Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 1 | #include "rakp12.hpp" |
| 2 | |
Vernon Mauery | 9e801a2 | 2018-10-12 13:20:49 -0700 | [diff] [blame] | 3 | #include "comm_module.hpp" |
| 4 | #include "endian.hpp" |
| 5 | #include "guid.hpp" |
Vernon Mauery | 2085ae0 | 2021-06-10 11:51:00 -0700 | [diff] [blame] | 6 | #include "sessions_manager.hpp" |
Vernon Mauery | 9e801a2 | 2018-10-12 13:20:49 -0700 | [diff] [blame] | 7 | |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 8 | #include <openssl/rand.h> |
| 9 | |
George Liu | bc8958f | 2022-07-04 09:29:49 +0800 | [diff] [blame] | 10 | #include <ipmid/types.hpp> |
George Liu | 7b7f25f | 2022-07-04 17:07:32 +0800 | [diff] [blame] | 11 | #include <phosphor-logging/lg2.hpp> |
George Liu | bc8958f | 2022-07-04 09:29:49 +0800 | [diff] [blame] | 12 | |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 13 | #include <algorithm> |
Tom Joseph | 56527b9 | 2018-03-21 19:31:58 +0530 | [diff] [blame] | 14 | #include <cstring> |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 15 | #include <iomanip> |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 16 | |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 17 | namespace command |
| 18 | { |
| 19 | |
AppaRao Puli | ecb32fb | 2020-07-01 22:55:38 +0530 | [diff] [blame] | 20 | bool isChannelAccessModeEnabled(const uint8_t accessMode) |
| 21 | { |
| 22 | return accessMode != |
| 23 | static_cast<uint8_t>(ipmi::EChannelAccessMode::disabled); |
| 24 | } |
| 25 | |
sunitakx | 0e0546f | 2021-06-15 08:57:10 +0000 | [diff] [blame] | 26 | void logInvalidLoginRedfishEvent(const std::string& journalMsg, |
| 27 | const std::optional<std::string>& messageArgs) |
| 28 | { |
| 29 | static constexpr std::string_view openBMCMessageRegistryVersion = "0.1."; |
| 30 | std::string messageID = "OpenBMC." + |
| 31 | std::string(openBMCMessageRegistryVersion) + |
| 32 | "InvalidLoginAttempted"; |
George Liu | 7b7f25f | 2022-07-04 17:07:32 +0800 | [diff] [blame] | 33 | lg2::error( |
| 34 | "message: {MSG}, id: {REDFISH_MESSAGE_ID}, args: {REDFISH_MESSAGE_ARGS}", |
| 35 | "MSG", journalMsg, "REDFISH_MESSAGE_ID", messageID, |
| 36 | "REDFISH_MESSAGE_ARGS", messageArgs.value()); |
sunitakx | 0e0546f | 2021-06-15 08:57:10 +0000 | [diff] [blame] | 37 | } |
Tom Joseph | 18a45e9 | 2017-04-11 11:30:44 +0530 | [diff] [blame] | 38 | std::vector<uint8_t> RAKP12(const std::vector<uint8_t>& inPayload, |
George Liu | be1470c | 2022-07-04 14:33:24 +0800 | [diff] [blame] | 39 | std::shared_ptr<message::Handler>& /* handler */) |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 40 | { |
Tom Joseph | 18a45e9 | 2017-04-11 11:30:44 +0530 | [diff] [blame] | 41 | auto request = reinterpret_cast<const RAKP1request*>(inPayload.data()); |
Zhikui Ren | 2b1edef | 2020-07-24 14:32:13 -0700 | [diff] [blame] | 42 | // verify inPayload minimum size |
| 43 | if (inPayload.size() < (sizeof(*request) - userNameMaxLen)) |
| 44 | { |
| 45 | std::vector<uint8_t> errorPayload{IPMI_CC_REQ_DATA_LEN_INVALID}; |
| 46 | return errorPayload; |
| 47 | } |
| 48 | |
| 49 | std::vector<uint8_t> outPayload(sizeof(RAKP2response)); |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 50 | auto response = reinterpret_cast<RAKP2response*>(outPayload.data()); |
