fix inter-BSC-in handover encryption

In the field we saw Handover Requests without any Chosen Encryption
Algorithm IE, and osmo-bsc completely failed on those. This made me
understand my mistake from when I wrote this handover code.

So far, from a BSSMAP Handover Request, we (I) used only the Chosen
Encryption Algorithm IE to pick the encryption to use on the target
lchan. That is very wrong.

Instead, figure out the intersection of permitted algorithms MSC & BSC,
and pick the best of those. Which means, actually, completely ignore the
Chosen Encryption Algorithm IE.

In the message, the permitted algorithms are passed as a bitmask. The
current code using gsm0808_dec_encrypt_info() passes this on as an
array. In order to select_best_cipher(), I could convert that array back
to a bitmask. Instead pass the bitmask on from message decoding
alongside the struct gsm0808_encrypt_info in req->ei_as_bitmask.

In handover_end(), change the condition so that we can also pass
HO_RESULT_FAIL_RR_HO_FAIL to emit a Handover Failure.

Related: SYS#5839
Change-Id: Iffedc981b60d309ed2e5decd5efedee07a757b53

1 files changed, 4 insertions, 0 deletions

diff --git a/include/osmocom/bsc/gsm_data.h b/include/osmocom/bsc/gsm_data.h
index 7657a5f6a..a1aa2df67 100644
--- a/include/osmocom/bsc/gsm_data.h
+++ b/include/osmocom/bsc/gsm_data.h
@@ -250,6 +250,8 @@ struct handover_in_req {
 	struct gsm0808_channel_type ct;
 	struct gsm0808_speech_codec_list scl;
 	struct gsm0808_encrypt_info ei;
+	/* The same information as in 'ei' but as the handy bitmask as on the wire. */
+	uint8_t ei_as_bitmask;
 	bool kc128_present;
 	uint8_t kc128[16];
 	struct gsm_classmark classmark;
@@ -1435,4 +1437,6 @@ extern const struct gsm_interf_meas_params interf_meas_params_def;
 
 enum rsl_cmod_spd chan_mode_to_rsl_cmod_spd(enum gsm48_chan_mode chan_mode);
 
+int select_best_cipher(uint8_t msc_mask, uint8_t bsc_mask);
+
 #endif /* _GSM_DATA_H */