From 9180bab7618cc1d78beca3324f410515cd797d4a Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Wed, 6 May 2020 14:23:54 -0400
Subject: [PATCH] Example for XCC cert scripting

---
 misc/getcsr.py      | 46 +++++++++++++++++++++++++++++++++++++++++++++
 misc/installcert.py | 16 ++++++++++++++++
 2 files changed, 62 insertions(+)
 create mode 100644 misc/getcsr.py
 create mode 100644 misc/installcert.py

diff --git a/misc/getcsr.py b/misc/getcsr.py
new file mode 100644
index 00000000..253bfcd8
--- /dev/null
+++ b/misc/getcsr.py
@@ -0,0 +1,46 @@
+import argparse
+import io
+import gzip
+import pyghmi.redfish.command as cmd
+import os
+import sys
+
+ap = argparse.ArgumentParser(description='Certificate Generate')
+ap.add_argument('xcc', help='XCC address')
+ap.add_argument('--country', help='Two Letter Country')
+ap.add_argument('--state', help='State or Province')
+ap.add_argument('--city', help='City or Locality')
+ap.add_argument('--org', help='Organization name')
+ap.add_argument('--name', help='Common/Host Name')
+args = ap.parse_args()
+
+c = cmd.Command(args.xcc, os.environ['XCCUSER'], os.environ['XCCPASS'],
+                verifycallback=lambda x: True)
+params = [
+        '0', # 'serviceType'
+        args.country,
+        args.state,
+        args.city,
+        args.org,
+        args.name,
+        '',
+        '',
+        '',
+        '',
+        '',
+        '',
+        '',
+        '',
+        '',
+]
+wc = c.oem.wc
+rsp, status = wc.grab_json_response_with_status('/api/function', {'Sec_GenKeyAndCSR': ','.join(params)})
+rsp, status = wc.grab_json_response_with_status('/api/dataset', {'CSR_Format': '1'})
+rsp, status = wc.grab_json_response_with_status('/api/function', {'Sec_DownloadCSRANDCert': '0,4,0'})
+wc.request('GET', '/download/{0}'.format(rsp['FileName']))
+rsp = wc.getresponse()
+csr = rsp.read()
+if rsp.getheader('Content-Encoding', None) == 'gzip':
+    csr = gzip.GzipFile(fileobj=io.BytesIO(csr)).read()
+print(csr)
+        
diff --git a/misc/installcert.py b/misc/installcert.py
new file mode 100644
index 00000000..c42deb06
--- /dev/null
+++ b/misc/installcert.py
@@ -0,0 +1,16 @@
+import argparse
+import pyghmi.redfish.command as cmd
+import os
+import sys
+
+ap = argparse.ArgumentParser(description='Certificate Generate')
+ap.add_argument('xcc', help='XCC address')
+ap.add_argument('cert', help='Certificate in PEM format')
+args = ap.parse_args()
+
+c = cmd.Command(args.xcc, os.environ['XCCUSER'], os.environ['XCCPASS'],
+                verifycallback=lambda x: True)
+wc = c.oem.wc
+cert = open(args.cert, 'rb').read()
+res = wc.grab_json_response_with_status('/api/function', {'Sec_ImportCert': '0,1,0,0,,{0}'.format(cert)
+print(repr(res))