Age | Commit message (Collapse) | Author | Files | Lines |
|
The TUAK algorithm is specified in 3GPP TS 35.231, 232 and 233 and
intended as an alternative to MILENAGE. It's based around the
cryptographic function of KeccakP1600, which is part of SHA-3.
This patch adds support for TUAK to the libosmogsm authentication
core API via 'struct osmo_auth_impl'.
Unit tests covering the test cases from the 3GPP specification are added
(and are all passing).
Change-Id: Ib905b8d8bdf248e8299bf50666ee1bca8298433d
|
|
3GPP specifies the C2 derivation function (generating GSM SRES from UMTS XRES)
independent of the MILENAGE algorithm. So instead of open-coding it in
milenage.c:gsm_milenage(), let's create a separate public function
osmo_auth_c2() similar to the already-existing osmo_auth_c3() function.
gsm_milenage() can then simply use that function.
Change-Id: I0e7cd55f5578f891cb6cc1b0442920ba5beddae4
|
|
There are 3G algorithms which support different lengths of RES values
(4, 8, 16 byte). For MILENAGE, we never really had to bother, as
the 4-byte RES is simply the first 4 bytes of the 8-byte RES.
However, for TUAK, the expected RES length is an input parameter to
the Keccak crypto functions, so the result of all parameters (including
CK, IK, ...) will be completely different for RES length 4 than RES
length 8.
So let's permit the caller of the osmocom auth API to specify the
requested RES length via the osmo_auth_vector.res_len parameter.
For backwards compatibility of callers of the old osmo_auth_gen_vec/
osmo_auth_gen_vec_auts API: Always force the res_len to 8 in this case,
which was the hard-coded length before this patch.
Change-Id: Ic662843fbe8b5c58e4af39ea630ad5ac13fd6bef
|
|
3GPP TS 33.102 Section 6.3.7 states that K can be 128 or 256 bits,
while our 'struct osmo_sub_auth_data' had a fixed-size 128bit field.
This means we cannot use our auth_core for algorithms with larger
key sizes, such as TUAK. Let's introduce osmo_sub_auth_data2 for
larger (and variable) sized K and OP[c].
K and OP[c] can even have different sizes in TUAK, where OP[c] is
always 256bit, but K can be 128 or 256 bits. So we need separate
length fields for K and OP[c].
I'm adding backwards-compatibility API wrappers, so old applications
just continue to work as they always did.
However, I'm not adding compatibility wrappers for the plug-in API
that can be used to register additional authentication implementations
at runtime. We don't know of any user of that API outside of
libosmocore, so the function signatures of the 'struct osmo_auth_impl'
are modified in an incompatible way.
Change-Id: Ie775fedba4a3fa12314c0f7c8a369662ef6a40df
|
|
Let's disambiguate. Our existing OSMO_AUTH_ALG_XOR was always only
the XOR-3G algorithm. Now that we recently introduced XOR-2G,
let's rename (with backwards compatibility #define).
Change-Id: I446e54d0ddf4a18c46ee022b1249af73552e3ce1
|
|
We've so far only been supporting XOR-3G algorithm as specified
in TS 34.108 (in both 3G and 2G-derivation mode).
However, XOR-3G used for 2G auth is different from the XOR-2G algorithm
as defined in Annex A of TS 51.010-1. Let's add support for that one,
too.
Change-Id: I0ee0565382c1e4515d44ff9b1752685c0a66ae39
|
|
Remove the paragraph about writing to the Free Software Foundation's
mailing address. The FSF has changed addresses in the past, and may do
so again. In 2021 this is not useful, let's rather have a bit less
boilerplate at the start of source files.
Change-Id: I5050285e75cf120407a1d883e99b3c4bcae8ffd7
|
|
Add corresponding spec. references and comments where appropriate.
Change-Id: If5e2aad86eaecd8eada667b3488ba415d81c6312
|
|
To send a Ciphering Mode Command, we may need to derive a Kc from UMTS AKA
tokens. gsm_milenage() derives Kc from 3G tokens, but also derives an SRES.
For SRES, it requires an OPC, which may need to be derived from OP first. All
we need is a Kc, so we could feed a zero OPC ... but to simplify the function
call for cases where just a Kc is required, separate the c3 function out from
gsm_milenage(), as osmo_auth_c3(). Obviously call osmo_auth_c3() from
gsm_milenage() (meaning that osmo-hlr's 55.205 derived auc tests still cover
exactly that implementation).
Prepares: If04e405426c55a81341747a9b450a69188525d5c (osmo-msc)
Related: OS#2745
Change-Id: I85a1d6ae95ad9e5ce9524ef7fc06414848afc2aa
|
|
Do not attempt to load auth plugins - this does not make sense on
embedded target anyway.
