From smfarrukh at live.com Thu Apr 11 07:55:10 2013 From: smfarrukh at live.com (Muhammad Farrukh) Date: Thu, 11 Apr 2013 07:55:10 +0000 (UTC) Subject: status report layer1 and layer23 References: Message-ID: Hey Andreas, Hope you are doing good, I was these days playing with osmocombb and my sony Ericson j100i, I am keen to route calls to LCR from osmocombb, but could find any direction to do so, could you please direct me to right place Regards Muhammad Farrukh From HungHM10 at viettel.com.vn Fri Apr 12 10:24:36 2013 From: HungHM10 at viettel.com.vn (HungHM10) Date: Fri, 12 Apr 2013 17:24:36 +0700 Subject: AW: The call has been rejected In-Reply-To: <1310976419453-3178448.post@n3.nabble.com> References: <1310976419453-3178448.post@n3.nabble.com> Message-ID: <5167E0E4.3030407@viettel.com.vn> You must fill real IMEI of your phone. -- -- Thanks and Regards ! ------------------------------------ Ho?ng M?nh H?ng Information Security Department ? Viettel Group Mobile: 09.8778.5050 Email: hunghm10 at viettel.com.vn ------------------------------------ From holger at freyther.de Wed Apr 3 11:12:33 2013 From: holger at freyther.de (Holger Hans Peter Freyther) Date: Wed, 3 Apr 2013 13:12:33 +0200 Subject: Osmocom Berlin User Group meeting In-Reply-To: <515750ED.4020007@gmx.de> References: <502d01a9.mirider@mirider.augusta.de> <20120818115942.GV29525@prithivi.gnumonks.org> <515750ED.4020007@gmx.de> Message-ID: <20130403111233.GA17475@xiaoyu.lan> On Sat, Mar 30, 2013 at 09:54:05PM +0100, dexter wrote: Hi all, > > Apr 03, 8pm @ CCC Berlin, Marienstr. 11, 10117 Berlin as our conference is starting tomorrow, I will not be able to join tonight and I think the same applies to LaF0rge. So in case you still want to attend tonight and do not want to stand in front of a locked door, please check with someone having a key. thanks holger From peter at stuge.se Wed Apr 3 13:50:58 2013 From: peter at stuge.se (Peter Stuge) Date: Wed, 3 Apr 2013 15:50:58 +0200 Subject: Osmocom Berlin User Group meeting In-Reply-To: <20130403111233.GA17475@xiaoyu.lan> References: <502d01a9.mirider@mirider.augusta.de> <20120818115942.GV29525@prithivi.gnumonks.org> <515750ED.4020007@gmx.de> <20130403111233.GA17475@xiaoyu.lan> Message-ID: <20130403135058.9829.qmail@stuge.se> Holger Hans Peter Freyther wrote: > > Apr 03, 8pm @ CCC Berlin, Marienstr. 11, 10117 Berlin > > please check with someone having a key. I'll be there. //Peter From zero-kelvin at gmx.de Wed Apr 3 15:34:50 2013 From: zero-kelvin at gmx.de (dexter) Date: Wed, 03 Apr 2013 17:34:50 +0200 Subject: Osmocom Berlin User Group meeting In-Reply-To: <20130403135058.9829.qmail@stuge.se> References: <502d01a9.mirider@mirider.augusta.de> <20120818115942.GV29525@prithivi.gnumonks.org> <515750ED.4020007@gmx.de> <20130403111233.GA17475@xiaoyu.lan> <20130403135058.9829.qmail@stuge.se> Message-ID: <515C4C1A.5080207@gmx.de> Hi Folks. I will be there too. regards. Philipp From zero-kelvin at gmx.de Mon Apr 15 13:51:34 2013 From: zero-kelvin at gmx.de (dexter) Date: Mon, 15 Apr 2013 15:51:34 +0200 Subject: Osmocom Berlin User Group meeting In-Reply-To: <20120818115942.GV29525@prithivi.gnumonks.org> References: <502d01a9.mirider@mirider.augusta.de> <20120818115942.GV29525@prithivi.gnumonks.org> Message-ID: <516C05E6.7060800@gmx.de> Hi folks. This is the announcement for the next Osmocom Berlin meeting. Apr 17, 8pm @ CCC Berlin, Marienstr. 11, 10117 Berlin There is no formal presentation scheduled for this meeting. If you are interested to show up, feel free to do so. There is no registration required. The meeting is free as in "free beer", despite no actual free beer being around. Regards, Philipp Maier From Max.Suraev at fairwaves.ru Tue Apr 16 17:06:29 2013 From: Max.Suraev at fairwaves.ru (=?UTF-8?B?4piO?=) Date: Tue, 16 Apr 2013 19:06:29 +0200 Subject: asn.1 compilation In-Reply-To: <50B62968.9010408@fairwaves.ru> References: <50B5E919.8080107@fairwaves.ru> <50B5F6B3.5020505@fairwaves.ru> <20121128135454.GQ17561@xiaoyu.lan> <50B62968.9010408@fairwaves.ru> Message-ID: <516D8515.80906@fairwaves.ru> 28.11.2012 16:10, ? ?????: > 28.11.2012 14:54, Holger Hans Peter Freyther ?????: >> On Wed, Nov 28, 2012 at 12:34:11PM +0100, ? wrote: >>> git clone git://git.osmocom.org/erlang/osmo_map.git >>> cd osmo_map/asn1 >>> erlc *.asn >> >> you probably want the map.set.asn1 >> >> > Maybe but no luck so far: > > erlc map.set.asn1 > syntax error at line 58 in module TCAPMessages.asn: > got: '{' and '{' expected typereference '::=' > Compiler function asn1ct:compile_asn1/3 returned: > {error,{'parse error in file:',"/home/dude/osmo_map/asn1/TCAPMessages.asn", > [got,['{','{'],expected,typereference,'::=']}} > > any ideas? > Just in case someone will google for this problem: compiled just fine with erlc from Erlang release 16B. -- best regards, Max, http://fairwaves.ru From hunghm.vn at gmail.com Sat Apr 13 05:29:01 2013 From: hunghm.vn at gmail.com (HungBangChu) Date: Sat, 13 Apr 2013 05:29:01 +0000 (UTC) Subject: osmocom problems References: Message-ID: You must: 1. chmod 777 to all 2. make sure your PATH environment include folder bin of Toolchain From rafarevertf22 at gmail.com Sat Apr 13 19:06:11 2013 From: rafarevertf22 at gmail.com (R. Revert) Date: Sat, 13 Apr 2013 14:06:11 -0500 Subject: osmocom problems In-Reply-To: References: Message-ID: some body knows we you upload the software to the phone.. I get this error, i have a Motorola C139 but the firmaware doesnt run in the phone, i runs some times.. /opt/cellphone/osmocom-bb/src# ./host/osmocon/osmocon -m c140 -p /dev/ttyUSB0 ./target/firmware/board/compal_e86/hello_world.compalram.bin The filesize is larger than 15kb, code on the magic address will be overwritten! Use loader.bin and upload the application with osmoload instead! read_file(./target/firmware/board/compal_e86/hello_world.compalram.bin): file_size=23648, hdr_len=4, dnload_len=23655 got 1 bytes from modem, data looks like: 1b . got 1 bytes from modem, data looks like: f6 . got 1 bytes from modem, data looks like: 02 . got 1 bytes from modem, data looks like: 00 . got 1 bytes from modem, data looks like: 41 A got 1 bytes from modem, data looks like: 02 . got 1 bytes from modem, data looks like: 43 C Received PROMPT2 from phone, starting download handle_write(): 4096 bytes (4096/23655) handle_write(): 4096 bytes (8192/23655) handle_write(): 4096 bytes (12288/23655) handle_write(): 4096 bytes (16384/23655) handle_write(): 4096 bytes (20480/23655) handle_write(): 3175 bytes (23655/23655) handle_write(): finished got 1 bytes from modem, data looks like: 1b . got 1 bytes from modem, data looks like: f6 . got 1 bytes from modem, data looks like: 02 . got 1 bytes from modem, data looks like: 00 . got 1 bytes from modem, data looks like: 45 E got 1 bytes from modem, data looks like: 53 S got 1 bytes from modem, data looks like: 16 . Received DOWNLOAD NACK from phone, something went wrong :( got 1 bytes from modem, data looks like: 66 f got 1 bytes from modem, data looks like: 74 t got 1 bytes from modem, data looks like: 6d m got 1 bytes from modem, data looks like: 74 t got 1 bytes from modem, data looks like: 6f o got 1 bytes from modem, data looks like: 6f o got 1 bytes from modem, data looks like: 6c l Received FTMTOOL from phone, ramloader has aborted got 1 bytes from modem, data looks like: 65 e got 1 bytes from modem, data looks like: 72 r got 1 bytes from modem, data looks like: 72 r got 1 bytes from modem, data looks like: 6f o got 1 bytes from modem, data looks like: 72 r got 1 bytes from modem, data looks like: 00 . * #__________________ Atte. **Rafael R.* *Security Information Architect * *CEH, CHFI, **ECSA, LPT, VCP5,* *Certified Ec-council Instructor - CEI* *Vmware **Certified Instructor - VCI* * * *http://bl4ckd4wn.blogspot.com/* 2013/4/13 HungBangChu > > You must: > 1. chmod 777 to all > 2. make sure your PATH environment include folder bin of Toolchain > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From hunghm.vn at gmail.com Thu Apr 4 06:44:33 2013 From: hunghm.vn at gmail.com (=?UTF-8?B?SG/DoG5nIE3huqFuaCBIw7luZw==?=) Date: Thu, 4 Apr 2013 13:44:33 +0700 Subject: Baseband: MS '1' is up, service is limited Message-ID: Hi all, *I connected, sent and made call successful with osmocombb (with real IMSI and IMEI). But, now, I get error, always be rejected:* OsmocomBB# show ms MS '1' is up, service is limited IMEI: 357337016773249 IMEISV: 3573370167732490 IMEI generation: fixed automatic network selection state: A0 null cell selection state: PLMN search radio ressource layer state: idle mobility management layer state: MM idle, PLMN search OsmocomBB# % (MS 1) % Trying to registering with network... *in my config file (/root/.osmocom/bb/mobile.cfg)**:* ! ! OsmocomBB () configuration saved from vty !! ! line vty no login ! gps device /dev/ttyACM0 gps baudrate default no gps enable ! no hide-default ! ms 1 layer2-socket /tmp/osmocom_l2 sap-socket /tmp/osmocom_sap sim reader network-selection-mode auto imei 357337016773249 0 imei-fixed emergency-imsi 452040399998391 sms-service-center +84980200030 no call-waiting no auto-answer no force-rekey no clip no clir tx-power auto no simulated-delay no stick location-updating neighbour-measurement codec full-speed prefer codec half-speed no abbrev support sms a5/1 a5/2 p-gsm e-gsm r-gsm gsm-850 dcs pcs class-900 4 class-850 4 class-dcs 1 class-pcs 1 channel-capability sdcch+tchf+tchh full-speech-v1 full-speech-v2 half-speech-v1 min-rxlev -106 dsc-max 90 no skip-max-per-band exit test-sim imsi 001010000000000 ki xor 00 00 00 00 00 00 00 00 00 00 00 00 no barred-access no rplmn hplmn-search foreign-country exit no shutdown exit ! Anyone help me???, thanks a lot! -- Thanks and Best Regards -- From: Ho?ng M?nh H?ng -------------- next part -------------- An HTML attachment was scrubbed... URL: From hunghm.vn at gmail.com Fri Apr 12 10:28:05 2013 From: hunghm.vn at gmail.com (hungbangchu) Date: Fri, 12 Apr 2013 03:28:05 -0700 (PDT) Subject: Baseband: MS '1' is up, service is limited In-Reply-To: References: Message-ID: <1365762485338-4025975.post@n3.nabble.com> Anyone help me?? -- View this message in context: http://baseband-devel.722152.n3.nabble.com/Baseband-MS-1-is-up-service-is-limited-tp4025964p4025975.html Sent from the baseband-devel mailing list archive at Nabble.com. From niceguy108 at gmail.com Fri Apr 12 16:17:45 2013 From: niceguy108 at gmail.com (Bhaskar11) Date: Fri, 12 Apr 2013 21:47:45 +0530 Subject: Baseband: MS '1' is up, service is limited In-Reply-To: <1365762485338-4025975.post@n3.nabble.com> References: <1365762485338-4025975.post@n3.nabble.com> Message-ID: Try either or both of the following: * set network selection to manual * set "stick" on Let us know what works if any! On Fri, Apr 12, 2013 at 3:58 PM, hungbangchu wrote: > Anyone help me?? > > > > -- > View this message in context: > http://baseband-devel.722152.n3.nabble.com/Baseband-MS-1-is-up-service-is-limited-tp4025964p4025975.html > Sent from the baseband-devel mailing list archive at Nabble.com. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From hunghm.vn at gmail.com Sat Apr 13 05:45:51 2013 From: hunghm.vn at gmail.com (hungbangchu) Date: Fri, 12 Apr 2013 22:45:51 -0700 (PDT) Subject: Baseband: MS '1' is up, service is limited In-Reply-To: References: <1365762485338-4025975.post@n3.nabble.com> Message-ID: <1365831951751-4025978.post@n3.nabble.com> Thanks for your support. * set network selection to manual * set "stick" on --> I set in file mobile.cfg: ******************************************* ! ! OsmocomBB () configuration saved from vty !! ! line vty no login ! gps device /dev/ttyACM0 gps baudrate default no gps enable ! no hide-default ! ms 1 layer2-socket /tmp/osmocom_l2 sap-socket /tmp/osmocom_sap sim reader network-selection-mode manual imei 356898011087563 0 imei-fixed emergency-imsi 452040399998400 sms-service-center +84980200030 no call-waiting no auto-answer no force-rekey no clip no clir tx-power auto no simulated-delay stick on location-updating neighbour-measurement codec full-speed prefer codec half-speed no abbrev support sms a5/1 a5/2 p-gsm e-gsm r-gsm gsm-850 dcs pcs class-900 4 class-850 4 class-dcs 1 class-pcs 1 channel-capability sdcch+tchf+tchh full-speech-v1 full-speech-v2 half-speech-v1 min-rxlev -106 dsc-max 90 no skip-max-per-band exit test-sim imsi 452040399998400 ki xor 00 00 00 00 00 00 00 00 00 00 00 00 no barred-access no rplmn hplmn-search foreign-country exit no shutdown exit ! ************************** I get error: There is no such command. Error occurred during reading below line: stick on Failed to parse the config file: '/root/.osmocom/bb/mobile.cfg' Can you help me? -- View this message in context: http://baseband-devel.722152.n3.nabble.com/Baseband-MS-1-is-up-service-is-limited-tp4025964p4025978.html Sent from the baseband-devel mailing list archive at Nabble.com. From pabftk at gmail.com Sat Apr 13 07:53:31 2013 From: pabftk at gmail.com (Pavel Baturko) Date: Sat, 13 Apr 2013 11:53:31 +0400 Subject: Baseband: MS '1' is up, service is limited In-Reply-To: <1365831951751-4025978.post@n3.nabble.com> References: <1365762485338-4025975.post@n3.nabble.com> <1365831951751-4025978.post@n3.nabble.com> Message-ID: Hi, > There is no such command. > Error occurred during reading below line: > stick on 'stick' option should be used as 'stick ARFCN'. with this option your MS will be forced to use specific ARFCN. Be sure that this ARFCN is visible by your MS and owned by your SIM's service provider. Also I think it's difficult for people in this list to help you without logs, at least attached mobile app log could help. Thanks, Pavel On Sat, Apr 13, 2013 at 9:45 AM, hungbangchu wrote: > Thanks for your support. > > * set network selection to manual > * set "stick" on > > --> I set in file mobile.cfg: > > ******************************************* > ! > ! OsmocomBB () configuration saved from vty > !! > ! > line vty > no login > ! > gps device /dev/ttyACM0 > gps baudrate default > no gps enable > ! > no hide-default > ! > ms 1 > layer2-socket /tmp/osmocom_l2 > sap-socket /tmp/osmocom_sap > sim reader > network-selection-mode manual > imei 356898011087563 0 > imei-fixed > emergency-imsi 452040399998400 > sms-service-center +84980200030 > no call-waiting > no auto-answer > no force-rekey > no clip > no clir > tx-power auto > no simulated-delay > stick on > location-updating > neighbour-measurement > codec full-speed prefer > codec half-speed > no abbrev > support > sms > a5/1 > a5/2 > p-gsm > e-gsm > r-gsm > gsm-850 > dcs > pcs > class-900 4 > class-850 4 > class-dcs 1 > class-pcs 1 > channel-capability sdcch+tchf+tchh > full-speech-v1 > full-speech-v2 > half-speech-v1 > min-rxlev -106 > dsc-max 90 > no skip-max-per-band > exit > test-sim > imsi 452040399998400 > ki xor 00 00 00 00 00 00 00 00 00 00 00 00 > no barred-access > no rplmn > hplmn-search foreign-country > exit > no shutdown > exit > ! > ************************** > > I get error: > > There is no such command. > Error occurred during reading below line: > stick on > > Failed to parse the config file: '/root/.osmocom/bb/mobile.cfg' > > > Can you help me? > > > > -- > View this message in context: > http://baseband-devel.722152.n3.nabble.com/Baseband-MS-1-is-up-service-is-limited-tp4025964p4025978.html > Sent from the baseband-devel mailing list archive at Nabble.com. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From hunghm.vn at gmail.com Mon Apr 15 01:47:03 2013 From: hunghm.vn at gmail.com (hungbangchu) Date: Sun, 14 Apr 2013 18:47:03 -0700 (PDT) Subject: Baseband: MS '1' is up, service is limited In-Reply-To: References: <1365762485338-4025975.post@n3.nabble.com> <1365831951751-4025978.post@n3.nabble.com> Message-ID: <1365990423771-4025985.post@n3.nabble.com> "Also I think it's difficult for people in this list to help you without logs, at least attached mobile app log could help." --> How can I export log file? -- View this message in context: http://baseband-devel.722152.n3.nabble.com/Baseband-MS-1-is-up-service-is-limited-tp4025964p4025985.html Sent from the baseband-devel mailing list archive at Nabble.com. From hunghm.vn at gmail.com Mon Apr 15 06:46:12 2013 From: hunghm.vn at gmail.com (hungbangchu) Date: Sun, 14 Apr 2013 23:46:12 -0700 (PDT) Subject: Baseband: MS '1' is up, service is limited In-Reply-To: References: <1365762485338-4025975.post@n3.nabble.com> <1365831951751-4025978.post@n3.nabble.com> Message-ID: <1366008372275-4025987.post@n3.nabble.com> Hi, My attachment is file mobile.log. Any one can mobile.log help me? pab wrote > Hi, > >> There is no such command. >> Error occurred during reading below line: >> stick on > 'stick' option should be used as 'stick ARFCN'. with this option your MS > will be forced to use specific ARFCN. Be sure that this ARFCN is visible > by > your MS and owned by your SIM's service provider. > > Also I think it's difficult for people in this list to help you without > logs, at least attached mobile app log could help. > > Thanks, > Pavel -- View this message in context: http://baseband-devel.722152.n3.nabble.com/Baseband-MS-1-is-up-service-is-limited-tp4025964p4025987.html Sent from the baseband-devel mailing list archive at Nabble.com. From pabftk at gmail.com Mon Apr 15 08:36:48 2013 From: pabftk at gmail.com (Pavel Baturko) Date: Mon, 15 Apr 2013 12:36:48 +0400 Subject: Baseband: MS '1' is up, service is limited In-Reply-To: <1366008372275-4025987.post@n3.nabble.com> References: <1365762485338-4025975.post@n3.nabble.com> <1365831951751-4025978.post@n3.nabble.com> <1366008372275-4025987.post@n3.nabble.com> Message-ID: Hi, Could you please provide mobile.log and log from VTY in case of automatic network selection "network-selection-mode auto" ans "no stick" option? Thanks, Pavel On Mon, Apr 15, 2013 at 10:46 AM, hungbangchu wrote: > Hi, > > My attachment is file mobile.log. > > Any one can mobile.log > > help > me? > > > > pab wrote > > Hi, > > > >> There is no such command. > >> Error occurred during reading below line: > >> stick on > > 'stick' option should be used as 'stick ARFCN'. with this option your MS > > will be forced to use specific ARFCN. Be sure that this ARFCN is visible > > by > > your MS and owned by your SIM's service provider. > > > > Also I think it's difficult for people in this list to help you without > > logs, at least attached mobile app log could help. > > > > Thanks, > > Pavel > > > > > > -- > View this message in context: > http://baseband-devel.722152.n3.nabble.com/Baseband-MS-1-is-up-service-is-limited-tp4025964p4025987.html > Sent from the baseband-devel mailing list archive at Nabble.com. