support A5/4 in Cipher Mode Command
Related: SYS#5324
Change-Id: I780a739b9bfbefd4f58be051794fe1a491823e67
diff --git a/include/osmocom/msc/msc_common.h b/include/osmocom/msc/msc_common.h
index 8a43e69..e7ac559 100644
--- a/include/osmocom/msc/msc_common.h
+++ b/include/osmocom/msc/msc_common.h
@@ -32,6 +32,8 @@
uint8_t alg_id;
uint8_t key_len;
uint8_t key[MAX_A5_KEY_LEN];
+ bool kc128_present;
+ uint8_t kc128[MAX_A5_KEY_LEN];
};
enum complete_layer3_type {
diff --git a/src/libmsc/msc_a.c b/src/libmsc/msc_a.c
index 05030d3..4c38c56 100644
--- a/src/libmsc/msc_a.c
+++ b/src/libmsc/msc_a.c
@@ -292,6 +292,14 @@
return msc_a_ran_enc_ciphering(msc_a, umts_aka, retrieve_imeisv);
}
+static uint8_t filter_a5(uint8_t a5_mask, bool umts_aka)
+{
+ /* With GSM AKA: allow A5/0, 1, 3 = 0b00001011 = 0xb.
+ * UMTS aka: allow A5/0, 1, 3, 4 = 0b00011011 = 0x1b.
+ */
+ return a5_mask & (umts_aka ? 0x1b : 0x0b);
+}
+
static int msc_a_ran_enc_ciphering(struct msc_a *msc_a, bool umts_aka, bool retrieve_imeisv)
{
struct gsm_network *net;
@@ -321,7 +329,7 @@
.geran = {
.umts_aka = umts_aka,
.retrieve_imeisv = retrieve_imeisv,
- .a5_encryption_mask = net->a5_encryption_mask,
+ .a5_encryption_mask = filter_a5(net->a5_encryption_mask, umts_aka),
/* for ran_a.c to store the GERAN key that is actually used */
.chosen_key = &msc_a->geran_encr,
diff --git a/src/libmsc/ran_msg_a.c b/src/libmsc/ran_msg_a.c
index 61e5024..106c2df 100644
--- a/src/libmsc/ran_msg_a.c
+++ b/src/libmsc/ran_msg_a.c
@@ -25,6 +25,7 @@
#include <osmocom/core/byteswap.h>
#include <osmocom/crypt/auth.h>
+#include <osmocom/crypt/kdf.h>
#include <osmocom/gsm/tlv.h>
#include <osmocom/gsm/gsm0808.h>
@@ -1019,6 +1020,9 @@
case 3:
*dst = GSM0808_ALG_ID_A5_3;
return 0;
+ case 4:
+ *dst = GSM0808_ALG_ID_A5_4;
+ return 0;
default:
return -ENOTSUP;
}
@@ -1078,21 +1082,39 @@
/* In case of UMTS AKA, the Kc for ciphering must be derived from the 3G auth
* tokens. vec->kc was calculated from the GSM algorithm and is not
* necessarily a match for the UMTS AKA tokens. */
- if (cm->geran.umts_aka)
+ if (cm->geran.umts_aka) {
+ int i;
osmo_auth_c3(ei->key, cm->vec->ck, cm->vec->ik);
- else
+
+ for (i = 0; i < ei->perm_algo_len; i++) {
+ if (ei->perm_algo[i] != GSM0808_ALG_ID_A5_4)
+ continue;
+ /* A5/4 is included, so need to generate Kc128 */
+ osmo_kdf_kc128(cm->vec->ck, cm->vec->ik, cmc.kc128);
+ cmc.kc128_present = true;
+ break;
+ }
+ } else {
memcpy(ei->key, cm->vec->kc, sizeof(cm->vec->kc));
+ }
ei->key_len = sizeof(cm->vec->kc);
/* Store chosen GERAN key where the caller asked it to be stored.
* alg_id remains unknown until we receive a Cipher Mode Complete from the BSC */
if (cm->geran.chosen_key) {
+ *cm->geran.chosen_key = (struct geran_encr){0};
+
if (ei->key_len > sizeof(cm->geran.chosen_key->key)) {
LOG_RAN_A_ENC(fi, LOGL_ERROR, "Chosen key is larger than I can store\n");
return NULL;
}
memcpy(cm->geran.chosen_key->key, ei->key, ei->key_len);
cm->geran.chosen_key->key_len = ei->key_len;
+
+ if (cmc.kc128_present) {
+ memcpy(cm->geran.chosen_key->kc128, cmc.kc128, 16);
+ cm->geran.chosen_key->kc128_present = true;
+ }
}
LOG_RAN_A_ENC(fi, LOGL_DEBUG, "Tx BSSMAP CIPHER MODE COMMAND to BSC, %u ciphers (%s) key %s\n",