diff options
| -rw-r--r-- | src/db_hlr.c | 2 | ||||
| -rw-r--r-- | src/hlr_vty_subscr.c | 15 | ||||
| -rw-r--r-- | tests/auc/auc_test.c | 45 | ||||
| -rw-r--r-- | tests/auc/auc_test.err | 23 | ||||
| -rw-r--r-- | tests/test_subscriber.vty | 3 |
5 files changed, 79 insertions, 9 deletions
diff --git a/src/db_hlr.c b/src/db_hlr.c index 83c2c51..6ba43c2 100644 --- a/src/db_hlr.c +++ b/src/db_hlr.c @@ -264,11 +264,11 @@ int db_subscr_update_aud_by_id(struct db_context *dbc, int64_t subscr_id, switch (aud->algo) { case OSMO_AUTH_ALG_NONE: case OSMO_AUTH_ALG_MILENAGE: + case OSMO_AUTH_ALG_XOR: break; case OSMO_AUTH_ALG_COMP128v1: case OSMO_AUTH_ALG_COMP128v2: case OSMO_AUTH_ALG_COMP128v3: - case OSMO_AUTH_ALG_XOR: LOGP(DAUC, LOGL_ERROR, "Cannot update auth tokens:" " auth algo not suited for 3G: %s\n", osmo_auth_alg_name(aud->algo)); diff --git a/src/hlr_vty_subscr.c b/src/hlr_vty_subscr.c index a9262ba..6ce0191 100644 --- a/src/hlr_vty_subscr.c +++ b/src/hlr_vty_subscr.c @@ -355,9 +355,10 @@ static bool is_hexkey_valid(struct vty *vty, const char *label, "Use COMP128v3 algorithm\n" \ "Use XOR algorithm\n" -#define AUTH_ALG_TYPES_3G "milenage" +#define AUTH_ALG_TYPES_3G "(milenage|xor)" #define AUTH_ALG_TYPES_3G_HELP \ - "Use Milenage algorithm\n" + "Use Milenage algorithm\n" \ + "Use XOR algorithm\n" #define A38_XOR_MIN_KEY_LEN 12 #define A38_XOR_MAX_KEY_LEN 16 @@ -511,11 +512,11 @@ DEFUN(subscriber_aud3g, int rc; const char *id_type = argv[0]; const char *id = argv[1]; - const char *alg_type = AUTH_ALG_TYPES_3G; - const char *k = argv[2]; - bool opc_is_op = (strcasecmp("op", argv[3]) == 0); - const char *op_opc = argv[4]; - int ind_bitlen = argc > 6? atoi(argv[6]) : 5; + const char *alg_type = argv[2]; + const char *k = argv[3]; + bool opc_is_op = (strcasecmp("op", argv[4]) == 0); + const char *op_opc = argv[5]; + int ind_bitlen = argc > 7? atoi(argv[7]) : 5; struct sub_auth_data_str aud3g = { .type = OSMO_AUTH_TYPE_UMTS, .u.umts = { diff --git a/tests/auc/auc_test.c b/tests/auc/auc_test.c index cdbd0b7..db7edcb 100644 --- a/tests/auc/auc_test.c +++ b/tests/auc/auc_test.c @@ -454,6 +454,50 @@ static void test_gen_vectors_3g_only(void) comment_end(); } +static void test_gen_vectors_3g_xor(void) +{ + struct osmo_sub_auth_data aud2g; + struct osmo_sub_auth_data aud3g; + struct osmo_auth_vector vec; + int rc; + + comment_start(); + + aud2g = (struct osmo_sub_auth_data){ 0 }; + + aud3g = (struct osmo_sub_auth_data){ + .type = OSMO_AUTH_TYPE_UMTS, + .algo = OSMO_AUTH_ALG_XOR, + .u.umts.sqn = 0, + }; + + osmo_hexparse("000102030405060708090a0b0c0d0e0f", + aud3g.u.umts.k, sizeof(aud3g.u.umts.k)); + osmo_hexparse("00000000000000000000000000000000", + aud3g.u.umts.opc, sizeof(aud3g.u.umts.opc)); + next_rand("b5039c57e4a75051551d1a390a71ce48", true); + + vec = (struct osmo_auth_vector){ {0} }; + VERBOSE_ASSERT(aud3g.u.umts.sqn, == 0, "%"PRIu64); + rc = auc_compute_vectors(&vec, 1, &aud2g, &aud3g, NULL, NULL); + VERBOSE_ASSERT(rc, == 