From 82cfa3945c35be251dff168260d30756bc3d60db Mon Sep 17 00:00:00 2001 From: Vadim Yanitskiy Date: Fri, 12 Jan 2018 03:13:33 +0600 Subject: libmsc: add support for both comp128v2 and comp128v3 This change adds support for both comp128v2 and comp128v3 GSM A3/A8 algorithms. Since they already implemented in libosmocore, the corresponding it's API is used. Change-Id: Ic761be0220397d100c9e6345d4d01af4889dc7c1 --- openbsc/include/openbsc/gsm_data.h | 2 ++ openbsc/src/libmsc/auth.c | 26 +++++++++++++++++++++++--- openbsc/src/libmsc/ctrl_commands.c | 8 ++++++++ openbsc/src/libmsc/vty_interface_layer3.c | 12 ++++++++++-- openbsc/tests/ctrl_test_runner.py | 10 ++++++++++ 5 files changed, 53 insertions(+), 5 deletions(-) diff --git a/openbsc/include/openbsc/gsm_data.h b/openbsc/include/openbsc/gsm_data.h index 57fa30173..39c7458ca 100644 --- a/openbsc/include/openbsc/gsm_data.h +++ b/openbsc/include/openbsc/gsm_data.h @@ -54,6 +54,8 @@ enum gsm_auth_algo { AUTH_ALGO_NONE, AUTH_ALGO_XOR, AUTH_ALGO_COMP128v1, + AUTH_ALGO_COMP128v2, + AUTH_ALGO_COMP128v3, }; struct gsm_auth_info { diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c index 19def1ec1..8c8af11c6 100644 --- a/openbsc/src/libmsc/auth.c +++ b/openbsc/src/libmsc/auth.c @@ -25,6 +25,7 @@ #include #include +#include #include #include @@ -62,7 +63,8 @@ _use_xor(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple) } static int -_use_comp128_v1(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple) +_use_comp128(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple, + enum gsm_auth_algo algo) { if (ainfo->a3a8_ki_len != A38_COMP128_KEY_LEN) { LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n", @@ -71,7 +73,23 @@ _use_comp128_v1(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple) return -1; } - comp128(ainfo->a3a8_ki, atuple->vec.rand, atuple->vec.sres, atuple->vec.kc); + switch (algo) { + case AUTH_ALGO_COMP128v1: + comp128(ainfo->a3a8_ki, atuple->vec.rand, + atuple->vec.sres, atuple->vec.kc); + break; + case AUTH_ALGO_COMP128v2: + comp128v2(ainfo->a3a8_ki, atuple->vec.rand, + atuple->vec.sres, atuple->vec.kc); + break; + case AUTH_ALGO_COMP128v3: + comp128v3(ainfo->a3a8_ki, atuple->vec.rand, + atuple->vec.sres, atuple->vec.kc); + break; + default: + /* Unsupported version */ + return -ENOTSUP; + } return 0; } @@ -139,7 +157,9 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, break; case AUTH_ALGO_COMP128v1: - if (_use_comp128_v1(&ainfo, atuple)) + case AUTH_ALGO_COMP128v2: + case AUTH_ALGO_COMP128v3: + if (_use_comp128(&ainfo, atuple, ainfo.auth_algo)) return AUTH_NOT_AVAIL; break; diff --git a/openbsc/src/libmsc/ctrl_commands.c b/openbsc/src/libmsc/ctrl_commands.c index c99dde44c..8e4e8b634 100644 --- a/openbsc/src/libmsc/ctrl_commands.c +++ b/openbsc/src/libmsc/ctrl_commands.c @@ -41,6 +41,10 @@ static bool alg_supported(const char *alg) return true; if (strcasecmp(alg, "comp128v1") == 0) return true; + if (strcasecmp(alg, "comp128v2") == 0) + return true; + if (strcasecmp(alg, "comp128v3") == 0) + return true; return false; } @@ -118,6 +122,10 @@ static int set_subscriber_modify(struct ctrl_cmd *cmd, void *data) ainfo.auth_algo = AUTH_ALGO_XOR; else if (strcasecmp(alg, "comp128v1") == 0) ainfo.auth_algo = AUTH_ALGO_COMP128v1; + else if (strcasecmp(alg, "comp128v2") == 0) + ainfo.auth_algo = AUTH_ALGO_COMP128v2; + else if (strcasecmp(alg, "comp128v3") == 0) + ainfo.auth_algo = AUTH_ALGO_COMP128v3; rc = osmo_hexparse(ki, ainfo.a3a8_ki, sizeof(ainfo.a3a8_ki)); if (rc < 0) { diff --git a/openbsc/src/libmsc/vty_interface_layer3.c b/openbsc/src/libmsc/vty_interface_layer3.c index b88c139b0..a97e1ece4 100644 --- a/openbsc/src/libmsc/vty_interface_layer3.c +++ b/openbsc/src/libmsc/vty_interface_layer3.c @@ -775,11 +775,13 @@ DEFUN(ena_subscr_handover, return CMD_SUCCESS; } -#define A3A8_ALG_TYPES "(none|xor|comp128v1)" +#define A3A8_ALG_TYPES "(none|xor|comp128v1|comp128v2|comp128v3)" #define A3A8_ALG_HELP \ "Use No A3A8 algorithm\n" \ "Use XOR algorithm\n" \ - "Use COMP128v1 algorithm\n" + "Use COMP128v1 algorithm\n" \ + "Use COMP128v2 algorithm\n" \ + "Use COMP128v3 algorithm\n" DEFUN(ena_subscr_a3a8, ena_subscr_a3a8_cmd, @@ -811,6 +813,12 @@ DEFUN(ena_subscr_a3a8, } else if (!strcasecmp(alg_str, "comp128v1")) { ainfo.auth_algo = AUTH_ALGO_COMP128v1; minlen = maxlen = A38_COMP128_KEY_LEN; + } else if (!strcasecmp(alg_str, "comp128v2")) { + ainfo.auth_algo = AUTH_ALGO_COMP128v2; + minlen = maxlen = A38_COMP128_KEY_LEN; + } else if (!strcasecmp(alg_str, "comp128v3")) { + ainfo.auth_algo = AUTH_ALGO_COMP128v3; + minlen = maxlen = A38_COMP128_KEY_LEN; } else { /* Unknown method */ subscr_put(subscr); diff --git a/openbsc/tests/ctrl_test_runner.py b/openbsc/tests/ctrl_test_runner.py index fb6902705..b63dd27ad 100644 --- a/openbsc/tests/ctrl_test_runner.py +++ b/openbsc/tests/ctrl_test_runner.py @@ -496,6 +496,16 @@ class TestCtrlNITB(TestCtrlBase): self.assertEquals(r['var'], 'subscriber-modify-v1') self.assertEquals(r['value'], 'OK') + r = self.do_set('subscriber-modify-v1', '2620345,445566,comp128v2,00112233445566778899AABBCCDDEEFF') + self.assertEquals(r['mtype'], 'SET_REPLY') + self.assertEquals(r['var'], 'subscriber-modify-v1') + self.assertEquals(r['value'], 'OK') + + r = self.do_set('subscriber-modify-v1', '2620345,445566,comp128v3,00112233445566778899AABBCCDDEEFF') + self.assertEquals(r['mtype'], 'SET_REPLY') + self.assertEquals(r['var'], 'subscriber-modify-v1') + self.assertEquals(r['value'], 'OK') + r = self.do_set('subscriber-modify-v1', '2620345,445566,none') self.assertEquals(r['mtype'], 'SET_REPLY') self.assertEquals(r['var'], 'subscriber-modify-v1') -- cgit v1.2.3