Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 1 | /* (C) 2015 by Harald Welte <laforge@gnumonks.org> |
| 2 | * |
| 3 | * All Rights Reserved |
| 4 | * |
| 5 | * This program is free software; you can redistribute it and/or modify |
| 6 | * it under the terms of the GNU Affero General Public License as published by |
| 7 | * the Free Software Foundation; either version 3 of the License, or |
| 8 | * (at your option) any later version. |
| 9 | * |
| 10 | * This program is distributed in the hope that it will be useful, |
| 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 13 | * GNU Affero General Public License for more details. |
| 14 | * |
| 15 | * You should have received a copy of the GNU Affero General Public License |
| 16 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 17 | * |
| 18 | */ |
| 19 | |
| 20 | #include <string.h> |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 21 | #include <inttypes.h> |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 22 | |
| 23 | #include <osmocom/core/utils.h> |
| 24 | #include <osmocom/crypt/auth.h> |
| 25 | |
| 26 | #include "logging.h" |
| 27 | #include "rand.h" |
| 28 | |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 29 | #define hexb(buf) osmo_hexdump_nospc((void*)buf, sizeof(buf)) |
| 30 | #define hex(buf,sz) osmo_hexdump_nospc((void*)buf, sz) |
| 31 | |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 32 | /* compute given number of vectors using either aud2g or aud2g or a combination |
Neels Hofmeyr | 5b581ac | 2017-01-19 15:54:01 +0100 | [diff] [blame] | 33 | * of both. Handles re-synchronization if rand_auts and auts are set */ |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 34 | int auc_compute_vectors(struct osmo_auth_vector *vec, unsigned int num_vec, |
| 35 | struct osmo_sub_auth_data *aud2g, |
| 36 | struct osmo_sub_auth_data *aud3g, |
| 37 | const uint8_t *rand_auts, const uint8_t *auts) |
| 38 | { |
| 39 | unsigned int i; |
| 40 | uint8_t rand[16]; |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 41 | struct osmo_auth_vector vtmp; |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 42 | int rc; |
| 43 | |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 44 | /* no need to iterate the log categories all the time */ |
| 45 | int dbg = log_check_level(DAUC, LOGL_DEBUG); |
| 46 | #define DBGP(args ...) if (dbg) DEBUGP(DAUC, ##args) |
| 47 | #define DBGVB(member) DBGP("vector [%u]: " #member " = %s\n", \ |
| 48 | i, hexb(vec[i].member)) |
| 49 | #define DBGVV(fmt, member) DBGP("vector [%u]: " #member " = " fmt "\n", \ |
| 50 | i, vec[i].member) |
| 51 | |
Neels Hofmeyr | 569d322 | 2017-02-21 22:57:11 +0100 | [diff] [blame] | 52 | if (aud2g && (aud2g->algo == OSMO_AUTH_ALG_NONE |
| 53 | || aud2g->type == OSMO_AUTH_TYPE_NONE)) |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 54 | aud2g = NULL; |
Neels Hofmeyr | 569d322 | 2017-02-21 22:57:11 +0100 | [diff] [blame] | 55 | if (aud3g && (aud3g->algo == OSMO_AUTH_ALG_NONE |
| 56 | || aud3g->type == OSMO_AUTH_TYPE_NONE)) |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 57 | aud3g = NULL; |
| 58 | |
Neels Hofmeyr | 569d322 | 2017-02-21 22:57:11 +0100 | [diff] [blame] | 59 | if (!aud2g && !aud3g) { |
| 60 | LOGP(DAUC, LOGL_ERROR, "auc_compute_vectors() called" |
| 61 | " with neither 2G nor 3G auth data available\n"); |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 62 | return -1; |
Neels Hofmeyr | 569d322 | 2017-02-21 22:57:11 +0100 | [diff] [blame] | 63 | } |
| 64 | |
| 65 | if (aud2g && aud2g->type != OSMO_AUTH_TYPE_GSM) { |
| 66 | LOGP(DAUC, LOGL_ERROR, "auc_compute_vectors() called" |
| 67 | " with non-2G auth data passed for aud2g arg\n"); |
| 68 | return -1; |
| 69 | } |
| 70 | |
| 71 | if (aud3g && aud3g->type != OSMO_AUTH_TYPE_UMTS) { |
| 72 | LOGP(DAUC, LOGL_ERROR, "auc_compute_vectors() called" |
| 73 | " with non-3G auth data passed for aud3g arg\n"); |
| 74 | return -1; |
| 75 | } |
| 76 | |
| 77 | if ((rand_auts != NULL) != (auts != NULL)) { |
| 78 | LOGP(DAUC, LOGL_ERROR, "auc_compute_vectors() with only one" |
| 79 | " of AUTS and AUTS_RAND given, need both or neither\n"); |
| 80 | return -1; |
| 81 | } |
| 82 | |
| 83 | if (auts && !aud3g) { |
| 84 | LOGP(DAUC, LOGL_ERROR, "auc_compute_vectors() with AUTS called" |
| 85 | " but no 3G auth data passed\n"); |
| 86 | return -1; |
| 87 | } |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 88 | |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 89 | DBGP("Computing %d auth vector%s: %s%s\n", |
