[M] Change in osmo-hlr[master]: Introduce support for XOR-2G algorithm - gerrit-log

30 May 2023

laforge has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-hlr/+/33096 )
Change subject: Introduce support for XOR-2G algorithm
......................................................................
Introduce support for XOR-2G algorithm
So far we supported a "xor" algorithm in osmo-hlr, without specifying
whether it's the XOR-3G or the (different) XOR-2G algorithm.
Furthermore, it was buggy in the sense that it permitted the XOR[-3G]
for 2G authentication data in the database.
This patch
* renames existing "xor" to "xor-3g"
* disallows "xor-3g" usage with 2G authentication data
* introduces support for XOR-2G as "xor-2g" in the VTY
Change-Id: I039a1f84fda54a908a82fe621e7fd078cb85e4c6
---
M include/osmocom/hlr/hlr_vty.h
M src/db_hlr.c
M src/hlr_vty_subscr.c
M tests/auc/auc_test.c
M tests/db/db_test.c
M tests/db/db_test.err
6 files changed, 45 insertions(+), 18 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-hlr refs/changes/96/33096/1

diff --git a/include/osmocom/hlr/hlr_vty.h b/include/osmocom/hlr/hlr_vty.h
index 83691b8..771945d 100644
--- a/include/osmocom/hlr/hlr_vty.h
+++ b/include/osmocom/hlr/hlr_vty.h
@@ -40,6 +40,7 @@
#define A38_XOR_MIN_KEY_LEN	12
 #define A38_XOR_MAX_KEY_LEN	16
+#define A38_XOR2G_KEY_LEN	16
 #define A38_COMP128_KEY_LEN	16
 #define MILENAGE_KEY_LEN	16
diff --git a/src/db_hlr.c b/src/db_hlr.c
index 1dc4415..8dfbb15 100644
--- a/src/db_hlr.c
+++ b/src/db_hlr.c
@@ -238,8 +238,9 @@
    	case OSMO_AUTH_ALG_COMP128v1:
    	case OSMO_AUTH_ALG_COMP128v2:
    	case OSMO_AUTH_ALG_COMP128v3:
-		case OSMO_AUTH_ALG_XOR:
+		case OSMO_AUTH_ALG_XOR_2G:
    		break;
+		case OSMO_AUTH_ALG_XOR_3G:
    	case OSMO_AUTH_ALG_MILENAGE:
    		LOGP(DAUC, LOGL_ERROR, "Cannot update auth tokens:"
    		     " auth algo not suited for 2G: %s\n",
@@ -267,11 +268,12 @@
    	switch (aud->algo) {
    	case OSMO_AUTH_ALG_NONE:
    	case OSMO_AUTH_ALG_MILENAGE:
-		case OSMO_AUTH_ALG_XOR:
+		case OSMO_AUTH_ALG_XOR_3G:
    		break;
    	case OSMO_AUTH_ALG_COMP128v1:
    	case OSMO_AUTH_ALG_COMP128v2:
    	case OSMO_AUTH_ALG_COMP128v3:
+		case OSMO_AUTH_ALG_XOR_2G:
    		LOGP(DAUC, LOGL_ERROR, "Cannot update auth tokens:"
    		     " auth algo not suited for 3G: %s\n",
    		     osmo_auth_alg_name(aud->algo));
diff --git a/src/hlr_vty_subscr.c b/src/hlr_vty_subscr.c
index c851062..0c5df48 100644
--- a/src/hlr_vty_subscr.c
+++ b/src/hlr_vty_subscr.c
@@ -460,14 +460,15 @@
    return false;
 }
-#define AUTH_ALG_TYPES_2G "(comp128v1|comp128v2|comp128v3|xor)"
+#define AUTH_ALG_TYPES_2G "(comp128v1|comp128v2|comp128v3|xor-3g|xor-2g)"
 #define AUTH_ALG_TYPES_2G_HELP \
    "Use COMP128v1 algorithm\n" \
    "Use COMP128v2 algorithm\n" \
    "Use COMP128v3 algorithm\n" \
-	"Use XOR algorithm\n"
+	"Use XOR-3G algorithm\n" \
+	"Use XOR-2G algorithm\n"
-#define AUTH_ALG_TYPES_3G "milenage"
+#define AUTH_ALG_TYPES_3G "(milenage"
 #define AUTH_ALG_TYPES_3G_HELP \
    "Use Milenage algorithm\n"
@@ -486,10 +487,13 @@
    } else if (!strcasecmp(alg_str, "comp128v3")) {
    	*algo = OSMO_AUTH_ALG_COMP128v3;
    	*minlen = *maxlen = A38_COMP128_KEY_LEN;
-	} else if (!strcasecmp(alg_str, "xor")) {
-		*algo = OSMO_AUTH_ALG_XOR;
+	} else if (!strcasecmp(alg_str, "xor-3g")) {
+		*algo = OSMO_AUTH_ALG_XOR_3G;
    	*minlen = A38_XOR_MIN_KEY_LEN;
    	*maxlen = A38_XOR_MAX_KEY_LEN;
+	} else if (!strcasecmp(alg_str, "xor-2g")) {
+		*algo = OSMO_AUTH_ALG_XOR_2G;
+		*minlen = *maxlen = A38_XOR2G_KEY_LEN;
    } else if (!strcasecmp(alg_str, "milenage")) {
    	*algo = OSMO_AUTH_ALG_MILENAGE;
    	*minlen = *maxlen = MILENAGE_KEY_LEN;
diff --git a/tests/auc/auc_test.c b/tests/auc/auc_test.c
index 61cf82f..f39a5ad 100644
