Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 1 | /* Osmocom MSC+VLR end-to-end tests */ |
| 2 | |
| 3 | /* (C) 2017 by sysmocom s.f.m.c. GmbH <info@sysmocom.de> |
| 4 | * |
| 5 | * All Rights Reserved |
| 6 | * |
| 7 | * Author: Neels Hofmeyr <nhofmeyr@sysmocom.de> |
| 8 | * |
| 9 | * This program is free software; you can redistribute it and/or modify |
| 10 | * it under the terms of the GNU Affero General Public License as published by |
| 11 | * the Free Software Foundation; either version 3 of the License, or |
| 12 | * (at your option) any later version. |
| 13 | * |
| 14 | * This program is distributed in the hope that it will be useful, |
| 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 17 | * GNU Affero General Public License for more details. |
| 18 | * |
| 19 | * You should have received a copy of the GNU Affero General Public License |
| 20 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 21 | * |
| 22 | */ |
| 23 | |
| 24 | #include "msc_vlr_tests.h" |
| 25 | |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 26 | static void _test_umts_authen(enum osmo_rat_type via_ran) |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 27 | { |
| 28 | struct vlr_subscr *vsub; |
| 29 | const char *imsi = "901700000010650"; |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 30 | const char *sms = |
| 31 | "09" /* SMS messages */ |
| 32 | "01" /* CP-DATA */ |
| 33 | "58" /* length */ |
| 34 | "01" /* Network to MS */ |
| 35 | "00" /* reference */ |
| 36 | /* originator (gsm411_send_sms() hardcodes this weird nr) */ |
| 37 | "0791" "447758100650" /* 447785016005 */ |
| 38 | "00" /* dest */ |
| 39 | /* SMS TPDU */ |
| 40 | "4c" /* len */ |
| 41 | "00" /* SMS deliver */ |
| 42 | "05802443f2" /* originating address 42342 */ |
| 43 | "00" /* TP-PID */ |
| 44 | "00" /* GSM default alphabet */ |
| 45 | "071010" /* Y-M-D (from wrapped gsm340_gen_scts())*/ |
| 46 | "000000" /* H-M-S */ |
| 47 | "00" /* GMT+0 */ |
| 48 | "44" /* data length */ |
| 49 | "5079da1e1ee7416937485e9ea7c965373d1d6683c270383b3d0e" |
| 50 | "d3d36ff71c949e83c22072799e9687c5ec32a81d96afcbf4b4fb" |
| 51 | "0c7ac3e9e9b7db05"; |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 52 | |
| 53 | net->authentication_required = true; |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 54 | net->vlr->cfg.assign_tmsi = true; |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 55 | rx_from_ran = via_ran; |
| 56 | |
| 57 | btw("Location Update request causes a GSUP Send Auth Info request to HLR"); |
| 58 | lu_result_sent = RES_NONE; |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 59 | gsup_expect_tx("080108" "09710000000156f0" VLR_TO_HLR); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 60 | ms_sends_msg("0508" /* MM LU */ |
| 61 | "7" /* ciph key seq: no key available */ |
| 62 | "0" /* LU type: normal */ |
| 63 | "ffffff" "0000" /* LAI, LAC */ |
| 64 | "57" /* classmark 1: R99, early classmark, no power lvl */ |
| 65 | "089910070000106005" /* IMSI */ |
| 66 | "3303575886" /* classmark 2 */ |
| 67 | ); |
| 68 | OSMO_ASSERT(gsup_tx_confirmed); |
| 69 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 70 | |
| 71 | btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS"); |
| 72 | /* based on auc_3g: |
| 73 | * K = 'EB215756028D60E3275E613320AEC880', |
| 74 | * OPC = 'FB2A3D1B360F599ABAB99DB8669F8308' |
| 75 | * SQN = 0 |
| 76 | */ |
| 77 | auth_request_sent = false; |
| 78 | auth_request_expect_rand = "39fa2f4e3d523d8619a73b4f65c3e14d"; |
| 79 | auth_request_expect_autn = "8704f5ba55f30000d2ee44b22c8ea919"; |
| 80 | gsup_rx("0a" |
| 81 | /* imsi */ |
| 82 | "0108" "09710000000156f0" |
| 83 | /* 5 auth vectors... */ |
| 84 | /* TL TL rand */ |
| 85 | "0362" "2010" "39fa2f4e3d523d8619a73b4f65c3e14d" |
| 86 | /* TL sres TL kc */ |
| 87 | "2104" "9b36efdf" "2208" "059a4f668f6fbe39" |
| 88 | /* TL 3G IK */ |
| 89 | "2310" "27497388b6cb044648f396aa155b95ef" |
| 90 | /* TL 3G CK */ |
| 91 | "2410" "f64735036e5871319c679f4742a75ea1" |
| 92 | /* TL AUTN */ |
| 93 | "2510" "8704f5ba55f30000d2ee44b22c8ea919" |
| 94 | /* TL RES */ |
| 95 | "2708" "e229c19e791f2e41" |
| 96 | /* TL TL rand */ |
| 97 | "0362" "2010" "c187a53a5e6b9d573cac7c74451fd46d" |
| 98 | "2104" "85aa3130" "2208" "d3d50a000bf04f6e" |
| 99 | "2310" "1159ec926a50e98c034a6b7d7c9f418d" |
| 100 | "2410" "df3a03d9ca5335641efc8e36d76cd20b" |
| 101 | "2510" "1843a645b98d00005b2d666af46c45d9" |
| 102 | "2708" "7db47cf7f81e4dc7" |
| 103 | "0362" "2010" "efa9c29a9742148d5c9070348716e1bb" |
| 104 | "2104" "69d5f9fb" "2208" "3df176f0c29f1a3d" |
| 105 | "2310" "eb50e770ddcc3060101d2f43b6c2b884" |
| 106 | "2410" "76542abce5ff9345b0e8947f4c6e019c" |
| 107 | "2510" "f9375e6d41e1000096e7fe4ff1c27e39" |
| 108 | "2708" "706f996719ba609c" |
| 109 | "0362" "2010" "f023d5a3b24726e0631b64b3840f8253" |
| 110 | "2104" "d570c03f" "2208" "ec011be8919883d6" |
| 111 | "2310" "c4e58af4ba43f3bcd904e16984f086d7" |
| 112 | "2410" "0593f65e752e5cb7f473862bda05aa0a" |
| 113 | "2510" "541ff1f077270000c5ea00d658bc7e9a" |
| 114 | "2708" "3fd26072eaa2a04d" |
| 115 | "0362" "2010" "2f8f90c780d6a9c0c53da7ac57b6707e" |
| 116 | "2104" "b072446f220823f39f9f425ad6e6" |
| 117 | "2310" "65af0527fda95b0dc5ae4aa515cdf32f" |
| 118 | "2410" "537c3b35a3b13b08d08eeb28098f45cc" |
| 119 | "2510" "4bf4e564f75300009bc796706bc65744" |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 120 | "2708" "0edb0eadbea94ac2" HLR_TO_VLR, |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 121 | NULL); |
| 122 | VERBOSE_ASSERT(auth_request_sent, == true, "%d"); |
| 123 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 124 | |
Neels Hofmeyr | 14c34d8 | 2019-07-31 15:51:02 +0200 | [diff] [blame^] | 125 | if (net->a5_encryption_mask > 0x1) { |
| 126 | /* Encryption enabled */ |
| 127 | if (via_ran == OSMO_RAT_GERAN_A) { |
| 128 | btw("Test code not implemented"); |
| 129 | OSMO_ASSERT(false); |
| 130 | } else { |
| 131 | /* On UTRAN */ |
| 132 | btw("Encryption enabled. MS sends Authen Response, VLR accepts and sends SecurityModeControl"); |
| 133 | expect_security_mode_ctrl(NULL, "27497388b6cb044648f396aa155b95ef"); |
| 134 | ms_sends_msg("0554" "e229c19e" "2104" "791f2e41"); |
| 135 | VERBOSE_ASSERT(security_mode_ctrl_sent, == true, "%d"); |
| 136 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 137 | |
Neels Hofmeyr | 14c34d8 | 2019-07-31 15:51:02 +0200 | [diff] [blame^] | 138 | btw("MS sends SecurityModeControl acceptance, VLR accepts and sends GSUP LU Req to HLR"); |
