Harald Welte | d82e0eb | 2011-12-06 21:53:42 +0100 | [diff] [blame] | 1 | /* GSM/GPRS/3G authentication core infrastructure */ |
| 2 | |
Harald Welte | 007a71e | 2012-07-18 19:47:56 +0200 | [diff] [blame] | 3 | /* (C) 2010-2012 by Harald Welte <laforge@gnumonks.org> |
Harald Welte | d82e0eb | 2011-12-06 21:53:42 +0100 | [diff] [blame] | 4 | * |
| 5 | * All Rights Reserved |
| 6 | * |
| 7 | * This program is free software; you can redistribute it and/or modify |
| 8 | * it under the terms of the GNU General Public License as published by |
| 9 | * the Free Software Foundation; either version 2 of the License, or |
| 10 | * (at your option) any later version. |
| 11 | * |
| 12 | * This program is distributed in the hope that it will be useful, |
| 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 15 | * GNU General Public License for more details. |
| 16 | * |
| 17 | * You should have received a copy of the GNU General Public License along |
| 18 | * with this program; if not, write to the Free Software Foundation, Inc., |
| 19 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
| 20 | * |
| 21 | */ |
| 22 | |
| 23 | #include <errno.h> |
| 24 | #include <stdint.h> |
Harald Welte | d318e61 | 2011-12-07 12:16:27 +0100 | [diff] [blame] | 25 | #include <string.h> |
Harald Welte | d82e0eb | 2011-12-06 21:53:42 +0100 | [diff] [blame] | 26 | |
| 27 | #include <osmocom/core/utils.h> |
| 28 | #include <osmocom/core/linuxlist.h> |
| 29 | #include <osmocom/core/plugin.h> |
| 30 | |
| 31 | #include <osmocom/crypt/auth.h> |
| 32 | |
Harald Welte | 007a71e | 2012-07-18 19:47:56 +0200 | [diff] [blame] | 33 | /*! \addtogroup auth |
| 34 | * @{ |
| 35 | */ |
| 36 | |
| 37 | /* \file auth_core.c |
| 38 | */ |
| 39 | |
Harald Welte | d82e0eb | 2011-12-06 21:53:42 +0100 | [diff] [blame] | 40 | static LLIST_HEAD(osmo_auths); |
| 41 | |
| 42 | static struct osmo_auth_impl *selected_auths[_OSMO_AUTH_ALG_NUM]; |
| 43 | |
Harald Welte | 007a71e | 2012-07-18 19:47:56 +0200 | [diff] [blame] | 44 | /*! \brief Register an authentication algorithm implementation with the core |
| 45 | * \param[in] impl Structure describing implementation and it's callbacks |
| 46 | * |
| 47 | * This function is called by an authentication implementation plugin to |
| 48 | * register itself with the authentication core. |
| 49 | */ |
Harald Welte | d82e0eb | 2011-12-06 21:53:42 +0100 | [diff] [blame] | 50 | int osmo_auth_register(struct osmo_auth_impl *impl) |
| 51 | { |
| 52 | if (impl->algo >= ARRAY_SIZE(selected_auths)) |
| 53 | return -ERANGE; |
| 54 | |
| 55 | llist_add_tail(&impl->list, &osmo_auths); |
| 56 | |
| 57 | /* check if we want to select this implementation over others */ |
| 58 | if (!selected_auths[impl->algo] || |
| 59 | (selected_auths[impl->algo]->priority > impl->priority)) |
| 60 | selected_auths[impl->algo] = impl; |
| 61 | |
| 62 | return 0; |
| 63 | } |
| 64 | |
Harald Welte | 007a71e | 2012-07-18 19:47:56 +0200 | [diff] [blame] | 65 | /*! \brief Load all available authentication plugins from the given path |
| 66 | * \param[in] path Path name of the directory containing the plugins |
| 67 | * |
| 68 | * This function will load all plugins contained in the specified path. |
| 69 | */ |
Harald Welte | d82e0eb | 2011-12-06 21:53:42 +0100 | [diff] [blame] | 70 | int osmo_auth_load(const char *path) |
| 71 | { |
| 72 | /* load all plugins available from path */ |
| 73 | return osmo_plugin_load_all(path); |
| 74 | } |
| 75 | |
Harald Welte | 007a71e | 2012-07-18 19:47:56 +0200 | [diff] [blame] | 76 | /*! \brief Determine if a given authentication algorithm is supported |
| 77 | * \param[in] algo Algorithm which should be checked |
| 78 | * |
| 79 | * This function is used by an application to determine at runtime if a |
| 80 | * given authentication algorithm is supported or not. |
| 81 | */ |
Harald Welte | d82e0eb | 2011-12-06 21:53:42 +0100 | [diff] [blame] | 82 | int osmo_auth_supported(enum osmo_auth_algo algo) |
| 83 | { |
| 84 | if (algo >= ARRAY_SIZE(selected_auths)) |
| 85 | return -ERANGE; |
| 86 | |
| 87 | if (selected_auths[algo]) |
| 88 | return 1; |
| 89 | |
| 90 | return 0; |
| 91 | } |
| 92 | |
Harald Welte | 007a71e | 2012-07-18 19:47:56 +0200 | [diff] [blame] | 93 | /*! \brief Generate authentication vector |
| 94 | * \param[out] vec Generated authentication vector |
| 95 | * \param[in] aud Subscriber-specific key material |
