更换目录

2020-05-24 16:24:28 +08:00
parent d4a099e521
commit 70719998e4
1 changed files with 200 additions and 0 deletions
--- a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_keyring_Tests.robot
+++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_keyring_Tests.robot
@@ -0,0 +1,200 @@
 *** Settings ***
 Test Teardown     DeletePolicyAndObject    ${policyIds}    ${objectids}
 Force Tags        tsg_adc    Security_Policy
 Library           OperatingSystem
 Resource          ../../../02-Keyword/tsg_adc/SystemCommand.robot
 Resource          ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
 Resource          ../../../02-Keyword/tsg_bfapi/LogVariable.robot
 Resource          ../../../02-Keyword/tsg_bfapi/ApiRequest.robot
 Library           Custometest
 *** Variables ***
 ${policyIds}      ${EMPTY}
 ${objectids}      ${EMPTY}
 ${url}            /policy/profile/keyringobj
 ${keyringId}      ${EMPTY}
 *** Test Cases ***
 SecurityPolicy-Intercept-SSL-00001
    [Tags]    ip    root    selfserver
    Comment    创建证书
    ${response}    CreatePolicyMutipartFile    ${url}    keyrings/root/    mesalab-ca-cert.pem    mesalab-ca-key.pem
    ${keyringId}    Get From Dictionary    ${response}    keyringId
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Intercept-SSL-00001    policyType=tsg_security    policyDesc=autotest    userTags=    action=intercept    effectiveRange=    userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}}    referenceObject=    isValid=${1}    appObjectIdArray=3
    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
    #删除策略
    ${policyIds}    Create List    {"policyType":"tsg_security","policyIds":[${policyId}]}
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
    ...    ELSE    set variable    curl \ -kv \ https://open.node.com/test/rutube/rutube.html
    @{stringlist}    run keyword if    '${systemType}'=='Windows'    set variable    видео    mesalab-ca
    ...    ELSE    set variable    рутуб    mesalab-ca
    ${starttime}    Get Time
    Sleep    ${policyVerificationSleepSeconds}s
    ${rescode}    SystemCommand    ${commandstr}    @{stringlist}
    Sleep    ${policyLogVerificationSleepSeconds}s
    ${endtime}    Get Time
    #日志验证
    ${s}    Convert to String    ${policyId}
    GetLogList    security_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com
 SecurityPolicy-Intercept-SSL-00002
    [Tags]    root    selfserver    ip+cat
    Comment    创建证书
    ${response}    CreatePolicyMutipartFile    ${url}    keyrings/root/    tango-ca-root-01-cer.pem    tango-ca-root-01-key.pem
    ${keyringId}    Get From Dictionary    ${response}    keyringId
    Comment    创建cat
    ${objectDict}    Create Dictionary    objectType=fqdn_category    isValid=${1}    addItemList=$open.node.com
    ${rescode}    ${object_fqdn_Id}    AddObject2    ${1}    ${objectDict}
    ${objectids}    set Variable    ${object_fqdn_Id}
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Intercept-SSL-00002    policyType=tsg_security    policyDesc=autotest    userTags=    action=intercept    effectiveRange=    userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}}    referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI    isValid=${1}    appObjectIdArray=3
    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
    #删除策略
    ${policyIds}    Create List    {"policyType":"tsg_security","policyIds":[${policyId}]}
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
    ...    ELSE    set variable    curl \ -kv \ https://open.node.com/test/twitter/twitter.html
    @{stringlist}    run keyword if    '${systemType}'=='Windows'    set variable    Twitter    tango-ca-root
    ...    ELSE    set variable    Twitter    tango-ca-root
    ${starttime}    Get Time
    Sleep    ${policyVerificationSleepSeconds}s
    ${rescode}    SystemCommand    ${commandstr}    @{stringlist}
    Sleep    ${policyLogVerificationSleepSeconds}s
    ${endtime}    Get Time
    #日志验证
    ${s}    Convert to String    ${policyId}
    GetLogList    security_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com
 SecurityPolicy-Intercept-SSL-00003
    [Tags]    root    ip+fqdn    selfserver
    Comment    创建证书
    ${response}    CreatePolicyMutipartFile    ${url}    keyrings/root/    tango-ca-trust-ca-cer.pem    tango-ca-trust-ca-key.pem
    ${keyringId}    Get From Dictionary    ${response}    keyringId
