Gitiles
Code Review Sign In
gerrit.osmocom.org / libosmocore / 766da8687741340135b637aa593886b7345b8ddc / . / src / gsm / gsup.c
blob: 3697958b8f214d31349be832545cfbb7cb107859 [file] [log] [blame]
Harald Welte3b6fb082016-04-25 18:46:22 +0200[diff] [blame]1/* Osmocom Subscriber Update Protocol message encoder/decoder */
2
3/*
4 * (C) 2014 by Sysmocom s.f.m.c. GmbH
5 * (C) 2015 by Holger Hans Peter Freyther
6 * (C) 2016 by Harald Welte <laforge@gnumonks.org>
7 * All Rights Reserved
8 *
9 * Author: Jacob Erlbeck
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU Affero General Public License as published by
13 * the Free Software Foundation; either version 3 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU Affero General Public License for more details.
20 *
21 * You should have received a copy of the GNU Affero General Public License
22 * along with this program. If not, see <http://www.gnu.org/licenses/>.
23 *
24 */
25
26#include <osmocom/gsm/tlv.h>
27#include <osmocom/core/msgb.h>
28#include <osmocom/core/logging.h>
29#include <osmocom/gsm/gsm48_ie.h>
30#include <osmocom/gsm/gsup.h>
31
32#include <stdint.h>
33
34static int decode_pdp_info(uint8_t *data, size_t data_len,
35 struct osmo_gsup_pdp_info *pdp_info)
36{
37 int rc;
38 uint8_t tag;
39 uint8_t *value;
40 size_t value_len;
41
42 /* specific parts */
43 while (data_len > 0) {
44 enum osmo_gsup_iei iei;
45
46 rc = osmo_shift_tlv(&data, &data_len, &tag, &value, &value_len);
47 if (rc < 0)
48 return -GMM_CAUSE_PROTO_ERR_UNSPEC;
49
50 iei = tag;
51
52 switch (iei) {
53 case OSMO_GSUP_PDP_CONTEXT_ID_IE:
54 pdp_info->context_id = osmo_decode_big_endian(value, value_len);
55 break;
56
57 case OSMO_GSUP_PDP_TYPE_IE:
58 pdp_info->pdp_type =
59 osmo_decode_big_endian(value, value_len) & 0x0fff;
60 break;
61
62 case OSMO_GSUP_ACCESS_POINT_NAME_IE:
63 pdp_info->apn_enc = value;
64 pdp_info->apn_enc_len = value_len;
65 break;
66
67 case OSMO_GSUP_PDP_QOS_IE:
68 pdp_info->qos_enc = value;
69 pdp_info->qos_enc_len = value_len;
70 break;
71
72 default:
73 LOGP(DLGSUP, LOGL_ERROR,
74 "GSUP IE type %d not expected in PDP info\n", iei);
75 continue;
76 }
77 }
78
79 return 0;
80}
81
82static int decode_auth_info(uint8_t *data, size_t data_len,
83 struct osmo_auth_vector *auth_vector)
84{
85 int rc;
86 uint8_t tag;
87 uint8_t *value;
88 size_t value_len;
89 enum osmo_gsup_iei iei;
90 uint8_t presence = 0;
91
92 /* specific parts */
93 while (data_len > 0) {
94 rc = osmo_shift_tlv(&data, &data_len, &tag, &value, &value_len);
95 if (rc < 0)
96 return -GMM_CAUSE_PROTO_ERR_UNSPEC;
97
98 iei = tag;
99
100 switch (iei) {
101 case OSMO_GSUP_RAND_IE:
102 if (value_len != sizeof(auth_vector->rand))
103 goto parse_error;
104
105 memcpy(auth_vector->rand, value, value_len);
106 presence |= (1 << 0);
107 break;
108
109 case OSMO_GSUP_SRES_IE:
110 if (value_len != sizeof(auth_vector->sres))
111 goto parse_error;
112
113 memcpy(auth_vector->sres, value, value_len);
114 presence |= (1 << 1);
115 break;
116