1, "%d"); + VERBOSE_ASSERT(aud3g.u.umts.sqn, == 0, "%"PRIu64); + + VEC_IS(&vec, + " rand: b5039c57e4a75051551d1a390a71ce48\n" + " autn: 54e0a256565d0000b5029e54e0a25656\n" + " ck: 029e54e0a256565d141032067cc047b5\n" + " ik: 9e54e0a256565d141032067cc047b502\n" + " res: b5029e54e0a256565d141032067cc047\n" + " res_len: 10\n" + " kc: 98e880384887f9fe\n" + " sres: 0ec81877\n" + " auth_types: 03000000\n" + ); + + comment_end(); +} + void test_gen_vectors_bad_args() { struct osmo_auth_vector vec; @@ -622,6 +666,7 @@ int main(int argc, char **argv) test_gen_vectors_2g_only(); test_gen_vectors_2g_plus_3g(); test_gen_vectors_3g_only(); + test_gen_vectors_3g_xor(); test_gen_vectors_bad_args(); printf("Done\n"); diff --git a/tests/auc/auc_test.err b/tests/auc/auc_test.err index 0a4d9af..f83e814 100644 --- a/tests/auc/auc_test.err +++ b/tests/auc/auc_test.err @@ -217,6 +217,29 @@ DAUC vector [2]: auth_types = 0x3 ===== test_gen_vectors_3g_only: SUCCESS +===== test_gen_vectors_3g_xor +aud3g.u.umts.sqn == 0 +DAUC Computing 1 auth vector: 3G only (2G derived from 3G keys) +DAUC 3G: k = 000102030405060708090a0b0c0d0e0f +DAUC 3G: opc = 00000000000000000000000000000000 +DAUC 3G: for sqn ind 0, previous sqn was 0 +DAUC vector [0]: rand = b5039c57e4a75051551d1a390a71ce48 +DAUC vector [0]: sqn = 0 +DAUC vector [0]: autn = 54e0a256565d0000b5029e54e0a25656 +DAUC vector [0]: ck = 029e54e0a256565d141032067cc047b5 +DAUC vector [0]: ik = 9e54e0a256565d141032067cc047b502 +DAUC vector [0]: res = b5029e54e0a256565d141032067cc047 +DAUC vector [0]: res_len = 16 +DAUC vector [0]: deriving 2G from 3G +DAUC vector [0]: kc = 98e880384887f9fe +DAUC vector [0]: sres = 0ec81877 +DAUC vector [0]: auth_types = 0x3 +rc == 1 +aud3g.u.umts.sqn == 0 +vector matches expectations +===== test_gen_vectors_3g_xor: SUCCESS + + ===== test_gen_vectors_bad_args - no auth data (a) diff --git a/tests/test_subscriber.vty b/tests/test_subscriber.vty index 4082700..e25e850 100644 --- a/tests/test_subscriber.vty +++ b/tests/test_subscriber.vty @@ -10,7 +10,7 @@ OsmoHLR# list subscriber (imsi|msisdn|id|imei) IDENT update aud2g none subscriber (imsi|msisdn|id|imei) IDENT update aud2g (comp128v1|comp128v2|comp128v3|xor) ki KI subscriber (imsi|msisdn|id|imei) IDENT update aud3g none - subscriber (imsi|msisdn|id|imei) IDENT update aud3g milenage k K (op|opc) OP_C [ind-bitlen] [<0-28>] + subscriber (imsi|msisdn|id|imei) IDENT update aud3g (milenage|xor) k K (op|opc) OP_C [ind-bitlen] [<0-28>] subscriber (imsi|msisdn|id|imei) IDENT update imei (none|IMEI) subscriber (imsi|msisdn|id|imei) IDENT update network-access-mode (none|cs|ps|cs+ps) show mslookup services @@ -268,6 +268,7 @@ OsmoHLR# subscriber id 101 show OsmoHLR# subscriber imsi 123456789023000 update aud3g ? none Delete 3G authentication data milenage Use Milenage algorithm + xor Use XOR algorithm OsmoHLR# subscriber imsi 123456789023000 update aud3g milenage ? k Set Encryption Key K |