17 Oct
2014
17 Oct
'14
12:19 p.m.
Signed-off-by: Max <max.suraev(a)fairwaves.co>
---
openbsc/src/libmsc/auth.c | 69 +++++++++++++++++++----------------------------
1 file changed, 28 insertions(+), 41 deletions(-)
diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c
index 10d8edf..d04b2fc 100644
--- a/openbsc/src/libmsc/auth.c
+++ b/openbsc/src/libmsc/auth.c
@@ -24,47 +24,11 @@
#include <openbsc/debug.h>
#include <openbsc/auth.h>
#include <openbsc/gsm_data.h>
-
-#include <osmocom/gsm/comp128.h>
+#include <osmocom/crypt/auth.h>
#include <stdlib.h>
-static int
-_use_xor(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple)
-{
- int i, l = ainfo->a3a8_ki_len;
-
- if ((l > A38_XOR_MAX_KEY_LEN) || (l < A38_XOR_MIN_KEY_LEN)) {
- LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n",
- ainfo->a3a8_ki_len,
- osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len));
- return -1;
- }
-
- for (i=0; i<4; i++)
- atuple->sres[i] = atuple->rand[i] ^ ainfo->a3a8_ki[i];
- for (i=4; i<12; i++)
- atuple->kc[i-4] = atuple->rand[i] ^ ainfo->a3a8_ki[i];
-
- return 0;
-}
-
-static int
-_use_comp128_v1(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple)
-{
- if (ainfo->a3a8_ki_len != A38_COMP128_KEY_LEN) {
- LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n",
- ainfo->a3a8_ki_len,
- osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len));
- return -1;
- }
-
- comp128(ainfo->a3a8_ki, atuple->rand, atuple->sres, atuple->kc);
-
- return 0;
-}
-
/* Return values
* -1 -> Internal error
* 0 -> Not available
@@ -76,6 +40,11 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
{
struct gsm_auth_info ainfo;
int i, rc;
+ static struct osmo_sub_auth_data auth = {
+ .type = OSMO_AUTH_TYPE_GSM
+ };
+ struct osmo_auth_vector _vec;
+ struct osmo_auth_vector *vec = &_vec;
/* Get subscriber info (if any) */
rc = db_get_authinfo_for_subscr(&ainfo, subscr);
@@ -109,13 +78,23 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
return 0;
case AUTH_ALGO_XOR:
- if (_use_xor(&ainfo, atuple))
- return 0;
+ auth.algo = OSMO_AUTH_ALG_XOR;
+ if ((ainfo.a3a8_ki_len > A38_XOR_MAX_KEY_LEN) || (ainfo.a3a8_ki_len <
A38_XOR_MIN_KEY_LEN)) {
+ LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n",
+ ainfo.a3a8_ki_len,
+ osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len));
+ return -1;
+ }
break;
case AUTH_ALGO_COMP128v1:
- if (_use_comp128_v1(&ainfo, atuple))
- return 0;
+ auth.algo = OSMO_AUTH_ALG_COMP128v1;
+ if (ainfo.a3a8_ki_len != A38_COMP128_KEY_LEN) {
+ LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n",
+ ainfo.a3a8_ki_len,
+ osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len));
+ return -1;
+ }
break;
default:
@@ -124,6 +103,14 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
return 0;
}
+ memcpy(auth.u.gsm.ki, ainfo.a3a8_ki, sizeof(auth.u.gsm.ki));
+
+ if (osmo_auth_gen_vec(vec, &auth, atuple->rand) < 0)
+ return -1;
+
+ memcpy(atuple->sres, vec->sres, 4);
+ memcpy(atuple->kc, vec->kc, 8);
+
db_sync_lastauthtuple_for_subscr(atuple, subscr);
DEBUGP(DMM, "Need to do authentication and ciphering\n");
--
1.9.1
17 Oct
17 Oct
12:31 p.m.
Just realized that this long time ago published patch s not visible at patchwork.
I'd appreciate help with testing it against sim cards using xor - don't have any
at
hands.