117 case OSMO_GSUP_KC_IE:
118 if (value_len != sizeof(auth_vector->kc))
119 goto parse_error;
120
121 memcpy(auth_vector->kc, value, value_len);
122 presence |= (1 << 2);
123 break;
124
125 case OSMO_GSUP_IK_IE:
126 if (value_len != sizeof(auth_vector->ik))
127 goto parse_error;
128 memcpy(auth_vector->ik, value, value_len);
129 presence |= (1 << 4);
130 break;
131
132 case OSMO_GSUP_CK_IE:
133 if (value_len != sizeof(auth_vector->ck))
134 goto parse_error;
135 memcpy(auth_vector->ck, value, value_len);
136 presence |= (1 << 5);
137 break;
138
139 case OSMO_GSUP_AUTN_IE:
140 if (value_len != sizeof(auth_vector->autn))
141 goto parse_error;
142 memcpy(auth_vector->autn, value, value_len);
143 presence |= (1 << 6);
144 break;
145 case OSMO_GSUP_RES_IE:
146 if (value_len > sizeof(auth_vector->res))
147 goto parse_error;
148 memcpy(auth_vector->res, value, value_len);
149 auth_vector->res_len = value_len;
150 presence |= (1 << 7);
151 break;
152
153 default:
154 LOGP(DLGSUP, LOGL_ERROR,
155 "GSUP IE type %d not expected in PDP info\n", iei);
156 continue;
157 }
158 }
159
160 if (presence & 0x07)
161 auth_vector->auth_types |= OSMO_AUTH_TYPE_GSM;
162 if (presence & 0xf0)
163 auth_vector->auth_types |= OSMO_AUTH_TYPE_UMTS;
164
165 return 0;
166
167parse_error:
168 LOGP(DLGSUP, LOGL_ERROR,
169 "GSUP IE type %d, length %zu invalid in PDP info\n", iei, value_len);
170
171 return -1;
172}
173
174/*! Decode (parse) a GSUP message
175 * \param[in] const_data input data to be parsed
176 * \param[in] data_len length of input (\a const_data)
177 * \param[out] gsup_msg callee-allocated output data structure
178 * \returns 0 on success; negative otherwise
179 */
180int osmo_gsup_decode(const uint8_t *const_data, size_t data_len,
181 struct osmo_gsup_message *gsup_msg)
182{
183 int rc;
184 uint8_t tag;
185 /* the shift/match functions expect non-const pointers, but we'll
186 * either copy the data or cast pointers back to const before returning
187 * them
188 */
189 uint8_t *data = (uint8_t *)const_data;
190 uint8_t *value;
191 size_t value_len;
192 static const struct osmo_gsup_pdp_info empty_pdp_info = {0};
193 static const struct osmo_auth_vector empty_auth_info = {0};
194 static const struct osmo_gsup_message empty_gsup_message = {0};
195
196 *gsup_msg = empty_gsup_message;
197
198 /* generic part */
199 rc = osmo_shift_v_fixed(&data, &data_len, 1, &value);
200 if (rc < 0)
201 return -GMM_CAUSE_INV_MAND_INFO;
202
203 gsup_msg->message_type = osmo_decode_big_endian(value, 1);
204
205 rc = osmo_match_shift_tlv(&data, &data_len, OSMO_GSUP_IMSI_IE,
206 &value, &value_len);
207
208 if (rc <= 0)
209 return -GMM_CAUSE_INV_MAND_INFO;
210
211 if (value_len * 2 + 1 > sizeof(gsup_msg->imsi))
212 return -GMM_CAUSE_INV_MAND_INFO;
213
214 /* Note that gsm48_decode_bcd_number expects the number of encoded IMSI
215 * octets in the first octet. By coincidence (the TLV encoding) the byte
216 * before the value part already contains this length so we can use it
217 * here.
