authentication: More documentation
diff --git a/include/osmocom/crypt/auth.h b/include/osmocom/crypt/auth.h
index 67b3200..871e7c8 100644
--- a/include/osmocom/crypt/auth.h
+++ b/include/osmocom/crypt/auth.h
@@ -1,11 +1,17 @@
#ifndef _OSMOCRYPTO_AUTH_H
#define _OSMOCRYPTO_AUTH_H
+/*! \addtogroup auth
+ * @{
+ */
+
+/*! \file auth.h */
+
#include <stdint.h>
#include <osmocom/core/linuxlist.h>
-/*! \brief Authentication Type */
+/*! \brief Authentication Type (GSM/UMTS) */
enum osmo_sub_auth_type {
OSMO_AUTH_TYPE_NONE = 0x00,
OSMO_AUTH_TYPE_GSM = 0x01,
@@ -29,42 +35,44 @@
enum osmo_auth_algo algo;
union {
struct {
- uint8_t opc[16];
- uint8_t k[16];
+ uint8_t opc[16]; /*!< operator invariant value */
+ uint8_t k[16]; /*!< secret key of the subscriber */
uint8_t amf[2];
- uint64_t sqn;
- int opc_is_op;
+ uint64_t sqn; /*!< sequence number */
+ int opc_is_op; /*!< is the OPC field OPC (0) or OP (1) ? */
} umts;
struct {
- uint8_t ki[16];
+ uint8_t ki[16]; /*!< secret key */
} gsm;
} u;
};
/* data structure describing a computed auth vector, generated by AuC */
struct osmo_auth_vector {
- uint8_t rand[16];
- uint8_t autn[16];
- uint8_t ck[16];
- uint8_t ik[16];
- uint8_t res[16];
- uint8_t res_len;
- uint8_t kc[8];
- uint8_t sres[4];
+ uint8_t rand[16]; /*!< random challenge */
+ uint8_t autn[16]; /*!< authentication nonce */
+ uint8_t ck[16]; /*!< ciphering key */
+ uint8_t ik[16]; /*!< integrity key */
+ uint8_t res[16]; /*!< authentication result */
+ uint8_t res_len; /*!< length (in bytes) of res */
+ uint8_t kc[8]; /*!< Kc for GSM encryption (A5) */
+ uint8_t sres[4]; /*!< authentication result for GSM */
uint32_t auth_types; /*!< bitmask of OSMO_AUTH_TYPE_* */
};
/* \brief An implementation of an authentication algorithm */
struct osmo_auth_impl {
struct llist_head list;
- enum osmo_auth_algo algo;
- const char *name;
- unsigned int priority;
+ enum osmo_auth_algo algo; /*!< algorithm we implement */
+ const char *name; /*!< name of the implementation */
+ unsigned int priority; /*!< priority value (resp. othe implementations */
+ /*! \brief callback for generate authentication vectors */
int (*gen_vec)(struct osmo_auth_vector *vec,
struct osmo_sub_auth_data *aud,
const uint8_t *_rand);
+ /* \brief callback for generationg auth vectors + re-sync */
int (*gen_vec_auts)(struct osmo_auth_vector *vec,
struct osmo_sub_auth_data *aud,
const uint8_t *rand_auts, const uint8_t *auts,
@@ -89,3 +97,5 @@
enum osmo_auth_algo osmo_auth_alg_parse(const char *name);
#endif /* _OSMOCRYPTO_AUTH_H */
+
+/* @} */
diff --git a/src/gsm/auth_core.c b/src/gsm/auth_core.c
index 5e886ee..5cf8dfc 100644
--- a/src/gsm/auth_core.c
+++ b/src/gsm/auth_core.c
@@ -1,6 +1,6 @@
/* GSM/GPRS/3G authentication core infrastructure */
-/* (C) 2010-2011 by Harald Welte <laforge@gnumonks.org>
+/* (C) 2010-2012 by Harald Welte <laforge@gnumonks.org>
*
* All Rights Reserved
*
@@ -30,11 +30,23 @@
#include <osmocom/crypt/auth.h>
+/*! \addtogroup auth
+ * @{
+ */
+
+/* \file auth_core.c
+ */
+
static LLIST_HEAD(osmo_auths);
static struct osmo_auth_impl *selected_auths[_OSMO_AUTH_ALG_NUM];
-/* register a cipher with the core */
+/*! \brief Register an authentication algorithm implementation with the core
+ * \param[in] impl Structure describing implementation and it's callbacks
+ *
+ * This function is called by an authentication implementation plugin to
+ * register itself with the authentication core.
+ */
int osmo_auth_register(struct osmo_auth_impl *impl)
{
if (impl->algo >= ARRAY_SIZE(selected_auths))
@@ -50,13 +62,23 @@
return 0;
}
-/* load all available GPRS cipher plugins */
+/*! \brief Load all available authentication plugins from the given path
+ * \param[in] path Path name of the directory containing the plugins
+ *
+ * This function will load all plugins contained in the specified path.
+ */
int osmo_auth_load(const char *path)
{
/* load all plugins available from path */
return osmo_plugin_load_all(path);
}
+/*! \brief Determine if a given authentication algorithm is supported
+ * \param[in] algo Algorithm which should be checked
+ *
+ * This function is used by an application to determine at runtime if a
+ * given authentication algorithm is supported or not.
+ */
int osmo_auth_supported(enum osmo_auth_algo algo)
{
if (algo >= ARRAY_SIZE(selected_auths))
@@ -68,6 +90,17 @@
return 0;
}
+/*! \brief Generate authentication vector
+ * \param[out] vec Generated authentication vector
+ * \param[in] aud Subscriber-specific key material
+ * \param[in] rand Random challenge to be used
+ *
+ * This function performs the core cryptographic function of the AUC,
+ * computing authentication triples/quintuples based on the permanent
+ * subscriber data and a random value. The result is what is forwarded
+ * by the AUC via HLR and VLR to the MSC which will then be able to
+ * invoke authentication with the MS
+ */
int osmo_auth_gen_vec(struct osmo_auth_vector *vec,
struct osmo_sub_auth_data *aud,
const uint8_t *_rand)
@@ -87,6 +120,20 @@
return 0;
}
+/*! \brief Generate authentication vector and re-sync sequence
+ * \param[out] vec Generated authentication vector
+ * \param[in] aud Subscriber-specific key material
+ * \param[in] rand_auts RAND value sent by the SIM/MS
+ * \param[in] auts AUTS value sent by the SIM/MS
+ * \param[in] rand Random challenge to be used to generate vector
+ *
+ * This function performs a special variant of the core cryptographic
+ * function of the AUC: computing authentication triples/quintuples
+ * based on the permanent subscriber data, a random value as well as the
+ * AUTS and RAND values returned by the SIM/MS. This special variant is
+ * needed if the sequence numbers between MS and AUC have for some
+ * reason become diffrent.
+ */
int osmo_auth_gen_vec_auts(struct osmo_auth_vector *vec,
struct osmo_sub_auth_data *aud,
const uint8_t *rand_auts, const uint8_t *auts,
@@ -110,12 +157,16 @@
{ 0, NULL }
};
+/*! \brief Get human-readable name of authentication algorithm */
const char *osmo_auth_alg_name(enum osmo_auth_algo alg)
{
return get_value_string(auth_alg_vals, alg);
}
+/*! \brief Parse human-readable name of authentication algorithm */
enum osmo_auth_algo osmo_auth_alg_parse(const char *name)
{
return get_string_value(auth_alg_vals, name);
}
+
+/*! @} */