Change in ...osmo-hlr[master]: AUC: Add support for setting the AMF separation bit to '1' for EUTRAN

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.

laforge gerrit-no-reply at lists.osmocom.org
Fri Aug 30 19:08:35 UTC 2019


laforge has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-hlr/+/15364


Change subject: AUC: Add support for setting the AMF separation bit to '1' for EUTRAN
......................................................................

AUC: Add support for setting the AMF separation bit to '1' for EUTRAN

Despite LTE/EUTRAN using the same authentication procedure (UMTS AKA)
as 3G, there's one difference: The "operator defined" 16bit AMF field
is reduced to 15 bits, with the first bit now being used as 'separation
bit'.  That bit should be '0' for 2G/3G (as it is right now) and '1'
for authentication vectores generated for authentication over
EUTRAN/EPS.

Depends: libosmocore I93850710ab55a605bf61b95063a69682a2899bb1 (OSMO_GSUP_RAT_TYPES_IE)
Change-Id: Ic766bc40f6126bb479bd0a05b0e96bec3e240008
---
M src/db.h
M src/db_auc.c
M src/hlr.c
M tests/db/db_test.c
M tests/db/db_test.err
5 files changed, 26 insertions(+), 16 deletions(-)



  git pull ssh://gerrit.osmocom.org:29418/osmo-hlr refs/changes/64/15364/1

diff --git a/src/db.h b/src/db.h
index 15d83de..3735834 100644
--- a/src/db.h
+++ b/src/db.h
@@ -65,7 +65,7 @@
 int db_get_auc(struct db_context *dbc, const char *imsi,
 	       unsigned int auc_3g_ind, struct osmo_auth_vector *vec,
 	       unsigned int num_vec, const uint8_t *rand_auts,
-	       const uint8_t *auts);
+	       const uint8_t *auts, bool separation_bit);
 
 #include <osmocom/core/linuxlist.h>
 #include <osmocom/gsm/protocol/gsm_23_003.h>
diff --git a/src/db_auc.c b/src/db_auc.c
index 2cf7143..6eaee9d 100644
--- a/src/db_auc.c
+++ b/src/db_auc.c
@@ -189,7 +189,7 @@
 int db_get_auc(struct db_context *dbc, const char *imsi,
 	       unsigned int auc_3g_ind, struct osmo_auth_vector *vec,
 	       unsigned int num_vec, const uint8_t *rand_auts,
-	       const uint8_t *auts)
+	       const uint8_t *auts, bool separation_bit)
 {
 	struct osmo_sub_auth_data aud2g, aud3g;
 	int64_t subscr_id;
@@ -209,6 +209,12 @@
 		       aud3g.u.umts.ind_bitlen, aud3g.u.umts.ind);
 		aud3g.u.umts.ind &= (1U << aud3g.u.umts.ind_bitlen) - 1;
 	}
+	/* the first bit (bit0) cannot be used as AMF anymore, but has been
+	 * re-appropriated as the separation bit.  See 3GPP TS 33.102 Annex H
+	 * together with 3GPP TS 33.401 / 33.402 / 33.501 */
+	aud3g.u.umts.amf[0] = aud3g.u.umts.amf[0] & 0x7f;
+	if (separation_bit)
+		aud3g.u.umts.amf[0] |= 0x80;
 
 	LOGAUC(imsi, LOGL_DEBUG, "Calling to generate %u vectors\n", num_vec);
 	rc = auc_compute_vectors(vec, num_vec, &aud2g, &aud3g, rand_auts, auts);
diff --git a/src/hlr.c b/src/hlr.c
index 8b9dff1..4a9ef89 100644
--- a/src/hlr.c
+++ b/src/hlr.c
@@ -233,6 +233,7 @@
 {
 	struct osmo_gsup_message gsup_out;
 	struct msgb *msg_out;
+	bool separation_bit = false;
 	int rc;
 
 	subscr_create_on_demand(gsup->imsi);
@@ -241,10 +242,13 @@
 	memset(&gsup_out, 0, sizeof(gsup_out));
 	memcpy(&gsup_out.imsi, &gsup->imsi, sizeof(gsup_out.imsi));
 
+	if (gsup->rat_types_len >= 1 && gsup->rat_types[0] == OSMO_RAT_EUTRAN_SGS)
+		separation_bit = true;
+
 	rc = db_get_auc(dbc, gsup->imsi, conn->auc_3g_ind,
 			gsup_out.auth_vectors,
 			ARRAY_SIZE(gsup_out.auth_vectors),
-			gsup->rand, gsup->auts);
+			gsup->rand, gsup->auts, separation_bit);
 	if (rc <= 0) {
 		gsup_out.message_type = OSMO_GSUP_MSGT_SEND_AUTH_INFO_ERROR;
 		switch (rc) {
diff --git a/tests/db/db_test.c b/tests/db/db_test.c
index 1da2752..7c31da6 100644
--- a/tests/db/db_test.c
+++ b/tests/db/db_test.c
@@ -115,7 +115,7 @@
 #define ASSERT_DB_GET_AUC(imsi, expect_rc) \
 	do { \
 		struct osmo_auth_vector vec[N_VECTORS]; \
-		ASSERT_RC(db_get_auc(dbc, imsi, 3, vec, N_VECTORS, NULL, NULL), expect_rc); \
+		ASSERT_RC(db_get_auc(dbc, imsi, 3, vec, N_VECTORS, NULL, NULL, false), expect_rc); \
 	} while (0)
 