| 139 | gsup_expect_tx("04010809710000000156f0280102" VLR_TO_HLR); |
| 140 | ms_sends_security_mode_complete(); |
| 141 | VERBOSE_ASSERT(gsup_tx_confirmed, == true, "%d"); |
| 142 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 143 | } |
| 144 | } else { |
| 145 | /* Encryption disabled */ |
| 146 | btw("Encryption disabled. MS sends Authen Response, VLR accepts and sends GSUP LU Req to HLR"); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 147 | gsup_expect_tx("04010809710000000156f0280102" VLR_TO_HLR); |
Neels Hofmeyr | 14c34d8 | 2019-07-31 15:51:02 +0200 | [diff] [blame^] | 148 | ms_sends_msg("0554" "e229c19e" "2104" "791f2e41"); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 149 | VERBOSE_ASSERT(gsup_tx_confirmed, == true, "%d"); |
| 150 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 151 | } |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 152 | |
| 153 | btw("HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT"); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 154 | gsup_rx("10010809710000000156f00804032443f2" HLR_TO_VLR, |
| 155 | "12010809710000000156f0" VLR_TO_HLR); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 156 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 157 | |
| 158 | btw("HLR also sends GSUP _UPDATE_LOCATION_RESULT"); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 159 | gsup_rx("06010809710000000156f0" HLR_TO_VLR, NULL); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 160 | |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 161 | VERBOSE_ASSERT(lu_result_sent, == RES_ACCEPT, "%d"); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 162 | |
| 163 | btw("a LU Accept with a new TMSI was sent, waiting for TMSI Realloc Compl"); |
| 164 | EXPECT_CONN_COUNT(1); |
| 165 | EXPECT_ACCEPTED(false); |
| 166 | thwart_rx_non_initial_requests(); |
| 167 | |
| 168 | btw("even though the TMSI is not acked, we can already find the subscr with it"); |
Neels Hofmeyr | 7c5346c | 2019-02-19 02:36:35 +0100 | [diff] [blame] | 169 | vsub = vlr_subscr_find_by_tmsi(net->vlr, 0x03020100, __func__); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 170 | VERBOSE_ASSERT(vsub != NULL, == true, "%d"); |
| 171 | VERBOSE_ASSERT(strcmp(vsub->imsi, imsi), == 0, "%d"); |
| 172 | VERBOSE_ASSERT(vsub->tmsi_new, == 0x03020100, "0x%08x"); |
| 173 | VERBOSE_ASSERT(vsub->tmsi, == GSM_RESERVED_TMSI, "0x%08x"); |
Neels Hofmeyr | 7c5346c | 2019-02-19 02:36:35 +0100 | [diff] [blame] | 174 | vlr_subscr_put(vsub, __func__); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 175 | |
| 176 | btw("MS sends TMSI Realloc Complete"); |
Philipp Maier | fbf6610 | 2017-04-09 12:32:51 +0200 | [diff] [blame] | 177 | expect_release_clear(via_ran); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 178 | ms_sends_msg("055b"); |
Philipp Maier | fbf6610 | 2017-04-09 12:32:51 +0200 | [diff] [blame] | 179 | ASSERT_RELEASE_CLEAR(via_ran); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 180 | ran_sends_clear_complete(via_ran); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 181 | |
| 182 | btw("LU was successful, and the conn has already been closed"); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 183 | EXPECT_CONN_COUNT(0); |
| 184 | |
| 185 | BTW("after a while, a new conn sends a CM Service Request. VLR responds with Auth Req, 2nd auth vector"); |
| 186 | auth_request_sent = false; |
| 187 | auth_request_expect_rand = "c187a53a5e6b9d573cac7c74451fd46d"; |
| 188 | auth_request_expect_autn = "1843a645b98d00005b2d666af46c45d9"; |
| 189 | cm_service_result_sent = RES_NONE; |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 190 | ms_sends_msg("052474" |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 191 | "03575886" /* classmark 2 */ |
| 192 | "089910070000106005" /* IMSI */); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 193 | VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d"); |
| 194 | VERBOSE_ASSERT(auth_request_sent, == true, "%d"); |
| 195 | |
| 196 | btw("needs auth, not yet accepted"); |
| 197 | EXPECT_ACCEPTED(false); |
| 198 | thwart_rx_non_initial_requests(); |
| 199 | |
Neels Hofmeyr | 14c34d8 | 2019-07-31 15:51:02 +0200 | [diff] [blame^] | 200 | if (net->a5_encryption_mask > 0x1) { |
| 201 | /* Encryption enabled */ |
| 202 | if (via_ran == OSMO_RAT_GERAN_A) { |
| 203 | btw("Test code not implemented"); |
| 204 | OSMO_ASSERT(false); |
| 205 | } else { |
| 206 | /* On UTRAN */ |
| 207 | btw("Encryption enabled. MS sends Authen Response, VLR accepts and sends SecurityModeControl"); |
| 208 | expect_security_mode_ctrl(NULL, "1159ec926a50e98c034a6b7d7c9f418d"); |
| 209 | ms_sends_msg("0554" "7db47cf7" "2104" "f81e4dc7"); /* 2nd vector's res, s.a. */ |
| 210 | VERBOSE_ASSERT(security_mode_ctrl_sent, == true, "%d"); |
| 211 | VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d"); |
| 212 | |
| 213 | btw("MS sends SecurityModeControl acceptance, VLR accepts; above Ciphering is an implicit CM Service Accept"); |
| 214 | ms_sends_security_mode_complete(); |
| 215 | VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d"); |
| 216 | } |
| 217 | } else { |
| 218 | /* Encryption disabled */ |
| 219 | btw("Encryption disabled. MS sends Authen Response, VLR accepts with a CM Service Accept"); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 220 | gsup_expect_tx(NULL); |
| 221 | ms_sends_msg("0554" "7db47cf7" "2104" "f81e4dc7"); /* 2nd vector's res, s.a. */ |
| 222 | VERBOSE_ASSERT(cm_service_result_sent, == RES_ACCEPT, "%d"); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 223 | } |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 224 | |
Vadim Yanitskiy | 2760585 | 2018-06-15 23:57:30 +0700 | [diff] [blame] | 225 | /* Release connection */ |
Philipp Maier | fbf6610 | 2017-04-09 12:32:51 +0200 | [diff] [blame] | 226 | expect_release_clear(via_ran); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 227 | conn_conclude_cm_service_req(g_msub, MSC_A_USE_CM_SERVICE_SMS); |
| 228 | ran_sends_clear_complete(via_ran); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 229 | |
| 230 | btw("all requests serviced, conn has been released"); |
| 231 | EXPECT_CONN_COUNT(0); |
| 232 | |
| 233 | BTW("an SMS is sent, MS is paged"); |
| 234 | paging_expect_imsi(imsi); |
| 235 | paging_sent = false; |