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From pabftk at gmail.com Mon Apr 15 09:38:51 2013 From: pabftk at gmail.com (Pavel Baturko) Date: Mon, 15 Apr 2013 13:38:51 +0400 Subject: Baseband: MS '1' is up, service is limited In-Reply-To: References: <1365762485338-4025975.post@n3.nabble.com> <1365831951751-4025978.post@n3.nabble.com> <1366008372275-4025987.post@n3.nabble.com> Message-ID: As I see your Channel Requests remain unanswered from the network. Are you sure that you are using firmware compiled with enabled TX (I do not remember if it could be observed from layer1.log)? If yes, you can try not to use the ARFCN that is selected by MS automatically (in your log - 748DCS) by signal level, but try to stick on another ARFCN: e.g. 746DCS - second candidate by rxlev - or other. for this case use "stick 746" option and check for network's answers (ImmAss or ImmAssReject). You can also try to use other SIMs. Thanks, Pavel On Mon, Apr 15, 2013 at 1:11 PM, Ho?ng M?nh H?ng wrote: > Hi Pavel Baturko, > > > mobile.cfg, mobile.log, layer1.log and other logs in case of automatic > network selection "network-selection-mode auto" ans "no stick" option: > > root at UR:/tmp# telnet 127.0.0.1 4247 > Trying 127.0.0.1... > Connected to 127.0.0.1. > Escape character is '^]'. > Welcome to the OsmocomBB control interface > > OsmocomBB> en > OsmocomBB# sho > > OsmocomBB# show ms > MS '1' is up, service is limited > IMEI: 357337016773249 > IMEISV: 3573370167732490 > IMEI generation: fixed > automatic network selection state: A0 null > cell selection state: PLMN search > radio ressource layer state: idle > mobility management layer state: MM idle, PLMN search > > OsmocomBB# show > OsmocomBB# show sub > OsmocomBB# show subscriber > Mobile Subscriber of MS '1': > IMSI: 452040399998391 > ICCID: 89840403940099983911 > Service Provider Name: VIETTEL > SMS Service Center Address: +84980200030 > Status: U2_NOT_UPDATED IMSI detached LAI: invalid > Key: sequence 1 74 5d 70 bb 32 6a a0 00 > Access barred cells: no > Access classes: C4 > List of preferred PLMNs: > MCC |MNC > -------+------- > 452 |04 (Vietnam, Viettel Mobile) > 456 |08 (Cambodia, Viettel) > 457 |03 (Laos, Unitel) > 372 |03 (Haiti, 03) > > OsmocomBB# show > OsmocomBB# show sup > OsmocomBB# show support > Supported features of MS '1': > Phase 2 mobile station > R-GSM : yes > E-GSM : yes > P-GSM : yes > GSM900 Class : 4 > DCS 1800 : yes > DCS Class : 1 > GSM 850 : yes > GSM 850 Class: 4 > PCS 1900 : yes > PCS Class : 1 > GSM 480 : no > GSM 450 : no > CECS : no > VGCS : no > VBS : no > SMS : yes > SS_IND : yes > PS_CAP : no > CMSP : no > SoLSA : no > LCSVA : no > LOC_SERV : no > A5/1 : yes > A5/2 : yes > A5/3 : no > A5/4 : no > A5/5 : no > A5/6 : no > A5/7 : no > A5/1 : yes > Channels : SDCCH + TCH/F + TCH/H > Full-Rate V1 : yes > Full-Rate V2 : yes > Full-Rate V3 : no > Half-Rate V1 : yes > Half-Rate V3 : no > Min RXLEV : -106 > > OsmocomBB# call 1 0987785050 > OsmocomBB# > % (MS 1) > % Call has been rejected > > OsmocomBB# sms 1 0987785050 testSMS > OsmocomBB# > % (MS 1) > % SMS to 0987785050 failed: (MO) SMS rejected > > OsmocomBB# net > OsmocomBB# network sho > OsmocomBB# network show 1 > > OsmocomBB# > % (MS 1) > % Trying to registering with network... > > % (MS 1) > % Trying to registering with network... > > % (MS 1) > % Trying to registering with network... > > % (MS 1) > % Searching network... > > > % (MS 1) > % Trying to registering with network... > > % (MS 1) > % Trying to registering with network... > > % (MS 1) > % Searching network... > > OsmocomBB# sms 1 0987785050 testSMS > > % (MS 1) > % Trying to registering with network... > call 1 0987785050 > OsmocomBB# > % (MS 1) > % Call has been rejected > > OsmocomBB# sms 1 0987785050 testSMS > OsmocomBB# > % (MS 1) > % SMS to 0987785050 failed: (MO) SMS rejected > > > % (MS 1) > % Trying to registering with network... > > > > 2013/4/15 Pavel Baturko > >> Hi, >> >> Could you please provide mobile.log and log from VTY in case of automatic >> network selection "network-selection-mode auto" ans "no stick" option? >> >> Thanks, >> Pavel >> >> >> On Mon, Apr 15, 2013 at 10:46 AM, hungbangchu wrote: >> >>> Hi, >>> >>> My attachment is file mobile.log. >>> >>> Any one can mobile.log >>> >>> help >>> >>> me? >>> >>> >>> >>> pab wrote >>> > Hi, >>> > >>> >> There is no such command. >>> >> Error occurred during reading below line: >>> >> stick on >>> > 'stick' option should be used as 'stick ARFCN'. with this option your >>> MS >>> > will be forced to use specific ARFCN. Be sure that this ARFCN is >>> visible >>> > by >>> > your MS and owned by your SIM's service provider. >>> > >>> > Also I think it's difficult for people in this list to help you without >>> > logs, at least attached mobile app log could help. >>> > >>> > Thanks, >>> > Pavel >>> >>> >>> >>> >>> >>> -- >>> View this message in context: >>> http://baseband-devel.722152.n3.nabble.com/Baseband-MS-1-is-up-service-is-limited-tp4025964p4025987.html >>> >>> Sent from the baseband-devel mailing list archive at Nabble.com. >>> >>> >> > > > -- > Thanks and Best Regards > -- > From: Ho?ng M?nh H?ng > -------------- next part -------------- An HTML attachment was scrubbed... URL: From hunghm.vn at gmail.com Tue Apr 16 10:42:04 2013 From: hunghm.vn at gmail.com (=?UTF-8?B?SG/DoG5nIE3huqFuaCBIw7luZw==?=) Date: Tue, 16 Apr 2013 17:42:04 +0700 Subject: Baseband: MS '1' is up, service is limited In-Reply-To: References: <1365762485338-4025975.post@n3.nabble.com> <1365831951751-4025978.post@n3.nabble.com> <1366008372275-4025987.post@n3.nabble.com> Message-ID: Thanks for your support. I only enabled TX --> still failed But then, I update libosmocombb, and enable TX --> connect network successful Your support is very helpful. 2013/4/15 Pavel Baturko > As I see your Channel Requests remain unanswered from the network. Are you > sure that you are using firmware compiled with enabled TX (I do not > remember if it could be observed from layer1.log)? > If yes, you can try not to use the ARFCN that is selected by MS > automatically (in your log - 748DCS) by signal level, but try to stick on > another ARFCN: e.g. 746DCS - second candidate by rxlev - or other. for this > case use "stick 746" option and check for network's answers (ImmAss or > ImmAssReject). > You can also try to use other SIMs. > > Thanks, > Pavel > > > On Mon, Apr 15, 2013 at 1:11 PM, Ho?ng M?nh H?ng wrote: > >> Hi Pavel Baturko, >> >> >> mobile.cfg, mobile.log, layer1.log and other logs in case of automatic >> network selection "network-selection-mode auto" ans "no stick" option: >> >> root at UR:/tmp# telnet 127.0.0.1 4247 >> Trying 127.0.0.1... >> Connected to 127.0.0.1. >> Escape character is '^]'. >> Welcome to the OsmocomBB control interface >> >> OsmocomBB> en >> OsmocomBB# sho >> >> OsmocomBB# show ms >> MS '1' is up, service is limited >> IMEI: 357337016773249 >> IMEISV: 3573370167732490 >> IMEI generation: fixed >> automatic network selection state: A0 null >> cell selection state: PLMN search >> radio ressource layer state: idle >> mobility management layer state: MM idle, PLMN search >> >> OsmocomBB# show >> OsmocomBB# show sub >> OsmocomBB# show subscriber >> Mobile Subscriber of MS '1': >> IMSI: 452040399998391 >> ICCID: 89840403940099983911 >> Service Provider Name: VIETTEL >> SMS Service Center Address: +84980200030 >> Status: U2_NOT_UPDATED IMSI detached LAI: invalid >> Key: sequence 1 74 5d 70 bb 32 6a a0 00 >> Access barred cells: no >> Access classes: C4 >> List of preferred PLMNs: >> MCC |MNC >> -------+------- >> 452 |04 (Vietnam, Viettel Mobile) >> 456 |08 (Cambodia, Viettel) >> 457 |03 (Laos, Unitel) >> 372 |03 (Haiti, 03) >> >> OsmocomBB# show >> OsmocomBB# show sup >> OsmocomBB# show support >> Supported features of MS '1': >> Phase 2 mobile station >> R-GSM : yes >> E-GSM : yes >> P-GSM : yes >> GSM900 Class : 4 >> DCS 1800 : yes >> DCS Class : 1 >> GSM 850 : yes >> GSM 850 Class: 4 >> PCS 1900 : yes >> PCS Class : 1 >> GSM 480 : no >> GSM 450 : no >> CECS : no >> VGCS : no >> VBS : no >> SMS : yes >> SS_IND : yes >> PS_CAP : no >> CMSP : no >> SoLSA : no >> LCSVA : no >> LOC_SERV : no >> A5/1 : yes >> A5/2 : yes >> A5/3 : no >> A5/4 : no >> A5/5 : no >> A5/6 : no >> A5/7 : no >> A5/1 : yes >> Channels : SDCCH + TCH/F + TCH/H >> Full-Rate V1 : yes >> Full-Rate V2 : yes >> Full-Rate V3 : no >> Half-Rate V1 : yes >> Half-Rate V3 : no >> Min RXLEV : -106 >> >> OsmocomBB# call 1 0987785050 >> OsmocomBB# >> % (MS 1) >> % Call has been rejected >> >> OsmocomBB# sms 1 0987785050 testSMS >> OsmocomBB# >> % (MS 1) >> % SMS to 0987785050 failed: (MO) SMS rejected >> >> OsmocomBB# net >> OsmocomBB# network sho >> OsmocomBB# network show 1 >> >> OsmocomBB# >> % (MS 1) >> % Trying to registering with network... >> >> % (MS 1) >> % Trying to registering with network... >> >> % (MS 1) >> % Trying to registering with network... >> >> % (MS 1) >> % Searching network... >> >> >> % (MS 1) >> % Trying to registering with network... >> >> % (MS 1) >> % Trying to registering with network... >> >> % (MS 1) >> % Searching network... >> >> OsmocomBB# sms 1 0987785050 testSMS >> >> % (MS 1) >> % Trying to registering with network... >> call 1 0987785050 >> OsmocomBB# >> % (MS 1) >> % Call has been rejected >> >> OsmocomBB# sms 1 0987785050 testSMS >> OsmocomBB# >> % (MS 1) >> % SMS to 0987785050 failed: (MO) SMS rejected >> >> >> % (MS 1) >> % Trying to registering with network... >> >> >> >> 2013/4/15 Pavel Baturko >> >>> Hi, >>> >>> Could you please provide mobile.log and log from VTY in case of >>> automatic network selection "network-selection-mode auto" ans "no >>> stick" option? >>> >>> Thanks, >>> Pavel >>> >>> >>> On Mon, Apr 15, 2013 at 10:46 AM, hungbangchu wrote: >>> >>>> Hi, >>>> >>>> My attachment is file mobile.log. >>>> >>>> Any one can mobile.log >>>> >>>> help >>>> >>>> me? >>>> >>>> >>>> >>>> pab wrote >>>> > Hi, >>>> > >>>> >> There is no such command. >>>> >> Error occurred during reading below line: >>>> >> stick on >>>> > 'stick' option should be used as 'stick ARFCN'. with this option your >>>> MS >>>> > will be forced to use specific ARFCN. Be sure that this ARFCN is >>>> visible >>>> > by >>>> > your MS and owned by your SIM's service provider. >>>> > >>>> > Also I think it's difficult for people in this list to help you >>>> without >>>> > logs, at least attached mobile app log could help. >>>> > >>>> > Thanks, >>>> > Pavel >>>> >>>> >>>> >>>> >>>> >>>> -- >>>> View this message in context: >>>> http://baseband-devel.722152.n3.nabble.com/Baseband-MS-1-is-up-service-is-limited-tp4025964p4025987.html >>>> >>>> Sent from the baseband-devel mailing list archive at Nabble.com. >>>> >>>> >>> >> >> >> -- >> Thanks and Best Regards >> -- >> From: Ho?ng M?nh H?ng >> > > -- Thanks and Best Regards -- From: Ho?ng M?nh H?ng -------------- next part -------------- An HTML attachment was scrubbed... URL: From niceguy108 at gmail.com Sun Apr 14 11:35:31 2013 From: niceguy108 at gmail.com (Bhaskar11) Date: Sun, 14 Apr 2013 17:05:31 +0530 Subject: Baseband: MS '1' is up, service is limited In-Reply-To: <1365831951751-4025978.post@n3.nabble.com> References: <1365762485338-4025975.post@n3.nabble.com> <1365831951751-4025978.post@n3.nabble.com> Message-ID: If I remember right to make it ON in the cfg file you simply remove the "no" from "no stick". It is easier to change it from withing the app in the tty interface. Then save the cfg. This way you do not have to worry about the cfg format. On Sat, Apr 13, 2013 at 11:15 AM, hungbangchu wrote: > Thanks for your support. > > * set network selection to manual > * set "stick" on > > --> I set in file mobile.cfg: > > ******************************************* > ! > ! OsmocomBB () configuration saved from vty > !! > ! > line vty > no login > ! > gps device /dev/ttyACM0 > gps baudrate default > no gps enable > ! > no hide-default > ! > ms 1 > layer2-socket /tmp/osmocom_l2 > sap-socket /tmp/osmocom_sap > sim reader > network-selection-mode manual > imei 356898011087563 0 > imei-fixed > emergency-imsi 452040399998400 > sms-service-center +84980200030 > no call-waiting > no auto-answer > no force-rekey > no clip > no clir > tx-power auto > no simulated-delay > stick on > location-updating > neighbour-measurement > codec full-speed prefer > codec half-speed > no abbrev > support > sms > a5/1 > a5/2 > p-gsm > e-gsm > r-gsm > gsm-850 > dcs > pcs > class-900 4 > class-850 4 > class-dcs 1 > class-pcs 1 > channel-capability sdcch+tchf+tchh > full-speech-v1 > full-speech-v2 > half-speech-v1 > min-rxlev -106 > dsc-max 90 > no skip-max-per-band > exit > test-sim > imsi 452040399998400 > ki xor 00 00 00 00 00 00 00 00 00 00 00 00 > no barred-access > no rplmn > hplmn-search foreign-country > exit > no shutdown > exit > ! > ************************** > > I get error: > > There is no such command. > Error occurred during reading below line: > stick on > > Failed to parse the config file: '/root/.osmocom/bb/mobile.cfg' > > > Can you help me? > > > > -- > View this message in context: > http://baseband-devel.722152.n3.nabble.com/Baseband-MS-1-is-up-service-is-limited-tp4025964p4025978.html > Sent from the baseband-devel mailing list archive at Nabble.com. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From hunghm.vn at gmail.com Mon Apr 15 01:54:57 2013 From: hunghm.vn at gmail.com (hungbangchu) Date: Sun, 14 Apr 2013 18:54:57 -0700 (PDT) Subject: Baseband: MS '1' is up, service is limited In-Reply-To: References: <1365762485338-4025975.post@n3.nabble.com> <1365831951751-4025978.post@n3.nabble.com> Message-ID: <1365990897108-4025986.post@n3.nabble.com> I removed the "no" from "no stick" --> error: There is no such command. Error occurred during reading below line: stick Failed to parse the config file: '/root/.osmocom/bb/mobile.cfg' Bhaskar11 wrote > If I remember right to make it ON in the cfg file you simply remove the > "no" from "no stick". > > It is easier to change it from withing the app in the tty interface. Then > save the cfg. This way you do not have to worry about the cfg format. > > > > On Sat, Apr 13, 2013 at 11:15 AM, hungbangchu < > hunghm.vn@ > > wrote: > >> Thanks for your support. >> >> * set network selection to manual >> * set "stick" on >> >> --> I set in file mobile.cfg: >> >> ******************************************* >> ! >> ! OsmocomBB () configuration saved from vty >> !! >> ! >> line vty >> no login >> ! >> gps device /dev/ttyACM0 >> gps baudrate default >> no gps enable >> ! >> no hide-default >> ! >> ms 1 >> layer2-socket /tmp/osmocom_l2 >> sap-socket /tmp/osmocom_sap >> sim reader >> network-selection-mode manual >> imei 356898011087563 0 >> imei-fixed >> emergency-imsi 452040399998400 >> sms-service-center +84980200030 >> no call-waiting >> no auto-answer >> no force-rekey >> no clip >> no clir >> tx-power auto >> no simulated-delay >> stick on >> location-updating >> neighbour-measurement >> codec full-speed prefer >> codec half-speed >> no abbrev >> support >> sms >> a5/1 >> a5/2 >> p-gsm >> e-gsm >> r-gsm >> gsm-850 >> dcs >> pcs >> class-900 4 >> class-850 4 >> class-dcs 1 >> class-pcs 1 >> channel-capability sdcch+tchf+tchh >> full-speech-v1 >> full-speech-v2 >> half-speech-v1 >> min-rxlev -106 >> dsc-max 90 >> no skip-max-per-band >> exit >> test-sim >> imsi 452040399998400 >> ki xor 00 00 00 00 00 00 00 00 00 00 00 00 >> no barred-access >> no rplmn >> hplmn-search foreign-country >> exit >> no shutdown >> exit >> ! >> ************************** >> >> I get error: >> >> There is no such command. >> Error occurred during reading below line: >> stick on >> >> Failed to parse the config file: '/root/.osmocom/bb/mobile.cfg' >> >> >> Can you help me? >> >> >> >> -- >> View this message in context: >> http://baseband-devel.722152.n3.nabble.com/Baseband-MS-1-is-up-service-is-limited-tp4025964p4025978.html >> Sent from the baseband-devel mailing list archive at Nabble.com. >> >> -- View this message in context: http://baseband-devel.722152.n3.nabble.com/Baseband-MS-1-is-up-service-is-limited-tp4025964p4025986.html Sent from the baseband-devel mailing list archive at Nabble.com. From craig_comstock at yahoo.com Fri Apr 5 14:31:25 2013 From: craig_comstock at yahoo.com (Craig Comstock) Date: Fri, 5 Apr 2013 07:31:25 -0700 (PDT) Subject: Pirelli DPL10 - nuttx and dump flash for restore later Message-ID: <1365172285.43518.YahooMailNeo@web121004.mail.ne1.yahoo.com> Hey folks, I got my Pirelli DPL10 yesterday and was able to get hello world, rssi, layer1 etc up and working pretty easily. It's quite a bit easier than the other phones I was trying to use with my RaspberryPi. I was wondering if someone could give me a nudge on how to get started getting nuttx working on this phone? Also I'd like to ask if there are directions somewhere on how to save the standard software presently on the phone so I can restore it later. I looked at osmoload but didn't quite understand what to do. finfo seemed to come back with all zeros for information and I confirmed that ping received a pong from the phone. My goal is to work towards using osmocom/nuttx to make this phone my daily use phone. Thanks, Craig -------------- next part -------------- An HTML attachment was scrubbed... URL: From acassis at gmail.com Fri Apr 5 17:24:19 2013 From: acassis at gmail.com (Alan Carvalho de Assis) Date: Fri, 5 Apr 2013 14:24:19 -0300 Subject: Pirelli DPL10 - nuttx and dump flash for restore later In-Reply-To: <1365172285.43518.YahooMailNeo@web121004.mail.ne1.yahoo.com> References: <1365172285.43518.YahooMailNeo@web121004.mail.ne1.yahoo.com> Message-ID: Hi Craig, On 4/5/13, Craig Comstock wrote: > > I was wondering if someone could give me a nudge on how to get started > getting nuttx working on this phone? > I never tested it on Pirelli phone, but since it is same baseband as GTA phones, you just need to use: $ cd nuttx/tools $ ./configure.sh compal_e88/nsh_highram $ cd .. $ make Then upload nuttx.bin using chainload.compalram.bin as explained here: http://bb.osmocom.org/trac/wiki/nuttx-bb/configurations Keep in mind the main development platform for nuttx-bb is C155 (compal_e99). If you need help, please enter in IRC channel ##nuttx-bb (irc.freenode.net). More info: http://bb.osmocom.org/trac/wiki/nuttx-bb Best Regards, Alan From craig_comstock at yahoo.com Sat Apr 6 03:38:40 2013 From: craig_comstock at yahoo.com (Craig Comstock) Date: Fri, 5 Apr 2013 20:38:40 -0700 (PDT) Subject: Pirelli DPL10 - nuttx and dump flash for restore later In-Reply-To: References: <1365172285.43518.YahooMailNeo@web121004.mail.ne1.yahoo.com> Message-ID: <1365219520.58525.YahooMailNeo@web121006.mail.ne1.yahoo.com> I followed the steps you mentioned Alan and when loading I do the following: ~/workspace/osmocom-bb/src/host/osmocon$ ./osmocon -p /dev/ttyUSB0 -m romload ../../target/firmware/board/compal_e88/chainload.compalram.bin -c nuttx.bin got 2 bytes from modem, data looks like: 3e 69? >i Received ident ack from phone, sending parameter sequence read_file(../../target/firmware/board/compal_e88/chainload.compalram.bin): file_size=4378, hdr_len=0, dnload_len=4381 Received parameter ack from phone, starting download Finished, sent 5 blocks in total Received branch ack, your code is running now! Hit Ctrl-C and try minicom, no data or response to input in minicom. No change in screen either. The load happens very fast so I wonder if it is even really working? I can load the standard osmocom apps fine. -Craig ________________________________ From: Alan Carvalho de Assis To: Craig Comstock Cc: "baseband-devel at lists.osmocom.org" Sent: Friday, April 5, 2013 12:24 PM Subject: Re: Pirelli DPL10 - nuttx and dump flash for restore later Hi Craig, On 4/5/13, Craig Comstock wrote: > > I was wondering if someone could give me a nudge on how to get started > getting nuttx working on this phone? > I never tested it on Pirelli phone, but since it is same baseband as GTA phones, you just need to use: $ cd nuttx/tools $ ./configure.sh compal_e88/nsh_highram $ cd .. $ make Then upload nuttx.bin using chainload.compalram.bin as explained here: http://bb.osmocom.org/trac/wiki/nuttx-bb/configurations Keep in mind the main development platform for nuttx-bb is C155 (compal_e99). If you need help, please enter in IRC channel ##nuttx-bb (irc.freenode.net). More info: http://bb.osmocom.org/trac/wiki/nuttx-bb Best Regards, Alan -------------- next part -------------- An HTML attachment was scrubbed... URL: From steve at steve-m.de Sat Apr 6 08:04:10 2013 From: steve at steve-m.de (Steve Markgraf) Date: Sat, 06 Apr 2013 10:04:10 +0200 Subject: Pirelli DPL10 - nuttx and dump flash for restore later In-Reply-To: <1365219520.58525.YahooMailNeo@web121006.mail.ne1.yahoo.com> References: <1365172285.43518.YahooMailNeo@web121004.mail.ne1.yahoo.com> <1365219520.58525.YahooMailNeo@web121006.mail.ne1.yahoo.com> Message-ID: <515FD6FA.6040209@steve-m.de> Hi, On 06.04.2013 05:38, Craig Comstock wrote: > I followed the steps you mentioned Alan and when loading I do the following: > > ~/workspace/osmocom-bb/src/host/osmocon$ ./osmocon -p /dev/ttyUSB0 -m > romload ../../target/firmware/board/compal_e88/chainload.compalram.bin > -c nuttx.bin Well, chainload won't work for the Pirelli DP-L10 because it already uses the romloader. This also means you need to load an image linked for the highram-environment, not compalram. Regards, Steve From choukoumoun at gmail.com Fri Apr 5 17:32:59 2013 From: choukoumoun at gmail.com (choukoumoun) Date: Fri, 05 Apr 2013 19:32:59 +0200 Subject: [CONFERENCE] HES2013 @Paris Message-ID: <515F0ACB.8040706@gmail.com> Hackito Ergo Sum 2013 -- Call For Paper -- HES2013 CFP ** http://hackitoergosum.org ** 2-4 May 2013 / Paris / France 11111111111111111111111111111111111111111111111111111111111111111 11111111111111111111111111111111111111111111111111111111111111111 11111111111111111111111111111111111111111111111111111111111111111 11111111111111111000000111111111111111111000000111111111111111111 11111111111111111000000111111111111111111000000111111111111111111 11111111111111111000000111111111111111111000000111111111111111111 11111111111111111000000111111111111111111000000111111111111111111 11111111111000000000000000000000000000000000000000000111111111111 11111111111000000000000000000000000000000000000000000111111111111 11111111111000000000000000000000000000000000000000000111111111111 11111111111000000000000000000000000000000000000000000111111111111 11111000000000000111111111111000000111111111111000000000000111111 11111000000000000111111111111000000111111111111000000000000111111 