| 51 | |
| 52 | // Session ID zero is reserved for Session Setup |
Vernon Mauery | 9e801a2 | 2018-10-12 13:20:49 -0700 | [diff] [blame] | 53 | if (endian::from_ipmi(request->managedSystemSessionID) == |
Suryakanth Sekar | f8a34fc | 2019-06-12 20:59:18 +0530 | [diff] [blame] | 54 | session::sessionZero) |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 55 | { |
George Liu | 7b7f25f | 2022-07-04 17:07:32 +0800 | [diff] [blame] | 56 | lg2::info("RAKP12: BMC invalid Session ID"); |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 57 | response->rmcpStatusCode = |
| 58 | static_cast<uint8_t>(RAKP_ReturnCode::INVALID_SESSION_ID); |
| 59 | return outPayload; |
| 60 | } |
| 61 | |
| 62 | std::shared_ptr<session::Session> session; |
| 63 | try |
| 64 | { |
Vernon Mauery | 2085ae0 | 2021-06-10 11:51:00 -0700 | [diff] [blame] | 65 | session = session::Manager::get().getSession( |
| 66 | endian::from_ipmi(request->managedSystemSessionID)); |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 67 | } |
Patrick Williams | 12d199b | 2021-10-06 12:36:48 -0500 | [diff] [blame] | 68 | catch (const std::exception& e) |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 69 | { |
George Liu | 7b7f25f | 2022-07-04 17:07:32 +0800 | [diff] [blame] | 70 | lg2::error("RAKP12 : session not found: {ERROR}", "ERROR", e); |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 71 | response->rmcpStatusCode = |
| 72 | static_cast<uint8_t>(RAKP_ReturnCode::INVALID_SESSION_ID); |
| 73 | return outPayload; |
| 74 | } |
| 75 | |
Vernon Mauery | 9e801a2 | 2018-10-12 13:20:49 -0700 | [diff] [blame] | 76 | auto rakp1Size = |
| 77 | sizeof(RAKP1request) - (userNameMaxLen - request->user_name_len); |
Tom Joseph | 56527b9 | 2018-03-21 19:31:58 +0530 | [diff] [blame] | 78 | |
sunitakx | 0e0546f | 2021-06-15 08:57:10 +0000 | [diff] [blame] | 79 | std::string message = "Invalid login attempted via RCMPP interface "; |
Tom Joseph | 56527b9 | 2018-03-21 19:31:58 +0530 | [diff] [blame] | 80 | // Validate user name length in the message |
| 81 | if (request->user_name_len > userNameMaxLen || |
Vernon Mauery | 9e801a2 | 2018-10-12 13:20:49 -0700 | [diff] [blame] | 82 | inPayload.size() != rakp1Size) |
Tom Joseph | 56527b9 | 2018-03-21 19:31:58 +0530 | [diff] [blame] | 83 | { |
| 84 | response->rmcpStatusCode = |
| 85 | static_cast<uint8_t>(RAKP_ReturnCode::INVALID_NAME_LENGTH); |
sunitakx | 0e0546f | 2021-06-15 08:57:10 +0000 | [diff] [blame] | 86 | logInvalidLoginRedfishEvent(message); |
Tom Joseph | 56527b9 | 2018-03-21 19:31:58 +0530 | [diff] [blame] | 87 | return outPayload; |
| 88 | } |
| 89 | |
| 90 | session->userName.assign(request->user_name, request->user_name_len); |
| 91 | |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 92 | // Update transaction time |
| 93 | session->updateLastTransactionTime(); |
| 94 | |
| 95 | auto rcSessionID = endian::to_ipmi(session->getRCSessionID()); |
| 96 | auto bmcSessionID = endian::to_ipmi(session->getBMCSessionID()); |
| 97 | auto authAlgo = session->getAuthAlgo(); |
| 98 | |
| 99 | /* |
| 100 | * Generate Key Authentication Code - RAKP 2 |
| 101 | * |
