9 Dec
2024
9 Dec
'24
1:22 p.m.
lynxis lazus has submitted this change. (
https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/38396?usp=email )
Change subject: SGSN: BSSGP_ConnHdlr: GMM Service Request: add support to expect
authentication
......................................................................
SGSN: BSSGP_ConnHdlr: GMM Service Request: add support to expect authentication
On a Service Request, the authentication is optional.
Either an authentication must happen or the key material from the previous authentication
has to be used.
The default behavior is still the same.
Change-Id: I9ed08160bf5413e3a30d6e90eb947d4d799e1058
---
M sgsn/BSSGP_ConnHdlr.ttcn
1 file changed, 93 insertions(+), 1 deletion(-)
Approvals:
pespin: Looks good to me, but someone else must approve
fixeria: Looks good to me, approved
laforge: Looks good to me, but someone else must approve
Jenkins Builder: Verified
diff --git a/sgsn/BSSGP_ConnHdlr.ttcn b/sgsn/BSSGP_ConnHdlr.ttcn
index 82788f5..c5501aa 100644
--- a/sgsn/BSSGP_ConnHdlr.ttcn
+++ b/sgsn/BSSGP_ConnHdlr.ttcn
@@ -303,9 +303,88 @@
}
}
+/* expect a GSUP Send Auth Information */
+altstep as_gsup_sai(boolean umts_aka_challenge := false) runs on BSSGP_ConnHdlr
+{
+ [g_pars.net.expect_auth] GSUP.receive(tr_GSUP_SAI_REQ(g_pars.imsi)) {
+ var GSUP_IE auth_tuple;
+
+ if (umts_aka_challenge) {
+ g_pars.vec := f_gen_auth_vec_3g();
+ auth_tuple := valueof(ts_GSUP_IE_AuthTuple2G3G(g_pars.vec.rand,
+ g_pars.vec.sres,
+ g_pars.vec.kc,
+ g_pars.vec.ik,
+ g_pars.vec.ck,
+ g_pars.vec.autn,
+ g_pars.vec.res));
+ } else {
+ g_pars.vec := f_gen_auth_vec_2g();
+ auth_tuple := valueof(ts_GSUP_IE_AuthTuple2G(g_pars.vec.rand,
+ g_pars.vec.sres,
+ g_pars.vec.kc));
+ }
+
+ GSUP.send(ts_GSUP_SAI_RES(g_pars.imsi, auth_tuple));
+ }
+}
+
+/* Only used by as_gmm_auth to support same code path for Gb and Iu */
+private function f_gmm_auth_as(PDU_L3_SGSN_MS l3_mt, boolean umts_aka_challenge := true,
boolean force_gsm_sres := false, integer ran_index := 0) runs on BSSGP_ConnHdlr {
+ var PDU_L3_MS_SGSN l3_mo;
+ var BIT4 ac_ref :=
l3_mt.msgs.gprs_mm.authenticationAndCipheringRequest.acReferenceNumber.valueField;
+ var template (value) PDU_L3_MS_SGSN auth_ciph_resp := ts_GMM_AUTH_RESP_2G(ac_ref,
g_pars.vec.sres);
+
+ if (umts_aka_challenge and not force_gsm_sres) {
+ /* set UMTS response instead */
+ auth_ciph_resp.msgs.gprs_mm.authenticationAndCipheringResponse.authenticationParResp :=
{
+ valueField := substr(g_pars.vec.res, 0, 4)
+ };
+ auth_ciph_resp.msgs.gprs_mm.authenticationAndCipheringResponse.authenticationRespParExt
:= {
+ elementIdentifier := '21'O,
+ lengthIndicator := lengthof(g_pars.vec.res) - 4,
+ valueField := substr(g_pars.vec.res, 4, lengthof(g_pars.vec.res) - 4)
+ };
+ }
+
+ l3_mo := valueof(auth_ciph_resp);
+ if (ispresent(l3_mt.msgs.gprs_mm.authenticationAndCipheringRequest.imeisvRequest) and
+ l3_mt.msgs.gprs_mm.authenticationAndCipheringRequest.imeisvRequest.valueField ==
'001'B) {
+ l3_mo.msgs.gprs_mm.authenticationAndCipheringResponse.imeisv :=
