[PATCH] osmo-hlr[master]: VTY: enable Milenage-2G authentication algorithm

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.

Vadim Yanitskiy gerrit-no-reply at lists.osmocom.org
Mon Mar 19 15:54:12 UTC 2018 

Review at  https://gerrit.osmocom.org/7391

VTY: enable Milenage-2G authentication algorithm

Despite the current Milenage implementation in libosmogsm
does support 2G authentication, it has been disabled for
some long time. Let's enable it in order to support SIM
cards with Milenage algorithm set for 2G mode.

Change-Id: I6e6ff11d87bd9462db153ce6e32e7afc8197c38b
---
M src/db_hlr.c
M src/hlr_vty_subscr.c
M tests/db/db_test.c
M tests/db/db_test.err
M tests/test_subscriber.vty
5 files changed, 75 insertions(+), 37 deletions(-)


  git pull ssh://gerrit.osmocom.org:29418/osmo-hlr refs/changes/91/7391/1

diff --git a/src/db_hlr.c b/src/db_hlr.c
index c4d4974..b9315fc 100644
--- a/src/db_hlr.c
+++ b/src/db_hlr.c
@@ -221,13 +221,9 @@
 		case OSMO_AUTH_ALG_COMP128v1:
 		case OSMO_AUTH_ALG_COMP128v2:
 		case OSMO_AUTH_ALG_COMP128v3:
+		case OSMO_AUTH_ALG_MILENAGE:
 		case OSMO_AUTH_ALG_XOR:
 			break;
-		case OSMO_AUTH_ALG_MILENAGE:
-			LOGP(DAUC, LOGL_ERROR, "Cannot update auth tokens:"
-			     " auth algo not suited for 2G: %s\n",
-			     osmo_auth_alg_name(aud->algo));
-			return -EINVAL;
 		default:
 			LOGP(DAUC, LOGL_ERROR, "Cannot update auth tokens:"
 			     " Unknown auth algo: %d\n", aud->algo);
diff --git a/src/hlr_vty_subscr.c b/src/hlr_vty_subscr.c
index 7191a1c..3436636 100644
--- a/src/hlr_vty_subscr.c
+++ b/src/hlr_vty_subscr.c
@@ -269,11 +269,12 @@
 	return false;
 }
 
-#define AUTH_ALG_TYPES_2G "(comp128v1|comp128v2|comp128v3|xor)"
+#define AUTH_ALG_TYPES_2G "(comp128v1|comp128v2|comp128v3|milenage|xor)"
 #define AUTH_ALG_TYPES_2G_HELP \
 	"Use COMP128v1 algorithm\n" \
 	"Use COMP128v2 algorithm\n" \
 	"Use COMP128v3 algorithm\n" \
+	"Use Milenage algorithm\n"  \
 	"Use XOR algorithm\n"
 
 #define AUTH_ALG_TYPES_3G "milenage"
diff --git a/tests/db/db_test.c b/tests/db/db_test.c
index 6bf7a86..5b02b41 100644
--- a/tests/db/db_test.c
+++ b/tests/db/db_test.c
@@ -510,6 +510,11 @@
 	ASSERT_SEL_AUD(imsi0, 0, id);
 
 	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
+		mk_aud_2g(OSMO_AUTH_ALG_MILENAGE, "FacedBeef13046411a0ea5591a82AFee")),
+		0);
+	ASSERT_SEL_AUD(imsi0, 0, id);
+
+	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
 		mk_aud_2g(OSMO_AUTH_ALG_XOR, "CededEffacedAceFacedBadFadedBeef")),
 		0);
 	ASSERT_SEL_AUD(imsi0, 0, id);
@@ -612,6 +617,17 @@
 	comment("Set auth data, 2G and 3G");
 