Neels Hofmeyr | 7c5346c | 2019-02-19 02:36:35 +0100 | [diff] [blame] | 236 | vsub = vlr_subscr_find_by_imsi(net->vlr, imsi, __func__); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 237 | OSMO_ASSERT(vsub); |
| 238 | VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 0, "%d"); |
| 239 | |
| 240 | send_sms(vsub, vsub, |
| 241 | "Privacy in residential applications is a desirable" |
| 242 | " marketing option."); |
| 243 | |
| 244 | VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 1, "%d"); |
Neels Hofmeyr | 7c5346c | 2019-02-19 02:36:35 +0100 | [diff] [blame] | 245 | vlr_subscr_put(vsub, __func__); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 246 | vsub = NULL; |
| 247 | VERBOSE_ASSERT(paging_sent, == true, "%d"); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 248 | |
| 249 | btw("the subscriber and its pending request should remain"); |
Neels Hofmeyr | 7c5346c | 2019-02-19 02:36:35 +0100 | [diff] [blame] | 250 | vsub = vlr_subscr_find_by_imsi(net->vlr, imsi, __func__); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 251 | OSMO_ASSERT(vsub); |
| 252 | VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 1, "%d"); |
Neels Hofmeyr | 7c5346c | 2019-02-19 02:36:35 +0100 | [diff] [blame] | 253 | vlr_subscr_put(vsub, __func__); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 254 | |
| 255 | btw("MS replies with Paging Response, and VLR sends Auth Request with third key"); |
| 256 | auth_request_sent = false; |
| 257 | auth_request_expect_rand = "efa9c29a9742148d5c9070348716e1bb"; |
| 258 | auth_request_expect_autn = "f9375e6d41e1000096e7fe4ff1c27e39"; |
| 259 | ms_sends_msg("062707" |
| 260 | "03575886" /* classmark 2 */ |
| 261 | "089910070000106005" /* IMSI */); |
| 262 | VERBOSE_ASSERT(auth_request_sent, == true, "%d"); |
| 263 | |
| 264 | btw("needs auth, not yet accepted"); |
| 265 | EXPECT_ACCEPTED(false); |
| 266 | thwart_rx_non_initial_requests(); |
| 267 | |
Neels Hofmeyr | 14c34d8 | 2019-07-31 15:51:02 +0200 | [diff] [blame^] | 268 | if (net->a5_encryption_mask > 0x1) { |
| 269 | /* Encryption enabled */ |
| 270 | if (via_ran == OSMO_RAT_GERAN_A) { |
| 271 | btw("Test code not implemented"); |
| 272 | OSMO_ASSERT(false); |
| 273 | } else { |
| 274 | /* On UTRAN */ |
| 275 | btw("Encryption enabled. MS sends Authen Response, VLR accepts and sends SecurityModeControl"); |
| 276 | expect_security_mode_ctrl(NULL, "eb50e770ddcc3060101d2f43b6c2b884"); |
| 277 | ms_sends_msg("0554" "706f9967" "2104" "19ba609c"); /* 3nd vector's res, s.a. */ |
| 278 | VERBOSE_ASSERT(security_mode_ctrl_sent, == true, "%d"); |
| 279 | |
| 280 | btw("MS sends SecurityModeControl acceptance, VLR accepts and sends SMS"); |
| 281 | dtap_expect_tx(sms); |
| 282 | ms_sends_security_mode_complete(); |
| 283 | } |
| 284 | } else { |
| 285 | /* Encryption disabled */ |
| 286 | btw("Encryption disabled. MS sends Authen Response, VLR accepts and sends pending SMS"); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 287 | dtap_expect_tx(sms); |
| 288 | ms_sends_msg("0554" "706f9967" "2104" "19ba609c"); /* 3nd vector's res, s.a. */ |
| 289 | VERBOSE_ASSERT(dtap_tx_confirmed, == true, "%d"); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 290 | } |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 291 | |
| 292 | btw("SMS was delivered, no requests pending for subscr"); |
Neels Hofmeyr | 7c5346c | 2019-02-19 02:36:35 +0100 | [diff] [blame] | 293 | vsub = vlr_subscr_find_by_imsi(net->vlr, imsi, __func__); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 294 | OSMO_ASSERT(vsub); |
| 295 | VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 0, "%d"); |
Neels Hofmeyr | 7c5346c | 2019-02-19 02:36:35 +0100 | [diff] [blame] | 296 | vlr_subscr_put(vsub, __func__); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 297 | |
| 298 | btw("conn is still open to wait for SMS ack dance"); |
| 299 | EXPECT_CONN_COUNT(1); |
| 300 | |
| 301 | btw("MS replies with CP-ACK for received SMS"); |
| 302 | ms_sends_msg("8904"); |
| 303 | EXPECT_CONN_COUNT(1); |
| 304 | |
| 305 | btw("MS also sends RP-ACK, MSC in turn sends CP-ACK for that"); |
| 306 | dtap_expect_tx("0904"); |
Philipp Maier | fbf6610 | 2017-04-09 12:32:51 +0200 | [diff] [blame] | 307 | expect_release_clear(via_ran); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 308 | ms_sends_msg("890106020041020000"); |
| 309 | VERBOSE_ASSERT(dtap_tx_confirmed, == true, "%d"); |
Philipp Maier | fbf6610 | 2017-04-09 12:32:51 +0200 | [diff] [blame] | 310 | ASSERT_RELEASE_CLEAR(via_ran); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 311 | ran_sends_clear_complete(via_ran); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 312 | |
| 313 | btw("SMS is done, conn is gone"); |
| 314 | EXPECT_CONN_COUNT(0); |
| 315 | |
| 316 | BTW("subscriber detaches"); |
Philipp Maier | fbf6610 | 2017-04-09 12:32:51 +0200 | [diff] [blame] | 317 | expect_release_clear(via_ran); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 318 | ms_sends_msg("050130" |
| 319 | "089910070000106005" /* IMSI */); |
Philipp Maier | fbf6610 | 2017-04-09 12:32:51 +0200 | [diff] [blame] | 320 | ASSERT_RELEASE_CLEAR(via_ran); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 321 | ran_sends_clear_complete(via_ran); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 322 | |
| 323 | EXPECT_CONN_COUNT(0); |
| 324 | clear_vlr(); |
| 325 | } |
| 326 | |
Neels Hofmeyr | f3d81f6 | 2018-03-02 01:05:38 +0100 | [diff] [blame] | 327 | static void test_umts_authen_geran() |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 328 | { |
Neels Hofmeyr | dfdc61d | 2018-03-02 00:40:58 +0100 | [diff] [blame] | 329 | comment_start(); |
Neels Hofmeyr | a4d7a76 | 2019-07-31 15:21:19 +0200 | [diff] [blame] | 330 | /* A5/0 = no encryption */ |
| 331 | net->a5_encryption_mask = A5_0; |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 332 | _test_umts_authen(OSMO_RAT_GERAN_A); |
Neels Hofmeyr | dfdc61d | 2018-03-02 00:40:58 +0100 | [diff] [blame] | 333 | comment_end(); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 334 | } |
| 335 | |
Neels Hofmeyr | f3d81f6 | 2018-03-02 01:05:38 +0100 | [diff] [blame] | 336 | static void test_umts_authen_utran() |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 337 | { |
Neels Hofmeyr | dfdc61d | 2018-03-02 00:40:58 +0100 | [diff] [blame] | 338 | comment_start(); |
Neels Hofmeyr | 14c34d8 | 2019-07-31 15:51:02 +0200 | [diff] [blame^] | 339 | /* A5/0 = no encryption; so far the A5 setting also triggers UTRAN encryption */ |
