| Message ID | 1413541198-18547-1-git-send-email-max.suraev@fairwaves.co |
|---|---|
| State | Accepted |
| Headers | show |
Just realized that this long time ago published patch s not visible at patchwork. I'd appreciate help with testing it against sim cards using xor - don't have any at hands. 17.10.2014 12:19, Max пишет: > Signed-off-by: Max <max.suraev@fairwaves.co> > --- > openbsc/src/libmsc/auth.c | 69 +++++++++++++++++++---------------------------- > 1 file changed, 28 insertions(+), 41 deletions(-) > > diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c > index 10d8edf..d04b2fc 100644 > --- a/openbsc/src/libmsc/auth.c > +++ b/openbsc/src/libmsc/auth.c > @@ -24,47 +24,11 @@ > #include <openbsc/debug.h> > #include <openbsc/auth.h> > #include <openbsc/gsm_data.h> > - > -#include <osmocom/gsm/comp128.h> > +#include <osmocom/crypt/auth.h> > > #include <stdlib.h> > > > -static int > -_use_xor(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple) > -{ > - int i, l = ainfo->a3a8_ki_len; > - > - if ((l > A38_XOR_MAX_KEY_LEN) || (l < A38_XOR_MIN_KEY_LEN)) { > - LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n", > - ainfo->a3a8_ki_len, > - osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len)); > - return -1; > - } > - > - for (i=0; i<4; i++) > - atuple->sres[i] = atuple->rand[i] ^ ainfo->a3a8_ki[i]; > - for (i=4; i<12; i++) > - atuple->kc[i-4] = atuple->rand[i] ^ ainfo->a3a8_ki[i]; > - > - return 0; > -} > - > -static int > -_use_comp128_v1(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple) > -{ > - if (ainfo->a3a8_ki_len != A38_COMP128_KEY_LEN) { > - LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n", > - ainfo->a3a8_ki_len, > - osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len)); > - return -1; > - } > - > - comp128(ainfo->a3a8_ki, atuple->rand, atuple->sres, atuple->kc); > - > - return 0; > -} > - > /* Return values > * -1 -> Internal error > * 0 -> Not available > @@ -76,6 +40,11 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, > { > struct gsm_auth_info ainfo; > int i, rc; > + static struct osmo_sub_auth_data auth = { > + .type = OSMO_AUTH_TYPE_GSM > + }; > + struct osmo_auth_vector _vec; > + struct osmo_auth_vector *vec = &_vec; > > /* Get subscriber info (if any) */ > rc = db_get_authinfo_for_subscr(&ainfo, subscr); > @@ -109,13 +78,23 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, > return 0; > > case AUTH_ALGO_XOR: > - if (_use_xor(&ainfo, atuple)) > - return 0; > + auth.algo = OSMO_AUTH_ALG_XOR; > + if ((ainfo.a3a8_ki_len > A38_XOR_MAX_KEY_LEN) || (ainfo.a3a8_ki_len < A38_XOR_MIN_KEY_LEN)) { > + LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n", > + ainfo.a3a8_ki_len, > + osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len)); > + return -1; > + } > break; > > case AUTH_ALGO_COMP128v1: > - if (_use_comp128_v1(&ainfo, atuple)) > - return 0; > + auth.algo = OSMO_AUTH_ALG_COMP128v1; > + if (ainfo.a3a8_ki_len != A38_COMP128_KEY_LEN) { > + LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n", > + ainfo.a3a8_ki_len, > + osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len)); > + return -1; > + } > break; > > default: > @@ -124,6 +103,14 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, > return 0; > } > > + memcpy(auth.u.gsm.ki, ainfo.a3a8_ki, sizeof(auth.u.gsm.ki)); > + > + if (osmo_auth_gen_vec(vec, &auth, atuple->rand) < 0) > + return -1; > + > + memcpy(atuple->sres, vec->sres, 4); > + memcpy(atuple->kc, vec->kc, 8); > + > db_sync_lastauthtuple_for_subscr(atuple, subscr); > > DEBUGP(DMM, "Need to do authentication and ciphering\n"); >
> On 17 Oct 2014, at 12:31, ☎ <Max.Suraev@fairwaves.co> wrote: Dear Max, > Just realized that this long time ago published patch s not visible at patchwork. > I'd appreciate help with testing it against sim cards using xor - don't have any at > hands. okay this is still needed to be applied. Could you please re-base and re-send the patch? sorry for the delay. holger
