This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
laforge gerrit-no-reply at lists.osmocom.orglaforge has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-hlr/+/21880 )
Change subject: support the XOR algorithm for UMTS AKA
......................................................................
support the XOR algorithm for UMTS AKA
Test USIMs as specified by 3GPP use the XOR algorithm not only for 2G
but also for 3G. libosmocore includes the XOR-3G support since v1.3.0,
but osmo-hlr somehow never made use of it.
Change-Id: I3a452af9c18cd90d00ab4766d6bd1679456bc1a2
Closes: OS#4924
---
M src/db_hlr.c
M src/hlr_vty_subscr.c
M tests/auc/auc_test.c
M tests/auc/auc_test.err
4 files changed, 77 insertions(+), 8 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-hlr refs/changes/80/21880/1
diff --git a/src/db_hlr.c b/src/db_hlr.c
index 83c2c51..6ba43c2 100644
--- a/src/db_hlr.c
+++ b/src/db_hlr.c
@@ -264,11 +264,11 @@
switch (aud->algo) {
case OSMO_AUTH_ALG_NONE:
case OSMO_AUTH_ALG_MILENAGE:
+ case OSMO_AUTH_ALG_XOR:
break;
case OSMO_AUTH_ALG_COMP128v1:
case OSMO_AUTH_ALG_COMP128v2:
case OSMO_AUTH_ALG_COMP128v3:
- case OSMO_AUTH_ALG_XOR:
LOGP(DAUC, LOGL_ERROR, "Cannot update auth tokens:"
" auth algo not suited for 3G: %s\n",
osmo_auth_alg_name(aud->algo));
diff --git a/src/hlr_vty_subscr.c b/src/hlr_vty_subscr.c
index a9262ba..6ce0191 100644
--- a/src/hlr_vty_subscr.c
+++ b/src/hlr_vty_subscr.c
@@ -355,9 +355,10 @@
"Use COMP128v3 algorithm\n" \
"Use XOR algorithm\n"
-#define AUTH_ALG_TYPES_3G "milenage"
+#define AUTH_ALG_TYPES_3G "(milenage|xor)"
#define AUTH_ALG_TYPES_3G_HELP \
- "Use Milenage algorithm\n"
+ "Use Milenage algorithm\n" \
+ "Use XOR algorithm\n"
#define A38_XOR_MIN_KEY_LEN 12
#define A38_XOR_MAX_KEY_LEN 16
@@ -511,11 +512,11 @@
int rc;
const char *id_type = argv[0];
const char *id = argv[1];
- const char *alg_type = AUTH_ALG_TYPES_3G;
- const char *k = argv[2];
- bool opc_is_op = (strcasecmp("op", argv[3]) == 0);
- const char *op_opc = argv[4];
- int ind_bitlen = argc > 6? atoi(argv[6]) : 5;
+ const char *alg_type = argv[2];
+ const char *k = argv[3];
+ bool opc_is_op = (strcasecmp("op", argv[4]) == 0);
+ const char *op_opc = argv[5];
+ int ind_bitlen = argc > 7? atoi(argv[7]) : 5;
struct sub_auth_data_str aud3g = {
.type = OSMO_AUTH_TYPE_UMTS,
.u.umts = {
diff --git a/tests/auc/auc_test.c b/tests/auc/auc_test.c
index cdbd0b7..db7edcb 100644
--- a/tests/auc/auc_test.c
+++ b/tests/auc/auc_test.c
@@ -454,6 +454,50 @@
comment_end();
}
+static void test_gen_vectors_3g_xor(void)
+{
+ struct osmo_sub_auth_data aud2g;
+ struct osmo_sub_auth_data aud3g;
+ struct osmo_auth_vector vec;
+ int rc;
+
+ comment_start();
+
+ aud2g = (struct osmo_sub_auth_data){ 0 };
+
+ aud3g = (struct osmo_sub_auth_data){