 /* Not linking the real auc_compute_vectors(), just returning num_vec.
diff --git a/tests/db/db_test.err b/tests/db/db_test.err
index a3e4d58..6423550 100644
--- a/tests/db/db_test.err
+++ b/tests/db/db_test.err
@@ -814,7 +814,7 @@
 DAUC IMSI='999999999': No such subscriber
 
 
-db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -2
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -2
 DAUC IMSI='123456789000000': No such subscriber
 
 
@@ -833,7 +833,7 @@
 DAUC IMSI='123456789000000': No 3G Auth Data
 
 
-db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -ENOKEY
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -ENOKEY
 DAUC IMSI='123456789000000': No 2G Auth Data
 DAUC IMSI='123456789000000': No 3G Auth Data
 
@@ -852,7 +852,7 @@
 }
 3G: none
 
-db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> 3
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> 3
 DAUC IMSI='123456789000000': No 3G Auth Data
 DAUC IMSI='123456789000000': Calling to generate 3 vectors
 DAUC IMSI='123456789000000': Generated 3 vectors
@@ -915,7 +915,7 @@
 DAUC IMSI='123456789000000': No 3G Auth Data
 
 
-db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -ENOKEY
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -ENOKEY
 DAUC IMSI='123456789000000': No 2G Auth Data
 DAUC IMSI='123456789000000': No 3G Auth Data
 
@@ -940,7 +940,7 @@
 DAUC IMSI='123456789000000': No 3G Auth Data
 
 
-db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -ENOKEY
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -ENOKEY
 DAUC IMSI='123456789000000': No 2G Auth Data
 DAUC IMSI='123456789000000': No 3G Auth Data
 
@@ -963,7 +963,7 @@
   .u.umts.ind_bitlen = 5,
 }
 
-db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> 3
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> 3
 DAUC IMSI='123456789000000': No 2G Auth Data
 DAUC IMSI='123456789000000': Calling to generate 3 vectors
 DAUC IMSI='123456789000000': Generated 3 vectors
@@ -1042,7 +1042,7 @@
 DAUC IMSI='123456789000000': No 3G Auth Data
 
 
-db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -ENOKEY
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -ENOKEY
 DAUC IMSI='123456789000000': No 2G Auth Data
 DAUC IMSI='123456789000000': No 3G Auth Data
 
@@ -1064,7 +1064,7 @@
   .u.umts.ind_bitlen = 5,
 }
 
-db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> 3
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> 3
 DAUC IMSI='123456789000000': No 2G Auth Data
 DAUC IMSI='123456789000000': Calling to generate 3 vectors
 DAUC IMSI='123456789000000': Generated 3 vectors
@@ -1077,7 +1077,7 @@
 DAUC IMSI='123456789000000': No 3G Auth Data
 
 
-db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -ENOKEY
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -ENOKEY
 DAUC IMSI='123456789000000': No 2G Auth Data
 DAUC IMSI='123456789000000': No 3G Auth Data
 
@@ -1105,7 +1105,7 @@
   .u.umts.ind_bitlen = 5,
 }
 
-db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> 3
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> 3
 DAUC IMSI='123456789000000': Calling to generate 3 vectors
 DAUC IMSI='123456789000000': Generated 3 vectors
 DAUC IMSI='123456789000000': Updating SQN=0 in DB
@@ -1323,7 +1323,7 @@
 DAUC IMSI='123456789000000': No 3G Auth Data
 
 
-db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -ENOKEY
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -ENOKEY
 DAUC IMSI='123456789000000': No 2G Auth Data
 DAUC IMSI='123456789000000': No 3G Auth Data
 
@@ -1332,7 +1332,7 @@
 db_subscr_get_by_imsi(dbc, imsi0, &g_subscr) --> -ENOENT
 DAUC Cannot read subscriber from db: IMSI='123456789000000': No such subscriber
 
-db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -2
+db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -2
 DAUC IMSI='123456789000000': No such subscriber
 
 ===== test_subscr_aud: SUCCESS

-- 
To view, visit https://gerrit.osmocom.org/c/osmo-hlr/+/15364
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings

Gerrit-Project: osmo-hlr
Gerrit-Branch: master
Gerrit-Change-Id: Ic766bc40f6126bb479bd0a05b0e96bec3e240008
Gerrit-Change-Number: 15364
Gerrit-PatchSet: 1
Gerrit-Owner: laforge <laforge at gnumonks.org>
Gerrit-MessageType: newchange
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20190830/15b33dd2/attachment.htm>


More information about the gerrit-log mailing list