| 90 | num_vec, num_vec == 1 ? "" : "s", |
| 91 | aud3g? (aud2g? "3G + separate 2G" |
| 92 | : "3G only (2G derived from 3G keys)") |
| 93 | : "2G only", |
| 94 | auts? ", with AUTS resync" : ""); |
| 95 | if (aud3g) { |
| 96 | DBGP("3G: k = %s\n", hexb(aud3g->u.umts.k)); |
| 97 | DBGP("3G: %s = %s\n", |
| 98 | aud3g->u.umts.opc_is_op? "OP" : "opc", |
| 99 | hexb(aud3g->u.umts.opc)); |
Neels Hofmeyr | edebc22 | 2017-03-16 04:58:58 +0100 | [diff] [blame] | 100 | DBGP("3G: for sqn ind %u, previous sqn was %" PRIu64 "\n", |
| 101 | aud3g->u.umts.ind, aud3g->u.umts.sqn); |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 102 | } |
| 103 | if (aud2g) |
| 104 | DBGP("2G: ki = %s\n", hexb(aud2g->u.gsm.ki)); |
| 105 | |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 106 | for (i = 0; i < num_vec; i++) { |
| 107 | rc = rand_get(rand, sizeof(rand)); |
| 108 | if (rc != sizeof(rand)) { |
| 109 | LOGP(DAUC, LOGL_ERROR, "Unable to read %zu random " |
| 110 | "bytes: rc=%d\n", sizeof(rand), rc); |
| 111 | goto out; |
| 112 | } |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 113 | DBGP("vector [%u]: rand = %s\n", i, hexb(rand)); |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 114 | |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 115 | if (aud3g) { |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 116 | /* 3G or 3G + 2G case */ |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 117 | |
Neels Hofmeyr | b5b11e3 | 2017-02-22 01:42:43 +0100 | [diff] [blame] | 118 | /* Do AUTS only for the first vector or we would use |
| 119 | * the same SQN for each following key. */ |
| 120 | if ((i == 0) && auts) { |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 121 | DBGP("vector [%u]: resync: auts = %s\n", |
| 122 | i, hex(auts, 14)); |
| 123 | DBGP("vector [%u]: resync: rand_auts = %s\n", |
| 124 | i, hex(rand_auts, 16)); |
| 125 | |
| 126 | rc = osmo_auth_gen_vec_auts(vec+i, aud3g, auts, |
| 127 | rand_auts, rand); |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 128 | } else { |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 129 | rc = osmo_auth_gen_vec(vec+i, aud3g, rand); |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 130 | } |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 131 | if (rc < 0) { |
| 132 | LOGP(DAUC, LOGL_ERROR, "Error in 3G vector " |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 133 | "generation: [%u]: rc = %d\n", i, rc); |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 134 | goto out; |
| 135 | } |
Neels Hofmeyr | ee392bb | 2017-03-16 05:20:50 +0100 | [diff] [blame] | 136 | DBGP("vector [%u]: sqn = %" PRIu64 "\n", |
| 137 | i, aud3g->u.umts.sqn); |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 138 | |
| 139 | DBGVB(autn); |
| 140 | DBGVB(ck); |
| 141 | DBGVB(ik); |
| 142 | DBGVB(res); |
| 143 | DBGVV("%u", res_len); |
| 144 | |
| 145 | if (!aud2g) { |
| 146 | /* use the 2G tokens from 3G keys */ |
| 147 | DBGVB(kc); |
| 148 | DBGVB(sres); |
| 149 | DBGVV("0x%x", auth_types); |
| 150 | continue; |
| 151 | } |
| 152 | /* calculate 2G separately */ |
| 153 | |
| 154 | DBGP("vector [%u]: deriving 2G from 3G\n", i); |
| 155 | |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 156 | rc = osmo_auth_gen_vec(&vtmp, aud2g, rand); |
| 157 | if (rc < 0) { |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 158 | LOGP(DAUC, LOGL_ERROR, "Error in 2G vector" |
| 159 | "generation: [%u]: rc = %d\n", i, rc); |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 160 | goto out; |
| 161 | } |
| 162 | memcpy(&vec[i].kc, vtmp.kc, sizeof(vec[i].kc)); |
| 163 | memcpy(&vec[i].sres, vtmp.sres, sizeof(vec[i].sres)); |
| 164 | vec[i].auth_types |= OSMO_AUTH_TYPE_GSM; |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 165 | } else { |
| 166 | /* 2G only case */ |
| 167 | rc = osmo_auth_gen_vec(vec+i, aud2g, rand); |
| 168 | if (rc < 0) { |
| 169 | LOGP(DAUC, LOGL_ERROR, "Error in 2G vector " |
| 170 | "generation: [%u]: rc = %d\n", i, rc); |
| 171 | goto out; |
| 172 | } |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 173 | } |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 174 | |
| 175 | DBGVB(kc); |
| 176 | DBGVB(sres); |
| 177 | DBGVV("0x%x", auth_types); |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 178 | } |
| 179 | out: |
| 180 | return i; |
Neels Hofmeyr | 8d97d34 | 2017-02-21 22:46:35 +0100 | [diff] [blame] | 181 | #undef DBGVV |
| 182 | #undef DBGVB |
| 183 | #undef DBGP |
Harald Welte | e72cf55 | 2016-04-28 07:18:49 +0200 | [diff] [blame] | 184 | } |