Node123 --dn "CN=Node123" --caname ManagementCA --password mypassword --type 1 --token USERGENERATED ejbca.sh ra setclearpwd --username Node123 --password mypassword ejbca.sh config cmp updatealias --alias cmp --key extractusernamecomponent --value CN @@ -18,5 +20,5 @@ configureEjbca() { ejbca.sh ca getcacert --caname ManagementCA -f /dev/stdout > cacert.pem } -waitForEjbcaStartUp 30 +waitForEjbcaStartUp 45 configureEjbca diff --git a/plans/aaf/certservice/setup.sh b/plans/aaf/certservice/setup.sh index 17a278d8..dde516ae 100644 --- a/plans/aaf/certservice/setup.sh +++ b/plans/aaf/certservice/setup.sh @@ -57,5 +57,5 @@ AAFCERT_IP=`get-instance-ip.sh aafcert` export AAFCERT_IP=${AAFCERT_IP} # Wait container ready -sleep 10 +sleep 15 diff --git a/tests/aaf/certservice/assets/valid.csr b/tests/aaf/certservice/assets/valid.csr deleted file mode 100644 index aa9387bf..00000000 --- a/tests/aaf/certservice/assets/valid.csr +++ /dev/null @@ -1 +0,0 @@ -LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJRExEQ0NBaFFDQVFBd2daQXhDekFKQmdOVkJBWVRBbEJNTVJZd0ZBWURWUVFJREExTWIzZGxjaTFUYVd4bGMybGhNUkF3RGdZRFZRUUhEQWRYY205amJHRjNNUTR3REFZRFZRUUtEQVZPYjJ0cFlURU5NQXNHQTFVRUN3d0VUMDVCVURFWE1CVUdBMVVFQXd3T2RHVnpkQzV1YjJ0cFlTNWpiMjB4SHpBZEJna3Foa2lHOXcwQkNRRVdFSFJsYzNSbGNrQnViMnRwWVM1amIyMHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFERzMwWUZKMDk3bS83dDJQV1pFbExBNmJ5bFc5Z1k0cDNod3NidC9paENqKzFqRG9YRFdpQk0wMXVGd1BqWmNiaXhwR3BQdXdVU3ZWREUzOUtwUDFHS3NCYVcrMHdLZG02Sit4YmN6ZTBEc0N6QUhCTnNYVXJEK3VzZC9jVUxOVm5UeXRZYzZubkF1VSswQzg0U1l6OGVkVHJ4UWVkSmF4MDBaS3YrdHluVnZvWUtyVVFsMlFrTDI4bFhhaWsxdWIzd1FGeFNQdndEM2xuMU81N2k0Wk9hOHlNcWx2NlpsTkxZYng2UFhsc1RqanBWTldPUllPKzdzeWdieEZ0bHYvbEgyN1BISHZJT3BUUmtGd0lVLzRHWXU2blQ0bDBqYkl0VEE0b2dhUFR6b3hodG5jaStLT1VVeVZ4OWk4eWd3cVBUb3d5UFkyNGpSb2xTd3RBQWpDYkJBZ01CQUFHZ1ZqQlVCZ2txaGtpRzl3MEJDUTR4UnpCRk1FTUdBMVVkRVFROE1EcUNEM1JsYzNReUxtNXZhMmxoTG1OdmJZSVBkR1Z6ZEM1dWIyc3VhWFF1WTI5dGdoWjBaWE4wTG1sdWRDNXVaWFF1Ym05cmFXRXVZMjl0TUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFBUmRlNnpiT2R2TXdKSkFETGV0TmlXT0p3TU9Ec0RJeFduUDBjbXkwTVovb21KK21JZFJSb1NZV0t2VDl5OXd3a3A1Sllzb2htMUN4c0RvS1pBZHFWWTloeENMSUJWRktEL2FveUlRUzRhM3prZFBVa0lnWW00UzJxMkI3bTFjT2YxTHpYNzVSQ3BKN3N2SDZ3RFlqV2dEOTBsVW5uamphNUF2VnJTWnRCVUhEQWZsUG5DTmhXU3hMREhTSkZhWHhERkpGbjhpT1FhdDkvUmNERHc2M0lrbWVaLzBWWDhVRjRsaWp2VWcxSGc4WUFrdXVOQnNwTmRDY2FFVFZFUHJwS3BjaFQxdDg1YnA2RnppSHczc3ZCVTM2cmhzUGNQVU5IM1NYT2tVcmZlOXp0RmJzUFB4dmJtZWx1MWEwS2FudmhDbEU0Z1dMT2tWb1k2Q0hlUktYeU0KLS0tLS1FTkQgQ0VSVElGSUNBVEUgUkVRVUVTVC0tLS0t \ No newline at end of file diff --git