This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Max gerrit-no-reply at lists.osmocom.org
Review at https://gerrit.osmocom.org/469
SGSN: split GEA key management from TLLI
Move GEA key from TLLI assignment into separate function.
Change-Id: I8a0bc907072dc19cd9535a28b5252dc0f05357cc
Related: OS#1582
---
M openbsc/include/openbsc/gprs_llc.h
M openbsc/src/gprs/gprs_gmm.c
M openbsc/src/gprs/gprs_llc.c
M openbsc/src/gprs/gprs_sgsn.c
4 files changed, 38 insertions(+), 21 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/openbsc refs/changes/69/469/1
diff --git a/openbsc/include/openbsc/gprs_llc.h b/openbsc/include/openbsc/gprs_llc.h
index 8cd0c26..c48beb8 100644
--- a/openbsc/include/openbsc/gprs_llc.h
+++ b/openbsc/include/openbsc/gprs_llc.h
@@ -155,7 +155,10 @@
/* Crypto parameters */
enum gprs_ciph_algo algo;
- uint8_t kc[8];
+ uint8_t kc[16];
+ uint8_t cksn;
+ /* 3GPP TS 44.064 § 8.9.2: */
+ uint32_t iov_ui;
/* over which BSSGP BTS ctx do we need to transmit */
uint16_t bvci;
@@ -216,8 +219,7 @@
/* 04.64 Chapter 7.2.1.1 LLGMM-ASSIGN */
int gprs_llgmm_assign(struct gprs_llc_llme *llme,
- uint32_t old_tlli, uint32_t new_tlli,
- enum gprs_ciph_algo alg, const uint8_t *kc);
+ uint32_t old_tlli, uint32_t new_tlli);
int gprs_llgmm_unassign(struct gprs_llc_llme *llme);
int gprs_llc_init(const char *cipher_plugin_path);
@@ -240,6 +242,7 @@
}
/* LLC low level functions */
+void gprs_llme_set_key(struct sgsn_mm_ctx *mm, struct gprs_llc_llme *llme);
/* parse a GPRS LLC header, also check for invalid frames */
int gprs_llc_hdr_parse(struct gprs_llc_hdr_parsed *ghp,
diff --git a/openbsc/src/gprs/gprs_gmm.c b/openbsc/src/gprs/gprs_gmm.c
index 2ffd001..3df4e4a 100644
--- a/openbsc/src/gprs/gprs_gmm.c
+++ b/openbsc/src/gprs/gprs_gmm.c
@@ -969,8 +969,10 @@
ctx->gb.tlli_new = gprs_tmsi2tlli(ctx->p_tmsi, TLLI_LOCAL);
/* Inform LLC layer about new TLLI but keep old active */
- gprs_llgmm_assign(ctx->gb.llme, ctx->gb.tlli, ctx->gb.tlli_new,
- GPRS_ALGO_GEA0, NULL);
+ if (ctx->is_authenticated) {
+ gprs_llme_set_key(ctx, ctx->gb.llme);
+ }
+ gprs_llgmm_assign(ctx->gb.llme, ctx->gb.tlli, ctx->gb.tlli_new);
}
ctx->pending_req = GSM48_MT_GMM_ATTACH_REQ;
@@ -1269,8 +1271,7 @@
/* Inform LLC layer about new TLLI but keep old active */
gprs_llgmm_assign(mmctx->gb.llme, mmctx->gb.tlli,
- mmctx->gb.tlli_new, GPRS_ALGO_GEA0,
- NULL);
+ mmctx->gb.tlli_new);
}
/* Look at PDP Context Status IE and see if MS's view of
@@ -1405,9 +1406,9 @@
if (mmctx->ran_type == MM_CTX_T_GERAN_Gb) {
/* Unassign the old TLLI */
mmctx->gb.tlli = mmctx->gb.tlli_new;
+ gprs_llme_set_key(mmctx, mmctx->gb.llme);
gprs_llgmm_assign(mmctx->gb.llme, 0xffffffff,
- mmctx->gb.tlli_new,
- GPRS_ALGO_GEA0, NULL);
+ mmctx->gb.tlli_new);
}
mmctx->mm_state = GMM_REGISTERED_NORMAL;
rc = 0;
@@ -1428,8 +1429,8 @@
