xref: /openbmc/phosphor-net-ipmid/command/channel_auth.hpp (revision 7b534095425121afd42d669655a902aaaea5716b) 
1  #pragma once
2  
3  #include "message_handler.hpp"
4  
5  #include <vector>
6  
7  namespace command
8  {
9  
10  /**
11   * @struct GetChannelCapabilitiesReq
12   *
13   * IPMI Request data for Get Channel Authentication Capabilities command
14   */
15  struct GetChannelCapabilitiesReq
16  {
17      uint8_t channelNumber;
18      uint8_t reqMaxPrivLevel;
19  } __attribute__((packed));
20  
21  /**
22   * @struct GetChannelCapabilitiesResp
23   *
24   * IPMI Response data for Get Channel Authentication Capabilities command
25   */
26  struct GetChannelCapabilitiesResp
27  {
28      uint8_t completionCode; // Completion Code
29  
30      uint8_t channelNumber;  // Channel number that the request was
31      // received on
32  
33  #if BYTE_ORDER == LITTLE_ENDIAN
34      uint8_t none:1;
35      uint8_t md2:1;
36      uint8_t md5:1;
37      uint8_t reserved2:1;
38      uint8_t straightKey:1; // Straight password/key support
39      // Support OEM identified by the IANA OEM ID in RMCP+ ping response
40      uint8_t oem:1;
41      uint8_t reserved1:1;
42      uint8_t ipmiVersion:1; // 0b = IPMIV1.5 support only, 1B = IPMI V2.0
43      // support
44  #endif
45  
46  #if BYTE_ORDER == BIG_ENDIAN
47      uint8_t ipmiVersion:1; // 0b = IPMIV1.5 support only, 1B = IPMI V2.0
48      // support
49      uint8_t reserved1:1;
50      // Support OEM identified by the IANA OEM ID in RMCP+ ping response
51      uint8_t oem:1;
52      uint8_t straightKey:1; // Straight password/key support
53      uint8_t reserved2:1;
54      uint8_t md5:1;
55      uint8_t md2:1;
56      uint8_t none:1;
57  #endif
58  
59  #if BYTE_ORDER == LITTLE_ENDIAN
60      // Anonymous login status for anonymous login enabled/disabled
61      uint8_t anonymousLogin:1;
62      // Anonymous login status for null usernames enabled/disabled
63      uint8_t nullUsers:1;
64      // Anonymous login status for non-null usernames enabled/disabled
65      uint8_t nonNullUsers:1;
66      uint8_t userAuth:1;       // User level authentication status
67      uint8_t perMessageAuth:1; // Per-message authentication support
68      // Two key login status . only for IPMI V2.0 RMCP+ RAKP
69      uint8_t KGStatus:1;
70      uint8_t reserved3:2;
71  #endif
72  
73  #if BYTE_ORDER == BIG_ENDIAN
74      uint8_t reserved3:2;
75      // Two key login status . only for IPMI V2.0 RMCP+ RAKP
76      uint8_t KGStatus:1;
77      uint8_t perMessageAuth:1; // Per-message authentication support
78      uint8_t userAuth:1;       // User level authentication status
79      // Anonymous login status for non-null usernames enabled/disabled
80      uint8_t nonNullUsers:1;
81      // Anonymous login status for null usernames enabled/disabled
82      uint8_t nullUsers:1;
83      // Anonymous login status for anonymous login enabled/disabled
84      uint8_t anonymousLogin:1;
85  #endif
86  
87  #if BYTE_ORDER == LITTLE_ENDIAN
88      // Extended capabilities will be present only if IPMI version is V2.0
89      uint8_t extCapabilities:2; // Channel support for IPMI V2.0 connections
90      uint8_t reserved4:6;
91  #endif
92  
93  #if BYTE_ORDER == BIG_ENDIAN
94      // Extended capabilities will be present only if IPMI version is V2.0
95      uint8_t reserved4:6;
96      uint8_t extCapabilities:2; // Channel support for IPMI V2.0 connections
97  #endif
98  
99      // Below 4 bytes will all the 0's if no OEM authentication type available.
100      uint8_t oemID[3];     // IANA enterprise number for OEM/organization
101      uint8_t oemAuxillary; // Addition OEM specific information..
102  } __attribute__((packed));
103  
104  /**
105   * @brief Get Channel Authentication Capabilities
106   *
107   * This message exchange provides a way for a remote console to discover what
108   * IPMI version is supported i.e. whether or not the BMC supports the IPMI
109   * v2.0 / RMCP+ packet format. It also provides information that the remote
110   * console can use to determine whether anonymous, “one-key”, or “two-key”
111   * logins are used.This information can guide a remote console in how it
112   * presents queries to users for username and password information. This is a
113   * ‘session-less’ command that the BMC accepts in both IPMI v1.5 and v2.0/RMCP+
114   * packet formats.
115   *
116   * @param[in] inPayload - Request Data for the command
117   * @param[in] handler - Reference to the Message Handler
118   *
119   * @return Response data for the command
120   */
121  std::vector<uint8_t>
122      GetChannelCapabilities(const std::vector<uint8_t>& inPayload,
123                             std::shared_ptr<message::Handler>& handler);
124  
125  /**
126   * @brief Get Channel Cipher Suites
127   *
128   * This command is used to look up what authentication, integrity, and
129   * confidentiality algorithms are supported. The algorithms are used in
130   * combination as ‘Cipher Suites’. This command only applies to implementations
131   * that support IPMI v2.0/RMCP+ sessions. This command can be executed prior to
132   * establishing a session with the BMC.
133   *
134   * @param[in] inPayload - Request Data for the command
135   * @param[in] handler - Reference to the Message Handler
136   *
137   * @return Response data for the command
138   */
139  std::vector<uint8_t>
140      getChannelCipherSuites(const std::vector<uint8_t>& inPayload,
141                             std::shared_ptr<message::Handler>& handler);
142  
143  } // namespace command
144