| 340 | net->a5_encryption_mask = A5_0; |
| 341 | _test_umts_authen(OSMO_RAT_UTRAN_IU); |
| 342 | comment_end(); |
| 343 | } |
| 344 | |
| 345 | static void test_umts_auth_ciph_utran() |
| 346 | { |
| 347 | comment_start(); |
Neels Hofmeyr | a4d7a76 | 2019-07-31 15:21:19 +0200 | [diff] [blame] | 348 | /* A5/0 + A5/3 = encryption enabled; so far the A5 setting also triggers UTRAN encryption */ |
| 349 | net->a5_encryption_mask = A5_0_3; |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 350 | _test_umts_authen(OSMO_RAT_UTRAN_IU); |
Neels Hofmeyr | dfdc61d | 2018-03-02 00:40:58 +0100 | [diff] [blame] | 351 | comment_end(); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 352 | } |
| 353 | |
| 354 | #define RECALC_AUTS 0 |
| 355 | |
| 356 | #if RECALC_AUTS |
| 357 | typedef uint8_t u8; |
| 358 | extern int milenage_f2345(const u8 *opc, const u8 *k, const u8 *_rand, |
| 359 | u8 *res, u8 *ck, u8 *ik, u8 *ak, u8 *akstar); |
| 360 | extern int milenage_f1(const u8 *opc, const u8 *k, const u8 *_rand, |
| 361 | const u8 *sqn, const u8 *amf, u8 *mac_a, u8 *mac_s); |
| 362 | #endif |
| 363 | |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 364 | static void _test_umts_authen_resync(enum osmo_rat_type via_ran) |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 365 | { |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 366 | struct vlr_subscr *vsub; |
| 367 | const char *imsi = "901700000010650"; |
| 368 | |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 369 | net->authentication_required = true; |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 370 | net->vlr->cfg.assign_tmsi = true; |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 371 | rx_from_ran = via_ran; |
| 372 | |
| 373 | btw("Location Update request causes a GSUP Send Auth Info request to HLR"); |
| 374 | lu_result_sent = RES_NONE; |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 375 | gsup_expect_tx("080108" "09710000000156f0" VLR_TO_HLR); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 376 | ms_sends_msg("0508" /* MM LU */ |
| 377 | "7" /* ciph key seq: no key available */ |
| 378 | "0" /* LU type: normal */ |
| 379 | "ffffff" "0000" /* LAI, LAC */ |
| 380 | "57" /* classmark 1: R99, early classmark, no power lvl */ |
| 381 | "089910070000106005" /* IMSI */ |
| 382 | "3303575886" /* classmark 2 */ |
| 383 | ); |
| 384 | OSMO_ASSERT(gsup_tx_confirmed); |
| 385 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 386 | |
| 387 | btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS"); |
| 388 | /* based on auc_3g: |
| 389 | * K = 'EB215756028D60E3275E613320AEC880', |
| 390 | * OPC = 'FB2A3D1B360F599ABAB99DB8669F8308' |
| 391 | * SQN = 0 |
| 392 | */ |
| 393 | auth_request_sent = false; |
| 394 | auth_request_expect_rand = "39fa2f4e3d523d8619a73b4f65c3e14d"; |
| 395 | auth_request_expect_autn = "8704f5ba55f30000d2ee44b22c8ea919"; |
| 396 | gsup_rx("0a" |
| 397 | /* imsi */ |
| 398 | "0108" "09710000000156f0" |
| 399 | /* auth vectors... */ |
| 400 | /* TL TL rand */ |
| 401 | "0362" "2010" "39fa2f4e3d523d8619a73b4f65c3e14d" |
| 402 | /* TL sres TL kc */ |
| 403 | "2104" "9b36efdf" "2208" "059a4f668f6fbe39" |
| 404 | /* TL 3G IK */ |
| 405 | "2310" "27497388b6cb044648f396aa155b95ef" |
| 406 | /* TL 3G CK */ |
| 407 | "2410" "f64735036e5871319c679f4742a75ea1" |
| 408 | /* TL AUTN */ |
| 409 | "2510" "8704f5ba55f30000d2ee44b22c8ea919" |
| 410 | /* TL RES */ |
| 411 | "2708" "e229c19e791f2e41" |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 412 | HLR_TO_VLR,NULL); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 413 | VERBOSE_ASSERT(auth_request_sent, == true, "%d"); |
| 414 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 415 | |
| 416 | /* The AUTN sent was 8704f5ba55f30000d2ee44b22c8ea919 |
| 417 | * (see expected error output) |
| 418 | * with the first 6 bytes being SQN ^ AK. |
| 419 | * K = EB215756028D60E3275E613320AEC880 |
| 420 | * OPC = FB2A3D1B360F599ABAB99DB8669F8308 |
| 421 | * RAND = 39fa2f4e3d523d8619a73b4f65c3e14d |
| 422 | * --milenage-f5--> |
| 423 | * AK = 8704f5ba55f3 |
| 424 | * |
| 425 | * The first six bytes are 8704f5ba55f3, |
| 426 | * and 8704f5ba55f3 ^ AK = 0. |
| 427 | * --> SQN = 0. |
| 428 | * |
| 429 | * Say the USIM doesn't like that, let's say it is at SQN 23. |
| 430 | * SQN_MS = 000000000017 |
| 431 | * |
| 432 | * AUTS = Conc(SQN_MS) || MAC-S |
| 433 | * Conc(SQN_MS) = SQN_MS ⊕ f5*[K](RAND) |
| 434 | * MAC-S = f1*[K] (SQN MS || RAND || AMF) |
| 435 | * |
| 436 | * f5*--> Conc(SQN_MS) = 000000000017 ^ 979498b1f73a |
| 437 | * = 979498b1f72d |
| 438 | * AMF = 0000 (TS 33.102 v7.0.0, 6.3.3) |
| 439 | * |
| 440 | * MAC-S = f1*[K] (000000000017 || 39fa2f4e3d523d8619a73b4f65c3e14d || 0000) |
| 441 | * = 3e28c59fa2e72f9c |
| 442 | * |
| 443 | * AUTS = 979498b1f72d || 3e28c59fa2e72f9c |
| 444 | */ |
| 445 | #if RECALC_AUTS |
| 446 | uint8_t ak[6]; |
| 447 | uint8_t akstar[6]; |
| 448 | uint8_t opc[16]; |
| 449 | uint8_t k[16]; |
| 450 | uint8_t rand[16]; |
| 451 | osmo_hexparse("EB215756028D60E3275E613320AEC880", k, sizeof(k)); |
| 452 | osmo_hexparse("FB2A3D1B360F599ABAB99DB8669F8308", opc, sizeof(opc)); |
| 453 | osmo_hexparse("39fa2f4e3d523d8619a73b4f65c3e14d", rand, sizeof(rand)); |
| 454 | milenage_f2345(opc, k, rand, NULL, NULL, NULL, ak, akstar); |
| 455 | btw("ak = %s", osmo_hexdump_nospc(ak, sizeof(ak))); |
| 456 | btw("akstar = %s", osmo_hexdump_nospc(akstar, sizeof(akstar))); |
| 457 | |
| 458 | uint8_t sqn_ms[6] = { 0, 0, 0, 0, 0, 23 }; |
| 459 | uint8_t amf[2] = { 0 }; |
| 460 | uint8_t mac_s[8]; |
| 461 | milenage_f1(opc, k, rand, sqn_ms, amf, NULL, mac_s); |
| 462 | btw("mac_s = %s", osmo_hexdump_nospc(mac_s, sizeof(mac_s))); |
| 463 | /* verify valid AUTS resulting in SQN 23 with: |
| 464 | osmo-auc-gen -3 -a milenage -k EB215756028D60E3275E613320AEC880 \ |
| 465 | -o FB2A3D1B360F599ABAB99DB8669F8308 \ |
| 466 | -r 39fa2f4e3d523d8619a73b4f65c3e14d \ |
| 467 | -A 979498b1f72d3e28c59fa2e72f9c |
| 468 | */ |
| 469 | #endif |
| 470 | |
| 471 | btw("MS sends Authen Failure with Resync cause, VLR sends GSUP to HLR to resync"); |
| 472 | auth_request_sent = false; |
| 473 | gsup_expect_tx("08" /* OSMO_GSUP_MSGT_SEND_AUTH_INFO_REQUEST */ |
| 474 | "0108" "09710000000156f0" /* IMSI */ |
| 475 | "260e" "979498b1f72d3e28c59fa2e72f9c" /* AUTS */ |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 476 | "2010" "39fa2f4e3d523d8619a73b4f65c3e14d" /* RAND */ |
