Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-net-ipmid / 916d875577605edbcd30396c91de96d7ce532b5c / . / auth_algo.cpp
blob: e686aeb5fdd6de069da81053e0e7740eecee8ed9 [file] [log] [blame]
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]1#include "auth_algo.hpp"
2
George Liu7b7f25f2022-07-04 17:07:32 +0800[diff] [blame]3#include <error.h>
Vernon Mauery9b307be2017-11-22 09:28:16 -0800[diff] [blame]4#include <openssl/evp.h>
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]5#include <openssl/hmac.h>
6#include <openssl/sha.h>
George Liu7b7f25f2022-07-04 17:07:32 +0800[diff] [blame]7#include <string.h>
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]8
George Liu7b7f25f2022-07-04 17:07:32 +0800[diff] [blame]9#include <phosphor-logging/lg2.hpp>
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]10
11namespace cipher
12{
13
14namespace rakp_auth
15{
16
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]17std::vector<uint8_t>
18 AlgoSHA1::generateHMAC(const std::vector<uint8_t>& input) const
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]19{
20 std::vector<uint8_t> output(SHA_DIGEST_LENGTH);
21 unsigned int mdLen = 0;
22
23 if (HMAC(EVP_sha1(), userKey.data(), userKey.size(), input.data(),
24 input.size(), output.data(), &mdLen) == NULL)
25 {
George Liu7b7f25f2022-07-04 17:07:32 +0800[diff] [blame]26 lg2::error("Generate HMAC failed: {ERROR}", "ERROR", strerror(errno));
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]27 output.resize(0);
28 }
29
30 return output;
31}
32
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]33std::vector<uint8_t>
34 AlgoSHA1::generateICV(const std::vector<uint8_t>& input) const
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]35{
36 std::vector<uint8_t> output(SHA_DIGEST_LENGTH);
37 unsigned int mdLen = 0;
38
39 if (HMAC(EVP_sha1(), sessionIntegrityKey.data(), SHA_DIGEST_LENGTH,
40 input.data(), input.size(), output.data(), &mdLen) == NULL)
41 {
George Liu7b7f25f2022-07-04 17:07:32 +0800[diff] [blame]42 lg2::error("Generate Session Integrity Key failed: {ERROR}", "ERROR",
43 strerror(errno));
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]44 output.resize(0);
45 }
Vernon Mauery2207f512017-11-30 10:48:08 -0800[diff] [blame]46 output.resize(integrityCheckValueLength);
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]47
48 return output;
49}
50
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]51std::vector<uint8_t>
52 AlgoSHA256::generateHMAC(const std::vector<uint8_t>& input) const
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800[diff] [blame]53{
54 std::vector<uint8_t> output(SHA256_DIGEST_LENGTH);
55 unsigned int mdLen = 0;
56
57 if (HMAC(EVP_sha256(), userKey.data(), userKey.size(), input.data(),
58 input.size(), output.data(), &mdLen) == NULL)
59 {
George Liu7b7f25f2022-07-04 17:07:32 +0800[diff] [blame]60 lg2::error("Generate HMAC_SHA256 failed: {ERROR}", "ERROR",
61 strerror(errno));
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800[diff] [blame]62 output.resize(0);
63 }
64
65 return output;
66}
67
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]68std::vector<uint8_t>
69 AlgoSHA256::generateICV(const std::vector<uint8_t>& input) const
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800[diff] [blame]70{
71 std::vector<uint8_t> output(SHA256_DIGEST_LENGTH);
72 unsigned int mdLen = 0;
73
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]74 if (HMAC(EVP_sha256(), sessionIntegrityKey.data(),
75 sessionIntegrityKey.size(), input.data(), input.size(),
76 output.data(), &mdLen) == NULL)
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800[diff] [blame]77 {
George Liu7b7f25f2022-07-04 17:07:32 +0800[diff] [blame]78 lg2::error(
79 "Generate HMAC_SHA256_128 Integrity Check Value failed: {ERROR}",
80 "ERROR", strerror(errno));
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800[diff] [blame]81 output.resize(0);
82 }
83 output.resize(integrityCheckValueLength);
84
85 return output;
86}
87
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]88} // namespace rakp_auth
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]89
90} // namespace cipher