From affadb557aa54d0631db64c8ccbdd320543c5033 Mon Sep 17 00:00:00 2001
From: Johnathan Mantey <johnathanx.mantey@intel.com>
Date: Mon, 7 Oct 2019 10:13:53 -0700
Subject: Restore IPMI RMCP+ cipher suite commands

The work done to migrate this file from the old IPMI calling structure
to the new calling structure removed the RMCP+ cipher suite
commands. The prior commit was approved on the condition these
commands be restored.

Tested:
ipmitool raw 0xc 2 1 22 0 0 ; returns correct cipher count
ipmitool raw 0xc 2 1 23 0 0 ; returns the active cipher ID's

Change-Id: Ie0ac0fb066f53772174e7e61d2c81ae876b6c2e3
Signed-off-by: Johnathan Mantey <johnathanx.mantey@intel.com>
---
 transporthandler.cpp | 77 ++++++++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 71 insertions(+), 6 deletions(-)

diff --git a/transporthandler.cpp b/transporthandler.cpp
index e88eb63..b48cbd0 100644
--- a/transporthandler.cpp
+++ b/transporthandler.cpp
@@ -1,3 +1,5 @@
+#include "app/channel.hpp"
+
 #include <arpa/inet.h>
 #include <netinet/ether.h>
 
@@ -6,6 +8,7 @@
 #include <cinttypes>
 #include <cstdint>
 #include <cstring>
+#include <fstream>
 #include <functional>
 #include <ipmid/api.hpp>
 #include <ipmid/message.hpp>
@@ -29,11 +32,6 @@
 #include <xyz/openbmc_project/Common/error.hpp>
 #include <xyz/openbmc_project/Network/IP/server.hpp>
 
-namespace ipmi
-{
-namespace transport
-{
-
 using phosphor::logging::commit;
 using phosphor::logging::elog;
 using phosphor::logging::entry;
@@ -42,6 +40,44 @@ using phosphor::logging::log;
 using sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
 using sdbusplus::xyz::openbmc_project::Network::server::IP;
 
+namespace cipher
+{
+
+std::vector<uint8_t> getCipherList()
+{
+    std::vector<uint8_t> cipherList;
+
+    std::ifstream jsonFile(cipher::configFile);
+    if (!jsonFile.is_open())
+    {
+        log<level::ERR>("Channel Cipher suites file not found");
+        elog<InternalFailure>();
+    }
+
+    auto data = Json::parse(jsonFile, nullptr, false);
+    if (data.is_discarded())
+    {
+        log<level::ERR>("Parsing channel cipher suites JSON failed");
+        elog<InternalFailure>();
+    }
+
+    // Byte 1 is reserved
+    cipherList.push_back(0x00);
+
+    for (const auto& record : data)
+    {
+        cipherList.push_back(record.value(cipher, 0));
+    }
+
+    return cipherList;
+}
+} // namespace cipher
+
+namespace ipmi
+{
+namespace transport
+{
+
 // LAN Handler specific response codes
 constexpr Cc ccParamNotSupported = 0x80;
 constexpr Cc ccParamSetLocked = 0x81;
@@ -1064,6 +1100,20 @@ RspType<message::Payload> getLan(uint4_t channelBits, uint3_t, bool revOnly,
         return responseInvalidFieldRequest();
     }
 
+    static std::vector<uint8_t> cipherList;
+    static bool listInit = false;
+    if (!listInit)
+    {
+        try
+        {
+            cipherList = cipher::getCipherList();
+            listInit = true;
+        }
+        catch (const std::exception& e)
+        {
+        }
+    }
+
     switch (static_cast<LanParam>(parameter))
     {
         case LanParam::SetStatus:
@@ -1158,8 +1208,23 @@ RspType<message::Payload> getLan(uint4_t channelBits, uint3_t, bool revOnly,
             return responseSuccess(std::move(ret));
         }
         case LanParam::CiphersuiteSupport:
+        {
+            if (!listInit)
+            {
+                return responseUnspecifiedError();
+            }
+            ret.pack(static_cast<uint8_t>(cipherList.size() - 1));
+            return responseSuccess(std::move(ret));
+        }
         case LanParam::CiphersuiteEntries:
-            return response(ccParamNotSupported);
+        {
+            if (!listInit)
+            {
+                return responseUnspecifiedError();
+            }
+            ret.pack(cipherList);
+            return responseSuccess(std::move(ret));
+        }
     }
 
     return response(ccParamNotSupported);
-- 
cgit v1.2.1