[PATCH] osmo-hlr[master]: VTY: enable Milenage-2G authentication algorithm

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.

Vadim Yanitskiy gerrit-no-reply at lists.osmocom.org
Mon Mar 19 16:03:18 UTC 2018


Hello Jenkins Builder,

I'd like you to reexamine a change.  Please visit

    https://gerrit.osmocom.org/7391

to look at the new patch set (#2).

VTY: enable Milenage-2G authentication algorithm

Despite the current Milenage implementation in libosmogsm
does support 2G authentication, it has been disabled for
some long time. Let's enable it in order to support SIM
cards with Milenage algorithm set for 2G mode.

Change-Id: I6e6ff11d87bd9462db153ce6e32e7afc8197c38b
---
M src/db_hlr.c
M src/hlr_vty_subscr.c
M tests/db/db_test.c
M tests/db/db_test.err
M tests/test_subscriber.vty
5 files changed, 79 insertions(+), 41 deletions(-)


  git pull ssh://gerrit.osmocom.org:29418/osmo-hlr refs/changes/91/7391/2

diff --git a/src/db_hlr.c b/src/db_hlr.c
index c4d4974..b9315fc 100644
--- a/src/db_hlr.c
+++ b/src/db_hlr.c
@@ -221,13 +221,9 @@
 		case OSMO_AUTH_ALG_COMP128v1:
 		case OSMO_AUTH_ALG_COMP128v2:
 		case OSMO_AUTH_ALG_COMP128v3:
+		case OSMO_AUTH_ALG_MILENAGE:
 		case OSMO_AUTH_ALG_XOR:
 			break;
-		case OSMO_AUTH_ALG_MILENAGE:
-			LOGP(DAUC, LOGL_ERROR, "Cannot update auth tokens:"
-			     " auth algo not suited for 2G: %s\n",
-			     osmo_auth_alg_name(aud->algo));
-			return -EINVAL;
 		default:
 			LOGP(DAUC, LOGL_ERROR, "Cannot update auth tokens:"
 			     " Unknown auth algo: %d\n", aud->algo);
diff --git a/src/hlr_vty_subscr.c b/src/hlr_vty_subscr.c
index 7191a1c..3436636 100644
--- a/src/hlr_vty_subscr.c
+++ b/src/hlr_vty_subscr.c
@@ -269,11 +269,12 @@
 	return false;
 }
 
-#define AUTH_ALG_TYPES_2G "(comp128v1|comp128v2|comp128v3|xor)"
+#define AUTH_ALG_TYPES_2G "(comp128v1|comp128v2|comp128v3|milenage|xor)"
 #define AUTH_ALG_TYPES_2G_HELP \
 	"Use COMP128v1 algorithm\n" \
 	"Use COMP128v2 algorithm\n" \
 	"Use COMP128v3 algorithm\n" \
+	"Use Milenage algorithm\n"  \
 	"Use XOR algorithm\n"
 
 #define AUTH_ALG_TYPES_3G "milenage"
diff --git a/tests/db/db_test.c b/tests/db/db_test.c
index 6bf7a86..5b02b41 100644
--- a/tests/db/db_test.c
+++ b/tests/db/db_test.c
@@ -510,6 +510,11 @@
 	ASSERT_SEL_AUD(imsi0, 0, id);
 
 	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
+		mk_aud_2g(OSMO_AUTH_ALG_MILENAGE, "FacedBeef13046411a0ea5591a82AFee")),
+		0);
+	ASSERT_SEL_AUD(imsi0, 0, id);
+
+	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
 		mk_aud_2g(OSMO_AUTH_ALG_XOR, "CededEffacedAceFacedBadFadedBeef")),
 		0);
 	ASSERT_SEL_AUD(imsi0, 0, id);
@@ -612,6 +617,17 @@
 	comment("Set auth data, 2G and 3G");
 
