commit dd1be1a2ca69e28dd450f71de3197698df1197c2
author Tom Joseph <tomjoseph@in.ibm.com> Tue Jan 10 16:10:29 2017 +0530
committer Tom Joseph <tomjoseph@in.ibm.com> Tue Jan 17 14:59:21 2017 +0530
tree 479d6be657e7fdaaa757c29c89661c3d899eafbb
parent 638d0666d37f94ed91cf5cf20e7adddce3d47015

Authentication Algorithm keeps record of the Integrity algo

The Integrity algorithm negotiated during Open Session Request
would be stored in the Authentication algorithm and is
activated once the session setup is successful.

Change-Id: I780680c8991487f8fd9030217793f2b0d0fa8a25
Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>

auth_algo.hpp

diff --git a/auth_algo.hpp b/auth_algo.hpp
index a905778..73e2c2b 100644
--- a/auth_algo.hpp
+++ b/auth_algo.hpp
@@ -2,6 +2,7 @@
 
 #include <array>
 #include <vector>
+#include "integrity_algo.hpp"
 
 namespace cipher
 {
@@ -45,7 +46,8 @@
 class Interface
 {
     public:
-        Interface() = default;
+        explicit Interface(integrity::Algorithms intAlgo) : intAlgo(intAlgo) {}
+        Interface() = delete;
         virtual ~Interface() = default;
         Interface(const Interface&) = default;
         Interface& operator=(const Interface&) = default;
@@ -97,6 +99,15 @@
 
         // Session Integrity Key
         std::vector<uint8_t> sessionIntegrityKey;
+
+        /*
+         * Integrity Algorithm is activated and set in the session data only
+         * once the session setup is succeeded in the RAKP34 command. But the
+         * integrity algorithm is negotiated in the Open Session Request command
+         * . So the authentication algorithm successfully negotiated is stored
+         * in the authentication algorithm.
+         */
+        integrity::Algorithms intAlgo;
 };
 
 /*
@@ -112,7 +123,8 @@
 class AlgoSHA1 : public Interface
 {
     public:
-        AlgoSHA1() = default;
+        explicit AlgoSHA1(integrity::Algorithms intAlgo) : Interface(intAlgo) {}
+        AlgoSHA1() = delete;
         ~AlgoSHA1() = default;
         AlgoSHA1(const AlgoSHA1&) = default;
         AlgoSHA1& operator=(const AlgoSHA1&) = default;

sessions_manager.cpp

diff --git a/sessions_manager.cpp b/sessions_manager.cpp
index a2d2d8d..c4de59f 100644
--- a/sessions_manager.cpp
+++ b/sessions_manager.cpp
@@ -25,7 +25,8 @@
 }
 
 std::weak_ptr<Session> Manager::startSession(SessionID remoteConsoleSessID,
-        Privilege priv, cipher::rakp_auth::Algorithms authAlgo)
+        Privilege priv, cipher::rakp_auth::Algorithms authAlgo,
+        cipher::integrity::Algorithms intAlgo)
 {
     std::shared_ptr<Session> session = nullptr;
     SessionID sessionID = 0;
@@ -68,7 +69,7 @@
             case cipher::rakp_auth::Algorithms::RAKP_HMAC_SHA1:
             {
                 session->setAuthAlgo(
-                        std::make_unique<cipher::rakp_auth::AlgoSHA1>());
+                        std::make_unique<cipher::rakp_auth::AlgoSHA1>(intAlgo));
                 break;
             }
             default:

sessions_manager.hpp

diff --git a/sessions_manager.hpp b/sessions_manager.hpp
index 8b9a76c..c23e3ab 100644
--- a/sessions_manager.hpp
+++ b/sessions_manager.hpp
@@ -48,12 +48,14 @@
          *            in the Open SessionRequest Command
          * @param[in] priv - Privilege level requested
          * @param[in] authAlgo - Authentication Algorithm
+         * @param[in] intAlgo - Integrity Algorithm
          *
          * @return session handle on success and nullptr on failure
          *
          */
         std::weak_ptr<Session> startSession(SessionID remoteConsoleSessID,
-                Privilege priv, cipher::rakp_auth::Algorithms authAlgo);
+                Privilege priv, cipher::rakp_auth::Algorithms authAlgo,
+                cipher::integrity::Algorithms intAlgo);
 
         /*
          * @brief Stop IPMI Session