Signed-off-by: Max max.suraev@fairwaves.co --- openbsc/src/libmsc/auth.c | 69 +++++++++++++++++++---------------------------- 1 file changed, 28 insertions(+), 41 deletions(-)
diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c index 10d8edf..d04b2fc 100644 --- a/openbsc/src/libmsc/auth.c +++ b/openbsc/src/libmsc/auth.c @@ -24,47 +24,11 @@ #include <openbsc/debug.h> #include <openbsc/auth.h> #include <openbsc/gsm_data.h> - -#include <osmocom/gsm/comp128.h> +#include <osmocom/crypt/auth.h>
#include <stdlib.h>
-static int -_use_xor(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple) -{ - int i, l = ainfo->a3a8_ki_len; - - if ((l > A38_XOR_MAX_KEY_LEN) || (l < A38_XOR_MIN_KEY_LEN)) { - LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n", - ainfo->a3a8_ki_len, - osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len)); - return -1; - } - - for (i=0; i<4; i++) - atuple->sres[i] = atuple->rand[i] ^ ainfo->a3a8_ki[i]; - for (i=4; i<12; i++) - atuple->kc[i-4] = atuple->rand[i] ^ ainfo->a3a8_ki[i]; - - return 0; -} - -static int -_use_comp128_v1(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple) -{ - if (ainfo->a3a8_ki_len != A38_COMP128_KEY_LEN) { - LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n", - ainfo->a3a8_ki_len, - osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len)); - return -1; - } - - comp128(ainfo->a3a8_ki, atuple->rand, atuple->sres, atuple->kc); - - return 0; -} - /* Return values * -1 -> Internal error * 0 -> Not available @@ -76,6 +40,11 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, { struct gsm_auth_info ainfo; int i, rc; + static struct osmo_sub_auth_data auth = { + .type = OSMO_AUTH_TYPE_GSM + }; + struct osmo_auth_vector _vec; + struct osmo_auth_vector *vec = &_vec;
/* Get subscriber info (if any) */ rc = db_get_authinfo_for_subscr(&ainfo, subscr); @@ -109,13 +78,23 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, return 0;
case AUTH_ALGO_XOR: - if (_use_xor(&ainfo, atuple)) - return 0; + auth.algo = OSMO_AUTH_ALG_XOR; + if ((ainfo.a3a8_ki_len > A38_XOR_MAX_KEY_LEN) || (ainfo.a3a8_ki_len < A38_XOR_MIN_KEY_LEN)) { + LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n", + ainfo.a3a8_ki_len, + osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len)); + return -1; + } break;
case AUTH_ALGO_COMP128v1: - if (_use_comp128_v1(&ainfo, atuple)) - return 0; + auth.algo = OSMO_AUTH_ALG_COMP128v1; + if (ainfo.a3a8_ki_len != A38_COMP128_KEY_LEN) { + LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n", + ainfo.a3a8_ki_len, + osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len)); + return -1; + } break;
default: @@ -124,6 +103,14 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, return 0; }
+ memcpy(auth.u.gsm.ki, ainfo.a3a8_ki, sizeof(auth.u.gsm.ki)); + + if (osmo_auth_gen_vec(vec, &auth, atuple->rand) < 0) + return -1; + + memcpy(atuple->sres, vec->sres, 4); + memcpy(atuple->kc, vec->kc, 8); + db_sync_lastauthtuple_for_subscr(atuple, subscr);
DEBUGP(DMM, "Need to do authentication and ciphering\n");
Just realized that this long time ago published patch s not visible at patchwork. I'd appreciate help with testing it against sim cards using xor - don't have any at hands.