11111000000000000111111111111000000111111111111000000000000111111 11111000000000000111111111111000000111111111111000000000000111111 11111000000000000000000000000000000000000000000000000000000111111 11111000000000000000000000000000000000000000000000000000000111111 11111000000000000000000000000000000000000000000000000000000111111 11111000000000000000000000000000000000000000000000000000000111111 11111000000000000000000000000000000000000000000000000000000111111 11111000000000000000000000000000000000000000000000000000000111111 11111000000000000000000000000000000000000000000000000000000111111 11111000000111111000000111111000000111111000000111111000000111111 11111000000111111000000111111000000111111000000111111000000111111 11111000000111111000000111111000000111111000000111111000000111111 11111000000111111000000111111000000111111000000111111000000111111 11111111111000000111111000000111111000000111111000000111111111111 11111111111000000111111000000111111000000111111000000111111111111 11111111111000000111111000000111111000000111111000000111111111111 11111111111000000111111000000111111000000111111000000111111111111 11111111111111111111111111111111111111111111111111111111111111111 11111111111111111111111111111111111111111111111111111111111111111 111111111111111111111111111111111111111111111 111111111111111111111111111111111111111111111 HES 2013 111111111111111111111111111111111111111111111 Paris, 2-4 May 2013 111111111111111111111111111111111111111111111 11111111111111111111111111111111111111111111111111111111111111111 11111111111111111111111111111111111111111111111111111111111111111 --[ Synopsis: Hackito Ergo Sum is an international conference focused on security and hacking breakthroughs from many different perspectives: corporate, hackers, industry, governments, academics. Diversity and creativity in this domain are the key words. HES2013 will have for its 4th edition some of the best hacking talents in the world. --[ Venue: Hackito Ergo Sum 2013 will take place in Paris, France from the 2nd to the 4th of May, 2013, at Cite des sciences et de l'industrie. Address: 30 Avenue Corentin Cariou 75019 Paris FRANCE It is easily accessible via public transport with metro line 7, at the Porte de la Villette, or by car using orbital motorway (Multiverse level I / 61d8327deb882cf99). Map and pictures are available here: https://plus.google.com/110203164083435669962/about?gl=fr&hl=fr --[ Introduction: It's 2013 and we're alive! Awesome! Let's have a look at what hacking future we have. From the tectonic shift of forces from the West to the East, the rise of military-powered attack software, and the evermore sophisticated games of spooks, yesteryear's "cloak-and-dagger" has come to the hacking world. This is a game of mapping individuals and their influences at hacking conferences, cancelling Visas of potential future-enemies in a the foreshadowed "cyber-war", buying AND selling 0-days to identify hidden networks of the underground, raising their filternet, establishing red-button routers, identifying challenge winners and profiling their hacking methodologies, and owning botnets for sheer firepower. We are in deep shit. But hey, wait, that's FUN! No matter the forces that threaten our liberties and trace our modems, we still have not and will not loose our passion to tinker, to explore, to peal back the layers of technological reality. We have not lost the Will to Hack. For the rest of us, we're still all alike when we read media and government propaganda: hackers intruding everything and waging cyberwar, panic-spreading, FUD-driven definition of us as bad guys, mafia, and evil-doers. All alike. Our world is the world of hack, of the beauty of the baud and the sheer madness of the screaming electron, (respect to Phrack and The Mentor), and we won't change it for anything. Because it is the most immense and yet most fragile human creation; it is our world and we own it. If a khaki-pants warmonger or a 3-piece suit master-of-the-world wannabee wants to confiscate it from us, restrict our freedom, ban our activities, turn the public opinion to follow their agenda, well, they may try, they may block some of us, they may even put some of us out of the circuit, but they can't replicate our passion, our energy, our love of what we do, our insane attention to the detail and effectiveness of our techniques. Because in end, we're all alike. And we're damn ALIVE! Now for the enlightened, our shared future is full of opportunities, the humbling discoveries of others, and open projects that inspire us to join and create together. Our futures is limited only by our capability to collaborate in great projects, and also to leave space for the others. TOR is kicking and OONI roaring; TRAILS offers OS privacy and security for who needs it; many conferences are being born everywhere; Frida IRE is an amazing reversing tool; Qubes provides long sought-out tough security; plenty of new tools are being released to reveal unique weaknesses and failures. This furious creativity and ecosystem gives birth to world-changing start-ups, vital resources, must-have open source projects, and of course, one of the most open and creative cultures. All this, against all odds, exists and develops without bias nor prejudice. Just like it is. So for Hackito Ergo Sum 2013, we want to see you exactly in the same way: just like you are (ALERT: if you think about food here you need to smash your TV and DNS bind youtube.com to github.com), new or old school, skiddie or security professional, n00b or l33t, to share and show diversity, and, most of all, to LEARN. It is therefore our utmost pleasure to welcome you to this 4th edition of HES! Since 2010, the goal of Hackito Ergo Sum has been to promote security research, broaden public awareness, and create an open forum so that communication between researchers, the security industry, experts, and the public can happen. Like every year, we offer the possibility to hackers, security researchers, students, and academics to present their projects and research. During the three days of HES, research conferences, solutions presentations, panels, debates, AND PARTIES will aim to share, mix, and determine the future of IT security & hacking. --[ Content of the Research Track: We are expecting submissions in English only. The format will be 45 minutes presentation + 10 minutes Q&A. Please note that talks whose content will be judged too commercial or biased toward a given vendor will be rejected. We will have slots for AnonConf -- that is, speaking about topics for which improved anonymity and freedom of speech is imperative. (Write Anon in email, use PGP). We will also consider new and first time presenters, so that anyone can get his/her foot in the door. Don't be shy, just say "It's one of my first conf submission", and we'll be kind. For the research track, preference will be given to offensive, innovative, and highly technical proposals. As a suggestion, we would love to see things about: * SIPRnet, NIPRnet & other defense networks funny stories * LTE radio and signaling abuses and/or real life hacks * 4G, Diameter & GRX/IPX hacks * Exploit style stylography * CTF Antiforensics: Detection of Intelligence gathering CTFs * Government filternets (formerly known as Internet, R.I.P) * x86/64 & Non-x86 exploitation * New methods to detect software bugs (source or binary based) * Funky Kernel land exploits * Offensive forensics * Current kernel buffer overflows exploit techniques for your grandmother * SAT solving your ROP gadgeting and chaining * Real life hack automation (yeah, default passwords and reuse DO work better than overflows in a kernel 3.x world) * IOS vuln research & vulndev * Identifying tainted 0-day sploits for government-sponsored grey market tracing * Mobile Botnets and Overlay networks-based C&C * IPv6 & "Carrier Grade NATs" advances * M2M Machine Type Communication * Sound hacking: binaural, brown, ... * UEFI malware writing * Android, RIM, Bada, IOS Mobile applications & OS hacks * TPM and Secure Boot kitting & knifing * FPGA backdoors * Automated Hardware reverse engineering * Hardware security & lockpicking in 2013 We will also have a Zero Day Show, as last year, at the end of the conference so that people can share (love/kindness) or show (salivate/envy) their new babies to the world. Prepare! Zombie Exploitocalyps incoming :) We highly encourage any other presentation topic, especially the one we may not even imagine. If you want to share skills on a specific subject during a workshop, feel free to contact us. --[ Submissions: [*] Requested information: Submissions must contain the following information: * Speakers name or alias * Presentation Title * Description * Needs: Internet? Others? * Demo (Y/N) * Company (name) or Independent? (optional) * Address (optional) * Phone (optional) * Email (optional) * Biography (optional) We highly encourage and will favor presentations with demos. Specify if submission contains any of the following information: * Tool * Slides * Whitepaper [*] How to submit: Submit your presentation and materials by sending an email to: hes-cfp at lists.hackitoergosum.org --[ Dates: 2013-02-04 Call for Paper 2013-03-31 Submission Deadline 2013-04-04 Acceptance notification 2013-04-07 Program announcement 2013-05-02 Start of conference 2013-05-04 End of conference --[ Program Committee: The following program committee will review the submissions: - Tavis Ormandy (Google) @taviso - Mark Dowd (AzimuthSecurity) @mdowd - Alex Rice (Facebook) - Barnaby Jack (IOactive) @barnaby_jack - Charlie Miller @0xcharlie - David Litchfield (V3rity Software) @dlitchfield - Nico Waisman (Immunity) @nicowaisman - Philippe Langlois (P1 Security) @philpraxis - Laurent Gaffie @laurentgaffie - Julien Tinnes (Google) - Brad Spendler (aka spender) (Grsecurity) - Silvio Cesare (Deakin University) @silviocesare - Carlos Sarraute (Core security) - Itzik Kotler (aka izik) @itzikkotler - Jason A. Donenfeld (ZX2C4) @zx2c4 - Rodrigo Branco (Intel) @bsdaemon - Tim Shelton (HAWK Network Defense) @redsandbl4ck - Ilja Van Sprundel (IOActive) - Raoul Chiesa (tstf) - Dhillon Andrew Kannabhiran (HITB) @hackinthebox - Philip Petterson (aka Rebel) - The Grugq (COSEINC) @thegrugq - Emmanuel Gadaix (TSTF) @gadaix - Kugg (/tmp/lab) - Harald Welte (gnumonks.org) @LaF0rge - Van Hauser (THC) - Fyodor Yarochkin @fygrave - Gamma (THC, Teso) @GammaTHC - Pipacs (Linux Kernel Page Exec Protection) - Nico Golde (Qualcomm) @iamnion --[ Fees: Here is the list of prices for HES 2013: * Corporate ticket: 480 EUR * Security professionals: 160 EUR * Non security professionals: 70 EUR * Discount for students below 26: 50 EUR * Discount for CVE/exploit publisher in 2012-2013: 50 EUR * Volunteers (Must register, see below): 0 EUR Corporate tickets are a great way to directly sponsor HES and help us to continue to organize this event. Special privileges or goodies may be offer with these tickets. Buy your ticket online : http://fr.amiando.com/NGBMIJM.html --[ Sponsors: We are looking for sponsors. Don't forget that sponsors are essential for events like HES. Entrance fees and sponsors fees are used to fund international speakers travel costs and hosting facility. Please ask for the HES2013 Sponsor Kit at hes2013-orga at lists.hackitoergosum.org. --[ Volunteers: Volunteers who sign up before 2013-04-07 get free access and will need to be present onsite two days before (2013-04-30) if no further arrangement is made with the organization. --[ Journalists: Journalists are welcome, but are required to comply with simple rules to ensure the mutual respect among adults we aim to bring in Hackito. In particular, filming or taking pictures of attendees without their prior agreement is absolutely prohibited. "We shall respect privacy and people" is the only motto. Register here: http://2013.hackitoergosum.org/press/ --[ Challenges Of course, there will be an online challenge during the conference, hosted and animated by Over The Wire. We will announce the country of honor for that regard shortly. We will also have a new Hacker & Vendors challenge: -^-^-^- The Fuzzor -^-^-^- This challenge will enable the ultimate test between offensive and defensive people. If you think you can hack anything, you're offensive. If you think your product is so secure it won't suffer a hack, you're defensive. And we'll get the two groups to meet on a neutral ground, in a never-done before fashion. Hackers: Register to the conference and prepare your Hacking tools. Vendors: Prepare your software to be tested like never before. We will give more details before the conference. This new challenge will rock your underwear! --[ Security Vacation Club - Hackito Tour After Hackito Ergo Sum, we will need to rest from the intensity of the conference. That's why we're organizing a Hackito tour! Beach, clubs, code, meeting great people and party. We will go from Paris to Ibiza to Berlin and back to Paris. For the lucky few, one sponsored Villa will host us in Ibiza. See you there. --[ Anti-sexism and LGBTA Friendly: This conference is open to any sex, any color, any genre, any alienness, whatever it may be. --[ Greetz: We would like to thank the HES2013 Team, its reviewing committee and all the volunteers for their time and dedication in making this event a success. We would also like to greet all the speakers of last year's edition for the quality of their presentation and the great time we shared in Paris: you are all most welcome back in Paris for the 2013 edition. Likewise, we'd like to thank last year's sponsors for their unconditional support. Feel free to support us again for this 2013 edition. Finally, we would like to thank all the people who participated to last years edition: whatever different views of the world, communication and exchange is probably what makes people human, and that's why we make Hackito happen. See you all in May! Peace, Love, Passion. --[ Contact: hes2013-orga at lists.hackitoergosum.org Please submit via hes-cfp at lists.hackitoergosum.org Hackito Ergo Sum 2013 conference - http://hackitoergosum.org -- [ Social Media: Keep in touch with the HES Organization via Twitter! Website: http://2013.hackitoergosum.org @hesconference on Twitter ! - https://twitter.com/hesconference -[EOF]- -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: icon_smile.gif Type: image/gif Size: 174 bytes Desc: not available URL: From edachleger at yahoo.com Sat Apr 6 07:43:16 2013 From: edachleger at yahoo.com (Erich Dachleger) Date: Sat, 6 Apr 2013 08:43:16 +0100 (BST) Subject: Vedr: [CONFERENCE] HES2013 @Paris In-Reply-To: <515F0ACB.8040706@gmail.com> References: <515F0ACB.8040706@gmail.com> Message-ID: <1365234196.249.YahooMailNeo@web171203.mail.ir2.yahoo.com> ________________________________ Will the presentations from the conference be uploaded to youtube, for benefit of those unable to attend,like they did on 29c3? cheers erich -------------- next part -------------- An HTML attachment was scrubbed... URL: From Max.Suraev at fairwaves.ru Sun Apr 7 13:08:35 2013 From: Max.Suraev at fairwaves.ru (=?UTF-8?B?4piO?=) Date: Sun, 07 Apr 2013 15:08:35 +0200 Subject: [PATCH] Add A5 and GEA ciphers Message-ID: <51616FD3.7060001@fairwaves.ru> Hello. Attached is A5/3,4 GEA3,4 implementation which was described today at OsmoDevCon. This is "from the scratch" implementation, tests using test vectors from relevant 3GPP standards are included. There are couple of bits missing: * gprs_auth API needs to be changed to use GEA4 with 128 bits key * gea_test only checks algorithm correctness but not loading/using it via gprs_auth plugin api * osmo_a5_1 and osmo_a5_2 probably should be hidden from public api - the only way to call them should be through osmo_a5() function Please review and merge if possible. -- best regards, Max, http://fairwaves.ru From Max.Suraev at fairwaves.ru Sun Apr 7 12:53:52 2013 From: Max.Suraev at fairwaves.ru (Max) Date: Sun, 7 Apr 2013 14:53:52 +0200 Subject: [PATCH 1/5] Add helper routines. Message-ID: --- include/osmocom/core/bits.h | 14 +++++++++++++- include/osmocom/gsm/gsm_utils.h | 16 ++++++++++++++++ src/bits.c | 33 +++++++++++++++++++++++++++++++++ tests/bits/bitrev_test.c | 18 ++++++++++++++++-- tests/bits/bitrev_test.ok | 1 + 5 files changed, 79 insertions(+), 3 deletions(-) diff --git a/include/osmocom/core/bits.h b/include/osmocom/core/bits.h index 4c68532..bf79445 100644 --- a/include/osmocom/core/bits.h +++ b/include/osmocom/core/bits.h @@ -2,7 +2,7 @@ #define _OSMO_BITS_H #include - +#include /*! \defgroup bits soft, unpacked and packed bits * @{ */ @@ -73,6 +73,18 @@ uint32_t osmo_revbytebits_8(uint8_t x); /* \brief reverse the bits of each byte in a given buffer */ void osmo_revbytebits_buf(uint8_t *buf, int len); +/* \brief reverse the order of the bytes in a given buffer */ +void osmo_revbytes_buf(uint8_t *buf, size_t len); + +/* \brief left circular shift */ +uint16_t rol16(uint16_t in, unsigned shift); + +/* return 2 bytes from a given array glued into single uint16_t */ +uint16_t osmo_get2bytes(const uint8_t *a); + +/* convert uint64_t into array of 8 bytes in out */ +void osmo_64pack2pbit(uint64_t in, pbit_t *out); + /*! @} */ #endif /* _OSMO_BITS_H */ diff --git a/include/osmocom/gsm/gsm_utils.h b/include/osmocom/gsm/gsm_utils.h index cdbac87..f215c7b 100644 --- a/include/osmocom/gsm/gsm_utils.h +++ b/include/osmocom/gsm/gsm_utils.h @@ -85,6 +85,22 @@ static inline int ms_cm2_a5n_support(uint8_t *cm2, int n) { } } +/* According to GSM 04.08 Chapter 10.5.1.7 */ +static inline int ms_cm3_a5n_support(uint8_t *cm3, int n) { + switch (n) { + case 4: return (cm3[0] & (1<<0)) ? 1 : 0; + case 5: return (cm3[0] & (1<<1)) ? 1 : 0; + case 6: return (cm3[0] & (1<<2)) ? 1 : 0; + case 7: return (cm3[0] & (1<<3)) ? 1 : 0; + default: + return 0; + } +} + +static inline int ms_a5n_support(uint8_t *cm, int n) { + return ((n < 4) ? ms_cm2_a5n_support(cm, n) : ms_cm3_a5n_support(cm, n)); +} + /* According to GSM 04.08 Chapter 10.5.2.29 */ static inline int rach_max_trans_val2raw(int val) { return (val >> 1) & 3; } static inline int rach_max_trans_raw2val(int raw) { diff --git a/src/bits.c b/src/bits.c index 6be6d7a..41c46df 100644 --- a/src/bits.c +++ b/src/bits.c @@ -211,4 +211,37 @@ void osmo_revbytebits_buf(uint8_t *buf, int len) } } +void osmo_revbytes_buf(uint8_t *buf, size_t len) +{ + uint8_t *end = buf + len - 1, tmp; + + while (buf < end) { + tmp = *buf; + *buf++ = *end; + *end-- = tmp; + } +} + +/* left circular shift */ +uint16_t rol16(uint16_t in, unsigned shift) +{ + return (in << shift) | (in >> (16 - shift)); +} + +/* return 2 bytes from a given array glued into single uint16_t */ +uint16_t osmo_get2bytes(const uint8_t *a) +{ /* UNSAFE! NO out-of-bounds access check. Do NOT use unless you know what you are doing! */ + return (uint16_t)((((uint16_t)a[0]) << 8) + (uint16_t)a[1]); +} + +/* convert uint64_t into array of 8 bytes in out */ +void osmo_64pack2pbit(uint64_t in, pbit_t *out) +{ + int i; + for (i = 7; i >=0; i--) { + out[i] = in & 0xFF; + in >>= 8; + } +} + /*! @} */ diff --git a/tests/bits/bitrev_test.c b/tests/bits/bitrev_test.c index 5eca990..938d261 100644 --- a/tests/bits/bitrev_test.c +++ b/tests/bits/bitrev_test.c @@ -1,4 +1,4 @@ - +#include #include #include #include @@ -12,7 +12,7 @@ static const uint8_t exp_out[] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x0 int main(int argc, char **argv) { - uint8_t out[ARRAY_SIZE(input)]; + uint8_t out[ARRAY_SIZE(input)], test[8]; unsigned int offs; for (offs = 0; offs < sizeof(out); offs++) { @@ -32,5 +32,19 @@ int main(int argc, char **argv) printf("\n"); } + printf("checking bit packer... "); + uint64_t _test = ((uint64_t)rand() << 32) + rand(); + osmo_64pack2pbit(_test, test); + char s[18], *p; + snprintf(s, 17, "%.16" PRIx64, _test); + p = osmo_hexdump_nospc(test, 8); + if (0 != memcmp(s, p, 8)) { + printf ("%s\t", s); + printf ("%s\t", p); + printf("FAILED!\n"); + return 2; + } + printf("OK\n"); + return 0; } diff --git a/tests/bits/bitrev_test.ok b/tests/bits/bitrev_test.ok index 47f402f..8a5fc6e 100644 --- a/tests/bits/bitrev_test.ok +++ b/tests/bits/bitrev_test.ok @@ -22,3 +22,4 @@ REVERSED: 02 01 INORDER: 80 REVERSED: 01 +checking bit packer... OK -- 1.7.10.4 --------------060001040407040305040404 Content-Type: text/x-patch; name="0002-Add-KASUMI-implementation.