| 102 | * 1) Remote Console Session ID - 4 bytes |
| 103 | * 2) Managed System Session ID - 4 bytes |
| 104 | * 3) Remote Console Random Number - 16 bytes |
| 105 | * 4) Managed System Random Number - 16 bytes |
| 106 | * 5) Managed System GUID - 16 bytes |
| 107 | * 6) Requested Privilege Level - 1 byte |
| 108 | * 7) User Name Length Byte - 1 byte (0 for 'null' username) |
| 109 | * 8) User Name - variable (absent for 'null' username) |
| 110 | */ |
| 111 | |
| 112 | std::vector<uint8_t> input; |
| 113 | input.resize(sizeof(rcSessionID) + sizeof(bmcSessionID) + |
| 114 | cipher::rakp_auth::REMOTE_CONSOLE_RANDOM_NUMBER_LEN + |
Vernon Mauery | 9e801a2 | 2018-10-12 13:20:49 -0700 | [diff] [blame] | 115 | cipher::rakp_auth::BMC_RANDOM_NUMBER_LEN + BMC_GUID_LEN + |
| 116 | sizeof(request->req_max_privilege_level) + |
| 117 | sizeof(request->user_name_len) + session->userName.size()); |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 118 | |
| 119 | auto iter = input.begin(); |
| 120 | |
| 121 | // Remote Console Session ID |
Vernon Mauery | 9e801a2 | 2018-10-12 13:20:49 -0700 | [diff] [blame] | 122 | std::copy_n(reinterpret_cast<uint8_t*>(&rcSessionID), sizeof(rcSessionID), |
| 123 | iter); |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 124 | std::advance(iter, sizeof(rcSessionID)); |
| 125 | |
| 126 | // Managed System Session ID |
| 127 | std::copy_n(reinterpret_cast<uint8_t*>(&bmcSessionID), sizeof(bmcSessionID), |
| 128 | iter); |
| 129 | std::advance(iter, sizeof(bmcSessionID)); |
| 130 | |
| 131 | // Copy the Remote Console Random Number from the RAKP1 request to the |
| 132 | // Authentication Algorithm |
Vernon Mauery | 9e801a2 | 2018-10-12 13:20:49 -0700 | [diff] [blame] | 133 | std::copy_n( |
| 134 | reinterpret_cast<const uint8_t*>(request->remote_console_random_number), |
| 135 | cipher::rakp_auth::REMOTE_CONSOLE_RANDOM_NUMBER_LEN, |
| 136 | authAlgo->rcRandomNum.begin()); |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 137 | |
Vernon Mauery | 9e801a2 | 2018-10-12 13:20:49 -0700 | [diff] [blame] | 138 | std::copy(authAlgo->rcRandomNum.begin(), authAlgo->rcRandomNum.end(), iter); |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 139 | std::advance(iter, cipher::rakp_auth::REMOTE_CONSOLE_RANDOM_NUMBER_LEN); |
| 140 | |
| 141 | // Generate the Managed System Random Number |
| 142 | if (!RAND_bytes(input.data() + sizeof(rcSessionID) + sizeof(bmcSessionID) + |
Vernon Mauery | 9e801a2 | 2018-10-12 13:20:49 -0700 | [diff] [blame] | 143 | cipher::rakp_auth::REMOTE_CONSOLE_RANDOM_NUMBER_LEN, |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 144 | cipher::rakp_auth::BMC_RANDOM_NUMBER_LEN)) |
| 145 | { |
| 146 | response->rmcpStatusCode = |
| 147 | static_cast<uint8_t>(RAKP_ReturnCode::INSUFFICIENT_RESOURCE); |
| 148 | return outPayload; |
| 149 | } |
Richard Marian Thomaiyar | d5a4f45 | 2019-01-16 12:15:44 +0530 | [diff] [blame] | 150 | // As stated in Set Session Privilege Level command in IPMI Spec, when |
jayaprakash Mutyala | 2555e2e | 2019-12-24 22:51:46 +0000 | [diff] [blame] | 151 | // creating a session through Activate command / RAKP 1 message, it must |
| 152 | // be established with USER privilege as well as all other sessions are |
