summaryrefslogtreecommitdiffstats
path: root/openbsc
diff options
context:
space:
mode:
authorNeels Hofmeyr <nhofmeyr@sysmocom.de>2016-04-12 15:15:35 +0200
committerNeels Hofmeyr <nhofmeyr@sysmocom.de>2016-04-20 11:23:00 +0200
commitc7fcdeb18e5782040aadc1533a5efb8ba6ca4d7a (patch)
treeffeea8c73624c997c72ef005013ecfc9b8356f58 /openbsc
parent3aa8b30bb36e976ceb4a62f4db1264d90270bc32 (diff)
IuCS auth: generate auth tuples, factor out
Factor out hardcoded-Ki and auth tuple creation into a static function. Add generation of fresh random bytes and generate a valid auth tuple so that the authentication token is different for every MM Auth.
Diffstat (limited to 'openbsc')
-rw-r--r--openbsc/src/libmsc/gsm_04_08.c43
1 files changed, 32 insertions, 11 deletions
diff --git a/openbsc/src/libmsc/gsm_04_08.c b/openbsc/src/libmsc/gsm_04_08.c
index e58f79a94..418a505b0 100644
--- a/openbsc/src/libmsc/gsm_04_08.c
+++ b/openbsc/src/libmsc/gsm_04_08.c
@@ -28,6 +28,7 @@
#include <errno.h>
#include <time.h>
#include <netinet/in.h>
+#include <openssl/rand.h>
#include "bscconfig.h"
@@ -62,6 +63,7 @@
#include <osmocom/core/msgb.h>
#include <osmocom/core/talloc.h>
#include <osmocom/gsm/tlv.h>
+#include <osmocom/crypt/auth.h>
#include <openbsc/msc_ifaces.h>
#include <openbsc/iu.h>
@@ -142,6 +144,33 @@ void allocate_security_operation(struct gsm_subscriber_connection *conn)
struct gsm_security_operation);
}
+int iu_hack__get_hardcoded_auth_tuple(struct gsm_auth_tuple *atuple)
+{
+ uint8_t tmp_rand[16];
+ struct osmo_auth_vector vec;
+ /* Ki 000102030405060708090a0b0c0d0e0f */
+ struct osmo_sub_auth_data auth = {
+ .type = OSMO_AUTH_TYPE_GSM,
+ .algo = OSMO_AUTH_ALG_COMP128v1,
+ .u.gsm.ki = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
+ 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d,
+ 0x0e, 0x0f
+ },
+ };
+
+ RAND_bytes(&tmp_rand, sizeof(tmp_rand));
+
+ memset(&vec, 0, sizeof(vec));
+ osmo_auth_gen_vec(&vec, &auth, tmp_rand);
+
+ atuple->key_seq = 0;
+ memcpy(&atuple->rand, &tmp_rand, sizeof(tmp_rand));
+ memcpy(&atuple->sres, &vec.sres, sizeof(vec.sres));
+ memcpy(&atuple->kc, &vec.kc, sizeof(vec.kc));
+ return AUTH_DO_AUTH;
+}
+
int gsm48_secure_channel(struct gsm_subscriber_connection *conn, int key_seq,
gsm_cbfn *cb, void *cb_data)
{
@@ -177,18 +206,10 @@ int gsm48_secure_channel(struct gsm_subscriber_connection *conn, int key_seq,
/* If not done yet, try to get info for this user */
if (status < 0) {
/* DEV HACK: hardcode keys for Iu */
- if (conn->via_iface == IFACE_IU) {
- /* Ki 000102030405060708090a0b0c0d0e0f */
- atuple = (struct gsm_auth_tuple ) {
- .key_seq = 0,
- .rand = { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 },
- .sres = { 0x61, 0xb5, 0x69, 0xf5 },
- .kc = { 0xd9, 0xd9, 0xc2, 0xed, 0x62, 0x7d, 0x68, 0x00 },
- };
- rc = AUTH_DO_AUTH;
- }
+ if (conn->via_iface == IFACE_IU)
+ rc = iu_hack__get_hardcoded_auth_tuple(&atuple);
else
- rc = auth_get_tuple_for_subscr(&atuple, subscr, key_seq);
+ rc = auth_get_tuple_for_subscr(&atuple, subscr, key_seq);
DEBUGP(DMM, "auth_get_tuple_for_subscr(%s) == %d\n",
subscr_name(subscr), rc);
if (rc <= 0) {