diff options
author | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2016-03-22 00:49:21 +0100 |
---|---|---|
committer | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2016-03-22 01:13:07 +0100 |
commit | 9fd87ecd11138efa8bdbb13c47659edaf106e2c3 (patch) | |
tree | 381e77cb7dd1a77b323793bb6975bad7b7b7f9df | |
parent | 8e5c63f032398ad45052b538890071919de8a20e (diff) |
iu_tx_sec_mode_cmd(): add send_ck flag parameter
In this way the caller can distinguish between sending an IK or an IK+CK
Security Mode Command.
-rw-r--r-- | openbsc/include/openbsc/iu.h | 3 | ||||
-rw-r--r-- | openbsc/src/gprs/gprs_gmm.c | 2 | ||||
-rw-r--r-- | openbsc/src/libiu/iu.c | 15 |
3 files changed, 12 insertions, 8 deletions
diff --git a/openbsc/include/openbsc/iu.h b/openbsc/include/openbsc/iu.h index f2f1fc9e7..62fc9fc6b 100644 --- a/openbsc/include/openbsc/iu.h +++ b/openbsc/include/openbsc/iu.h @@ -37,4 +37,5 @@ int iu_tx(struct msgb *msg, uint8_t sapi); int iu_rab_act_cs(struct ue_conn_ctx *ue_ctx, uint32_t rtp_ip, uint16_t rtp_port); int iu_rab_act_ps(struct sgsn_pdp_ctx *pdp); int iu_rab_deact(struct ue_conn_ctx *ue_ctx, uint8_t rab_id); -int iu_tx_sec_mode_cmd(struct ue_conn_ctx *uectx, struct gsm_auth_tuple *tp); +int iu_tx_sec_mode_cmd(struct ue_conn_ctx *uectx, struct gsm_auth_tuple *tp, + int send_ck); diff --git a/openbsc/src/gprs/gprs_gmm.c b/openbsc/src/gprs/gprs_gmm.c index ac8c0c410..630810aaa 100644 --- a/openbsc/src/gprs/gprs_gmm.c +++ b/openbsc/src/gprs/gprs_gmm.c @@ -755,7 +755,7 @@ static int gsm48_gmm_authorize(struct sgsn_mm_ctx *ctx) /* The MS is authorized */ if (ctx->ran_type == MM_CTX_T_UTRAN_Iu && !ctx->iu.integrity_active) { - return iu_tx_sec_mode_cmd(ctx->iu.ue_ctx, &ctx->auth_triplet); + return iu_tx_sec_mode_cmd(ctx->iu.ue_ctx, &ctx->auth_triplet, 0); } switch (ctx->pending_req) { diff --git a/openbsc/src/libiu/iu.c b/openbsc/src/libiu/iu.c index ed428a1af..56b6ec1d3 100644 --- a/openbsc/src/libiu/iu.c +++ b/openbsc/src/libiu/iu.c @@ -116,7 +116,8 @@ int iu_rab_deact(struct ue_conn_ctx *ue_ctx, uint8_t rab_id) return -1; } -int iu_tx_sec_mode_cmd(struct ue_conn_ctx *uectx, struct gsm_auth_tuple *tp) +int iu_tx_sec_mode_cmd(struct ue_conn_ctx *uectx, struct gsm_auth_tuple *tp, + int send_ck) { struct osmo_scu_prim *prim; struct msgb *msg; @@ -124,10 +125,6 @@ int iu_tx_sec_mode_cmd(struct ue_conn_ctx *uectx, struct gsm_auth_tuple *tp) uint8_t ck[16]; unsigned int i; - /* C4 function to dervie CK from Kc */ - memcpy(ck, tp->kc, 8); - memcpy(ck+8, tp->kc, 8); - /* C5 function to derive IK from Kc */ for (i = 0; i < 4; i++) ik[i] = tp->kc[i] ^ tp->kc[i+4]; @@ -135,8 +132,14 @@ int iu_tx_sec_mode_cmd(struct ue_conn_ctx *uectx, struct gsm_auth_tuple *tp) for (i = 12; i < 16; i++) ik[i] = ik[i-12]; + if (send_ck) { + /* C4 function to derive CK from Kc */ + memcpy(ck, tp->kc, 8); + memcpy(ck+8, tp->kc, 8); + } + /* crate RANAP message */ - msg = ranap_new_msg_sec_mod_cmd(ik, NULL); + msg = ranap_new_msg_sec_mod_cmd(ik, send_ck? ck : NULL); msg->l2h = msg->data; /* wrap RANAP message in SCCP N-DATA.req */ prim = (struct osmo_scu_prim *) msgb_push(msg, sizeof(*prim)); |