Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-mgw / ecdfd6d097eb0030b1a0a003fb855b38733f9ba6 / . / openbsc / src / libmsc / auth.c
blob: 3b1fd738a866a0992ebd715bd8e12fe9bdfa3f88 [file] [log] [blame]
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]1/* Authentication related functions */
2
3/*
4 * (C) 2010 by Sylvain Munaut <tnt@246tNt.com>
5 *
6 * All Rights Reserved
7 *
8 * This program is free software; you can redistribute it and/or modify
Harald Welte9af6ddf2011-01-01 15:25:50 +0100[diff] [blame]9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Harald Welte9af6ddf2011-01-01 15:25:50 +0100[diff] [blame]16 * GNU Affero General Public License for more details.
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]17 *
Harald Welte9af6ddf2011-01-01 15:25:50 +0100[diff] [blame]18 * You should have received a copy of the GNU Affero General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]20 *
21 */
22
23#include <openbsc/db.h>
24#include <openbsc/debug.h>
Harald Welte86dda082010-12-23 18:07:49 +0100[diff] [blame]25#include <openbsc/auth.h>
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]26#include <openbsc/gsm_data.h>
27
Pablo Neira Ayuso136f4532011-03-22 16:47:59 +0100[diff] [blame]28#include <osmocom/gsm/comp128.h>
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]29
Daniel Willmann62a63f52015-10-08 16:10:25 +0200[diff] [blame]30#include <openssl/rand.h>
31
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]32#include <stdlib.h>
33
Neels Hofmeyr37984bd2016-03-30 11:22:24 +0200[diff] [blame]34const struct value_string auth_action_names[] = {
35#define AUTH_ACTION_STR(X) { X, #X }
Neels Hofmeyrf9b212f2016-03-30 11:22:27 +0200[diff] [blame]36 AUTH_ACTION_STR(AUTH_ERROR),
Neels Hofmeyr37984bd2016-03-30 11:22:24 +0200[diff] [blame]37 AUTH_ACTION_STR(AUTH_NOT_AVAIL),
38 AUTH_ACTION_STR(AUTH_DO_AUTH_THEN_CIPH),
39 AUTH_ACTION_STR(AUTH_DO_CIPH),
40 AUTH_ACTION_STR(AUTH_DO_AUTH),
41#undef AUTH_ACTION_STR
Neels Hofmeyrecdfd6d2016-12-16 14:16:41 +0100[diff] [blame^]42 { 0, NULL }
Neels Hofmeyr37984bd2016-03-30 11:22:24 +0200[diff] [blame]43};
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]44
45static int
Sylvain Munaute824d9c2010-06-11 00:19:42 +0200[diff] [blame]46_use_xor(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple)
47{
48 int i, l = ainfo->a3a8_ki_len;
49
50 if ((l > A38_XOR_MAX_KEY_LEN) || (l < A38_XOR_MIN_KEY_LEN)) {
Harald Welte082b01f2010-12-23 22:54:06 +0100[diff] [blame]51 LOGP(DMM, LOGL_ERROR, "Invalid XOR key (len=%d) %s\n",
Sylvain Munaute824d9c2010-06-11 00:19:42 +0200[diff] [blame]52 ainfo->a3a8_ki_len,
Pablo Neira Ayusoc0d17f22011-05-07 12:12:48 +0200[diff] [blame]53 osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len));
Sylvain Munaute824d9c2010-06-11 00:19:42 +0200[diff] [blame]54 return -1;
55 }
56
57 for (i=0; i<4; i++)
Harald Welte121e9a42016-04-20 13:13:19 +0200[diff] [blame]58 atuple->vec.sres[i] = atuple->vec.rand[i] ^ ainfo->a3a8_ki[i];
Sylvain Munaut0230b342010-09-21 19:03:09 +0200[diff] [blame]59 for (i=4; i<12; i++)
Harald Welte121e9a42016-04-20 13:13:19 +0200[diff] [blame]60 atuple->vec.kc[i-4] = atuple->vec.rand[i] ^ ainfo->a3a8_ki[i];
Sylvain Munaute824d9c2010-06-11 00:19:42 +0200[diff] [blame]61
62 return 0;
63}
64
65static int
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]66_use_comp128_v1(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple)
67{
68 if (ainfo->a3a8_ki_len != A38_COMP128_KEY_LEN) {
Harald Welte082b01f2010-12-23 22:54:06 +0100[diff] [blame]69 LOGP(DMM, LOGL_ERROR, "Invalid COMP128v1 key (len=%d) %s\n",
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]70 ainfo->a3a8_ki_len,
Pablo Neira Ayusoc0d17f22011-05-07 12:12:48 +0200[diff] [blame]71 osmo_hexdump(ainfo->a3a8_ki, ainfo->a3a8_ki_len));
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]72 return -1;
73 }
74
Harald Welte121e9a42016-04-20 13:13:19 +0200[diff] [blame]75 comp128(ainfo->a3a8_ki, atuple->vec.rand, atuple->vec.sres, atuple->vec.kc);
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]76
77 return 0;
78}
79
80/* Return values
81 * -1 -> Internal error
82 * 0 -> Not available