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="0002-Add-KASUMI-implementation.patch" From Max.Suraev at fairwaves.ru Sun Apr 7 12:54:41 2013 From: Max.Suraev at fairwaves.ru (Max) Date: Sun, 7 Apr 2013 14:54:41 +0200 Subject: [PATCH 2/5] Add KASUMI implementation. Message-ID: --- include/osmocom/gsm/kasumi.h | 36 ++++++++ src/gsm/kasumi.c | 193 ++++++++++++++++++++++++++++++++++++++++++ tests/kasumi/kasumi_test.c | 128 ++++++++++++++++++++++++++++ tests/kasumi/kasumi_test.ok | 10 +++ 4 files changed, 367 insertions(+) create mode 100644 include/osmocom/gsm/kasumi.h create mode 100644 src/gsm/kasumi.c create mode 100644 tests/kasumi/kasumi_test.c create mode 100644 tests/kasumi/kasumi_test.ok diff --git a/include/osmocom/gsm/kasumi.h b/include/osmocom/gsm/kasumi.h new file mode 100644 index 0000000..8479968 --- /dev/null +++ b/include/osmocom/gsm/kasumi.h @@ -0,0 +1,36 @@ +/* + * KASUMI header + * + * See kasumi.c for details + */ + +#ifndef __KASUMI_H__ +#define __KASUMI_H__ + +#include + +/* + * Single iteration of KASUMI cipher +*/ +uint64_t _kasumi(uint64_t P, uint16_t *KLi1, uint16_t *KLi2, uint16_t *KOi1, uint16_t *KOi2, uint16_t *KOi3, uint16_t *KIi1, uint16_t *KIi2, uint16_t *KIi3); + +/* + * Implementation of the KGCORE algorithm (used by A5/3, A5/4, GEA3, GEA4 and ECSD) + * + * CA : uint8_t + * cb : uint8_t + * cc : uint32_t + * cd : uint8_t + * ck : uint8_t [8] + * co : uint8_t [output, cl-dependent] + * cl : uint16_t + */ +void _kasumi_kgcore(uint8_t CA, uint8_t cb, uint32_t cc, uint8_t cd, const uint8_t *ck, uint8_t *co, uint16_t cl); + +/*! \brief Expand key into set of subkeys + * \param[in] key (128 bits) as array of bytes + * \param[out] arrays of round-specific subkeys - see TS 135 202 for details + */ +void _kasumi_key_expand(const uint8_t *key, uint16_t *KLi1, uint16_t *KLi2, uint16_t *KOi1, uint16_t *KOi2, uint16_t *KOi3, uint16_t *KIi1, uint16_t *KIi2, uint16_t *KIi3); + +#endif /* __KASUMI_H__ */ diff --git a/src/gsm/kasumi.c b/src/gsm/kasumi.c new file mode 100644 index 0000000..816c681 --- /dev/null +++ b/src/gsm/kasumi.c @@ -0,0 +1,193 @@ +/* Kasumi cipher and KGcore functions */ + +/* (C) 2013 by Max + * + * All Rights Reserved + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + */ + +#include +#include +#include + +static uint16_t +_kasumi_FI(uint16_t I, uint16_t skey) +{ + static uint16_t S7[] = { + 54, 50, 62, 56, 22, 34, 94, 96, 38, 6, 63, 93, 2, 18, 123, 33, + 55, 113, 39, 114, 21, 67, 65, 12, 47, 73, 46, 27, 25, 111, 124, 81, + 53, 9, 121, 79, 52, 60, 58, 48, 101, 127, 40, 120, 104, 70, 71, 43, + 20, 122, 72, 61, 23, 109, 13, 100, 77, 1, 16, 7, 82, 10, 105, 98, + 117, 116, 76, 11, 89, 106, 0,125,118, 99, 86, 69, 30, 57, 126, 87, + 112, 51, 17, 5, 95, 14, 90, 84, 91, 8, 35,103, 32, 97, 28, 66, + 102, 31, 26, 45, 75, 4, 85, 92, 37, 74, 80, 49, 68, 29, 115, 44, + 64, 107, 108, 24, 110, 83, 36, 78, 42, 19, 15, 41, 88, 119, 59, 3 + }; + static uint16_t S9[] = { + 167, 239, 161, 379, 391, 334, 9, 338, 38, 226, 48, 358, 452, 385, 90, 397, + 183, 253, 147, 331, 415, 340, 51, 362, 306, 500, 262, 82, 216, 159, 356, 177, + 175, 241, 489, 37, 206, 17, 0, 333, 44, 254, 378, 58, 143, 220, 81, 400, + 95, 3, 315, 245, 54, 235, 218, 405, 472, 264, 172, 494, 371, 290, 399, 76, + 165, 197, 395, 121, 257, 480, 423, 212, 240, 28, 462, 176, 406, 507, 288, 223, + 501, 407, 249, 265, 89, 186, 221, 428,164, 74, 440, 196, 458, 421, 350, 163, + 232, 158, 134, 354, 13, 250, 491, 142,191, 69, 193, 425, 152, 227, 366, 135, + 344, 300, 276, 242, 437, 320, 113, 278, 11, 243, 87, 317, 36, 93, 496, 27, + 487, 446, 482, 41, 68, 156, 457, 131, 326, 403, 339, 20, 39, 115, 442, 124, + 475, 384, 508, 53, 112, 170, 479, 151, 126, 169, 73, 268, 279, 321, 168, 364, + 363, 292, 46, 499, 393, 327, 324, 24, 456, 267, 157, 460, 488, 426, 309, 229, + 439, 506, 208, 271, 349, 401, 434, 236, 16, 209, 359, 52, 56, 120, 199, 277, + 465, 416, 252, 287, 246, 6, 83, 305, 420, 345, 153,502, 65, 61, 244, 282, + 173, 222, 418, 67, 386, 368, 261, 101, 476, 291, 195,430, 49, 79, 166, 330, + 280, 383, 373, 128, 382, 408, 155, 495, 367, 388, 274, 107, 459, 417, 62, 454, + 132, 225, 203, 316, 234, 14, 301, 91, 503, 286, 424, 211, 347, 307, 140, 374, + 35, 103, 125, 427, 19, 214, 453, 146, 498, 314, 444, 230, 256, 329, 198, 285, + 50, 116, 78, 410, 10, 205, 510, 171, 231, 45, 139, 467, 29, 86, 505, 32, + 72, 26, 342, 150, 313, 490, 431, 238, 411, 325, 149, 473, 40, 119, 174, 355, + 185, 233, 389, 71, 448, 273, 372, 55, 110, 178, 322, 12, 469, 392, 369, 190, + 1, 109, 375, 137, 181, 88, 75, 308, 260, 484, 98, 272, 370, 275, 412, 111, + 336, 318, 4, 504, 492, 259, 304, 77, 337, 435, 21, 357, 303, 332, 483, 18, + 47, 85, 25, 497, 474, 289, 100, 269, 296, 478, 270, 106, 31, 104, 433, 84, + 414, 486, 394, 96, 99, 154, 511, 148, 413, 361, 409, 255, 162, 215, 302, 201, + 266, 351, 343, 144, 441, 365, 108, 298, 251, 34, 182, 509, 138, 210, 335, 133, + 311, 352, 328, 141, 396, 346, 123, 319, 450, 281, 429, 228, 443, 481, 92, 404, + 485, 422, 248, 297, 23, 213, 130, 466, 22, 217, 283, 70, 294, 360, 419, 127, + 312, 377, 7, 468, 194, 2, 117, 295, 463, 258, 224, 447, 247, 187, 80, 398, + 284, 353, 105, 390, 299, 471, 470, 184, 57, 200, 348, 63, 204, 188, 33, 451, + 97, 30, 310, 219, 94, 160, 129, 493, 64, 179, 263, 102, 189, 207, 114, 402, + 438, 477, 387, 122, 192, 42, 381, 5, 145, 118, 180, 449, 293, 323, 136, 380, + 43, 66, 60, 455, 341, 445, 202, 432, 8, 237, 15, 376, 436, 464, 59, 461 + }; + uint16_t L, R; + + /* Split 16 bit input into two unequal halves: 9 and 7 bits, same for subkey */ + L = I >> 7; /* take 9 bits */ + R = I & 0x7F; /* take 7 bits */ + + L = S9[L] ^ R; + R = S7[R] ^ (L & 0x7F); + + L ^= (skey & 0x1FF); + R ^= (skey >> 9); + + L = S9[L] ^ R; + R = S7[R] ^ (L & 0x7F); + + return (R << 9) + L; +} + +static uint32_t +_kasumi_FO(uint32_t I, uint16_t *KOi1, uint16_t *KOi2, uint16_t *KOi3, uint16_t *KIi1, uint16_t *KIi2, uint16_t *KIi3, unsigned i) +{ + uint16_t L = I >> 16, R = I; /* Split 32 bit input into Left and Right parts */ + + L ^= KOi1[i]; + L = _kasumi_FI(L, KIi1[i]); + L ^= R; + + R ^= KOi2[i]; + R = _kasumi_FI(R, KIi2[i]); + R ^= L; + + L ^= KOi3[i]; + L = _kasumi_FI(L, KIi3[i]); + L ^= R; + + return (((uint32_t)R) << 16) + L; +} + +static uint32_t +_kasumi_FL(uint32_t I, uint16_t *KLi1, uint16_t *KLi2, unsigned i) +{ + uint16_t L = I >> 16, R = I, tmp; /* Split 32 bit input into Left and Right parts */ + + tmp = L & KLi1[i]; + R ^= rol16(tmp, 1); + + tmp = R | KLi2[i]; + L ^= rol16(tmp, 1); + + return (((uint32_t)L) << 16) + R; +} + +uint64_t +_kasumi(uint64_t P, uint16_t *KLi1, uint16_t *KLi2, uint16_t *KOi1, uint16_t *KOi2, uint16_t *KOi3, uint16_t *KIi1, uint16_t *KIi2, uint16_t *KIi3) +{ + uint32_t i, L = P >> 32, R = P; /* Split 64 bit input into Left and Right parts */ + + for (i = 0; i < 8; i++) + { + R ^= _kasumi_FO(_kasumi_FL(L, KLi1, KLi2, i), KOi1, KOi2, KOi3, KIi1, KIi2, KIi3, i); /* odd round */ + i++; + L ^= _kasumi_FL(_kasumi_FO(R, KOi1, KOi2, KOi3, KIi1, KIi2, KIi3, i), KLi1, KLi2, i); /* even round */ + } + return (((uint64_t)L) << 32) + R; /* Concatenate Left and Right 32 bits into 64 bit ciphertext */ +} + +/*! \brief Expand key into set of subkeys + * \param[in] key (128 bits) as array of bytes + * \param[out] arrays of round-specific subkeys - see TS 135 202 for details + */ +void +_kasumi_key_expand(const uint8_t *key, uint16_t *KLi1, uint16_t *KLi2, uint16_t *KOi1, uint16_t *KOi2, uint16_t *KOi3, uint16_t *KIi1, uint16_t *KIi2, uint16_t *KIi3) +{ + uint16_t i, C[] = { 0x0123, 0x4567, 0x89AB, 0xCDEF, 0xFEDC, 0xBA98, 0x7654, 0x3210 }; + + for (i = 0; i < 8; i++) /* Work with 16 bit subkeys and create prime subkeys */ + { + C[i] ^= osmo_get2bytes(key + i * 2); + } + /* C[] now stores K-prime[] */ + for (i = 0; i < 8; i++) /* Create round-specific subkeys */ + { + KLi1[i] = rol16(osmo_get2bytes(key + i * 2), 1); + KLi2[i] = C[(i + 2) & 0x7]; + + KOi1[i] = rol16(osmo_get2bytes(key + ((2 * (i + 1)) & 0xE)), 5); + KOi2[i] = rol16(osmo_get2bytes(key + ((2 * (i + 5)) & 0xE)), 8); + KOi3[i] = rol16(osmo_get2bytes(key + ((2 * (i + 6)) & 0xE)), 13); + + KIi1[i] = C[(i + 4) & 0x7]; + KIi2[i] = C[(i + 3) & 0x7]; + KIi3[i] = C[(i + 7) & 0x7]; + } +} + +void +_kasumi_kgcore(uint8_t CA, uint8_t cb, uint32_t cc, uint8_t cd, const uint8_t *ck, uint8_t *co, uint16_t cl) +{ + uint16_t KLi1[8], KLi2[8], KOi1[8], KOi2[8], KOi3[8], KIi1[8], KIi2[8], KIi3[8], i; + uint64_t A = ((uint64_t)cc) << 32, BLK = 0, _ca = ((uint64_t)CA << 16) ; + A |= _ca; + _ca = (uint64_t)((cb << 3) | (cd << 2)) << 24; + A |= _ca; + /* Register loading complete: see TR 55.919 8.2 and TS 55.216 3.2 */ + + uint8_t ck_km[16]; + for (i = 0; i < 16; i++) ck_km[i] = ck[i] ^ 0x55; /* Modified key established */ + + /* preliminary round with modified key */ + _kasumi_key_expand(ck_km, KLi1, KLi2, KOi1, KOi2, KOi3, KIi1, KIi2, KIi3); + A = _kasumi(A, KLi1, KLi2, KOi1, KOi2, KOi3, KIi1, KIi2, KIi3); + + /* Run Kasumi in OFB to obtain enough data for gamma. */ + _kasumi_key_expand(ck, KLi1, KLi2, KOi1, KOi2, KOi3, KIi1, KIi2, KIi3); + for (i = 0; i < cl / 64 + 1; i++) /* i is a block counter */ + { + BLK = _kasumi(A ^ i ^ BLK, KLi1, KLi2, KOi1, KOi2, KOi3, KIi1, KIi2, KIi3); + osmo_64pack2pbit(BLK, co + (i * 8)); + } +} diff --git a/tests/kasumi/kasumi_test.c b/tests/kasumi/kasumi_test.c new file mode 100644 index 0000000..5504905 --- /dev/null +++ b/tests/kasumi/kasumi_test.c @@ -0,0 +1,128 @@ +#include +#include +#include +#include +#include + +#include +#include +#include // for testing internal A5/3 functions + + +inline int _compare_mem(uint8_t * x, uint8_t * y, size_t len) { + if (0 != memcmp(x, y, len)) { + printf ("X: %s\t", osmo_hexdump_nospc(x, len)); + printf ("Y: %s\n", osmo_hexdump_nospc(y, len)); + return 0; + } + return 1; +} + +inline static void test_expansion(uint8_t * test_key, uint16_t * _KLi1, uint16_t * _KLi2, uint16_t * _KOi1, uint16_t * _KOi2, uint16_t * _KOi3, uint16_t * _KIi1, uint16_t * _KIi2, uint16_t * _KIi3, uint16_t * _KLi1_r, uint16_t * _KLi2_r, uint16_t * _KOi1_r, uint16_t * _KOi2_r, uint16_t * _KOi3_r, uint16_t * _KIi1_r, uint16_t * _KIi2_r, uint16_t * _KIi3_r) +{ + _kasumi_key_expand(test_key, _KLi1, _KLi2, _KOi1, _KOi2, _KOi3, _KIi1, _KIi2, _KIi3); + int passed = 1; + passed = _compare_mem((uint8_t *)_KLi1, (uint8_t *)_KLi1_r, 16); + passed = _compare_mem((uint8_t *)_KLi2, (uint8_t *)_KLi2_r, 16); + passed = _compare_mem((uint8_t *)_KOi1, (uint8_t *)_KOi1_r, 16); + passed = _compare_mem((uint8_t *)_KOi2, (uint8_t *)_KOi2_r, 16); + passed = _compare_mem((uint8_t *)_KOi3, (uint8_t *)_KOi3_r, 16); + passed = _compare_mem((uint8_t *)_KIi1, (uint8_t *)_KIi1_r, 16); + passed = _compare_mem((uint8_t *)_KIi2, (uint8_t *)_KIi2_r, 16); + passed = _compare_mem((uint8_t *)_KIi3, (uint8_t *)_KIi3_r, 16); + if (passed) printf(" OK. "); else printf("FAILED!"); +} + +int main(int argc, char **argv) +{ + uint16_t _KLi1[8], _KLi2[8], _KOi1[8], _KOi2[8], _KOi3[8], _KIi1[8], _KIi2[8], _KIi3[8], _KLi1_r[8], _KLi2_r[8], _KOi1_r[8], _KOi2_r[8], _KOi3_r[8], _KIi1_r[8], _KIi2_r[8], _KIi3_r[8]; + + printf("testing KASUMI key expansion and encryption (ETSI TS 135 203):\n"); + printf("KASUMI Test Set 1..."); + +uint8_t _test_key1[] = {0x2B, 0xD6, 0x45, 0x9F, 0x82, 0xC5, 0xB3, 0x00, 0x95, 0x2C, 0x49, 0x10, 0x48, 0x81, 0xFF, 0x48}; +_KLi1_r[0] = 0x57AC; _KLi1_r[1] = 0x8B3E; _KLi1_r[2] = 0x058B; _KLi1_r[3] = 0x6601; _KLi1_r[4] = 0x2A59; _KLi1_r[5] = 0x9220; _KLi1_r[6] = 0x9102; _KLi1_r[7] = 0xFE91; +_KLi2_r[0] = 0x0B6E; _KLi2_r[1] = 0x7EEF; _KLi2_r[2] = 0x6BF0; _KLi2_r[3] = 0xF388; _KLi2_r[4] = 0x3ED5; _KLi2_r[5] = 0xCD58; _KLi2_r[6] = 0x2AF5; _KLi2_r[7] = 0x00F8; +_KOi1_r[0] = 0xB3E8; _KOi1_r[1] = 0x58B0; _KOi1_r[2] = 0x6016; _KOi1_r[3] = 0xA592; _KOi1_r[4] = 0x2209; _KOi1_r[5] = 0x1029; _KOi1_r[6] = 0xE91F; _KOi1_r[7] = 0x7AC5; +_KOi2_r[0] = 0x1049; _KOi2_r[1] = 0x8148; _KOi2_r[2] = 0x48FF; _KOi2_r[3] = 0xD62B; _KOi2_r[4] = 0x9F45; _KOi2_r[5] = 0xC582; _KOi2_r[6] = 0x00B3; _KOi2_r[7] = 0x2C95; +_KOi3_r[0] = 0x2910; _KOi3_r[1] = 0x1FE9; _KOi3_r[2] = 0xC57A; _KOi3_r[3] = 0xE8B3; _KOi3_r[4] = 0xB058; _KOi3_r[5] = 0x1660; _KOi3_r[6] = 0x92A5; _KOi3_r[7] = 0x0922; +_KIi1_r[0] = 0x6BF0; _KIi1_r[1] = 0xF388; _KIi1_r[2] = 0x3ED5; _KIi1_r[3] = 0xCD58; _KIi1_r[4] = 0x2AF5; _KIi1_r[5] = 0x00F8; _KIi1_r[6] = 0x0B6E; _KIi1_r[7] = 0x7EEF; +_KIi2_r[0] = 0x7EEF; _KIi2_r[1] = 0x6BF0; _KIi2_r[2] = 0xF388; _KIi2_r[3] = 0x3ED5; _KIi2_r[4] = 0xCD58; _KIi2_r[5] = 0x2AF5; _KIi2_r[6] = 0x00F8; _KIi2_r[7] = 0x0B6E; +_KIi3_r[0] = 0xCD58; _KIi3_r[1] = 0x2AF5; _KIi3_r[2] = 0x00F8; _KIi3_r[3] = 0x0B6E; _KIi3_r[4] = 0x7EEF; _KIi3_r[5] = 0x6BF0; _KIi3_r[6] = 0xF388; _KIi3_r[7] = 0x3ED5; +test_expansion(_test_key1, _KLi1, _KLi2, _KOi1, _KOi2, _KOi3, _KIi1, _KIi2, _KIi3, _KLi1_r, _KLi2_r, _KOi1_r, _KOi2_r, _KOi3_r, _KIi1_r, _KIi2_r, _KIi3_r); + +if (0xDF1F9B251C0BF45F == _kasumi(0xEA024714AD5C4D84, _KLi1, _KLi2, _KOi1, _KOi2, _KOi3, _KIi1, _KIi2, _KIi3)) + printf("OK."); else printf("FAILED!"); + +printf("\nKASUMI Test Set 2..."); + +uint8_t _test_key2[] = {0x8C, 0xE3, 0x3E, 0x2C, 0xC3, 0xC0, 0xB5, 0xFC, 0x1F, 0x3D, 0xE8, 0xA6, 0xDC, 0x66, 0xB1, 0xF3}; +_KLi1_r[0] = 0x19C7; _KLi1_r[1] = 0x7C58; _KLi1_r[2] = 0x8781; _KLi1_r[3] = 0x6BF9; _KLi1_r[4] = 0x3E7A; _KLi1_r[5] = 0xD14D; _KLi1_r[6] = 0xB8CD; _KLi1_r[7] = 0x63E7; +_KLi2_r[0] = 0x4A6B; _KLi2_r[1] = 0x7813; _KLi2_r[2] = 0xE1E1; _KLi2_r[3] = 0x523E; _KLi2_r[4] = 0xAA32; _KLi2_r[5] = 0x83E3; _KLi2_r[6] = 0x8DC0; _KLi2_r[7] = 0x7B4B; +_KOi1_r[0] = 0xC587; _KOi1_r[1] = 0x7818; _KOi1_r[2] = 0xBF96; _KOi1_r[3] = 0xE7A3; _KOi1_r[4] = 0x14DD; _KOi1_r[5] = 0x8CDB; _KOi1_r[6] = 0x3E76; _KOi1_r[7] = 0x9C71; +_KOi2_r[0] = 0xA6E8; _KOi2_r[1] = 0x66DC; _KOi2_r[2] = 0xF3B1; _KOi2_r[3] = 0xE38C; _KOi2_r[4] = 0x2C3E; _KOi2_r[5] = 0xC0C3; _KOi2_r[6] = 0xFCB5; _KOi2_r[7] = 0x3D1F; +_KOi3_r[0] = 0xDB8C; _KOi3_r[1] = 0x763E; _KOi3_r[2] = 0x719C; _KOi3_r[3] = 0x87C5; _KOi3_r[4] = 0x1878; _KOi3_r[5] = 0x96BF; _KOi3_r[6] = 0xA3E7; _KOi3_r[7] = 0xDD14; +_KIi1_r[0] = 0xE1E1; _KIi1_r[1] = 0x523E; _KIi1_r[2] = 0xAA32; _KIi1_r[3] = 0x83E3; _KIi1_r[4] = 0x8DC0; _KIi1_r[5] = 0x7B4B; _KIi1_r[6] = 0x4A6B; _KIi1_r[7] = 0x7813; +_KIi2_r[0] = 0x7813; _KIi2_r[1] = 0xE1E1; _KIi2_r[2] = 0x523E; _KIi2_r[3] = 0xAA32; _KIi2_r[4] = 0x83E3; _KIi2_r[5] = 0x8DC0; _KIi2_r[6] = 0x7B4B; _KIi2_r[7] = 0x4A6B; +_KIi3_r[0] = 0x83E3; _KIi3_r[1] = 0x8DC0; _KIi3_r[2] = 0x7B4B; _KIi3_r[3] = 0x4A6B; _KIi3_r[4] = 0x7813; _KIi3_r[5] = 0xE1E1; _KIi3_r[6] = 0x523E; _KIi3_r[7] = 0xAA32; +test_expansion(_test_key2, _KLi1, _KLi2, _KOi1, _KOi2, _KOi3, _KIi1, _KIi2, _KIi3, _KLi1_r, _KLi2_r, _KOi1_r, _KOi2_r, _KOi3_r, _KIi1_r, _KIi2_r, _KIi3_r); + +if (0xDE551988CEB2F9B7 == _kasumi(0xD3C5D592327FB11C, _KLi1, _KLi2, _KOi1, _KOi2, _KOi3, _KIi1, _KIi2, _KIi3)) + printf("OK."); else printf("FAILED!"); + +printf("\nKASUMI Test Set 3..."); + +uint8_t _test_key3[] = {0x40, 0x35, 0xC6, 0x68, 0x0A, 0xF8, 0xC6, 0xD1, 0xA8, 0xFF, 0x86, 0x67, 0xB1, 0x71, 0x40, 0x13}; +_KLi1_r[0] = 0x806A; _KLi1_r[1] = 0x8CD1; _KLi1_r[2] = 0x15F0; _KLi1_r[3] = 0x8DA3; _KLi1_r[4] = 0x51FF; _KLi1_r[5] = 0x0CCF; _KLi1_r[6] = 0x62E3; _KLi1_r[7] = 0x8026; +_KLi2_r[0] = 0x8353; _KLi2_r[1] = 0x0B3E; _KLi2_r[2] = 0x5623; _KLi2_r[3] = 0x3CFF; _KLi2_r[4] = 0xC725; _KLi2_r[5] = 0x7203; _KLi2_r[6] = 0x4116; _KLi2_r[7] = 0x830F; +_KOi1_r[0] = 0xCD18; _KOi1_r[1] = 0x5F01; _KOi1_r[2] = 0xDA38; _KOi1_r[3] = 0x1FF5; _KOi1_r[4] = 0xCCF0; _KOi1_r[5] = 0x2E36; _KOi1_r[6] = 0x0268; _KOi1_r[7] = 0x06A8; +_KOi2_r[0] = 0x6786; _KOi2_r[1] = 0x71B1; _KOi2_r[2] = 0x1340; _KOi2_r[3] = 0x3540; _KOi2_r[4] = 0x68C6; _KOi2_r[5] = 0xF80A; _KOi2_r[6] = 0xD1C6; _KOi2_r[7] = 0xFFA8; +_KOi3_r[0] = 0x362E; _KOi3_r[1] = 0x6802; _KOi3_r[2] = 0xA806; _KOi3_r[3] = 0x18CD; _KOi3_r[4] = 0x015F; _KOi3_r[5] = 0x38DA; _KOi3_r[6] = 0xF51F; _KOi3_r[7] = 0xF0CC; +_KIi1_r[0] = 0x5623; _KIi1_r[1] = 0x3CFF; _KIi1_r[2] = 0xC725; _KIi1_r[3] = 0x7203; _KIi1_r[4] = 0x4116; _KIi1_r[5] = 0x830F; _KIi1_r[6] = 0x8353; _KIi1_r[7] = 0x0B3E; +_KIi2_r[0] = 0x0B3E; _KIi2_r[1] = 0x5623; _KIi2_r[2] = 0x3CFF; _KIi2_r[3] = 0xC725; _KIi2_r[4] = 0x7203; _KIi2_r[5] = 0x4116; _KIi2_r[6] = 0x830F; _KIi2_r[7] = 0x8353; +_KIi3_r[0] = 0x7203; _KIi3_r[1] = 0x4116; _KIi3_r[2] = 0x830F; _KIi3_r[3] = 0x8353; _KIi3_r[4] = 0x0B3E; _KIi3_r[5] = 0x5623; _KIi3_r[6] = 0x3CFF; _KIi3_r[7] = 0xC725; +test_expansion(_test_key3, _KLi1, _KLi2, _KOi1, _KOi2, _KOi3, _KIi1, _KIi2, _KIi3, _KLi1_r, _KLi2_r, _KOi1_r, _KOi2_r, _KOi3_r, _KIi1_r, _KIi2_r, _KIi3_r); + +if (0x4592B0E78690F71B == _kasumi(0x62A540981BA6F9B7, _KLi1, _KLi2, _KOi1, _KOi2, _KOi3, _KIi1, _KIi2, _KIi3)) + printf("OK."); else printf("FAILED!"); + +printf("\nKASUMI Test Set 4..."); +uint8_t _test_key4[] = {0x3A, 0x3B, 0x39, 0xB5, 0xC3, 0xF2, 0x37, 0x6D, 0x69, 0xF7, 0xD5, 0x46, 0xE5, 0xF8, 0x5D, 0x43}; +uint64_t I4 = 0xCA49C1C75771AB0B, i; +_kasumi_key_expand(_test_key4, _KLi1, _KLi2, _KOi1, _KOi2, _KOi3, _KIi1, _KIi2, _KIi3); + +for (i = 0; i < 50; i++) + I4 = _kasumi(I4, _KLi1, _KLi2, _KOi1, _KOi2, _KOi3, _KIi1, _KIi2, _KIi3); + +if (0x738BAD4C4A690802 == I4) printf(" OK.\n"); else printf("FAILED!"); + + +uint8_t gamma[32]; + +uint8_t _Key1[] = {0x2B, 0xD6, 0x45, 0x9F, 0x82, 0xC5, 0xBC, 0x00, 0x2B, 0xD6, 0x45, 0x9F, 0x82, 0xC5, 0xBC, 0x00}, +_gamma1[] = {0x88, 0x9E, 0xEA, 0xAF, 0x9E, 0xD1, 0xBA, 0x1A, 0xBB, 0xD8, 0x43, 0x62, 0x32, 0xE4, 0x57, 0x28, 0xD0, 0x1A, 0xA8, 0x91, 0x33, 0xDA, 0x73, 0xC1, 0x1E, 0xAB, 0x68, 0xB7, 0xD8, 0x9B, 0xC8, 0x41}; +_kasumi_kgcore(0xF, 0, 0x0024F20F, 0, _Key1, gamma, 228); +printf ("KGCORE Test Set 1: %d\n", _compare_mem(gamma, _gamma1, 32)); + +uint8_t _Key2[] = {0x95, 0x2C, 0x49, 0x10, 0x48, 0x81, 0xFF, 0x48, 0x95, 0x2C, 0x49, 0x10, 0x48, 0x81, 0xFF, 0x48}, +_gamma2[] = {0xFB, 0x4D, 0x5F, 0xBC, 0xEE, 0x13, 0xA3, 0x33, 0x89, 0x28, 0x56, 0x86, 0xE9, 0xA5, 0xC9, 0x42, 0x40, 0xDE, 0x38, 0x15, 0x01, 0x15, 0xF1, 0x5F, 0x8D, 0x9D, 0x98, 0xB9, 0x1A, 0x94, 0xB2, 0x96}; +_kasumi_kgcore(0xF, 0, 0x00061272, 0, _Key2, gamma, 228); +printf ("KGCORE Test Set 2: %d\n", _compare_mem(gamma, _gamma2, 32)); + +uint8_t _Key3[] = {0xEF, 0xA8, 0xB2, 0x22, 0x9E, 0x72, 0x0C, 0x2A, 0xEF, 0xA8, 0xB2, 0x22, 0x9E, 0x72, 0x0C, 0x2A}, +_gamma3[] = {0x0E, 0x40, 0x15, 0x75, 0x5A, 0x33, 0x64, 0x69, 0xC3, 0xDD, 0x86, 0x80, 0xE3, 0x03, 0x5B, 0xC4, 0x19, 0xA7, 0x8A, 0xD3, 0x86, 0x2C, 0x10, 0x90, 0xC6, 0x8A, 0x39, 0x1F, 0xE8, 0xA6, 0xAD, 0xEB}; +_kasumi_kgcore(0xF, 0, 0x0033FD3F, 0, _Key3, gamma, 228); +printf ("KGCORE Test Set 3: %d\n", _compare_mem(gamma, _gamma3, 32)); + +uint8_t _Key4[] = {0x5A, 0xCB, 0x1D, 0x64, 0x4C, 0x0D, 0x51, 0x20, 0x4E, 0xA5, 0x5A, 0xCB, 0x1D, 0x64, 0x4C, 0x0D}, +_gamma4[] = {0xE0, 0x95, 0x30, 0x6A, 0xD5, 0x08, 0x6E, 0x2E, 0xAC, 0x7F, 0x31, 0x07, 0xDE, 0x4F, 0xA2, 0x2D, 0xC1, 0xDF, 0xC9, 0x7D, 0x5B, 0xC5, 0x66, 0x1D, 0xD6, 0x09, 0x6F, 0x47, 0x6A, 0xED, 0xC6, 0x4B}; +_kasumi_kgcore(0xF, 0, 0x00156B26, 0, _Key4, gamma, 228); +printf ("KGCORE Test Set 4: %d\n", _compare_mem(gamma, _gamma4, 32)); + +uint8_t _Key5[] = {0xD3, 0xC5, 0xD5, 0x92, 0x32, 0x7F, 0xB1, 0x1C, 0x40, 0x35, 0xC6, 0x68, 0x0A, 0xF8, 0xC6, 0xD1}, +_gamma5[] = {0xDC, 0xE6, 0x43, 0x62, 0xAB, 0x5F, 0x89, 0xC1, 0x1E, 0xF0, 0xB3, 0x05, 0x16, 0x65, 0x70, 0xF4, 0x88, 0x9D, 0x55, 0x11, 0xE9, 0xE3, 0x57, 0x5D, 0x06, 0x2B, 0x5C, 0xED, 0x60, 0x39, 0x50, 0x6A}; +_kasumi_kgcore(0xF, 0, 0x000A59B4, 0, _Key5, gamma, 228); +printf ("KGCORE Test Set 5: %d\n", _compare_mem(gamma, _gamma5, 32)); + + return 0; +} diff --git a/tests/kasumi/kasumi_test.ok b/tests/kasumi/kasumi_test.ok new file mode 100644 index 0000000..2c2af4c --- /dev/null +++ b/tests/kasumi/kasumi_test.ok @@ -0,0 +1,10 @@ +testing KASUMI key expansion and encryption (ETSI TS 135 203): +KASUMI Test Set 1... OK. OK. +KASUMI Test Set 2... OK. OK. +KASUMI Test Set 3... OK. OK. +KASUMI Test Set 4... OK. +KGCORE Test Set 1: 1 +KGCORE Test Set 2: 1 +KGCORE Test Set 3: 1 +KGCORE Test Set 4: 1 +KGCORE Test Set 5: 1 -- 1.7.10.4 --------------060001040407040305040404 Content-Type: text/x-patch; name="0003-Add-GEA3-and-GEA4-ciphers.patch" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="0003-Add-GEA3-and-GEA4-ciphers.patch" =46rom da6079e295966d9de1bba344f926c8c9eb2af33f Mon Sep 17 00:00:00 2001 From: Max Date: Sun, 7 Apr 2013 14:56:02 +0200 Subject: [PATCH 3/5] Add GEA3 and GEA4 ciphers. --- include/osmocom/crypt/gprs_cipher.h | 1 + include/osmocom/gsm/gea.h | 28 +++++ src/gsm/gea.c | 45 +++++++ src/gsm/gprs_gea.c | 39 ++++++ tests/gea/gea_test | 228 +++++++++++++++++++++++++++++= ++++++ tests/gea/gea_test.c | 54 +++++++++ tests/gea/gea_test.ok | 11 ++ 7 files changed, 406 insertions(+) create mode 100644 include/osmocom/gsm/gea.h create mode 100644 src/gsm/gea.c create mode 100644 src/gsm/gprs_gea.c create mode 100755 tests/gea/gea_test create mode 100644 tests/gea/gea_test.c create mode 100644 tests/gea/gea_test.ok diff --git a/include/osmocom/crypt/gprs_cipher.h b/include/osmocom/crypt/= gprs_cipher.h index 3051071..f6ca01a 