diff options
author | Vadim Yanitskiy <vyanitskiy@sysmocom.de> | 2020-08-31 19:10:39 +0700 |
---|---|---|
committer | laforge <laforge@osmocom.org> | 2020-09-18 08:41:57 +0000 |
commit | ecaf5faa7994379319980313b5ce15d3c12db86e (patch) | |
tree | 35545ad24ceff1fc7a84a1be29124819a526c315 | |
parent | 7da6ace594cf24ee0015b0c0ec5404ccdbe59b6c (diff) |
gsm0808: fix: do not encode invalid encryption algorithm
According to 3GPP TS 48.008, section 3.2.2.44, the Chosen Encryption
Algorithm IE, which may be included in the following messages:
- 3.2.1.2 ASSIGNMENT COMPLETE
- 3.2.1.8 HANDOVER REQUEST
- 3.2.1.10 HANDOVER REQUEST ACKNOWLEDGE
- 3.2.1.12 HANDOVER COMPLETE
- 3.2.1.25 HANDOVER PERFORMED
- 3.2.1.31 CIPHER MODE COMPLETE
is coded as follows:
0000 0001 No encryption used
0000 0010 GSM A5/1
0000 0011 GSM A5/2
0000 0100 GSM A5/3
0000 0101 GSM A5/4
0000 0110 GSM A5/5
0000 0111 GSM A5/6
0000 1000 GSM A5/7
basically A5/X => X + 1. All other values are Reserved for future
international use. As can be seen, value 0x00 is RFU. Passing
this value to some encoding functions would result in a PDU with
this IE omitted. Although, some functions would still encode
Chosen Encryption Algorithm IE with this RFU value.
Let's ensure that all functions behave consistently.
Change-Id: If10e433a8174eabe6aa6d2c2937bf9cf5d14d7c9
-rw-r--r-- | src/gsm/gsm0808.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/src/gsm/gsm0808.c b/src/gsm/gsm0808.c index 85f5cfc9..53220617 100644 --- a/src/gsm/gsm0808.c +++ b/src/gsm/gsm0808.c @@ -283,8 +283,9 @@ struct msgb *gsm0808_create_cipher_complete(struct msgb *layer3, uint8_t alg_id) msgb_l3len(layer3), layer3->l3h); } - /* and the optional BSS message */ - msgb_tv_put(msg, GSM0808_IE_CHOSEN_ENCR_ALG, alg_id); + /* Optional Chosen Encryption Algorithm IE */ + if (alg_id > 0) + msgb_tv_put(msg, GSM0808_IE_CHOSEN_ENCR_ALG, alg_id); /* pre-pend the header */ msg->l3h = msgb_tv_push(msg, BSSAP_MSG_BSS_MANAGEMENT, msgb_length(msg)); @@ -603,7 +604,8 @@ struct msgb *gsm0808_create_ass_compl2(uint8_t rr_cause, uint8_t chosen_channel, msgb_tv_put(msg, GSM0808_IE_CHOSEN_CHANNEL, chosen_channel); /* write chosen encryption algorithm 3.2.2.44 */ - msgb_tv_put(msg, GSM0808_IE_CHOSEN_ENCR_ALG, encr_alg_id); + if (encr_alg_id > 0) + msgb_tv_put(msg, GSM0808_IE_CHOSEN_ENCR_ALG, encr_alg_id); /* write circuit pool 3.2.2.45 */ /* write speech version chosen: 3.2.2.51 when BTS picked it */ @@ -964,7 +966,7 @@ struct msgb *gsm0808_create_handover_request(const struct gsm0808_handover_reque } /* Chosen Encryption Algorithm (Serving) 3.2.2.44 */ - if (params->chosen_encryption_algorithm_serving) + if (params->chosen_encryption_algorithm_serving > 0) msgb_tv_put(msg, GSM0808_IE_CHOSEN_ENCR_ALG, params->chosen_encryption_algorithm_serving); /* Old BSS to New BSS Information 3.2.2.58 */ @@ -1027,7 +1029,7 @@ struct msgb *gsm0808_create_handover_request_ack2(const struct gsm0808_handover_ if (params->chosen_channel_present) msgb_tv_put(msg, GSM0808_IE_CHOSEN_CHANNEL, params->chosen_channel); - if (params->chosen_encr_alg) + if (params->chosen_encr_alg > 0) msgb_tv_put(msg, GSM0808_IE_CHOSEN_ENCR_ALG, params->chosen_encr_alg); if (params->chosen_speech_version != 0) @@ -1157,7 +1159,7 @@ struct msgb *gsm0808_create_handover_complete(const struct gsm0808_handover_comp gsm0808_enc_speech_codec_list(msg, ¶ms->codec_list_bss_supported); /* Chosen Encryption Algorithm 3.2.2.44 */ - if (params->chosen_encr_alg_present) + if (params->chosen_encr_alg_present && params->chosen_encr_alg > 0) msgb_tv_put(msg, GSM0808_IE_CHOSEN_ENCR_ALG, params->chosen_encr_alg); /* LCLS-BSS-Status 3.2.2.119 */ @@ -1225,7 +1227,7 @@ struct msgb *gsm0808_create_handover_performed(const struct gsm0808_handover_per msgb_tv_put(msg, GSM0808_IE_CHOSEN_CHANNEL, params->chosen_channel); /* Chosen Encryption Algorithm 3.2.2.44 */ - if (params->chosen_encr_alg_present) + if (params->chosen_encr_alg_present && params->chosen_encr_alg > 0) msgb_tv_put(msg, GSM0808_IE_CHOSEN_ENCR_ALG, params->chosen_encr_alg); /* Speech Version (chosen) 3.2.2.51 */ |