Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / 83e311fa3e651e882e8648684dfe9efbce2b9bf4 / . / tests / msc_vlr / msc_vlr_test_gsm_ciph.c
blob: 19092e22459b1d70e509e7656f4ded319f35e64f [file] [log] [blame]
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]1/* Osmocom MSC+VLR end-to-end tests */
2
3/* (C) 2017 by sysmocom s.f.m.c. GmbH <info@sysmocom.de>
4 *
5 * All Rights Reserved
6 *
7 * Author: Neels Hofmeyr <nhofmeyr@sysmocom.de>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation; either version 3 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
18 *
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 *
22 */
23
24#include "msc_vlr_tests.h"
Harald Welte0df904d2018-12-03 11:00:04 +0100[diff] [blame]25#include "stubs.h"
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]26
Neels Hofmeyrf3d81f62018-03-02 01:05:38 +0100[diff] [blame]27static void test_ciph()
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]28{
29 struct vlr_subscr *vsub;
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]30 const char *imsi = "901700000004620";
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]31
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]32 comment_start();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]33
34 /* implicit: net->authentication_required = true; */
Harald Welte7b222aa2017-12-23 19:30:32 +0100[diff] [blame]35 net->a5_encryption_mask = (1 << 1);
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]36
37 btw("Location Update request causes a GSUP Send Auth Info request to HLR");
38 lu_result_sent = RES_NONE;
39 gsup_expect_tx("08010809710000004026f0");
40 ms_sends_msg("050802008168000130089910070000006402");
41 OSMO_ASSERT(gsup_tx_confirmed);
42 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
43
44 btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS");
45 /* Based on a Ki of 000102030405060708090a0b0c0d0e0f */
46 auth_request_sent = false;
47 auth_request_expect_rand = "585df1ae287f6e273dce07090d61320b";
48 auth_request_expect_autn = NULL;
49 gsup_rx("0a"
50 /* imsi */
51 "0108" "09710000004026f0"
52 /* 5 auth vectors... */
53 /* TL TL rand */
54 "0322" "2010" "585df1ae287f6e273dce07090d61320b"
55 /* TL sres TL kc */
56 "2104" "2d8b2c3e" "2208" "61855fb81fc2a800"
57 "0322" "2010" "12aca96fb4ffdea5c985cbafa9b6e18b"
58 "2104" "20bde240" "2208" "07fa7502e07e1c00"
59 "0322" "2010" "e7c03ba7cf0e2fde82b2dc4d63077d42"
60 "2104" "a29514ae" "2208" "e2b234f807886400"
61 "0322" "2010" "fa8f20b781b5881329d4fea26b1a3c51"
62 "2104" "5afc8d72" "2208" "2392f14f709ae000"
63 "0322" "2010" "0fd4cc8dbe8715d1f439e304edfd68dc"
64 "2104" "bc8d1c5b" "2208" "da7cdd6bfe2d7000",
65 NULL);
66 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
67 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
68
69 btw("MS sends Authen Response, VLR accepts and sends Ciphering Mode Command to MS");
Neels Hofmeyrdbabfd32018-03-10 02:06:47 +0100[diff] [blame]70 expect_cipher_mode_cmd("61855fb81fc2a800");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]71 ms_sends_msg("05542d8b2c3e");
72 OSMO_ASSERT(cipher_mode_cmd_sent);
73 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
74
75 btw("needs ciph, not yet accepted");
76 EXPECT_ACCEPTED(false);
77 thwart_rx_non_initial_requests();
78 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
79
80 btw("MS sends Ciphering Mode Complete, VLR accepts and sends GSUP LU Req to HLR");
Neels Hofmeyrd0756b12018-09-28 02:41:39 +0200[diff] [blame]81 gsup_expect_tx("04010809710000004026f0280102");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]82 ms_sends_msg("0632");
83 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
84
85 btw("HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT");
86 gsup_rx("10010809710000004026f00804036470f1",
87 "12010809710000004026f0");
88 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
89
90 btw("HLR also sends GSUP _UPDATE_LOCATION_RESULT");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]91 expect_bssap_clear();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]92 gsup_rx("06010809710000004026f0", NULL);
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]93 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]94
95 btw("LU was successful, and the conn has already been closed");
96 VERBOSE_ASSERT(lu_result_sent, == RES_ACCEPT, "%d");
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]97 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]98 EXPECT_CONN_COUNT(0);
99
100 BTW("after a while, a new conn sends a CM Service Request. VLR responds with Auth Req, 2nd auth vector");
101 cm_service_result_sent = RES_NONE;
102 auth_request_sent = false;
103 auth_request_expect_rand = "12aca96fb4ffdea5c985cbafa9b6e18b";
104 ms_sends_msg("05247803305886089910070000006402");
105 OSMO_ASSERT(g_conn);
Neels Hofmeyr4d3a66b2018-03-31 18:45:59 +0200[diff] [blame]106 OSMO_ASSERT(g_conn->fi);
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]107 OSMO_ASSERT(g_conn->vsub);
108 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
109 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
110
111 btw("needs auth, not yet accepted");
112 EXPECT_ACCEPTED(false);
113 thwart_rx_non_initial_requests();
114
115 btw("MS sends Authen Response, VLR accepts and requests Ciphering");
Neels Hofmeyrdbabfd32018-03-10 02:06:47 +0100[diff] [blame]116 expect_cipher_mode_cmd("07fa7502e07e1c00");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]117 ms_sends_msg("0554" "20bde240" /* 2nd vector's sres, s.a. */);
118 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
119 VERBOSE_ASSERT(cipher_mode_cmd_sent, == true, "%d");
120
121 btw("needs ciph, not yet accepted");
122 EXPECT_ACCEPTED(false);
123 thwart_rx_non_initial_requests();
124
125 btw("MS sends Ciphering Mode Complete, VLR accepts; above Ciphering is an implicit CM Service Accept");
126 ms_sends_msg("0632");
127 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
128
Vadim Yanitskiy27605852018-06-15 23:57:30 +0700[diff] [blame]129 /* Release connection */
Neels Hofmeyr7814a832018-12-26 00:40:18 +0100[diff] [blame]130 expect_bssap_clear(OSMO_RAT_GERAN_A);
131 conn_conclude_cm_service_req(g_conn, OSMO_RAT_GERAN_A);
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]132
133 btw("all requests serviced, conn has been released");
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]134 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]135 EXPECT_CONN_COUNT(0);
136
137 BTW("an SMS is sent, MS is paged");
138 paging_expect_imsi(imsi);
139 paging_sent = false;
140 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
141 OSMO_ASSERT(vsub);
142 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 0, "%d");
143
144 send_sms(vsub, vsub,
145 "Privacy in residential applications is a desirable"
146 " marketing option.");
147
148 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 1, "%d");
149 vlr_subscr_put(vsub);
150 vsub = NULL;
151 VERBOSE_ASSERT(paging_sent, == true, "%d");
152 VERBOSE_ASSERT(paging_stopped, == false, "%d");
153
154 btw("the subscriber and its pending request should remain");
155 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
156 OSMO_ASSERT(vsub);
157 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 1, "%d");
158 vlr_subscr_put(vsub);
159
160 btw("MS replies with Paging Response, and VLR sends Auth Request with third key");
161 auth_request_sent = false;
162 auth_request_expect_rand = "e7c03ba7cf0e2fde82b2dc4d63077d42";
163 ms_sends_msg("06270703305882089910070000006402");
164 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
165
166 btw("needs auth, not yet accepted");
167 EXPECT_ACCEPTED(false);
168 thwart_rx_non_initial_requests();
169
170 btw("MS sends Authen Response, VLR accepts and requests Ciphering");
Neels Hofmeyrdbabfd32018-03-10 02:06:47 +0100[diff] [blame]171 expect_cipher_mode_cmd("e2b234f807886400");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]172 ms_sends_msg("0554" "a29514ae" /* 3rd vector's sres, s.a. */);
173 VERBOSE_ASSERT(cipher_mode_cmd_sent, == true, "%d");
174
175 btw("needs ciph, not yet accepted");
176 EXPECT_ACCEPTED(false);
177 thwart_rx_non_initial_requests();
178
179 btw("MS sends Ciphering Mode Complete, VLR accepts and sends pending SMS");
180 dtap_expect_tx("09" /* SMS messages */
181 "01" /* CP-DATA */
182 "58" /* length */
183 "01" /* Network to MS */
184 "00" /* reference */
185 /* originator (gsm411_send_sms() hardcodes this weird nr) */
186 "0791" "447758100650" /* 447785016005 */
187 "00" /* dest */
188 /* SMS TPDU */
189 "4c" /* len */
190 "00" /* SMS deliver */
191 "05806470f1" /* originating address 46071 */
192 "00" /* TP-PID */
193 "00" /* GSM default alphabet */
194 "071010" /* Y-M-D (from wrapped gsm340_gen_scts())*/