100644 --- a/include/osmocom/crypt/gprs_cipher.h +++ b/include/osmocom/crypt/gprs_cipher.h @@ -10,6 +10,7 @@ enum gprs_ciph_algo { GPRS_ALGO_GEA1, GPRS_ALGO_GEA2, GPRS_ALGO_GEA3, + GPRS_ALGO_GEA4, _GPRS_ALGO_NUM }; =20 diff --git a/include/osmocom/gsm/gea.h b/include/osmocom/gsm/gea.h new file mode 100644 index 0000000..9ea7231 --- /dev/null +++ b/include/osmocom/gsm/gea.h @@ -0,0 +1,28 @@ +/* + * GEA3 header + * + * See gea.c for details + */ + +#ifndef __GEA_H__ +#define __GEA_H__ + +#include + +#include + +/* + * Performs the GEA3 algorithm (used in GPRS) + * out : uint8_t [] + * len : uint16_t + * kc : uint64_t + * iv : uint32_t + * direct: 0 or 1 + */ + +int osmo_gea3(uint8_t *out, uint16_t len, uint64_t kc, uint32_t iv, enum= gprs_cipher_direction direct); + +int osmo_gea4(uint8_t *out, uint16_t len, uint8_t * kc, uint32_t iv, enu= m gprs_cipher_direction direct); + +#endif /* __GEA_H__ */ + diff --git a/src/gsm/gea.c b/src/gsm/gea.c new file mode 100644 index 0000000..ac879a8 --- /dev/null +++ b/src/gsm/gea.c @@ -0,0 +1,45 @@ +/* + * gea.c + * + * Full reimplementation of GEA3 + * + * Copyright (C) 2013 Max + * + * All Rights Reserved + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License alo= ng + * with this program; if not, write to the Free Software Foundation, Inc= =2E, + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#include + +#include +#include +#include + + +int osmo_gea4(uint8_t *out, uint16_t len, uint8_t * kc, uint32_t iv, enu= m gprs_cipher_direction direction) { + _kasumi_kgcore(0xFF, 0, iv, direction, kc, out, len * 8); + + return 0; +} + +int osmo_gea3(uint8_t *out, uint16_t len, uint64_t kc, uint32_t iv, enum= gprs_cipher_direction direction) { + uint8_t ck[16]; + osmo_64pack2pbit(kc, ck); + osmo_64pack2pbit(kc, ck + 8); + +// _kasumi_kgcore(0xFF, 0, iv, direction, ck, out, len * 8); + + return osmo_gea4(out, len, ck, iv, direction); +} diff --git a/src/gsm/gprs_gea.c b/src/gsm/gprs_gea.c new file mode 100644 index 0000000..3e0fddd --- /dev/null +++ b/src/gsm/gprs_gea.c @@ -0,0 +1,39 @@ +/* + * gprs_gea.c + * + * GEA3 plugin + * + * Copyright (C) 2013 Max + * + * All Rights Reserved + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License alo= ng + * with this program; if not, write to the Free Software Foundation, Inc= =2E, + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#include + +#include +#include + +static struct gprs_cipher_impl gea3_impl =3D { + .algo =3D GPRS_ALGO_GEA3, + .name =3D "GEA3 (libosmogsm built-in)", + .priority =3D 1000, + .run =3D &osmo_gea3, +}; + +static void __attribute__((constructor)) osmo_crypt_a5_init(void) +{ + gprs_cipher_register(&gea3_impl); +} diff --git a/tests/gea/gea_test b/tests/gea/gea_test new file mode 100755 index 0000000..aa1fb66 --- /dev/null +++ b/tests/gea/gea_test @@ -0,0 +1,228 @@ +#! /bin/bash + +# gea/gea_test - temporary wrapper script for .libs/gea_test +# Generated by libtool (GNU libtool) 2.4.2 Debian-2.4.2-1ubuntu2 +# +# The gea/gea_test program cannot be directly executed until all the lib= tool +# libraries that it depends on are installed. +# +# This wrapper script should never be moved out of the build directory. +# If it is, it will not operate correctly. + +# Sed substitution that helps us do robust quoting. It backslashifies +# metacharacters that are still active within double-quoted strings. +sed_quote_subst=3D's/\([`"$\\]\)/\\\1/g' + +# Be Bourne compatible +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then + emulate sh + NULLCMD=3D: + # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'=3D'"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac +fi +BIN_SH=3Dxpg4; export BIN_SH # for Tru64 +DUALCASE=3D1; export DUALCASE # for MKS sh + +# The HP-UX ksh and POSIX shell print the target directory to stdout +# if CDPATH is set. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +relink_command=3D"(cd /home/god/source/libosmocore/tests; { test -z \"\$= {LIBRARY_PATH+set}\" || unset LIBRARY_PATH || { LIBRARY_PATH=3D; export L= IBRARY_PATH; }; }; { test -z \"\${COMPILER_PATH+set}\" || unset COMPILER_= PATH || { COMPILER_PATH=3D; export COMPILER_PATH; }; }; { test -z \"\${GC= C_EXEC_PREFIX+set}\" || unset GCC_EXEC_PREFIX || { GCC_EXEC_PREFIX=3D; ex= port GCC_EXEC_PREFIX; }; }; { test -z \"\${LD_RUN_PATH+set}\" || unset LD= _RUN_PATH || { LD_RUN_PATH=3D; export LD_RUN_PATH; }; }; { test -z \"\${L= D_LIBRARY_PATH+set}\" || unset LD_LIBRARY_PATH || { LD_LIBRARY_PATH=3D; e= xport LD_LIBRARY_PATH; }; }; PATH=3D/home/god/bin:/sbin:/usr/local/sbin:/= usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games; = export PATH; gcc -Wall -I../include -g -O2 -o \$progdir/\$file gea_test.o= ../src/.libs/libosmocore.so ../src/gsm/.libs/libosmogsm.so -Wl,-rpath -= Wl,/home/god/source/libosmocore/src/.libs -Wl,-rpath -Wl,/home/god/source= /libosmocore/src/gsm/.libs)" + +# This environment variable determines our operation mode. +if test "$libtool_install_magic" =3D "%%%MAGIC variable%%%"; then + # install mode needs the following variables: + generated_by_libtool_version=3D'2.4.2' + notinst_deplibs=3D' ../src/libosmocore.la ../src/gsm/libosmogsm.la' +else + # When we are sourced in execute mode, $file and $ECHO are already set= =2E + if test "$libtool_execute_magic" !=3D "%%%MAGIC variable%%%"; then + file=3D"$0" + +# A function that is used when there is no print builtin or printf. +func_fallback_echo () +{ + eval 'cat <<_LTECHO_EOF +$1 +_LTECHO_EOF' +} + ECHO=3D"printf %s\\n" + fi + +# Very basic option parsing. These options are (a) specific to +# the libtool wrapper, (b) are identical between the wrapper +# /script/ and the wrapper /executable/ which is used only on +# windows platforms, and (c) all begin with the string --lt- +# (application programs are unlikely to have options which match +# this pattern). +# +# There are only two supported options: --lt-debug and +# --lt-dump-script. There is, deliberately, no --lt-help. +# +# The first argument to this parsing function should be the +# script's ../libtool value, followed by no. +lt_option_debug=3D +func_parse_lt_options () +{ + lt_script_arg0=3D$0 + shift + for lt_opt + do + case "$lt_opt" in + --lt-debug) lt_option_debug=3D1 ;; + --lt-dump-script) + lt_dump_D=3D`$ECHO "X$lt_script_arg0" | /bin/sed -e 's/^X//' -e = 's%/[^/]*$%%'` + test "X$lt_dump_D" =3D "X$lt_script_arg0" && lt_dump_D=3D. + lt_dump_F=3D`$ECHO "X$lt_script_arg0" | /bin/sed -e 's/^X//' -e = 's%^.*/%%'` + cat "$lt_dump_D/$lt_dump_F" + exit 0 + ;; + --lt-*) + $ECHO "Unrecognized --lt- option: '$lt_opt'" 1>&2 + exit 1 + ;; + esac + done + + # Print the debug banner immediately: + if test -n "$lt_option_debug"; then + echo "gea_test:gea/gea_test:${LINENO}: libtool wrapper (GNU libtool)= 2.4.2 Debian-2.4.2-1ubuntu2" 1>&2 + fi +} + +# Used when --lt-debug. Prints its arguments to stdout +# (redirection is the responsibility of the caller) +func_lt_dump_args () +{ + lt_dump_args_N=3D1; + for lt_arg + do + $ECHO "gea_test:gea/gea_test:${LINENO}: newargv[$lt_dump_args_N]: $l= t_arg" + lt_dump_args_N=3D`expr $lt_dump_args_N + 1` + done +} + +# Core function for launching the target application +func_exec_program_core () +{ + + if test -n "$lt_option_debug"; then + $ECHO "gea_test:gea/gea_test:${LINENO}: newargv[0]: $progdir/$pr= ogram" 1>&2 + func_lt_dump_args ${1+"$@"} 1>&2 + fi + exec "$progdir/$program" ${1+"$@"} + + $ECHO "$0: cannot exec $program $*" 1>&2 + exit 1 +} + +# A function to encapsulate launching the target application +# Strips options in the --lt-* namespace from $@ and +# launches target application with the remaining arguments. +func_exec_program () +{ + case " $* " in + *\ --lt-*) + for lt_wr_arg + do + case $lt_wr_arg in + --lt-*) ;; + *) set x "$@" "$lt_wr_arg"; shift;; + esac + shift + done ;; + esac + func_exec_program_core ${1+"$@"} +} + + # Parse options + func_parse_lt_options "$0" ${1+"$@"} + + # Find the directory that this script lives in. + thisdir=3D`$ECHO "$file" | /bin/sed 's%/[^/]*$%%'` + test "x$thisdir" =3D "x$file" && thisdir=3D. + + # Follow symbolic links until we get to the real thisdir. + file=3D`ls -ld "$file" | /bin/sed -n 's/.*-> //p'` + while test -n "$file"; do + destdir=3D`$ECHO "$file" | /bin/sed 's%/[^/]*$%%'` + + # If there was a directory component, then change thisdir. + if test "x$destdir" !=3D "x$file"; then + case "$destdir" in + [\\/]* | [A-Za-z]:[\\/]*) thisdir=3D"$destdir" ;; + *) thisdir=3D"$thisdir/$destdir" ;; + esac + fi + + file=3D`$ECHO "$file" | /bin/sed 's%^.*/%%'` + file=3D`ls -ld "$thisdir/$file" | /bin/sed -n 's/.*-> //p'` + done + + # Usually 'no', except on cygwin/mingw when embedded into + # the cwrapper. + WRAPPER_SCRIPT_BELONGS_IN_OBJDIR=3Dno + if test "$WRAPPER_SCRIPT_BELONGS_IN_OBJDIR" =3D "yes"; then + # special case for '.' + if test "$thisdir" =3D "."; then + thisdir=3D`pwd` + fi + # remove .libs from thisdir + case "$thisdir" in + *[\\/].libs ) thisdir=3D`$ECHO "$thisdir" | /bin/sed 's%[\\/][^\\/]*= $%%'` ;; + .libs ) thisdir=3D. ;; + esac + fi + + # Try to get the absolute directory name. + absdir=3D`cd "$thisdir" && pwd` + test -n "$absdir" && thisdir=3D"$absdir" + + program=3Dlt-'gea_test' + progdir=3D"$thisdir/.libs" + + if test ! -f "$progdir/$program" || + { file=3D`ls -1dt "$progdir/$program" "$progdir/../$program" 2>/dev= /null | /bin/sed 1q`; \ + test "X$file" !=3D "X$progdir/$program"; }; then + + file=3D"$$-$program" + + if test ! -d "$progdir"; then + mkdir "$progdir" + else + rm -f "$progdir/$file" + fi + + # relink executable if necessary + if test -n "$relink_command"; then + if relink_command_output=3D`eval $relink_command 2>&1`; then : + else + printf %s\n "$relink_command_output" >&2 + rm -f "$progdir/$file" + exit 1 + fi + fi + + mv -f "$progdir/$file" "$progdir/$program" 2>/dev/null || + { rm -f "$progdir/$program"; + mv -f "$progdir/$file" "$progdir/$program"; } + rm -f "$progdir/$file" + fi + + if test -f "$progdir/$program"; then + if test "$libtool_execute_magic" !=3D "%%%MAGIC variable%%%"; then + # Run the actual program with our arguments. + func_exec_program ${1+"$@"} + fi + else + # The program doesn't exist. + $ECHO "$0: error: \`$progdir/$program' does not exist" 1>&2 + $ECHO "This script is just a wrapper for $program." 1>&2 + $ECHO "See the libtool documentation for more information." 1>&2 + exit 1 + fi +fi diff --git a/tests/gea/gea_test.c b/tests/gea/gea_test.c new file mode 100644 index 0000000..70a4d2a --- /dev/null +++ b/tests/gea/gea_test.c @@ -0,0 +1,54 @@ +#include +#include +#include +#include +#include + +#include +#include +#include +#include + +void print_check(char * res, uint8_t * out, uint16_t len) { + uint8_t buf[len]; + osmo_hexparse(res, buf, len); + if (0 !=3D memcmp(buf, out, len)) { + printf("FAIL:\n"); + printf("OUT: %s\n", osmo_hexdump_nospc(out, len)); + printf("EXP: %s\n", osmo_hexdump_nospc(buf, len)); + } + else printf("OK\n"); +} + +void test_gea3(uint64_t kc, uint32_t iv, int dir, uint16_t len, char * r= es) { + printf("%d: %d -> 0x%X ", len, dir, iv); + uint8_t out[len]; + osmo_gea3(out, len, kc, iv, dir); + print_check(res, out, len); +} + +void test_gea4(char * kc, uint32_t iv, int dir, uint16_t len, char * res= ) { + printf("%d: %d -> 0x%X ", len, dir, iv); + uint8_t out[len], ck[256]; + osmo_hexparse(kc, ck, len); + osmo_gea4(out, len, ck, iv, dir); + print_check(res, out, len); +} + +int main(int argc, char **argv) +{ + printf("GEA3 support: %d\n", gprs_cipher_supported(GPRS_ALGO_GEA3));= + printf("GEA4 support: %d\n", gprs_cipher_supported(GPRS_ALGO_GEA4));= +// test vectors according to 3GPP TS 55.217 and TS 55.218 +test_gea3(0x2BD6459F82C5BC00, 0x8E9421A3, 0, 59, "5F359709DE950D0105B17B= 6C90194280F880B48DCCDC2AFEED415DBEF4354EEBB21D073CCBBFB2D706BD7AFFD371FC9= 6E3970D143DCB2624054826"); +test_gea3(0x952C49104881FF48, 0x5064DB71, 0, 59, "FDC03D738C8E14FF0320E5= 9AAF75760799E9DA78DD8F888471C4AEAAC1849633A26CD84F459D265B83D7D9B9A0B1E54= F4D75E331640DF19E0DB0E0"); +test_gea3(0xEFA8B2229E720C2A, 0x4BDBD5E5, 1, 59, "4718A2ADFC90590949DDAD= AB406EC3B925F1AF1214673909DAAB96BB4C18B1374BB1E99445A81CC856E47C6E49E9DBB= 9873D0831B2175CA1E109BA"); +test_gea3(0x3451F23A43BD2C87, 0x893FE14F, 0, 59, "B46B1E284E3F8B63B86D9D= F0915CFCEDDF2F061895BF9F82BF2593AE4847E94A4626C393CF8941CE15EA7812690D841= 5B88C5730FE1F5D410E16A2"); +test_gea3(0xCAA2639BE82435CF, 0x8FE17885, 1, 59, "9FEFAF155A26CF35603E72= 7CDAA87BA067FD84FF98A50B7FF0EC8E95A0FB70E79CB93DEE2B7E9AB59D050E126240157= 1F349C68229DDF0DECC4E85"); +test_gea3(0x1ACA8B448B767B39, 0x4F7BC3B5, 0, 59, "514F6C3A3B5A55CA190092= F7BB6E80EF3EDB738FCDCE2FF90BB387DDE75BBC32A04A67B898A3DFB8198FFFC37D437CF= 69E7F9C13B51A868720E750"); +test_gea4("D3C5D592327FB11C4035C6680AF8C6D1", 0x0A3A59B4, 0, 51, "6E217C= E41EBEFB5EC8094C15974290065E42BABC9AE35654A53085CE68DFA4426A2FF0AD4AF3341= 006A3F84B7613ACB4FBDC34"); +test_gea4("3D43C388C9581E337FF1F97EB5C1F85E", 0x48571AB9, 0, 59, "FC7314= EF00A63ED0116F236C5D25C54EEC56A5B71F9F18B4D7941F84E422ACBDE5EEA9A20467900= 2D14F312F3DEE2A1AC917C3FBDC3696143C0F5D"); +test_gea4("A4496A64DF4F399F3B4506814A3E07A1", 0xEB04ADE2, 1, 59, "2AEB59= 70FB06B718027D048488AAF24FB3B74EA4A6B1242FF85B108FF816A303C72757D9AAD862B= 835D1D287DBC141D0A28D79D87BB137CD1198CD"); + + return 0; +} diff --git a/tests/gea/gea_test.ok b/tests/gea/gea_test.ok new file mode 100644 index 0000000..15abd38 --- /dev/null +++ b/tests/gea/gea_test.ok @@ -0,0 +1,11 @@ +GEA3 support: 0 +GEA4 support: 0 +59: 0 -> 0x8E9421A3 OK +59: 0 -> 0x5064DB71 OK +59: 1 -> 0x4BDBD5E5 OK +59: 0 -> 0x893FE14F OK +59: 1 -> 0x8FE17885 OK +59: 0 -> 0x4F7BC3B5 OK +51: 0 -> 0xA3A59B4 OK +59: 0 -> 0x48571AB9 OK +59: 1 -> 0xEB04ADE2 OK --=20 1.7.10.4 --------------060001040407040305040404 Content-Type: text/x-patch; name="0004-Add-A5-3-and-A5-4-ciphers.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="0004-Add-A5-3-and-A5-4-ciphers.patch" From Max.Suraev at fairwaves.ru Sun Apr 7 12:57:07 2013 From: Max.Suraev at fairwaves.ru (Max) Date: Sun, 7 Apr 2013 14:57:07 +0200 Subject: [PATCH 4/5] Add A5/3 and A5/4 ciphers. Message-ID: --- include/osmocom/gsm/a5.h | 3 +++ src/gsm/a5.c | 58 +++++++++++++++++++++++++++++++++++++++++-- tests/a5/a5_test.c | 62 ++++++++++++++++++++++++++++++++++------------ tests/a5/a5_test.ok | 24 ++++++++++++++++++ 4 files changed, 129 insertions(+), 18 deletions(-) diff --git a/include/osmocom/gsm/a5.h b/include/osmocom/gsm/a5.h index 2f78a92..2089404 100644 --- a/include/osmocom/gsm/a5.h +++ b/include/osmocom/gsm/a5.h @@ -24,6 +24,7 @@ #define __OSMO_A5_H__ #include +#include #include @@ -57,6 +58,8 @@ osmo_a5_fn_count(uint32_t fn) int osmo_a5(int n, const uint8_t *key, uint32_t fn, ubit_t *dl, ubit_t *ul); void osmo_a5_1(const uint8_t *key, uint32_t fn, ubit_t *dl, ubit_t *ul); void osmo_a5_2(const uint8_t *key, uint32_t fn, ubit_t *dl, ubit_t *ul); +void osmo_a5_3(const uint8_t *key, uint32_t fn, ubit_t *dl, ubit_t *ul); +void osmo_a5_4(const uint8_t *ck, uint32_t fn, ubit_t *dl, ubit_t *ul); /*! @} */ diff --git a/src/gsm/a5.c b/src/gsm/a5.c index de821e8..314473f 100644 --- a/src/gsm/a5.c +++ b/src/gsm/a5.c @@ -34,10 +34,14 @@ * \brief Osmocom GSM A5 ciphering algorithm implementation */ +#include #include #include +#include +#include #include +#include /*! \brief Main method to generate a A5/x cipher stream * \param[in] n Which A5/x method to use @@ -47,7 +51,7 @@ * \param[out] ul Pointer to array of ubits to return Uplink cipher stream * \returns 0 for success, -ENOTSUP for invalid cipher selection. * - * Currently A5/[0-2] are supported. + * Currently A5/[0-4] are supported: -ENOTSUP returned in this case, 0 returned for supported ciphers. * Either (or both) of dl/ul can be NULL if not needed. */ int @@ -70,8 +74,15 @@ osmo_a5(int n, const uint8_t *key, uint32_t fn, ubit_t *dl, ubit_t *ul) osmo_a5_2(key, fn, dl, ul); break; + case 3: + osmo_a5_3(key, fn, dl, ul); + break; + case 4: + osmo_a5_4(key, fn, dl, ul); + break; + default: - /* a5/[3..7] not supported here/yet */ + /* a5/[5..7] not supported here/yet */ return -ENOTSUP; } @@ -368,4 +379,47 @@ osmo_a5_2(const uint8_t *key, uint32_t fn, ubit_t *dl, ubit_t *ul) } } +/* ------------------------------------------------------------------------ */ +/* A5/3 */ +/* ------------------------------------------------------------------------ */ + +/*! \brief Generate a GSM A5/3 cipher stream + * \param[in] key 8 byte array for the key (as received from the SIM) + * \param[in] fn Frame number + * \param[out] dl Pointer to array of ubits to return Downlink cipher stream + * \param[out] ul Pointer to array of ubits to return Uplink cipher stream + * + * Either (or both) of dl/ul should be NULL if not needed. + * + * Implementation based on specifications from 3GPP TS 55.216, 3GPP TR 55.919 and ETSI TS 135 202 + * with slight simplifications (CE hardcoded to 0). + */ +void +osmo_a5_3(const uint8_t *key, uint32_t fn, ubit_t *dl, ubit_t *ul) +{ + /* internal function require 128 bit key so we expand by concatenating supplied 64 bit key */ + uint8_t ck[16]; + memcpy(ck, key, 8); + memcpy(ck + 8, key, 8); + + osmo_a5_4(ck, fn, dl, ul); +} + +void +osmo_a5_4(const uint8_t *ck, uint32_t fn, ubit_t *dl, ubit_t *ul) +{ + uint8_t i, gamma[32]; + + if (ul) { + _kasumi_kgcore(0xF, 0, fn, 0, ck, gamma, 228); + uint8_t uplink[15]; + for(i = 0; i < 15; i++) uplink[i] = (gamma[i + 14] << 2) + (gamma[i + 15] >> 6); + osmo_pbit2ubit(ul, uplink, 114); + } + if (dl) { + _kasumi_kgcore(0xF, 0, fn, 0, ck, gamma, 114); + osmo_pbit2ubit(dl, gamma, 114); + } +} + /*! @} */ diff --git a/tests/a5/a5_test.c b/tests/a5/a5_test.c index 14436f1..c0ed658 100644 --- a/tests/a5/a5_test.c +++ b/tests/a5/a5_test.c @@ -2,6 +2,7 @@ #include #include #include +#include #include #include @@ -36,25 +37,40 @@ static const uint8_t ul[] = { 0x80, 0xba, 0xab, 0xc0, 0x59, 0x26, 0x40, }; -static const char * -binstr(ubit_t *d, int n) -{ - static char str[256]; - int i; +inline bool print_a5(int n, int k, char * dir, ubit_t * out, char * block) { + uint8_t len = 114 / 8 + 1, buf[len], res[len]; + printf("A5/%d - %s: %s => ", n, dir, osmo_ubit_dump(out, 114)); + osmo_hexparse(block, res, len); + osmo_ubit2pbit(buf, out, 114); + if (0 != memcmp(buf, res, len)) { + printf("FAIL"); + printf("\nGOT: [%d] %s", k, osmo_hexdump_nospc(buf, len)); + printf("\nEXP: [%d] %s\n", k, osmo_hexdump_nospc(res, len)); + return false; + } + printf("OK\n"); + return true; +} - for (i=0; i OK\n"); else { printf(" => BAD\n"); - printf(" Expected: %s", binstr(out, 114)); + printf(" Expected: %s", osmo_ubit_dump(out, 114)); fprintf(stderr, "[!] A5/%d DL failed", n); exit(1); } @@ -82,17 +98,31 @@ int main(int argc, char **argv) osmo_a5(n, key, fn, NULL, out); - printf("A5/%d - UL: %s", n, binstr(out, 114)); + printf("A5/%d - UL: %s", n, osmo_ubit_dump(out, 114)); if (!memcmp(exp, out, 114)) printf(" => OK\n"); else { printf(" => BAD\n"); - printf(" Expected: %s", binstr(out, 114)); + printf(" Expected: %s", osmo_ubit_dump(out, 114)); fprintf(stderr, "[!] A5/%d UL failed", n); exit(1); } } +// test vectors from 3GPP TS 55.217 and TS 55.218 + test_a5(3, "2BD6459F82C5BC00", 0x24F20F, "889EEAAF9ED1BA1ABBD8436232E440", "5CA3406AA244CF69CF047AADA2DF40"); + test_a5(3, "952C49104881FF48", 0x061272, "FB4D5FBCEE13A33389285686E9A5C0", "25090378E0540457C57E367662E440"); + test_a5(3, "EFA8B2229E720C2A", 0x33FD3F, "0E4015755A336469C3DD8680E30340", "6F10669E2B4E18B042431A28E47F80"); + test_a5(3, "952C49104881FF48", 0x061527, "AB7DB38A573A325DAA76E4CB800A40", "4C4B594FEA9D00FE8978B7B7BC1080"); + test_a5(3, "3451F23A43BD2C87", 0x0E418C, "75F7C4C51560905DFBA05E46FB54C0", "192C95353CDF979E054186DF15BF00"); + test_a5(3, "CAA2639BE82435CF", 0x2FF229, "301437E4D4D6565D4904C631606EC0", "F0A3B8795E264D3E1A82F684353DC0"); + test_a5(3, "7AE67E87400B9FA6", 0x2F24E5, "F794290FEF643D2EA348A7796A2100", "CB6FA6C6B8A705AF9FEFE975818500"); + test_a5(3, "58AF69935540698B", 0x05446B, "749CA4E6B691E5A598C461D5FE4740", "31C9E444CD04677ADAA8A082ADBC40"); + test_a5(3, "017F81E5F236FE62", 0x156B26, "2A6976761E60CC4E8F9F52160276C0", "A544D8475F2C78C35614128F1179C0"); + test_a5(3, "1ACA8B448B767B39", 0x0BC3B5, "A4F70DC5A2C9707F5FA1C60EB10640", "7780B597B328C1400B5C74823E8500"); + test_a5(4, "3D43C388C9581E337FF1F97EB5C1F85E", 0x35D2CF, "A2FE3034B6B22CC4E33C7090BEC340", "170D7497432FF897B91BE8AECBA880"); + test_a5(4, "A4496A64DF4F399F3B4506814A3E07A1", 0x212777, "89CDEE360DF9110281BCF57755A040", "33822C0C779598C9CBFC49183AF7C0"); + return 0; } diff --git a/tests/a5/a5_test.ok b/tests/a5/a5_test.ok index 4497e14..cefcdb6 100644 --- a/tests/a5/a5_test.ok +++ b/tests/a5/a5_test.ok @@ -4,3 +4,27 @@ A5/1 - DL: 