17.10.2014 12:19, Max пишет:
Signed-off-by: Max <max.suraev(a)fairwaves.co>
---
openbsc/src/libmsc/auth.c | 69 +++++++++++++++++++----------------------------
1 file changed, 28 insertions(+), 41 deletions(-)
diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c
index 10d8edf..d04b2fc 100644
--- a/openbsc/src/libmsc/auth.c
+++ b/openbsc/src/libmsc/auth.c
@@ -24,47 +24,11 @@
#include <openbsc/debug.h>
#include <openbsc/auth.h>
#include <openbsc/gsm_data.h>
-
-#include <osmocom/gsm/comp128.h>
+#include <osmocom/crypt/auth.h>
#include <stdlib.h>
-static int
-_use_xor(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple)
-{
- int i, l = ainfo->a3a8_ki_len;
-
- if ((l > A38_XOR_MAX_KEY_LEN) || (l < A38_XOR_MIN_KEY_LEN)) {
- LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n",
- ainfo->a3a8_ki_len,
- osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len));
- return -1;
- }
-
- for (i=0; i<4; i++)
- atuple->sres[i] = atuple->rand[i] ^ ainfo->a3a8_ki[i];
- for (i=4; i<12; i++)
- atuple->kc[i-4] = atuple->rand[i] ^ ainfo->a3a8_ki[i];
-
- return 0;
-}
-
-static int
-_use_comp128_v1(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple)
-{
- if (ainfo->a3a8_ki_len != A38_COMP128_KEY_LEN) {
- LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n",
- ainfo->a3a8_ki_len,
- osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len));
- return -1;
- }
-
- comp128(ainfo->a3a8_ki, atuple->rand, atuple->sres, atuple->kc);
-
- return 0;
-}
-
/* Return values
* -1 -> Internal error
* 0 -> Not available
@@ -76,6 +40,11 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
{
struct gsm_auth_info ainfo;
int i, rc;
+ static struct osmo_sub_auth_data auth = {
+ .type = OSMO_AUTH_TYPE_GSM
+ };
+ struct osmo_auth_vector _vec;
+ struct osmo_auth_vector *vec = &_vec;
/* Get subscriber info (if any) */
rc = db_get_authinfo_for_subscr(&ainfo, subscr);
@@ -109,13 +78,23 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
return 0;
case AUTH_ALGO_XOR:
- if (_use_xor(&ainfo, atuple))
- return 0;
+ auth.algo = OSMO_AUTH_ALG_XOR;
+ if ((ainfo.a3a8_ki_len > A38_XOR_MAX_KEY_LEN) || (ainfo.a3a8_ki_len <
A38_XOR_MIN_KEY_LEN)) {
+ LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n",
+ ainfo.a3a8_ki_len,
+ osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len));
+ return -1;
+ }
break;
case AUTH_ALGO_COMP128v1:
- if (_use_comp128_v1(&ainfo, atuple))
- return 0;
+ auth.algo = OSMO_AUTH_ALG_COMP128v1;
+ if (ainfo.a3a8_ki_len != A38_COMP128_KEY_LEN) {
+ LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n",
+ ainfo.a3a8_ki_len,
+ osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len));
+ return -1;
+ }
break;
default:
@@ -124,6 +103,14 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
return 0;
}
+ memcpy(auth.u.gsm.ki, ainfo.a3a8_ki, sizeof(auth.u.gsm.ki));
+
+ if (osmo_auth_gen_vec(vec, &auth, atuple->rand) < 0)
+ return -1;
+
+ memcpy(atuple->sres, vec->sres, 4);
+ memcpy(atuple->kc, vec->kc, 8);
+
db_sync_lastauthtuple_for_subscr(atuple, subscr);
DEBUGP(DMM, "Need to do authentication and ciphering\n");
--
best regards,
Max, http://fairwaves.co
17 May
17 May
7:12 p.m.
On 17 Oct 2014, at 12:31, ☎
<Max.Suraev(a)fairwaves.co> wrote:
Dear Max,
Just realized that this long time ago published patch
s not visible at patchwork.
I'd appreciate help with testing it against sim cards using xor - don't have any
at
hands.
okay this is still needed to be applied. Could you please re-base and re-send
the patch? sorry for the delay.
holger
1 Jun
1 Jun
3:31 p.m.
Pardon for delay - got deadline at my back :)
I've just tried the patch from http://patchwork.ozlabs.org/patch/400499/ and it
applies cleanly to the latest git, all the tests pass.
Why do we need to rebase it? What kind of warnings/test failures have you hit with
this patch?
17.05.2015 19:12, Holger Freyther пишет:
--
best regards,
Max, http://fairwaves.co
On 17 Oct 2014, at 12:31, ☎
<Max.Suraev(a)fairwaves.co> wrote:
Dear Max,
Just realized that this long time ago published
patch s not visible at patchwork.
I'd appreciate help with testing it against sim cards using xor - don't have any
at
hands.
okay this is still needed to be applied. Could you please re-base and re-send
the patch? sorry for the delay.
holger
3787
days inactive
4014
days old
3 comments
3 participants
participants (3)
-
Holger Freyther -
Max -
☎