Blame - crypt_algo.hpp - openbmc/phosphor-net-ipmid

blob: 763a8ba5884c8dfd2bd013b1a817484a5a7cb1cd [file] [log] [blame]

Tom Joseph	d08b523	2017-01-24 18:15:39 +0530	[diff] [blame]	1	#pragma once
				2
				3	#include <openssl/sha.h>
				4	#include <array>
				5	#include <vector>
				6
				7	namespace cipher
				8	{
				9
				10	namespace crypt
				11	{
				12
				13	using buffer = std::vector<uint8_t>;
				14	using key = std::array<uint8_t, SHA_DIGEST_LENGTH>;
				15
				16	/**
				17	* @enum Confidentiality Algorithms
				18	*
				19	* The Confidentiality Algorithm Number specifies the encryption/decryption
				20	* algorithm field that is used for encrypted payload data under the session.
				21	* The ‘encrypted’ bit in the payload type field being set identifies packets
				22	* with payloads that include data that is encrypted per this specification.
				23	* When payload data is encrypted, there may be additional “Confidentiality
				24	* Header” and/or “Confidentiality Trailer” fields that are included within the
				25	* payload. The size and definition of those fields is specific to the
				26	* particular confidentiality algorithm.
				27	*/
				28	enum class Algorithms : uint8_t
				29	{
				30	NONE, /*< No encryption (mandatory option) /
				31	AES_CBC_128, /*< AES-CBC-128 Algorithm (mandatory option) /
				32	xRC4_128, /*< xRC4-128 Algorithm (optional option) /
				33	xRC4_40, /*< xRC4-40 Algorithm (optional option) /
				34	};
				35
				36	/**
				37	* @class Interface
				38	*
				39	* Interface is the base class for the Confidentiality Algorithms.
				40	*/
				41	class Interface
				42	{
				43	public:
				44	/**
				45	* @brief Constructor for Interface
				46	*
				47	* @param[in] - Session Integrity key to generate K2
				48	* @param[in] - Additional keying material to generate K2
				49	*/
				50	explicit Interface(const buffer& sik, const key& addKey);
				51
				52	Interface() = delete;
				53	virtual ~Interface() = default;
				54	Interface(const Interface&) = default;
				55	Interface& operator=(const Interface&) = default;
				56	Interface(Interface&&) = default;
				57	Interface& operator=(Interface&&) = default;
				58
				59	/**
				60	* @brief Decrypt the incoming payload
				61	*
				62	* @param[in] packet - Incoming IPMI packet
				63	* @param[in] sessHeaderLen - Length of the IPMI Session Header
				64	* @param[in] payloadLen - Length of the encrypted IPMI payload
				65	*
				66	* @return decrypted payload if the operation is successful
				67	*/
				68	virtual buffer decryptPayload(
				69	const buffer& packet,
				70	const size_t sessHeaderLen,
				71	const size_t payloadLen) const = 0;
				72
				73	/**
				74	* @brief Encrypt the outgoing payload
				75	*
				76	* @param[in] payload - plain payload for the outgoing IPMI packet
				77	*
				78	* @return encrypted payload if the operation is successful
				79	*
				80	*/
				81	virtual buffer encryptPayload(buffer& payload) const = 0;
				82
				83	protected:
				84
				85	/** @brief K2 is the key used for encrypting data */
				86	key k2;
				87	};
				88
Tom Joseph	06f7a3c	2017-01-25 14:32:05 +0530	[diff] [blame^]	89	/**
				90	* @class AlgoAES128
				91	*
				92	* @brief Implementation of the AES-CBC-128 Confidentiality algorithm
				93	*
				94	* AES-128 uses a 128-bit Cipher Key. The Cipher Key is the first 128-bits of
				95	* key “K2”.Once the Cipher Key has been generated it is used to encrypt
				96	* the payload data. The payload data is padded to make it an integral numbers
				97	* of blocks in length (a block is 16 bytes for AES). The payload is then
				98	* encrypted one block at a time from the lowest data offset to the highest
				99	* using Cipher_Key as specified in AES.