Change-Id: Ie92d2eea21e19e499b3f3bb4d5a82e31fbbea3f0
|
|
Let's fix some erroneous/accidential references to wrong license,
update copyright information where applicable and introduce a
SPDX-License-Identifier to all files.
Change-Id: I39af26c6aaaf5c926966391f6565fc5936be21af
|
|
Add osmo_sub_auth_type_names[] and osmo_sub_auth_type_name().
Also add a hint to enum osmo_auth_algo's API doc that osmo_auth_alg_name()
already exists (it is defined further below).
Change-Id: I652a929bcd11c694d86812fb03d0a1cbd985efda
|
|
Considering the various styles and implications found in the sources, edit
scores of files to follow the same API doc guidelines around the doxygen
grouping and the \file tag.
Many files now show a short description in the generated API doc that was so
far only available as C comment.
The guidelines and reasoning behind it is documented at
https://osmocom.org/projects/cellular-infrastructure/wiki/Guidelines_for_API_documentation
In some instances, remove file comments and add to the corresponding group
instead, to be shared among several files (e.g. bitvec).
Change-Id: Ifa70e77e90462b5eb2b0457c70fd25275910c72b
|
|
Especially for short descriptions, it is annoying to have to type \brief for
every single API doc.
Drop all \brief and enable the AUTOBRIEF feature of doxygen, which always takes
the first sentence of an API doc as the brief description.
Change-Id: I11a8a821b065a128108641a2a63fb5a2b1916e87
|
|
It's a pity that even with this patch we still are fare away from having
the whole API documented. However, at least we have a more solid
foundation. Updates not only extend the documentation, but also make
sure it is rendered properly in the doxygen HTML.
Change-Id: I1344bd1a6869fb00de7c1899a8db93bba9bafce3
|
|
sections: ctrl, gb, gsm, vty
Change-Id: Iac211b5cd8504da36b699777b95a2448dd7c3e70
|
|
Related: OS#1593
Change-Id: If943731a78089f0aac3d55245de80596d01314a4
|
|
milenage_gen_vec() has parameter ordering of (..., auts, rand_auts, rand).
osmo_auth_gen_vec_auts() has (..., rand_auts, auts, rand), but actually feeds
args in the same order, so that its rand_auts becomes auts, and its auts
becomes rand_auts.
Interestingly enough, API user osmo-gen-vec.c also adheres to this misordering
and in turn passes auts for osmo_auth_gen_vec_auts()'s rand_auts and vice
versa, so that it matches milenage_gen_vec().
So both the implementation (milenage_*) and the API user use the same ordering,
just osmo_auth_gen_vec_auts() and osmo_auth_impl{ .gen_vec_auts() } in-between
have the argument names swapped.
Any current user of this API would need to adhere to this swapping or will not
get successful AUTS resolution to a SQN. So the least impact fix is to rename
the args without any actual functional change.
So swap the names rand_auts and auts for osmo_auth_gen_vec_auts() and
osmo_auth_impl{ .gen_vec_auts() }. (Also adjust API doc ordering)
Change-Id: I0dcbd49759fc32d3b8974102dbd1d6703364ebf4
|
|
This function perform 64 -> 128 bit key expansion which useful for
converting between UMTS CK and GSM Kc, A5/3 and A5/4, GEA3 and GEA4
keys.
Change-Id: I5a6c6deef6027cd6af144c9062d4c9166be26904
Related: OS#1582
|
|
Add various missing \returns doxygen entries.
In osmo_auth_3g_from_2g(), also adjust two comment-closing instances to
match common style and add a period to end a sentence.
(The recent addition of osmo_auth_3g_from_2g() raised my attention, and I added
more return value docs while at it.)
Change-Id: Iea71eb666bc061acb6b14215f398bd38d17b3ad3
Reviewed-on: https://gerrit.osmocom.org/33
Tested-by: Jenkins Builder
Reviewed-by: Holger Freyther <holger@freyther.de>
|
|
This function performs the C5+C4 conversion to derive UMTS key
material from a 2G-only subscriber.
|
|
Doxygen generates quite a lot of warnings on libosmocore. Some of them
are obvious typos - this patch aims to fix such low-hanging fruit.
|
|
|
|
There is now a "libosmogsm.map" file containing an explicit list of
to-be-exported symbols. This should prevent us from leaking non-static
symbols into the global namespace.
A similar scheme should be adopted by all other osmocom libraries
|
|
|
|
|
|
|
|
... and add integration into the osmo_auth core.
|
|
Indiidual algorithms can be implemented as plugins. libosmogsm itself
only provides COMP128v1 via this generic interface.
|