From ed9c53d575b03df2642ce9dbd134d8d51101437a Mon Sep 17 00:00:00 2001
From: Harald Welte <laforge@gnumonks.org>
Date: Sat, 23 Jul 2016 14:58:04 +0200
Subject: Update GSUP chapter regarding UMTS AKA and other recent changes

The GSUP protocol has been enhanced with
* Support for UMTS AKA in 'Auth Tuple' / SAI operations
* Authentication Failure Report
* CN Domain indicator

Let's update the documentation accordingly.
---
 doc/manuals/chapters/gsup.adoc | 91 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 91 insertions(+)

(limited to 'doc/manuals')

diff --git a/doc/manuals/chapters/gsup.adoc b/doc/manuals/chapters/gsup.adoc
index 838af7ddd..7ea34815f 100644
--- a/doc/manuals/chapters/gsup.adoc
+++ b/doc/manuals/chapters/gsup.adoc
@@ -83,8 +83,15 @@ Direction: SGSN -> Network peer
 |IEI|IE|Type|Presence|Format|Length
 |  |Message Type|<<gsup-ie-msgtype>>|M|V|1
 |01|IMSI|<<gsup-ie-imsi>>|M|TLV|2-10
+|28|CN Domain|<<gsup-ie-cndomain>>|O|TLV|3
+|26|AUTS|<<gsup-ie-auts>>|C|TLV|18
+|20|RAND|<<gsup-ie-rand>>|C|TLV|18
 |===
 
+The conditional 'AUTS' and 'RAND' IEs are both present in case the SIM
+(via UE) requests an UMTS AKA re-synchronization procedure.  Eiter
+both optional IEs are present, or none of them.
+
 ==== Send Authentication Info Error
 
 Direction: Network peer -> SGSN
@@ -109,6 +116,18 @@ Direction: Network peer -> SGSN
 |03|Auth Tuple|<<gsup-ie-authtuple>>|0-5|TLV|36
 |===
 
+==== Authentication Failure Report
+
+Direction: SGSN -> Network peer
+
+[options="header",cols="5%,20%,45%,10%,10%,10%"]
+|===
+|IEI|IE|Type|Presence|Format|Length
+|  |Message Type|<<gsup-ie-msgtype>>|M|V|1
+|01|IMSI|<<gsup-ie-imsi>>|M|TLV|2-10
+|28|CN Domain|<<gsup-ie-cndomain>>|O|TLV|3
+|===
+
 ==== Update Location Request
 
 Direction: SGSN -> Network peer
@@ -118,6 +137,7 @@ Direction: SGSN -> Network peer
 |IEI|IE|Type|Presence|Format|Length
 |  |Message Type|<<gsup-ie-msgtype>>|M|V|1
 |01|IMSI|<<gsup-ie-imsi>>|M|TLV|2-10
+|28|CN Domain|<<gsup-ie-cndomain>>|O|TLV|3
 |===
 
 ==== Update Location Error
@@ -158,6 +178,7 @@ Direction: Network peer -> SGSN
 |IEI|IE|Type|Presence|Format|Length
 |  |Message Type|<<gsup-ie-msgtype>>|M|V|1
 |01|IMSI|<<gsup-ie-imsi>>|M|TLV|2-10
+|28|CN Domain|<<gsup-ie-cndomain>>|O|TLV|3
 |06|Cancellation type|<<gsup-ie-canctype>>|O|TLV|3
 |===
 
@@ -170,6 +191,7 @@ Direction: SGSN -> Network peer
 |IEI|IE|Type|Presence|Format|Length
 |  |Message Type|<<gsup-ie-msgtype>>|M|V|1
 |01|IMSI|<<gsup-ie-imsi>>|M|TLV|2-10
+|28|CN Domain|<<gsup-ie-cndomain>>|O|TLV|3
 |===
 
 ==== Purge MS Request
@@ -181,6 +203,7 @@ Direction: SGSN -> Network peer
 |IEI|IE|Type|Presence|Format|Length
 |  |Message Type|<<gsup-ie-msgtype>>|M|V|1
 |01|IMSI|<<gsup-ie-imsi>>|M|TLV|2-10
+|28|CN Domain|<<gsup-ie-cndomain>>|O|TLV|3
 |09|HLR Number|<<gsup-ie-hlr>>|M|TLV|0-9
 |===
 
