From e93c5e99b6e4ee57cf7884337cbe9e0e628a9613 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Tue, 21 Feb 2023 22:18:11 +0100 Subject: Implement the XOR-2G authentication algorithm We've so far only been supporting XOR-3G algorithm as specified in TS 34.108 (in both 3G and 2G-derivation mode). However, XOR-3G used for 2G auth is different from the XOR-2G algorithm as defined in Annex A of TS 51.010-1. Let's add support for that one, too. Change-Id: I0ee0565382c1e4515d44ff9b1752685c0a66ae39 --- include/osmocom/crypt/auth.h | 1 + src/gsm/Makefile.am | 2 +- src/gsm/auth_core.c | 1 + src/gsm/auth_xor_2g.c | 79 ++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 82 insertions(+), 1 deletion(-) create mode 100644 src/gsm/auth_xor_2g.c diff --git a/include/osmocom/crypt/auth.h b/include/osmocom/crypt/auth.h index c653b616..4af8ca8e 100644 --- a/include/osmocom/crypt/auth.h +++ b/include/osmocom/crypt/auth.h @@ -32,6 +32,7 @@ enum osmo_auth_algo { OSMO_AUTH_ALG_COMP128v3, OSMO_AUTH_ALG_XOR, OSMO_AUTH_ALG_MILENAGE, + OSMO_AUTH_ALG_XOR_2G, _OSMO_AUTH_ALG_NUM, }; diff --git a/src/gsm/Makefile.am b/src/gsm/Makefile.am index 798f11a6..cff089b5 100644 --- a/src/gsm/Makefile.am +++ b/src/gsm/Makefile.am @@ -26,7 +26,7 @@ libgsmint_la_SOURCES = a5.c rxlev_stat.c tlv_parser.c comp128.c comp128v23.c \ gprs_cipher_core.c gprs_rlc.c gsm0480.c abis_nm.c gsm0502.c \ gsm0411_utils.c gsm0411_smc.c gsm0411_smr.c gsm0414.c \ lapdm.c kasumi.c gsm29205.c gsm_04_08_gprs.c \ - auth_core.c auth_comp128v1.c auth_comp128v23.c auth_xor.c \ + auth_core.c auth_comp128v1.c auth_comp128v23.c auth_xor.c auth_xor_2g.c \ auth_milenage.c milenage/aes-encblock.c gea.c \ milenage/aes-internal.c milenage/aes-internal-enc.c \ milenage/milenage.c gan.c ipa.c gsm0341.c apn.c \ diff --git a/src/gsm/auth_core.c b/src/gsm/auth_core.c index f4508501..af03ace1 100644 --- a/src/gsm/auth_core.c +++ b/src/gsm/auth_core.c @@ -210,6 +210,7 @@ static const struct value_string auth_alg_vals[] = { { OSMO_AUTH_ALG_COMP128v3, "COMP128v3" }, { OSMO_AUTH_ALG_XOR, "XOR" }, { OSMO_AUTH_ALG_MILENAGE, "MILENAGE" }, + { OSMO_AUTH_ALG_XOR_2G, "XOR-2G" }, { 0, NULL } }; diff --git a/src/gsm/auth_xor_2g.c b/src/gsm/auth_xor_2g.c new file mode 100644 index 00000000..9efe5cc2 --- /dev/null +++ b/src/gsm/auth_xor_2g.c @@ -0,0 +1,79 @@ +/*! \file auth_xor.c + * GSM XOR-2G algorithm as specified in Annex 4 (A.4.1.2) of 3GPP TS 51.010-1. + * This is implemented by typical GSM MS tester */ + +/* + * (C) 2023 by Harald Welte + * + * All Rights Reserved + * + * Author: Daniel Willmann + * + * All Rights Reserved + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + */ + +#include +#include +#include + +#include + +/*! \addtogroup auth + * @{ + */ + +static void xor(uint8_t *out, const uint8_t *a, const uint8_t *b, size_t len) +{ + size_t i; + + for (i = 0; i < len; i++) + out[i] = a[i] ^ b[i]; +} + +/* GSM XOR-2G algorithm as specified in Annex 4 (A.4.1.2) of 3GPP TS 51.010-1. */ +static int xor2g_gen_vec(struct osmo_auth_vector *vec, + struct osmo_sub_auth_data *aud, + const uint8_t *_rand) +{ + uint8_t res1[16]; + + if (aud->type != OSMO_AUTH_TYPE_GSM) + return -ENOTSUP; + + /* Step 1: XOR to the challenge RAND, a predefined number Ki, having the same bit length (128 bits) as + * RAND. */ + xor(res1, aud->u.gsm.ki, _rand, sizeof(res1)); + + /* Step 2: The most significant 32 bits of RES1 form SRES. */ + memcpy(vec->sres, res1, 4); + /* The next 64 bits of RES1 form Kc */ + memcpy(vec->kc, res1+4, 8); + + vec->auth_types = OSMO_AUTH_TYPE_GSM; + return 0; +} + +static struct osmo_auth_impl xor2g_alg = { + .algo = OSMO_AUTH_ALG_XOR_2G, + .name = "XOR-2G (libosmogsm built-in)", + .priority = 1000, + .gen_vec = &xor2g_gen_vec, +}; + +static __attribute__((constructor)) void on_dso_load_xor(void) +{ + osmo_auth_register(&xor2g_alg); +} + +/*! @} */ -- cgit v1.2.3