195 "000000" /* H-M-S */
196 "00" /* GMT+0 */
197 "44" /* data length */
198 "5079da1e1ee7416937485e9ea7c965373d1d6683c270383b3d0e"
199 "d3d36ff71c949e83c22072799e9687c5ec32a81d96afcbf4b4fb"
200 "0c7ac3e9e9b7db05");
201 ms_sends_msg("0632");
202 VERBOSE_ASSERT(dtap_tx_confirmed, == true, "%d");
203 VERBOSE_ASSERT(paging_stopped, == true, "%d");
204
205 btw("SMS was delivered, no requests pending for subscr");
206 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
207 OSMO_ASSERT(vsub);
208 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 0, "%d");
209 vlr_subscr_put(vsub);
210
211 btw("conn is still open to wait for SMS ack dance");
212 EXPECT_CONN_COUNT(1);
213
214 btw("MS replies with CP-ACK for received SMS");
215 ms_sends_msg("8904");
216 EXPECT_CONN_COUNT(1);
217
218 btw("MS also sends RP-ACK, MSC in turn sends CP-ACK for that");
219 dtap_expect_tx("0904");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]220 expect_bssap_clear();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]221 ms_sends_msg("890106020041020000");
222 VERBOSE_ASSERT(dtap_tx_confirmed, == true, "%d");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]223 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]224
225 btw("SMS is done, conn is gone");
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]226 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]227 EXPECT_CONN_COUNT(0);
228
229 BTW("subscriber detaches");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]230 expect_bssap_clear();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]231 ms_sends_msg("050130089910070000006402");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]232 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]233
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]234 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]235 EXPECT_CONN_COUNT(0);
236 clear_vlr();
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]237 comment_end();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]238}
239
Neels Hofmeyrf3d81f62018-03-02 01:05:38 +0100[diff] [blame]240static void test_ciph_tmsi()
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]241{
242 struct vlr_subscr *vsub;
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]243 const char *imsi = "901700000004620";
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]244
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]245 comment_start();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]246
247 /* implicit: net->authentication_required = true; */
Harald Welte7b222aa2017-12-23 19:30:32 +0100[diff] [blame]248 net->a5_encryption_mask = (1 << 1);
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]249 net->vlr->cfg.assign_tmsi = true;
250
251 btw("Location Update request causes a GSUP Send Auth Info request to HLR");
252 lu_result_sent = RES_NONE;
253 gsup_expect_tx("08010809710000004026f0");
254 ms_sends_msg("050802008168000130089910070000006402");
255 OSMO_ASSERT(gsup_tx_confirmed);
256 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
257
258 btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS");
259 /* Based on a Ki of 000102030405060708090a0b0c0d0e0f */
260 auth_request_sent = false;
261 auth_request_expect_rand = "585df1ae287f6e273dce07090d61320b";
262 auth_request_expect_autn = NULL;
263 gsup_rx("0a"
264 /* imsi */
265 "0108" "09710000004026f0"
266 /* 5 auth vectors... */
267 /* TL TL rand */
268 "0322" "2010" "585df1ae287f6e273dce07090d61320b"
269 /* TL sres TL kc */
270 "2104" "2d8b2c3e" "2208" "61855fb81fc2a800"
271 "0322" "2010" "12aca96fb4ffdea5c985cbafa9b6e18b"
272 "2104" "20bde240" "2208" "07fa7502e07e1c00"
273 "0322" "2010" "e7c03ba7cf0e2fde82b2dc4d63077d42"
274 "2104" "a29514ae" "2208" "e2b234f807886400"
275 "0322" "2010" "fa8f20b781b5881329d4fea26b1a3c51"
276 "2104" "5afc8d72" "2208" "2392f14f709ae000"
277 "0322" "2010" "0fd4cc8dbe8715d1f439e304edfd68dc"
278 "2104" "bc8d1c5b" "2208" "da7cdd6bfe2d7000",
279 NULL);
280 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
281 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
282
283 btw("MS sends Authen Response, VLR accepts and sends Ciphering Mode Command to MS");
Neels Hofmeyrdbabfd32018-03-10 02:06:47 +0100[diff] [blame]284 expect_cipher_mode_cmd("61855fb81fc2a800");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]285 ms_sends_msg("05542d8b2c3e");
286 OSMO_ASSERT(cipher_mode_cmd_sent);
287 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
288 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
289
290 btw("needs ciph, not yet accepted");
291 EXPECT_ACCEPTED(false);
292 thwart_rx_non_initial_requests();
293 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
294
295 btw("MS sends Ciphering Mode Complete, VLR accepts and sends GSUP LU Req to HLR");
Neels Hofmeyrd0756b12018-09-28 02:41:39 +0200[diff] [blame]296 gsup_expect_tx("04010809710000004026f0280102");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]297 ms_sends_msg("0632");
298 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
299
300 btw("HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT");
301 gsup_rx("10010809710000004026f00804036470f1",
302 "12010809710000004026f0");
303 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
304
305 btw("HLR also sends GSUP _UPDATE_LOCATION_RESULT");
306 gsup_rx("06010809710000004026f0", NULL);
307
308 btw("a LU Accept with a new TMSI was sent, waiting for TMSI Realloc Compl");
309 EXPECT_CONN_COUNT(1);
310 VERBOSE_ASSERT(lu_result_sent, == RES_ACCEPT, "%d");
311 EXPECT_ACCEPTED(false);
312 thwart_rx_non_initial_requests();
313
314 btw("even though the TMSI is not acked, we can already find the subscr with it");
315 vsub = vlr_subscr_find_by_tmsi(net->vlr, 0x03020100);
316 VERBOSE_ASSERT(vsub != NULL, == true, "%d");
317 VERBOSE_ASSERT(strcmp(vsub->imsi, imsi), == 0, "%d");
318 VERBOSE_ASSERT(vsub->tmsi_new, == 0x03020100, "0x%08x");
319 VERBOSE_ASSERT(vsub->tmsi, == GSM_RESERVED_TMSI, "0x%08x");
320 vlr_subscr_put(vsub);
321
322 btw("MS sends TMSI Realloc Complete");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]323 expect_bssap_clear();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]324 ms_sends_msg("055b");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]325 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]326
327 btw("LU was successful, and the conn has already been closed");
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]328 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]329 EXPECT_CONN_COUNT(0);
330
331 btw("Subscriber has the new TMSI");
332 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
333 VERBOSE_ASSERT(vsub != NULL, == true, "%d");
334 VERBOSE_ASSERT(strcmp(vsub->imsi, imsi), == 0, "%d");
335 VERBOSE_ASSERT(vsub->tmsi_new, == GSM_RESERVED_TMSI, "0x%08x");
336 VERBOSE_ASSERT(vsub->tmsi, == 0x03020100, "0x%08x");
337 vlr_subscr_put(vsub);
338
339 BTW("after a while, a new conn sends a CM Service Request using above TMSI. VLR responds with Auth Req, 2nd auth vector");
340 cm_service_result_sent = RES_NONE;
341 auth_request_sent = false;
342 auth_request_expect_rand = "12aca96fb4ffdea5c985cbafa9b6e18b";
343 auth_request_expect_autn = NULL;
344 ms_sends_msg("05247803305886" "05f4" "03020100");
345 OSMO_ASSERT(g_conn);
Neels Hofmeyr4d3a66b2018-03-31 18:45:59 +0200[diff] [blame]346 OSMO_ASSERT(g_conn->fi);
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]347 OSMO_ASSERT(g_conn->vsub);
348 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
349 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
350
351 btw("needs auth, not yet accepted");
352 EXPECT_ACCEPTED(false);
353 thwart_rx_non_initial_requests();
354
355 btw("MS sends Authen Response, VLR accepts and requests Ciphering");
Neels Hofmeyrdbabfd32018-03-10 02:06:47 +0100[diff] [blame]356 expect_cipher_mode_cmd("07fa7502e07e1c00");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]357 ms_sends_msg("0554" "20bde240" /* 2nd vector's sres, s.a. */);
358 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
359 VERBOSE_ASSERT(cipher_mode_cmd_sent, == true, "%d");
360
361 btw("needs ciph, not yet accepted");
362 EXPECT_ACCEPTED(false);
363 thwart_rx_non_initial_requests();
364
365 btw("MS sends Ciphering Mode Complete, VLR accepts; above Ciphering is an implicit CM Service Accept");
366 ms_sends_msg("0632");
367 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
368
Vadim Yanitskiy27605852018-06-15 23:57:30 +0700[diff] [blame]369 /* Release connection */
Neels Hofmeyr7814a832018-12-26 00:40:18 +0100[diff] [blame]370 expect_bssap_clear(OSMO_RAT_GERAN_A);
371 conn_conclude_cm_service_req(g_conn, OSMO_RAT_GERAN_A);
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]372
