<p>neels has uploaded this change for <strong>review</strong>.</p><p><a href="https://gerrit.osmocom.org/c/osmo-msc/+/24764">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">support A5/4 in Cipher Mode Command<br><br>Related: SYS#5324<br>Change-Id: I780a739b9bfbefd4f58be051794fe1a491823e67<br>---<br>M include/osmocom/msc/msc_common.h<br>M src/libmsc/msc_a.c<br>M src/libmsc/ran_msg_a.c<br>3 files changed, 35 insertions(+), 3 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://gerrit.osmocom.org:29418/osmo-msc refs/changes/64/24764/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/include/osmocom/msc/msc_common.h b/include/osmocom/msc/msc_common.h</span><br><span>index 8a43e69..e7ac559 100644</span><br><span>--- a/include/osmocom/msc/msc_common.h</span><br><span>+++ b/include/osmocom/msc/msc_common.h</span><br><span>@@ -32,6 +32,8 @@</span><br><span> uint8_t alg_id;</span><br><span> uint8_t key_len;</span><br><span> uint8_t key[MAX_A5_KEY_LEN];</span><br><span style="color: hsl(120, 100%, 40%);">+ bool kc128_present;</span><br><span style="color: hsl(120, 100%, 40%);">+ uint8_t kc128[MAX_A5_KEY_LEN];</span><br><span> };</span><br><span> </span><br><span> enum complete_layer3_type {</span><br><span>diff --git a/src/libmsc/msc_a.c b/src/libmsc/msc_a.c</span><br><span>index 05030d3..4c38c56 100644</span><br><span>--- a/src/libmsc/msc_a.c</span><br><span>+++ b/src/libmsc/msc_a.c</span><br><span>@@ -292,6 +292,14 @@</span><br><span> return msc_a_ran_enc_ciphering(msc_a, umts_aka, retrieve_imeisv);</span><br><span> }</span><br><span> </span><br><span style="color: hsl(120, 100%, 40%);">+static uint8_t filter_a5(uint8_t a5_mask, bool umts_aka)</span><br><span style="color: hsl(120, 100%, 40%);">+{</span><br><span style="color: hsl(120, 100%, 40%);">+ /* With GSM AKA: allow A5/0, 1, 3 = 0b00001011 = 0xb.</span><br><span style="color: hsl(120, 100%, 40%);">+ * UMTS aka: allow A5/0, 1, 3, 4 = 0b00011011 = 0x1b.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+ return a5_mask & (umts_aka ? 0x1b : 0x0b);</span><br><span style="color: hsl(120, 100%, 40%);">+}</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span> static int msc_a_ran_enc_ciphering(struct msc_a *msc_a, bool umts_aka, bool retrieve_imeisv)</span><br><span> {</span><br><span> struct gsm_network *net;</span><br><span>@@ -321,7 +329,7 @@</span><br><span> .geran = {</span><br><span> .umts_aka = umts_aka,</span><br><span> .retrieve_imeisv = retrieve_imeisv,</span><br><span style="color: hsl(0, 100%, 40%);">- .a5_encryption_mask = net->a5_encryption_mask,</span><br><span style="color: hsl(120, 100%, 40%);">+ .a5_encryption_mask = filter_a5(net->a5_encryption_mask, umts_aka),</span><br><span> </span><br><span> /* for ran_a.c to store the GERAN key that is actually used */</span><br><span> .chosen_key = &msc_a->geran_encr,</span><br><span>diff --git a/src/libmsc/ran_msg_a.c b/src/libmsc/ran_msg_a.c</span><br><span>index 61e5024..106c2df 100644</span><br><span>--- a/src/libmsc/ran_msg_a.c</span><br><span>+++ b/src/libmsc/ran_msg_a.c</span><br><span>@@ -25,6 +25,7 @@</span><br><span> #include <osmocom/core/byteswap.h></span><br><span> </span><br><span> #include <osmocom/crypt/auth.h></span><br><span style="color: hsl(120, 100%, 40%);">+#include <osmocom/crypt/kdf.h></span><br><span> </span><br><span> #include <osmocom/gsm/tlv.h></span><br><span> #include <osmocom/gsm/gsm0808.h></span><br><span>@@ -1019,6 +1020,9 @@</span><br><span> case 3:</span><br><span> *dst = GSM0808_ALG_ID_A5_3;</span><br><span> return 0;</span><br><span style="color: hsl(120, 100%, 