| 477 | VLR_TO_HLR); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 478 | ms_sends_msg("051c" /* 05 = MM; 1c = Auth Failure */ |
| 479 | "15" /* cause = Synch Failure */ |
| 480 | "220e" "979498b1f72d3e28c59fa2e72f9c" /* AUTS */); |
| 481 | VERBOSE_ASSERT(gsup_tx_confirmed, == true, "%d"); |
| 482 | VERBOSE_ASSERT(auth_request_sent, == false, "%d"); |
| 483 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 484 | |
| 485 | btw("HLR replies with new tuples"); |
| 486 | auth_request_sent = false; |
| 487 | auth_request_expect_rand = "0f1feb1623e1bf626334e37ec448ac18"; |
| 488 | auth_request_expect_autn = "02a83f62e9470000660d51afc75f169d"; |
| 489 | gsup_rx("0a" |
| 490 | /* imsi */ |
| 491 | "0108" "09710000000156f0" |
| 492 | /* 1 auth vector */ |
| 493 | /* TL TL rand */ |
| 494 | "0362" "2010" "0f1feb1623e1bf626334e37ec448ac18" |
| 495 | /* TL sres TL kc */ |
| 496 | "2104" "efde99da" "2208" "14778c855c523730" |
| 497 | /* TL 3G IK */ |
| 498 | "2310" "8a90c769b7272f3bb7a1c1fbb1ea9349" |
| 499 | /* TL 3G CK */ |
| 500 | "2410" "43ffc1cf8c89a7fd6ab94bd8d6162cbf" |
| 501 | /* TL AUTN */ |
| 502 | "2510" "02a83f62e9470000660d51afc75f169d" |
| 503 | /* TL RES */ |
| 504 | "2708" "1df5f0b4f22b696e" |
| 505 | /* TL TL rand */ |
| 506 | "0362" "2010" "ac21d34937b4e1142a2c757af2949319" |
| 507 | /* TL sres TL kc */ |
| 508 | "2104" "7818bfdc" "2208" "d175571f41f314a4" |
| 509 | /* TL 3G IK */ |
| 510 | "2310" "ff8edbceb6dd24799c77c3b9a6790c10" |
| 511 | /* TL 3G CK */ |
| 512 | "2410" "157c39022ca9d885a7f0766a7dfee448" |
| 513 | /* TL AUTN */ |
| 514 | "2510" "8a43b91898e500002cf354c6f5d1f8c3" |
| 515 | /* TL RES */ |
| 516 | "2708" "f748a7078f5018db" |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 517 | HLR_TO_VLR,NULL); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 518 | |
| 519 | VERBOSE_ASSERT(auth_request_sent, == true, "%d"); |
| 520 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 521 | |
Neels Hofmeyr | 14c34d8 | 2019-07-31 15:51:02 +0200 | [diff] [blame^] | 522 | if (net->a5_encryption_mask > 0x1) { |
| 523 | /* Encryption enabled */ |
| 524 | if (via_ran == OSMO_RAT_GERAN_A) { |
| 525 | btw("Test code not implemented"); |
| 526 | OSMO_ASSERT(false); |
| 527 | } else { |
| 528 | /* On UTRAN */ |
| 529 | btw("Encryption enabled. MS sends Authen Response, VLR accepts and sends SecurityModeControl"); |
| 530 | expect_security_mode_ctrl(NULL, "8a90c769b7272f3bb7a1c1fbb1ea9349"); |
| 531 | ms_sends_msg("0554" "1df5f0b4" "2104" "f22b696e"); |
| 532 | VERBOSE_ASSERT(security_mode_ctrl_sent, == true, "%d"); |
| 533 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 534 | |
Neels Hofmeyr | 14c34d8 | 2019-07-31 15:51:02 +0200 | [diff] [blame^] | 535 | btw("MS sends SecurityModeControl acceptance, VLR accepts and sends GSUP LU Req to HLR"); |
| 536 | gsup_expect_tx("04010809710000000156f0280102" VLR_TO_HLR); |
| 537 | ms_sends_security_mode_complete(); |
| 538 | VERBOSE_ASSERT(gsup_tx_confirmed, == true, "%d"); |
| 539 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 540 | } |
| 541 | } else { |
| 542 | /* Encryption disabled */ |
| 543 | btw("Encryption disabled. MS sends Authen Response, VLR accepts and sends GSUP LU Req to HLR"); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 544 | gsup_expect_tx("04010809710000000156f0280102" VLR_TO_HLR); |
Neels Hofmeyr | 14c34d8 | 2019-07-31 15:51:02 +0200 | [diff] [blame^] | 545 | ms_sends_msg("0554" "1df5f0b4" "2104" "f22b696e"); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 546 | VERBOSE_ASSERT(gsup_tx_confirmed, == true, "%d"); |
| 547 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 548 | } |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 549 | |
| 550 | btw("HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT"); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 551 | gsup_rx("10010809710000000156f00804032443f2" HLR_TO_VLR, |
| 552 | "12010809710000000156f0" VLR_TO_HLR); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 553 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 554 | |
| 555 | btw("HLR also sends GSUP _UPDATE_LOCATION_RESULT"); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 556 | gsup_rx("06010809710000000156f0" HLR_TO_VLR, NULL); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 557 | |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 558 | VERBOSE_ASSERT(lu_result_sent, == RES_ACCEPT, "%d"); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 559 | |
| 560 | btw("a LU Accept with a new TMSI was sent, waiting for TMSI Realloc Compl"); |
| 561 | EXPECT_CONN_COUNT(1); |
| 562 | EXPECT_ACCEPTED(false); |
| 563 | thwart_rx_non_initial_requests(); |
| 564 | |
| 565 | btw("even though the TMSI is not acked, we can already find the subscr with it"); |
Neels Hofmeyr | 7c5346c | 2019-02-19 02:36:35 +0100 | [diff] [blame] | 566 | vsub = vlr_subscr_find_by_tmsi(net->vlr, 0x03020100, __func__); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 567 | VERBOSE_ASSERT(vsub != NULL, == true, "%d"); |
| 568 | VERBOSE_ASSERT(strcmp(vsub->imsi, imsi), == 0, "%d"); |
| 569 | VERBOSE_ASSERT(vsub->tmsi_new, == 0x03020100, "0x%08x"); |
| 570 | VERBOSE_ASSERT(vsub->tmsi, == GSM_RESERVED_TMSI, "0x%08x"); |
Neels Hofmeyr | 7c5346c | 2019-02-19 02:36:35 +0100 | [diff] [blame] | 571 | vlr_subscr_put(vsub, __func__); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 572 | |
| 573 | btw("MS sends TMSI Realloc Complete"); |
Philipp Maier | fbf6610 | 2017-04-09 12:32:51 +0200 | [diff] [blame] | 574 | expect_release_clear(via_ran); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 575 | ms_sends_msg("055b"); |
Philipp Maier | fbf6610 | 2017-04-09 12:32:51 +0200 | [diff] [blame] | 576 | ASSERT_RELEASE_CLEAR(via_ran); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 577 | ran_sends_clear_complete(via_ran); |
Neels Hofmeyr | 84da6b1 | 2016-05-20 21:59:55 +0200 | [diff] [blame] | 578 | |
| 579 | btw("LU was successful, and the conn has already been closed"); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 580 | EXPECT_CONN_COUNT(0); |
| 581 | |
| 582 | clear_vlr(); |
| 583 | } |
| 584 | |
Neels Hofmeyr | f3d81f6 | 2018-03-02 01:05:38 +0100 | [diff] [blame] | 585 | static void test_umts_authen_resync_geran() |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 586 | { |
Neels Hofmeyr | dfdc61d | 2018-03-02 00:40:58 +0100 | [diff] [blame] | 587 | comment_start(); |
Neels Hofmeyr | a4d7a76 | 2019-07-31 15:21:19 +0200 | [diff] [blame] | 588 | /* A5/0 = no encryption */ |