--- a/tests/auc/auc_test.c
+++ b/tests/auc/auc_test.c
@@ -477,7 +477,7 @@
aud3g = (struct osmo_sub_auth_data){
    	.type = OSMO_AUTH_TYPE_UMTS,
-		.algo = OSMO_AUTH_ALG_XOR,
+		.algo = OSMO_AUTH_ALG_XOR_3G,
    	.u.umts.sqn = 0,
    };
diff --git a/tests/db/db_test.c b/tests/db/db_test.c
index ab997bf..6727812 100644
--- a/tests/db/db_test.c
+++ b/tests/db/db_test.c
@@ -586,7 +586,7 @@
    ASSERT_SEL_AUD(imsi0, 0, id);
ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
-		mk_aud_2g(OSMO_AUTH_ALG_XOR, "CededEffacedAceFacedBadFadedBeef")),
+		mk_aud_2g(OSMO_AUTH_ALG_XOR_2G, "CededEffacedAceFacedBadFadedBeef")),
    	0);
    ASSERT_SEL_AUD(imsi0, 0, id);
@@ -604,7 +604,7 @@
    	-ENOENT);
ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
-		mk_aud_2g(OSMO_AUTH_ALG_XOR, "CededEffacedAceFacedBadFadedBeef")),
+		mk_aud_2g(OSMO_AUTH_ALG_XOR_2G, "CededEffacedAceFacedBadFadedBeef")),
    	0);
    ASSERT_SEL_AUD(imsi0, 0, id);
@@ -707,12 +707,12 @@
    ASSERT_SEL_AUD(imsi0, 0, id);
ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
-		mk_aud_2g(OSMO_AUTH_ALG_XOR, "f000000000000f00000000000f000000f00000000")),
+		mk_aud_2g(OSMO_AUTH_ALG_XOR_2G, "f000000000000f00000000000f000000f00000000")),
    	-EINVAL);
    ASSERT_SEL_AUD(imsi0, 0, id);
ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
-		mk_aud_2g(OSMO_AUTH_ALG_XOR, "f00")),
+		mk_aud_2g(OSMO_AUTH_ALG_XOR_2G, "f00")),
    	-EINVAL);
    ASSERT_SEL_AUD(imsi0, 0, id);
diff --git a/tests/db/db_test.err b/tests/db/db_test.err
index b4373cd..222d3a1 100644
--- a/tests/db/db_test.err
+++ b/tests/db/db_test.err
@@ -872,14 +872,14 @@
 }
 3G: none
-db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_XOR, "CededEffacedAceFacedBadFadedBeef")) --> 0
+db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_XOR_2G, "CededEffacedAceFacedBadFadedBeef")) --> 0
db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
 DAUC IMSI='123456789000000': No 3G Auth Data
2G: struct osmo_sub_auth_data {
   .type = GSM,
-  .algo = XOR-3G,
+  .algo = XOR-2G,
   .u.gsm.ki = 'cededeffacedacefacedbadfadedbeef',
 }
 3G: none
@@ -900,14 +900,14 @@
db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_NONE, NULL)) --> -ENOENT
-db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_XOR, "CededEffacedAceFacedBadFadedBeef")) --> 0
+db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_XOR_2G, "CededEffacedAceFacedBadFadedBeef")) --> 0
db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
 DAUC IMSI='123456789000000': No 3G Auth Data
2G: struct osmo_sub_auth_data {
   .type = GSM,
-  .algo = XOR-3G,
+  .algo = XOR-2G,
   .u.gsm.ki = 'cededeffacedacefacedbadfadedbeef',
 }
 3G: none
@@ -1112,7 +1112,7 @@
   .u.umts.ind_bitlen = 5,
 }
-db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_XOR, "f000000000000f00000000000f000000f00000000")) --> -EINVAL
+db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_XOR_2G, "f000000000000f00000000000f000000f00000000")) --> -EINVAL
 DAUC Cannot update auth tokens: Invalid KI: 'f000000000000f00000000000f000000f00000000'
db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
@@ -1132,7 +1132,7 @@
   .u.umts.ind_bitlen = 5,
 }
-db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_XOR, "f00")) --> -EINVAL
+db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_XOR_2G, "f00")) --> -EINVAL
 DAUC Cannot update auth tokens: Invalid KI: 'f00'
db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
-- 
To view, visit https://gerrit.osmocom.org/c/osmo-hlr/+/33096
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings

Gerrit-Project: osmo-hlr
Gerrit-Branch: master
Gerrit-Change-Id: I039a1f84fda54a908a82fe621e7fd078cb85e4c6
Gerrit-Change-Number: 33096
Gerrit-PatchSet: 1
Gerrit-Owner: laforge laforge@osmocom.org
Gerrit-MessageType: newchange



    