 	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
+		mk_aud_2g(OSMO_AUTH_ALG_MILENAGE, "FacedBeef13046411a0ea5591a82AFee")),
+		0);
+	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
+		mk_aud_3g(OSMO_AUTH_ALG_MILENAGE,
+			  "BeefedCafeFaceAcedAddedDecadeFee", false,
+			  "DeafBeddedBabeAcceededFadedDecaf", 5)),
+		0);
+	ASSERT_SEL_AUD(imsi0, 0, id);
+	ASSERT_DB_GET_AUC(imsi0, N_VECTORS);
+
+	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
 		mk_aud_2g(OSMO_AUTH_ALG_COMP128v3, "CededEffacedAceFacedBadFadedBeef")),
 		0);
 	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
@@ -637,11 +653,6 @@
 
 	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
 		mk_aud_2g(OSMO_AUTH_ALG_XOR, "f00")),
-		-EINVAL);
-	ASSERT_SEL_AUD(imsi0, 0, id);
-
-	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
-		mk_aud_2g(OSMO_AUTH_ALG_MILENAGE, "0123456789abcdef0123456789abcdef")),
 		-EINVAL);
 	ASSERT_SEL_AUD(imsi0, 0, id);
 
diff --git a/tests/db/db_test.err b/tests/db/db_test.err
index 1d34045..64186a2 100644
--- a/tests/db/db_test.err
+++ b/tests/db/db_test.err
@@ -794,6 +794,18 @@
 }
 3G: none
 
+db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_MILENAGE, "FacedBeef13046411a0ea5591a82AFee")) --> 0
+
+db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
+DAUC IMSI='123456789000000': No 3G Auth Data
+
+2G: struct osmo_sub_auth_data {
+  .type = GSM,
+  .algo = MILENAGE,
+  .u.gsm.ki = 'facedbeef13046411a0ea5591a82afee',
+}
+3G: none
+
 db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_XOR, "CededEffacedAceFacedBadFadedBeef")) --> 0
 
 db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
@@ -985,6 +997,32 @@
 
 --- Set auth data, 2G and 3G
 
+db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_MILENAGE, "FacedBeef13046411a0ea5591a82AFee")) --> 0
+
+db_subscr_update_aud_by_id(dbc, id, mk_aud_3g(OSMO_AUTH_ALG_MILENAGE, "BeefedCafeFaceAcedAddedDecadeFee", false, "DeafBeddedBabeAcceededFadedDecaf", 5)) --> 0
+
+db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
+
+2G: struct osmo_sub_auth_data {
+  .type = GSM,
+  .algo = MILENAGE,
+  .u.gsm.ki = 'facedbeef13046411a0ea5591a82afee',
+}
+3G: struct osmo_sub_auth_data {
+  .type = UMTS,
+  .algo = MILENAGE,
+  .u.umts.opc = 'beefedcafefaceacedaddeddecadefee',
+  .u.umts.opc_is_op = 0,
+  .u.umts.k = 'deafbeddedbabeacceededfadeddecaf',
+  .u.umts.amf = '0000',
+  .u.umts.ind_bitlen = 5,
+}
+
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> 3
+DAUC IMSI='123456789000000': Calling to generate 3 vectors
+DAUC IMSI='123456789000000': Generated 3 vectors
+DAUC IMSI='123456789000000': Updating SQN=0 in DB
+
 db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_COMP128v3, "CededEffacedAceFacedBadFadedBeef")) --> 0
 
 db_subscr_update_aud_by_id(dbc, id, mk_aud_3g(OSMO_AUTH_ALG_MILENAGE, "BeefedCafeFaceAcedAddedDecadeFee", false, "DeafBeddedBabeAcceededFadedDecaf", 5)) --> 0
@@ -1056,26 +1094,6 @@
 
