Handling delete password entry from ipmi-pass
API to Handle the delete password entry from
ipmi-pass encrypted file when user gets deleted
by any interface
Change-Id: I692a81b166b53d6fc981fdb85ce5d6980887560b
Signed-off-by: AppaRao Puli <apparao.puli@intel.com>
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
diff --git a/user_channel/passwd_mgr.hpp b/user_channel/passwd_mgr.hpp
index 3078e21..e5625bc 100644
--- a/user_channel/passwd_mgr.hpp
+++ b/user_channel/passwd_mgr.hpp
@@ -18,6 +18,7 @@
#include <ctime>
#include <unordered_map>
+#include <vector>
namespace ipmi
{
@@ -45,6 +46,14 @@
*/
std::string getPasswdByUserName(const std::string& userName);
+ /** @brief Clear username and password entry for the specified user
+ *
+ * @param[in] userName - username
+ *
+ * @return error response
+ */
+ int clearUserEntry(const std::string& userName);
+
private:
using UserName = std::string;
using Password = std::string;
@@ -61,15 +70,32 @@
* authentication.
*/
void initPasswordMap(void);
- /** @brief decrypts the data provided
+
+ /** @brief Function to read the encrypted password file data
*
+ * @param[out] outBytes - vector to hold decrypted password file data
+ *
+ * @return error response
+ */
+ int readPasswdFileData(std::vector<uint8_t>& outBytes);
+ /** @brief Updates special password file by clearing the password entry
+ * for the user specified.
+ *
+ * @param[in] userName - user name entry that has to be removed.
+ *
+ * @return error response
+ */
+ int updatePasswdSpecialFile(const std::string& userName);
+ /** @brief encrypts or decrypt the data provided
+ *
+ * @param[in] doEncrypt - do encrypt if set to true, else do decrypt.
* @param[in] cipher - cipher to be used
* @param[in] key - pointer to the key
* @param[in] keyLen - Length of the key to be used
* @param[in] iv - pointer to initialization vector
* @param[in] ivLen - Length of the iv
* @param[in] inBytes - input data to be encrypted / decrypted
- * @param[in] inBytesLen - input size to be decrypted
+ * @param[in] inBytesLen - input size to be encrypted / decrypted
* @param[in] mac - message authentication code - to figure out corruption
* @param[in] macLen - size of MAC
* @param[in] outBytes - ptr to store output bytes
@@ -77,10 +103,17 @@
*
* @return error response
*/
- int decrypt(const EVP_CIPHER* cipher, uint8_t* key, size_t keyLen,
- uint8_t* iv, size_t ivLen, uint8_t* inBytes, size_t inBytesLen,
- uint8_t* mac, size_t macLen, uint8_t* outBytes,
- size_t* outBytesLen);
+ int encryptDecryptData(bool doEncrypt, const EVP_CIPHER* cipher,
+ uint8_t* key, size_t keyLen, uint8_t* iv,
+ size_t ivLen, uint8_t* inBytes, size_t inBytesLen,
+ uint8_t* mac, size_t* macLen, uint8_t* outBytes,
+ size_t* outBytesLen);
+
+ /** @brief returns updated file time of passwd file entry.
+ *
+ * @return timestamp or -1 for error.
+ */
+ std::time_t getUpdatedFileTime();
};
} // namespace ipmi