373 btw("all requests serviced, conn has been released");
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]374 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]375 EXPECT_CONN_COUNT(0);
376
377 BTW("an SMS is sent, MS is paged");
378 paging_expect_tmsi(0x03020100);
379 paging_sent = false;
380 vsub = vlr_subscr_find_by_tmsi(net->vlr, 0x03020100);
381 OSMO_ASSERT(vsub);
382 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 0, "%d");
383
384 send_sms(vsub, vsub,
385 "Privacy in residential applications is a desirable"
386 " marketing option.");
387
388 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 1, "%d");
389 vlr_subscr_put(vsub);
390 vsub = NULL;
391 VERBOSE_ASSERT(paging_sent, == true, "%d");
392 VERBOSE_ASSERT(paging_stopped, == false, "%d");
393
394 btw("the subscriber and its pending request should remain");
395 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
396 OSMO_ASSERT(vsub);
397 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 1, "%d");
398 vlr_subscr_put(vsub);
399
400 btw("MS replies with Paging Response using TMSI, and VLR sends Auth Request with third key");
401 auth_request_sent = false;
402 auth_request_expect_rand = "e7c03ba7cf0e2fde82b2dc4d63077d42";
403 ms_sends_msg("06270703305882" "05f4" "03020100");
404 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
405
406 btw("needs auth, not yet accepted");
407 EXPECT_ACCEPTED(false);
408 thwart_rx_non_initial_requests();
409
410 btw("MS sends Authen Response, VLR accepts and requests Ciphering");
Neels Hofmeyrdbabfd32018-03-10 02:06:47 +0100[diff] [blame]411 expect_cipher_mode_cmd("e2b234f807886400");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]412 ms_sends_msg("0554" "a29514ae" /* 3rd vector's sres, s.a. */);
413 VERBOSE_ASSERT(cipher_mode_cmd_sent, == true, "%d");
414
415 btw("needs ciph, not yet accepted");
416 EXPECT_ACCEPTED(false);
417 thwart_rx_non_initial_requests();
418
419 btw("MS sends Ciphering Mode Complete, VLR accepts and sends pending SMS");
420 dtap_expect_tx("09" /* SMS messages */
421 "01" /* CP-DATA */
422 "58" /* length */
423 "01" /* Network to MS */
424 "00" /* reference */
425 /* originator (gsm411_send_sms() hardcodes this weird nr) */
426 "0791" "447758100650" /* 447785016005 */
427 "00" /* dest */
428 /* SMS TPDU */
429 "4c" /* len */
430 "00" /* SMS deliver */
431 "05806470f1" /* originating address 46071 */
432 "00" /* TP-PID */
433 "00" /* GSM default alphabet */
434 "071010" /* Y-M-D (from wrapped gsm340_gen_scts())*/
435 "000000" /* H-M-S */
436 "00" /* GMT+0 */
437 "44" /* data length */
438 "5079da1e1ee7416937485e9ea7c965373d1d6683c270383b3d0e"
439 "d3d36ff71c949e83c22072799e9687c5ec32a81d96afcbf4b4fb"
440 "0c7ac3e9e9b7db05");
441 ms_sends_msg("0632");
442 VERBOSE_ASSERT(dtap_tx_confirmed, == true, "%d");
443 VERBOSE_ASSERT(paging_stopped, == true, "%d");
444
445 btw("SMS was delivered, no requests pending for subscr");
446 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
447 OSMO_ASSERT(vsub);
448 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 0, "%d");
449 vlr_subscr_put(vsub);
450
451 btw("conn is still open to wait for SMS ack dance");
452 EXPECT_CONN_COUNT(1);
453
454 btw("MS replies with CP-ACK for received SMS");
455 ms_sends_msg("8904");
456 EXPECT_CONN_COUNT(1);
457
458 btw("MS also sends RP-ACK, MSC in turn sends CP-ACK for that");
459 dtap_expect_tx("0904");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]460 expect_bssap_clear();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]461 ms_sends_msg("890106020041020000");
462 VERBOSE_ASSERT(dtap_tx_confirmed, == true, "%d");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]463 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]464
465 btw("SMS is done, conn is gone");
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]466 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]467 EXPECT_CONN_COUNT(0);
468
469 BTW("subscriber detaches, using TMSI");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]470 expect_bssap_clear();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]471 ms_sends_msg("050130" "05f4" "03020100");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]472 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]473
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]474 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]475 EXPECT_CONN_COUNT(0);
476 clear_vlr();
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]477 comment_end();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]478}
479
Neels Hofmeyrf3d81f62018-03-02 01:05:38 +0100[diff] [blame]480static void test_ciph_imei()
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]481{
482 struct vlr_subscr *vsub;
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]483 const char *imsi = "901700000004620";
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]484
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]485 comment_start();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]486
487 /* implicit: net->authentication_required = true; */
Harald Welte7b222aa2017-12-23 19:30:32 +0100[diff] [blame]488 net->a5_encryption_mask = (1 << 1);
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]489 net->vlr->cfg.check_imei_rqd = true;
490
491 btw("Location Update request causes a GSUP Send Auth Info request to HLR");
492 lu_result_sent = RES_NONE;
493 gsup_expect_tx("08010809710000004026f0");
494 ms_sends_msg("050802008168000130089910070000006402");
495 OSMO_ASSERT(gsup_tx_confirmed);
496 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
497
498 btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS");
499 /* Based on a Ki of 000102030405060708090a0b0c0d0e0f */
500 auth_request_sent = false;
501 auth_request_expect_rand = "585df1ae287f6e273dce07090d61320b";
502 auth_request_expect_autn = NULL;
503 gsup_rx("0a"
504 /* imsi */
505 "0108" "09710000004026f0"
506 /* 5 auth vectors... */
507 /* TL TL rand */
508 "0322" "2010" "585df1ae287f6e273dce07090d61320b"
509 /* TL sres TL kc */
510 "2104" "2d8b2c3e" "2208" "61855fb81fc2a800"
511 "0322" "2010" "12aca96fb4ffdea5c985cbafa9b6e18b"
512 "2104" "20bde240" "2208" "07fa7502e07e1c00"
513 "0322" "2010" "e7c03ba7cf0e2fde82b2dc4d63077d42"
514 "2104" "a29514ae" "2208" "e2b234f807886400"
515 "0322" "2010" "fa8f20b781b5881329d4fea26b1a3c51"
516 "2104" "5afc8d72" "2208" "2392f14f709ae000"
517 "0322" "2010" "0fd4cc8dbe8715d1f439e304edfd68dc"
518 "2104" "bc8d1c5b" "2208" "da7cdd6bfe2d7000",
519 NULL);
520 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
521 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
522
523 btw("MS sends Authen Response, VLR accepts and sends Ciphering Mode Command to MS");
Neels Hofmeyrdbabfd32018-03-10 02:06:47 +0100[diff] [blame]524 expect_cipher_mode_cmd("61855fb81fc2a800");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]525 ms_sends_msg("05542d8b2c3e");
526 OSMO_ASSERT(cipher_mode_cmd_sent);
527 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
528
529 btw("needs ciph, not yet accepted");
530 EXPECT_ACCEPTED(false);
531 thwart_rx_non_initial_requests();
532 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
533
534 btw("MS sends Ciphering Mode Complete, VLR accepts and sends GSUP LU Req to HLR");
Neels Hofmeyrd0756b12018-09-28 02:41:39 +0200[diff] [blame]535 gsup_expect_tx("04010809710000004026f0280102");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]536 ms_sends_msg("0632");
537 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
538
539 btw("HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT");
540 gsup_rx("10010809710000004026f00804036470f1",
541 "12010809710000004026f0");
542 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
543
544 btw("HLR also sends GSUP _UPDATE_LOCATION_RESULT, and we send an ID Request for the IMEI to the MS");
545 dtap_expect_tx("051802");
546 gsup_rx("06010809710000004026f0", NULL);
547
548 btw("We will only do business when the IMEI is known");
549 EXPECT_CONN_COUNT(1);
550 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
551 OSMO_ASSERT(vsub);
552 VERBOSE_ASSERT(vsub->imei[0], == 0, "%d");
553 vlr_subscr_put(vsub);
554 EXPECT_ACCEPTED(false);
555 thwart_rx_non_initial_requests();
556
Oliver Smith7d053092018-12-14 17:37:38 +0100[diff] [blame]557 btw("MS replies with an Identity Response, VLR sends the IMEI to HLR");
558 gsup_expect_tx("30010809710000004026f050090824433224433224f0");
Neels Hofmeyr34d33bd2017-07-20 02:56:21 +0200[diff] [blame]559 ms_sends_msg("0559084a32244332244302");
Oliver Smith7d053092018-12-14 17:37:38 +0100[diff] [blame]560 EXPECT_ACCEPTED(false);
561 thwart_rx_non_initial_requests();
562
563 btw("HLR accepts the IMEI");
564 expect_bssap_clear();