| 589 | net->a5_encryption_mask = A5_0; |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 590 | _test_umts_authen_resync(OSMO_RAT_GERAN_A); |
Neels Hofmeyr | dfdc61d | 2018-03-02 00:40:58 +0100 | [diff] [blame] | 591 | comment_end(); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 592 | } |
| 593 | |
Neels Hofmeyr | f3d81f6 | 2018-03-02 01:05:38 +0100 | [diff] [blame] | 594 | static void test_umts_authen_resync_utran() |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 595 | { |
Neels Hofmeyr | dfdc61d | 2018-03-02 00:40:58 +0100 | [diff] [blame] | 596 | comment_start(); |
Neels Hofmeyr | 14c34d8 | 2019-07-31 15:51:02 +0200 | [diff] [blame^] | 597 | /* A5/0 = no encryption; so far the A5 setting also triggers UTRAN encryption */ |
| 598 | net->a5_encryption_mask = A5_0; |
| 599 | _test_umts_authen_resync(OSMO_RAT_UTRAN_IU); |
| 600 | comment_end(); |
| 601 | } |
| 602 | |
| 603 | static void test_umts_auth_ciph_resync_utran() |
| 604 | { |
| 605 | comment_start(); |
Neels Hofmeyr | a4d7a76 | 2019-07-31 15:21:19 +0200 | [diff] [blame] | 606 | /* A5/0 + A5/3 = encryption enabled; so far the A5 setting also triggers UTRAN encryption */ |
| 607 | net->a5_encryption_mask = A5_0_3; |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 608 | _test_umts_authen_resync(OSMO_RAT_UTRAN_IU); |
Neels Hofmeyr | dfdc61d | 2018-03-02 00:40:58 +0100 | [diff] [blame] | 609 | comment_end(); |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 610 | } |
| 611 | |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 612 | static void _test_umts_authen_too_short_res(enum osmo_rat_type via_ran) |
Neels Hofmeyr | 15ed426 | 2018-03-10 04:02:44 +0100 | [diff] [blame] | 613 | { |
| 614 | net->authentication_required = true; |
| 615 | net->vlr->cfg.assign_tmsi = true; |
| 616 | rx_from_ran = via_ran; |
| 617 | |
| 618 | btw("Location Update request causes a GSUP Send Auth Info request to HLR"); |
| 619 | lu_result_sent = RES_NONE; |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 620 | gsup_expect_tx("080108" "09710000000156f0" VLR_TO_HLR); |
Neels Hofmeyr | 15ed426 | 2018-03-10 04:02:44 +0100 | [diff] [blame] | 621 | ms_sends_msg("0508" /* MM LU */ |
| 622 | "7" /* ciph key seq: no key available */ |
| 623 | "0" /* LU type: normal */ |
| 624 | "ffffff" "0000" /* LAI, LAC */ |
| 625 | "57" /* classmark 1: R99, early classmark, no power lvl */ |
| 626 | "089910070000106005" /* IMSI */ |
| 627 | "3303575886" /* classmark 2 */ |
| 628 | ); |
| 629 | OSMO_ASSERT(gsup_tx_confirmed); |
| 630 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 631 | |
| 632 | btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS"); |
| 633 | /* based on auc_3g: |
| 634 | * K = 'EB215756028D60E3275E613320AEC880', |
| 635 | * OPC = 'FB2A3D1B360F599ABAB99DB8669F8308' |
| 636 | * SQN = 0 |
| 637 | */ |
| 638 | auth_request_sent = false; |
| 639 | auth_request_expect_rand = "39fa2f4e3d523d8619a73b4f65c3e14d"; |
| 640 | auth_request_expect_autn = "8704f5ba55f30000d2ee44b22c8ea919"; |
| 641 | gsup_rx("0a" |
| 642 | /* imsi */ |
| 643 | "0108" "09710000000156f0" |
| 644 | /* 5 auth vectors... */ |
| 645 | /* TL TL rand */ |
| 646 | "0362" "2010" "39fa2f4e3d523d8619a73b4f65c3e14d" |
| 647 | /* TL sres TL kc */ |
| 648 | "2104" "9b36efdf" "2208" "059a4f668f6fbe39" |
| 649 | /* TL 3G IK */ |
| 650 | "2310" "27497388b6cb044648f396aa155b95ef" |
| 651 | /* TL 3G CK */ |
| 652 | "2410" "f64735036e5871319c679f4742a75ea1" |
| 653 | /* TL AUTN */ |
| 654 | "2510" "8704f5ba55f30000d2ee44b22c8ea919" |
| 655 | /* TL RES */ |
| 656 | "2708" "e229c19e791f2e41" |
| 657 | /* TL TL rand */ |
| 658 | "0362" "2010" "c187a53a5e6b9d573cac7c74451fd46d" |
| 659 | "2104" "85aa3130" "2208" "d3d50a000bf04f6e" |
| 660 | "2310" "1159ec926a50e98c034a6b7d7c9f418d" |
| 661 | "2410" "df3a03d9ca5335641efc8e36d76cd20b" |
| 662 | "2510" "1843a645b98d00005b2d666af46c45d9" |
| 663 | "2708" "7db47cf7f81e4dc7" |
| 664 | "0362" "2010" "efa9c29a9742148d5c9070348716e1bb" |
| 665 | "2104" "69d5f9fb" "2208" "3df176f0c29f1a3d" |
| 666 | "2310" "eb50e770ddcc3060101d2f43b6c2b884" |
| 667 | "2410" "76542abce5ff9345b0e8947f4c6e019c" |
| 668 | "2510" "f9375e6d41e1000096e7fe4ff1c27e39" |
| 669 | "2708" "706f996719ba609c" |
| 670 | "0362" "2010" "f023d5a3b24726e0631b64b3840f8253" |
| 671 | "2104" "d570c03f" "2208" "ec011be8919883d6" |
| 672 | "2310" "c4e58af4ba43f3bcd904e16984f086d7" |
| 673 | "2410" "0593f65e752e5cb7f473862bda05aa0a" |
| 674 | "2510" "541ff1f077270000c5ea00d658bc7e9a" |
| 675 | "2708" "3fd26072eaa2a04d" |
| 676 | "0362" "2010" "2f8f90c780d6a9c0c53da7ac57b6707e" |
| 677 | "2104" "b072446f220823f39f9f425ad6e6" |
| 678 | "2310" "65af0527fda95b0dc5ae4aa515cdf32f" |
| 679 | "2410" "537c3b35a3b13b08d08eeb28098f45cc" |
| 680 | "2510" "4bf4e564f75300009bc796706bc65744" |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 681 | "2708" "0edb0eadbea94ac2" HLR_TO_VLR, |
Neels Hofmeyr | 15ed426 | 2018-03-10 04:02:44 +0100 | [diff] [blame] | 682 | NULL); |
| 683 | VERBOSE_ASSERT(auth_request_sent, == true, "%d"); |
| 684 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 685 | |
| 686 | btw("MS sends Authen Response of wrong RES size, VLR thwarts"); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 687 | gsup_expect_tx("0b010809710000000156f0" VLR_TO_HLR); /* OSMO_GSUP_MSGT_AUTH_FAIL_REPORT */ |
Neels Hofmeyr | 15ed426 | 2018-03-10 04:02:44 +0100 | [diff] [blame] | 688 | expect_release_clear(via_ran); |
| 689 | ms_sends_msg("0554" "e229c19e" "2103" "791f2e" /* nipped one byte */); |
| 690 | VERBOSE_ASSERT(lu_result_sent, == RES_REJECT, "%d"); |
| 691 | ASSERT_RELEASE_CLEAR(via_ran); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 692 | ran_sends_clear_complete(via_ran); |
Neels Hofmeyr | 15ed426 | 2018-03-10 04:02:44 +0100 | [diff] [blame] | 693 | |
| 694 | EXPECT_CONN_COUNT(0); |
| 695 | clear_vlr(); |
| 696 | } |
| 697 | |
| 698 | static void test_umts_authen_too_short_res_geran() |
| 699 | { |
| 700 | comment_start(); |
Neels Hofmeyr | a4d7a76 | 2019-07-31 15:21:19 +0200 | [diff] [blame] | 701 | /* A5/0 = no encryption */ |
| 702 | net->a5_encryption_mask = A5_0; |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 703 | _test_umts_authen_too_short_res(OSMO_RAT_GERAN_A); |
Neels Hofmeyr | 15ed426 | 2018-03-10 04:02:44 +0100 | [diff] [blame] | 704 | comment_end(); |
| 705 | } |
| 706 | |
| 707 | static void test_umts_authen_too_short_res_utran() |
