This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Neels Hofmeyr gerrit-no-reply at lists.osmocom.orgHello Harald Welte, Jenkins Builder, I'd like you to reexamine a change. Please visit https://gerrit.osmocom.org/2048 to look at the new patch set (#2). osmo_auth_gen_vec: UMTS auth: store last used SQN, not next Prepare for the implementation of splitting SQN increments in SEQ and an IND part; particularly to clearly show where the changes in auth/milenage_test's expectations originate. Rationale: the source of UMTS auth vectors, for us usually OsmoHLR, typically stores the last used SQN, not the next one to be used. Particularly with the upcoming fix of the SQN scheme, this change is important: the next SQN will depend on which entity asks for it, because each auth consumer may have a particular slot in the IND part of SQN. It does not make sense to store the next SQN, because we will not know which consumer that will be for. The milenage_test has always calculated a tuple for SQN == 34. To account for the increment now happening before calculating a tuple, lower the test_aud->sqn by one to 0x21 == 33, so that it is still calculating for SQN == 34. Because we are no longer incrementing SQN after the tuple is generated, milenage_test's expected output after doing an AUTS resync to 31 changes to the next SQN = 32, the SQN used for the generated tuple. (BTW, a subsequent patch will illustrate AUTS in detail.) osmo-auc-gen now needs to pass the user requested SQN less one, because the SQN will be incremented befor generating the auth vector. Also the SQN remains the same after generating, so SQN output needs less decrementing. Note that the expected output for osmo-auc-gen_test remains unchanged, hence the same input arguments (particularly -s <sqn> and -A <auts>) still produce the same results. Note: osmo-hlr regression tests will require adjustments when this patch is merged, because it must now pass desired_sqn - 1 instead of just desired_sqn. See osmo-hlr change-id I4ec5a578537acb1d9e1ebfe00a72417fc3ca5894 . Related: OS#1968 Change-Id: Iadf43f21e0605e9e85f7e8026c40985f7ceff1a3 --- M src/gsm/auth_milenage.c M tests/auth/milenage_test.c M tests/auth/milenage_test.ok M utils/osmo-auc-gen.c 4 files changed, 18 insertions(+), 10 deletions(-) git pull ssh://gerrit.osmocom.org:29418/libosmocore refs/changes/48/2048/2 diff --git a/src/gsm/auth_milenage.c b/src/gsm/auth_milenage.c index 1635ac6..e180762 100644 --- a/src/gsm/auth_milenage.c +++ b/src/gsm/auth_milenage.c @@ -30,10 +30,14 @@ const uint8_t *_rand) { size_t res_len = sizeof(vec->res); + uint64_t next_sqn; uint8_t sqn[6]; int rc; - osmo_store64be_ext(aud->u.umts.sqn, sqn, 6); + /* keep the incremented SQN local until gsm_milenage() succeeded. */ + next_sqn = aud->u.umts.sqn + 1; + + osmo_store64be_ext(next_sqn, sqn, 6); milenage_generate(aud->u.umts.opc, aud->u.umts.amf, aud->u.umts.k, sqn, _rand, vec->autn, vec->ik, vec->ck, vec->res, &res_len); @@ -43,7 +47,9 @@ return rc; vec->auth_types = OSMO_AUTH_TYPE_UMTS | OSMO_AUTH_TYPE_GSM; - aud->u.umts.sqn++; + + /* for storage in the caller's AUC database */ + aud->u.umts.sqn = next_sqn; return 0; } @@ -72,7 +78,7 @@ if (rc < 0) return rc; - aud->u.umts.sqn = 1 + (osmo_load64be_ext(sqn_out, 6) >> 16); + aud->u.umts.sqn = osmo_load64be_ext(sqn_out, 6) >> 16; return milenage_gen_vec(vec, aud, _rand); } diff --git a/tests/auth/milenage_test.c b/tests/auth/milenage_test.c index 187b9ad..405da65 100644 --- a/tests/auth/milenage_test.c +++ b/tests/auth/milenage_test.c @@ -36,7 +36,7 @@ .k = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, .amf = { 0x00, 0x00 }, - .sqn = 0x22, + .sqn = 0x21, }, }; diff --git a/tests/auth/milenage_test.ok b/tests/auth/milenage_test.ok index 20c47c6..b0eb44b 100644 --- a/tests/auth/milenage_test.ok +++ b/tests/auth/milenage_test.ok @@ -5,7 +5,7 @@ RES: e9 fc 88 cc c8 a3 53 81 SRES: 21 5f db 4d Kc: 6d e8 16 a7 59 a4 29 12 -AUTS success: tuple generated with SQN = 33 +AUTS success: tuple generated with SQN = 32 MILENAGE supported: 1 OP: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 OPC: c6 a1 3b 37 87 8f 5b 82 6f 4f 81 62 a1 c8 d8 79 diff --git a/utils/osmo-auc-gen.c b/utils/osmo-auc-gen.c index 6fa7cec..4e2456a 100644 --- a/utils/osmo-auc-gen.c +++ b/utils/osmo-auc-gen.c @@ -198,6 +198,10 @@ } ul = strtoul(optarg, 0, 10); test_aud.u.umts.sqn = ul; + /* Before calculating the UMTS auth vector, + * osmo_auth_gen_vec() increments the SQN. SQN-1 here + * to end up with the SQN the user requested. */ + test_aud.u.umts.sqn--; break; case 'r': rc = osmo_hexparse(optarg, _rand, sizeof(_rand)); @@ -260,16 +264,14 @@ else { dump_auth_vec(vec); if (test_aud.type == OSMO_AUTH_TYPE_UMTS) - /* After generating, SQN is incremented, so -1 */ - printf("SQN:\t%" PRIu64 "\n", test_aud.u.umts.sqn - 1); + printf("SQN:\t%" PRIu64 "\n", test_aud.u.umts.sqn); } /* After recovering SQN.MS from AUTS, milenage_gen_vec_auts() does - * aud->u.umts.sqn++, and after vector generation milenage_gen_vec() - * does another ++, so to show SQN.MS we need to -2 */ + * aud->u.umts.sqn++, so to show SQN.MS we need to -1 */ if (auts_is_set) printf("AUTS success: SQN.MS = %" PRIu64 "\n", - test_aud.u.umts.sqn - 2); + test_aud.u.umts.sqn - 1); exit(0); } -- To view, visit https://gerrit.osmocom.org/2048 To unsubscribe, visit https://gerrit.osmocom.org/settings Gerrit-MessageType: newpatchset Gerrit-Change-Id: Iadf43f21e0605e9e85f7e8026c40985f7ceff1a3 Gerrit-PatchSet: 2 Gerrit-Project: libosmocore Gerrit-Branch: master Gerrit-Owner: Neels Hofmeyr <nhofmeyr at sysmocom.de> Gerrit-Reviewer: Harald Welte <laforge at gnumonks.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: Neels Hofmeyr <nhofmeyr at sysmocom.de>