diff options
author | Harald Welte <laforge@gnumonks.org> | 2017-12-23 19:30:32 +0100 |
---|---|---|
committer | Harald Welte <laforge@gnumonks.org> | 2018-01-28 00:09:42 +0000 |
commit | 7b222aa1062aae786c92ea649d945ae8d86bbba2 (patch) | |
tree | cd6429a67e8d31508ef7eb2b3201bf3524cd7208 /tests | |
parent | 71c51df07dfbc60cb41cb43385576a9d89c0c269 (diff) |
Permit a set of multiple different A5 ciphers
So far, the administrator had to pick one particular cipher which
would then be used throughout all subscribers/phones. This is a bit
impractical, as e.g. not all phones support A5/3. Extend the VTY
command syntax in a backwards-compatible way to permit for multiple
ciphers.
NOTE: Like the previous code, OsmoMSC does *not yet check* whether
the configured cipher is compatible with the MS capabilities as
reported in CLASSMARK! The network hence might choose an algorithm
not supported by the phone. Fixing this is subject to another patch.
Closes: OS#2460
Change-Id: I79a4e2892eb5fbecc3d84e11dceffb7149db264b
Diffstat (limited to 'tests')
-rw-r--r-- | tests/msc_vlr/msc_vlr_test_gsm_ciph.c | 10 | ||||
-rw-r--r-- | tests/msc_vlr/msc_vlr_test_gsm_ciph.err | 18 | ||||
-rw-r--r-- | tests/msc_vlr/msc_vlr_tests.c | 6 |
3 files changed, 17 insertions, 17 deletions
diff --git a/tests/msc_vlr/msc_vlr_test_gsm_ciph.c b/tests/msc_vlr/msc_vlr_test_gsm_ciph.c index e0bd9673a..42e620a7b 100644 --- a/tests/msc_vlr/msc_vlr_test_gsm_ciph.c +++ b/tests/msc_vlr/msc_vlr_test_gsm_ciph.c @@ -31,7 +31,7 @@ void test_ciph() comment_start(); /* implicit: net->authentication_required = true; */ - net->a5_encryption = VLR_CIPH_A5_1; + net->a5_encryption_mask = (1 << 1); btw("Location Update request causes a GSUP Send Auth Info request to HLR"); lu_result_sent = RES_NONE; @@ -243,7 +243,7 @@ void test_ciph_tmsi() comment_start(); /* implicit: net->authentication_required = true; */ - net->a5_encryption = VLR_CIPH_A5_1; + net->a5_encryption_mask = (1 << 1); net->vlr->cfg.assign_tmsi = true; btw("Location Update request causes a GSUP Send Auth Info request to HLR"); @@ -482,7 +482,7 @@ void test_ciph_imei() comment_start(); /* implicit: net->authentication_required = true; */ - net->a5_encryption = VLR_CIPH_A5_1; + net->a5_encryption_mask = (1 << 1); net->vlr->cfg.check_imei_rqd = true; btw("Location Update request causes a GSUP Send Auth Info request to HLR"); @@ -584,7 +584,7 @@ void test_ciph_imeisv() comment_start(); /* implicit: net->authentication_required = true; */ - net->a5_encryption = VLR_CIPH_A5_1; + net->a5_encryption_mask = (1 << 1); net->vlr->cfg.retrieve_imeisv_ciphered = true; btw("Location Update request causes a GSUP Send Auth Info request to HLR"); @@ -682,7 +682,7 @@ void test_ciph_tmsi_imei() comment_start(); /* implicit: net->authentication_required = true; */ - net->a5_encryption = VLR_CIPH_A5_1; + net->a5_encryption_mask = (1 << 1); net->vlr->cfg.assign_tmsi = true; net->vlr->cfg.check_imei_rqd = true; diff --git a/tests/msc_vlr/msc_vlr_test_gsm_ciph.err b/tests/msc_vlr/msc_vlr_test_gsm_ciph.err index 0e9d99613..cb9091cfc 100644 --- a/tests/msc_vlr/msc_vlr_test_gsm_ciph.err +++ b/tests/msc_vlr/msc_vlr_test_gsm_ciph.err @@ -62,7 +62,7 @@ DVLR VLR_Authenticate(901700000004620){VLR_SUB_AS_AUTHENTICATED}: Deallocated DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: Received Event VLR_ULA_E_AUTH_RES DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: vlr_loc_upd_post_auth() DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: Set Ciphering Mode -- sending Ciphering Mode Command for IMSI:901700000004620: cipher=VLR_CIPH_A5_1 kc=61855fb81fc2a800 retrieve_imeisv=0 +- sending Ciphering Mode Command for IMSI:901700000004620: ciphers=0x02 kc=61855fb81fc2a800 retrieve_imeisv=0 DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: state_chg to VLR_ULA_S_WAIT_CIPH DMM IMSI:901700000004620: bump: conn still being established (SUBSCR_CONN_S_NEW) DREF IMSI:901700000004620: MSC conn use - dtap == 1 (0x4) @@ -225,7 +225,7 @@ DVLR Process_Access_Request_VLR(901700000004620){PR_ARQ_S_WAIT_AUTH}: Received E DVLR Process_Access_Request_VLR(901700000004620){PR_ARQ_S_WAIT_AUTH}: got VLR_AUTH_RES_PASSED DVLR Process_Access_Request_VLR(901700000004620){PR_ARQ_S_WAIT_AUTH}: _proc_arq_vlr_node2() DVLR Process_Access_Request_VLR(901700000004620){PR_ARQ_S_WAIT_AUTH}: Set Ciphering Mode -- sending Ciphering Mode Command for MSISDN:46071: cipher=VLR_CIPH_A5_1 kc=07fa7502e07e1c00 retrieve_imeisv=0 +- sending Ciphering Mode Command for MSISDN:46071: ciphers=0x02 kc=07fa7502e07e1c00 retrieve_imeisv=0 DVLR Process_Access_Request_VLR(901700000004620){PR_ARQ_S_WAIT_AUTH}: state_chg to PR_ARQ_S_WAIT_CIPH DMM MSISDN:46071: bump: conn still being established (SUBSCR_CONN_S_NEW) DREF MSISDN:46071: MSC conn use - dtap == 1 (0x4) @@ -370,7 +370,7 @@ DVLR Process_Access_Request_VLR(901700000004620){PR_ARQ_S_WAIT_AUTH}: Received E DVLR Process_Access_Request_VLR(901700000004620){PR_ARQ_S_WAIT_AUTH}: got VLR_AUTH_RES_PASSED DVLR Process_Access_Request_VLR(901700000004620){PR_ARQ_S_WAIT_AUTH}: _proc_arq_vlr_node2() DVLR Process_Access_Request_VLR(901700000004620){PR_ARQ_S_WAIT_AUTH}: Set Ciphering Mode -- sending Ciphering Mode Command for MSISDN:46071: cipher=VLR_CIPH_A5_1 kc=e2b234f807886400 retrieve_imeisv=0 +- sending Ciphering Mode Command for MSISDN:46071: ciphers=0x02 kc=e2b234f807886400 retrieve_imeisv=0 DVLR Process_Access_Request_VLR(901700000004620){PR_ARQ_S_WAIT_AUTH}: state_chg to PR_ARQ_S_WAIT_CIPH DMM MSISDN:46071: bump: conn still being established (SUBSCR_CONN_S_NEW) DREF MSISDN:46071: MSC conn use - dtap == 1 (0x4) @@ -547,7 +547,7 @@ DVLR VLR_Authenticate(901700000004620){VLR_SUB_AS_AUTHENTICATED}: Deallocated DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: Received Event VLR_ULA_E_AUTH_RES DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: vlr_loc_upd_post_auth() DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: Set Ciphering Mode -- sending Ciphering Mode Command for IMSI:901700000004620: cipher=VLR_CIPH_A5_1 kc=61855fb81fc2a800 retrieve_imeisv=0 +- sending Ciphering Mode Command for IMSI:901700000004620: ciphers=0x02 kc=61855fb81fc2a800 retrieve_imeisv=0 DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: state_chg to VLR_ULA_S_WAIT_CIPH DMM IMSI:901700000004620: bump: conn still being established (SUBSCR_CONN_S_NEW) DREF IMSI:901700000004620: MSC conn use - dtap == 1 (0x4) @@ -747,7 +747,7 @@ DVLR Process_Access_Request_VLR(50462976){PR_ARQ_S_WAIT_AUTH}: Received Event PR DVLR Process_Access_Request_VLR(50462976){PR_ARQ_S_WAIT_AUTH}: got VLR_AUTH_RES_PASSED DVLR Process_Access_Request_VLR(50462976){PR_ARQ_S_WAIT_AUTH}: _proc_arq_vlr_node2() DVLR Process_Access_Request_VLR(50462976){PR_ARQ_S_WAIT_AUTH}: Set Ciphering Mode -- sending Ciphering Mode Command for MSISDN:46071: cipher=VLR_CIPH_A5_1 kc=07fa7502e07e1c00 retrieve_imeisv=0 +- sending Ciphering Mode Command for MSISDN:46071: ciphers=0x02 kc=07fa7502e07e1c00 retrieve_imeisv=0 DVLR Process_Access_Request_VLR(50462976){PR_ARQ_S_WAIT_AUTH}: state_chg to PR_ARQ_S_WAIT_CIPH DMM MSISDN:46071: bump: conn still being established (SUBSCR_CONN_S_NEW) DREF MSISDN:46071: MSC conn use - dtap == 1 (0x4) @@ -892,7 +892,7 @@ DVLR Process_Access_Request_VLR(50462976){PR_ARQ_S_WAIT_AUTH}: Received Event PR DVLR Process_Access_Request_VLR(50462976){PR_ARQ_S_WAIT_AUTH}: got VLR_AUTH_RES_PASSED DVLR Process_Access_Request_VLR(50462976){PR_ARQ_S_WAIT_AUTH}: _proc_arq_vlr_node2() DVLR Process_Access_Request_VLR(50462976){PR_ARQ_S_WAIT_AUTH}: Set Ciphering Mode -- sending Ciphering Mode Command for MSISDN:46071: cipher=VLR_CIPH_A5_1 kc=e2b234f807886400 retrieve_imeisv=0 +- sending Ciphering Mode Command for MSISDN:46071: ciphers=0x02 kc=e2b234f807886400 retrieve_imeisv=0 DVLR Process_Access_Request_VLR(50462976){PR_ARQ_S_WAIT_AUTH}: state_chg to PR_ARQ_S_WAIT_CIPH DMM MSISDN:46071: bump: conn still being established (SUBSCR_CONN_S_NEW) DREF MSISDN:46071: MSC conn use - dtap == 1 (0x4) @@ -1069,7 +1069,7 @@ DVLR VLR_Authenticate(901700000004620){VLR_SUB_AS_AUTHENTICATED}: Deallocated DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: Received Event VLR_ULA_E_AUTH_RES DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: vlr_loc_upd_post_auth() DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: Set Ciphering Mode -- sending Ciphering Mode Command for IMSI:901700000004620: cipher=VLR_CIPH_A5_1 kc=61855fb81fc2a800 retrieve_imeisv=0 +- sending Ciphering Mode Command for IMSI:901700000004620: ciphers=0x02 kc=61855fb81fc2a800 retrieve_imeisv=0 DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: state_chg to VLR_ULA_S_WAIT_CIPH DMM IMSI:901700000004620: bump: conn still being established (SUBSCR_CONN_S_NEW) DREF IMSI:901700000004620: MSC conn use - dtap == 1 (0x4) @@ -1290,7 +1290,7 @@ DVLR VLR_Authenticate(901700000004620){VLR_SUB_AS_AUTHENTICATED}: Deallocated DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: Received Event VLR_ULA_E_AUTH_RES DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: vlr_loc_upd_post_auth() DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: Set Ciphering Mode -- sending Ciphering Mode Command for IMSI:901700000004620: cipher=VLR_CIPH_A5_1 kc=61855fb81fc2a800 retrieve_imeisv=1 +- sending Ciphering Mode Command for IMSI:901700000004620: ciphers=0x02 kc=61855fb81fc2a800 retrieve_imeisv=1 DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: state_chg to VLR_ULA_S_WAIT_CIPH DMM IMSI:901700000004620: bump: conn still being established (SUBSCR_CONN_S_NEW) DREF IMSI:901700000004620: MSC conn use - dtap == 1 (0x4) @@ -1500,7 +1500,7 @@ DVLR VLR_Authenticate(901700000004620){VLR_SUB_AS_AUTHENTICATED}: Deallocated DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: Received Event VLR_ULA_E_AUTH_RES DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: vlr_loc_upd_post_auth() DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: Set Ciphering Mode -- sending Ciphering Mode Command for IMSI:901700000004620: cipher=VLR_CIPH_A5_1 kc=61855fb81fc2a800 retrieve_imeisv=0 +- sending Ciphering Mode Command for IMSI:901700000004620: ciphers=0x02 kc=61855fb81fc2a800 retrieve_imeisv=0 DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: state_chg to VLR_ULA_S_WAIT_CIPH DMM IMSI:901700000004620: bump: conn still being established (SUBSCR_CONN_S_NEW) DREF IMSI:901700000004620: MSC conn use - dtap == 1 (0x4) diff --git a/tests/msc_vlr/msc_vlr_tests.c b/tests/msc_vlr/msc_vlr_tests.c index b8553b64b..e4adfe078 100644 --- a/tests/msc_vlr/msc_vlr_tests.c +++ b/tests/msc_vlr/msc_vlr_tests.c @@ -333,7 +333,7 @@ void clear_vlr() } net->authentication_required = false; - net->a5_encryption = VLR_CIPH_NONE; + net->a5_encryption_mask = (1 << 0); net->vlr->cfg.check_imei_rqd = false; net->vlr->cfg.assign_tmsi = false; net->vlr->cfg.retrieve_imeisv_early = false; @@ -670,10 +670,10 @@ static int fake_vlr_tx_ciph_mode_cmd(void *msc_conn_ref, bool umts_aka, bool ret struct gsm_subscriber_connection *conn = msc_conn_ref; switch (conn->via_ran) { case RAN_GERAN_A: - btw("sending Ciphering Mode Command for %s: cipher=%s kc=%s" + btw("sending Ciphering Mode Command for %s: ciphers=0x%02x kc=%s" " retrieve_imeisv=%d", vlr_subscr_name(conn->vsub), - vlr_ciph_name(conn->network->a5_encryption), + conn->network->a5_encryption_mask, osmo_hexdump_nospc(conn->vsub->last_tuple->vec.kc, 8), retrieve_imeisv); break; |