218 */
219 OSMO_ASSERT(value[-1] == value_len);
220 gsm48_decode_bcd_number(gsup_msg->imsi, sizeof(gsup_msg->imsi),
221 value - 1, 0);
222
223 /* specific parts */
224 while (data_len > 0) {
225 enum osmo_gsup_iei iei;
226 struct osmo_gsup_pdp_info pdp_info;
227 struct osmo_auth_vector auth_info;
228
229 rc = osmo_shift_tlv(&data, &data_len, &tag, &value, &value_len);
230 if (rc < 0)
231 return -GMM_CAUSE_PROTO_ERR_UNSPEC;
232
233 iei = tag;
234
235 switch (iei) {
236 case OSMO_GSUP_IMSI_IE:
237 case OSMO_GSUP_PDP_TYPE_IE:
238 case OSMO_GSUP_ACCESS_POINT_NAME_IE:
Harald Welte3b6fb082016-04-25 18:46:22 +0200[diff] [blame]239 case OSMO_GSUP_SRES_IE:
240 case OSMO_GSUP_KC_IE:
241 LOGP(DLGSUP, LOGL_NOTICE,
242 "GSUP IE type %d not expected (ignored)\n", iei);
243 continue;
244
245 case OSMO_GSUP_CAUSE_IE:
246 gsup_msg->cause = osmo_decode_big_endian(value, value_len);
247 break;
248
249 case OSMO_GSUP_CANCEL_TYPE_IE:
250 gsup_msg->cancel_type =
251 osmo_decode_big_endian(value, value_len) + 1;
252 break;
253
254 case OSMO_GSUP_PDP_INFO_COMPL_IE:
255 gsup_msg->pdp_info_compl = 1;
256 break;
257
258 case OSMO_GSUP_FREEZE_PTMSI_IE:
259 gsup_msg->freeze_ptmsi = 1;
260 break;
261
262 case OSMO_GSUP_PDP_CONTEXT_ID_IE:
263 /* When these IE appear in the top-level part of the
264 * message, they are used by Delete Subscr Info to delete
265 * single entries. We don't have an extra list for
266 * these but use the PDP info list instead */
267
268 /* fall through */
269
270 case OSMO_GSUP_PDP_INFO_IE:
271 if (gsup_msg->num_pdp_infos >= OSMO_GSUP_MAX_NUM_PDP_INFO) {
272 LOGP(DLGSUP, LOGL_ERROR,
273 "GSUP IE type %d (PDP_INFO) max exceeded\n",
274 iei);
275 return -GMM_CAUSE_COND_IE_ERR;
276 }
277
278 pdp_info = empty_pdp_info;
279
280 if (iei == OSMO_GSUP_PDP_INFO_IE) {
281 rc = decode_pdp_info(value, value_len, &pdp_info);
282 if (rc < 0)
283 return rc;
284 pdp_info.have_info = 1;
285 } else {
286 pdp_info.context_id =
287 osmo_decode_big_endian(value, value_len);
288 }
289
290 gsup_msg->pdp_infos[gsup_msg->num_pdp_infos++] =
291 pdp_info;
292 break;
293
294 case OSMO_GSUP_AUTH_TUPLE_IE:
295 if (gsup_msg->num_auth_vectors >= OSMO_GSUP_MAX_NUM_AUTH_INFO) {
296 LOGP(DLGSUP, LOGL_ERROR,
297 "GSUP IE type %d (AUTH_INFO) max exceeded\n",
298 iei);
299 return -GMM_CAUSE_INV_MAND_INFO;
300 }
301
302 auth_info = empty_auth_info;
303
304 rc = decode_auth_info(value, value_len, &auth_info);
305 if (rc < 0)
306 return rc;
307
308 gsup_msg->auth_vectors[gsup_msg->num_auth_vectors++] =
309 auth_info;
310 break;
311
312 case OSMO_GSUP_AUTS_IE:
313 if (value_len != 16) {
314 LOGP(DLGSUP, LOGL_ERROR,
315 "AUTS length != 16 received\n");