Pardon for delay - got deadline at my back :) I've just tried the patch from http://patchwork.ozlabs.org/patch/400499/ and it applies cleanly to the latest git, all the tests pass. Why do we need to rebase it? What kind of warnings/test failures have you hit with this patch? 17.05.2015 19:12, Holger Freyther пишет: > >> On 17 Oct 2014, at 12:31, ☎ <Max.Suraev@fairwaves.co> wrote: > > > Dear Max, > >> Just realized that this long time ago published patch s not visible at patchwork. >> I'd appreciate help with testing it against sim cards using xor - don't have any at >> hands. > > okay this is still needed to be applied. Could you please re-base and re-send > the patch? sorry for the delay. > > holger >
diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c index 10d8edf..d04b2fc 100644 --- a/openbsc/src/libmsc/auth.c +++ b/openbsc/src/libmsc/auth.c @@ -24,47 +24,11 @@ #include <openbsc/debug.h> #include <openbsc/auth.h> #include <openbsc/gsm_data.h> - -#include <osmocom/gsm/comp128.h> +#include <osmocom/crypt/auth.h> #include <stdlib.h> -static int -_use_xor(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple) -{ - int i, l = ainfo->a3a8_ki_len; - - if ((l > A38_XOR_MAX_KEY_LEN) || (l < A38_XOR_MIN_KEY_LEN)) { - LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n", - ainfo->a3a8_ki_len, - osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len)); - return -1; - } - - for (i=0; i<4; i++) - atuple->sres[i] = atuple->rand[i] ^ ainfo->a3a8_ki[i]; - for (i=4; i<12; i++) - atuple->kc[i-4] = atuple->rand[i] ^ ainfo->a3a8_ki[i]; - - return 0; -} - -static int -_use_comp128_v1(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple) -{ - if (ainfo->a3a8_ki_len != A38_COMP128_KEY_LEN) { - LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n", - ainfo->a3a8_ki_len, - osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len)); - return -1; - } - - comp128(ainfo->a3a8_ki, atuple->rand, atuple->sres, atuple->kc); - - return 0; -} - /* Return values * -1 -> Internal error * 0 -> Not available @@ -76,6 +40,11 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, { struct gsm_auth_info ainfo; int i, rc; + static struct osmo_sub_auth_data auth = { + .type = OSMO_AUTH_TYPE_GSM + }; + struct osmo_auth_vector _vec; + struct osmo_auth_vector *vec = &_vec; /* Get subscriber info (if any) */ rc = db_get_authinfo_for_subscr(&ainfo, subscr); @@ -109,13 +78,23 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, return 0; case AUTH_ALGO_XOR: - if (_use_xor(&ainfo, atuple)) - return 0; + auth.algo = OSMO_AUTH_ALG_XOR; + if ((ainfo.a3a8_ki_len > A38_XOR_MAX_KEY_LEN) || (ainfo.a3a8_ki_len < A38_XOR_MIN_KEY_LEN)) { + LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n", + ainfo.a3a8_ki_len, + osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len)); + return -1; + } break; case AUTH_ALGO_COMP128v1: - if (_use_comp128_v1(&ainfo, atuple)) - return 0; + auth.algo = OSMO_AUTH_ALG_COMP128v1; + if (ainfo.a3a8_ki_len != A38_COMP128_KEY_LEN) { + LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n", + ainfo.a3a8_ki_len, + osmo_hexdump(ainfo.a3a8_ki, ainfo.a3a8_ki_len)); + return -1; + } break; default: @@ -124,6 +103,14 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, return 0; } + memcpy(auth.u.gsm.ki, ainfo.a3a8_ki, sizeof(auth.u.gsm.ki)); + + if (osmo_auth_gen_vec(vec, &auth, atuple->rand) < 0) + return -1; + + memcpy(atuple->sres, vec->sres, 4); + memcpy(atuple->kc, vec->kc, 8); + db_sync_lastauthtuple_for_subscr(atuple, subscr); DEBUGP(DMM, "Need to do authentication and ciphering\n");
Signed-off-by: Max <max.suraev@fairwaves.co> --- openbsc/src/libmsc/auth.c | 69 +++++++++++++++++++---------------------------- 1 file changed, 28 insertions(+), 41 deletions(-)