    Comment    创建cat
    ${objectDict}    Create Dictionary    objectType=fqdn    isValid=${1}    addItemList=*node.com
    ${rescode}    ${object_fqdn_Id}    AddObject2    ${1}    ${objectDict}
    ${objectids}    set Variable    ${object_fqdn_Id}
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Intercept-SSL-00003    policyType=tsg_security    policyDesc=autotest    userTags=    action=intercept    effectiveRange=    userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}}    referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI    isValid=${1}    appObjectIdArray=3
    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
    #删除策略
    ${policyIds}    Create List    {"policyType":"tsg_security","policyIds":[${policyId}]}
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
    ...    ELSE    set variable    curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
    @{stringlist}    run keyword if    '${systemType}'=='Windows'    set variable    字节跳动    Tango National Proxy CA
    ...    ELSE    set variable    字节跳动    Tango National Proxy CA
    ${starttime}    Get Time
    Sleep    ${policyVerificationSleepSeconds}s
    ${rescode}    SystemCommand    ${commandstr}    @{stringlist}
    Sleep    ${policyLogVerificationSleepSeconds}s
    ${endtime}    Get Time
    #日志验证
    ${s}    Convert to String    ${policyId}
    GetLogList    security_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com
 SecurityPolicy-Intercept-SSL-00004
    [Tags]    Selfserver    ip    intermediate
    Comment    创建证书
    ${response}    CreatePolicyMutipartFile    ${url}    keyrings/intermediate/    tang-ca-v3-intermediate-01-cer.pem    tang-ca-v3-intermediate-01-key.pem    {"isValid":1,"opAction":"add","returnData":1,"keyringName":"test1","keyringType":"intermediate","reissueExpiryHour":0,"crl":"null","publicKeyAlgo":"rsa1024","keyringId":null,"includeRoot":0}
    ${keyringId}    Get From Dictionary    ${response}    keyringId
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Intercept-SSL-00004    policyType=tsg_security    policyDesc=autotest    userTags=    action=intercept    effectiveRange=    userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}}    referenceObject=    isValid=${1}    appObjectIdArray=3
    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
    #删除策略
    ${policyIds}    Create List    {"policyType":"tsg_security","policyIds":[${policyId}]}
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
    ...    ELSE    set variable    curl \ -kv \ https://open.node.com/test/rutube/rutube.html
    @{stringlist}    run keyword if    '${systemType}'=='Windows'    set variable    видео    tang-ca-v3-intermediate-01
    ...    ELSE    set variable    рутуб    tang-ca-v3-intermediate-01
    ${starttime}    Get Time
    Sleep    ${policyVerificationSleepSeconds}s
    ${rescode}    SystemCommand    ${commandstr}    @{stringlist}
    Sleep    ${policyLogVerificationSleepSeconds}s
    ${endtime}    Get Time
    #日志验证
    ${s}    Convert to String    ${policyId}
    GetLogList    security_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com
 SecurityPolicy-Intercept-SSL-00005
    [Tags]    selfserver    ip+cat    intermediate
    Comment    创建证书
    ${response}    CreatePolicyMutipartFile    ${url}    keyrings/intermediate/    tang-ca-v3-intermediate-02-cer.pem    tang-ca-v3-intermediate-02-key.pem    {"isValid":1,"opAction":"add","returnData":1,"keyringName":"test2","keyringType":"intermediate","reissueExpiryHour":0,"crl":"null","publicKeyAlgo":"rsa1024","keyringId":null,"includeRoot":0}
    ${keyringId}    Get From Dictionary    ${response}    keyringId
    Comment    创建cat
    ${objectDict}    Create Dictionary    objectType=fqdn_category    isValid=${1}    addItemList=$open.node.com
    ${rescode}    ${object_fqdn_Id}    AddObject2    ${1}    ${objectDict}
    ${objectids}    set Variable    ${object_fqdn_Id}
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Intercept-SSL-00005    policyType=tsg_security    policyDesc=autotest    userTags=    action=intercept    effectiveRange=    userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}}    referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI    isValid=${1}    appObjectIdArray=3
    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
    #删除策略
