path: root/openbsc/tests/mm_auth/mm_auth_test.c
AgeCommit message (Collapse)AuthorFilesLines
2018-03-29Migrate from OpenSSL to osmo_get_rand_id()Neels Hofmeyr1-1/+1
Drop OpenSSL/libcrypto dependency, use osmo_get_rand_id() instead. Backport osmo-msc 753c15de2f00e24f76ac9b01a20e1e2ff0f86ce2 = I71cd631704a4dc155c6c752fee2a42cd6e2fa336 " Migrate from OpenSSL to osmo_get_rand_id() This avoids potential licensing incompatibility and makes integration of Debian packaging patches easier. " Apply similar changes in bsc-nat, mm_auth_test etc. Tested manually with osmo-nitb and sysmoBTS, and verified that Authentication Requests send heterogenous RAND tokens. Related: OS#1694 Change-Id: I81ebd55c7c90a436c5f2090e6790d78b773d2c92
2016-04-29Start to use struct osmo_auth_vector from gsm_auth_tupleHarald Welte1-3/+3
Rather than having a 'private' structure for kc, sres and rand, we now finally (with 4 years delay) use osmo_auth_vector from libosmogsm, which encapsulates authentication vectors that can be either GSM triplets or UMTS quintuples or a combination of both. gsm_auth_tuple becomes a wrapper around osmo_auth_vector, adding use_count and key_seq to it. key_seq is no longer initialized inside gprs_gsup_messages.c, as there is no CKSN / key_seq inside the message anyway. If a usre of the code needs key_seq, they need to manage it themselves.
2016-03-31Fix MM Auth: zero-initialize auth tuple before first useNeels Hofmeyr1-1/+23
Make sure a new auth tuple is initialized after db_get_lastauthtuple_for_subscr() returns an error, i.e. if no tuple is present for the subscriber yet. Before this patch, the first key_seq depended on the typically uninitialized value that was present in auth tuple's key_seq upon calling auth_get_tuple_for_subscr(). The very first key_seq used for a new subscriber will now always be 0. Before, it used to be mostly 1 ("(0 + 1) % 7"), but depended on whether the key_seq was indeed initialized with 0, actually by random.
2016-03-31Fix MM Auth: disallow key_seq mismatchNeels Hofmeyr1-0/+32
In auth_get_tuple_for_subscr(), add missing condition to match incoming key_seq with stored key_seq, so that re-authentication is requested for mismatching key_seqs. Add test for this issue.
2016-03-31MM Auth: introduce AUTH_ERROR constant.Neels Hofmeyr1-1/+1
Instead of using hardcoded -1 for errors, include -1 in the enum auth_action type; apply its use. In the mm_auth test, the string output changes from '(internal error)' to 'AUTH_ERROR', since now the proper enum value is used in auth_action_names[].
2016-03-31MM Auth test: add test to re-use existing authNeels Hofmeyr1-0/+31
2016-03-31MM Auth test: add two tests for AUTH_THEN_CIPHNeels Hofmeyr1-0/+136
Test two situations for AUTH_DO_AUTH_THEN_CIPH: - when no auth tuple is available - when the key sequence from LU is marked invalid Add convenience auth tuple comparison function using stringification.
2016-03-31Add MM Auth test; add auth_action_str() functionNeels Hofmeyr1-0/+119
Add basic MM Authentication test setup, with fake DB access and RAND_bytes(). So far implement simple tests for IO error during DB access and missing auth entry. To print the auth action during tests, add struct auth_action_names and auth_action_str() inline function in auth.[hc].