blob: f9403700e513ff93cf2f559e9d064ef124a5dab1 [file] [log] [blame]
Tom Joseph8c0446c2016-08-05 07:13:07 -05001#pragma once
2
Tom Josephba11f792017-01-24 18:21:45 +05303#include "crypt_algo.hpp"
Tom Josephdd1be1a2017-01-10 16:10:29 +05304#include "integrity_algo.hpp"
Tom Joseph8c0446c2016-08-05 07:13:07 -05005
Vernon Mauery9e801a22018-10-12 13:20:49 -07006#include <array>
Andrew Geissler9d9b7632020-05-17 09:18:05 -05007#include <cstddef>
Andrew Geissler7408e762020-05-17 08:56:05 -05008#include <string>
Vernon Mauery9e801a22018-10-12 13:20:49 -07009#include <vector>
10
Tom Joseph8c0446c2016-08-05 07:13:07 -050011namespace cipher
12{
13namespace rakp_auth
14{
Tom Joseph8c0446c2016-08-05 07:13:07 -050015constexpr size_t USER_KEY_MAX_LENGTH = 20;
16constexpr size_t BMC_RANDOM_NUMBER_LEN = 16;
17constexpr size_t REMOTE_CONSOLE_RANDOM_NUMBER_LEN = 16;
Tom Joseph56527b92018-03-21 19:31:58 +053018extern const std::string userName;
Tom Joseph8c0446c2016-08-05 07:13:07 -050019
Tom Joseph3563f8f2017-05-08 15:42:54 +053020/**
Tom Joseph8c0446c2016-08-05 07:13:07 -050021 * @enum RAKP Authentication Algorithms
22 *
23 * RMCP+ Authenticated Key-Exchange Protocol (RAKP)
24 *
25 * RAKP-None is not supported as per the following recommendation
26 * (https://www.us-cert.gov/ncas/alerts/TA13-207A)
27 * ("cipher 0" is an option enabled by default on many IPMI enabled devices that
28 * allows authentication to be bypassed. Disable "cipher 0" to prevent
29 * attackers from bypassing authentication and sending arbitrary IPMI commands.)
30 */
31enum class Algorithms : uint8_t
32{
Tom Josephfe5a6452018-07-30 18:15:12 +053033 RAKP_NONE = 0, // Mandatory (implemented, not supported)
34 RAKP_HMAC_SHA1, // Mandatory (implemented, default choice in ipmitool)
35 RAKP_HMAC_MD5, // Optional (not implemented)
36 RAKP_HMAC_SHA256, // Optional (implemented, best available)
Tom Joseph8c0446c2016-08-05 07:13:07 -050037 // Reserved used to indicate an invalid authentication algorithm
38 RAKP_HMAC_INVALID = 0xB0
39};
40
Tom Joseph3563f8f2017-05-08 15:42:54 +053041/**
Tom Joseph8c0446c2016-08-05 07:13:07 -050042 * @class Interface
43 *
44 * Interface is the base class for the Authentication Algorithms.
45 * The Authentication Algorithm specifies the type of authentication “handshake”
46 * process that is used and identifies any particular variations of hashing or
47 * signature algorithm that is used as part of the process.
48 *
49 */
50class Interface
51{
Vernon Mauery9e801a22018-10-12 13:20:49 -070052 public:
53 explicit Interface(integrity::Algorithms intAlgo,
54 crypt::Algorithms cryptAlgo) :
55 intAlgo(intAlgo),
56 cryptAlgo(cryptAlgo)
George Liubc8958f2022-07-04 09:29:49 +080057 {}
Tom Josephba11f792017-01-24 18:21:45 +053058
Vernon Mauery9e801a22018-10-12 13:20:49 -070059 Interface() = delete;
60 virtual ~Interface() = default;
61 Interface(const Interface&) = default;
62 Interface& operator=(const Interface&) = default;
63 Interface(Interface&&) = default;
64 Interface& operator=(Interface&&) = default;
Tom Joseph8c0446c2016-08-05 07:13:07 -050065
Vernon Mauery9e801a22018-10-12 13:20:49 -070066 /**
67 * @brief Generate the Hash Message Authentication Code
68 *
69 * This API is invoked to generate the Key Exchange Authentication Code
70 * in the RAKP2 and RAKP4 sequence and for generating the Session
71 * Integrity Key.
