This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
laforge gerrit-no-reply at lists.osmocom.orglaforge has submitted this change. ( https://gerrit.osmocom.org/c/osmo-iuh/+/22756 )
Change subject: ranap_msg_factory: Allow detailed control over UEA/UIA algorithm encoded
......................................................................
ranap_msg_factory: Allow detailed control over UEA/UIA algorithm encoded
Change-Id: I6d2d033b0427bdc84fee61e0f3cb7b29935214bf
Closes: OS#4143
---
M include/osmocom/ranap/ranap_msg_factory.h
M src/ranap_msg_factory.c
2 files changed, 51 insertions(+), 16 deletions(-)
Approvals:
Jenkins Builder: Verified
pespin: Looks good to me, but someone else must approve
laforge: Looks good to me, approved
diff --git a/include/osmocom/ranap/ranap_msg_factory.h b/include/osmocom/ranap/ranap_msg_factory.h
index f1f3fcc..d89a1ae 100644
--- a/include/osmocom/ranap/ranap_msg_factory.h
+++ b/include/osmocom/ranap/ranap_msg_factory.h
@@ -13,6 +13,9 @@
struct msgb *ranap_new_msg_dt(uint8_t sapi, const uint8_t *nas, unsigned int nas_len);
/*! \brief generate RANAP SECURITY MODE COMMAND message */
+struct msgb *ranap_new_msg_sec_mod_cmd2(const uint8_t *ik, const uint8_t *ck, enum RANAP_KeyStatus status,
+ uint8_t uia_bitmask, uint8_t uea_bitmask);
+
struct msgb *ranap_new_msg_sec_mod_cmd(const uint8_t *ik, const uint8_t *ck, enum RANAP_KeyStatus status);
/*! \brief generate RANAP SECURITY MODE COMPLETE message */
diff --git a/src/ranap_msg_factory.c b/src/ranap_msg_factory.c
index 2ae2dbf..121514c 100644
--- a/src/ranap_msg_factory.c
+++ b/src/ranap_msg_factory.c
@@ -202,18 +202,15 @@
return msg;
}
-static const enum RANAP_IntegrityProtectionAlgorithm ip_alg[2] = {
- RANAP_IntegrityProtectionAlgorithm_standard_UMTS_integrity_algorithm_UIA1,
- RANAP_IntegrityProtectionAlgorithm_standard_UMTS_integrity_algorithm_UIA2,
-};
-
-static const RANAP_EncryptionAlgorithm_t enc_alg[2] = {
- RANAP_EncryptionAlgorithm_standard_UMTS_encryption_algorith_UEA1,
- RANAP_EncryptionAlgorithm_standard_UMTS_encryption_algorithm_UEA2,
-};
-
-/*! \brief generate RANAP SECURITY MODE COMMAND message */
-struct msgb *ranap_new_msg_sec_mod_cmd(const uint8_t *ik, const uint8_t *ck, enum RANAP_KeyStatus status)
+/*! \brief generate RANAP SECURITY MODE COMMAND message.
+ * \param[in] ik 128bit integrity protection key (mandatory)
+ * \param[in] ck 128bit ciphering key (optional)
+ * \param[in] status key status
+ * \param[in] uia_bitmask bit-mask of UIA algorithms; Bit0 = UIA0 .. Bit2 = UIA2
+ * \param[in] uea_bitmask bit-mask of UEA algorithms; Bit0 = UEA0 .. Bit2 = UEA2; ck required
+ * \returns message buffer with encoded command message */
+struct msgb *ranap_new_msg_sec_mod_cmd2(const uint8_t *ik, const uint8_t *ck, enum RANAP_KeyStatus status,
+ uint8_t uia_bitmask, uint8_t uea_bitmask)
{
RANAP_SecurityModeCommandIEs_t ies;
RANAP_SecurityModeCommand_t out;
@@ -223,11 +220,26 @@
memset(&ies, 0, sizeof(ies));
memset(&out, 0, sizeof(out));
- for (i = 0; i < ARRAY_SIZE(ip_alg); i++) {
+ for (i = 0; i < 8; i++) {
+ RANAP_IntegrityProtectionAlgorithm_t ialg;
+ if (!(uia_bitmask & (1 << i)))
+ continue;
+ switch (i) {
+ case 1:
+ ialg = RANAP_IntegrityProtectionAlgorithm_standard_UMTS_integrity_algorithm_UIA1;
+ break;
+ case 2:
+ ialg = RANAP_IntegrityProtectionAlgorithm_standard_UMTS_integrity_algorithm_UIA2;
+ break;
+ default:
+ LOGP(DRANAP, "Unsupported UIA algorithm UIA%d specified\n", i);
+ return NULL;
+ }
+
/* needs to be dynamically allocated, as
* SET_OF_free() will call FREEMEM() on it */
RANAP_IntegrityProtectionAlgorithm_t *alg = CALLOC(1, sizeof(*alg));
- *alg = ip_alg[i];
+ *alg = ialg;
ASN_SEQUENCE_ADD(&ies.integrityProtectionInformation.permittedAlgorithms, alg);
}
@@ -235,11 +247,27 @@
if (ck) {
ies.presenceMask = SECURITYMODECOMMANDIES_RANAP_ENCRYPTIONINFORMATION_PRESENT;
- for (i = 0; i < ARRAY_SIZE(ip_alg); i++) {
+ for (i = 0; i < 8; i++) {
+ RANAP_EncryptionAlgorithm_t ealg;
+ if (!(uea_bitmask & (1 << i)))
+ continue;
+ switch (i) {
+ case 1:
+ ealg = RANAP_EncryptionAlgorithm_standard_UMTS_encryption_algorith_UEA1;
+ break;
+ case 2:
+ ealg = RANAP_EncryptionAlgorithm_standard_UMTS_encryption_algorithm_UEA2;
+ break;
+ default:
+ LOGP(DRANAP, "Unsupported UEA algorithm UEA%d specified\n", i);
+ asn_set_empty(&ies.integrityProtectionInformation.permittedAlgorithms);
+ return NULL;
+ }
+
/* needs to be dynamically allocated, as
* SET_OF_free() will call FREEMEM() on it */
RANAP_EncryptionAlgorithm_t *alg = CALLOC(1, sizeof(*alg));
- *alg = enc_alg[i];
+ *alg = ealg;
ASN_SEQUENCE_ADD(&ies.encryptionInformation.permittedAlgorithms, alg);
}
BIT_STRING_fromBuf(&ies.encryptionInformation.key, ck, 16*8);
@@ -271,6 +299,10 @@
return msg;
}
+struct msgb *ranap_new_msg_sec_mod_cmd(const uint8_t *ik, const uint8_t *ck, enum RANAP_KeyStatus status)
+{
+ return ranap_new_msg_sec_mod_cmd2(ik, ck, status, 0x06, 0x06);
+}
/*! \brief generate RANAP SECURITY MODE COMPLETE message */
struct msgb *ranap_new_msg_sec_mod_compl(
--
To view, visit https://gerrit.osmocom.org/c/osmo-iuh/+/22756
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings
Gerrit-Project: osmo-iuh
Gerrit-Branch: master
Gerrit-Change-Id: I6d2d033b0427bdc84fee61e0f3cb7b29935214bf
Gerrit-Change-Number: 22756
Gerrit-PatchSet: 2
Gerrit-Owner: laforge <laforge at osmocom.org>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: laforge <laforge at osmocom.org>
Gerrit-Reviewer: neels <nhofmeyr at sysmocom.de>
Gerrit-Reviewer: pespin <pespin at sysmocom.de>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20210210/3a0eca99/attachment.htm>