| 153 | // initially set to USER privilege, regardless of the requested maximum |
| 154 | // privilege. |
| 155 | if (!(static_cast<session::Privilege>(request->req_max_privilege_level & |
| 156 | session::reqMaxPrivMask) > |
| 157 | session::Privilege::CALLBACK)) |
Richard Marian Thomaiyar | d5a4f45 | 2019-01-16 12:15:44 +0530 | [diff] [blame] | 158 | { |
jayaprakash Mutyala | 2555e2e | 2019-12-24 22:51:46 +0000 | [diff] [blame] | 159 | response->rmcpStatusCode = |
| 160 | static_cast<uint8_t>(RAKP_ReturnCode::UNAUTH_ROLE_PRIV); |
| 161 | return outPayload; |
Richard Marian Thomaiyar | d5a4f45 | 2019-01-16 12:15:44 +0530 | [diff] [blame] | 162 | } |
jayaprakash Mutyala | 2555e2e | 2019-12-24 22:51:46 +0000 | [diff] [blame] | 163 | session->currentPrivilege(static_cast<uint8_t>(session::Privilege::USER)); |
| 164 | |
Tom Joseph | 4021b1f | 2019-02-12 10:10:12 +0530 | [diff] [blame] | 165 | session->reqMaxPrivLevel = |
| 166 | static_cast<session::Privilege>(request->req_max_privilege_level); |
Richard Marian Thomaiyar | d91fd9d | 2018-12-06 12:03:50 +0530 | [diff] [blame] | 167 | if (request->user_name_len == 0) |
Richard Marian Thomaiyar | 127748a | 2018-09-06 07:08:51 +0530 | [diff] [blame] | 168 | { |
Richard Marian Thomaiyar | d91fd9d | 2018-12-06 12:03:50 +0530 | [diff] [blame] | 169 | // Bail out, if user name is not specified. |
| 170 | // Yes, NULL user name is not supported for security reasons. |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 171 | response->rmcpStatusCode = |
| 172 | static_cast<uint8_t>(RAKP_ReturnCode::UNAUTH_NAME); |
sunitakx | 0e0546f | 2021-06-15 08:57:10 +0000 | [diff] [blame] | 173 | logInvalidLoginRedfishEvent(message); |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 174 | return outPayload; |
Richard Marian Thomaiyar | d2563c5 | 2018-11-29 11:49:10 +0530 | [diff] [blame] | 175 | } |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 176 | |
| 177 | // Perform user name based lookup |
| 178 | std::string userName(request->user_name, request->user_name_len); |
Jayaprakash Mutyala | 05c1447 | 2020-10-19 10:26:24 +0000 | [diff] [blame] | 179 | ipmi::SecureString passwd; |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 180 | uint8_t userId = ipmi::ipmiUserGetUserId(userName); |
| 181 | if (userId == ipmi::invalidUserId) |
| 182 | { |
| 183 | response->rmcpStatusCode = |
| 184 | static_cast<uint8_t>(RAKP_ReturnCode::UNAUTH_NAME); |
sunitakx | 0e0546f | 2021-06-15 08:57:10 +0000 | [diff] [blame] | 185 | logInvalidLoginRedfishEvent(message); |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 186 | return outPayload; |
| 187 | } |
| 188 | // check user is enabled before proceeding. |
| 189 | bool userEnabled = false; |
| 190 | ipmi::ipmiUserCheckEnabled(userId, userEnabled); |
| 191 | if (!userEnabled) |
| 192 | { |
| 193 | response->rmcpStatusCode = |
| 194 | static_cast<uint8_t>(RAKP_ReturnCode::INACTIVE_ROLE); |
sunitakx | 0e0546f | 2021-06-15 08:57:10 +0000 | [diff] [blame] | 195 | logInvalidLoginRedfishEvent(message); |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 196 | return outPayload; |
| 197 | } |