72 *
73 * @param input message
74 *
75 * @return hash output
76 *
77 * @note The user key which is the secret key for the hash operation
78 * needs to be set before this operation.
79 */
80 std::vector<uint8_t> virtual generateHMAC(
81 const std::vector<uint8_t>& input) const = 0;
Tom Joseph8c0446c2016-08-05 07:13:07 -050082
Vernon Mauery9e801a22018-10-12 13:20:49 -070083 /**
84 * @brief Generate the Integrity Check Value
85 *
86 * This API is invoked in the RAKP4 sequence for generating the
87 * Integrity Check Value.
88 *
89 * @param input message
90 *
91 * @return hash output
92 *
93 * @note The session integrity key which is the secret key for the
94 * hash operation needs to be set before this operation.
95 */
96 std::vector<uint8_t> virtual generateICV(
97 const std::vector<uint8_t>& input) const = 0;
Tom Joseph8c0446c2016-08-05 07:13:07 -050098
Vernon Mauery9e801a22018-10-12 13:20:49 -070099 /**
100 * @brief Check if the Authentication algorithm is supported
101 *
102 * @param[in] algo - authentication algorithm
103 *
104 * @return true if algorithm is supported else false
105 *
106 */
107 static bool isAlgorithmSupported(Algorithms algo)
108 {
Suryakanth Sekar4c494392020-03-31 13:22:43 +0530109 if (algo == Algorithms::RAKP_HMAC_SHA256)
Vernon Mauery9b307be2017-11-22 09:28:16 -0800110 {
Vernon Mauery9e801a22018-10-12 13:20:49 -0700111 return true;
Vernon Mauery9b307be2017-11-22 09:28:16 -0800112 }
Vernon Mauery9e801a22018-10-12 13:20:49 -0700113 else
114 {
115 return false;
116 }
117 }
Vernon Mauery9b307be2017-11-22 09:28:16 -0800118
Vernon Mauery9e801a22018-10-12 13:20:49 -0700119 // User Key is hardcoded to PASSW0RD till the IPMI User account
120 // management is in place.
121 std::array<uint8_t, USER_KEY_MAX_LENGTH> userKey = {"0penBmc"};
Tom Joseph8c0446c2016-08-05 07:13:07 -0500122
Vernon Mauery9e801a22018-10-12 13:20:49 -0700123 // Managed System Random Number
124 std::array<uint8_t, BMC_RANDOM_NUMBER_LEN> bmcRandomNum;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500125
Vernon Mauery9e801a22018-10-12 13:20:49 -0700126 // Remote Console Random Number
127 std::array<uint8_t, REMOTE_CONSOLE_RANDOM_NUMBER_LEN> rcRandomNum;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500128
Vernon Mauery9e801a22018-10-12 13:20:49 -0700129 // Session Integrity Key
130 std::vector<uint8_t> sessionIntegrityKey;
Tom Josephdd1be1a2017-01-10 16:10:29 +0530131
Vernon Mauery9e801a22018-10-12 13:20:49 -0700132 /**
133 * Integrity Algorithm is activated and set in the session data only
134 * once the session setup is succeeded in the RAKP34 command. But the
135 * integrity algorithm is negotiated in the Open Session Request command
136 * . So the integrity algorithm successfully negotiated is stored
137 * in the authentication algorithm's instance.
138 */
139 integrity::Algorithms intAlgo;
Tom Josephba11f792017-01-24 18:21:45 +0530140
Vernon Mauery9e801a22018-10-12 13:20:49 -0700141 /**
142 * Confidentiality Algorithm is activated and set in the session data
143 * only once the session setup is succeeded in the RAKP34 command. But
144 * the confidentiality algorithm is negotiated in the Open Session
145 * Request command. So the confidentiality algorithm successfully
146 * negotiated is stored in the authentication algorithm's instance.