+ valueof(ts_MI_IMEISV_TLV(g_pars.imei & '0'H));
+ }
+ f_send_l3(l3_mo, ran_index);
+}
+
+/* Handles GMM Auth and supplies auth tuples via GSUP if expect_sai is true. */
+altstep as_gmm_auth(boolean umts_aka_challenge := false, boolean force_gsm_sres := false,
integer ran_index := 0,
+ boolean expect_sai := false) runs on BSSGP_ConnHdlr {
+ var PDU_DTAP_PS_MT mt;
+ var PDU_L3_SGSN_MS l3_mt;
+
+ /* Ignoring autn for now */
+ [is_gb(ran_index)] BSSGP[ran_index].receive(tr_GMM_AUTH_REQ(g_pars.vec.rand)) ->
value l3_mt {
+ f_gmm_auth_as(l3_mt, umts_aka_challenge, force_gsm_sres, ran_index);
+ }
+ [is_iu(ran_index)] BSSAP.receive(tr_PDU_DTAP_PS_MT(tr_GMM_AUTH_REQ(g_pars.vec.rand)))
-> value mt {
+ l3_mt := mt.dtap;
+ f_gmm_auth_as(l3_mt, umts_aka_challenge, force_gsm_sres, ran_index);
+ }
+ [expect_sai] as_gsup_sai(umts_aka_challenge := umts_aka_challenge) { repeat; };
+}
+
/* perform GMM authentication (if expected).
* Note, for umts_aka_challenge to work, the revisionLevelIndicatior needs to
- * be 1 to mark R99 capability, in the GMM Attach Request, see f_gmm_attach(). */
+ * be 1 to mark R99 capability, in the GMM Attach Request, see f_gmm_attach().
+ *
+ * Requires the order to be:
+ * SAI Req
+ * SAI Resp
+ * Auth Req
+ * Auth Resp
+ * CommonId
+ * (out of order: GMM ID Req)
+ */
function f_gmm_auth (boolean umts_aka_challenge := false, boolean force_gsm_sres :=
false, integer ran_index := 0) runs on BSSGP_ConnHdlr {
var PDU_L3_MS_SGSN l3_mo;
var PDU_L3_SGSN_MS l3_mt;
@@ -667,6 +746,7 @@
ServiceType service_type := SERVICE_TYPE_Signalling,
template (value) OCT2 pdp_status := '0000'O,
boolean exp_ggsn_pdp_del := false,
+ boolean expect_auth := false,
integer ran_index := 0,
float Tval := 5.0) runs on BSSGP_ConnHdlr {
timer T := Tval;
@@ -694,8 +774,20 @@
}
}
+ if (expect_auth) {
+ f_gmm_auth(umts_aka_challenge := true, ran_index := ran_index);
+ }
+
alt {
[] as_service_request(exp_service_acc := true, ran_index := ran_index) {
setverdict(pass); }
+ [not expect_auth] BSSAP.receive(tr_PDU_DTAP_PS_MT(tr_GMM_AUTH_REQ)) {
+ Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail,
+ "Service Request: Unexpected GMM Auth Req");
+ }
+ [not expect_auth] GSUP.receive(tr_GSUP_SAI_REQ(*)) {
+ Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail,
+ "Service Request: Unexpected GSUP SAI Req");
+ }
[] BSSAP.receive { repeat; }
[] T.timeout {
Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail,
--
To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/38396?usp=email
To unsubscribe, or for help writing mail filters, visit
https://gerrit.osmocom.org/settings?usp=email
Gerrit-MessageType: merged
Gerrit-Project: osmo-ttcn3-hacks
Gerrit-Branch: master
Gerrit-Change-Id: I9ed08160bf5413e3a30d6e90eb947d4d799e1058
Gerrit-Change-Number: 38396
Gerrit-PatchSet: 8
Gerrit-Owner: lynxis lazus <lynxis(a)fe80.eu>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: fixeria <vyanitskiy(a)sysmocom.de>
Gerrit-Reviewer: laforge <laforge(a)osmocom.org>
Gerrit-Reviewer: lynxis lazus <lynxis(a)fe80.eu>
Gerrit-Reviewer: pespin <pespin(a)sysmocom.de>