110010111010001001010101011101100001011101011101001110110001110001111 A5/1 - UL: 110110010000001101011110000011110010101011101100000100111001101000000101110101001010100001111011101100010110010010 => OK A5/2 - DL: 010001011001110010001000110000111000001010110111111111111011001110011000110100101111100101101110000011110001010010 => OK A5/2 - UL: 111100000011101010101100110111101110001101011011010111100110010110000000101110101010101111000000010110010010011001 => OK +A5/3 - DL: 100010001001111011101010101011111001111011010001101110100001101010111011110110000100001101100010001100101110010001 => OK +A5/3 - UL: 010111001010001101000000011010101010001001000100110011110110100111001111000001000111101010101101101000101101111101 => OK +A5/3 - DL: 111110110100110101011111101111001110111000010011101000110011001110001001001010000101011010000110111010011010010111 => OK +A5/3 - UL: 001001010000100100000011011110001110000001010100000001000101011111000101011111100011011001110110011000101110010001 => OK +A5/3 - DL: 000011100100000000010101011101010101101000110011011001000110100111000011110111011000011010000000111000110000001101 => OK +A5/3 - UL: 011011110001000001100110100111100010101101001110000110001011000001000010010000110001101000101000111001000111111110 => OK +A5/3 - DL: 101010110111110110110011100010100101011100111010001100100101110110101010011101101110010011001011100000000000101001 => OK +A5/3 - UL: 010011000100101101011001010011111110101010011101000000001111111010001001011110001011011110110111101111000001000010 => OK +A5/3 - DL: 011101011111011111000100110001010001010101100000100100000101110111111011101000000101111001000110111110110101010011 => OK +A5/3 - UL: 000110010010110010010101001101010011110011011111100101111001111000000101010000011000011011011111000101011011111100 => OK +A5/3 - DL: 001100000001010000110111111001001101010011010110010101100101110101001001000001001100011000110001011000000110111011 => OK +A5/3 - UL: 111100001010001110111000011110010101111000100110010011010011111000011010100000101111011010000100001101010011110111 => OK +A5/3 - DL: 111101111001010000101001000011111110111101100100001111010010111010100011010010001010011101111001011010100010000100 => OK +A5/3 - UL: 110010110110111110100110110001101011100010100111000001011010111110011111111011111110100101110101100000011000010100 => OK +A5/3 - DL: 011101001001110010100100111001101011011010010001111001011010010110011000110001000110000111010101111111100100011101 => OK +A5/3 - UL: 001100011100100111100100010001001100110100000100011001110111101011011010101010001010000010000010101011011011110001 => OK +A5/3 - DL: 001010100110100101110110011101100001111001100000110011000100111010001111100111110101001000010110000000100111011011 => OK +A5/3 - UL: 101001010100010011011000010001110101111100101100011110001100001101010110000101000001001010001111000100010111100111 => OK +A5/3 - DL: 101001001111011100001101110001011010001011001001011100000111111101011111101000011100011000001110101100010000011001 => OK +A5/3 - UL: 011101111000000010110101100101111011001100101000110000010100000000001011010111000111010010000010001111101000010100 => OK +A5/4 - DL: 101000101111111000110000001101001011011010110010001011001100010011100011001111000111000010010000101111101100001101 => OK +A5/4 - UL: 000101110000110101110100100101110100001100101111111110001001011110111001000110111110100010101110110010111010100010 => OK +A5/4 - DL: 100010011100110111101110001101100000110111111001000100010000001010000001101111001111010101110111010101011010000001 => OK +A5/4 - UL: 001100111000001000101100000011000111011110010101100110001100100111001011111111000100100100011000001110101111011111 => OK -- 1.7.10.4 --------------060001040407040305040404 Content-Type: text/x-patch; name="0005-Update-test-suite-and-build-infrastructure.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="0005-Update-test-suite-and-build-infrastructure.patch" From Max.Suraev at fairwaves.ru Sun Apr 7 12:57:33 2013 From: Max.Suraev at fairwaves.ru (Max) Date: Sun, 7 Apr 2013 14:57:33 +0200 Subject: [PATCH 5/5] Update test suite and build infrastructure. Message-ID: --- .gitignore | 5 ++++- include/Makefile.am | 2 ++ src/gsm/Makefile.am | 4 ++-- src/gsm/libosmogsm.map | 7 +++++++ tests/Makefile.am | 11 +++++++++-- tests/testsuite.at | 12 ++++++++++++ 6 files changed, 36 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 2ed0144..e522b0d 100644 --- a/.gitignore +++ b/.gitignore @@ -40,6 +40,8 @@ debian/tmp/ debian/libosmocore*.substvars debian/libosmocore/ debian/libosmocore.post*.debhelper +debian/libosmocore-dbg/ +debian/libosmocore-utils/ .tarball-version .version @@ -53,7 +55,8 @@ tests/package.m4 tests/testsuite tests/testsuite.dir/ tests/testsuite.log - +tests/kasumi/kasumi_test +teste/gea/gea_test tests/sms/sms_test tests/timer/timer_test tests/msgfile/msgfile_test diff --git a/include/Makefile.am b/include/Makefile.am index b94abec..83ff9f1 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -40,6 +40,8 @@ nobase_include_HEADERS = \ osmocom/gprs/protocol/gsm_08_16.h \ osmocom/gprs/protocol/gsm_08_18.h \ osmocom/gsm/a5.h \ + osmocom/gsm/gea.h \ + osmocom/gsm/kasumi.h \ osmocom/gsm/abis_nm.h \ osmocom/gsm/comp128.h \ osmocom/gsm/gan.h \ diff --git a/src/gsm/Makefile.am b/src/gsm/Makefile.am index 59d4234..e203429 100644 --- a/src/gsm/Makefile.am +++ b/src/gsm/Makefile.am @@ -11,11 +11,11 @@ noinst_HEADERS = milenage/aes.h milenage/aes_i.h milenage/aes_wrap.h \ lib_LTLIBRARIES = libosmogsm.la -libosmogsm_la_SOURCES = a5.c rxlev_stat.c tlv_parser.c comp128.c gsm_utils.c \ +libosmogsm_la_SOURCES = a5.c kasumi.c rxlev_stat.c tlv_parser.c comp128.c gsm_utils.c \ rsl.c gsm48.c gsm48_ie.c gsm0808.c sysinfo.c \ gprs_cipher_core.c gsm0480.c abis_nm.c gsm0502.c \ gsm0411_utils.c gsm0411_smc.c gsm0411_smr.c \ - lapd_core.c lapdm.c \ + lapd_core.c lapdm.c gea.c \ auth_core.c auth_comp128v1.c auth_milenage.c \ milenage/aes-encblock.c milenage/aes-internal.c \ milenage/aes-internal-enc.c milenage/milenage.c gan.c diff --git a/src/gsm/libosmogsm.map b/src/gsm/libosmogsm.map index b2278f1..c5ee6f5 100644 --- a/src/gsm/libosmogsm.map +++ b/src/gsm/libosmogsm.map @@ -188,6 +188,13 @@ osmo_a5; osmo_a5_1; osmo_a5_2; +_kasumi; +_kasumi_key_expand; +_kasumi_kgcore; + +osmo_gea3; +osmo_gea4; + osmo_auth_alg_name; osmo_auth_alg_parse; osmo_auth_gen_vec; diff --git a/tests/Makefile.am b/tests/Makefile.am index bc9b7de..a2de833 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -5,7 +5,8 @@ check_PROGRAMS = timer/timer_test sms/sms_test ussd/ussd_test \ conv/conv_test auth/milenage_test lapd/lapd_test \ gsm0808/gsm0808_test gsm0408/gsm0408_test \ gb/bssgp_fc_test logging/logging_test fr/fr_test \ - loggingrb/loggingrb_test strrb/strrb_test + loggingrb/loggingrb_test strrb/strrb_test \ + kasumi/kasumi_test gea/gea_test if ENABLE_MSGFILE check_PROGRAMS += msgfile/msgfile_test @@ -17,6 +18,12 @@ a5_a5_test_LDADD = $(top_builddir)/src/libosmocore.la $(top_builddir)/src/gsm/li auth_milenage_test_SOURCES = auth/milenage_test.c auth_milenage_test_LDADD = $(top_builddir)/src/libosmocore.la $(top_builddir)/src/gsm/libosmogsm.la +kasumi_kasumi_test_SOURCES = kasumi/kasumi_test.c +kasumi_kasumi_test_LDADD = $(top_builddir)/src/libosmocore.la $(top_builddir)/src/gsm/libosmogsm.la + +gea_gea_test_SOURCES = gea/gea_test.c +gea_gea_test_LDADD = $(top_builddir)/src/libosmocore.la $(top_builddir)/src/gsm/libosmogsm.la + bits_bitrev_test_SOURCES = bits/bitrev_test.c bits_bitrev_test_LDADD = $(top_builddir)/src/libosmocore.la @@ -91,7 +98,7 @@ EXTRA_DIST = testsuite.at $(srcdir)/package.m4 $(TESTSUITE) \ msgfile/msgfile_test.ok msgfile/msgconfig.cfg \ logging/logging_test.ok logging/logging_test.err \ fr/fr_test.ok loggingrb/logging_test.ok \ - loggingrb/logging_test.err strrb/strrb_test.ok + loggingrb/logging_test.err strrb/strrb_test.ok kasumi/kasumi_test.ok DISTCLEANFILES = atconfig diff --git a/tests/testsuite.at b/tests/testsuite.at index 684ec4f..5323096 100644 --- a/tests/testsuite.at +++ b/tests/testsuite.at @@ -28,6 +28,18 @@ cat $abs_srcdir/conv/conv_test.ok > expout AT_CHECK([$abs_top_builddir/tests/conv/conv_test], [0], [expout]) AT_CLEANUP +AT_SETUP([kasumi]) +AT_KEYWORDS([kasumi]) +cat $abs_srcdir/kasumi/kasumi_test.ok > expout +AT_CHECK([$abs_top_builddir/tests/kasumi/kasumi_test], [0], [expout]) +AT_CLEANUP + +AT_SETUP([gea]) +AT_KEYWORDS([gea]) +cat $abs_srcdir/gea/gea_test.ok > expout +AT_CHECK([$abs_top_builddir/tests/gea/gea_test], [0], [expout]) +AT_CLEANUP + if ENABLE_MSGFILE AT_SETUP([msgfile]) AT_KEYWORDS([msgfile]) -- 1.7.10.4 --------------060001040407040305040404-- From 246tnt at gmail.com Sun Apr 7 20:26:31 2013 From: 246tnt at gmail.com (Sylvain Munaut) Date: Sun, 7 Apr 2013 22:26:31 +0200 Subject: [PATCH] Add A5 and GEA ciphers In-Reply-To: <51616FD3.7060001@fairwaves.ru> References: <51616FD3.7060001@fairwaves.ru> Message-ID: Hi Max, > Attached is A5/3,4 GEA3,4 implementation which was described today at OsmoDevCon. Here's some comments on the first patch. (It's late and I'm tired, I'll look at the rest later :p) 1) Why do you need to add stddef.h ? Also before of spacing change, you're removing an empty line that was there to separate the includes from the function comment. 2) wrt to : +uint16_t osmo_get2bytes(const uint8_t *a); +void osmo_64pack2pbit(uint64_t in, pbit_t *out); Theses essentially look like integer accessors, one is a read for uint16_t in big endian and the other a store for uint64_t in little endian, but same basic idea. But you're using completely different naming schemes for both ... I think they should reflect that their name should reflect the LE/BE part and the unaligned part as well, I even think there are already macro somewhere for that. I would also add other formats like LE/BE 16/32/64 bits store/load all at once rather than each format when needed. If we add accessort, might as well add all the basic types. And finally those should really be inline functions in the .h, no point of doing a function call for that. 3) In include/osmocom/gsm/gsm_utils.h, for ms_a5n_support you take only one cm argument ... that means the app needs to know if it should give cm3 or cm2, I would take cm2 and cm3 separately and the app just has to give both. I might also extend ms_cm2_a5n_support and ms_cm3_a5n_support to return -1 in case it couldn't be determined (because the required test isn't in that classmark), but that last point is just a suggestion. 4) TAB vs SPACE indentation ! 5) I would split the patch further between CM functions / buffere reversion / accessorts. 6) Is ROL16 really something we exepect to do at a lot of places ? just asking ... in anycase, also should probably be inline. Cheers, Sylvain From Max.Suraev at fairwaves.ru Mon Apr 8 14:10:32 2013 From: Max.Suraev at fairwaves.ru (=?UTF-8?B?4piO?=) Date: Mon, 08 Apr 2013 16:10:32 +0200 Subject: [PATCH] Add A5 and GEA ciphers In-Reply-To: References: <51616FD3.7060001@fairwaves.ru> Message-ID: <5162CFD8.1000405@fairwaves.ru> Thank you for review, comments are inline, rewrite in progress :) 07.04.2013 22:26, Sylvain Munaut ?????: > > > 1) Why do you need to add stddef.h ? Required for size_t. > Also before of spacing change, > you're removing an empty line that was there to separate the includes > from the function comment. > > 2) wrt to : > > +uint16_t osmo_get2bytes(const uint8_t *a); > +void osmo_64pack2pbit(uint64_t in, pbit_t *out); > > Theses essentially look like integer accessors, one is a read for > uint16_t in big endian and the other a store for uint64_t in little > endian, but same basic idea. But you're using completely different > naming schemes for both ... I think they should reflect that their > name should reflect the LE/BE part and the unaligned part as well, I > even think there are already macro somewhere for that. I would also > add other formats like LE/BE 16/32/64 bits store/load all at once > rather than each format when needed. If we add accessort, might as > well add all the basic types. And finally those should really be > inline functions in the .h, no point of doing a function call for > that. Is there some library I can use for that? It's indeed fairly trivial accessors but I didn't managed to find those in osmocom code. > > 3) In include/osmocom/gsm/gsm_utils.h, for ms_a5n_support you take > only one cm argument ... that means the app needs to know if it should > give cm3 or cm2, I would take cm2 and cm3 separately and the app just > has to give both. I might also extend ms_cm2_a5n_support and > ms_cm3_a5n_support to return -1 in case it couldn't be determined > (because the required test isn't in that classmark), but that last > point is just a suggestion. Will fix, thanks. > > 4) TAB vs SPACE indentation ! Doh! Could you remind me - what was the magic tool which takes care of indentation for kernel devs? Osmocom uses linux kernel code style, is it? > > 5) I would split the patch further between CM functions / buffere > reversion / accessorts. > > 6) Is ROL16 really something we exepect to do at a lot of places ? > just asking ... in anycase, also should probably be inline. I thought it might but it turned out to be used only in single file. Should I hide it away? -- best regards, Max, http://fairwaves.ru From dario.lombardo.ml at gmail.com Mon Apr 8 14:52:34 2013 From: dario.lombardo.ml at gmail.com (Dario Lombardo) Date: Mon, 8 Apr 2013 16:52:34 +0200 Subject: [PATCH] Add A5 and GEA ciphers In-Reply-To: <5162CFD8.1000405@fairwaves.ru> References: <51616FD3.7060001@fairwaves.ru> <5162CFD8.1000405@fairwaves.ru> Message-ID: > 4) TAB vs SPACE indentation ! > > Doh! Could you remind me - what was the magic tool which takes care of > indentation > for kernel devs? Osmocom uses linux kernel code style, is it? > indent? But it has A LOT of options. Osmocom uses linux kernel coding style, right? man indent [...] The Linux style is used in the linux kernel code and drivers. Code generally has to follow the Linux coding style to be accepted. This style is equivalent to the following settings: -nbad -bap -nbc -bbo -hnl -br -brs -c33 -cd33 -ncdb -ce -ci4 -cli0 -d0 -di1 -nfc1 -i8 -ip0 -l80 -lp -npcs -nprs -npsl -sai -saf -saw -ncs -nsc -sob -nfca -cp33 -ss -ts8 -il1 [...] Does this command matches exactly osmocom coding style (can't try it myself now...)? -------------- next part -------------- An HTML attachment was scrubbed... URL: From laforge at gnumonks.org Wed Apr 10 10:00:55 2013 From: laforge at gnumonks.org (Harald Welte) Date: Wed, 10 Apr 2013 12:00:55 +0200 Subject: [PATCH] Add A5 and GEA ciphers In-Reply-To: References: <51616FD3.7060001@fairwaves.ru> <5162CFD8.1000405@fairwaves.ru> Message-ID: <20130410100055.GU3461@prithivi.gnumonks.org> Hi Dario, Max and others, On Mon, Apr 08, 2013 at 04:52:34PM +0200, Dario Lombardo wrote: > > 4) TAB vs SPACE indentation ! > > > > > Doh! Could you remind me - what was the magic tool which takes care of > > indentation > > for kernel devs? Osmocom uses linux kernel code style, is it? > > > > indent? But it has A LOT of options. Osmocom uses linux kernel coding > style, right? "Lindent" which is part of every linux kenrel source code tree. The easiest way is to always respect the coding style of the respective FOSS project while you make the modifications. Rationale: There is no guarantee that running the file through automatic tools 'lindent' will not create whitespace-changes outside your actual changes. Regards, Harald -- - Harald Welte http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6) From dario.lombardo.ml at gmail.com Wed Apr 10 20:56:18 2013 From: dario.lombardo.ml at gmail.com (Dario Lombardo) Date: Wed, 10 Apr 2013 22:56:18 +0200 Subject: [PATCH] Add A5 and GEA ciphers In-Reply-To: <20130410100055.GU3461@prithivi.gnumonks.org> References: <51616FD3.7060001@fairwaves.ru> <5162CFD8.1000405@fairwaves.ru> <20130410100055.GU3461@prithivi.gnumonks.org> Message-ID: Hi Harald, and thanks for your answer. Strictly following coding style is the best way to keep code clean. But running indent/lindent against osmocom code reveals that in many parts it differs from "pure kernel" style. My question (maybe merely phylosofical) is: what should you do? Keep existing code, allowing those exception to lie there, hoping someone will clean them up manually, or run indent against the code, hoping it doesn't dirt the code? On Wed, Apr 10, 2013 at 12:00 PM, Harald Welte wrote: > The easiest way is to always respect the coding style of the respective > FOSS project while you make the modifications. Rationale: There is no > guarantee that running the file through automatic tools 'lindent' will > not create whitespace-changes outside your actual changes. > I would not be worried about indent. Running it against a bunch of code could mess things up. But running on small pieces would be safe, under human control. Just to clarify: I don't think you _need_ to run it. I'm just trying to understand an important point of view like yours. Dario. -------------- next part -------------- An HTML attachment was scrubbed... URL: From 246tnt at gmail.com Wed Apr 10 22:42:58 2013 From: 246tnt at gmail.com (Sylvain Munaut) Date: Thu, 11 Apr 2013 00:42:58 +0200 Subject: [PATCH] Add A5 and GEA ciphers In-Reply-To: References: <51616FD3.7060001@fairwaves.ru> <5162CFD8.1000405@fairwaves.ru> <20130410100055.GU3461@prithivi.gnumonks.org> Message-ID: > My question (maybe merely phylosofical) > is: what should you do? Keep existing code, allowing those exception to lie > there, hoping someone will clean them up manually, or run indent against the > code, hoping it doesn't dirt the code? In general we don't do pure formatting changes unless there is a vast improvement in readability. If that part of the code is reworked, it'll get cleaned up. Cheers, Sylvain From laforge at gnumonks.org Mon Apr 8 12:55:47 2013 From: laforge at gnumonks.org (Harald Welte) Date: Mon, 8 Apr 2013 14:55:47 +0200 Subject: [PATCH] Add A5 and GEA ciphers In-Reply-To: <51616FD3.7060001@fairwaves.ru> References: <51616FD3.7060001@fairwaves.ru> Message-ID: <20130408125547.GA15167@prithivi.gnumonks.org> Hi Max, I agree with Sylvain's comments, but like to add: The filename should not be gprs_gea.c but gprs_gea34.c or something along the lines. There are other ciphers (gea1/gea2) and that should somehow be reflected in the file name. Regarding coding style: We generally open the curly braces on the same line as in "for (a;b;c) {". We also don't indent the "case" statements in a switch, e.g.: switch (foo) { case A: foo = 1; break; } I'm also not sure if the gea3/gea4 should become part of libosmogsm itself, or if they should simply exist in the form of a libosmo-crypt-gea34 or the like. Actually, I once created such a library (plugging into gprs_cipher_register()) using the reference implementation of the cipher. I'm not 100% sure on this, though. Does anyone have an opinion on this? Even if it gea3/gea4 becomes part of libosmogsm, then I would like to have no direct functions exported to applications, but require applications to go through the gprs_cipher_* API. The same holds true for the A5/* family. Rather than having explicit function calls for each of the variants, I would love to have one set of functions with just a parameter or struct member defining the specific algorithm to be used by the implementation. Regards, Harald -- - Harald Welte http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6) From Max.Suraev at fairwaves.ru Mon Apr 8 14:20:19 2013 From: Max.Suraev at fairwaves.ru (=?UTF-8?B?4piO?=) Date: Mon, 08 Apr 2013 16:20:19 +0200 Subject: [PATCH] Add A5 and GEA ciphers In-Reply-To: <20130408125547.GA15167@prithivi.gnumonks.org> References: <51616FD3.7060001@fairwaves.ru> <20130408125547.GA15167@prithivi.gnumonks.org> Message-ID: <5162D223.30703@fairwaves.ru> Thank you for review, comments are inline, rewrite in progress :) 08.04.2013 14:55, Harald Welte ?????: > I'm also not sure if the gea3/gea4 should become part of libosmogsm > itself, or if they should simply exist in the form of a > libosmo-crypt-gea34 or the like. Actually, I once created such a > library (plugging into gprs_cipher_register()) using the reference > implementation of the cipher. I'm not 100% sure on this, though. Does > anyone have an opinion on this? I think that they should because they are based on exactly the same kgcore primitive used by a5/3,4. Also I've tried to add register call (see gprs_gea.c) but when I call gprs_cipher_supported(GPRS_ALGO_GEA3) in gea_test.c it returns 0. How can I test that gea3 registered properly and is available via plugin interface? Also, how should we change gprs_auth plugin api so it would work for 128 bit keys (GEA4)? Just change uint64_t to uint8_t or there's more to it? > Even if it gea3/gea4 becomes part of libosmogsm, then I would like to > have no direct functions exported to applications, but require > applications to go through the gprs_cipher_* API. The same holds true > for the A5/* family. Rather than having explicit function calls for > each of the variants, I would love to have one set of functions with > just a parameter or struct member defining the specific algorithm to be > used by the implementation. > I completely agree about hiding implementation of particular algorithms although I think that gea* belongs in libosmogsm - just like milenage and comp128 which re also supposed to be used via plugin api. Is it enough to just remove function names from libosmogsm.map or there got to be "deeper" hiding? -- best regards, Max, http://fairwaves.ru From Max.Suraev at fairwaves.ru Tue Apr 9 15:23:56 2013 From: Max.Suraev at fairwaves.ru (=?UTF-8?B?4piO?