 	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
+		mk_aud_2g(OSMO_AUTH_ALG_MILENAGE, "FacedBeef13046411a0ea5591a82AFee")),
+		0);
+	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
+		mk_aud_3g(OSMO_AUTH_ALG_MILENAGE,
+			  "BeefedCafeFaceAcedAddedDecadeFee", false,
+			  "DeafBeddedBabeAcceededFadedDecaf", 5)),
+		0);
+	ASSERT_SEL_AUD(imsi0, 0, id);
+	ASSERT_DB_GET_AUC(imsi0, N_VECTORS);
+
+	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
 		mk_aud_2g(OSMO_AUTH_ALG_COMP128v3, "CededEffacedAceFacedBadFadedBeef")),
 		0);
 	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
@@ -637,11 +653,6 @@
 
 	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
 		mk_aud_2g(OSMO_AUTH_ALG_XOR, "f00")),
-		-EINVAL);
-	ASSERT_SEL_AUD(imsi0, 0, id);
-
-	ASSERT_RC(db_subscr_update_aud_by_id(dbc, id,
-		mk_aud_2g(OSMO_AUTH_ALG_MILENAGE, "0123456789abcdef0123456789abcdef")),
 		-EINVAL);
 	ASSERT_SEL_AUD(imsi0, 0, id);
 
diff --git a/tests/db/db_test.err b/tests/db/db_test.err
index 1d34045..64186a2 100644
--- a/tests/db/db_test.err
+++ b/tests/db/db_test.err
@@ -794,6 +794,18 @@
 }
 3G: none
 
+db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_MILENAGE, "FacedBeef13046411a0ea5591a82AFee")) --> 0
+
+db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
+DAUC IMSI='123456789000000': No 3G Auth Data
+
+2G: struct osmo_sub_auth_data {
+  .type = GSM,
+  .algo = MILENAGE,
+  .u.gsm.ki = 'facedbeef13046411a0ea5591a82afee',
+}
+3G: none
+
 db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_XOR, "CededEffacedAceFacedBadFadedBeef")) --> 0
 
 db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
@@ -985,6 +997,32 @@
 
 --- Set auth data, 2G and 3G
 
+db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_MILENAGE, "FacedBeef13046411a0ea5591a82AFee")) --> 0
+
+db_subscr_update_aud_by_id(dbc, id, mk_aud_3g(OSMO_AUTH_ALG_MILENAGE, "BeefedCafeFaceAcedAddedDecadeFee", false, "DeafBeddedBabeAcceededFadedDecaf", 5)) --> 0
+
+db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
+
+2G: struct osmo_sub_auth_data {
+  .type = GSM,
+  .algo = MILENAGE,
+  .u.gsm.ki = 'facedbeef13046411a0ea5591a82afee',
+}
+3G: struct osmo_sub_auth_data {
+  .type = UMTS,
+  .algo = MILENAGE,
+  .u.umts.opc = 'beefedcafefaceacedaddeddecadefee',
+  .u.umts.opc_is_op = 0,
+  .u.umts.k = 'deafbeddedbabeacceededfadeddecaf',
+  .u.umts.amf = '0000',
+  .u.umts.ind_bitlen = 5,
+}
+
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> 3
+DAUC IMSI='123456789000000': Calling to generate 3 vectors
+DAUC IMSI='123456789000000': Generated 3 vectors
+DAUC IMSI='123456789000000': Updating SQN=0 in DB
+
 db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_COMP128v3, "CededEffacedAceFacedBadFadedBeef")) --> 0
 
 db_subscr_update_aud_by_id(dbc, id, mk_aud_3g(OSMO_AUTH_ALG_MILENAGE, "BeefedCafeFaceAcedAddedDecadeFee", false, "DeafBeddedBabeAcceededFadedDecaf", 5)) --> 0
@@ -1056,26 +1094,6 @@
 
 db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_XOR, "f00")) --> -EINVAL
 DAUC Cannot update auth tokens: Invalid KI: 'f00'
-
-db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
-
-2G: struct osmo_sub_auth_data {
-  .type = GSM,
-  .algo = COMP128v3,
-  .u.gsm.ki = 'cededeffacedacefacedbadfadedbeef',
-}
-3G: struct osmo_sub_auth_data {
-  .type = UMTS,
-  .algo = MILENAGE,
-  .u.umts.opc = 'beefedcafefaceacedaddeddecadefee',
-  .u.umts.opc_is_op = 0,
-  .u.umts.k = 'deafbeddedbabeacceededfadeddecaf',
-  .u.umts.amf = '0000',
-  .u.umts.ind_bitlen = 5,
-}
-
-db_subscr_update_aud_by_id(dbc, id, mk_aud_2g(OSMO_AUTH_ALG_MILENAGE, "0123456789abcdef0123456789abcdef")) --> -EINVAL
-DAUC Cannot update auth tokens: auth algo not suited for 2G: MILENAGE
 
