1*4654d99fSRichard Marian Thomaiyar /* 2*4654d99fSRichard Marian Thomaiyar // Copyright (c) 2018 Intel Corporation 3*4654d99fSRichard Marian Thomaiyar // 4*4654d99fSRichard Marian Thomaiyar // Licensed under the Apache License, Version 2.0 (the "License"); 5*4654d99fSRichard Marian Thomaiyar // you may not use this file except in compliance with the License. 6*4654d99fSRichard Marian Thomaiyar // You may obtain a copy of the License at 7*4654d99fSRichard Marian Thomaiyar // 8*4654d99fSRichard Marian Thomaiyar // http://www.apache.org/licenses/LICENSE-2.0 9*4654d99fSRichard Marian Thomaiyar // 10*4654d99fSRichard Marian Thomaiyar // Unless required by applicable law or agreed to in writing, software 11*4654d99fSRichard Marian Thomaiyar // distributed under the License is distributed on an "AS IS" BASIS, 12*4654d99fSRichard Marian Thomaiyar // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13*4654d99fSRichard Marian Thomaiyar // See the License for the specific language governing permissions and 14*4654d99fSRichard Marian Thomaiyar // limitations under the License. 15*4654d99fSRichard Marian Thomaiyar */ 16*4654d99fSRichard Marian Thomaiyar #pragma once 17*4654d99fSRichard Marian Thomaiyar #include <openssl/evp.h> 18*4654d99fSRichard Marian Thomaiyar 19*4654d99fSRichard Marian Thomaiyar #include <ctime> 20*4654d99fSRichard Marian Thomaiyar #include <unordered_map> 21*4654d99fSRichard Marian Thomaiyar 22*4654d99fSRichard Marian Thomaiyar namespace ipmi 23*4654d99fSRichard Marian Thomaiyar { 24*4654d99fSRichard Marian Thomaiyar 25*4654d99fSRichard Marian Thomaiyar class PasswdMgr 26*4654d99fSRichard Marian Thomaiyar { 27*4654d99fSRichard Marian Thomaiyar public: 28*4654d99fSRichard Marian Thomaiyar ~PasswdMgr() = default; 29*4654d99fSRichard Marian Thomaiyar PasswdMgr(const PasswdMgr&) = delete; 30*4654d99fSRichard Marian Thomaiyar PasswdMgr& operator=(const PasswdMgr&) = delete; 31*4654d99fSRichard Marian Thomaiyar PasswdMgr(PasswdMgr&&) = delete; 32*4654d99fSRichard Marian Thomaiyar PasswdMgr& operator=(PasswdMgr&&) = delete; 33*4654d99fSRichard Marian Thomaiyar 34*4654d99fSRichard Marian Thomaiyar /** @brief Constructs user password list 35*4654d99fSRichard Marian Thomaiyar * 36*4654d99fSRichard Marian Thomaiyar */ 37*4654d99fSRichard Marian Thomaiyar PasswdMgr(); 38*4654d99fSRichard Marian Thomaiyar 39*4654d99fSRichard Marian Thomaiyar /** @brief Get password for the user 40*4654d99fSRichard Marian Thomaiyar * 41*4654d99fSRichard Marian Thomaiyar * @param[in] userName - user name 42*4654d99fSRichard Marian Thomaiyar * 43*4654d99fSRichard Marian Thomaiyar * @return password string. will return empty string, if unable to locate 44*4654d99fSRichard Marian Thomaiyar * the user 45*4654d99fSRichard Marian Thomaiyar */ 46*4654d99fSRichard Marian Thomaiyar std::string getPasswdByUserName(const std::string& userName); 47*4654d99fSRichard Marian Thomaiyar 48*4654d99fSRichard Marian Thomaiyar private: 49*4654d99fSRichard Marian Thomaiyar using UserName = std::string; 50*4654d99fSRichard Marian Thomaiyar using Password = std::string; 51*4654d99fSRichard Marian Thomaiyar std::unordered_map<UserName, Password> passwdMapList; 52*4654d99fSRichard Marian Thomaiyar std::time_t fileLastUpdatedTime; 53*4654d99fSRichard Marian Thomaiyar /** @brief check timestamp and reload password map if required 54*4654d99fSRichard Marian Thomaiyar * 55*4654d99fSRichard Marian Thomaiyar */ 56*4654d99fSRichard Marian Thomaiyar void checkAndReload(void); 57*4654d99fSRichard Marian Thomaiyar /** @brief initializes passwdMapList by reading the encrypted file 58*4654d99fSRichard Marian Thomaiyar * 59*4654d99fSRichard Marian Thomaiyar * Initializes the passwordMapList members after decrypting the 60*4654d99fSRichard Marian Thomaiyar * password file. passwordMapList will be used further in IPMI 61*4654d99fSRichard Marian Thomaiyar * authentication. 62*4654d99fSRichard Marian Thomaiyar */ 63*4654d99fSRichard Marian Thomaiyar void initPasswordMap(void); 64*4654d99fSRichard Marian Thomaiyar /** @brief decrypts the data provided 65*4654d99fSRichard Marian Thomaiyar * 66*4654d99fSRichard Marian Thomaiyar * @param[in] cipher - cipher to be used 67*4654d99fSRichard Marian Thomaiyar * @param[in] key - pointer to the key 68*4654d99fSRichard Marian Thomaiyar * @param[in] keyLen - Length of the key to be used 69*4654d99fSRichard Marian Thomaiyar * @param[in] iv - pointer to initialization vector 70*4654d99fSRichard Marian Thomaiyar * @param[in] ivLen - Length of the iv 71*4654d99fSRichard Marian Thomaiyar * @param[in] inBytes - input data to be encrypted / decrypted 72*4654d99fSRichard Marian Thomaiyar * @param[in] inBytesLen - input size to be decrypted 73*4654d99fSRichard Marian Thomaiyar * @param[in] mac - message authentication code - to figure out corruption 74*4654d99fSRichard Marian Thomaiyar * @param[in] macLen - size of MAC 75*4654d99fSRichard Marian Thomaiyar * @param[in] outBytes - ptr to store output bytes 76*4654d99fSRichard Marian Thomaiyar * @param[in] outBytesLen - outbut data length. 77*4654d99fSRichard Marian Thomaiyar * 78*4654d99fSRichard Marian Thomaiyar * @return error response 79*4654d99fSRichard Marian Thomaiyar */ 80*4654d99fSRichard Marian Thomaiyar int decrypt(const EVP_CIPHER* cipher, uint8_t* key, size_t keyLen, 81*4654d99fSRichard Marian Thomaiyar uint8_t* iv, size_t ivLen, uint8_t* inBytes, size_t inBytesLen, 82*4654d99fSRichard Marian Thomaiyar uint8_t* mac, size_t macLen, uint8_t* outBytes, 83*4654d99fSRichard Marian Thomaiyar size_t* outBytesLen); 84*4654d99fSRichard Marian Thomaiyar }; 85*4654d99fSRichard Marian Thomaiyar 86*4654d99fSRichard Marian Thomaiyar } // namespace ipmi 87