=) Date: Tue, 09 Apr 2013 17:23:56 +0200 Subject: [PATCH] Add A5 and GEA ciphers In-Reply-To: <51616FD3.7060001@fairwaves.ru> References: <51616FD3.7060001@fairwaves.ru> Message-ID: <5164328C.8000703@fairwaves.ru> Attached is the patch which address comments regarding ms_a5n_support() from previous patches. Also I'd like to check if code style is correct before addressing the rest of the comments. Note that I've changed the type of "n" to unsigned - it's natural number anyway so there's no point using int in here. Please review and merge if possible. -- best regards, Max, http://fairwaves.ru From Max.Suraev at fairwaves.ru Tue Apr 9 15:18:42 2013 From: Max.Suraev at fairwaves.ru (Max) Date: Tue, 9 Apr 2013 17:18:42 +0200 Subject: [PATCH] Add generic a5/* availability test. Message-ID: --- include/osmocom/gsm/gsm_utils.h | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/include/osmocom/gsm/gsm_utils.h b/include/osmocom/gsm/gsm_utils.h index cdbac87..9c3ec19 100644 --- a/include/osmocom/gsm/gsm_utils.h +++ b/include/osmocom/gsm/gsm_utils.h @@ -26,6 +26,7 @@ #define GSM_UTILS_H #include +#include #define ADD_MODULO(sum, delta, modulo) do { \ if ((sum += delta) >= modulo) \ @@ -74,17 +75,36 @@ int rxlev2dbm(uint8_t rxlev); uint8_t dbm2rxlev(int dbm); /* According to GSM 04.08 Chapter 10.5.1.6 */ -static inline int ms_cm2_a5n_support(uint8_t *cm2, int n) { +static inline int ms_cm2_a5n_support(uint8_t *cm2, unsigned n) { switch (n) { case 0: return 1; case 1: return (cm2[0] & (1<<3)) ? 0 : 1; case 2: return (cm2[2] & (1<<0)) ? 1 : 0; case 3: return (cm2[2] & (1<<1)) ? 1 : 0; default: - return 0; + return (n > 7) ? 0 : -1; } } +/* According to GSM 04.08 Chapter 10.5.1.7 */ +static inline int ms_cm3_a5n_support(uint8_t *cm3, unsigned n) { + switch (n) { + case 4: return (cm3[0] & (1<<0)) ? 1 : 0; + case 5: return (cm3[0] & (1<<1)) ? 1 : 0; + case 6: return (cm3[0] & (1<<2)) ? 1 : 0; + case 7: return (cm3[0] & (1<<3)) ? 1 : 0; + default: + return (n > 7) ? 0 : -1; + } +} + +/* Either classmark could be NULL */ +static inline int ms_a5n_support(uint8_t *cm2, uint8_t *cm3, unsigned n) { + if ((NULL != cm3) && n > 3) return ms_cm3_a5n_support(cm3, n); + if ((NULL != cm2) && n < 4) return ms_cm2_a5n_support(cm2, n); + return 0; +} + /* According to GSM 04.08 Chapter 10.5.2.29 */ static inline int rach_max_trans_val2raw(int val) { return (val >> 1) & 3; } static inline int rach_max_trans_raw2val(int raw) { -- 1.7.10.4 --------------080107010001070606070100-- From Max.Suraev at fairwaves.ru Wed Apr 10 13:28:20 2013 From: Max.Suraev at fairwaves.ru (=?UTF-8?B?4piO?=) Date: Wed, 10 Apr 2013 15:28:20 +0200 Subject: [PATCH] Add SAP reader stub to libosmosim Message-ID: <516568F4.3090107@fairwaves.ru> Hello. After overview of libosmosim presented at OsmoDevCon I thought that it would be nice to add SAP backend (implemented by Nico) so it can be transparently integrated with osmocom-bb. Attached is incomplete attempt to do so. Could you please review code and style? Also I'm puzzled by write_queue_* functions - should I use them as well or just write to fd directly? In former case - what should I use as event instead of BSC_FD_READ? In more general - is there some write_queue related description on the wiki? This patch is obviously not ready to be merged but I hope it might help to speed up development :) -- best regards, Max, http://fairwaves.ru From Max.Suraev at fairwaves.ru Wed Apr 10 13:19:26 2013 From: Max.Suraev at fairwaves.ru (Max) Date: Wed, 10 Apr 2013 15:19:26 +0200 Subject: [PATCH] Add SAP reader stub. Message-ID: --- src/sim/Makefile.am | 4 +- src/sim/reader_sap.c | 182 ++++++++++++++++++++++++++++++++++++++++++++++++++ src/sim/reader_sap.h | 162 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 346 insertions(+), 2 deletions(-) create mode 100644 src/sim/reader_sap.c create mode 100644 src/sim/reader_sap.h diff --git a/src/sim/Makefile.am b/src/sim/Makefile.am index fe64278..2fd353a 100644 --- a/src/sim/Makefile.am +++ b/src/sim/Makefile.am @@ -9,11 +9,11 @@ AM_LDFLAGS = $(COVERAGE_LDFLAGS) if ENABLE_PCSC # FIXME: only build the PC/SC dependent part conditional, but always build other parts -noinst_HEADERS = sim_int.h gsm_int.h +noinst_HEADERS = sim_int.h gsm_int.h reader_sap.h lib_LTLIBRARIES = libosmosim.la -libosmosim_la_SOURCES = core.c card_fs_sim.c card_fs_usim.c card_fs_uicc.c reader.c reader_pcsc.c +libosmosim_la_SOURCES = core.c card_fs_sim.c card_fs_usim.c card_fs_uicc.c reader.c reader_pcsc.c reader_sap.c libosmosim_la_LDFLAGS = -version-info $(LIBVERSION) libosmosim_la_LIBADD = $(LIBOSMOCORE_LIBS) $(LIBOSMOGSM_LIBS) $(PCSC_LIBS) diff --git a/src/sim/reader_sap.c b/src/sim/reader_sap.c new file mode 100644 index 0000000..0a74809 --- /dev/null +++ b/src/sim/reader_sap.c @@ -0,0 +1,182 @@ +/* SAP card reader backend for libosmosim */ +/* + * (C) 2013 by Max + * + * code shamelessly ripped from Nico Golde's patches to osmocom-bb + * + * All Rights Reserved + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "sim_int.h" +#include "reader_sap.h" + +static int osim_sap_send(struct osim_sap_entity *st, struct msgb *msg) +{ + if(st->sap_state == SAP_NOT_CONNECTED && !st->sap_state == SAP_CONNECTION_UNDER_NEGOTIATION) + sap_connect(st); + + if (st->fd <= 0) + return -EINVAL; +/* FIXME: + if (write_queue_enqueue(&ms->sap_wq, msg) != 0) { + LOGP(DSAP, LOGL_ERROR, "Failed to enqueue msg.\n"); + msgb_free(msg); + return -1; + } +*/ + return 0; +} + +static struct msgb *sap_create_msg(uint8_t id, uint8_t num_params, struct sap_param *params) +{ + struct msgb *msg; + uint8_t *msgp; + uint8_t i, plen, padding = 0; + + msg = msgb_alloc(GSM_SAP_LENGTH, "osmosap"); + if (!msg) { + fprintf(stderr, "Failed to allocate msg.\n"); + return NULL; + } + + /* BTSAP 5.1 */ + msgb_put_u8(msg, id); + msgb_put_u8(msg, num_params); + msgb_put_u16(msg, 0); + + for(i = 0; i < num_params; i++){ + plen = params[i].len; + msgb_put_u8(msg, params[i].id); + msgb_put_u8(msg, 0); + msgb_put_u16(msg, plen); + if(plen % 4){ + padding = 4 - (plen % 4); + } + msgp = msgb_put(msg, plen + padding); + memcpy(msgp, params[i].value, plen); + + if(padding){ + memset(msgp + plen, 0, padding); + } + } + + return msg; +} + +static void sap_connect(struct osim_sap_entity *st) +{ + uint8_t buffer[3]; + struct msgb *msg; + uint16_t size = st->max_msg_size; + struct sap_param params[1]; + + params[0].id = SAP_MAX_MSG_SIZE; + params[0].len = 2; + + if(st->sap_state != SAP_NOT_CONNECTED) { + fprintf(stderr, "Attempting to connect while there is an active connection already.\n"); + return; + } + + buffer[0] = (size >> 8) & 0xFF; + buffer[1] = size & 0xFF; + buffer[2] = 0; + params[0].value = buffer; + + msg = sap_create_msg(SAP_CONNECT_REQ, 1, params); + if(!msg) + return; + + osim_sap_send(st, msg); + + st->sap_state = SAP_CONNECTION_UNDER_NEGOTIATION; +} + +static struct osim_reader_hdl *sap_reader_open(int num, const char *id, void *ctx) +{ + struct osim_reader_hdl *rh; + ssize_t rc; + struct sockaddr_un local; + struct osim_sap_entity *st; + + rh = talloc_zero(ctx, struct osim_reader_hdl); + st = rh->priv = talloc_zero(rh, struct osim_sap_entity); + + st->fd = socket(AF_UNIX, SOCK_STREAM, 0); + if (st->fd < 0) { + fprintf(stderr, "Failed to create unix domain socket: %d\n", st->fd); + return NULL; + } + + local.sun_family = AF_UNIX; + strncpy(local.sun_path, id, sizeof(local.sun_path)); + local.sun_path[sizeof(local.sun_path) - 1] = '\0'; + + rc = connect(st->fd, (struct sockaddr *) &local, sizeof(local)); + if (rc < 0) { + fprintf(stderr, "Failed to connect to '%s'\n", local.sun_path); + close(st->fd); + return NULL; + } + st->socket_path = strdup(id); +/* FIXME: + write_queue_init(&ms->sap_wq, 100); + ms->sap_wq.bfd.data = ms; + ms->sap_wq.bfd.when = BSC_FD_READ; + ms->sap_wq.read_cb = sap_read; + ms->sap_wq.write_cb = sap_write; + + rc = bsc_register_fd(&ms->sap_wq.bfd); + if (rc != 0) { + fprintf(stderr, "Failed to register fd.\n"); + return rc; + } +*/ + sap_connect(st); + + return rh; +} + +static struct osim_card_hdl *sap_card_open(struct osim_reader_hdl *rh) +{ + +} + +static int sap_transceive(struct osim_reader_hdl *rh, struct msgb *msg) +{ + +} + +const struct osim_reader_ops sap_reader_ops = { + .name = "SAP", + .reader_open = sap_reader_open, + .card_open = sap_card_open, + .transceive = sap_transceive, +}; diff --git a/src/sim/reader_sap.h b/src/sim/reader_sap.h new file mode 100644 index 0000000..a4161b1 --- /dev/null +++ b/src/sim/reader_sap.h @@ -0,0 +1,162 @@ +/* SAP card reader backend for libosmosim */ +/* + * (C) 2013 by Max + * + * code shamelessly ripped from Nico Golde's patches to osmocom-bb + * + * All Rights Reserved + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + */ + +#define GSM_SAP_LENGTH 300 +#define GSM_SAP_HEADROOM 32 + +enum osim_sap_state { + SAP_NOT_CONNECTED, + SAP_IDLE, + SAP_CONNECTION_UNDER_NEGOTIATION, + SAP_PROCESSING_ATR_REQUEST, + SAP_PROCESSING_APDU_REQUEST +}; + +/* BTSAP 1.13 */ +enum osim_sap_msg_type { + SAP_CONNECT_REQ = 0x00, + SAP_CONNECT_RESP = 0x01, + SAP_DISCONNECT_REQ = 0x02, + SAP_DISCONNECT_RESP = 0x03, + SAP_DISCONNECT_IND = 0x04, + SAP_TRANSFER_APDU_REQ = 0x05, + SAP_TRANSFER_APDU_RESP = 0x06, + SAP_TRANSFER_ATR_REQ = 0x07, + SAP_TRANSFER_ATR_RESP = 0x08, + SAP_POWER_SIM_OFF_REQ = 0x09, + SAP_POWER_SIM_OFF_RESP = 0x0A, + SAP_POWER_SIM_ON_REQ = 0x0B, + SAP_POWER_SIM_ON_RESP = 0x0C, + SAP_RESET_SIM_REQ = 0x0D, + SAP_RESET_SIM_RESP = 0x0E, + SAP_TRANSFER_CARD_READER_STATUS_REQ = 0x0F, + SAP_TRANSFER_CARD_READER_STATUS_RESP = 0x10, + SAP_STATUS_IND = 0x11, + SAP_ERROR_RESP = 0x12, + SAP_SET_TRANSPORT_PROTOCOL_REQ = 0x13, + SAP_SET_TRANSPORT_PROTOCOL_RESP = 0x14 +}; + +/* BTSAP 5.2 */ +enum osim_sap_param_type { + SAP_MAX_MSG_SIZE = 0x00, + SAP_CONNECTION_STATUS = 0x01, + SAP_RESULT_CODE = 0x02, + SAP_DISCONNECTION_TYPE = 0x03, + SAP_COMMAND_APDU = 0x04, + SAP_COMMAND_APDU_7816 = 0x10, + SAP_RESPONSE_APDU = 0x05, + SAP_ATR = 0x06, + SAP_CARD_READER_STATUS = 0x07, + SAP_STATUS_CHANGE = 0x08, + SAP_TRANSPORT_PROTOCOL = 0x09 +}; + +struct sap_param { + uint8_t id; + uint16_t len; + uint8_t *value; +}; + +struct sap_msg { + uint8_t id; + uint8_t num_params; + struct sap_param *params; +}; + +struct osim_sap_entity { + int fd; + uint8_t sap_state; + uint16_t max_msg_size; + char * socket_path; +}; + +static const struct value_string sap_param_names[] = { + {SAP_MAX_MSG_SIZE, "MaxMsgSize"}, + {SAP_CONNECTION_STATUS, "ConnectionStatus"}, + {SAP_RESULT_CODE, "ResultCode"}, + {SAP_DISCONNECTION_TYPE, "DisconnectionType"}, + {SAP_COMMAND_APDU, "CommandAPDU"}, + {SAP_COMMAND_APDU_7816, "CommandAPDU7816"}, + {SAP_RESPONSE_APDU, "ResponseAPDU"}, + {SAP_ATR, "ATR"}, + {SAP_CARD_READER_STATUS, "CardReaderStatus"}, + {SAP_STATUS_CHANGE, "StatusChange"}, + {SAP_TRANSPORT_PROTOCOL, "TransportProtocol"} +}; + +static const struct value_string sap_msg_names[] = { + {SAP_CONNECT_REQ, "CONNECT_REQ"}, + {SAP_CONNECT_RESP, "CONNECT_RESP"}, + {SAP_DISCONNECT_REQ, "DISCONNECT_REQ"}, + {SAP_DISCONNECT_RESP, "DISCONNECT_RESP"}, + {SAP_DISCONNECT_IND, "DISCONNECT_IND"}, + {SAP_TRANSFER_APDU_REQ, "TRANSFER_APDU_REQ"}, + {SAP_TRANSFER_APDU_RESP, "TRANSFER_APDU_RESP"}, + {SAP_TRANSFER_ATR_REQ, "TRANSFER_ATR_REQ"}, + {SAP_TRANSFER_ATR_RESP, "TRANSFER_ATR_RESP"}, + {SAP_POWER_SIM_OFF_REQ, "POWER_SIM_OFF_REQ"}, + {SAP_POWER_SIM_OFF_RESP, "POWER_SIM_OFF_RESP"}, + {SAP_POWER_SIM_ON_REQ, "POWER_SIM_ON_REQ"}, + {SAP_POWER_SIM_ON_RESP, "POWER_SIM_ON_RESP"}, + {SAP_RESET_SIM_REQ, "RESET_SIM_REQ"}, + {SAP_RESET_SIM_RESP, "RESET_SIM_RESP"}, + {SAP_TRANSFER_CARD_READER_STATUS_REQ, "TRANSFER_CARD_READER_STATUS_REQ"}, + {SAP_TRANSFER_CARD_READER_STATUS_RESP, "TRANSFER_CARD_READER_STATUS_RESP"}, + {SAP_STATUS_IND, "STATUS_IND"}, + {SAP_ERROR_RESP, "ERROR_RESP"}, + {SAP_SET_TRANSPORT_PROTOCOL_REQ, "SET_TRANSPORT_PROTOCOL_REQ"}, + {SAP_SET_TRANSPORT_PROTOCOL_RESP, "SET_TRANSPORT_PROTOCOL_RESP"} +}; + +/* BTSAP table 5.18 */ +static const struct value_string sap_result_names[] = { + {0, "OK, request processed correctly"}, + {1, "Error, no reason defined"}, + {2, "Error, card not accessible"}, + {3, "Error, card (already) powered off"}, + {4, "Error, card removed"}, + {5, "Error, card already powered on"}, + {6, "Error, data not available"}, + {7, "Error, not supported"} +}; + +static const struct value_string sap_status_change_names[] = { + {0, "Unknown Error"}, + {1, "Card reset"}, + {2, "Card not accessible"}, + {3, "Card removed"}, + {4, "Card inserted"}, + {5, "Card recovered"}, +}; + +static const struct value_string sap_status_names[] = { + {0, "OK, Server can fulfill requirements"}, + {1, "Error, Server unable to establish connection"}, + {2, "Error, Server does not support maximum message size"}, + {3, "Error, maximum message size by Client is too small"}, + {4, "OK, ongoing call"} +}; + +static void sap_connect(struct osim_sap_entity *st); -- 1.7.10.4 --------------030201080608040809010804-- From mardnh at gmx.de Sat Apr 13 21:16:33 2013 From: mardnh at gmx.de (Martin Hauke) Date: Sat, 13 Apr 2013 23:16:33 +0200 Subject: [PATCH] fix cli output of mobile app Message-ID: <5169CB31.708@gmx.de> Hi, the cli output of the mobile-app command # show support prints the indication for A5/1 support twice. The attached small patch fixed that. - Martin -------------- next part -------------- A non-text attachment was scrubbed... Name: mobile.diff Type: text/x-patch Size: 1053 bytes Desc: not available URL: From 246tnt at gmail.com Sun Apr 14 07:01:27 2013 From: 246tnt at gmail.com (Sylvain Munaut) Date: Sun, 14 Apr 2013 09:01:27 +0200 Subject: [PATCH] fix cli output of mobile app In-Reply-To: <5169CB31.708@gmx.de> References: <5169CB31.708@gmx.de> Message-ID: > the cli output of the mobile-app command > # show support > prints the indication for A5/1 support twice. > The attached small patch fixed that. Merged, thanks. Cheers, Sylvain From hunghm.vn at gmail.com Mon Apr 15 09:18:30 2013 From: hunghm.vn at gmail.com (hungbangchu) Date: Mon, 15 Apr 2013 02:18:30 -0700 (PDT) Subject: Trying to registering with network... Message-ID: <1366017510737-4025989.post@n3.nabble.com> Hi all, *I get an issue: always "Trying to registering with network..."* *My configs and my logs:* mobile.cfg layer1.log mobile.log *Commands on OsmocomBB terminal:* root at UR:/tmp# telnet 127.0.0.1 4247 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. Welcome to the OsmocomBB control interface OsmocomBB> en OsmocomBB# sho OsmocomBB# show ms MS '1' is up, service is limited IMEI: 357337016773249 IMEISV: 3573370167732490 IMEI generation: fixed automatic network selection state: A0 null cell selection state: PLMN search radio ressource layer state: idle mobility management layer state: MM idle, PLMN search OsmocomBB# show OsmocomBB# show sub OsmocomBB# show subscriber Mobile Subscriber of MS '1': IMSI: 452040399998391 ICCID: 89840403940099983911 Service Provider Name: VIETTEL SMS Service Center Address: +84980200030 Status: U2_NOT_UPDATED IMSI detached LAI: invalid Key: sequence 1 74 5d 70 bb 32 6a a0 00 Access barred cells: no Access classes: C4 List of preferred PLMNs: MCC |MNC -------+------- 452 |04 (Vietnam, Viettel Mobile) 456 |08 (Cambodia, Viettel) 457 |03 (Laos, Unitel) 372 |03 (Haiti, 03) OsmocomBB# show OsmocomBB# show sup OsmocomBB# show support Supported features of MS '1': Phase 2 mobile station R-GSM : yes E-GSM : yes P-GSM : yes GSM900 Class : 4 DCS 1800 : yes DCS Class : 1 GSM 850 : yes GSM 850 Class: 4 PCS 1900 : yes PCS Class : 1 GSM 480 : no GSM 450 : no CECS : no VGCS : no VBS : no SMS : yes SS_IND : yes PS_CAP : no CMSP : no SoLSA : no LCSVA : no LOC_SERV : no A5/1 : yes A5/2 : yes A5/3 : no A5/4 : no A5/5 : no A5/6 : no A5/7 : no A5/1 : yes Channels : SDCCH + TCH/F + TCH/H Full-Rate V1 : yes Full-Rate V2 : yes Full-Rate V3 : no Half-Rate V1 : yes Half-Rate V3 : no Min RXLEV : -106 OsmocomBB# call 1 0987785050 OsmocomBB# % (MS 1) % Call has been rejected OsmocomBB# sms 1 0987785050 testSMS OsmocomBB# % (MS 1) % SMS to 0987785050 failed: (MO) SMS rejected OsmocomBB# net OsmocomBB# network sho OsmocomBB# network show 1 OsmocomBB# % (MS 1) % Trying to registering with network... % (MS 1) % Trying to registering with network... % (MS 1) % Trying to registering with network... % (MS 1) % Searching network... % (MS 1) % Trying to registering with network... % (MS 1) % Trying to registering with network... % (MS 1) % Searching network... OsmocomBB# sms 1 0987785050 testSMS % (MS 1) % Trying to registering with network... call 1 0987785050 OsmocomBB# % (MS 1) % Call has been rejected OsmocomBB# sms 1 0987785050 testSMS OsmocomBB# % (MS 1) % SMS to 0987785050 failed: (MO) SMS rejected % (MS 1) % Trying to registering with network... -- View this message in context: http://baseband-devel.722152.n3.nabble.com/Trying-to-registering-with-network-tp4025989.html Sent from the baseband-devel mailing list archive at Nabble.com. From Max.Suraev at fairwaves.ru Mon Apr 15 13:05:59 2013 From: Max.Suraev at fairwaves.ru (=?UTF-8?B?4piO?=) Date: Mon, 15 Apr 2013 15:05:59 +0200 Subject: smsc Message-ID: <516BFB37.3090306@fairwaves.ru> Hi all. As far as I recall opensmsc doesn't have dedicated ML yet this seems to be appropriate place so far. I've found this open source project: https://code.google.com/p/smscgateway/ - hopefully it'll be of some use for opensmsc devs. -- best regards, Max, http://fairwaves.ru From peter at stuge.se Mon Apr 15 16:29:24 2013 From: peter at stuge.se (Peter Stuge) Date: Mon, 15 Apr 2013 18:29:24 +0200 Subject: smsc In-Reply-To: <516BFB37.3090306@fairwaves.ru> References: <516BFB37.3090306@fairwaves.ru> Message-ID: <20130415162924.16198.qmail@stuge.se> ? wrote: > As far as I recall opensmsc doesn't have dedicated ML yet this > seems to be appropriate place so far. I think OpenBSC would be a better choice. The SMSC has nothing whatsoever to do with baseband. > I've found this open source project: https://code.google.com/p/smscgateway/ - > hopefully it'll be of some use for opensmsc devs. Never say never, but.. /tmp/smscgateway $ find -type f|grep java ./test/oam/src/main/java/org/mobicents/smsc/oam/TestShellExecutor.java ./test/mapmodule/src/main/java/org/mobicents/smsc/ihub/MAPSimulator.java ./test/mapmodule/src/main/java/org/mobicents/smsc/ihub/MAPListener.java ./test/bootstrap/src/main/java/org/mobicents/smsc/server/bootstrap/TestVersion.java ./test/bootstrap/src/main/java/org/mobicents/smsc/server/bootstrap/MainDeployer.java ./test/bootstrap/src/main/java/org/mobicents/smsc/server/bootstrap/Main.java ./test/bootstrap/src/main/java/org/mobicents/smsc/server/bootstrap/FileFilterImpl.java ./test/bootstrap/src/main/java/org/mobicents/smsc/server/bootstrap/Configuration.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/SmscPropertiesManagementMBean.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/SmscPropertiesManagement.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/SmscManagement.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/SmppSessionHandlerInterface.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/SmppServer.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/SmppInterfaceVersionType.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/SMSCShellExecutor.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/SMSCOAMMessages.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/SMPPServerServiceMBean.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/SMPPServerService.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/EsmeManagementMBean.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/EsmeManagement.