a/tests/aaf/certservice/assets/valid.key b/tests/aaf/certservice/assets/valid.key deleted file mode 100644 index 6783af52..00000000 --- a/tests/aaf/certservice/assets/valid.key +++ /dev/null @@ -1 +0,0 @@ -LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRREczMFlGSjA5N20vN3QyUFdaRWxMQTZieWxXOWdZNHAzaHdzYnQvaWhDaisxakRvWERXaUJNMDF1RndQalpjYml4cEdwUHV3VVN2VkRFMzlLcFAxR0tzQmFXKzB3S2RtNkoreGJjemUwRHNDekFIQk5zWFVyRCt1c2QvY1VMTlZuVHl0WWM2bm5BdVUrMEM4NFNZejhlZFRyeFFlZEpheDAwWkt2K3R5blZ2b1lLclVRbDJRa0wyOGxYYWlrMXViM3dRRnhTUHZ3RDNsbjFPNTdpNFpPYTh5TXFsdjZabE5MWWJ4NlBYbHNUampwVk5XT1JZTys3c3lnYnhGdGx2L2xIMjdQSEh2SU9wVFJrRndJVS80R1l1Nm5UNGwwamJJdFRBNG9nYVBUem94aHRuY2krS09VVXlWeDlpOHlnd3FQVG93eVBZMjRqUm9sU3d0QUFqQ2JCQWdNQkFBRUNnZ0VBTHdIcHFDQXhubk15SUFCdmxSNEtwNFRZVFhIWE01S2xaUTdJUE1zZHN4WVlNNWprTDFmbldLR0ErYTJ5Wkp1SDM1MlFiNFl5WGNxWUErRXdCMGRyTzlBQmx2Q1JlY3VpdDBTOWs3V3ROM2oyS3ZhMzlKNWNwTlJ6ck9RbUprOFhDNFBmZG5oS0RTOEFVdnVUV3k5UVpSK3FyZ280NUZiSVVYRVdZcC9pNkoyMGR3WW44Sm9HamV5WkFBdVhKQktOYzRJNDRndmNQUHJ4ZHBzMUh6dG5WU2RXbE1wL2lDZnc2YnNlRG94aCtkcXYrTXBrbUhROEV6WVZyVUNmbnhsTWNoMmtwenJpOXdTS3ZrZmMzckFieUpTWnhPQ3hYd2ZvTit3M05JQlpOQzh3WStIZC9nVzJPdFNkY2JOaHJ5UWdjMUVWVGtBdVdzTG1jNXZiTjRZQUVRS0JnUUR1WUdCUmVGZ3FUT1BhNHJJVEZhY1BSZm1qdGNmRnpqSEJLNDA5emhSL0VEWERDNGdxVmpxYWZGSkNIWFp4USt2Q1N3UXBvYVpQcTgraWFmc0pVTUdlcjhLNGdQR0xJTmVueFF2ZEF2c2M4NnA2MzZlakYxbFVLdzA4Rmhzam5zL3pyeGxhZnB3eWpGb0RIcFBoWGg2R25sNGx1NmEycGF2bm8wK3dzWGNRZFFLQmdRRFZremhzY1h1SG0wMnZTTE9KN1RZOHEzQSthbUZrb2hBOVY0YmpJYVpBZ2ZoVHZjMS9aSWM4THNRQmZBL2RKZ0R1eldOYjVqckJ5S0NQMWZDU1FZZ2VybmpSYXFRRlB6ZC82bmswSWZzNjUreUJ6bHlBVDVQNjB0Qjk2NEhsSjBYODRnc1owZlMweFlBRTNxWW83UG1QRUNDRXJPQ05FZTlLRXZabjBVanpuUUtCZ1FEYVAyMFFTbkhXVU0yeFl5c05KQjd2Y2U3TlA2cW5aVkRTZnJCemJOSUJQL01wSDg3TWpHUmRld1BKT3JadG4zVWtUNUNCR1ZwdXlXeHlWRHdlWEV6Wm9DeFV4dUhmc3ZNZnpONCt2UEx5bi9sdlJJUjBZdlZMaFpzNWJ6ZnIxZ1NwSktDKzVQclhvUDdzcWp0VTlOcFlBSGxNYk5HSG1vbVlyRUpURVRoazNRS0JnR1FCRm5kNHY4M2tnNENpK3lhSFExRXZPVlNRZldBZ25wZ0todWVObHdvM2tXNnN2aTk3Zy9ORE5wWTNZRG8rRkV1OU1sd1N0c3FNUmRwejQ3eW9JTE8xSUc5MmpxekNTQnVHVUJDQUpPSVZQT0lmSGFNYklBQmZmQzZwK3QyeEFRMkRUbzFkaVVhbi8rVEgyR2ZyWm9OOW1xeGxRcFBycE84N1o5Tis1TGpsQW9HQVhFQXI5Vmo5WmF3bE5yV0VZYjgyN1J6NVNFZkFjSmFFeTVhVzFUVWNzZVc0bWgwYmNuTzVCSHQvYTFmN3VoQmJoY2xQVFlPOTBSNGpLcUtGK2lVa2VDRHV0TmcrM09ncTdKaS9PWk5vajRSaUM1WWV4TWs5d1kxc3NVV0pqbDVoUURpd1BRQU5Zc09TSWxOT3Z2SWpydG81RnhNWVN5UndHamYrYnRSTzIyYz0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQ== \ No newline at end of file diff --git a/tests/aaf/certservice/assets/valid_client.csr b/tests/aaf/certservice/assets/valid_client.csr new file mode 100644 index 00000000..59e5c6af --- /dev/null +++ b/tests/aaf/certservice/assets/valid_client.csr @@ -0,0 +1 @@ +LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJREVqQ0NBZm9DQVFBd2daZ3hDekFKQmdOVkJBWVRBbFZUTVJNd0VRWURWUVFJREFwRFlXeHBabTl5Ym1saApNUll3RkFZRFZRUUhEQTFUWVc0dFJuSmhibU5wYzJOdk1Sa3dGd1lEVlFRS0RCQk1hVzUxZUMxR2IzVnVaR0YwCmFXOXVNUTB3Q3dZRFZRUUxEQVJQVGtGUU1SQXdEZ1lEVlFRRERBZE9iMlJsTVRJek1TQXdIZ1lKS29aSWh2Y04KQVFrQkZoRkRiMjF0YjI1T1lXMWxRR051TG1OdmJUQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQwpBUW9DZ2dFQkFOa0dmdXNKN25CQkt3dG5DdEdpa2pwSzFvcE1HUlhQWXVzbG05eG9VS0xiTk8zeG9Mb3dDOVF0ClBuV2lDVUQrNVUrK1pmQXhpaGdxN29TYWh6dWdrTitwSm5DeG1mNFZTM2g4amk3YTU0QUJ4UmVJN2plQ3Z6RHMKNDkvVU5DNzMyN3NmaGI2NWJ1cnVMQkhibHNkQUFidkExa1NaeG52VWNvNElJczRiY0JRQlVDSFRoWVVDWXJrbwppSGR2N3cyMGkvWm5ha0ltMGNncEtaMzlUUU1qeVl2Q2tkNE1aRTJ1TGE4NkdEUVNuZ2lvb0tCenArclpvWFovCkI3cEc1SGhKd3FTZVRVRktnM2d0MUJxMnhvZzYydjJTbzVjMnZyVG0zSDdjNFJMbzlsaC9jMUxJd1BRUVlTYWUKMlRORGJlUnZmUlFzczFtUTVZa1VXdE5DeWJaTXplTUNBd0VBQWFBME1ESUdDU3FHU0liM0RRRUpEakVsTUNNdwpJUVlEVlIwUkJCb3dHSUlIVG05a1pURXlNNElOZEdWemRDNXZibUZ3TG05eVp6QU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBUUVBcnBIc0ZaLzBpaDdQa0JEeW1DR0FkcnRxU0VVOVdyK1l4SHE5cjlhaFpLbXQrQ1lSMlpCN1pSUGwKT0JYQWlKQVAyeTlxeWtZUnNqUUJvMncycE9GSEJRdWV1VjgzU0tsaWtlVm9na1kxUUhzTEtyVU1heitxZWRrYQpKYkVVMnNqRU9YcVpHMmhYbS9jaGQwMFEwQU8rODlLOU4yYndTSGx2V2prSEdtYTBHeTl4ZUNNVXBTcUNCekJ1CkdoL2JVdFdzcUd1YWtSYW9VSS9OalFoRFpZTThjTVBnaWlLbGNIT3A5QzNBOFJ4VmtNZkxOaUxpczRzbGM2b0YKRU9KcjFwVkNBWURzQ3BPSWdHaE51L2VUSkpXay9ZSi9IWmw2L3RKcEZOcGtIdWc3dG9HUUlLNVp3WHpDVGIxUgo3WUoraG9ydzF0R1lIRFFFYXQ0NVlLOEdwRFJUeVE9PQotLS0tLUVORCBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0= \ No newline at end of file diff --git a/tests/aaf/certservice/assets/valid_client.pk b/tests/aaf/certservice/assets/valid_client.pk new file mode 100644 index 00000000..c84908ff --- /dev/null +++ b/tests/aaf/certservice/assets/valid_client.pk @@ -0,0 +1 @@ +LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2Z0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktnd2dnU2tBZ0VBQW9JQkFRRFpCbjdyQ2U1d1FTc0wKWndyUm9wSTZTdGFLVEJrVnoyTHJKWnZjYUZDaTJ6VHQ4YUM2TUF2VUxUNTFvZ2xBL3VWUHZtWHdNWW9ZS3U2RQptb2M3b0pEZnFTWndzWm4rRlV0NGZJNHUydWVBQWNVWGlPNDNncjh3N09QZjFEUXU5OXU3SDRXK3VXN3E3aXdSCjI1YkhRQUc3d05aRW1jWjcxSEtPQ0NMT0czQVVBVkFoMDRXRkFtSzVLSWgzYis4TnRJdjJaMnBDSnRISUtTbWQKL1UwREk4bUx3cEhlREdSTnJpMnZPaGcwRXA0SXFLQ2djNmZxMmFGMmZ3ZTZSdVI0U2NLa25rMUJTb040TGRRYQp0c2FJT3RyOWtxT1hOcjYwNXR4KzNPRVM2UFpZZjNOU3lNRDBFR0VtbnRrelEyM2tiMzBVTExOWmtPV0pGRnJUClFzbTJUTTNqQWdNQkFBRUNnZ0VBRm53cnppSTdSL29ZZ1pmdGNRYk02Nmt4