Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-net-ipmid / acb8d90b1a2c699352c6b6f5c1555227e7adc004 / . / auth_algo.hpp
blob: 7b12effd7583b445df625b61ac11a97091657668 [file] [log] [blame]
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]1#pragma once
2
Tom Josephba11f792017-01-24 18:21:45 +0530[diff] [blame]3#include "crypt_algo.hpp"
Tom Josephdd1be1a2017-01-10 16:10:29 +0530[diff] [blame]4#include "integrity_algo.hpp"
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]5
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]6#include <array>
Andrew Geissler9d9b7632020-05-17 09:18:05 -0500[diff] [blame]7#include <cstddef>
Andrew Geissler7408e762020-05-17 08:56:05 -0500[diff] [blame]8#include <string>
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]9#include <vector>
10
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]11namespace cipher
12{
13namespace rakp_auth
14{
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]15constexpr size_t USER_KEY_MAX_LENGTH = 20;
16constexpr size_t BMC_RANDOM_NUMBER_LEN = 16;
17constexpr size_t REMOTE_CONSOLE_RANDOM_NUMBER_LEN = 16;
18
Tom Joseph3563f8f2017-05-08 15:42:54 +0530[diff] [blame]19/**
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]20 * @enum RAKP Authentication Algorithms
21 *
22 * RMCP+ Authenticated Key-Exchange Protocol (RAKP)
23 *
24 * RAKP-None is not supported as per the following recommendation
25 * (https://www.us-cert.gov/ncas/alerts/TA13-207A)
26 * ("cipher 0" is an option enabled by default on many IPMI enabled devices that
27 * allows authentication to be bypassed. Disable "cipher 0" to prevent
28 * attackers from bypassing authentication and sending arbitrary IPMI commands.)
29 */
30enum class Algorithms : uint8_t
31{
Tom Josephfe5a6452018-07-30 18:15:12 +0530[diff] [blame]32 RAKP_NONE = 0, // Mandatory (implemented, not supported)
33 RAKP_HMAC_SHA1, // Mandatory (implemented, default choice in ipmitool)
34 RAKP_HMAC_MD5, // Optional (not implemented)
35 RAKP_HMAC_SHA256, // Optional (implemented, best available)
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]36 // Reserved used to indicate an invalid authentication algorithm
37 RAKP_HMAC_INVALID = 0xB0
38};
39
Tom Joseph3563f8f2017-05-08 15:42:54 +0530[diff] [blame]40/**
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]41 * @class Interface
42 *
43 * Interface is the base class for the Authentication Algorithms.
44 * The Authentication Algorithm specifies the type of authentication “handshake”
45 * process that is used and identifies any particular variations of hashing or
46 * signature algorithm that is used as part of the process.
47 *
48 */
49class Interface
50{
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]51 public:
52 explicit Interface(integrity::Algorithms intAlgo,
53 crypt::Algorithms cryptAlgo) :
54 intAlgo(intAlgo),
55 cryptAlgo(cryptAlgo)
George Liubc8958f2022-07-04 09:29:49 +0800[diff] [blame]56 {}
Tom Josephba11f792017-01-24 18:21:45 +0530[diff] [blame]57
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]58 Interface() = delete;
59 virtual ~Interface() = default;
60 Interface(const Interface&) = default;
61 Interface& operator=(const Interface&) = default;
62 Interface(Interface&&) = default;
63 Interface& operator=(Interface&&) = default;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]64
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]65 /**
66 * @brief Generate the Hash Message Authentication Code
67 *
68 * This API is invoked to generate the Key Exchange Authentication Code
69 * in the RAKP2 and RAKP4 sequence and for generating the Session
70 * Integrity Key.
71 *
72 * @param input message
73 *
74 * @return hash output
75 *
76 * @note The user key which is the secret key for the hash operation
77 * needs to be set before this operation.
78 */
79 std::vector<uint8_t> virtual generateHMAC(
80 const std::vector<uint8_t>& input) const = 0;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]81
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]82 /**
83 * @brief Generate the Integrity Check Value
84 *
85 * This API is invoked in the RAKP4 sequence for generating the
86 * Integrity Check Value.
87 *
88 * @param input message
89 *
90 * @return hash output
91 *
92 * @note The session integrity key which is the secret key for the
93 * hash operation needs to be set before this operation.
94 */
95 std::vector<uint8_t> virtual generateICV(
96 const std::vector<uint8_t>& input) const = 0;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]97
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]98 /**
99 * @brief Check if the Authentication algorithm is supported
100 *
101 * @param[in] algo - authentication algorithm
102 *
103 * @return true if algorithm is supported else false
104 *
105 */
106 static bool isAlgorithmSupported(Algorithms algo)
107 {
Suryakanth Sekar4c494392020-03-31 13:22:43 +0530[diff] [blame]108 if (algo == Algorithms::RAKP_HMAC_SHA256)
Vernon Mauery9b307be2017-11-22 09:28:16 -0800[diff] [blame]109 {
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]110 return true;
Vernon Mauery9b307be2017-11-22 09:28:16 -0800[diff] [blame]111 }
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]112 else
113 {
114 return false;
115 }
116 }
Vernon Mauery9b307be2017-11-22 09:28:16 -0800[diff] [blame]117
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]118 // User Key is hardcoded to PASSW0RD till the IPMI User account
119 // management is in place.