147 */
148 crypt::Algorithms cryptAlgo;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500149};
150
Tom Joseph3563f8f2017-05-08 15:42:54 +0530151/**
Tom Joseph8c0446c2016-08-05 07:13:07 -0500152 * @class AlgoSHA1
153 *
154 * RAKP-HMAC-SHA1 specifies the use of RAKP messages for the key exchange
155 * portion of establishing the session, and that HMAC-SHA1 (per [RFC2104]) is
156 * used to create 20-byte Key Exchange Authentication Code fields in RAKP
157 * Message 2 and RAKP Message 3. HMAC-SHA1-96(per [RFC2404]) is used for
158 * generating a 12-byte Integrity Check Value field for RAKP Message 4.
159 */
160
161class AlgoSHA1 : public Interface
162{
Vernon Mauery9e801a22018-10-12 13:20:49 -0700163 public:
164 static constexpr size_t integrityCheckValueLength = 12;
Vernon Mauery2207f512017-11-30 10:48:08 -0800165
Vernon Mauery9e801a22018-10-12 13:20:49 -0700166 explicit AlgoSHA1(integrity::Algorithms intAlgo,
167 crypt::Algorithms cryptAlgo) :
168 Interface(intAlgo, cryptAlgo)
George Liubc8958f2022-07-04 09:29:49 +0800169 {}
Tom Josephba11f792017-01-24 18:21:45 +0530170
Vernon Mauery9e801a22018-10-12 13:20:49 -0700171 AlgoSHA1() = delete;
172 ~AlgoSHA1() = default;
173 AlgoSHA1(const AlgoSHA1&) = default;
174 AlgoSHA1& operator=(const AlgoSHA1&) = default;
175 AlgoSHA1(AlgoSHA1&&) = default;
176 AlgoSHA1& operator=(AlgoSHA1&&) = default;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500177
Vernon Mauery9e801a22018-10-12 13:20:49 -0700178 std::vector<uint8_t>
179 generateHMAC(const std::vector<uint8_t>& input) const override;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500180
Vernon Mauery9e801a22018-10-12 13:20:49 -0700181 std::vector<uint8_t>
182 generateICV(const std::vector<uint8_t>& input) const override;
Tom Joseph8c0446c2016-08-05 07:13:07 -0500183};
184
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800185/**
186 * @class AlgoSHA256
187 *
188 * RAKP-HMAC-SHA256 specifies the use of RAKP messages for the key exchange
189 * portion of establishing the session, and that HMAC-SHA256 (per [FIPS 180-2]
190 * and [RFC4634] and is used to create a 32-byte Key Exchange Authentication
191 * Code fields in RAKP Message 2 and RAKP Message 3. HMAC-SHA256-128 (per
192 * [RFC4868]) is used for generating a 16-byte Integrity Check Value field for
193 * RAKP Message 4.
194 */
195
196class AlgoSHA256 : public Interface
197{
Vernon Mauery9e801a22018-10-12 13:20:49 -0700198 public:
199 static constexpr size_t integrityCheckValueLength = 16;
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800200
Vernon Mauery9e801a22018-10-12 13:20:49 -0700201 explicit AlgoSHA256(integrity::Algorithms intAlgo,
202 crypt::Algorithms cryptAlgo) :
203 Interface(intAlgo, cryptAlgo)
George Liubc8958f2022-07-04 09:29:49 +0800204 {}
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800205
Vernon Mauery9e801a22018-10-12 13:20:49 -0700206 ~AlgoSHA256() = default;
207 AlgoSHA256(const AlgoSHA256&) = default;
208 AlgoSHA256& operator=(const AlgoSHA256&) = default;
209 AlgoSHA256(AlgoSHA256&&) = default;
210 AlgoSHA256& operator=(AlgoSHA256&&) = default;
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800211
Vernon Mauery9e801a22018-10-12 13:20:49 -0700212 std::vector<uint8_t>
213 generateHMAC(const std::vector<uint8_t>& input) const override;
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800214
Vernon Mauery9e801a22018-10-12 13:20:49 -0700215 std::vector<uint8_t>
216 generateICV(const std::vector<uint8_t>& input) const override;
Vernon Mauery7e9e2ef2017-11-29 08:36:29 -0800217};
218
Vernon Mauery9e801a22018-10-12 13:20:49 -0700219} // namespace rakp_auth
Tom Joseph8c0446c2016-08-05 07:13:07 -0500220
Vernon Mauery9e801a22018-10-12 13:20:49 -0700221} // namespace cipher