1 #pragma once
2 
3 #include "comm_module.hpp"
4 #include "message_handler.hpp"
5 
6 #include <cstddef>
7 #include <vector>
8 
9 namespace command
10 {
11 
12 constexpr size_t userNameMaxLen = 16;
13 
14 constexpr uint8_t userNameOnlyLookupMask = 0x10;
15 constexpr uint8_t userNameOnlyLookup = 0x10;
16 constexpr uint8_t userNamePrivLookup = 0x0;
17 
18 /**
19  * @struct RAKP1request
20  *
21  * IPMI Payload for RAKP Message 1
22  */
23 struct RAKP1request
24 {
25     uint8_t messageTag;
26     uint8_t reserved1;
27     uint16_t reserved2;
28     uint32_t managedSystemSessionID;
29     uint8_t remote_console_random_number[16];
30     uint8_t req_max_privilege_level;
31     uint16_t reserved3;
32     uint8_t user_name_len;
33     char user_name[userNameMaxLen];
34 } __attribute__((packed));
35 
36 /**
37  * @struct RAKP2response
38  *
39  * IPMI Payload for RAKP Message 2
40  */
41 struct RAKP2response
42 {
43     uint8_t messageTag;
44     uint8_t rmcpStatusCode;
45     uint16_t reserved;
46     uint32_t remoteConsoleSessionID;
47     uint8_t managed_system_random_number[16];
48     uint8_t managed_system_guid[16];
49 } __attribute__((packed));
50 
51 /**
52  * @brief RAKP Message 1, RAKP Message 2
53  *
54  * These messages are used to exchange random number and identification
55  * information between the BMC and the remote console that are, in effect,
56  * mutual challenges for a challenge/response. (Unlike IPMI v1.5, the v2.0/RMCP+
57  * challenge/response is symmetric. I.e. the remote console and BMC both issues
58  * challenges,and both need to provide valid responses for the session to be
59  * activated.)
60  *
61  * The remote console request (RAKP Message 1) passes a random number and
62  * username/privilege information that the BMC will later use to ‘sign’ a
63  * response message based on key information associated with the user and the
64  * Authentication Algorithm negotiated in the Open Session Request/Response
65  * exchange. The BMC responds with RAKP Message 2 and passes a random number and
66  * GUID (globally unique ID) for the managed system that the remote console
67  * uses according the Authentication Algorithm to sign a response back to the
68  * BMC.
69  *
70  * @param[in] inPayload - Request Data for the command
71  * @param[in] handler - Reference to the Message Handler
72  *
73  * @return Response data for the command
74  */
75 std::vector<uint8_t> RAKP12(const std::vector<uint8_t>& inPayload,
76                             std::shared_ptr<message::Handler>& handler);
77 /**
78  *@brief Log Redfish event for invalid login attempted on RMCPP interface
79  *
80  * @param[in] journalMsg - Show journal Debug Message in journal logs
81  * @param[in] redfishMsg - Log Redfish Event Message
82  *
83  */
84 void logInvalidLoginRedfishEvent(
85     const std::string& journalMsg,
86     const std::optional<std::string>& messageArgs = "RMCPP");
87 } // namespace command
88