316 return -GMM_CAUSE_COND_IE_ERR;
317 }
318 gsup_msg->auts = value;
319 break;
320
Harald Welte766da862016-05-06 11:18:15 +0200[diff] [blame^]321 case OSMO_GSUP_RAND_IE:
322 if (value_len != 16) {
323 LOGP(DLGSUP, LOGL_ERROR,
324 "RAND length != 16 received\n");
325 return -GMM_CAUSE_COND_IE_ERR;
326 }
327 gsup_msg->rand = value;
328 break;
329
Harald Welte3b6fb082016-04-25 18:46:22 +0200[diff] [blame]330 case OSMO_GSUP_MSISDN_IE:
331 gsup_msg->msisdn_enc = value;
332 gsup_msg->msisdn_enc_len = value_len;
333 break;
334
335 case OSMO_GSUP_HLR_NUMBER_IE:
336 gsup_msg->hlr_enc = value;
337 gsup_msg->hlr_enc_len = value_len;
338 break;
339
Harald Welte48dc1a52016-05-05 18:46:42 +0200[diff] [blame]340 case OSMO_GSUP_CN_DOMAIN_IE:
341 gsup_msg->cn_domain = *value;
342 break;
343
Harald Welte3b6fb082016-04-25 18:46:22 +0200[diff] [blame]344 default:
345 LOGP(DLGSUP, LOGL_NOTICE,
346 "GSUP IE type %d unknown\n", iei);
347 continue;
348 }
349 }
350
351 return 0;
352}
353
354static void encode_pdp_info(struct msgb *msg, enum osmo_gsup_iei iei,
355 const struct osmo_gsup_pdp_info *pdp_info)
356{
357 uint8_t *len_field;
358 size_t old_len;
359 uint8_t u8;
360
361 len_field = msgb_tlv_put(msg, iei, 0, NULL) - 1;
362 old_len = msgb_length(msg);
363
364 u8 = pdp_info->context_id;
365 msgb_tlv_put(msg, OSMO_GSUP_PDP_CONTEXT_ID_IE, sizeof(u8), &u8);
366
367 if (pdp_info->pdp_type) {
368 msgb_tlv_put(msg, OSMO_GSUP_PDP_TYPE_IE,
369 OSMO_GSUP_PDP_TYPE_SIZE,
370 osmo_encode_big_endian(pdp_info->pdp_type | 0xf000,
371 OSMO_GSUP_PDP_TYPE_SIZE));
372 }
373
374 if (pdp_info->apn_enc) {
375 msgb_tlv_put(msg, OSMO_GSUP_ACCESS_POINT_NAME_IE,
376 pdp_info->apn_enc_len, pdp_info->apn_enc);
377 }
378
379 if (pdp_info->qos_enc) {
380 msgb_tlv_put(msg, OSMO_GSUP_PDP_QOS_IE,
381 pdp_info->qos_enc_len, pdp_info->qos_enc);
382 }
383
384 /* Update length field */
385 *len_field = msgb_length(msg) - old_len;
386}
387
388static void encode_auth_info(struct msgb *msg, enum osmo_gsup_iei iei,
389 const struct osmo_auth_vector *auth_vector)
390{
391 uint8_t *len_field;
392 size_t old_len;
393
394 len_field = msgb_tlv_put(msg, iei, 0, NULL) - 1;
395 old_len = msgb_length(msg);
396
397 msgb_tlv_put(msg, OSMO_GSUP_RAND_IE,
398 sizeof(auth_vector->rand), auth_vector->rand);
399
400 msgb_tlv_put(msg, OSMO_GSUP_SRES_IE,
401 sizeof(auth_vector->sres), auth_vector->sres);
402
403 msgb_tlv_put(msg, OSMO_GSUP_KC_IE,
404 sizeof(auth_vector->kc), auth_vector->kc);
405
406 /* Update length field */
407 *len_field = msgb_length(msg) - old_len;
408}
409
410/*! Encode a GSUP message
411 * \param[out] msg message buffer to which encoded message is written
