This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
laforge gerrit-no-reply at lists.osmocom.orglaforge has submitted this change. ( https://gerrit.osmocom.org/c/osmo-iuh/+/22756 ) Change subject: ranap_msg_factory: Allow detailed control over UEA/UIA algorithm encoded ...................................................................... ranap_msg_factory: Allow detailed control over UEA/UIA algorithm encoded Change-Id: I6d2d033b0427bdc84fee61e0f3cb7b29935214bf Closes: OS#4143 --- M include/osmocom/ranap/ranap_msg_factory.h M src/ranap_msg_factory.c 2 files changed, 51 insertions(+), 16 deletions(-) Approvals: Jenkins Builder: Verified pespin: Looks good to me, but someone else must approve laforge: Looks good to me, approved diff --git a/include/osmocom/ranap/ranap_msg_factory.h b/include/osmocom/ranap/ranap_msg_factory.h index f1f3fcc..d89a1ae 100644 --- a/include/osmocom/ranap/ranap_msg_factory.h +++ b/include/osmocom/ranap/ranap_msg_factory.h @@ -13,6 +13,9 @@ struct msgb *ranap_new_msg_dt(uint8_t sapi, const uint8_t *nas, unsigned int nas_len); /*! \brief generate RANAP SECURITY MODE COMMAND message */ +struct msgb *ranap_new_msg_sec_mod_cmd2(const uint8_t *ik, const uint8_t *ck, enum RANAP_KeyStatus status, + uint8_t uia_bitmask, uint8_t uea_bitmask); + struct msgb *ranap_new_msg_sec_mod_cmd(const uint8_t *ik, const uint8_t *ck, enum RANAP_KeyStatus status); /*! \brief generate RANAP SECURITY MODE COMPLETE message */ diff --git a/src/ranap_msg_factory.c b/src/ranap_msg_factory.c index 2ae2dbf..121514c 100644 --- a/src/ranap_msg_factory.c +++ b/src/ranap_msg_factory.c @@ -202,18 +202,15 @@ return msg; } -static const enum RANAP_IntegrityProtectionAlgorithm ip_alg[2] = { - RANAP_IntegrityProtectionAlgorithm_standard_UMTS_integrity_algorithm_UIA1, - RANAP_IntegrityProtectionAlgorithm_standard_UMTS_integrity_algorithm_UIA2, -}; - -static const RANAP_EncryptionAlgorithm_t enc_alg[2] = { - RANAP_EncryptionAlgorithm_standard_UMTS_encryption_algorith_UEA1, - RANAP_EncryptionAlgorithm_standard_UMTS_encryption_algorithm_UEA2, -}; - -/*! \brief generate RANAP SECURITY MODE COMMAND message */ -struct msgb *ranap_new_msg_sec_mod_cmd(const uint8_t *ik, const uint8_t *ck, enum RANAP_KeyStatus status) +/*! \brief generate RANAP SECURITY MODE COMMAND message. + * \param[in] ik 128bit integrity protection key (mandatory) + * \param[in] ck 128bit ciphering key (optional) + * \param[in] status key status + * \param[in] uia_bitmask bit-mask of UIA algorithms; Bit0 = UIA0 .. Bit2 = UIA2 + * \param[in] uea_bitmask bit-mask of UEA algorithms; Bit0 = UEA0 .. Bit2 = UEA2; ck required + * \returns message buffer with encoded command message */ +struct msgb *ranap_new_msg_sec_mod_cmd2(const uint8_t *ik, const uint8_t *ck, enum RANAP_KeyStatus status, + uint8_t uia_bitmask, uint8_t uea_bitmask) { RANAP_SecurityModeCommandIEs_t ies; RANAP_SecurityModeCommand_t out; @@ -223,11 +220,26 @@ memset(&ies, 0, sizeof(ies)); memset(&out, 0, sizeof(out)); - for (i = 0; i < ARRAY_SIZE(ip_alg); i++) { + for (i = 0; i < 8; i++) { + RANAP_IntegrityProtectionAlgorithm_t ialg; + if (!(uia_bitmask & (1 << i))) + continue; + switch (i) { + case 1: + ialg = RANAP_IntegrityProtectionAlgorithm_standard_UMTS_integrity_algorithm_UIA1; + break; + case 2: + ialg = RANAP_IntegrityProtectionAlgorithm_standard_UMTS_integrity_algorithm_UIA2; + break; + default: + LOGP(DRANAP, "Unsupported UIA algorithm UIA%d specified\n", i); + return NULL; + } + /* needs to be dynamically allocated, as * SET_OF_free() will call FREEMEM() on it */ RANAP_IntegrityProtectionAlgorithm_t *alg = CALLOC(1, sizeof(*alg)); - *alg = ip_alg[i]; + *alg = ialg; ASN_SEQUENCE_ADD(&ies.integrityProtectionInformation.permittedAlgorithms, alg); } @@ -235,11 +247,27 @@ if (ck) { ies.presenceMask = SECURITYMODECOMMANDIES_RANAP_ENCRYPTIONINFORMATION_PRESENT; - for (i = 0; i < ARRAY_SIZE(ip_alg); i++) { + for (i = 0; i < 8; i++) { + RANAP_EncryptionAlgorithm_t ealg; + if (!(uea_bitmask & (1 << i))) + continue; + switch (i) { + case 1: + ealg = RANAP_EncryptionAlgorithm_standard_UMTS_encryption_algorith_UEA1; + break; + case 2: + ealg = RANAP_EncryptionAlgorithm_standard_UMTS_encryption_algorithm_UEA2; + break; + default: + LOGP(DRANAP, "Unsupported UEA algorithm UEA%d specified\n", i); + asn_set_empty(&ies.integrityProtectionInformation.permittedAlgorithms); + return NULL; + } + /* needs to be dynamically allocated, as * SET_OF_free() will call FREEMEM() on it */ RANAP_EncryptionAlgorithm_t *alg = CALLOC(1, sizeof(*alg)); - *alg = enc_alg[i]; + *alg = ealg; ASN_SEQUENCE_ADD(&ies.encryptionInformation.permittedAlgorithms, alg); } BIT_STRING_fromBuf(&ies.encryptionInformation.key, ck, 16*8); @@ -271,6 +299,10 @@ return msg; } +struct msgb *ranap_new_msg_sec_mod_cmd(const uint8_t *ik, const uint8_t *ck, enum RANAP_KeyStatus status) +{ + return ranap_new_msg_sec_mod_cmd2(ik, ck, status, 0x06, 0x06); +} /*! \brief generate RANAP SECURITY MODE COMPLETE message */ struct msgb *ranap_new_msg_sec_mod_compl( -- To view, visit https://gerrit.osmocom.org/c/osmo-iuh/+/22756 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-iuh Gerrit-Branch: master Gerrit-Change-Id: I6d2d033b0427bdc84fee61e0f3cb7b29935214bf Gerrit-Change-Number: 22756 Gerrit-PatchSet: 2 Gerrit-Owner: laforge <laforge at osmocom.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge at osmocom.org> Gerrit-Reviewer: neels <nhofmeyr at sysmocom.de> Gerrit-Reviewer: pespin <pespin at sysmocom.de> Gerrit-MessageType: merged -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20210210/3a0eca99/attachment.htm>