[PATCH] Use generic auth API

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.

Max.Suraev at fairwaves.co
Fri Oct 17 10:31:23 UTC 2014


Just realized that this long time ago published patch s not visible at patchwork.
I'd appreciate help with testing it against sim cards using xor - don't have any at
hands.

17.10.2014 12:19, Max пишет:
> Signed-off-by: Max <max.suraev at fairwaves.co>
> ---
>  openbsc/src/libmsc/auth.c | 69 +++++++++++++++++++----------------------------
>  1 file changed, 28 insertions(+), 41 deletions(-)
> 
> diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c
> index 10d8edf..d04b2fc 100644
> --- a/openbsc/src/libmsc/auth.c
> +++ b/openbsc/src/libmsc/auth.c
> @@ -24,47 +24,11 @@
>  #include <openbsc/debug.h>
>  #include <openbsc/auth.h>
>  #include <openbsc/gsm_data.h>
> -
> -#include <osmocom/gsm/comp128.h>
> +#include <osmocom/crypt/auth.h>
>  
>  #include <stdlib.h>
>  
>  
> -static int
> -_use_xor(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple)
> -{
> -	int i, l = ainfo->a3a8_ki_len;
> -
> -	if ((l > A38_XOR_MAX_KEY_LEN) || (l < A38_XOR_MIN_KEY_LEN)) {
> -		LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n",
> -			ainfo->a3a8_ki_len,
> -			osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len));
> -		return -1;
> -	}
> -
> -	for (i=0; i<4; i++)
> -		atuple->sres[i] = atuple->rand[i] ^ ainfo->a3a8_ki[i];
> -	for (i=4; i<12; i++)
> -		atuple->kc[i-4] = atuple->rand[i] ^ ainfo->a3a8_ki[i];
> -
> -	return 0;
> -}
> -
> -static int
> -_use_comp128_v1(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple)
> -{
> -	if (ainfo->a3a8_ki_len != A38_COMP128_KEY_LEN) {
> -		LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n",
> -			ainfo->a3a8_ki_len,
> -			osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len));
> -		return -1;
> -	}
> -
> -	comp128(ainfo->a3a8_ki, atuple->rand, atuple->sres, atuple->kc);
> -
> -	return 0;
> -}
> -
>  /* Return values 
>   *  -1 -> Internal error
>   *   0 -> Not available
> @@ -76,6 +40,11 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
>  {
>  	struct gsm_auth_info ainfo;
>  	int i, rc;
> +	static struct osmo_sub_auth_data auth = {
> +	    .type = OSMO_AUTH_TYPE_GSM
> +	};
> +	struct osmo_auth_vector _vec;
> +	struct osmo_auth_vector *vec = &_vec;
>  
>  	/* Get subscriber info (if any) */
>  	rc = db_get_authinfo_for_subscr(&ainfo, subscr);
> @@ -109,13 +78,23 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
>  		return 0;
>  
>  	case AUTH_ALGO_XOR:
> -		if (_use_xor(&ainfo, atuple))
> -			return 0;
> +		auth.algo = OSMO_AUTH_ALG_XOR;
> +		if ((ainfo.a3a8_ki_len > A38_XOR_MAX_KEY_LEN) || (ainfo.a3a8_ki_len < A38_XOR_MIN_KEY_LEN)) {
> +			LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n",
> +			     ainfo.a3a8_ki_len,
> +			     osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len));
> +			return -1;
> +		}
>  		break;
>  
>  	case AUTH_ALGO_COMP128v1:
> -		if (_use_comp128_v1(&ainfo, atuple))
> -			return 0;
> +		auth.algo = OSMO_AUTH_ALG_COMP128v1;
> +		if (ainfo.a3a8_ki_len != A38_COMP128_KEY_LEN) {
> +			LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n",
> +			     ainfo.a3a8_ki_len,
> +			     osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len));
> +			return -1;
> +		}
>  		break;
>  
>  	default:
> @@ -124,6 +103,14 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
>  		return 0;
>  	}
>  
> +	memcpy(auth.u.gsm.ki, ainfo.a3a8_ki, sizeof(auth.u.gsm.ki));
> +
> +	if (osmo_auth_gen_vec(vec, &auth, atuple->rand) < 0)
> +		return -1;
> +
> +	memcpy(atuple->sres, vec->sres, 4);
> +	memcpy(atuple->kc, vec->kc, 8);
> +
>          db_sync_lastauthtuple_for_subscr(atuple, subscr);
>  
>  	DEBUGP(DMM, "Need to do authentication and ciphering\n");
> 


-- 
best regards,
Max, http://fairwaves.co




More information about the OpenBSC mailing list