| Richard Marian Thomaiyar | 4654d99 | 2018-04-19 05:38:37 +0530 | [diff] [blame^] | 1 | /* |
| 2 | // Copyright (c) 2018 Intel Corporation |
| 3 | // |
| 4 | // Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | // you may not use this file except in compliance with the License. |
| 6 | // You may obtain a copy of the License at |
| 7 | // |
| 8 | // http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | // |
| 10 | // Unless required by applicable law or agreed to in writing, software |
| 11 | // distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | // See the License for the specific language governing permissions and |
| 14 | // limitations under the License. |
| 15 | */ |
| 16 | #pragma once |
| 17 | #include <openssl/evp.h> |
| 18 | |
| 19 | #include <ctime> |
| 20 | #include <unordered_map> |
| 21 | |
| 22 | namespace ipmi |
| 23 | { |
| 24 | |
| 25 | class PasswdMgr |
| 26 | { |
| 27 | public: |
| 28 | ~PasswdMgr() = default; |
| 29 | PasswdMgr(const PasswdMgr&) = delete; |
| 30 | PasswdMgr& operator=(const PasswdMgr&) = delete; |
| 31 | PasswdMgr(PasswdMgr&&) = delete; |
| 32 | PasswdMgr& operator=(PasswdMgr&&) = delete; |
| 33 | |
| 34 | /** @brief Constructs user password list |
| 35 | * |
| 36 | */ |
| 37 | PasswdMgr(); |
| 38 | |
| 39 | /** @brief Get password for the user |
| 40 | * |
| 41 | * @param[in] userName - user name |
| 42 | * |
| 43 | * @return password string. will return empty string, if unable to locate |
| 44 | * the user |
| 45 | */ |
| 46 | std::string getPasswdByUserName(const std::string& userName); |
| 47 | |
| 48 | private: |
| 49 | using UserName = std::string; |
| 50 | using Password = std::string; |
| 51 | std::unordered_map<UserName, Password> passwdMapList; |
| 52 | std::time_t fileLastUpdatedTime; |
| 53 | /** @brief check timestamp and reload password map if required |
| 54 | * |
| 55 | */ |
| 56 | void checkAndReload(void); |
| 57 | /** @brief initializes passwdMapList by reading the encrypted file |
| 58 | * |
| 59 | * Initializes the passwordMapList members after decrypting the |
| 60 | * password file. passwordMapList will be used further in IPMI |
| 61 | * authentication. |
| 62 | */ |
| 63 | void initPasswordMap(void); |
| 64 | /** @brief decrypts the data provided |
| 65 | * |
| 66 | * @param[in] cipher - cipher to be used |
| 67 | * @param[in] key - pointer to the key |
| 68 | * @param[in] keyLen - Length of the key to be used |
| 69 | * @param[in] iv - pointer to initialization vector |
| 70 | * @param[in] ivLen - Length of the iv |
| 71 | * @param[in] inBytes - input data to be encrypted / decrypted |
| 72 | * @param[in] inBytesLen - input size to be decrypted |
| 73 | * @param[in] mac - message authentication code - to figure out corruption |
| 74 | * @param[in] macLen - size of MAC |
| 75 | * @param[in] outBytes - ptr to store output bytes |
| 76 | * @param[in] outBytesLen - outbut data length. |
| 77 | * |
| 78 | * @return error response |
| 79 | */ |
| 80 | int decrypt(const EVP_CIPHER* cipher, uint8_t* key, size_t keyLen, |
| 81 | uint8_t* iv, size_t ivLen, uint8_t* inBytes, size_t inBytesLen, |
| 82 | uint8_t* mac, size_t macLen, uint8_t* outBytes, |
| 83 | size_t* outBytesLen); |
| 84 | }; |
| 85 | |
| 86 | } // namespace ipmi |