565 gsup_rx("32010809710000004026f0510100", NULL);
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]566 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]567
568 btw("LU was successful, and the conn has already been closed");
569 VERBOSE_ASSERT(lu_result_sent, == RES_ACCEPT, "%d");
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]570 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]571 EXPECT_CONN_COUNT(0);
572
573 btw("Subscriber has the IMEI");
574 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
575 OSMO_ASSERT(vsub);
Neels Hofmeyr34d33bd2017-07-20 02:56:21 +0200[diff] [blame]576 VERBOSE_ASSERT(strcmp(vsub->imei, "423423423423420"), == 0, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]577 vlr_subscr_put(vsub);
578
579 BTW("subscriber detaches");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]580 expect_bssap_clear();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]581 ms_sends_msg("050130089910070000006402");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]582 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]583
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]584 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]585 EXPECT_CONN_COUNT(0);
586 clear_vlr();
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]587 comment_end();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]588}
589
Neels Hofmeyrf3d81f62018-03-02 01:05:38 +0100[diff] [blame]590static void test_ciph_imeisv()
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]591{
592 struct vlr_subscr *vsub;
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]593 const char *imsi = "901700000004620";
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]594
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]595 comment_start();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]596
597 /* implicit: net->authentication_required = true; */
Harald Welte7b222aa2017-12-23 19:30:32 +0100[diff] [blame]598 net->a5_encryption_mask = (1 << 1);
Neels Hofmeyr54a706c2017-07-18 15:39:27 +0200[diff] [blame]599 net->vlr->cfg.retrieve_imeisv_ciphered = true;
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]600
601 btw("Location Update request causes a GSUP Send Auth Info request to HLR");
602 lu_result_sent = RES_NONE;
603 gsup_expect_tx("08010809710000004026f0");
604 ms_sends_msg("050802008168000130089910070000006402");
605 OSMO_ASSERT(gsup_tx_confirmed);
606 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
607
608 btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS");
609 /* Based on a Ki of 000102030405060708090a0b0c0d0e0f */
610 auth_request_sent = false;
611 auth_request_expect_rand = "585df1ae287f6e273dce07090d61320b";
612 auth_request_expect_autn = NULL;
613 gsup_rx("0a"
614 /* imsi */
615 "0108" "09710000004026f0"
616 /* 5 auth vectors... */
617 /* TL TL rand */
618 "0322" "2010" "585df1ae287f6e273dce07090d61320b"
619 /* TL sres TL kc */
620 "2104" "2d8b2c3e" "2208" "61855fb81fc2a800"
621 "0322" "2010" "12aca96fb4ffdea5c985cbafa9b6e18b"
622 "2104" "20bde240" "2208" "07fa7502e07e1c00"
623 "0322" "2010" "e7c03ba7cf0e2fde82b2dc4d63077d42"
624 "2104" "a29514ae" "2208" "e2b234f807886400"
625 "0322" "2010" "fa8f20b781b5881329d4fea26b1a3c51"
626 "2104" "5afc8d72" "2208" "2392f14f709ae000"
627 "0322" "2010" "0fd4cc8dbe8715d1f439e304edfd68dc"
628 "2104" "bc8d1c5b" "2208" "da7cdd6bfe2d7000",
629 NULL);
630 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
631 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
632
633 btw("MS sends Authen Response, VLR accepts and sends Ciphering Mode Command to MS");
Neels Hofmeyrdbabfd32018-03-10 02:06:47 +0100[diff] [blame]634 expect_cipher_mode_cmd("61855fb81fc2a800");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]635 ms_sends_msg("05542d8b2c3e");
636 VERBOSE_ASSERT(cipher_mode_cmd_sent, == true, "%d");
637 VERBOSE_ASSERT(cipher_mode_cmd_sent_with_imeisv, == true, "%d");
638 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
639
640 btw("needs ciph, not yet accepted");
641 EXPECT_ACCEPTED(false);
642 thwart_rx_non_initial_requests();
643 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
644
645 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
646 OSMO_ASSERT(vsub);
647 VERBOSE_ASSERT(vsub->imeisv[0], == 0, "%d");
648 vlr_subscr_put(vsub);
649
650 btw("MS sends Ciphering Mode Complete with IMEISV, VLR accepts and sends GSUP LU Req to HLR");
Neels Hofmeyrd0756b12018-09-28 02:41:39 +0200[diff] [blame]651 gsup_expect_tx("04010809710000004026f0280102");
Neels Hofmeyr34d33bd2017-07-20 02:56:21 +0200[diff] [blame]652 ms_sends_msg("063217094b32244332244372f5");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]653 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
654
655 btw("Subscriber has the IMEISV");
656 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
657 OSMO_ASSERT(vsub);
Neels Hofmeyr34d33bd2017-07-20 02:56:21 +0200[diff] [blame]658 VERBOSE_ASSERT(strcmp(vsub->imeisv, "4234234234234275"), == 0, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]659 vlr_subscr_put(vsub);
660
661 EXPECT_ACCEPTED(false);
662 thwart_rx_non_initial_requests();
663
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]664 btw("HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT");
665 gsup_rx("10010809710000004026f00804036470f1",
666 "12010809710000004026f0");
667 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
668
669 btw("HLR also sends GSUP _UPDATE_LOCATION_RESULT");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]670 expect_bssap_clear();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]671 gsup_rx("06010809710000004026f0", NULL);
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]672 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]673
674 btw("LU was successful, and the conn has already been closed");
675 VERBOSE_ASSERT(lu_result_sent, == RES_ACCEPT, "%d");
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]676 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]677 EXPECT_CONN_COUNT(0);
678
679 BTW("subscriber detaches");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]680 expect_bssap_clear();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]681 ms_sends_msg("050130089910070000006402");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]682 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]683
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]684 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]685 EXPECT_CONN_COUNT(0);
686 clear_vlr();
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]687 comment_end();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]688}
689
Neels Hofmeyrf3d81f62018-03-02 01:05:38 +0100[diff] [blame]690static void test_ciph_tmsi_imei()
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]691{
692 struct vlr_subscr *vsub;
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]693 const char *imsi = "901700000004620";
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]694
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]695 comment_start();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]696
697 /* implicit: net->authentication_required = true; */
Harald Welte7b222aa2017-12-23 19:30:32 +0100[diff] [blame]698 net->a5_encryption_mask = (1 << 1);
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]699 net->vlr->cfg.assign_tmsi = true;
700 net->vlr->cfg.check_imei_rqd = true;
701
702 btw("Location Update request causes a GSUP Send Auth Info request to HLR");
703 lu_result_sent = RES_NONE;
704 gsup_expect_tx("08010809710000004026f0");
705 ms_sends_msg("050802008168000130089910070000006402");
706 OSMO_ASSERT(gsup_tx_confirmed);
707 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
708
709 btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS");
710 /* Based on a Ki of 000102030405060708090a0b0c0d0e0f */
711 auth_request_sent = false;
712 auth_request_expect_rand = "585df1ae287f6e273dce07090d61320b";
713 auth_request_expect_autn = NULL;
714 gsup_rx("0a"
715 /* imsi */
716 "0108" "09710000004026f0"
717 /* 5 auth vectors... */
718 /* TL TL rand */
719 "0322" "2010" "585df1ae287f6e273dce07090d61320b"
720 /* TL sres TL kc */
721 "2104" "2d8b2c3e" "2208" "61855fb81fc2a800"
722 "0322" "2010" "12aca96fb4ffdea5c985cbafa9b6e18b"
723 "2104" "20bde240" "2208" "07fa7502e07e1c00"
724 "0322" "2010" "e7c03ba7cf0e2fde82b2dc4d63077d42"
725 "2104" "a29514ae" "2208" "e2b234f807886400"
726 "0322" "2010" "fa8f20b781b5881329d4fea26b1a3c51"
727 "2104" "5afc8d72" "2208" "2392f14f709ae000"
728 "0322" "2010" "0fd4cc8dbe8715d1f439e304edfd68dc"
729 "2104" "bc8d1c5b" "2208" "da7cdd6bfe2d7000",
730 NULL);
731 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