412 * \param[in] gsup_msg \ref osmo_gsup_message data to be encoded
413 */
414void osmo_gsup_encode(struct msgb *msg, const struct osmo_gsup_message *gsup_msg)
415{
416 uint8_t u8;
417 int idx;
418 uint8_t bcd_buf[GSM48_MI_SIZE] = {0};
419 size_t bcd_len;
420
421 /* generic part */
422 OSMO_ASSERT(gsup_msg->message_type);
423 msgb_v_put(msg, gsup_msg->message_type);
424
425 bcd_len = gsm48_encode_bcd_number(bcd_buf, sizeof(bcd_buf), 0,
426 gsup_msg->imsi);
427
428 OSMO_ASSERT(bcd_len > 1);
429
430 /* Note that gsm48_encode_bcd_number puts the length into the first
431 * octet. Since msgb_tlv_put will add this length byte, we'll have to
432 * skip it */
433 msgb_tlv_put(msg, OSMO_GSUP_IMSI_IE, bcd_len - 1, &bcd_buf[1]);
434
435 /* specific parts */
436 if (gsup_msg->msisdn_enc)
437 msgb_tlv_put(msg, OSMO_GSUP_MSISDN_IE,
438 gsup_msg->msisdn_enc_len, gsup_msg->msisdn_enc);
439 if (gsup_msg->hlr_enc)
440 msgb_tlv_put(msg, OSMO_GSUP_HLR_NUMBER_IE,
441 gsup_msg->hlr_enc_len, gsup_msg->hlr_enc);
442
443 if ((u8 = gsup_msg->cause))
444 msgb_tlv_put(msg, OSMO_GSUP_CAUSE_IE, sizeof(u8), &u8);
445
446 if ((u8 = gsup_msg->cancel_type)) {
447 u8 -= 1;
448 msgb_tlv_put(msg, OSMO_GSUP_CANCEL_TYPE_IE, sizeof(u8), &u8);
449 }
450
451 if (gsup_msg->pdp_info_compl)
452 msgb_tlv_put(msg, OSMO_GSUP_PDP_INFO_COMPL_IE, 0, &u8);
453
454 if (gsup_msg->freeze_ptmsi)
455 msgb_tlv_put(msg, OSMO_GSUP_FREEZE_PTMSI_IE, 0, &u8);
456
457 for (idx = 0; idx < gsup_msg->num_pdp_infos; idx++) {
458 const struct osmo_gsup_pdp_info *pdp_info;
459
460 pdp_info = &gsup_msg->pdp_infos[idx];
461
462 if (pdp_info->context_id == 0)
463 continue;
464
465 if (pdp_info->have_info) {
466 encode_pdp_info(msg, OSMO_GSUP_PDP_INFO_IE, pdp_info);
467 } else {
468 u8 = pdp_info->context_id;
469 msgb_tlv_put(msg, OSMO_GSUP_PDP_CONTEXT_ID_IE,
470 sizeof(u8), &u8);
471 }
472 }
473
474 for (idx = 0; idx < gsup_msg->num_auth_vectors; idx++) {
475 const struct osmo_auth_vector *auth_vector;
476
477 auth_vector = &gsup_msg->auth_vectors[idx];
478
479 encode_auth_info(msg, OSMO_GSUP_AUTH_TUPLE_IE, auth_vector);
480 }
481
482 if (gsup_msg->auts)
483 msgb_tlv_put(msg, OSMO_GSUP_AUTS_IE, 16, gsup_msg->auts);
Harald Welte48dc1a52016-05-05 18:46:42 +0200[diff] [blame]484
Harald Welte766da862016-05-06 11:18:15 +0200[diff] [blame^]485 if (gsup_msg->rand)
486 msgb_tlv_put(msg, OSMO_GSUP_RAND_IE, 16, gsup_msg->rand);
487
Harald Welte48dc1a52016-05-05 18:46:42 +0200[diff] [blame]488 if (gsup_msg->cn_domain) {
489 uint8_t dn = gsup_msg->cn_domain;
490 msgb_tlv_put(msg, OSMO_GSUP_CN_DOMAIN_IE, 1, &dn);
491 }
Harald Welte3b6fb082016-04-25 18:46:22 +0200[diff] [blame]492}