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/Esme.java ./core/smpp/src/main/java/org/mobicents/smsc/smpp/DefaultSmppServerHandler.java ./core/slee/smpp-server-ra/ratype/src/main/java/org/mobicents/smsc/slee/resources/smpp/server/SmppServerTransactionACIFactory.java ./core/slee/smpp-server-ra/ratype/src/main/java/org/mobicents/smsc/slee/resources/smpp/server/SmppServerTransaction.java ./core/slee/smpp-server-ra/ratype/src/main/java/org/mobicents/smsc/slee/resources/smpp/server/SmppServerSessions.java ./core/slee/smpp-server-ra/ratype/src/main/java/org/mobicents/smsc/slee/resources/smpp/server/SmppServerSession.java ./core/slee/smpp-server-ra/ra/src/main/java/org/mobicents/smsc/slee/resources/smpp/server/SmppTransactionType.java ./core/slee/smpp-server-ra/ra/src/main/java/org/mobicents/smsc/slee/resources/smpp/server/SmppServerTransactionImpl.java ./core/slee/smpp-server-ra/ra/src/main/java/org/mobicents/smsc/slee/resources/smpp/server/SmppServerTransactionHandle.java ./core/slee/smpp-server-ra/ra/src/main/java/org/mobicents/smsc/slee/resources/smpp/server/SmppServerSessionsImpl.java ./core/slee/smpp-server-ra/ra/src/main/java/org/mobicents/smsc/slee/resources/smpp/server/SmppServerSessionImpl.java ./core/slee/smpp-server-ra/ra/src/main/java/org/mobicents/smsc/slee/resources/smpp/server/SmppServerResourceAdaptor.java ./core/slee/smpp-server-ra/ra/src/main/java/org/mobicents/smsc/slee/resources/smpp/server/EventIDCache.java ./core/slee/smpp-server-ra/events/src/main/java/org/mobicents/smsc/slee/resources/smpp/server/events/PduRequestTimeout.java ./core/slee/smpp-server-ra/events/src/main/java/org/mobicents/smsc/slee/resources/smpp/server/events/EventsType.java ./core/slee/services/txsmppserversbb/src/main/java/org/mobicents/smsc/slee/services/smpp/server/tx/TxSmppServerSbbActivityContextInterface.java ./core/slee/services/txsmppserversbb/src/main/java/org/mobicents/smsc/slee/services/smpp/server/tx/TxSmppServerSbb.java ./core/slee/services/rxsmppserversbb/src/main/java/org/mobicents/smsc/slee/services/smpp/server/rx/RxSmppServerSbb.java ./core/slee/services/mtsbb/src/main/java/org/mobicents/smsc/slee/services/mt/SriSbb.java ./core/slee/services/mtsbb/src/main/java/org/mobicents/smsc/slee/services/mt/MtSbbLocalObject.java ./core/slee/services/mtsbb/src/main/java/org/mobicents/smsc/slee/services/mt/MtSbb.java ./core/slee/services/mtsbb/src/main/java/org/mobicents/smsc/slee/services/mt/MtForwardSmsInterface.java ./core/slee/services/mtsbb/src/main/java/org/mobicents/smsc/slee/services/mt/MtCommonSbb.java ./core/slee/services/mtsbb/src/main/java/org/mobicents/smsc/slee/services/mt/MtActivityContextInterface.java ./core/slee/services/mosbb/src/main/java/org/mobicents/smsc/slee/services/mo/MoSbbLocalObject.java ./core/slee/services/mosbb/src/main/java/org/mobicents/smsc/slee/services/mo/MoSbb.java ./core/slee/services/mosbb/src/main/java/org/mobicents/smsc/slee/services/mo/MoCommonSbb.java ./core/slee/services/mosbb/src/main/java/org/mobicents/smsc/slee/services/mo/MoActivityContextInterface.java ./core/slee/services/events/src/main/java/org/mobicents/smsc/slee/services/smpp/server/events/SmsEvent.java ./core/slee/services/alertsbb/src/main/java/org/mobicents/smsc/slee/services/alert/AlertSbb.java ./core/oam/cli/src/main/java/org/mobicents/ss7/management/console/impl/SmscCommandHandler.java ./core/bootstrap/src/main/java/org/mobicents/smsc/server/bootstrap/Version.java ./core/bootstrap/src/main/java/org/mobicents/smsc/server/bootstrap/SS7ServiceMBean.java ./core/bootstrap/src/main/java/org/mobicents/smsc/server/bootstrap/SS7Service.java ..I wouldn't bet on it. My brain hurts too much already from the absurd structure. I didn't look at the code. //Peter From rafarevertf22 at gmail.com Tue Apr 16 23:19:06 2013 From: rafarevertf22 at gmail.com (R. Revert) Date: Tue, 16 Apr 2013 18:19:06 -0500 Subject: Layer2/3 Misc apps Message-ID: Hello I hope someone can help me whit this , that i dont understand, the sap_open() function... i already make in C115 , c139 and C118 (actually the C118 is not support for latino america) the Hello_world, Layer1 and Rssi, Im using a Latino american Sim card from Claro and Telefonica.. he provider are actually using GSM 850-1900 MHz.band Actually im trying to log in the Wireshark the GSM calls, sms and other's stuff to look at it... but when i try to run the "Misc apps " all the apps get me the same error- **** Failed to connect to '/tmp/osmocom_sap'. Failed during sap_open(), no SIM reader **** when i try to find this file is not created. root at cyttek:/opt/cellphone/osmocom-bb/src/host/layer23/src/misc# file /tmp/osmocom_* /tmp/osmocom_l2: socket /tmp/osmocom_loader: socket I find that is the file for the process of simcard reader (if im not wrong) .. but actually i didnt find the file its not created.. any one knows whats the problem or how i can dump to wireshark the stuff.? thanks... ================================================================================ root at raf10x:/opt/cellphone/osmocom-bb/src/host/layer23/src/misc# *./ccch_scan * Copyright (C) 2010 Harald Welte Contributions by Holger Hans Peter Freyther License GPLv2+: GNU GPL version 2 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Failed to connect to '/tmp/osmocom_sap'. Failed during sap_open(), no SIM reader ^CSignal 2 recevied. ================================================================================ root at raf10x:/opt/cellphone/osmocom-bb/src/host/layer23/src/misc# *./bcch_scan * Copyright (C) 2010 Harald Welte Contributions by Holger Hans Peter Freyther License GPLv2+: GNU GPL version 2 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Failed to connect to '/tmp/osmocom_sap'. Failed during sap_open(), no SIM reader ^CSignal 2 recevied. ================================================================================ root at raf10x:/opt/cellphone/osmocom-bb/src/host/layer23/src/misc# *./cbch_sniff * Copyright (C) 2010 Harald Welte Contributions by Holger Hans Peter Freyther License GPLv2+: GNU GPL version 2 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Failed to connect to '/tmp/osmocom_sap'. Failed during sap_open(), no SIM reader ^CSignal 2 recevied. ================================================================================ root at raf10x:/opt/cellphone/osmocom-bb/src/host/layer23/src/misc#*./cell_log * Copyright (C) 2010 Andreas Eversberg License GPLv2+: GNU GPL version 2 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Failed to connect to '/tmp/osmocom_sap'. Failed during sap_open(), no SIM reader <000e> cell_log.c:804 Scanner initialized Mobile initialized, please start phone now! ^CSignal 2 recevied. <000e> cell_log.c:811 Scanner exit * #__________________ Atte. **Rafael R.* -------------- next part -------------- An HTML attachment was scrubbed... URL: From peter at stuge.se Wed Apr 17 00:42:59 2013 From: peter at stuge.se (Peter Stuge) Date: Wed, 17 Apr 2013 02:42:59 +0200 Subject: Layer2/3 Misc apps In-Reply-To: References: Message-ID: <20130417004259.2314.qmail@stuge.se> R. Revert wrote: > **** > Failed to connect to '/tmp/osmocom_sap'. > Failed during sap_open(), no SIM reader > **** > when i try to find this file is not created. You can always reverse engineer the source code. I think it will be infinitely faster than waiting for someone to do it for you and tell you what they discovered. ~ $ cd /tmp /tmp $ git clone git://git.osmocom.org/osmocom-bb.git Cloning into 'osmocom-bb'... remote: Counting objects: 19449, done. remote: Compressing objects: 100% (5614/5614), done. remote: Total 19449 (delta 13604), reused 18573 (delta 12910) Receiving objects: 100% (19449/19449), 3.39 MiB | 427 KiB/s, done. Resolving deltas: 100% (13604/13604), done. /tmp $ cd osmocom-bb/ /tmp/osmocom-bb $ git grep osmocom_sap src/host/layer23/src/common/main.c:static char *sap_socket_path = "/tmp/osmocom_sap"; src/host/layer23/src/common/main.c: printf(" -S --sap /tmp/osmocom_sap. Path to the " src/host/layer23/src/mobile/settings.c:static char *sap_socket_path = "/tmp/osmocom_sap"; src/host/layer23/src/mobile/vty_interface.c: "Unix socket, default '/tmp/osmocom_sap'") /tmp/osmocom-bb $ //Peter From rafarevertf22 at gmail.com Wed Apr 17 05:02:07 2013 From: rafarevertf22 at gmail.com (R. Revert) Date: Wed, 17 Apr 2013 00:02:07 -0500 Subject: Layer2/3 Misc apps In-Reply-To: <20130417004259.2314.qmail@stuge.se> References: <20130417004259.2314.qmail@stuge.se> Message-ID: Peter wrote: > > >You can always reverse engineer the source code. I think it will be > >infinitely faster than waiting for someone to do it for you and tell > >you what they discovered. > Thank's what im trying to do who to get osmocom cell_log and other misc apps running But i think that i need that file if im not wrong.. 1) Reading symbols from /opt/cellphone/osmocom-bb/src/host/layer23/src/misc/cell_log...done. (gdb) list 92,97 92 93 if (options & L23_OPT_SAP) 94 printf(" -S --sap /tmp/osmocom_sap. Path to the " 95 "unix domain socket (BTSAP)\n"); 96 97 if (options & L23_OPT_ARFCN) (gdb) 2) root at raf10x:/opt/cellphone/osmocom-bb/src# git grep L23_OPT_SAP host/layer23/include/osmocom/bb/common/l23_app.h: L23_OPT_SAP = 1, host/layer23/src/common/main.c: if (options & L23_OPT_SAP) the L23_OPT_SAP is set to 1 and the options is comming from l23_app_info *app = l23_app_info(); that end up to l23_app.h file.. i actually Stock whit this 2 to cuestions : 1) do i actually new to unlock the cellphone to download GSM info to Wireshark .because i got the cell phone lock from colombian providers but im actually using a peruvian SIM whit other peruvian ISP. I supposed that when the Firmware layer1 is upload it sould not take care about the info configurations fron the phones 2) do i need the osmocom_sap socket ? if yes were i can find this to run the "Misc apps" Thnks R. Revert -------------- next part -------------- An HTML attachment was scrubbed... URL: From 246tnt at gmail.com Wed Apr 17 06:00:33 2013 From: 246tnt at gmail.com (Sylvain Munaut) Date: Wed, 17 Apr 2013 08:00:33 +0200 Subject: Layer2/3 Misc apps In-Reply-To: References: Message-ID: > Actually im trying to log in the Wireshark the GSM calls, sms and other's > stuff to look at it... but when i try to run the "Misc apps " all the apps > get me the same error- > > **** > Failed to connect to '/tmp/osmocom_sap'. > Failed during sap_open(), no SIM reader > **** You can safely ignore this. This is not a fata error, merely a warning for a functionality which is not fully implemented. Cheers, Sylvain From arslan.anj at gmail.com Sun Apr 21 14:14:42 2013 From: arslan.anj at gmail.com (Arslan Anjum) Date: Sun, 21 Apr 2013 19:14:42 +0500 Subject: LOGP and Changes to lapdm.c and lapdm.h Message-ID: Good evening all or whatever time it is there! 1. For debugging I have added a FILE* opf; member to lapdm_entity struct in lapdm.h But when I try to initialize this file pointer in mobile_init function in app_mobile.c I get a compile time error that lapdm_entity does not have a member named 'opf'. 2. When I declare the same member in osmocom_ms struct I don't get this error. 3. Furthermore, any changes I make to lapdm.c don't show up on runtime. I can quote specific examples but the mail would get long. Lastly is there any documentation on for LOGP and how to see it's different log levels. Regards, Arslan -------------- next part -------------- An HTML attachment was scrubbed... URL: From pabftk at gmail.com Sun Apr 21 17:52:51 2013 From: pabftk at gmail.com (Pavel Baturko) Date: Sun, 21 Apr 2013 21:52:51 +0400 Subject: LOGP and Changes to lapdm.c and lapdm.h In-Reply-To: References: Message-ID: Hi Arslan, You made changes in lapdm.* files in shared libosmocore (OsmocomBB git repo, path src/shared/libosmocore/) or in separate libosmocore (from its own repo)? You should use the last one. Thanks, Pavel On Sun, Apr 21, 2013 at 6:14 PM, Arslan Anjum wrote: > Good evening all or whatever time it is there! > > 1. For debugging I have added a FILE* opf; member to lapdm_entity struct > in lapdm.h > > But when I try to initialize this file pointer in mobile_init function in > app_mobile.c I get a compile time error that lapdm_entity does not have a > member named 'opf'. > > 2. When I declare the same member in osmocom_ms struct I don't get this > error. > > 3. Furthermore, any changes I make to lapdm.c don't show up on runtime. I > can quote specific examples but the mail would get long. > > Lastly is there any documentation on for LOGP and how to see it's > different log levels. > > Regards, > > Arslan > -------------- next part -------------- An HTML attachment was scrubbed... URL: From arslan.anj at gmail.com Sun Apr 21 18:54:21 2013 From: arslan.anj at gmail.com (Arslan Anjum) Date: Sun, 21 Apr 2013 23:54:21 +0500 Subject: LOGP and Changes to lapdm.c and lapdm.h In-Reply-To: References: Message-ID: I did the first one. But if I do the second one how do I use that with OsmocomBB? Thanks, Arslan On Sun, Apr 21, 2013 at 10:52 PM, Pavel Baturko wrote: > Hi Arslan, > > You made changes in lapdm.* files in shared libosmocore (OsmocomBB git > repo, path src/shared/libosmocore/) or in separate libosmocore (from its > own repo)? You should use the last one. > > Thanks, > Pavel > > > > On Sun, Apr 21, 2013 at 6:14 PM, Arslan Anjum wrote: > >> Good evening all or whatever time it is there! >> >> 1. For debugging I have added a FILE* opf; member to lapdm_entity struct >> in lapdm.h >> >> But when I try to initialize this file pointer in mobile_init function in >> app_mobile.c I get a compile time error that lapdm_entity does not have a >> member named 'opf'. >> >> 2. When I declare the same member in osmocom_ms struct I don't get this >> error. >> >> 3. Furthermore, any changes I make to lapdm.c don't show up on runtime. I >> can quote specific examples but the mail would get long. >> >> Lastly is there any documentation on for LOGP and how to see it's >> different log levels. >> >> Regards, >> >> Arslan >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From pabftk at gmail.com Sun Apr 21 19:12:15 2013 From: pabftk at gmail.com (Pavel Baturko) Date: Sun, 21 Apr 2013 23:12:15 +0400 Subject: LOGP and Changes to lapdm.c and lapdm.h In-Reply-To: References: Message-ID: While configuring OsmoBB path to separate libosmocore is set in makefiles. So add something to headers in libosmocore and code in OsmoBB will see changes. If you are changing src files of libosmocore you'll need to rebuild it. Thanks, Pavel On Sun, Apr 21, 2013 at 10:54 PM, Arslan Anjum wrote: > I did the first one. But if I do the second one how do I use that with > OsmocomBB? > > Thanks, > > Arslan > > > On Sun, Apr 21, 2013 at 10:52 PM, Pavel Baturko wrote: > >> Hi Arslan, >> >> You made changes in lapdm.* files in shared libosmocore (OsmocomBB git >> repo, path src/shared/libosmocore/) or in separate libosmocore (from its >> own repo)? You should use the last one. >> >> Thanks, >> Pavel >> >> >> >> On Sun, Apr 21, 2013 at 6:14 PM, Arslan Anjum wrote: >> >>> Good evening all or whatever time it is there! >>> >>> 1. For debugging I have added a FILE* opf; member to lapdm_entity struct >>> in lapdm.h >>> >>> But when I try to initialize this file pointer in mobile_init function >>> in app_mobile.c I get a compile time error that lapdm_entity does not have >>> a member named 'opf'. >>> >>> 2. When I declare the same member in osmocom_ms struct I don't get this >>> error. >>> >>> 3. Furthermore, any changes I make to lapdm.c don't show up on runtime. >>> I can quote specific examples but the mail would get long. >>> >>> Lastly is there any documentation on for LOGP and how to see it's >>> different log levels. >>> >>> Regards, >>> >>> Arslan >>> >> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From arslan.anj at gmail.com Sun Apr 28 05:27:15 2013 From: arslan.anj at gmail.com (Arslan Anjum) Date: Sun, 28 Apr 2013 10:27:15 +0500 Subject: LOGP and Changes to lapdm.c and lapdm.h In-Reply-To: References: Message-ID: Thanks. It worked! Arslan Anjum Research Assistant Lahore University of Management Sciences, Pakistan http://lums.edu.pk/sse/ee/ On Mon, Apr 22, 2013 at 12:12 AM, Pavel Baturko wrote: > While configuring OsmoBB path to separate libosmocore is set in makefiles. > So add something to headers in libosmocore and code in OsmoBB will see > changes. If you are changing src files of libosmocore you'll need to > rebuild it. > > Thanks, > Pavel > > > On Sun, Apr 21, 2013 at 10:54 PM, Arslan Anjum wrote: > >> I did the first one. But if I do the second one how do I use that with >> OsmocomBB? >> >> Thanks, >> >> Arslan >> >> >> On Sun, Apr 21, 2013 at 10:52 PM, Pavel Baturko wrote: >> >>> Hi Arslan, >>> >>> You made changes in lapdm.* files in shared libosmocore (OsmocomBB git >>> repo, path src/shared/libosmocore/) or in separate libosmocore (from >>> its own repo)? You should use the last one. >>> >>> Thanks, >>> Pavel >>> >>> >>> >>> On Sun, Apr 21, 2013 at 6:14 PM, Arslan Anjum wrote: >>> >>>> Good evening all or whatever time it is there! >>>> >>>> 1. For debugging I have added a FILE* opf; member to lapdm_entity >>>> struct in lapdm.h >>>> >>>> But when I try to initialize this file pointer in mobile_init function >>>> in app_mobile.c I get a compile time error that lapdm_entity does not have >>>> a member named 'opf'. >>>> >>>> 2. When I declare the same member in osmocom_ms struct I don't get this >>>> error. >>>> >>>> 3. Furthermore, any changes I make to lapdm.c don't show up on runtime. >>>> I can quote specific examples but the mail would get long. >>>> >>>> Lastly is there any documentation on for LOGP and how to see it's >>>> different log levels. >>>> >>>> Regards, >>>> >>>> Arslan >>>> >>> >>> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From digi_c at arcor.de Mon Apr 22 09:18:43 2013 From: digi_c at arcor.de (Matthias Meisser) Date: Mon, 22 Apr 2013 11:18:43 +0200 Subject: cell_log + gsmmap = KML without positions Message-ID: <51750073.1010609@arcor.de> Hi list, sorry for abusing the list for a somewhat support request but unfortunatly I didn't got answers in the IRC. I'm interested to use BB for some experiments on mapping GSM cells (opencellid.org and similar). So I finally got cell_log to work and my general BB setup works fine here on my laptop. But even with a working GPS, I don't get any positions in the osmocom logfile or the resulting kml by gsmap. Here is what I do: I pair my Bluetooth GPS via sudo rfcomm connect /dev/rfcomm0 00:AA:BB:CC:DD:EE I test it via sudo cat /dev/rfcomm0 and it prints the usual NMEA stuff I connect my mobile C123 and fire up osmocon with L23: sudo ./osmocon -p /dev/ttyUSB0 -m c123xor '/home/matthias/opencellid/osmocom-bb/src/target/firmware/board/compal_e88/layer1.compalram.bin' After upload I start cell_log sudo ./cell_log -f /dev/rfcomm0 which looks ok: <0010> app_cell_log.c:216 Using GPS serial device /dev/rfcomm0 Failed to connect to '/tmp/osmocom_sap'. Failed during sap_open(), no SIM reader <000e> cell_log.c:804 Scanner initialized Mobile initialized, please start phone now! <000e> cell_log.c:368 Measure from 0 to 124 <000e> cell_log.c:368 Measure from 512 to 885 <000e> cell_log.c:368 Measure from 955 to 1023 <000e> cell_log.c:359 Measurement done <000e> cell_log.c:341 Sync ARFCN 17 (rxlev -59, 421 syncs left) <000e> cell_log.c:341 Sync ARFCN 675 (rxlev -62, 420 syncs left) <000e> cell_log.c:341 Sync ARFCN 85 (rxlev -65, 419 syncs left) <000e> cell_log.c:191 Cell: ARFCN=85 MCC=262 MNC=01 (Germany, T-Mobile) <000e> cell_log.c:341 Sync ARFCN 47 (rxlev -66, 418 syncs left) <000e> cell_log.c:191 Cell: ARFCN=47 MCC=262 MNC=01 (Germany, T-Mobile) <000e> cell_log.c:341 Sync ARFCN 6 (rxlev -73, 417 syncs left) <000e> cell_log.c:191 Cell: ARFCN=6 MCC=262 MNC=02 (Germany, Vodafone) <000e> cell_log.c:341 Sync ARFCN 75 (rxlev -73, 416 syncs left) <000e> cell_log.c:191 Cell: ARFCN=75 MCC=262 MNC=02 (Germany, Vodafone) <000e> cell_log.c:341 Sync ARFCN 671 (rxlev -73, 415 syncs left) <000e> cell_log.c:341 Sync ARFCN 22 (rxlev -75, 414 syncs left) <000e> cell_log.c:341 Sync ARFCN 25 (rxlev -75, 413 syncs left) <000e> cell_log.c:341 Sync ARFCN 20 (rxlev -77, 412 syncs left) <000e> cell_log.c:341 Sync ARFCN 90 (rxlev -78, 411 syncs left) But it doesn't write any positions at the logfile nor shows that it got a working GPS position. Only at a few starts I saw this line coming up: <000e> cell_log.c:804 Scanner initialized Mobile initialized, please start phone now! NMEA checksum error So I tried to set the baud rate but this message doesn't seem to be reproducable. Is there anything else I can do, or might it be some kind of software bug for my specific setup? cya, Matthias