120 std::array<uint8_t, USER_KEY_MAX_LENGTH> userKey = {"0penBmc"};
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]121
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]122 // Managed System Random Number
123 std::array<uint8_t, BMC_RANDOM_NUMBER_LEN> bmcRandomNum;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]124
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]125 // Remote Console Random Number
126 std::array<uint8_t, REMOTE_CONSOLE_RANDOM_NUMBER_LEN> rcRandomNum;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]127
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]128 // Session Integrity Key
129 std::vector<uint8_t> sessionIntegrityKey;
Tom Josephdd1be1a2017-01-10 16:10:29 +0530[diff] [blame]130
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]131 /**
132 * Integrity Algorithm is activated and set in the session data only
133 * once the session setup is succeeded in the RAKP34 command. But the
134 * integrity algorithm is negotiated in the Open Session Request command
135 * . So the integrity algorithm successfully negotiated is stored
136 * in the authentication algorithm's instance.
137 */
138 integrity::Algorithms intAlgo;
Tom Josephba11f792017-01-24 18:21:45 +0530[diff] [blame]139
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]140 /**
141 * Confidentiality Algorithm is activated and set in the session data
142 * only once the session setup is succeeded in the RAKP34 command. But
143 * the confidentiality algorithm is negotiated in the Open Session
144 * Request command. So the confidentiality algorithm successfully
145 * negotiated is stored in the authentication algorithm's instance.
146 */
147 crypt::Algorithms cryptAlgo;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]148};
149
Tom Joseph3563f8f2017-05-08 15:42:54 +0530[diff] [blame]150/**
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]151 * @class AlgoSHA1
152 *
153 * RAKP-HMAC-SHA1 specifies the use of RAKP messages for the key exchange
154 * portion of establishing the session, and that HMAC-SHA1 (per [RFC2104]) is
155 * used to create 20-byte Key Exchange Authentication Code fields in RAKP
156 * Message 2 and RAKP Message 3. HMAC-SHA1-96(per [RFC2404]) is used for
157 * generating a 12-byte Integrity Check Value field for RAKP Message 4.
158 */
159
160class AlgoSHA1 : public Interface
161{
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]162 public:
163 static constexpr size_t integrityCheckValueLength = 12;
Vernon Mauery2207f512017-11-30 10:48:08 -0800[diff] [blame]164
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]165 explicit AlgoSHA1(integrity::Algorithms intAlgo,
166 crypt::Algorithms cryptAlgo) :
167 Interface(intAlgo, cryptAlgo)
George Liubc8958f2022-07-04 09:29:49 +0800[diff] [blame]168 {}
Tom Josephba11f792017-01-24 18:21:45 +0530[diff] [blame]169
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]170 AlgoSHA1() = delete;
171 ~AlgoSHA1() = default;
172 AlgoSHA1(const AlgoSHA1&) = default;
173 AlgoSHA1& operator=(const AlgoSHA1&) = default;
174 AlgoSHA1(AlgoSHA1&&) = default;
175 AlgoSHA1& operator=(AlgoSHA1&&) = default;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]176
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]177 std::vector<uint8_t>
178 generateHMAC(const std::vector<uint8_t>& input) const override;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]179
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]180 std::vector<uint8_t>
181 generateICV(const std::vector<uint8_t>& input) const override;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]182};
183
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800[diff] [blame]184/**
185 * @class AlgoSHA256
186 *
187 * RAKP-HMAC-SHA256 specifies the use of RAKP messages for the key exchange
188 * portion of establishing the session, and that HMAC-SHA256 (per [FIPS 180-2]
189 * and [RFC4634] and is used to create a 32-byte Key Exchange Authentication
190 * Code fields in RAKP Message 2 and RAKP Message 3. HMAC-SHA256-128 (per
191 * [RFC4868]) is used for generating a 16-byte Integrity Check Value field for
192 * RAKP Message 4.
193 */
194
195class AlgoSHA256 : public Interface
196{
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]197 public:
198 static constexpr size_t integrityCheckValueLength = 16;
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800[diff] [blame]199
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]200 explicit AlgoSHA256(integrity::Algorithms intAlgo,
201 crypt::Algorithms cryptAlgo) :
202 Interface(intAlgo, cryptAlgo)
George Liubc8958f2022-07-04 09:29:49 +0800[diff] [blame]203 {}
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800[diff] [blame]204
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]205 ~AlgoSHA256() = default;
206 AlgoSHA256(const AlgoSHA256&) = default;
207 AlgoSHA256& operator=(const AlgoSHA256&) = default;
208 AlgoSHA256(AlgoSHA256&&) = default;
209 AlgoSHA256& operator=(AlgoSHA256&&) = default;
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800[diff] [blame]210
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]211 std::vector<uint8_t>
212 generateHMAC(const std::vector<uint8_t>& input) const override;
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800[diff] [blame]213
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]214 std::vector<uint8_t>
215 generateICV(const std::vector<uint8_t>& input) const override;
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800[diff] [blame]216};
217
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]218} // namespace rakp_auth
Tom Joseph8c0446c2016-08-05 07:13:07 -0500[diff] [blame]219
Vernon Mauery9e801a22018-10-12 13:20:49 -0700[diff] [blame]220} // namespace cipher