Richard Marian Thomaiyar | 4c4694e | 2019-06-20 16:36:49 +0530 | [diff] [blame] | 198 | // Get the user password for RAKP message authenticate |
| 199 | passwd = ipmi::ipmiUserGetPassword(userName); |
| 200 | if (passwd.empty()) |
| 201 | { |
| 202 | response->rmcpStatusCode = |
| 203 | static_cast<uint8_t>(RAKP_ReturnCode::UNAUTH_NAME); |
sunitakx | 0e0546f | 2021-06-15 08:57:10 +0000 | [diff] [blame] | 204 | logInvalidLoginRedfishEvent(message); |
Richard Marian Thomaiyar | 4c4694e | 2019-06-20 16:36:49 +0530 | [diff] [blame] | 205 | return outPayload; |
| 206 | } |
Ayushi Smriti | b31e969 | 2019-05-15 12:06:51 +0000 | [diff] [blame] | 207 | // Check whether user is already locked for failed attempts |
| 208 | if (!ipmi::ipmiUserPamAuthenticate(userName, passwd)) |
| 209 | { |
George Liu | 7b7f25f | 2022-07-04 17:07:32 +0800 | [diff] [blame] | 210 | lg2::error( |
| 211 | "Authentication failed - user already locked out, user id: {ID}", |
| 212 | "ID", userId); |
Ayushi Smriti | b31e969 | 2019-05-15 12:06:51 +0000 | [diff] [blame] | 213 | |
| 214 | response->rmcpStatusCode = |
| 215 | static_cast<uint8_t>(RAKP_ReturnCode::UNAUTH_NAME); |
sunitakx | 0e0546f | 2021-06-15 08:57:10 +0000 | [diff] [blame] | 216 | logInvalidLoginRedfishEvent(message); |
Ayushi Smriti | b31e969 | 2019-05-15 12:06:51 +0000 | [diff] [blame] | 217 | return outPayload; |
| 218 | } |
Saravanan Palanisamy | d9c86bb | 2019-08-07 17:57:37 +0000 | [diff] [blame] | 219 | |
| 220 | uint8_t chNum = static_cast<uint8_t>(getInterfaceIndex()); |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 221 | // Get channel based access information |
Richard Marian Thomaiyar | 992e53c | 2019-03-03 13:30:46 +0530 | [diff] [blame] | 222 | if ((ipmi::ipmiUserGetPrivilegeAccess( |
| 223 | userId, chNum, session->sessionUserPrivAccess) != IPMI_CC_OK) || |
| 224 | (ipmi::getChannelAccessData(chNum, session->sessionChannelAccess) != |
| 225 | IPMI_CC_OK)) |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 226 | { |
| 227 | response->rmcpStatusCode = |
| 228 | static_cast<uint8_t>(RAKP_ReturnCode::INACTIVE_ROLE); |
sunitakx | 0e0546f | 2021-06-15 08:57:10 +0000 | [diff] [blame] | 229 | logInvalidLoginRedfishEvent(message); |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 230 | return outPayload; |
| 231 | } |
AppaRao Puli | ecb32fb | 2020-07-01 22:55:38 +0530 | [diff] [blame] | 232 | if (!isChannelAccessModeEnabled(session->sessionChannelAccess.accessMode)) |
| 233 | { |
George Liu | 7b7f25f | 2022-07-04 17:07:32 +0800 | [diff] [blame] | 234 | lg2::error("Channel access mode disabled."); |
AppaRao Puli | ecb32fb | 2020-07-01 22:55:38 +0530 | [diff] [blame] | 235 | response->rmcpStatusCode = |
| 236 | static_cast<uint8_t>(RAKP_ReturnCode::INACTIVE_ROLE); |
sunitakx | 0e0546f | 2021-06-15 08:57:10 +0000 | [diff] [blame] | 237 | logInvalidLoginRedfishEvent(message); |
AppaRao Puli | ecb32fb | 2020-07-01 22:55:38 +0530 | [diff] [blame] | 238 | return outPayload; |
| 239 | } |
Richard Marian Thomaiyar | 992e53c | 2019-03-03 13:30:46 +0530 | [diff] [blame] | 240 | if (session->sessionUserPrivAccess.privilege > |
| 241 | static_cast<uint8_t>(session::Privilege::OEM)) |
Richard Marian Thomaiyar | 7e5d38d | 2019-03-02 22:11:41 +0530 | [diff] [blame] | 242 | { |
