This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Hoernchen gerrit-no-reply at lists.osmocom.orgHoernchen has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-bsc/+/24635 ) Change subject: [WIP] a5/4 support ...................................................................... [WIP] a5/4 support Change-Id: I7c458c8a7350f34ff79531b3c891e1b367614469 Related: SYS#5324 --- M include/osmocom/bsc/gsm_data.h M src/osmo-bsc/abis_rsl.c M src/osmo-bsc/handover_fsm.c M src/osmo-bsc/osmo_bsc_bssap.c 4 files changed, 41 insertions(+), 3 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-bsc refs/changes/35/24635/1 diff --git a/include/osmocom/bsc/gsm_data.h b/include/osmocom/bsc/gsm_data.h index 2515d7e..cc0bbe5 100644 --- a/include/osmocom/bsc/gsm_data.h +++ b/include/osmocom/bsc/gsm_data.h @@ -234,6 +234,7 @@ struct gsm0808_channel_type ct; struct gsm0808_speech_codec_list scl; struct gsm0808_encrypt_info ei; + uint8_t kc128[16]; struct gsm_classmark classmark; /* chosen_encr_alg reflects the encoded value as in RSL_ENC_ALG_A5(a5_numer): * chosen_encr_alg == 1 means A5/0 i.e. no encryption, chosen_encr_alg == 4 means A5/3. @@ -544,6 +545,7 @@ uint8_t alg_id; uint8_t key_len; uint8_t key[MAX_A5_KEY_LEN]; + uint8_t kc128[16]; }; #define LOGPLCHAN(lchan, ss, level, fmt, args...) \ diff --git a/src/osmo-bsc/abis_rsl.c b/src/osmo-bsc/abis_rsl.c index 69052ee..3e3d92e 100644 --- a/src/osmo-bsc/abis_rsl.c +++ b/src/osmo-bsc/abis_rsl.c @@ -156,8 +156,11 @@ static int build_encr_info(uint8_t *out, struct gsm_lchan *lchan) { *out++ = lchan->encr.alg_id & 0xff; - if (lchan->encr.key_len) + if (lchan->encr.alg_id == GSM0808_ALG_ID_A5_4) + memcpy(out, lchan->encr.kc128, 16); + else if (lchan->encr.key_len) memcpy(out, lchan->encr.key, lchan->encr.key_len); +!!! only one key return lchan->encr.key_len + 1; } diff --git a/src/osmo-bsc/handover_fsm.c b/src/osmo-bsc/handover_fsm.c index 8141a5d..e18504e 100644 --- a/src/osmo-bsc/handover_fsm.c +++ b/src/osmo-bsc/handover_fsm.c @@ -454,6 +454,8 @@ int payload_length; bool aoip = gscon_is_aoip(conn); bool sccplite = gscon_is_sccplite(conn); + bool has_a54 = false; + int i; if ((aoip && sccplite) || !(aoip || sccplite)) { LOG_HO(conn, LOGL_ERROR, "Received BSSMAP Handover Request, but conn is not" @@ -485,6 +487,22 @@ return false; } + for( i= 0; i < req->ei.perm_algo_len; i++) { + has_a54 = req->ei.perm_algo[i] == GSM0808_ALG_ID_A5_4; + if (has_a54) + break; + } + + /* kc128 mandatory for a5/4 */ + if (has_a54) { + if (!(e = TLVP_GET(tp, GSM0808_IE_KC_128)) || e->len != 16) { + LOG_HO(conn, LOGL_ERROR, "Missing kc128 IE\n"); + return false; + } + memcpy(req->kc128, e->val, 16); + } + + if ((e = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_TYPE_1))) { if (e->len != sizeof(req->classmark.classmark1)) { LOG_HO(conn, LOGL_ERROR, "Classmark Information 1 has wrong size\n"); @@ -513,9 +531,9 @@ req->chosen_encr_alg); } - LOG_HO(conn, LOGL_DEBUG, "Handover Request encryption info: chosen=A5/%u key=%s\n", + LOG_HO(conn, LOGL_DEBUG, "Handover Request encryption info: chosen=A5/%u key=%s kc128=%s\n", (req->chosen_encr_alg ? : 1) - 1, req->ei.key_len? - osmo_hexdump_nospc(req->ei.key, req->ei.key_len) : "none"); + osmo_hexdump_nospc(req->ei.key, req->ei.key_len) : "none", has_a54 ? osmo_hexdump_nospc(req->kc128, 16) : "none"); if (TLVP_PRESENT(tp, GSM0808_IE_AOIP_TRASP_ADDR)) { int rc; @@ -718,6 +736,7 @@ } memcpy(info.encr.key, req->ei.key, req->ei.key_len); info.encr.key_len = req->ei.key_len; + memcpy(info.encr.kc128, req->kc128, 16); } if (req->last_eutran_plmn_valid) { diff --git a/src/osmo-bsc/osmo_bsc_bssap.c b/src/osmo-bsc/osmo_bsc_bssap.c index da0429b..1b7e537 100644 --- a/src/osmo-bsc/osmo_bsc_bssap.c +++ b/src/osmo-bsc/osmo_bsc_bssap.c @@ -542,6 +542,14 @@ * a5_encryption == 2 --> 0x04 ... */ enc_bits_msc = data[0]; + + /* kc128 mandatory for a5/4 */ + if (enc_bits_msc & 0xf0 && !TLVP_PRESENT(&tp, GSM0808_IE_KC_128)) { + LOGP(DMSC, LOGL_ERROR, "IE kc128 missing.\n"); + reject_cause = GSM0808_CAUSE_INFORMATION_ELEMENT_OR_FIELD_MISSING; + goto reject; + } + /* The bit-mask of permitted ciphers from the MSC (sent in ASSIGNMENT COMMAND) is intersected * with the vty-configured mask a the BSC. Finally, the best (highest) possible cipher is * chosen. */ @@ -553,6 +561,12 @@ goto reject; } + if(chosen_cipher == 4) { + data = TLVP_VAL(&tp, GSM0808_IE_KC_128); + enc_key = &data[0]; + enc_key_len = 16; + } + /* To complete the confusion, gsm0808_cipher_mode again expects the encryption as a number * from 0 to 7. */ if (gsm0808_cipher_mode(conn, chosen_cipher, enc_key, enc_key_len, -- To view, visit https://gerrit.osmocom.org/c/osmo-bsc/+/24635 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-bsc Gerrit-Branch: master Gerrit-Change-Id: I7c458c8a7350f34ff79531b3c891e1b367614469 Gerrit-Change-Number: 24635 Gerrit-PatchSet: 1 Gerrit-Owner: Hoernchen <ewild at sysmocom.de> Gerrit-MessageType: newchange -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20210609/b3b87107/attachment.htm>