VFNiUk9vZEFFbWpWR3lMYnArUGEKT2dUY3lDMk9MQzk3MXlnd21VRlBkTkdmTWlHUDB5MHZoU0dWZlVJSGdJUy83TkVaeVU5ZmdGNDNSUGQ5SUxBTwpRWC80WGx2M2Z4UXNEOWFtaVc4NG5zeUhTTmxoZW9tdW16TUxEaDI5a0R4TWR0TVAwMmlSYmRHOStXaXlWZ0FUCitpRlViRDRmRUtlQWl4eDRNUmswMmVzU001dERSVmRicHlHQzR4bzNSMGtPdU5MY21jWUlReE1HVFN5ZS85cEUKV21OcmkyNitZTUJNU1k1aUxrb055WlQ4U0tnaFV1R2JwRXpZUUM5dnpyQXpzS2RoNi8xVDJlSVA5eW9WU2dFZAprSjBoN0ZOY1pRa2pxY3YzR2oxMXRzTEw4aVJyWFBMclFncU02OW1uc1FLQmdRRHZlZVdBTkJpcFJGTzk3L0tNCk9WK2RIbTg1TXdLbXQ2bFZrakx5cDlDYUI1YTZUbzVVZnVmN215aWlDQ0tjcEtEcGdLZVhVTnlLM0hvMTJyTDYKZ09GVzVBOUpjT0hEWjUyeXRnNUZLNE91Zm9vTXUvbk5FTFcwS0lJUHo3Ni9FcGZ0M2orWmlORVVvV3BRNFN1WQphYmFwT0lVdWRaaXZwa1BicW5uUGpXa0szUUtCZ1FEb0FBZHBVYmpRREhNRlpiN2RKeExoVGNGSzBuWGZ5WmhNCkpkWXczR0J4U2N1TXNCVkZQdlAzRWVpS1RCbkY5Q2dodU9DNmRQUXltSStHbitraHFsWExBSit2T1NHUms3dUwKUStvQzhjMlJ3cXZtK3NyVm5VaDJ0bi9ZMVA4Uk1MTklLVUZaSVpxREJmQnFXWDh1SmQ3Q0Rkclg0RUxPQUhBZgpEcUJ5eXVuUHZ3S0JnUURKaG13U3drU0tsVHhmbDRBbWJ0VytrL0VIVXAwRmpZTkx4cGRuU3IrcUQzN1JVL0JFCnZQTWQ4a2wwYWFJdTdmK1g0TE9vQzkwOFlpUGFGQ3dQME10UTR1VFdhYzhqTUp3dDJ6VVJFbmhqTEl1aUFjSksKeHFnU2J4QmNtL2VxTmN4eTJWZnVMWXU5YjhUWFFWWDlrZUNzY1NycW1QMmZ1eXhadkJGOEQwVjVaUUtCZ1FDYwo1eUFjRDRRQldOb1ZoV2xmSWtUM2tXR3ZtOFRTbEFIblJoT2xPZllUeUVmY24xM1RWaThqSXI1MWdlQlFhNzhVCmgzZWRRdW5BcWtNdlZra1NWcVB0UmorNC90ZUFJRHpQaEIvbzIrWWV0VjBUT3Z3aEdsMWV4RENVMGdDcmZKZFQKcjJzZHY4ZEM0NnBrRXFFYjhjckV6Ui83cmhVZ1ExV1ErNUJ4OGwvTSt3S0JnQkJGMFJDVzZUaUJpQUkxY0NvTgo0NW1DbThuNnNrVS8vZ1kvb0ZueitUbExiZWN0U0lJcEgrbm1MWHFWamV4L1NPOGVNOE1Iekp5ZWRlWUxHck1LCnQwQ2t5a0h5cTQrOW5oSlB0aWQ2bzQra2o2MTRQQUVtYktKZytxYW90ckZmdWpDM3hEb00wQkdXYlcwRmR2WkwKR09tWXEwbnZ1TzY1UjJtWUlpREtiNm9GCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0= \ No newline at end of file diff --git a/tests/aaf/certservice/assets/valid_ra.csr b/tests/aaf/certservice/assets/valid_ra.csr new file mode 100644 index 00000000..5decd8ee --- /dev/null +++ b/tests/aaf/certservice/assets/valid_ra.csr @@ -0,0 +1 @@ +LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJRERqQ0NBZllDQVFBd2daWXhDekFKQmdOVkJBWVRBbFZUTVJNd0VRWURWUVFJREFwRFlXeHBabTl5Ym1saApNUll3RkFZRFZRUUhEQTFUWVc0dFJuSmhibU5wYzJOdk1Sa3dGd1lEVlFRS0RCQk1hVzUxZUMxR2IzVnVaR0YwCmFXOXVNUTB3Q3dZRFZRUUxEQVJQVGtGUU1RNHdEQVlEVlFRRERBVkRiREV5TXpFZ01CNEdDU3FHU0liM0RRRUoKQVJZUlEyOXRiVzl1VG1GdFpVQmpiaTVqYjIwd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFSwpBb0lCQVFDL2VCWEprWi80UFdQV2F4Qy9veW9ybmNjdzNiVlM2QmRJbzJUaGh0SzU4OG9wczg4RG8zZkN3Tkk0Cm1aV0xhYUEzbi9lVzJ6SG1TVENzeE4yd1BCREJhWWNwNmxCN1B5bmJDd1ZmcU55ZWhNNWFXQjY4TXFWKzVEcTQKc1BhT0haandNYnlSMTA3dHh3dGtub3lZeHh3SzVCY21vUkNkTjhxYndpY2Q0ajd4bDVDeVBiV1hyYUc0bFY3SgpRU1hlYmRJVUkvaVVNY3dKVThFdEgxZnNUS01CVTNMTE5pSlJsMzBJSGZQSEhZVndWVGhOUC82cFo5WktOeHR5Cm5oK2ZJaUZpNm9mU2h1dXRFZ25xRXdxS2UyenRUV20xYTNGNVlIUk5Pb1FMODA0OXhhQWNhanVTaEZnejZOZzYKOWRha1hhdkd5ejlrOUJHMDh3TU9BejFNQlBoL0FnTUJBQUdnTWpBd0Jna3Foa2lHOXcwQkNRNHhJekFoTUI4RwpBMVVkRVFRWU1CYUNCVU5zTVRJemdnMTBaWE4wTG05dVlYQXViM0puTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCCkFRQ1kwaUxKQWpWS3FSc0dBdTJOVzBHaGdPbTAvdkF0RmNNTWJOTTRBUGFNS2hiWTd6SGdob2U5VHMxTlBaUXkKSnZFRHJzOFhsSWIxeFN4NXJ1dktlY0JzamVLbEIzaU13V0dDeGViQ0lCMEsvbTV0YWI4cGtYQU0wVmJ3QTVIOAprWGRJS0xwK2grTVRLRnBNczY0OHk3eFRtcGFmb05CWld2d1ArODRsR295RDROZWJiRTN1anY1R21Id1JuK0xQCkRRNmJjSWxoWGNSN0JEMnZYNFdqdmY1YmVwL00yeVd4SkJPaTRzYjQ1NWdtTVpvYUJGSjF2OWpybUd6aDk2THEKck9NTEhCK1VOS0o1Tm1aQXZZVkNaNFVvVFpXZ3VQZVlMaXR6U2F0L0l3RGdJb3NSYXQrUGdJSkJWbXgzY212LwpJU0tncmRxckpKVFlmWGZrRnE5RG5vWHAKLS0tLS1FTkQgQ0VSVElGSUNBVEUgUkVRVUVTVC0tLS0t \ No newline at end of file diff --git a/tests/aaf/certservice/assets/valid_ra.pk b/tests/aaf/certservice/assets/valid_ra.pk new file mode 100644 index 00000000..b1ad633a --- /dev/null +++ b/tests/aaf/certservice/assets/valid_ra.pk @@ -0,0 +1 @@ +LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2Z0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktnd2dnU2tBZ0VBQW9JQkFRQy9lQlhKa1ovNFBXUFcKYXhDL295b3JuY2N3M2JWUzZCZElvMlRoaHRLNTg4b3BzODhEbzNmQ3dOSTRtWldMYWFBM24vZVcyekhtU1RDcwp4TjJ3UEJEQmFZY3A2bEI3UHluYkN3VmZxTnllaE01YVdCNjhNcVYrNURxNHNQYU9IWmp3TWJ5UjEwN3R4d3RrCm5veVl4eHdLNUJjbW9SQ2ROOHFid2ljZDRqN3hsNUN5UGJXWHJhRzRsVjdKUVNYZWJkSVVJL2lVTWN3SlU4RXQKSDFmc1RLTUJVM0xMTmlKUmwzMElIZlBISFlWd1ZUaE5QLzZwWjlaS054dHluaCtmSWlGaTZvZlNodXV0RWducQpFd3FLZTJ6dFRXbTFhM0Y1WUhSTk9vUUw4MDQ5eGFBY2FqdVNoRmd6Nk5nNjlkYWtYYXZHeXo5azlCRzA4d01PCkF6MU1CUGgvQWdNQkFBRUNnZ0VCQUxOUFE2QXN0OUpqczU3M1Q0MFl3Z0pzMVVGbk1FdC9QV2J5VmlSNi9kZlYKZnN0Rk1DYXBMUnYvTmlCNWZMbzk1aVNScyszY1EwUDE0UmE3bXgxVGN5R2VzVTFJdWF4aVA5RjU1Y05yUVlsVwp1R1dWUnR0YTF2QVp6d0J1QWNpZjRUMTRacTl5SXVHOVdXY1dzSGJYYU9TdUxSd3BGSVVYM2ErMnlLbE0yME9sCjI2T0o2MDk2RjBtZWIvR1RMUTdLVms4MnBiOW5xSHE4OUtTY1VVZjA0b3FtV2kxdkRHMDVUUkNncHdGc1dtUHYKYVQyamNkN2x1TTdSWFFZN3Y3Ylp0Qjk1MzdMVDBHZHMyWnRSazBDK0JZVWxlYVR4VXNCcTJvM3FvRWN2T3NINQp3SUVEMElZc3h0anFuaSttaGRwVzdrSHViWFpoeVRKczYxQnBoTHkxZHFrQ2dZRUE5Vzc4bm0vZ0wxNmdCK3BJClJucTRvMVowR21xYlJpQXlCWm1QN25WK0RJRzBvZkdSSlR4bFBHT3JDd3QySUFjSVpxT3d0ZDVXdjd1KzdpdHAKVjdXNG1WQlh1NDZabTIzZ2RSMkpwNUpRWnRCaElxa3B3ZVBTN1doYjZ2YjFGT0tiWXFLZXoyYWdNSzFnZHZxawpLcmVYMmd4bXhjTmN4cDFoM1hHYWlhNDdTU3NDZ1lFQXg3WldFREpMbC9lbnp5UE1jOEF4QWszZFhLaVhhNXhBCnRzSzM5YUMrQ1BOaGV4YnBtNHlmc0JzL0hrdzJzdEk1Y3FEVnlrZGU2L05yM21Femg2RDJoK05tQmxwZ3RyaU8KK3R4RDJqRzRMME9mVEFXeEFsTzBwY2syNm1UUkt4VHlhWlBhcklidW42dXFlVThVNmQyeDkzS2ZQV1N0LzQ2ZQpFTnF6V2M3U2UvMENnWUIwd0w5YmYwemVPOTFVNXBaTE1NWDByWU85clVrQUt3Q2d1VlJHMDQySzFZamdJTkl6CkxHL2NNbTJEYTRoZDQvcVRHUHRQQ04ycmg5eGo0RExVanBXcUdSWWpHc3JuclhWQlFUUGlpeS9FT1F4OE9JeXMKdDN2M2c5VjJDTlM5Z3E3NFZQUEhKY0srWlR1bVhjVUtyUnVIbHE2dEZTcGxNU2tFOXEzVklSVUMwUUtCZ1FDNQpHQ0VEdWRtZDZ3WTRVUEY0aGpQbDhzeXF5QVl1MGc2WVZEZXpDMXVWYUJ4OHZHdWVvdUtOa1hNYVhZQ0VrNXB5Cnh1WGVKKyt0dDFuT0xVQlkvN0g5bDZCRFd4Z3Z3VFdqQXVwUUc2eWRBWXR1SmdnOEkrQlZsdnV5bWVYU2pBTncKSG55WlVpVnZEdWRjcnhLdS9hMm5yVEF3OGxMaGZBaTdqamFUa2NBNjhRS0JnRmRMREQycVc4RStHb3FhU1hFYgphT0w0ZHhNY1MyQnc0Ni92T1ZDREw4WGExbis4WVA0MHdDbXg2eEc4ZDdFUjdUTjFSUWovNElKRjByajl4bFhiCnFJejVkSGNBM3JKTVpKTHc4MmJURDR0S1VZNVZtOFVGQnE4NHhzaG4yblJqdTZkaTMrTkk1ajFMMVExcjBiU28KVnZCZE1zS0F1RXdiRS85aDlsbjFCRkNsCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0= \ No newline at end of file diff --git a/tests/aaf/certservice/cert-service-test.robot b/tests/aaf/certservice/cert-service-test.robot index 0bcdcf2a..ad358263 100644 --- a/tests/aaf/certservice/cert-service-test.robot +++ b/tests/aaf/certservice/cert-service-test.robot @@ -11,34 +11,34 @@ Suite Setup Create sessions Health Check [Tags] AAF-CERT-SERVICE [Documentation] Service is up and running - Run Healthcheck + Run health check Reload Configuration [Tags] AAF-CERT-SERVICE [Documentation] Configuration was changed - Send Post Request And Validate Response /actuator/refresh 200 + Send Get Request And Validate Response /reload 200 -Generate Certicicate For CA Name +Generate Certificate In RA Mode For CA Name [Tags] AAF-CERT-SERVICE - [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}/${CA_NAME} endpoint and expect 200 - Send Get Request with Header And Validate Response ${CERT_SERVICE_ENDPOINT}/${CA_NAME} ${VALID_CSR_FILE} ${VALID_PK_FILE} 200 + [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}/${RA_CA_NAME} endpoint and expect 200 + Send Get Request with Header And Expect Success ${CERT_SERVICE_ENDPOINT}/${RA_CA_NAME} ${VALID_RA_CSR_FILE} ${VALID_RA_PK_FILE} -Report Not Found Error When Path Is Not Valid +Report Not Found Error When Path To Service Is Not Valid [Tags] AAF-CERT-SERVICE [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}/ endpoint and expect 404 - Send Get Request with Header And Validate Response ${CERT_SERVICE_ENDPOINT}/ ${VALID_CSR_FILE} ${VALID_PK_FILE} 404 + Send Get Request with Header And Expect Error ${CERT_SERVICE_ENDPOINT}/ ${VALID_CLIENT_CSR_FILE} ${VALID_CLIENT_PK_FILE} 404 -Report Bad Request Error When Header Is Missing +Report Bad Request Error When Header Is Missing In Request [Tags] AAF-CERT-SERVICE - [Documentation] Send request without header to ${CERT_SERVICE_ENDPOINT}/${CA_NAME} endpoint and expect 400 - Send Get Request And Validate Response ${CERT_SERVICE_ENDPOINT}/${CA_NAME} 400 + [Documentation] Send request without header to ${CERT_SERVICE_ENDPOINT}/${CLIENT_CA_NAME} endpoint and expect 400 + Send Get Request And Validate Response ${CERT_SERVICE_ENDPOINT}/${CLIENT_CA_NAME} 400 Report Bad Request Error When CSR Is Not Valid [Tags] AAF-CERT-SERVICE - [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}/${CA_NAME} endpoint and expect 400 - Send Get Request with Header And Validate Response ${CERT_SERVICE_ENDPOINT}/${CA_NAME} ${INVALID_CSR_FILE} ${VALID_PK_FILE} 400 + [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}/${CLIENT_CA_NAME} endpoint and expect 400 + Send Get Request with Header And Expect Error ${CERT_SERVICE_ENDPOINT}/${CLIENT_CA_NAME} ${INVALID_CSR_FILE} ${VALID_CLIENT_PK_FILE} 400 Report Bad Request Error When PK Is Not Valid [Tags] AAF-CERT-SERVICE - [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}/${CA_NAME} endpoint and expect 400 - Send Get Request with Header And Validate Response ${CERT_SERVICE_ENDPOINT}/${CA_NAME} ${VALID_CSR_FILE} ${INVALID_PK_FILE} 400 + [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}/${CLIENT_CA_NAME} endpoint and expect 400 + Send Get Request with Header And Expect Error ${CERT_SERVICE_ENDPOINT}/${CLIENT_CA_NAME} ${VALID_CLIENT_CSR_FILE} ${INVALID_PK_FILE} 400 diff --git a/tests/aaf/certservice/resources/cert-service-keywords.robot b/tests/aaf/certservice/resources/cert-service-keywords.robot index b40da524..5f25f0b0 100644 --- a/tests/aaf/certservice/resources/cert-service-keywords.robot +++ b/tests/aaf/certservice/resources/cert-service-keywords.robot @@ -32,11 +32,40 @@ Send Get Request And Validate Response ${resp}= Get Request ${http_session} ${path} Should Be Equal As Strings ${resp.status_code} ${resp_code} -Send Get Request with Header And Validate Response - [Documentation] Send request to passed url and validate received response - [Arguments] ${path} ${csr_file} ${pk_file} ${resp_code} +Send Get Request with Header + [Documentation] Send request to passed url + [Arguments] ${path} ${csr_file} ${pk_file} + [Return] ${resp} ${headers}= Create Header with CSR and PK ${csr_file} ${pk_file} ${resp}= Get Request ${http_session} ${path} headers=${headers} + +Send Get Request with Header And Expect Success + [Documentation] Send request to passed url and validate received