    ${policyIds}    Create List    {"policyType":"tsg_security","policyIds":[${policyId}]}
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
    ...    ELSE    set variable    curl \ -kv \ https://open.node.com/test/twitter/twitter.html
    @{stringlist}    run keyword if    '${systemType}'=='Windows'    set variable    tang-ca-v3-intermediate-02    Twitter
    ...    ELSE    set variable    Twitter    tang-ca-v3-intermediate-02
    ${starttime}    Get Time
    Sleep    ${policyVerificationSleepSeconds}s
    ${rescode}    SystemCommand    ${commandstr}    @{stringlist}
    Sleep    ${policyLogVerificationSleepSeconds}s
    ${endtime}    Get Time
    #日志验证
    ${s}    Convert to String    ${policyId}
    GetLogList    security_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com
 SecurityPolicy-Intercept-SSL-00006
    [Tags]    ip+fqdn    selfserver    end-entity
    Comment    创建证书
    ${response}    CreatePolicyMutipartFile    ${url}    keyrings/end-entity/    tang-ca-v3-www.amazon.cn-cer.pem    tang-ca-v3-www.amazon.cn-key.pem    {"isValid":1,"opAction":"add","returnData":1,"keyringName":"test3","keyringType":"end-entity","reissueExpiryHour":0,"crl":"null","publicKeyAlgo":"rsa1024","keyringId":null,"includeRoot":0}
    ${keyringId}    Get From Dictionary    ${response}    keyringId
    Comment    创建cat
    ${objectDict}    Create Dictionary    objectType=fqdn    isValid=${1}    addItemList=*node.com
    ${rescode}    ${object_fqdn_Id}    AddObject2    ${1}    ${objectDict}
    ${objectids}    set Variable    ${object_fqdn_Id}
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Intercept-SSL-00006    policyType=tsg_security    policyDesc=autotest    userTags=    action=intercept    effectiveRange=    userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}}    referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI    isValid=${1}    appObjectIdArray=3
    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
    #删除策略
    ${policyIds}    Create List    {"policyType":"tsg_security","policyIds":[${policyId}]}
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
    ...    ELSE    set variable    curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
    @{stringlist}    run keyword if    '${systemType}'=='Windows'    set variable    字节跳动    Tango Secure Gateway CA
    ...    ELSE    set variable    字节跳动    Tango Secure Gateway CA
    ${starttime}    Get Time
    Sleep    ${policyVerificationSleepSeconds}s
    ${rescode}    SystemCommand    ${commandstr}    @{stringlist}
    Sleep    ${policyLogVerificationSleepSeconds}s
    ${endtime}    Get Time
    #日志验证
    ${s}    Convert to String    ${policyId}
    GetLogList    security_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com
 SecurityPolicy-Intercept-SSL-00007
    [Tags]    Selfserver    ip    end-entity
    Comment    创建证书
    ${response}    CreatePolicyMutipartFile    ${url}    keyrings/end-entity/    tang-ca-v3-www.bing.com-cer.pem    tang-ca-v3-www.bing.com-key.pem    {"isValid":1,"opAction":"add","returnData":1,"keyringName":"test4","keyringType":"end-entity","reissueExpiryHour":0,"crl":"null","publicKeyAlgo":"rsa1024","keyringId":null,"includeRoot":0}
    ${keyringId}    Get From Dictionary    ${response}    keyringId
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Intercept-SSL-00004    policyType=tsg_security    policyDesc=autotest    userTags=    action=intercept    effectiveRange=    userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}}    referenceObject=    isValid=${1}    appObjectIdArray=3
    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
    #删除策略
    ${policyIds}    Create List    {"policyType":"tsg_security","policyIds":[${policyId}]}
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
    ...    ELSE    set variable    curl \ -kv \ https://open.node.com/test/rutube/rutube.html
    @{stringlist}    run keyword if    '${systemType}'=='Windows'    set variable    видео    Tango Secure Gateway CA
    ...    ELSE    set variable    рутуб    Tango Secure Gateway CA
    ${starttime}    Get Time
    Sleep    ${policyVerificationSleepSeconds}s
    ${rescode}    SystemCommand    ${commandstr}    @{stringlist}
    Sleep    ${policyLogVerificationSleepSeconds}s
    ${endtime}    Get Time
    #日志验证
    ${s}    Convert to String    ${policyId}
    GetLogList    security_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com