				100	*/
				101	class AlgoAES128 final : public Interface
				102	{
				103	public:
				104	static constexpr size_t AESCBC128ConfHeader = 16;
				105	static constexpr size_t AESCBC128BlockSize = 16;
				106
				107	/**
				108	* RSP needs more keying material than can be provided by session
				109	* integrity key alone. As a result all keying material for the RSP
				110	* confidentiality algorithms will be generated by processing a
				111	* pre-defined set of constants using HMAC per [RFC2104], keyed by SIK.
				112	* These constants are constructed using a hexadecimal octet value
				113	* repeated up to the HMAC block size in length starting with the
				114	* constant 01h. This mechanism can be used to derive up to 255
				115	* HMAC-block-length pieces of keying material from a single SIK.For the
				116	* mandatory confidentiality algorithm AES-CBC-128, processing the
				117	* following constant will generate the required amount of keying
				118	* material.
				119	*/
				120	static constexpr key const2 = { 0x02, 0x02, 0x02, 0x02, 0x02,
				121	0x02, 0x02, 0x02, 0x02, 0x02,
				122	0x02, 0x02, 0x02, 0x02, 0x02,
				123	0x02, 0x02, 0x02, 0x02, 0x02
				124	};
				125
				126	/**
				127	* If confidentiality bytes are present, the value of the first byte is
				128	* one (01h). and all subsequent bytes shall have a monotonically
				129	* increasing value (e.g., 02h, 03h, 04h, etc). The receiver, as an
				130	* additional check for proper decryption, shall check the value of each
				131	* byte of Confidentiality Pad. For AES algorithm, the pad bytes will
				132	* range from 0 to 15 bytes. This predefined array would help in
				133	* doing the additional check.
				134	*/
				135	static constexpr std::array<uint8_t, AESCBC128BlockSize -1>
				136	confPadBytes =
				137	{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
				138	0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F };
				139
				140	/**
				141	* @brief Constructor for AlgoAES128
				142	*
				143	* @param[in] - Session Integrity key
				144	*/
				145	explicit AlgoAES128(const buffer& sik) : Interface(sik, const2) {}
				146
				147	AlgoAES128() = delete;
				148	~AlgoAES128() = default;
				149	AlgoAES128(const AlgoAES128&) = default;
				150	AlgoAES128& operator=(const AlgoAES128&) = default;
				151	AlgoAES128(AlgoAES128&&) = default;
				152	AlgoAES128& operator=(AlgoAES128&&) = default;
				153
				154	/**
				155	* @brief Decrypt the incoming payload
				156	*
				157	* @param[in] packet - Incoming IPMI packet
				158	* @param[in] sessHeaderLen - Length of the IPMI Session Header
				159	* @param[in] payloadLen - Length of the encrypted IPMI payload
				160	*
				161	* @return decrypted payload if the operation is successful
				162	*/
				163	buffer decryptPayload(
				164	const buffer& packet,
				165	const size_t sessHeaderLen,
				166	const size_t payloadLen) const override;
				167
				168	/**
				169	* @brief Encrypt the outgoing payload
				170	*
				171	* @param[in] payload - plain payload for the outgoing IPMI packet
				172	*
				173	* @return encrypted payload if the operation is successful
				174	*
				175	*/
				176	buffer encryptPayload(buffer& payload) const override;
				177
				178	private:
				179
				180	/**
				181	* @brief Decrypt the passed data
				182	*
				183	* @param[in] iv - Initialization vector
				184	* @param[in] input - Pointer to input data
				185	* @param[in] inputLen - Length of input data
				186	*
				187	* @return decrypted data if the operation is successful
				188	*/
				189	buffer decryptData(const uint8_t* iv,
				190	const uint8_t* input,
				191	const int inputLen) const;
				192
				193	/**
				194	* @brief Encrypt the passed data
				195	*
				196	* @param[in] input - Pointer to input data
				197	* @param[in] inputLen - Length of input data
				198	*
				199	* @return encrypted data if the operation is successful
				200	*/
				201	buffer encryptData(const uint8_t* input,
				202	const int inputLen) const;
				203	};
				204
Tom Joseph	d08b523	2017-01-24 18:15:39 +0530	[diff] [blame]	205	}// namespace crypt
				206
				207	}// namespace cipher
				208