732 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
733
734 btw("MS sends Authen Response, VLR accepts and sends Ciphering Mode Command to MS");
Neels Hofmeyrdbabfd32018-03-10 02:06:47 +0100[diff] [blame]735 expect_cipher_mode_cmd("61855fb81fc2a800");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]736 ms_sends_msg("05542d8b2c3e");
737 OSMO_ASSERT(cipher_mode_cmd_sent);
738 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
739
740 btw("needs ciph, not yet accepted");
741 EXPECT_ACCEPTED(false);
742 thwart_rx_non_initial_requests();
743 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
744
745 btw("MS sends Ciphering Mode Complete, VLR accepts and sends GSUP LU Req to HLR");
Neels Hofmeyrd0756b12018-09-28 02:41:39 +0200[diff] [blame]746 gsup_expect_tx("04010809710000004026f0280102");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]747 ms_sends_msg("0632");
748 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
749
750 btw("HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT");
751 gsup_rx("10010809710000004026f00804036470f1",
752 "12010809710000004026f0");
753 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
754
755 btw("HLR also sends GSUP _UPDATE_LOCATION_RESULT, and we send an ID Request for the IMEI to the MS");
756 dtap_expect_tx("051802");
757 gsup_rx("06010809710000004026f0", NULL);
758
759 btw("We will only do business when the IMEI is known");
760 EXPECT_CONN_COUNT(1);
761 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
762 OSMO_ASSERT(vsub);
763 VERBOSE_ASSERT(vsub->imei[0], == 0, "%d");
764 vlr_subscr_put(vsub);
765 EXPECT_ACCEPTED(false);
766 thwart_rx_non_initial_requests();
767
Oliver Smith7d053092018-12-14 17:37:38 +0100[diff] [blame]768 btw("MS replies with an Identity Response, VLR sends the IMEI to HLR");
769 gsup_expect_tx("30010809710000004026f050090824433224433224f0");
Neels Hofmeyr34d33bd2017-07-20 02:56:21 +0200[diff] [blame]770 ms_sends_msg("0559084a32244332244302");
Oliver Smith7d053092018-12-14 17:37:38 +0100[diff] [blame]771 EXPECT_ACCEPTED(false);
772 thwart_rx_non_initial_requests();
773
774 btw("HLR accepts the IMEI");
775 gsup_rx("32010809710000004026f0510100", NULL);
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]776
777 btw("a LU Accept with a new TMSI was sent, waiting for TMSI Realloc Compl");
778 EXPECT_CONN_COUNT(1);
779 VERBOSE_ASSERT(lu_result_sent, == RES_ACCEPT, "%d");
780 EXPECT_ACCEPTED(false);
781 thwart_rx_non_initial_requests();
782
783 btw("even though the TMSI is not acked, we can already find the subscr with it");
784 vsub = vlr_subscr_find_by_tmsi(net->vlr, 0x03020100);
785 VERBOSE_ASSERT(vsub != NULL, == true, "%d");
786 VERBOSE_ASSERT(strcmp(vsub->imsi, imsi), == 0, "%d");
787 VERBOSE_ASSERT(vsub->tmsi_new, == 0x03020100, "0x%08x");
788 VERBOSE_ASSERT(vsub->tmsi, == GSM_RESERVED_TMSI, "0x%08x");
789 vlr_subscr_put(vsub);
790
791 btw("MS sends TMSI Realloc Complete");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]792 expect_bssap_clear();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]793 ms_sends_msg("055b");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]794 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]795
796 btw("LU was successful, and the conn has already been closed");
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]797 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]798 EXPECT_CONN_COUNT(0);
799
800 btw("Subscriber has the IMEI and TMSI");
801 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
802 OSMO_ASSERT(vsub);
Neels Hofmeyr34d33bd2017-07-20 02:56:21 +0200[diff] [blame]803 VERBOSE_ASSERT(strcmp(vsub->imei, "423423423423420"), == 0, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]804 VERBOSE_ASSERT(vsub->tmsi, == 0x03020100, "0x%08x");
805 vlr_subscr_put(vsub);
806
807 BTW("subscriber detaches, using TMSI");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]808 expect_bssap_clear();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]809 ms_sends_msg("050130" "05f4" "03020100");
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]810 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]811
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]812 bss_sends_clear_complete();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]813 EXPECT_CONN_COUNT(0);
814 clear_vlr();
Neels Hofmeyrdfdc61d2018-03-02 00:40:58 +0100[diff] [blame]815 comment_end();
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]816}
817
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]818static void test_gsm_ciph_in_umts_env()
819{
820 struct vlr_subscr *vsub;
821 const char *imsi = "901700000010650";
822 const char *sms =
823 "09" /* SMS messages */
824 "01" /* CP-DATA */
825 "58" /* length */
826 "01" /* Network to MS */
827 "00" /* reference */
828 /* originator (gsm411_send_sms() hardcodes this weird nr) */
829 "0791" "447758100650" /* 447785016005 */
830 "00" /* dest */
831 /* SMS TPDU */
832 "4c" /* len */
833 "00" /* SMS deliver */
834 "05802443f2" /* originating address 42342 */
835 "00" /* TP-PID */
836 "00" /* GSM default alphabet */
837 "071010" /* Y-M-D (from wrapped gsm340_gen_scts())*/
838 "000000" /* H-M-S */
839 "00" /* GMT+0 */
840 "44" /* data length */
841 "5079da1e1ee7416937485e9ea7c965373d1d6683c270383b3d0e"
842 "d3d36ff71c949e83c22072799e9687c5ec32a81d96afcbf4b4fb"
843 "0c7ac3e9e9b7db05";
844
845 comment_start();
846
847 /* implicit: net->authentication_required = true; */
848 net->a5_encryption_mask = (1 << 1);
Neels Hofmeyr7814a832018-12-26 00:40:18 +0100[diff] [blame]849 rx_from_ran = OSMO_RAT_GERAN_A;
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]850
851 btw("Location Update request causes a GSUP Send Auth Info request to HLR");
852 lu_result_sent = RES_NONE;
853 gsup_expect_tx("080108" "09710000000156f0");
854 ms_sends_msg("0508" /* MM LU */
855 "7" /* ciph key seq: no key available */
856 "0" /* LU type: normal */
857 "ffffff" "0000" /* LAI, LAC */
858 "57" /* classmark 1: R99, early classmark, no power lvl */
859 "089910070000106005" /* IMSI */
860 "3303575886" /* classmark 2 */
861 );
862 OSMO_ASSERT(gsup_tx_confirmed);
863 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
864
865 btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends *UMTS AKA* Auth Req to MS");
866 /* based on
867 * 2G auth: COMP128v1
868 * KI=7bcd108be4c3d551ee6c67faaf52bd68
869 * 3G auth: MILENAGE
870 * K=7bcd108be4c3d551ee6c67faaf52bd68
871 * OPC=6e23f641ce724679b73d933515a8589d
872 * IND-bitlen=5 last-SQN=641
873 * Note that the SRES will be calculated by COMP128v1, separately from 3G tokens;
874 * the resulting Kc to use for ciphering returned by the HLR is also calculated from COMP128v1.
875 */
876 auth_request_sent = false;
877 auth_request_expect_rand = "4ac8d1cd1a51937597ca1016fe69a0fa";
878 auth_request_expect_autn = "2d837d2b0d6f00004b282d5acf23428d";
879 gsup_rx("0a"
880 /* imsi */
881 "0108" "09710000000156f0"
882 /* 5 auth vectors... */
883 /* TL TL rand */
884 "0362" "2010" "4ac8d1cd1a51937597ca1016fe69a0fa"
885 /* TL sres TL kc */
886 "2104" "dacc4b26" "2208" "7a75f0ac9b844400"
887 /* TL 3G IK */
888 "2310" "3747da4e31545baa2db59e500bdae047"
889 /* TL 3G CK */
890 "2410" "8544d35b945ccba01a7f1293575291c3"
891 /* TL AUTN */
892 "2510" "2d837d2b0d6f00004b282d5acf23428d"
893 /* TL RES */
894 "2708" "37527064741f8ddb"
895 /* TL TL rand */
896 "0362" "2010" "b2661531b97b12c5a2edc21a0ed16fc5"
897 "2104" "2fb4cfad" "2208" "da149b11d473f400"
898 "2310" "3fe013b1a428ea737c37f8f0288c8edf"
899 "2410" "f275438c02b97e4d6f639dddda3d10b9"
900 "2510" "78cdd96c60840000322f421b3bb778b1"
901 "2708" "ed3ebf9cb6ea48ed"
902 "0362" "2010" "54d8f19778056666b41c8c25e52eb60c"
903 "2104" "0ff61e0f" "2208" "26ec67fad3073000"
904 "2310" "2868b0922c652616f1c975e3eaf7943a"
905 "2410" "6a84a20b1bc13ec9840466406d2dd91e"
906 "2510" "53f3e5632b3d00008865dd54d49663f2"
907 "2708" "86e848a9e7ad8cd5"
908 "0362" "2010" "1f05607ff9c8984f46ad97f8c9a94982"
909 "2104" "91a36e3d" "2208" "5d84421884fdcc00"
910 "2310" "2171fef54b81e30c83a598a5e44f634c"
911 "2410" "f02d088697509827565b46938fece211"
912 "2510" "1b43bbf9815e00001cb9b2a9f6b8a77c"
913 "2708" "373e67d62e719c51"
914 "0362" "2010" "80d89a58a2a41050918caf68a4e93c64"
915 "2104" "a319f5f1" "2208" "883df2b867293000"
916 "2310" "fa5d70f929ff298efb160413698dc107"
917 "2410" "ae9a3d8ce70ce13bac297bdb91cd6c68"
918 "2510" "5c0dc2eeaefa0000396882a1fe2cf80b"
919 "2708" "65ab1cad216bfe87",
920 NULL);
921 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
922 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
923
924 btw("MS sends *GSM AKA* Authen Response, VLR accepts and sends Ciphering Mode Command to MS");
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]925 expect_cipher_mode_cmd("7a75f0ac9b844400");