| 96 | * \param[in] rand Random challenge to be used |
| 97 | * |
| 98 | * This function performs the core cryptographic function of the AUC, |
| 99 | * computing authentication triples/quintuples based on the permanent |
| 100 | * subscriber data and a random value. The result is what is forwarded |
| 101 | * by the AUC via HLR and VLR to the MSC which will then be able to |
| 102 | * invoke authentication with the MS |
| 103 | */ |
Harald Welte | d82e0eb | 2011-12-06 21:53:42 +0100 | [diff] [blame] | 104 | int osmo_auth_gen_vec(struct osmo_auth_vector *vec, |
| 105 | struct osmo_sub_auth_data *aud, |
| 106 | const uint8_t *_rand) |
| 107 | { |
Harald Welte | 781bd5d | 2011-12-06 22:23:52 +0100 | [diff] [blame] | 108 | struct osmo_auth_impl *impl = selected_auths[aud->algo]; |
Harald Welte | 4afdd5d | 2011-12-07 02:38:18 +0100 | [diff] [blame] | 109 | int rc; |
Harald Welte | d82e0eb | 2011-12-06 21:53:42 +0100 | [diff] [blame] | 110 | |
| 111 | if (!impl) |
| 112 | return -ENOENT; |
| 113 | |
Harald Welte | 4afdd5d | 2011-12-07 02:38:18 +0100 | [diff] [blame] | 114 | rc = impl->gen_vec(vec, aud, _rand); |
| 115 | if (rc < 0) |
| 116 | return rc; |
| 117 | |
| 118 | memcpy(vec->rand, _rand, sizeof(vec->rand)); |
| 119 | |
| 120 | return 0; |
Harald Welte | d82e0eb | 2011-12-06 21:53:42 +0100 | [diff] [blame] | 121 | } |
| 122 | |
Harald Welte | 007a71e | 2012-07-18 19:47:56 +0200 | [diff] [blame] | 123 | /*! \brief Generate authentication vector and re-sync sequence |
| 124 | * \param[out] vec Generated authentication vector |
| 125 | * \param[in] aud Subscriber-specific key material |
| 126 | * \param[in] rand_auts RAND value sent by the SIM/MS |
| 127 | * \param[in] auts AUTS value sent by the SIM/MS |
| 128 | * \param[in] rand Random challenge to be used to generate vector |
| 129 | * |
| 130 | * This function performs a special variant of the core cryptographic |
| 131 | * function of the AUC: computing authentication triples/quintuples |
| 132 | * based on the permanent subscriber data, a random value as well as the |
| 133 | * AUTS and RAND values returned by the SIM/MS. This special variant is |
| 134 | * needed if the sequence numbers between MS and AUC have for some |
| 135 | * reason become diffrent. |
| 136 | */ |
Harald Welte | d82e0eb | 2011-12-06 21:53:42 +0100 | [diff] [blame] | 137 | int osmo_auth_gen_vec_auts(struct osmo_auth_vector *vec, |
| 138 | struct osmo_sub_auth_data *aud, |
| 139 | const uint8_t *rand_auts, const uint8_t *auts, |
| 140 | const uint8_t *_rand) |
| 141 | { |
Harald Welte | 781bd5d | 2011-12-06 22:23:52 +0100 | [diff] [blame] | 142 | struct osmo_auth_impl *impl = selected_auths[aud->algo]; |
Harald Welte | d82e0eb | 2011-12-06 21:53:42 +0100 | [diff] [blame] | 143 | |
| 144 | if (!impl || !impl->gen_vec_auts) |
| 145 | return -ENOENT; |
| 146 | |
| 147 | return impl->gen_vec_auts(vec, aud, rand_auts, auts, _rand); |
| 148 | } |
Harald Welte | a5ab162 | 2011-12-07 02:33:11 +0100 | [diff] [blame] | 149 | |
Harald Welte | 1c72bfb | 2012-04-04 22:05:24 +0200 | [diff] [blame] | 150 | static const struct value_string auth_alg_vals[] = { |
Harald Welte | a5ab162 | 2011-12-07 02:33:11 +0100 | [diff] [blame] | 151 | { OSMO_AUTH_ALG_NONE, "None" }, |
| 152 | { OSMO_AUTH_ALG_COMP128v1, "COMP128v1" }, |
| 153 | { OSMO_AUTH_ALG_COMP128v2, "COMP128v2" }, |
| 154 | { OSMO_AUTH_ALG_COMP128v3, "COMP128v3" }, |
| 155 | { OSMO_AUTH_ALG_XOR, "XOR" }, |
| 156 | { OSMO_AUTH_ALG_MILENAGE, "MILENAGE" }, |
| 157 | { 0, NULL } |
| 158 | }; |
| 159 | |
Harald Welte | 007a71e | 2012-07-18 19:47:56 +0200 | [diff] [blame] | 160 | /*! \brief Get human-readable name of authentication algorithm */ |
Harald Welte | a5ab162 | 2011-12-07 02:33:11 +0100 | [diff] [blame] | 161 | const char *osmo_auth_alg_name(enum osmo_auth_algo alg) |
| 162 | { |
| 163 | return get_value_string(auth_alg_vals, alg); |
| 164 | } |
| 165 | |
Harald Welte | 007a71e | 2012-07-18 19:47:56 +0200 | [diff] [blame] | 166 | /*! \brief Parse human-readable name of authentication algorithm */ |
Harald Welte | a5ab162 | 2011-12-07 02:33:11 +0100 | [diff] [blame] | 167 | enum osmo_auth_algo osmo_auth_alg_parse(const char *name) |
| 168 | { |
| 169 | return get_string_value(auth_alg_vals, name); |
| 170 | } |
Harald Welte | 007a71e | 2012-07-18 19:47:56 +0200 | [diff] [blame] | 171 | |
| 172 | /*! @} */ |