17.10.2014 12:19, Max пишет:
Signed-off-by: Max max.suraev@fairwaves.co
openbsc/src/libmsc/auth.c | 69 +++++++++++++++++++---------------------------- 1 file changed, 28 insertions(+), 41 deletions(-)
diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c index 10d8edf..d04b2fc 100644 --- a/openbsc/src/libmsc/auth.c +++ b/openbsc/src/libmsc/auth.c @@ -24,47 +24,11 @@ #include <openbsc/debug.h> #include <openbsc/auth.h> #include <openbsc/gsm_data.h>
-#include <osmocom/gsm/comp128.h> +#include <osmocom/crypt/auth.h>
#include <stdlib.h>
-static int -_use_xor(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple) -{
- int i, l = ainfo->a3a8_ki_len;
- if ((l > A38_XOR_MAX_KEY_LEN) || (l < A38_XOR_MIN_KEY_LEN)) {
LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n",
ainfo->a3a8_ki_len,
osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len));
return -1;
- }
- for (i=0; i<4; i++)
atuple->sres[i] = atuple->rand[i] ^ ainfo->a3a8_ki[i];
- for (i=4; i<12; i++)
atuple->kc[i-4] = atuple->rand[i] ^ ainfo->a3a8_ki[i];
- return 0;
-}
-static int -_use_comp128_v1(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple) -{
- if (ainfo->a3a8_ki_len != A38_COMP128_KEY_LEN) {
LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n",
ainfo->a3a8_ki_len,
osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len));
return -1;
- }
- comp128(ainfo->a3a8_ki, atuple->rand, atuple->sres, atuple->kc);
- return 0;
-}
/* Return values
- -1 -> Internal error
- 0 -> Not available
@@ -76,6 +40,11 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, { struct gsm_auth_info ainfo; int i, rc;
static struct osmo_sub_auth_data auth = {
.type = OSMO_AUTH_TYPE_GSM
};
struct osmo_auth_vector _vec;
struct osmo_auth_vector *vec = &_vec;
/* Get subscriber info (if any) */ rc = db_get_authinfo_for_subscr(&ainfo, subscr);
@@ -109,13 +78,23 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, return 0;
case AUTH_ALGO_XOR:
if (_use_xor(&ainfo, atuple))
return 0;
auth.algo = OSMO_AUTH_ALG_XOR;
if ((ainfo.a3a8_ki_len > A38_XOR_MAX_KEY_LEN) || (ainfo.a3a8_ki_len < A38_XOR_MIN_KEY_LEN)) {
LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n",
ainfo.a3a8_ki_len,
osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len));
return -1;
}
break;
case AUTH_ALGO_COMP128v1:
if (_use_comp128_v1(&ainfo, atuple))
return 0;
auth.algo = OSMO_AUTH_ALG_COMP128v1;
if (ainfo.a3a8_ki_len != A38_COMP128_KEY_LEN) {
LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n",
ainfo.a3a8_ki_len,
osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len));
return -1;
}
break;
default:
@@ -124,6 +103,14 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, return 0; }
memcpy(auth.u.gsm.ki, ainfo.a3a8_ki, sizeof(auth.u.gsm.ki));
if (osmo_auth_gen_vec(vec, &auth, atuple->rand) < 0)
return -1;
memcpy(atuple->sres, vec->sres, 4);
memcpy(atuple->kc, vec->kc, 8);
db_sync_lastauthtuple_for_subscr(atuple, subscr);
DEBUGP(DMM, "Need to do authentication and ciphering\n");
On 17 Oct 2014, at 12:31, ☎ Max.Suraev@fairwaves.co wrote:
Dear Max,
Just realized that this long time ago published patch s not visible at patchwork. I'd appreciate help with testing it against sim cards using xor - don't have any at hands.
okay this is still needed to be applied. Could you please re-base and re-send the patch? sorry for the delay.
holger
Pardon for delay - got deadline at my back :)
I've just tried the patch from http://patchwork.ozlabs.org/patch/400499/ and it applies cleanly to the latest git, all the tests pass.
Why do we need to rebase it? What kind of warnings/test failures have you hit with this patch?
17.05.2015 19:12, Holger Freyther пишет:
On 17 Oct 2014, at 12:31, ☎ Max.Suraev@fairwaves.co wrote:
Dear Max,
Just realized that this long time ago published patch s not visible at patchwork. I'd appreciate help with testing it against sim cards using xor - don't have any at hands.
okay this is still needed to be applied. Could you please re-base and re-send the patch? sorry for the delay.
holger