| 243 | response->rmcpStatusCode = |
| 244 | static_cast<uint8_t>(RAKP_ReturnCode::INACTIVE_ROLE); |
sunitakx | 0e0546f | 2021-06-15 08:57:10 +0000 | [diff] [blame] | 245 | logInvalidLoginRedfishEvent(message); |
Richard Marian Thomaiyar | 7e5d38d | 2019-03-02 22:11:41 +0530 | [diff] [blame] | 246 | return outPayload; |
| 247 | } |
Suryakanth Sekar | f8a34fc | 2019-06-12 20:59:18 +0530 | [diff] [blame] | 248 | session->channelNum(chNum); |
| 249 | session->userID(userId); |
jayaprakash Mutyala | 2555e2e | 2019-12-24 22:51:46 +0000 | [diff] [blame] | 250 | // minimum privilege of Channel / User / session::privilege::USER |
Richard Marian Thomaiyar | d5a4f45 | 2019-01-16 12:15:44 +0530 | [diff] [blame] | 251 | // has to be used as session current privilege level |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 252 | uint8_t minPriv = 0; |
Richard Marian Thomaiyar | 992e53c | 2019-03-03 13:30:46 +0530 | [diff] [blame] | 253 | if (session->sessionChannelAccess.privLimit < |
| 254 | session->sessionUserPrivAccess.privilege) |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 255 | { |
Richard Marian Thomaiyar | 992e53c | 2019-03-03 13:30:46 +0530 | [diff] [blame] | 256 | minPriv = session->sessionChannelAccess.privLimit; |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 257 | } |
| 258 | else |
| 259 | { |
Richard Marian Thomaiyar | 992e53c | 2019-03-03 13:30:46 +0530 | [diff] [blame] | 260 | minPriv = session->sessionUserPrivAccess.privilege; |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 261 | } |
Suryakanth Sekar | f8a34fc | 2019-06-12 20:59:18 +0530 | [diff] [blame] | 262 | if (session->currentPrivilege() > minPriv) |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 263 | { |
Suryakanth Sekar | f8a34fc | 2019-06-12 20:59:18 +0530 | [diff] [blame] | 264 | session->currentPrivilege(static_cast<uint8_t>(minPriv)); |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 265 | } |
Richard Marian Thomaiyar | d91fd9d | 2018-12-06 12:03:50 +0530 | [diff] [blame] | 266 | // For username / privilege lookup, fail with UNAUTH_NAME, if requested |
Richard Marian Thomaiyar | d8e92fe | 2019-01-16 11:56:23 +0530 | [diff] [blame] | 267 | // max privilege does not match user privilege |
Richard Marian Thomaiyar | d91fd9d | 2018-12-06 12:03:50 +0530 | [diff] [blame] | 268 | if (((request->req_max_privilege_level & userNameOnlyLookupMask) == |
| 269 | userNamePrivLookup) && |
Richard Marian Thomaiyar | d8e92fe | 2019-01-16 11:56:23 +0530 | [diff] [blame] | 270 | ((request->req_max_privilege_level & session::reqMaxPrivMask) != |
Richard Marian Thomaiyar | 992e53c | 2019-03-03 13:30:46 +0530 | [diff] [blame] | 271 | session->sessionUserPrivAccess.privilege)) |
Richard Marian Thomaiyar | d91fd9d | 2018-12-06 12:03:50 +0530 | [diff] [blame] | 272 | { |
George Liu | 7b7f25f | 2022-07-04 17:07:32 +0800 | [diff] [blame] | 273 | lg2::info("Username/Privilege lookup failed for requested privilege"); |
Richard Marian Thomaiyar | d91fd9d | 2018-12-06 12:03:50 +0530 | [diff] [blame] | 274 | response->rmcpStatusCode = |
| 275 | static_cast<uint8_t>(RAKP_ReturnCode::UNAUTH_NAME); |