| 708 | { |
| 709 | comment_start(); |
Neels Hofmeyr | a4d7a76 | 2019-07-31 15:21:19 +0200 | [diff] [blame] | 710 | /* A5/0 + A5/3 = encryption enabled; so far the A5 setting also triggers UTRAN encryption */ |
| 711 | net->a5_encryption_mask = A5_0_3; |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 712 | _test_umts_authen_too_short_res(OSMO_RAT_UTRAN_IU); |
Neels Hofmeyr | 15ed426 | 2018-03-10 04:02:44 +0100 | [diff] [blame] | 713 | comment_end(); |
| 714 | } |
| 715 | |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 716 | static void _test_umts_authen_too_long_res(enum osmo_rat_type via_ran) |
Neels Hofmeyr | c6d20dd | 2018-03-10 04:03:43 +0100 | [diff] [blame] | 717 | { |
| 718 | net->authentication_required = true; |
| 719 | net->vlr->cfg.assign_tmsi = true; |
| 720 | rx_from_ran = via_ran; |
| 721 | |
| 722 | btw("Location Update request causes a GSUP Send Auth Info request to HLR"); |
| 723 | lu_result_sent = RES_NONE; |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 724 | gsup_expect_tx("080108" "09710000000156f0" VLR_TO_HLR); |
Neels Hofmeyr | c6d20dd | 2018-03-10 04:03:43 +0100 | [diff] [blame] | 725 | ms_sends_msg("0508" /* MM LU */ |
| 726 | "7" /* ciph key seq: no key available */ |
| 727 | "0" /* LU type: normal */ |
| 728 | "ffffff" "0000" /* LAI, LAC */ |
| 729 | "57" /* classmark 1: R99, early classmark, no power lvl */ |
| 730 | "089910070000106005" /* IMSI */ |
| 731 | "3303575886" /* classmark 2 */ |
| 732 | ); |
| 733 | OSMO_ASSERT(gsup_tx_confirmed); |
| 734 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 735 | |
| 736 | btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS"); |
| 737 | /* based on auc_3g: |
| 738 | * K = 'EB215756028D60E3275E613320AEC880', |
| 739 | * OPC = 'FB2A3D1B360F599ABAB99DB8669F8308' |
| 740 | * SQN = 0 |
| 741 | */ |
| 742 | auth_request_sent = false; |
| 743 | auth_request_expect_rand = "39fa2f4e3d523d8619a73b4f65c3e14d"; |
| 744 | auth_request_expect_autn = "8704f5ba55f30000d2ee44b22c8ea919"; |
| 745 | gsup_rx("0a" |
| 746 | /* imsi */ |
| 747 | "0108" "09710000000156f0" |
| 748 | /* 5 auth vectors... */ |
| 749 | /* TL TL rand */ |
| 750 | "0362" "2010" "39fa2f4e3d523d8619a73b4f65c3e14d" |
| 751 | /* TL sres TL kc */ |
| 752 | "2104" "9b36efdf" "2208" "059a4f668f6fbe39" |
| 753 | /* TL 3G IK */ |
| 754 | "2310" "27497388b6cb044648f396aa155b95ef" |
| 755 | /* TL 3G CK */ |
| 756 | "2410" "f64735036e5871319c679f4742a75ea1" |
| 757 | /* TL AUTN */ |
| 758 | "2510" "8704f5ba55f30000d2ee44b22c8ea919" |
| 759 | /* TL RES */ |
| 760 | "2708" "e229c19e791f2e41" |
| 761 | /* TL TL rand */ |
| 762 | "0362" "2010" "c187a53a5e6b9d573cac7c74451fd46d" |
| 763 | "2104" "85aa3130" "2208" "d3d50a000bf04f6e" |
| 764 | "2310" "1159ec926a50e98c034a6b7d7c9f418d" |
| 765 | "2410" "df3a03d9ca5335641efc8e36d76cd20b" |
| 766 | "2510" "1843a645b98d00005b2d666af46c45d9" |
| 767 | "2708" "7db47cf7f81e4dc7" |
| 768 | "0362" "2010" "efa9c29a9742148d5c9070348716e1bb" |
| 769 | "2104" "69d5f9fb" "2208" "3df176f0c29f1a3d" |
| 770 | "2310" "eb50e770ddcc3060101d2f43b6c2b884" |
| 771 | "2410" "76542abce5ff9345b0e8947f4c6e019c" |
| 772 | "2510" "f9375e6d41e1000096e7fe4ff1c27e39" |
| 773 | "2708" "706f996719ba609c" |
| 774 | "0362" "2010" "f023d5a3b24726e0631b64b3840f8253" |
| 775 | "2104" "d570c03f" "2208" "ec011be8919883d6" |
| 776 | "2310" "c4e58af4ba43f3bcd904e16984f086d7" |
| 777 | "2410" "0593f65e752e5cb7f473862bda05aa0a" |
| 778 | "2510" "541ff1f077270000c5ea00d658bc7e9a" |
| 779 | "2708" "3fd26072eaa2a04d" |
| 780 | "0362" "2010" "2f8f90c780d6a9c0c53da7ac57b6707e" |
| 781 | "2104" "b072446f220823f39f9f425ad6e6" |
| 782 | "2310" "65af0527fda95b0dc5ae4aa515cdf32f" |
| 783 | "2410" "537c3b35a3b13b08d08eeb28098f45cc" |
| 784 | "2510" "4bf4e564f75300009bc796706bc65744" |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 785 | "2708" "0edb0eadbea94ac2" HLR_TO_VLR, |
Neels Hofmeyr | c6d20dd | 2018-03-10 04:03:43 +0100 | [diff] [blame] | 786 | NULL); |
| 787 | VERBOSE_ASSERT(auth_request_sent, == true, "%d"); |
| 788 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 789 | |
| 790 | btw("MS sends Authen Response of wrong RES size, VLR thwarts"); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 791 | gsup_expect_tx("0b010809710000000156f0" VLR_TO_HLR); /* OSMO_GSUP_MSGT_AUTH_FAIL_REPORT */ |
Neels Hofmeyr | c6d20dd | 2018-03-10 04:03:43 +0100 | [diff] [blame] | 792 | expect_release_clear(via_ran); |
| 793 | ms_sends_msg("0554" "e229c19e" "2105" "791f2e4123" /* added one byte */); |
| 794 | VERBOSE_ASSERT(lu_result_sent, == RES_REJECT, "%d"); |
| 795 | ASSERT_RELEASE_CLEAR(via_ran); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 796 | ran_sends_clear_complete(via_ran); |
Neels Hofmeyr | c6d20dd | 2018-03-10 04:03:43 +0100 | [diff] [blame] | 797 | |
| 798 | EXPECT_CONN_COUNT(0); |
| 799 | clear_vlr(); |
| 800 | } |
| 801 | |
| 802 | static void test_umts_authen_too_long_res_geran() |
| 803 | { |
| 804 | comment_start(); |
Neels Hofmeyr | a4d7a76 | 2019-07-31 15:21:19 +0200 | [diff] [blame] | 805 | /* A5/0 = no encryption */ |
| 806 | net->a5_encryption_mask = A5_0; |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 807 | _test_umts_authen_too_long_res(OSMO_RAT_GERAN_A); |
Neels Hofmeyr | c6d20dd | 2018-03-10 04:03:43 +0100 | [diff] [blame] | 808 | comment_end(); |
| 809 | } |
| 810 | |
| 811 | static void test_umts_authen_too_long_res_utran() |
| 812 | { |
| 813 | comment_start(); |
Neels Hofmeyr | a4d7a76 | 2019-07-31 15:21:19 +0200 | [diff] [blame] | 814 | /* A5/0 + A5/3 = encryption enabled; so far the A5 setting also triggers UTRAN encryption */ |
| 815 | net->a5_encryption_mask = A5_0_3; |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 816 | _test_umts_authen_too_long_res(OSMO_RAT_UTRAN_IU); |
Neels Hofmeyr | c6d20dd | 2018-03-10 04:03:43 +0100 | [diff] [blame] | 817 | comment_end(); |
| 818 | } |
| 819 | |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 820 | static void _test_umts_authen_only_sres(enum osmo_rat_type via_ran) |
Neels Hofmeyr | 31adcae | 2018-03-10 04:08:45 +0100 | [diff] [blame] | 821 | { |
| 822 | net->authentication_required = true; |
| 823 | net->vlr->cfg.assign_tmsi = true; |
| 824 | rx_from_ran = via_ran; |
| 825 | |
| 826 | btw("Location Update request causes a GSUP Send Auth Info request to HLR"); |
| 827 | lu_result_sent = RES_NONE; |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 828 | gsup_expect_tx("080108" "09710000000156f0" VLR_TO_HLR); |