 db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_XOR, "f00")) --> -EINVAL
 DAUC Cannot update auth tokens: Invalid KI: 'f00'
-
-db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
-
-2G: struct osmo_sub_auth_data {
-  .type = GSM,
-  .algo = COMP128v3,
-  .u.gsm.ki = 'cededeffacedacefacedbadfadedbeef',
-}
-3G: struct osmo_sub_auth_data {
-  .type = UMTS,
-  .algo = MILENAGE,
-  .u.umts.opc = 'beefedcafefaceacedaddeddecadefee',
-  .u.umts.opc_is_op = 0,
-  .u.umts.k = 'deafbeddedbabeacceededfadeddecaf',
-  .u.umts.amf = '0000',
-  .u.umts.ind_bitlen = 5,
-}
-
-db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_MILENAGE, "0123456789abcdef0123456789abcdef")) --> -EINVAL
-DAUC Cannot update auth tokens: auth algo not suited for 2G: MILENAGE
 
 db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
 
diff --git a/tests/test_subscriber.vty b/tests/test_subscriber.vty
index 2da455f..fa80ece 100644
--- a/tests/test_subscriber.vty
+++ b/tests/test_subscriber.vty
@@ -7,7 +7,7 @@
   subscriber (imsi|msisdn|id) IDENT delete
   subscriber (imsi|msisdn|id) IDENT update msisdn MSISDN
   subscriber (imsi|msisdn|id) IDENT update aud2g none
-  subscriber (imsi|msisdn|id) IDENT update aud2g (comp128v1|comp128v2|comp128v3|xor) ki KI
+  subscriber (imsi|msisdn|id) IDENT update aud2g (comp128v1|comp128v2|comp128v3|milenage|xor) ki KI
   subscriber (imsi|msisdn|id) IDENT update aud3g none
   subscriber (imsi|msisdn|id) IDENT update aud3g milenage k K (op|opc) OP_C [ind-bitlen] [<0-28>]
 
@@ -101,6 +101,7 @@
   comp128v1  Use COMP128v1 algorithm
   comp128v2  Use COMP128v2 algorithm
   comp128v3  Use COMP128v3 algorithm
+  milenage   Use Milenage algorithm
   xor        Use XOR algorithm
 
 OsmoHLR# subscriber imsi 123456789023000 update aud2g comp128v1 ?
@@ -180,16 +181,27 @@
     2G auth: COMP128v3
              KI=c01ffedc1cadaeac1d1f1edacac1ab0a
 
-OsmoHLR# subscriber id 1 update aud2g nonsense ki BeefedCafeFaceAcedAddedDecadeFee
-% Unknown command.
+OsmoHLR# subscriber id 1 update aud2g milenage ki FacedBeef13046411a0ea5591a82AFee
 OsmoHLR# subscriber id 1 show
     ID: 1
     IMSI: 123456789023000
     MSISDN: 423
-    2G auth: COMP128v3
-             KI=c01ffedc1cadaeac1d1f1edacac1ab0a
+    2G auth: MILENAGE
+             KI=facedbeef13046411a0ea5591a82afee
+OsmoHLR# subscriber msisdn 423 show
+    ID: 1
+    IMSI: 123456789023000
+    MSISDN: 423
+    2G auth: MILENAGE
+             KI=facedbeef13046411a0ea5591a82afee
+OsmoHLR# subscriber imsi 123456789023000 show
+    ID: 1
+    IMSI: 123456789023000
+    MSISDN: 423
+    2G auth: MILENAGE
+             KI=facedbeef13046411a0ea5591a82afee
 
-OsmoHLR# subscriber id 1 update aud2g milenage ki BeefedCafeFaceAcedAddedDecadeFee
+OsmoHLR# subscriber id 1 update aud2g nonsense ki BeefedCafeFaceAcedAddedDecadeFee
 % Unknown command.
 OsmoHLR# subscriber id 1 show
     ID: 1

-- 
To view, visit https://gerrit.osmocom.org/7391
To unsubscribe, visit https://gerrit.osmocom.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I6e6ff11d87bd9462db153ce6e32e7afc8197c38b
Gerrit-PatchSet: 1
Gerrit-Project: osmo-hlr
Gerrit-Branch: master
Gerrit-Owner: Vadim Yanitskiy <axilirator at gmail.com>

More information about the gerrit-log mailing list