 db_get_auth_data(dbc, imsi0, &g_aud2g, &g_aud3g, &g_id) --> 0
 
diff --git a/tests/test_subscriber.vty b/tests/test_subscriber.vty
index 2da455f..a83cb5e 100644
--- a/tests/test_subscriber.vty
+++ b/tests/test_subscriber.vty
@@ -7,7 +7,7 @@
   subscriber (imsi|msisdn|id) IDENT delete
   subscriber (imsi|msisdn|id) IDENT update msisdn MSISDN
   subscriber (imsi|msisdn|id) IDENT update aud2g none
-  subscriber (imsi|msisdn|id) IDENT update aud2g (comp128v1|comp128v2|comp128v3|xor) ki KI
+  subscriber (imsi|msisdn|id) IDENT update aud2g (comp128v1|comp128v2|comp128v3|milenage|xor) ki KI
   subscriber (imsi|msisdn|id) IDENT update aud3g none
   subscriber (imsi|msisdn|id) IDENT update aud3g milenage k K (op|opc) OP_C [ind-bitlen] [<0-28>]
 
@@ -101,6 +101,7 @@
   comp128v1  Use COMP128v1 algorithm
   comp128v2  Use COMP128v2 algorithm
   comp128v3  Use COMP128v3 algorithm
+  milenage   Use Milenage algorithm
   xor        Use XOR algorithm
 
 OsmoHLR# subscriber imsi 123456789023000 update aud2g comp128v1 ?
@@ -119,6 +120,26 @@
     MSISDN: 423
     2G auth: XOR
              KI=deaf0ff1ced0d0dabbedd1ced1cef00d
+
+OsmoHLR# subscriber id 1 update aud2g milenage ki FacedBeef13046411a0ea5591a82AFee
+OsmoHLR# subscriber id 1 show
+    ID: 1
+    IMSI: 123456789023000
+    MSISDN: 423
+    2G auth: MILENAGE
+             KI=facedbeef13046411a0ea5591a82afee
+OsmoHLR# subscriber msisdn 423 show
+    ID: 1
+    IMSI: 123456789023000
+    MSISDN: 423
+    2G auth: MILENAGE
+             KI=facedbeef13046411a0ea5591a82afee
+OsmoHLR# subscriber imsi 123456789023000 show
+    ID: 1
+    IMSI: 123456789023000
+    MSISDN: 423
+    2G auth: MILENAGE
+             KI=facedbeef13046411a0ea5591a82afee
 
 OsmoHLR# subscriber imsi 123456789023000 update aud2g comp128v1 ki BeefedCafeFaceAcedAddedDecadeFee
 OsmoHLR# subscriber imsi 123456789023000 show
@@ -181,15 +202,6 @@
              KI=c01ffedc1cadaeac1d1f1edacac1ab0a
 
 OsmoHLR# subscriber id 1 update aud2g nonsense ki BeefedCafeFaceAcedAddedDecadeFee
-% Unknown command.
-OsmoHLR# subscriber id 1 show
-    ID: 1
-    IMSI: 123456789023000
-    MSISDN: 423
-    2G auth: COMP128v3
-             KI=c01ffedc1cadaeac1d1f1edacac1ab0a
-
-OsmoHLR# subscriber id 1 update aud2g milenage ki BeefedCafeFaceAcedAddedDecadeFee
 % Unknown command.
 OsmoHLR# subscriber id 1 show
     ID: 1

-- 
To view, visit https://gerrit.osmocom.org/7391
To unsubscribe, visit https://gerrit.osmocom.org/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I6e6ff11d87bd9462db153ce6e32e7afc8197c38b
Gerrit-PatchSet: 2
Gerrit-Project: osmo-hlr
Gerrit-Branch: master
Gerrit-Owner: Vadim Yanitskiy <axilirator at gmail.com>
Gerrit-Reviewer: Jenkins Builder



More information about the gerrit-log mailing list