Neels Hofmeyr | 31adcae | 2018-03-10 04:08:45 +0100 | [diff] [blame] | 829 | ms_sends_msg("0508" /* MM LU */ |
| 830 | "7" /* ciph key seq: no key available */ |
| 831 | "0" /* LU type: normal */ |
| 832 | "ffffff" "0000" /* LAI, LAC */ |
| 833 | "57" /* classmark 1: R99, early classmark, no power lvl */ |
| 834 | "089910070000106005" /* IMSI */ |
| 835 | "3303575886" /* classmark 2 */ |
| 836 | ); |
| 837 | OSMO_ASSERT(gsup_tx_confirmed); |
| 838 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 839 | |
| 840 | btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS"); |
| 841 | /* based on auc_3g: |
| 842 | * K = 'EB215756028D60E3275E613320AEC880', |
| 843 | * OPC = 'FB2A3D1B360F599ABAB99DB8669F8308' |
| 844 | * SQN = 0 |
| 845 | */ |
| 846 | auth_request_sent = false; |
| 847 | auth_request_expect_rand = "39fa2f4e3d523d8619a73b4f65c3e14d"; |
| 848 | auth_request_expect_autn = "8704f5ba55f30000d2ee44b22c8ea919"; |
| 849 | gsup_rx("0a" |
| 850 | /* imsi */ |
| 851 | "0108" "09710000000156f0" |
| 852 | /* 5 auth vectors... */ |
| 853 | /* TL TL rand */ |
| 854 | "0362" "2010" "39fa2f4e3d523d8619a73b4f65c3e14d" |
| 855 | /* TL sres TL kc */ |
| 856 | "2104" "9b36efdf" "2208" "059a4f668f6fbe39" |
| 857 | /* TL 3G IK */ |
| 858 | "2310" "27497388b6cb044648f396aa155b95ef" |
| 859 | /* TL 3G CK */ |
| 860 | "2410" "f64735036e5871319c679f4742a75ea1" |
| 861 | /* TL AUTN */ |
| 862 | "2510" "8704f5ba55f30000d2ee44b22c8ea919" |
| 863 | /* TL RES */ |
| 864 | "2708" "e229c19e791f2e41" |
| 865 | /* TL TL rand */ |
| 866 | "0362" "2010" "c187a53a5e6b9d573cac7c74451fd46d" |
| 867 | "2104" "85aa3130" "2208" "d3d50a000bf04f6e" |
| 868 | "2310" "1159ec926a50e98c034a6b7d7c9f418d" |
| 869 | "2410" "df3a03d9ca5335641efc8e36d76cd20b" |
| 870 | "2510" "1843a645b98d00005b2d666af46c45d9" |
| 871 | "2708" "7db47cf7f81e4dc7" |
| 872 | "0362" "2010" "efa9c29a9742148d5c9070348716e1bb" |
| 873 | "2104" "69d5f9fb" "2208" "3df176f0c29f1a3d" |
| 874 | "2310" "eb50e770ddcc3060101d2f43b6c2b884" |
| 875 | "2410" "76542abce5ff9345b0e8947f4c6e019c" |
| 876 | "2510" "f9375e6d41e1000096e7fe4ff1c27e39" |
| 877 | "2708" "706f996719ba609c" |
| 878 | "0362" "2010" "f023d5a3b24726e0631b64b3840f8253" |
| 879 | "2104" "d570c03f" "2208" "ec011be8919883d6" |
| 880 | "2310" "c4e58af4ba43f3bcd904e16984f086d7" |
| 881 | "2410" "0593f65e752e5cb7f473862bda05aa0a" |
| 882 | "2510" "541ff1f077270000c5ea00d658bc7e9a" |
| 883 | "2708" "3fd26072eaa2a04d" |
| 884 | "0362" "2010" "2f8f90c780d6a9c0c53da7ac57b6707e" |
| 885 | "2104" "b072446f220823f39f9f425ad6e6" |
| 886 | "2310" "65af0527fda95b0dc5ae4aa515cdf32f" |
| 887 | "2410" "537c3b35a3b13b08d08eeb28098f45cc" |
| 888 | "2510" "4bf4e564f75300009bc796706bc65744" |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 889 | "2708" "0edb0eadbea94ac2" HLR_TO_VLR, |
Neels Hofmeyr | 31adcae | 2018-03-10 04:08:45 +0100 | [diff] [blame] | 890 | NULL); |
| 891 | VERBOSE_ASSERT(auth_request_sent, == true, "%d"); |
| 892 | VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); |
| 893 | |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 894 | if (via_ran == OSMO_RAT_GERAN_A) |
Neels Hofmeyr | 31adcae | 2018-03-10 04:08:45 +0100 | [diff] [blame] | 895 | btw("MS sends Authen Response of wrong RES size, VLR thwarts:" |
| 896 | " GERAN reports an SRES mismatch"); |
| 897 | else |
| 898 | btw("MS sends Authen Response of wrong RES size, VLR thwarts:" |
| 899 | " UTRAN disallows GSM AKA altogether"); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 900 | gsup_expect_tx("0b010809710000000156f0" VLR_TO_HLR); /* OSMO_GSUP_MSGT_AUTH_FAIL_REPORT */ |
Neels Hofmeyr | 31adcae | 2018-03-10 04:08:45 +0100 | [diff] [blame] | 901 | expect_release_clear(via_ran); |
| 902 | ms_sends_msg("0554" "e229c19e" /* Only the SRES half of the RES */); |
| 903 | VERBOSE_ASSERT(lu_result_sent, == RES_REJECT, "%d"); |
| 904 | ASSERT_RELEASE_CLEAR(via_ran); |
Neels Hofmeyr | c4628a3 | 2018-12-07 14:47:34 +0100 | [diff] [blame] | 905 | ran_sends_clear_complete(via_ran); |
Neels Hofmeyr | 31adcae | 2018-03-10 04:08:45 +0100 | [diff] [blame] | 906 | |
| 907 | EXPECT_CONN_COUNT(0); |
| 908 | clear_vlr(); |
| 909 | } |
| 910 | |
| 911 | static void test_umts_authen_only_sres_geran() |
| 912 | { |
| 913 | comment_start(); |
Neels Hofmeyr | a4d7a76 | 2019-07-31 15:21:19 +0200 | [diff] [blame] | 914 | /* A5/0 = no encryption */ |
| 915 | net->a5_encryption_mask = A5_0; |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 916 | _test_umts_authen_only_sres(OSMO_RAT_GERAN_A); |
Neels Hofmeyr | 31adcae | 2018-03-10 04:08:45 +0100 | [diff] [blame] | 917 | comment_end(); |
| 918 | } |
| 919 | |
| 920 | static void test_umts_authen_only_sres_utran() |
| 921 | { |
| 922 | comment_start(); |
Neels Hofmeyr | a4d7a76 | 2019-07-31 15:21:19 +0200 | [diff] [blame] | 923 | /* A5/0 + A5/3 = encryption enabled; so far the A5 setting also triggers UTRAN encryption */ |
| 924 | net->a5_encryption_mask = A5_0_3; |
Neels Hofmeyr | 7814a83 | 2018-12-26 00:40:18 +0100 | [diff] [blame] | 925 | _test_umts_authen_only_sres(OSMO_RAT_UTRAN_IU); |
Neels Hofmeyr | 31adcae | 2018-03-10 04:08:45 +0100 | [diff] [blame] | 926 | comment_end(); |
| 927 | } |
| 928 | |
Neels Hofmeyr | 15ed426 | 2018-03-10 04:02:44 +0100 | [diff] [blame] | 929 | |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 930 | msc_vlr_test_func_t msc_vlr_tests[] = { |
| 931 | test_umts_authen_geran, |
| 932 | test_umts_authen_utran, |
Neels Hofmeyr | 14c34d8 | 2019-07-31 15:51:02 +0200 | [diff] [blame^] | 933 | test_umts_auth_ciph_utran, |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 934 | test_umts_authen_resync_geran, |
| 935 | test_umts_authen_resync_utran, |
Neels Hofmeyr | 14c34d8 | 2019-07-31 15:51:02 +0200 | [diff] [blame^] | 936 | test_umts_auth_ciph_resync_utran, |
Neels Hofmeyr | 15ed426 | 2018-03-10 04:02:44 +0100 | [diff] [blame] | 937 | test_umts_authen_too_short_res_geran, |
| 938 | test_umts_authen_too_short_res_utran, |
Neels Hofmeyr | c6d20dd | 2018-03-10 04:03:43 +0100 | [diff] [blame] | 939 | test_umts_authen_too_long_res_geran, |
| 940 | test_umts_authen_too_long_res_utran, |
Neels Hofmeyr | 31adcae | 2018-03-10 04:08:45 +0100 | [diff] [blame] | 941 | test_umts_authen_only_sres_geran, |
| 942 | test_umts_authen_only_sres_utran, |
Neels Hofmeyr | 6a29d32 | 2017-01-25 15:04:16 +0100 | [diff] [blame] | 943 | NULL |
| 944 | }; |