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]926 ms_sends_msg("0554" "dacc4b26");
927 OSMO_ASSERT(cipher_mode_cmd_sent);
928 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
929
930 btw("MS sends Ciphering Mode Complete, VLR accepts and sends GSUP LU Req to HLR");
Neels Hofmeyrd0756b12018-09-28 02:41:39 +0200[diff] [blame]931 gsup_expect_tx("04010809710000000156f0280102");
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]932 ms_sends_msg("0632");
933 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
934
935 btw("HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT");
936 gsup_rx("10010809710000000156f00804032443f2",
937 "12010809710000000156f0");
938 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
939
940 btw("HLR also sends GSUP _UPDATE_LOCATION_RESULT");
941 expect_bssap_clear();
942 gsup_rx("06010809710000000156f0", NULL);
943 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
944
945 btw("LU was successful, and the conn has already been closed");
946 VERBOSE_ASSERT(lu_result_sent, == RES_ACCEPT, "%d");
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]947 bss_sends_clear_complete();
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]948 EXPECT_CONN_COUNT(0);
949
950 BTW("after a while, a new conn sends a CM Service Request. VLR responds with *UMTS AKA* Auth Req, 2nd auth vector");
951 auth_request_sent = false;
952 auth_request_expect_rand = "b2661531b97b12c5a2edc21a0ed16fc5";
953 auth_request_expect_autn = "78cdd96c60840000322f421b3bb778b1";
954 cm_service_result_sent = RES_NONE;
955 ms_sends_msg("052478"
956 "03575886" /* classmark 2 */
957 "089910070000106005" /* IMSI */);
958 OSMO_ASSERT(g_conn);
Neels Hofmeyr4d3a66b2018-03-31 18:45:59 +0200[diff] [blame]959 OSMO_ASSERT(g_conn->fi);
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]960 OSMO_ASSERT(g_conn->vsub);
961 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
962 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
963
964 btw("needs auth, not yet accepted");
965 EXPECT_ACCEPTED(false);
966 thwart_rx_non_initial_requests();
967
968 btw("MS sends *GSM AKA* Authen Response, VLR accepts and requests Ciphering");
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]969 expect_cipher_mode_cmd("da149b11d473f400");
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]970 ms_sends_msg("0554" "2fb4cfad");
971 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
972 VERBOSE_ASSERT(cipher_mode_cmd_sent, == true, "%d");
973
974 btw("MS sends Ciphering Mode Complete, VLR accepts; above Ciphering is an implicit CM Service Accept");
975 ms_sends_msg("0632");
976 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
977
Vadim Yanitskiy27605852018-06-15 23:57:30 +0700[diff] [blame]978 /* Release connection */
Neels Hofmeyr7814a832018-12-26 00:40:18 +0100[diff] [blame]979 expect_bssap_clear(OSMO_RAT_GERAN_A);
980 conn_conclude_cm_service_req(g_conn, OSMO_RAT_GERAN_A);
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]981
982 btw("all requests serviced, conn has been released");
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]983 bss_sends_clear_complete();
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]984 EXPECT_CONN_COUNT(0);
985
986 BTW("an SMS is sent, MS is paged");
987 paging_expect_imsi(imsi);
988 paging_sent = false;
989 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
990 OSMO_ASSERT(vsub);
991 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 0, "%d");
992
993 send_sms(vsub, vsub,
994 "Privacy in residential applications is a desirable"
995 " marketing option.");
996
997 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 1, "%d");
998 vlr_subscr_put(vsub);
999 vsub = NULL;
1000 VERBOSE_ASSERT(paging_sent, == true, "%d");
1001 VERBOSE_ASSERT(paging_stopped, == false, "%d");
1002
1003 btw("the subscriber and its pending request should remain");
1004 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
1005 OSMO_ASSERT(vsub);
1006 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 1, "%d");
1007 vlr_subscr_put(vsub);
1008
1009 btw("MS replies with Paging Response, and VLR sends *UMTS AKA* Auth Request with third key");
1010 auth_request_sent = false;
1011 auth_request_expect_rand = "54d8f19778056666b41c8c25e52eb60c";
1012 auth_request_expect_autn = "53f3e5632b3d00008865dd54d49663f2";
1013 ms_sends_msg("062707"
1014 "03575886" /* classmark 2 */
1015 "089910070000106005" /* IMSI */);
1016 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
1017
1018 btw("needs auth, not yet accepted");
1019 EXPECT_ACCEPTED(false);
1020 thwart_rx_non_initial_requests();
1021
1022 btw("MS sends *GSM AKA* Authen Response, VLR accepts and requests Ciphering");
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]1023 expect_cipher_mode_cmd("26ec67fad3073000");
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]1024 ms_sends_msg("0554" "0ff61e0f");
1025 VERBOSE_ASSERT(cipher_mode_cmd_sent, == true, "%d");
1026
1027 btw("MS sends Ciphering Mode Complete, VLR accepts and sends pending SMS");
1028 dtap_expect_tx(sms);
1029 ms_sends_msg("0632");
1030 VERBOSE_ASSERT(dtap_tx_confirmed, == true, "%d");
1031 VERBOSE_ASSERT(paging_stopped, == true, "%d");
1032
1033 btw("SMS was delivered, no requests pending for subscr");
1034 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
1035 OSMO_ASSERT(vsub);
1036 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 0, "%d");
1037 vlr_subscr_put(vsub);
1038
1039 btw("conn is still open to wait for SMS ack dance");
1040 EXPECT_CONN_COUNT(1);
1041
1042 btw("MS replies with CP-ACK for received SMS");
1043 ms_sends_msg("8904");
1044 EXPECT_CONN_COUNT(1);
1045
1046 btw("MS also sends RP-ACK, MSC in turn sends CP-ACK for that");
1047 dtap_expect_tx("0904");
1048 expect_bssap_clear();
1049 ms_sends_msg("890106020041020000");
1050 VERBOSE_ASSERT(dtap_tx_confirmed, == true, "%d");
1051 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
1052
1053 btw("SMS is done, conn is gone");
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]1054 bss_sends_clear_complete();
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]1055 EXPECT_CONN_COUNT(0);
1056
1057 BTW("subscriber detaches");
1058 expect_bssap_clear();
1059 ms_sends_msg("050130"
1060 "089910070000106005" /* IMSI */);
1061 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
1062
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]1063 bss_sends_clear_complete();
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]1064 EXPECT_CONN_COUNT(0);
1065 clear_vlr();
1066 comment_end();
1067}
1068
Neels Hofmeyr3117b702018-09-13 03:23:07 +0200[diff] [blame]1069static void test_a5_3_supported()
Neels Hofmeyra7fd88c2018-03-02 01:50:42 +0100[diff] [blame]1070{
Neels Hofmeyr3117b702018-09-13 03:23:07 +0200[diff] [blame]1071 struct vlr_subscr *vsub;
1072 const char *imsi = "901700000004620";
1073
Neels Hofmeyra7fd88c2018-03-02 01:50:42 +0100[diff] [blame]1074 comment_start();
1075
1076 /* implicit: net->authentication_required = true; */
1077 net->a5_encryption_mask = (1 << 3); /* A5/3 */
1078
1079 btw("Location Update request causes a GSUP Send Auth Info request to HLR");
1080 lu_result_sent = RES_NONE;
1081 gsup_expect_tx("08010809710000004026f0");
1082 ms_sends_msg("050802008168000130089910070000006402");
1083 OSMO_ASSERT(gsup_tx_confirmed);
1084 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
1085
1086 btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS");
1087 /* Based on a Ki of 000102030405060708090a0b0c0d0e0f */
1088 auth_request_sent = false;
1089 auth_request_expect_rand = "585df1ae287f6e273dce07090d61320b";
1090 auth_request_expect_autn = NULL;
1091 gsup_rx("0a"
1092 /* imsi */
1093 "0108" "09710000004026f0"
1094 /* 5 auth vectors... */
1095 /* TL TL rand */
1096 "0322" "2010" "585df1ae287f6e273dce07090d61320b"
1097 /* TL sres TL kc */
1098 "2104" "2d8b2c3e" "2208" "61855fb81fc2a800"
1099 "0322" "2010" "12aca96fb4ffdea5c985cbafa9b6e18b"
1100 "2104" "20bde240" "2208" "07fa7502e07e1c00"
1101 "0322" "2010" "e7c03ba7cf0e2fde82b2dc4d63077d42"
1102 "2104" "a29514ae" "2208" "e2b234f807886400"
1103 "0322" "2010" "fa8f20b781b5881329d4fea26b1a3c51"
1104 "2104" "5afc8d72" "2208" "2392f14f709ae000"
1105 "0322" "2010" "0fd4cc8dbe8715d1f439e304edfd68dc"
1106 "2104" "bc8d1c5b" "2208" "da7cdd6bfe2d7000",
1107 NULL);
1108 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
1109 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
1110
1111 BTW("MS sends Authen Response, VLR accepts and wants to send Ciphering Mode Command to MS"
Neels Hofmeyr3117b702018-09-13 03:23:07 +0200[diff] [blame]1112 " -- but needs Classmark 2 to determine whether A5/3 is supported");