if (mmctx->ran_type == MM_CTX_T_GERAN_Gb) {
/* Unassign the old TLLI */
mmctx->gb.tlli = mmctx->gb.tlli_new;
- gprs_llgmm_assign(mmctx->gb.llme, 0xffffffff, mmctx->gb.tlli_new,
- GPRS_ALGO_GEA0, NULL);
+ gprs_llgmm_assign(mmctx->gb.llme, 0xffffffff,
+ mmctx->gb.tlli_new);
}
mmctx->mm_state = GMM_REGISTERED_NORMAL;
rc = 0;
diff --git a/openbsc/src/gprs/gprs_llc.c b/openbsc/src/gprs/gprs_llc.c
index 64d22b3..11e8358 100644
--- a/openbsc/src/gprs/gprs_llc.c
+++ b/openbsc/src/gprs/gprs_llc.c
@@ -236,6 +236,7 @@
llme->old_tlli = 0xffffffff;
llme->state = GPRS_LLMS_UNASSIGNED;
llme->age_timestamp = GPRS_LLME_RESET_AGE;
+ llme->cksn = GSM_KEY_SEQ_INVAL;
for (i = 0; i < ARRAY_SIZE(llme->lle); i++)
lle_init(llme, i);
@@ -365,6 +366,8 @@
msgb_free(msg);
return -EFBIG;
}
+
+ gprs_llme_set_key(mmctx, lle->llme);
/* Update LLE's (BVCI, NSEI) tuple */
lle->llme->bvci = msgb_bvci(msg);
@@ -687,17 +690,28 @@
return rc;
}
+/* Propagate crypto parameters MM -> LLME */
+void gprs_llme_set_key(struct sgsn_mm_ctx *mm, struct gprs_llc_llme *llme)
+{
+ if (!mm)
+ return;
+ if (mm->ciph_algo != GPRS_ALGO_GEA0) {
+ llme->algo = mm->ciph_algo;
+ if (llme->cksn != mm->auth_triplet.key_seq &&
+ mm->auth_triplet.key_seq != GSM_KEY_SEQ_INVAL) {
+ memcpy(llme->kc, mm->auth_triplet.vec.kc,
+ gprs_cipher_key_length(mm->ciph_algo));
+ llme->cksn = mm->auth_triplet.key_seq;
+ }
+ } else
+ llme->cksn = GSM_KEY_SEQ_INVAL;
+}
+
/* 04.64 Chapter 7.2.1.1 LLGMM-ASSIGN */
int gprs_llgmm_assign(struct gprs_llc_llme *llme,
- uint32_t old_tlli, uint32_t new_tlli,
- enum gprs_ciph_algo alg, const uint8_t *kc)
+ uint32_t old_tlli, uint32_t new_tlli)
{
unsigned int i;
-
- /* Update the crypto parameters */
- llme->algo = alg;
- if (alg != GPRS_ALGO_GEA0)
- memcpy(llme->kc, kc, sizeof(llme->kc));
if (old_tlli == 0xffffffff && new_tlli != 0xffffffff) {
/* TLLI Assignment 8.3.1 */
@@ -748,8 +762,7 @@
/* TLLI unassignment */
int gprs_llgmm_unassign(struct gprs_llc_llme *llme)
{
- return gprs_llgmm_assign(llme, llme->tlli, 0xffffffff, GPRS_ALGO_GEA0,
- NULL);
+ return gprs_llgmm_assign(llme, llme->tlli, 0xffffffff);
}
/* Chapter 7.2.1.2 LLGMM-RESET.req */
diff --git a/openbsc/src/gprs/gprs_sgsn.c b/openbsc/src/gprs/gprs_sgsn.c
index 98439de..711887e 100644
--- a/openbsc/src/gprs/gprs_sgsn.c
+++ b/openbsc/src/gprs/gprs_sgsn.c
@@ -244,7 +244,7 @@
if (llme) {
/* TLLI unassignment, must be called after sgsn_mm_ctx_free */
- gprs_llgmm_assign(llme, tlli, 0xffffffff, GPRS_ALGO_GEA0, NULL);
+ gprs_llgmm_assign(llme, tlli, 0xffffffff);
}
}
--
To view, visit https://gerrit.osmocom.org/469
To unsubscribe, visit https://gerrit.osmocom.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I8a0bc907072dc19cd9535a28b5252dc0f05357cc
Gerrit-PatchSet: 1
Gerrit-Project: openbsc
Gerrit-Branch: master
Gerrit-Owner: Max <msuraev at sysmocom.de>