This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Vadim Yanitskiy gerrit-no-reply at lists.osmocom.orgReview at https://gerrit.osmocom.org/7310 libosmogsm: add support for XOR authentication Change-Id: I1afaf0a9e2dce43aec87964bacefb21ed4d3d565 --- M src/gsm/Makefile.am A src/gsm/auth_xor.c 2 files changed, 151 insertions(+), 1 deletion(-) git pull ssh://gerrit.osmocom.org:29418/libosmocore refs/changes/10/7310/1 diff --git a/src/gsm/Makefile.am b/src/gsm/Makefile.am index 0439ce6..478336b 100644 --- a/src/gsm/Makefile.am +++ b/src/gsm/Makefile.am @@ -25,7 +25,7 @@ gprs_cipher_core.c gprs_rlc.c gsm0480.c abis_nm.c gsm0502.c \ gsm0411_utils.c gsm0411_smc.c gsm0411_smr.c gsm0414.c \ lapd_core.c lapdm.c kasumi.c gsm_04_08_gprs.c \ - auth_core.c auth_comp128v1.c auth_comp128v23.c \ + auth_core.c auth_comp128v1.c auth_comp128v23.c auth_xor.c \ auth_milenage.c milenage/aes-encblock.c gea.c \ milenage/aes-internal.c milenage/aes-internal-enc.c \ milenage/milenage.c gan.c ipa.c gsm0341.c apn.c \ diff --git a/src/gsm/auth_xor.c b/src/gsm/auth_xor.c new file mode 100644 index 0000000..b037a32 --- /dev/null +++ b/src/gsm/auth_xor.c @@ -0,0 +1,150 @@ +/*! \file auth_xor.c + * GSM/GPRS/3G authentication core infrastructure */ +/* + * (C) 2017 by sysmocom s.f.m.c. GmbH + * All Rights Reserved + * + * Author: Daniel Willmann <dwillmann at sysmocom.de> + * + * All Rights Reserved + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + */ + +#include <osmocom/crypt/auth.h> +#include <string.h> +#include <errno.h> + +/*! \addtogroup auth + * @{ + */ + +static void xor(uint8_t *out, const uint8_t *a, const uint8_t *b, size_t len) +{ + size_t i; + + for (i = 0; i < len; i++) + out[i] = a[i] ^ b[i]; +} + +/* 3GPP TS 34.108 8.1.2.1 XOR auth procedure */ +static int xor_gen_vec(struct osmo_auth_vector *vec, + struct osmo_sub_auth_data *aud, const uint8_t *_rand) +{ + uint8_t xdout[16], ak[6], cdout[8], xmac[8]; + /* res[16], ck[16], ik[16],*/ + int i; + + /* Step 1: xdout = ki XOR rand */ + if (aud->type == OSMO_AUTH_TYPE_GSM) + xor(xdout, aud->u.gsm.ki, _rand, sizeof(xdout)); + else if (aud->type == OSMO_AUTH_TYPE_UMTS) + xor(xdout, aud->u.umts.k, _rand, sizeof(xdout)); + else + return -ENOTSUP; + + /** + * Step 2: res = xdout + * + * Suggested length for res is 128 bits, i.e. 16 bytes, + * but also can be in range: 30 < n < 128 bits. + */ + memcpy(vec->res, xdout, sizeof(xdout)); + vec->res_len = 16; + + /* ck = xdout[1-15,0] */ + memcpy(vec->ck, xdout + 1, sizeof(xdout) - 1); + vec->ck[15] = xdout[0]; + + /* ik = xdout[2-15,0-1] */ + memcpy(vec->ik, xdout + 2, sizeof(xdout) - 2); + memcpy(vec->ik + 14, xdout, 2); + + /* ak = xdout[3-8] */ + memcpy(ak, xdout + 3, sizeof(ak)); + + /** + * 3GPP TS 33.102, clause 6.8.1.2, b + * sres = c2(res) = res[0-3] ^ res[4-7] ^ res[8-11] ^ res[12-15] + */ + for (i = 0; i < 4; i++) { + vec->sres[i] = vec->res[i] ^ vec->res[i + 4]; + vec->sres[i] ^= vec->res[i + 8] ^ vec->res[i + 12]; + } + + /** + * 3GPP TS 33.102, clause 6.8.1.2, c + * kc = c3(ck, ik) = ck[0-3] ^ ck[4-7] ^ ik[0-3] ^ ik[4-7] + */ + for (i = 0; i < 8; i++) { + vec->kc[i] = vec->ck[i] ^ vec->ck[i + 8]; + vec->kc[i] ^= vec->ik[i] ^ vec->ik[i + 8]; + } + + /* The further part is UMTS specific */ + if (aud->type != OSMO_AUTH_TYPE_UMTS) { + vec->auth_types = OSMO_AUTH_TYPE_GSM; + return 0; + } + + /** + * Step 3: cdout = sqn[0-5] || amf[0-1] + * + * FIXME: The aud->u.umts.sqn has uint64_t type, + * so 8 bytes long. We take 6 bytes from *the beginning* + * of sqn, but shouldn't we shift it first? + * I.e. aud->u.umts.sqn << 2 + * + * And what about byte order?? + */ + memcpy(cdout, (uint8_t *) &aud->u.umts.sqn, 6); + memcpy(cdout + 6, aud->u.umts.amf, 2); + + /* Step 4: xmac = xdout[0-8] XOR cdout[0-8] */ + xor(xmac, xdout, cdout, sizeof(xmac)); + + /** + * Step 5: autn = sqn XOR ak || amf || mac + * + * FIXME: The aud->u.umts.sqn has uint64_t type, + * so 8 bytes long. We take 6 bytes from *the beginning* + * of sqn, but shouldn't we shift it first? + * I.e. aud->u.umts.sqn << 2 + * + * And what about byte order?? + */ + xor(vec->autn, (uint8_t *) &aud->u.umts.sqn, ak, sizeof(ak)); + memcpy(vec->autn + 6, aud->u.umts.amf, 2); + memcpy(vec->autn + 8, xmac, sizeof(xmac)); + + vec->auth_types = OSMO_AUTH_TYPE_UMTS | OSMO_AUTH_TYPE_GSM; + + return 0; +} + +static struct osmo_auth_impl xor_alg = { + .algo = OSMO_AUTH_ALG_XOR, + .name = "XOR (libosmogsm built-in)", + .priority = 1000, + .gen_vec = &xor_gen_vec, +}; + +static __attribute__((constructor)) void on_dso_load_xor(void) +{ + osmo_auth_register(&xor_alg); +} + +/*! @} */ -- To view, visit https://gerrit.osmocom.org/7310 To unsubscribe, visit https://gerrit.osmocom.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I1afaf0a9e2dce43aec87964bacefb21ed4d3d565 Gerrit-PatchSet: 1 Gerrit-Project: libosmocore Gerrit-Branch: master Gerrit-Owner: Vadim Yanitskiy <axilirator at gmail.com> Gerrit-Reviewer: daniel <dwillmann at sysmocom.de>