40%);">+ case 4:</span><br><span style="color: hsl(120, 100%, 40%);">+ *dst = GSM0808_ALG_ID_A5_4;</span><br><span style="color: hsl(120, 100%, 40%);">+ return 0;</span><br><span> default:</span><br><span> return -ENOTSUP;</span><br><span> }</span><br><span>@@ -1078,21 +1082,39 @@</span><br><span> /* In case of UMTS AKA, the Kc for ciphering must be derived from the 3G auth</span><br><span> * tokens. vec->kc was calculated from the GSM algorithm and is not</span><br><span> * necessarily a match for the UMTS AKA tokens. */</span><br><span style="color: hsl(0, 100%, 40%);">- if (cm->geran.umts_aka)</span><br><span style="color: hsl(120, 100%, 40%);">+ if (cm->geran.umts_aka) {</span><br><span style="color: hsl(120, 100%, 40%);">+ int i;</span><br><span> osmo_auth_c3(ei->key, cm->vec->ck, cm->vec->ik);</span><br><span style="color: hsl(0, 100%, 40%);">- else</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ for (i = 0; i < ei->perm_algo_len; i++) {</span><br><span style="color: hsl(120, 100%, 40%);">+ if (ei->perm_algo[i] != GSM0808_ALG_ID_A5_4)</span><br><span style="color: hsl(120, 100%, 40%);">+ continue;</span><br><span style="color: hsl(120, 100%, 40%);">+ /* A5/4 is included, so need to generate Kc128 */</span><br><span style="color: hsl(120, 100%, 40%);">+ osmo_kdf_kc128(cm->vec->ck, cm->vec->ik, cmc.kc128);</span><br><span style="color: hsl(120, 100%, 40%);">+ cmc.kc128_present = true;</span><br><span style="color: hsl(120, 100%, 40%);">+ break;</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span style="color: hsl(120, 100%, 40%);">+ } else {</span><br><span> memcpy(ei->key, cm->vec->kc, sizeof(cm->vec->kc));</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span> ei->key_len = sizeof(cm->vec->kc);</span><br><span> </span><br><span> /* Store chosen GERAN key where the caller asked it to be stored.</span><br><span> * alg_id remains unknown until we receive a Cipher Mode Complete from the BSC */</span><br><span> if (cm->geran.chosen_key) {</span><br><span style="color: hsl(120, 100%, 40%);">+ *cm->geran.chosen_key = (struct geran_encr){0};</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span> if (ei->key_len > sizeof(cm->geran.chosen_key->key)) {</span><br><span> LOG_RAN_A_ENC(fi, LOGL_ERROR, "Chosen key is larger than I can store\n");</span><br><span> return NULL;</span><br><span> }</span><br><span> memcpy(cm->geran.chosen_key->key, ei->key, ei->key_len);</span><br><span> cm->geran.chosen_key->key_len = ei->key_len;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ if (cmc.kc128_present) {</span><br><span style="color: hsl(120, 100%, 40%);">+ memcpy(cm->geran.chosen_key->kc128, cmc.kc128, 16);</span><br><span style="color: hsl(120, 100%, 40%);">+ cm->geran.chosen_key->kc128_present = true;</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span> }</span><br><span> </span><br><span> LOG_RAN_A_ENC(fi, LOGL_DEBUG, "Tx BSSMAP CIPHER MODE COMMAND to BSC, %u ciphers (%s) key %s\n",</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.osmocom.org/c/osmo-msc/+/24764">change 24764</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.osmocom.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.osmocom.org/c/osmo-msc/+/24764"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: osmo-msc </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-Change-Id: I780a739b9bfbefd4f58be051794fe1a491823e67 </div>
<div style="display:none"> Gerrit-Change-Number: 24764 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: neels <nhofmeyr@sysmocom.de> </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>