Neels Hofmeyra7fd88c2018-03-02 01:50:42 +0100[diff] [blame]1113 cipher_mode_cmd_sent = false;
Neels Hofmeyra7fd88c2018-03-02 01:50:42 +0100[diff] [blame]1114 ms_sends_msg("05542d8b2c3e");
1115 OSMO_ASSERT(!cipher_mode_cmd_sent);
Neels Hofmeyr3117b702018-09-13 03:23:07 +0200[diff] [blame]1116 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
1117
1118 btw("BSC sends back a BSSMAP Classmark Update, that triggers the Ciphering Mode Command in A5/3");
1119 expect_cipher_mode_cmd("61855fb81fc2a800");
1120 bss_sends_bssap_mgmt("541203505886130b6014042f6503b8800d2100");
1121 OSMO_ASSERT(cipher_mode_cmd_sent);
1122 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
1123
1124 btw("MS sends Ciphering Mode Complete, VLR accepts and sends GSUP LU Req to HLR");
Neels Hofmeyrd0756b12018-09-28 02:41:39 +0200[diff] [blame]1125 gsup_expect_tx("04010809710000004026f0280102");
Neels Hofmeyr3117b702018-09-13 03:23:07 +0200[diff] [blame]1126 ms_sends_msg("0632");
1127 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
1128
1129 btw("HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT");
1130 gsup_rx("10010809710000004026f00804032443f2",
1131 "12010809710000004026f0");
1132 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
1133
1134 btw("HLR also sends GSUP _UPDATE_LOCATION_RESULT");
1135 expect_bssap_clear();
1136 gsup_rx("06010809710000004026f0", NULL);
1137 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
1138
1139 btw("LU was successful, and the conn has already been closed");
1140 VERBOSE_ASSERT(lu_result_sent, == RES_ACCEPT, "%d");
1141 bss_sends_clear_complete();
1142 EXPECT_CONN_COUNT(0);
1143
1144 BTW("after a while, a new conn sends a CM Service Request. VLR responds with Auth Req, 2nd auth vector");
1145 cm_service_result_sent = RES_NONE;
1146 auth_request_sent = false;
1147 auth_request_expect_rand = "12aca96fb4ffdea5c985cbafa9b6e18b";
1148 ms_sends_msg("05247803305886089910070000006402");
1149 OSMO_ASSERT(g_conn);
1150 OSMO_ASSERT(g_conn->fi);
1151 OSMO_ASSERT(g_conn->vsub);
1152 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
1153 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
1154
1155 btw("needs auth, not yet accepted");
1156 EXPECT_ACCEPTED(false);
1157 thwart_rx_non_initial_requests();
1158
1159 btw("MS sends Authen Response, VLR accepts and requests Ciphering. We already know Classmark 3,"
1160 " so no need to request Classmark Update.");
1161 expect_cipher_mode_cmd("07fa7502e07e1c00");
1162 ms_sends_msg("0554" "20bde240" /* 2nd vector's sres, s.a. */);
1163 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
1164 VERBOSE_ASSERT(cipher_mode_cmd_sent, == true, "%d");
1165
1166 btw("needs ciph, not yet accepted");
1167 EXPECT_ACCEPTED(false);
1168 thwart_rx_non_initial_requests();
1169
1170 btw("MS sends Ciphering Mode Complete, VLR accepts; above Ciphering is an implicit CM Service Accept");
1171 ms_sends_msg("0632");
1172 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
1173
1174 /* Release connection */
Neels Hofmeyr7814a832018-12-26 00:40:18 +0100[diff] [blame]1175 expect_bssap_clear(OSMO_RAT_GERAN_A);
1176 conn_conclude_cm_service_req(g_conn, OSMO_RAT_GERAN_A);
Neels Hofmeyr3117b702018-09-13 03:23:07 +0200[diff] [blame]1177
1178 btw("all requests serviced, conn has been released");
1179 bss_sends_clear_complete();
1180 EXPECT_CONN_COUNT(0);
1181
1182 BTW("an SMS is sent, MS is paged");
1183 paging_expect_imsi(imsi);
1184 paging_sent = false;
1185 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
1186 OSMO_ASSERT(vsub);
1187 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 0, "%d");
1188
1189 send_sms(vsub, vsub,
1190 "Privacy in residential applications is a desirable"
1191 " marketing option.");
1192
1193 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 1, "%d");
1194 vlr_subscr_put(vsub);
1195 vsub = NULL;
1196 VERBOSE_ASSERT(paging_sent, == true, "%d");
1197 VERBOSE_ASSERT(paging_stopped, == false, "%d");
1198
1199 btw("the subscriber and its pending request should remain");
1200 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
1201 OSMO_ASSERT(vsub);
1202 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 1, "%d");
1203 vlr_subscr_put(vsub);
1204
1205 btw("MS replies with Paging Response, and VLR sends Auth Request with third key");
1206 auth_request_sent = false;
1207 auth_request_expect_rand = "e7c03ba7cf0e2fde82b2dc4d63077d42";
1208 ms_sends_msg("06270703305882089910070000006402");
1209 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
1210
1211 btw("needs auth, not yet accepted");
1212 EXPECT_ACCEPTED(false);
1213 thwart_rx_non_initial_requests();
1214
1215 btw("MS sends Authen Response, VLR accepts and requests Ciphering");
1216 expect_cipher_mode_cmd("e2b234f807886400");
1217 ms_sends_msg("0554" "a29514ae" /* 3rd vector's sres, s.a. */);
1218 VERBOSE_ASSERT(cipher_mode_cmd_sent, == true, "%d");
1219
1220 btw("needs ciph, not yet accepted");
1221 EXPECT_ACCEPTED(false);
1222 thwart_rx_non_initial_requests();
1223
1224 btw("MS sends Ciphering Mode Complete, VLR accepts and sends pending SMS");
1225 dtap_expect_tx("09" /* SMS messages */
1226 "01" /* CP-DATA */
1227 "58" /* length */
1228 "01" /* Network to MS */
1229 "00" /* reference */
1230 /* originator (gsm411_send_sms() hardcodes this weird nr) */
1231 "0791" "447758100650" /* 447785016005 */
1232 "00" /* dest */
1233 /* SMS TPDU */
1234 "4c" /* len */
1235 "00" /* SMS deliver */
1236 "05802443f2" /* originating address 42342 */
1237 "00" /* TP-PID */
1238 "00" /* GSM default alphabet */
1239 "071010" /* Y-M-D (from wrapped gsm340_gen_scts())*/
1240 "000000" /* H-M-S */
1241 "00" /* GMT+0 */
1242 "44" /* data length */
1243 "5079da1e1ee7416937485e9ea7c965373d1d6683c270383b3d0e"
1244 "d3d36ff71c949e83c22072799e9687c5ec32a81d96afcbf4b4fb"
1245 "0c7ac3e9e9b7db05");
1246 ms_sends_msg("0632");
1247 VERBOSE_ASSERT(dtap_tx_confirmed, == true, "%d");
1248 VERBOSE_ASSERT(paging_stopped, == true, "%d");
1249
1250 btw("SMS was delivered, no requests pending for subscr");
1251 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
1252 OSMO_ASSERT(vsub);
1253 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 0, "%d");
1254 vlr_subscr_put(vsub);
1255
1256 btw("conn is still open to wait for SMS ack dance");
1257 EXPECT_CONN_COUNT(1);
1258
1259 btw("MS replies with CP-ACK for received SMS");
1260 ms_sends_msg("8904");
1261 EXPECT_CONN_COUNT(1);
1262
1263 btw("MS also sends RP-ACK, MSC in turn sends CP-ACK for that");
1264 dtap_expect_tx("0904");
1265 expect_bssap_clear();
1266 ms_sends_msg("890106020041020000");
1267 VERBOSE_ASSERT(dtap_tx_confirmed, == true, "%d");
1268 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
1269
1270 btw("SMS is done, conn is gone");
1271 bss_sends_clear_complete();
1272 EXPECT_CONN_COUNT(0);
1273
1274 BTW("subscriber detaches");
1275 expect_bssap_clear();
1276 ms_sends_msg("050130089910070000006402");
1277 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
1278
1279 bss_sends_clear_complete();
1280 EXPECT_CONN_COUNT(0);
1281 clear_vlr();
1282 comment_end();
1283}
1284
1285/* During CM Service Request or Paging Response we already have Classmark 2 that indicates A5/3
1286 * availablity. Here, in a hacky way remove the knowledge of Classmark 2 to tickle a code path where
1287 * proc_arq_fsm needs a Classmark Update during Ciphering. Shouldn't happen in reality though. */
1288static void test_cm_service_needs_classmark_update()
1289{
1290 struct vlr_subscr *vsub;
1291 const char *imsi = "901700000004620";
1292
1293 comment_start();
1294
1295 /* A5/3 support is indicated in Classmark 3. By configuring A5/3, trigger the code paths that
1296 * send a Classmark Request. */
1297 net->a5_encryption_mask = (1 << 3); /* A5/3 */
1298 /* implicit: net->authentication_required = true; */
1299
1300 btw("Location Update request causes a GSUP Send Auth Info request to HLR");
1301 lu_result_sent = RES_NONE;
1302 gsup_expect_tx("08010809710000004026f0");
1303 ms_sends_msg("050802008168000130089910070000006402");
1304 OSMO_ASSERT(gsup_tx_confirmed);
1305 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
1306
1307 btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS");
1308 /* Based on a Ki of 000102030405060708090a0b0c0d0e0f */
1309 auth_request_sent = false;
1310 auth_request_expect_rand = "585df1ae287f6e273dce07090d61320b";
1311 auth_request_expect_autn = NULL;
1312 gsup_rx("0a"
1313 /* imsi */
1314 "0108" "09710000004026f0"
1315 /* 5 auth vectors... */
1316 /* TL TL rand */
1317 "0322" "2010" "585df1ae287f6e273dce07090d61320b"
1318 /* TL sres TL kc */
1319 "2104" "2d8b2c3e" "2208" "61855fb81fc2a800"
1320 "0322" "2010" "12aca96fb4ffdea5c985cbafa9b6e18b"
1321 "2104" "20bde240" "2208" "07fa7502e07e1c00"