response + [Arguments] ${path} ${csr_file} ${pk_file} + ${resp}= Send Get Request with Header ${path} ${csr_file} ${pk_file} + Should Be Equal As Strings ${resp.status_code} 200 + Check Message Recieved On Success ${resp.content} + +Check Message Recieved On Success + [Documentation] Check if correct messsage has been sent on successful request + [Arguments] ${content} + ${resp_content}= Parse Json ${content} + Dictionary Should Contain Key ${resp_content} certificateChain + @{list}= Get From Dictionary ${resp_content} certificateChain + List Should Contain Certificates @{list} + Dictionary Should Contain Key ${resp_content} trustedCertificates + +List Should Contain Certificates + [Documentation] Verify if list contains certificates + [Arguments] @{list} + :FOR ${content} IN @{list} + \ Should Contain ${content} BEGIN CERTIFICATE + \ Should Contain ${content} END CERTIFICATE + +Send Get Request with Header And Expect Error + [Documentation] Send request to passed url and validate received response + [Arguments] ${path} ${csr_file} ${pk_file} ${resp_code} + ${resp}= Send Get Request with Header ${path} ${csr_file} ${pk_file} Should Be Equal As Strings ${resp.status_code} ${resp_code} Create Header with CSR and PK @@ -52,4 +81,3 @@ Send Post Request And Validate Response [Arguments] ${path} ${resp_code} ${resp}= Post Request ${http_session} ${path} Should Be Equal As Strings ${resp.status_code} ${resp_code} - \ No newline at end of file diff --git a/tests/aaf/certservice/resources/cert-service-properties.robot b/tests/aaf/certservice/resources/cert-service-properties.robot index 2a382ede..5cf97819 100644 --- a/tests/aaf/certservice/resources/cert-service-properties.robot +++ b/tests/aaf/certservice/resources/cert-service-properties.robot @@ -1,9 +1,12 @@ *** Variables *** ${AAFCERT_URL} http://%{AAFCERT_IP}:8080 -${CA_NAME} TEST +${CLIENT_CA_NAME} Client +${RA_CA_NAME} RA ${CERT_SERVICE_ENDPOINT} /v1/certificate -${VALID_CSR_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid.csr -${VALID_PK_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid.key +${VALID_CLIENT_CSR_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client.csr +${VALID_CLIENT_PK_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client.pk +${VALID_RA_CSR_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_ra.csr +${VALID_RA_PK_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_ra.pk ${INVALID_CSR_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid.csr ${INVALID_PK_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid.key -- cgit 1.2.3-korg