@@ -217,6 +240,9 @@ Direction: Network peer -> SGSN
 |IEI|IE|Type|Presence|Format|Length
 |  |Message Type|<<gsup-ie-msgtype>>|M|V|1
 |01|IMSI|<<gsup-ie-imsi>>|M|TLV|2-10
+|28|CN Domain|<<gsup-ie-cndomain>>|O|TLV|3
+|08|MSISDN|<<gsup-ie-msisdn>>|O|TLV|0-9
+|09|HLR Number|<<gsup-ie-hlr>>|O|TLV|0-9
 |04|PDP info complete|<<gsup-ie-empty>>|M|TLV|2
 |05|PDP info|<<gsup-ie-pdpinfo>>|0-10|TLV|
 |===
@@ -255,6 +281,7 @@ Direction: Network peer -> SGSN
 |IEI|IE|Type|Presence|Format|Length
 |  |Message Type|<<gsup-ie-msgtype>>|M|V|1
 |01|IMSI|<<gsup-ie-imsi>>|M|TLV|2-10
+|28|CN Domain|<<gsup-ie-cndomain>>|O|TLV|3
 |10|PDP context id|<<gsup-ie-pdpinfo>> (no conditional IE)|0-10|TLV|
 |===
 
@@ -295,6 +322,7 @@ Direction: Network peer -> SGSN
 |0x08|Send Auth Info Request
 |0x09|Send Auth Info Error
 |0x0a|Send Auth Info Result
+|0x0b|Authentication Failure Report
 |0x0c|Purge MS Request
 |0x0d|Purge MS Error
 |0x0e|Purge MS Result
@@ -397,8 +425,15 @@ tuple.
 |20|RAND|<<gsup-ie-rand>>|M|TLV|18
 |21|SRES|<<gsup-ie-sres>>|M|TLV|6
 |22|Kc|<<gsup-ie-kc>>|M|TLV|10
+|23|IK|<<gsup-ie-ik>>|C|TLV|18
+|24|CK|<<gsup-ie-ck>>|C|TLV|18
+|25|AUTN|<<gsup-ie-autn>>|C|TLV|18
+|27|RES|<<gsup-ie-res>>|C|TLV|2-18
 |===
 
+The conditional IEs 'IK', 'CK', 'AUTN' and 'RES' are onl present in
+case the subscriber supports UMTS AKA.
+
 [[gsup-ie-rand]]
 ==== RAND
 
@@ -415,6 +450,56 @@ The 4-byte Authentication Result of the GSM Authentication Algorithm.
 The 8-byte Encryption Key of the GSM Authentication and Key Agreemnt
 Algorithm.
 
+[[gsup-ie-ik]]
+==== IK
+
+The 16-byte Integrity Protection Key generated by the UMTS
+Authentication and Key Agreement Algorithm.
+
+[[gsup-ie-ck]]
+==== CK
+
+The 16-byte Ciphering Key generated by the UMTS Authentication and Key
+Agreement Algorithm.
+
+[[gsup-ie-autn]]
+==== AUTN
+
+The 16-byte Authentication Nonce sent from network to USIM in the UMTS
+Authentication and Key Agreement Algorithm.
+
+[[gsup-ie-auts]]
+==== AUTS
+
+The 16-byte Authentication Synchronization Nonce generated by the USIM
+in case the  UMTS Authentication and Key Agreement Algorithm needs to
+re-synchronize the sequence counters between AUC and USIM.
+
+[[gsup-ie-res]]
+==== RES
+
+The (variable length, but typically 16 byte) Authentication Result
+generated by the USIM in the UMTS Authentication and Key Agreement
+Algorithm.
+
+[[gsup-ie-cndomain]]
+==== CN Domain
+
+This single-byte information element indicates the Core Network
+Domain, i.e. if the message is related to Circuit Switched or Packet
+Switched services.
+
+For backwards compatibility reasons, if no CN Domain IE is present
+within a request, the PS Domain is assumed.
+
+.CN Domain Number
+[options="header",cols="10%,90%"]
+|===
+|Type|Description
+|0x01|PS Domain
+|0x02|CS Domain
+|===
+
 [[gsup-ie-canctype]]
 ==== Cancellation Type
 
@@ -464,6 +549,12 @@ IEI that shall be used for the encoding.
 |0x20|RAND|<<gsup-ie-rand>>
 |0x21|SRES|<<gsup-ie-sres>>
 |0x22|Kc|<<gsup-ie-kc>>
+|0x23|IK|<<gsup-ie-ik>>
+|0x24|CK|<<gsup-ie-ck>>
+|0x25|AUTN|<<gsup-ie-autn>>
+|0x26|AUTS|<<gsup-ie-auts>>
+|0x27|RES|<<gsup-ie-res>>
+|0x28|CN Domain|<<gsup-ie-cndomain>>
 |===
 
 [[gsup-ie-empty]]
-- 
cgit v1.2.3