1322 "0322" "2010" "e7c03ba7cf0e2fde82b2dc4d63077d42"
1323 "2104" "a29514ae" "2208" "e2b234f807886400"
1324 "0322" "2010" "fa8f20b781b5881329d4fea26b1a3c51"
1325 "2104" "5afc8d72" "2208" "2392f14f709ae000"
1326 "0322" "2010" "0fd4cc8dbe8715d1f439e304edfd68dc"
1327 "2104" "bc8d1c5b" "2208" "da7cdd6bfe2d7000",
1328 NULL);
1329 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
1330 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
1331
1332 BTW("MS sends Authen Response, VLR accepts and wants to send Ciphering Mode Command to MS"
1333 " -- but needs Classmark 2 to determine whether A5/3 is supported");
1334 cipher_mode_cmd_sent = false;
1335 ms_sends_msg("05542d8b2c3e");
1336 OSMO_ASSERT(!cipher_mode_cmd_sent);
1337 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
1338
1339 btw("BSC sends back a BSSMAP Classmark Update, that triggers the Ciphering Mode Command in A5/3");
1340 expect_cipher_mode_cmd("61855fb81fc2a800");
1341 bss_sends_bssap_mgmt("541203505886130b6014042f6503b8800d2100");
1342 OSMO_ASSERT(cipher_mode_cmd_sent);
1343 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
1344
1345 btw("MS sends Ciphering Mode Complete, VLR accepts and sends GSUP LU Req to HLR");
Neels Hofmeyrd0756b12018-09-28 02:41:39 +0200[diff] [blame]1346 gsup_expect_tx("04010809710000004026f0280102");
Neels Hofmeyr3117b702018-09-13 03:23:07 +0200[diff] [blame]1347 ms_sends_msg("0632");
1348 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
1349
1350 btw("HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT");
1351 gsup_rx("10010809710000004026f00804032443f2",
1352 "12010809710000004026f0");
1353 VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d");
1354
1355 btw("HLR also sends GSUP _UPDATE_LOCATION_RESULT");
1356 expect_bssap_clear();
1357 gsup_rx("06010809710000004026f0", NULL);
1358 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
1359
1360 btw("LU was successful, and the conn has already been closed");
1361 VERBOSE_ASSERT(lu_result_sent, == RES_ACCEPT, "%d");
1362 bss_sends_clear_complete();
1363 EXPECT_CONN_COUNT(0);
1364
1365
1366 BTW("after a while, a new conn sends a CM Service Request. VLR responds with Auth Req, 2nd auth vector");
1367 cm_service_result_sent = RES_NONE;
1368 auth_request_sent = false;
1369 auth_request_expect_rand = "12aca96fb4ffdea5c985cbafa9b6e18b";
1370 ms_sends_msg("05247803305886089910070000006402");
1371 OSMO_ASSERT(g_conn);
1372 OSMO_ASSERT(g_conn->fi);
1373 OSMO_ASSERT(g_conn->vsub);
1374 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
1375 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
1376
1377 btw("needs auth, not yet accepted");
1378 EXPECT_ACCEPTED(false);
1379 thwart_rx_non_initial_requests();
1380
1381 btw("MS sends Authen Response, VLR accepts and requests Ciphering. We already know Classmark 3,"
1382 " so no need to request Classmark Update.");
1383 expect_cipher_mode_cmd("07fa7502e07e1c00");
1384 ms_sends_msg("0554" "20bde240" /* 2nd vector's sres, s.a. */);
1385 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
1386 VERBOSE_ASSERT(cipher_mode_cmd_sent, == true, "%d");
1387
1388 btw("needs ciph, not yet accepted");
1389 EXPECT_ACCEPTED(false);
1390 thwart_rx_non_initial_requests();
1391
1392 btw("MS sends Ciphering Mode Complete, VLR accepts; above Ciphering is an implicit CM Service Accept");
1393 ms_sends_msg("0632");
1394 VERBOSE_ASSERT(cm_service_result_sent, == RES_NONE, "%d");
1395
1396 /* Release connection */
Neels Hofmeyr7814a832018-12-26 00:40:18 +0100[diff] [blame]1397 expect_bssap_clear(OSMO_RAT_GERAN_A);
1398 conn_conclude_cm_service_req(g_conn, OSMO_RAT_GERAN_A);
Neels Hofmeyr3117b702018-09-13 03:23:07 +0200[diff] [blame]1399
1400 btw("all requests serviced, conn has been released");
1401 bss_sends_clear_complete();
1402 EXPECT_CONN_COUNT(0);
1403
1404 BTW("an SMS is sent, MS is paged");
1405 paging_expect_imsi(imsi);
1406 paging_sent = false;
1407 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
1408 OSMO_ASSERT(vsub);
1409 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 0, "%d");
1410
1411 send_sms(vsub, vsub, "Privacy in residential applications is a desirable marketing option.");
1412
1413 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 1, "%d");
1414 vlr_subscr_put(vsub);
1415 vsub = NULL;
1416 VERBOSE_ASSERT(paging_sent, == true, "%d");
1417 VERBOSE_ASSERT(paging_stopped, == false, "%d");
1418
1419 btw("the subscriber and its pending request should remain");
1420 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
1421 OSMO_ASSERT(vsub);
1422 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 1, "%d");
1423 vlr_subscr_put(vsub);
1424
1425 btw("MS replies with Paging Response, and VLR sends Auth Request with third key");
1426 auth_request_sent = false;
1427 auth_request_expect_rand = "e7c03ba7cf0e2fde82b2dc4d63077d42";
1428 ms_sends_msg("06270703305882089910070000006402");
1429 VERBOSE_ASSERT(auth_request_sent, == true, "%d");
1430
1431 BTW("Fake a situation where Classmark 2 is unknown during proc_arq_fsm");
1432 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
1433 OSMO_ASSERT(vsub);
1434 vsub->classmark.classmark2_len = 0;
1435 vsub->classmark.classmark3_len = 0;
1436 vlr_subscr_put(vsub);
1437
1438
1439 btw("MS sends Authen Response, VLR accepts and requests Ciphering");
1440 btw("MS sends Authen Response, VLR accepts and requests Ciphering."
1441 " Normally, we'd know Classmark 3, but this test removed it."
1442 " Hence a Classmark Request is generated.");
1443 cipher_mode_cmd_sent = false;
1444 ms_sends_msg("0554" "a29514ae" /* 3rd vector's sres, s.a. */);
1445 OSMO_ASSERT(!cipher_mode_cmd_sent);
1446
1447 btw("BSC sends back a BSSMAP Classmark Update, that triggers the Ciphering Mode Command in A5/3");
1448 expect_cipher_mode_cmd("e2b234f807886400");
1449 bss_sends_bssap_mgmt("541203505886130b6014042f6503b8800d2100");
1450 OSMO_ASSERT(cipher_mode_cmd_sent);
1451
1452 btw("needs ciph, not yet accepted");
1453 EXPECT_ACCEPTED(false);
1454
1455 btw("MS sends Ciphering Mode Complete, VLR accepts and sends pending SMS");
1456 dtap_expect_tx("09" /* SMS messages */
1457 "01" /* CP-DATA */
1458 "58" /* length */
1459 "01" /* Network to MS */
1460 "00" /* reference */
1461 /* originator (gsm411_send_sms() hardcodes this weird nr) */
1462 "0791" "447758100650" /* 447785016005 */
1463 "00" /* dest */
1464 /* SMS TPDU */
1465 "4c" /* len */
1466 "00" /* SMS deliver */
1467 "05802443f2" /* originating address 42342 */
1468 "00" /* TP-PID */
1469 "00" /* GSM default alphabet */
1470 "071010" /* Y-M-D (from wrapped gsm340_gen_scts())*/
1471 "000000" /* H-M-S */
1472 "00" /* GMT+0 */
1473 "44" /* data length */
1474 "5079da1e1ee7416937485e9ea7c965373d1d6683c270383b3d0e"
1475 "d3d36ff71c949e83c22072799e9687c5ec32a81d96afcbf4b4fb"
1476 "0c7ac3e9e9b7db05");
1477 ms_sends_msg("0632");
1478 VERBOSE_ASSERT(dtap_tx_confirmed, == true, "%d");
1479 VERBOSE_ASSERT(paging_stopped, == true, "%d");
1480
1481 btw("SMS was delivered, no requests pending for subscr");
1482 vsub = vlr_subscr_find_by_imsi(net->vlr, imsi);
1483 OSMO_ASSERT(vsub);
1484 VERBOSE_ASSERT(llist_count(&vsub->cs.requests), == 0, "%d");
1485 vlr_subscr_put(vsub);
1486
1487 btw("conn is still open to wait for SMS ack dance");
1488 EXPECT_CONN_COUNT(1);
1489
1490 btw("MS replies with CP-ACK for received SMS");
1491 ms_sends_msg("8904");
1492 EXPECT_CONN_COUNT(1);
1493
1494 btw("MS also sends RP-ACK, MSC in turn sends CP-ACK for that");
1495 dtap_expect_tx("0904");
1496 expect_bssap_clear();
1497 ms_sends_msg("890106020041020000");
1498 VERBOSE_ASSERT(dtap_tx_confirmed, == true, "%d");
1499 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
1500
1501 btw("SMS is done, conn is gone");
1502 bss_sends_clear_complete();
1503 EXPECT_CONN_COUNT(0);
1504
1505 BTW("subscriber detaches");
1506 expect_bssap_clear();
1507 ms_sends_msg("050130089910070000006402");
1508 VERBOSE_ASSERT(bssap_clear_sent, == true, "%d");
Neels Hofmeyra7fd88c2018-03-02 01:50:42 +0100[diff] [blame]1509
Neels Hofmeyr4068ab22018-04-01 20:55:54 +0200[diff] [blame]1510 bss_sends_clear_complete();
Neels Hofmeyra7fd88c2018-03-02 01:50:42 +0100[diff] [blame]1511 EXPECT_CONN_COUNT(0);
1512 clear_vlr();
1513 comment_end();
1514}
1515
1516
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]1517msc_vlr_test_func_t msc_vlr_tests[] = {
1518 test_ciph,
1519 test_ciph_tmsi,
1520 test_ciph_imei,
1521 test_ciph_imeisv,
1522 test_ciph_tmsi_imei,
Neels Hofmeyrcac6e892018-03-10 02:05:44 +0100[diff] [blame]1523 test_gsm_ciph_in_umts_env,
Neels Hofmeyr3117b702018-09-13 03:23:07 +0200[diff] [blame]1524 test_a5_3_supported,
1525 test_cm_service_needs_classmark_update,
Neels Hofmeyr6a29d322017-01-25 15:04:16 +0100[diff] [blame]1526 NULL
1527};