diff options
| author | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2016-03-21 22:27:15 +0100 |
|---|---|---|
| committer | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2016-03-22 19:54:09 +0100 |
| commit | debb0e386871e64a769d7414b71bedec09d7e76a (patch) | |
| tree | 4c2dcaec7f22257e2d650ceacc5759805f5853f7 /openbsc/src/libmsc/gsm_04_08.c | |
| parent | d025a3cfbb53f690a4ebbd628cafda81c1b34bc7 (diff) | |
cscn: implement integrity protection
Upon authentication response, initiate integrity protection for Iu by sending a
Security Mode Command (IK), with hardcoded auth tuple so far.
Implement RANAP event handling to receive Security Mode Complete message,
adding stubs for the other events; in new files osmo-cscn/iucs_ranap.[hc] to
keep RANAP dependencies separate, and particularly out of libmsc.
Upon receiving Security Mode Complete, call the security operation callback
(conn->sec_operation->cb) to complete the Location Update.
Introduce enum integrity_protection_state constants to indicate integrity
protection, record in gsm_subscriber_conn.iu.integrity_protection.
Make subscr_conn_lookup_iu() non-static and declare in iu_cs.h to be able to
call from iucs_ranap.c's Security Mode Complete event.
Implement dummy iu_tx_sec_mode_cmd() to allow tests to build without RANAP
dependencies.
In cscn_main.c, call iucs_rx_ranap_event(), to populate the struct gsm_network
struct with cscn_network explicitly (don't share cscn_network across
compilation scopes because it's ugly).
Diffstat (limited to 'openbsc/src/libmsc/gsm_04_08.c')
| -rw-r--r-- | openbsc/src/libmsc/gsm_04_08.c | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/openbsc/src/libmsc/gsm_04_08.c b/openbsc/src/libmsc/gsm_04_08.c index a6010463b..801931f74 100644 --- a/openbsc/src/libmsc/gsm_04_08.c +++ b/openbsc/src/libmsc/gsm_04_08.c @@ -64,6 +64,7 @@ #include <osmocom/gsm/tlv.h> #include <openbsc/msc_ifaces.h> +#include <openbsc/iu.h> #include <assert.h> @@ -405,7 +406,7 @@ int gsm0408_authorize(struct gsm_subscriber_connection *conn) " no location update operation pending\n"); return 0; } - + if (authorize_subscriber(conn->loc_operation, conn->subscr)) return gsm48_secure_channel(conn, conn->loc_operation->key_seq, _gsm0408_authorize_sec_cb, NULL); @@ -1156,6 +1157,28 @@ static int gsm48_rx_mm_auth_resp(struct gsm_subscriber_connection *conn, struct return gsm0808_cipher_mode(conn, net->a5_encryption, conn->sec_operation->atuple.kc, 8, 0); + if (conn->via_iface == IFACE_IU + && !conn->iu.integrity_protection) { + LOGP(DIUCS, LOGL_DEBUG, + "Requesting integrity protection for %s\n", + subscr_name(conn->subscr)); + + /* send Security Mode Command (IK) to start integrity + * protection */ + + /* DEV HACK: hardcoded auth tuple */ + /* instead, employ auth_get_tuple_for_subscr() */ + struct gsm_auth_tuple tp; + tp = (struct gsm_auth_tuple) { + .key_seq = 0, + .rand = { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }, + .sres = { 0x61, 0xb5, 0x69, 0xf5 }, + .kc = { 0xd9, 0xd9, 0xc2, 0xed, 0x62, 0x7d, 0x68, 0x00 }, + }; + + return iu_tx_sec_mode_cmd(conn->iu.ue_ctx, &tp, 0); + } + /* Only authentication requested, and we're done. */ if (!cb) return 0; |