sunitakx | 0e0546f | 2021-06-15 08:57:10 +0000 | [diff] [blame] | 276 | |
| 277 | logInvalidLoginRedfishEvent(message); |
Richard Marian Thomaiyar | d91fd9d | 2018-12-06 12:03:50 +0530 | [diff] [blame] | 278 | return outPayload; |
| 279 | } |
Richard Marian Thomaiyar | 99b8784 | 2018-12-06 21:35:43 +0530 | [diff] [blame] | 280 | |
| 281 | std::fill(authAlgo->userKey.data(), |
| 282 | authAlgo->userKey.data() + authAlgo->userKey.size(), 0); |
| 283 | std::copy_n(passwd.c_str(), passwd.size(), authAlgo->userKey.data()); |
| 284 | |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 285 | // Copy the Managed System Random Number to the Authentication Algorithm |
| 286 | std::copy_n(iter, cipher::rakp_auth::BMC_RANDOM_NUMBER_LEN, |
| 287 | authAlgo->bmcRandomNum.begin()); |
| 288 | std::advance(iter, cipher::rakp_auth::BMC_RANDOM_NUMBER_LEN); |
| 289 | |
| 290 | // Managed System GUID |
Tom Joseph | 83029cb | 2017-09-01 16:37:31 +0530 | [diff] [blame] | 291 | std::copy_n(cache::guid.data(), cache::guid.size(), iter); |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 292 | std::advance(iter, BMC_GUID_LEN); |
| 293 | |
| 294 | // Requested Privilege Level |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 295 | std::copy_n(&(request->req_max_privilege_level), |
| 296 | sizeof(request->req_max_privilege_level), iter); |
| 297 | std::advance(iter, sizeof(request->req_max_privilege_level)); |
| 298 | |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 299 | // User Name Length Byte |
| 300 | std::copy_n(&(request->user_name_len), sizeof(request->user_name_len), |
| 301 | iter); |
Tom Joseph | 56527b9 | 2018-03-21 19:31:58 +0530 | [diff] [blame] | 302 | std::advance(iter, sizeof(request->user_name_len)); |
| 303 | |
| 304 | std::copy_n(session->userName.data(), session->userName.size(), iter); |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 305 | |
| 306 | // Generate Key Exchange Authentication Code - RAKP2 |
| 307 | auto output = authAlgo->generateHMAC(input); |
| 308 | |
| 309 | response->messageTag = request->messageTag; |
| 310 | response->rmcpStatusCode = static_cast<uint8_t>(RAKP_ReturnCode::NO_ERROR); |
| 311 | response->reserved = 0; |
Vernon Mauery | 9e801a2 | 2018-10-12 13:20:49 -0700 | [diff] [blame] | 312 | response->remoteConsoleSessionID = rcSessionID; |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 313 | |
| 314 | // Copy Managed System Random Number to the Response |
| 315 | std::copy(authAlgo->bmcRandomNum.begin(), authAlgo->bmcRandomNum.end(), |
| 316 | response->managed_system_random_number); |
| 317 | |
| 318 | // Copy System GUID to the Response |
Vernon Mauery | 9e801a2 | 2018-10-12 13:20:49 -0700 | [diff] [blame] | 319 | std::copy_n(cache::guid.data(), cache::guid.size(), |
Tom Joseph | 83029cb | 2017-09-01 16:37:31 +0530 | [diff] [blame] | 320 | response->managed_system_guid); |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 321 | |
| 322 | // Insert the HMAC output into the payload |
| 323 | outPayload.insert(outPayload.end(), output.begin(), output.end()); |
Tom Joseph | 8bb10b7 | 2016-12-06 17:47:56 +0530 | [diff] [blame] | 324 | return outPayload; |
| 325 | } |
| 326 | |
| 327 | } // namespace command |