+ .type = OSMO_AUTH_TYPE_UMTS,
+ .algo = OSMO_AUTH_ALG_XOR,
+ .u.umts.sqn = 0,
+ };
+
+ osmo_hexparse("000102030405060708090a0b0c0d0e0f",
+ aud3g.u.umts.k, sizeof(aud3g.u.umts.k));
+ osmo_hexparse("00000000000000000000000000000000",
+ aud3g.u.umts.opc, sizeof(aud3g.u.umts.opc));
+ next_rand("b5039c57e4a75051551d1a390a71ce48", true);
+
+ vec = (struct osmo_auth_vector){ {0} };
+ VERBOSE_ASSERT(aud3g.u.umts.sqn, == 0, "%"PRIu64);
+ rc = auc_compute_vectors(&vec, 1, &aud2g, &aud3g, NULL, NULL);
+ VERBOSE_ASSERT(rc, == 1, "%d");
+ VERBOSE_ASSERT(aud3g.u.umts.sqn, == 0, "%"PRIu64);
+
+ VEC_IS(&vec,
+ " rand: b5039c57e4a75051551d1a390a71ce48\n"
+ " autn: 54e0a256565d0000b5029e54e0a25656\n"
+ " ck: 029e54e0a256565d141032067cc047b5\n"
+ " ik: 9e54e0a256565d141032067cc047b502\n"
+ " res: b5029e54e0a256565d141032067cc047\n"
+ " res_len: 10\n"
+ " kc: 98e880384887f9fe\n"
+ " sres: 0ec81877\n"
+ " auth_types: 03000000\n"
+ );
+
+ comment_end();
+}
+
void test_gen_vectors_bad_args()
{
struct osmo_auth_vector vec;
@@ -622,6 +666,7 @@
test_gen_vectors_2g_only();
test_gen_vectors_2g_plus_3g();
test_gen_vectors_3g_only();
+ test_gen_vectors_3g_xor();
test_gen_vectors_bad_args();
printf("Done\n");
diff --git a/tests/auc/auc_test.err b/tests/auc/auc_test.err
index 0a4d9af..f83e814 100644
--- a/tests/auc/auc_test.err
+++ b/tests/auc/auc_test.err
@@ -217,6 +217,29 @@
===== test_gen_vectors_3g_only: SUCCESS
+===== test_gen_vectors_3g_xor
+aud3g.u.umts.sqn == 0
+DAUC Computing 1 auth vector: 3G only (2G derived from 3G keys)
+DAUC 3G: k = 000102030405060708090a0b0c0d0e0f
+DAUC 3G: opc = 00000000000000000000000000000000
+DAUC 3G: for sqn ind 0, previous sqn was 0
+DAUC vector [0]: rand = b5039c57e4a75051551d1a390a71ce48
+DAUC vector [0]: sqn = 0
+DAUC vector [0]: autn = 54e0a256565d0000b5029e54e0a25656
+DAUC vector [0]: ck = 029e54e0a256565d141032067cc047b5
+DAUC vector [0]: ik = 9e54e0a256565d141032067cc047b502
+DAUC vector [0]: res = b5029e54e0a256565d141032067cc047
+DAUC vector [0]: res_len = 16
+DAUC vector [0]: deriving 2G from 3G
+DAUC vector [0]: kc = 98e880384887f9fe
+DAUC vector [0]: sres = 0ec81877
+DAUC vector [0]: auth_types = 0x3
+rc == 1
+aud3g.u.umts.sqn == 0
+vector matches expectations
+===== test_gen_vectors_3g_xor: SUCCESS
+
+
===== test_gen_vectors_bad_args
- no auth data (a)
--
To view, visit https://gerrit.osmocom.org/c/osmo-hlr/+/21880
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings
Gerrit-Project: osmo-hlr
Gerrit-Branch: master
Gerrit-Change-Id: I3a452af9c18cd90d00ab4766d6bd1679456bc1a2
Gerrit-Change-Number: 21880
Gerrit-PatchSet: 1
Gerrit-Owner: laforge <laforge at osmocom.org>
Gerrit-MessageType: newchange
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20201228/66e9aa6b/attachment.htm>