83 * 1 -> Tuple returned, need to do auth, then enable cipher
84 * 2 -> Tuple returned, need to enable cipher
85 */
86int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
87 struct gsm_subscriber *subscr, int key_seq)
88{
89 struct gsm_auth_info ainfo;
Daniel Willmann62a63f52015-10-08 16:10:25 +0200[diff] [blame]90 int rc;
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]91
92 /* Get subscriber info (if any) */
93 rc = db_get_authinfo_for_subscr(&ainfo, subscr);
94 if (rc < 0) {
Harald Welte082b01f2010-12-23 22:54:06 +0100[diff] [blame]95 LOGP(DMM, LOGL_NOTICE,
96 "No retrievable Ki for subscriber, skipping auth\n");
Neels Hofmeyrf9b212f2016-03-30 11:22:27 +0200[diff] [blame]97 return rc == -ENOENT ? AUTH_NOT_AVAIL : AUTH_ERROR;
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]98 }
99
100 /* If possible, re-use the last tuple and skip auth */
101 rc = db_get_lastauthtuple_for_subscr(atuple, subscr);
102 if ((rc == 0) &&
Sylvain Munautcd8e8102010-09-21 19:04:07 +0200[diff] [blame]103 (key_seq != GSM_KEY_SEQ_INVAL) &&
Neels Hofmeyr0d929be2016-03-30 11:22:29 +0200[diff] [blame]104 (key_seq == atuple->key_seq) &&
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]105 (atuple->use_count < 3))
106 {
107 atuple->use_count++;
108 db_sync_lastauthtuple_for_subscr(atuple, subscr);
Harald Welte082b01f2010-12-23 22:54:06 +0100[diff] [blame]109 DEBUGP(DMM, "Auth tuple use < 3, just doing ciphering\n");
Harald Welte86dda082010-12-23 18:07:49 +0100[diff] [blame]110 return AUTH_DO_CIPH;
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]111 }
112
113 /* Generate a new one */
Neels Hofmeyrcf1302e2016-03-30 11:22:30 +0200[diff] [blame]114 if (rc != 0) {
115 /* If db_get_lastauthtuple_for_subscr() returned nothing, make
116 * sure the atuple memory is initialized to zero and thus start
117 * off with key_seq = 0. */
118 memset(atuple, 0, sizeof(*atuple));
119 } else {
120 /* If db_get_lastauthtuple_for_subscr() returned a previous
121 * tuple, use the next key_seq. */
122 atuple->key_seq = (atuple->key_seq + 1) % 7;
123 }
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]124 atuple->use_count = 1;
Daniel Willmann62a63f52015-10-08 16:10:25 +0200[diff] [blame]125
Harald Welte121e9a42016-04-20 13:13:19 +0200[diff] [blame]126 if (RAND_bytes(atuple->vec.rand, sizeof(atuple->vec.rand)) != 1) {
Daniel Willmann62a63f52015-10-08 16:10:25 +0200[diff] [blame]127 LOGP(DMM, LOGL_NOTICE, "RAND_bytes failed, can't generate new auth tuple\n");
Neels Hofmeyrf9b212f2016-03-30 11:22:27 +0200[diff] [blame]128 return AUTH_ERROR;
Daniel Willmann62a63f52015-10-08 16:10:25 +0200[diff] [blame]129 }
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]130
131 switch (ainfo.auth_algo) {
Harald Welte082b01f2010-12-23 22:54:06 +0100[diff] [blame]132 case AUTH_ALGO_NONE:
133 DEBUGP(DMM, "No authentication for subscriber\n");
Neels Hofmeyr4e875ae2016-03-30 11:22:28 +0200[diff] [blame]134 return AUTH_NOT_AVAIL;
Harald Welte082b01f2010-12-23 22:54:06 +0100[diff] [blame]135
136 case AUTH_ALGO_XOR:
137 if (_use_xor(&ainfo, atuple))
Neels Hofmeyr4e875ae2016-03-30 11:22:28 +0200[diff] [blame]138 return AUTH_NOT_AVAIL;
Harald Welte082b01f2010-12-23 22:54:06 +0100[diff] [blame]139 break;
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]140
Harald Welte082b01f2010-12-23 22:54:06 +0100[diff] [blame]141 case AUTH_ALGO_COMP128v1:
142 if (_use_comp128_v1(&ainfo, atuple))
Neels Hofmeyr4e875ae2016-03-30 11:22:28 +0200[diff] [blame]143 return AUTH_NOT_AVAIL;
Harald Welte082b01f2010-12-23 22:54:06 +0100[diff] [blame]144 break;
145
146 default:
147 DEBUGP(DMM, "Unsupported auth type algo_id=%d\n",
148 ainfo.auth_algo);
Neels Hofmeyr4e875ae2016-03-30 11:22:28 +0200[diff] [blame]149 return AUTH_NOT_AVAIL;
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]150 }
151
152 db_sync_lastauthtuple_for_subscr(atuple, subscr);
153
Harald Welte082b01f2010-12-23 22:54:06 +0100[diff] [blame]154 DEBUGP(DMM, "Need to do authentication and ciphering\n");
Neels Hofmeyrd2fa7a52016-03-10 23:30:37 +0100[diff] [blame]155 return AUTH_DO_AUTH_THEN_CIPH;
Sylvain Munaut30a15382009-12-24 00:27:26 +0100[diff] [blame]156}
157