summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHarald Welte <laforge@gnumonks.org>2011-12-06 21:53:42 +0100
committerHarald Welte <laforge@gnumonks.org>2011-12-06 21:53:42 +0100
commitd82e0eb697abab4eb994800ab649bc36cca99a83 (patch)
tree408400bb23b0fef7a7597952b6d64c057c8ecc96
parent39a287db7497180ffaf24c5d0de91a15e0fa0d5a (diff)
Add a generic abstraction for GSM/3G authentication algorithms
Indiidual algorithms can be implemented as plugins. libosmogsm itself only provides COMP128v1 via this generic interface.
-rw-r--r--include/osmocom/crypt/Makefile.am2
-rw-r--r--include/osmocom/crypt/auth.h87
-rw-r--r--src/gsm/Makefile.am2
-rw-r--r--src/gsm/auth_comp128v1.c47
-rw-r--r--src/gsm/auth_core.c93
5 files changed, 229 insertions, 2 deletions
diff --git a/include/osmocom/crypt/Makefile.am b/include/osmocom/crypt/Makefile.am
index 7ce69fdd..e4a6e538 100644
--- a/include/osmocom/crypt/Makefile.am
+++ b/include/osmocom/crypt/Makefile.am
@@ -1,3 +1,3 @@
-osmocrypt_HEADERS = gprs_cipher.h
+osmocrypt_HEADERS = gprs_cipher.h auth.h
osmocryptdir = $(includedir)/osmocom/crypt
diff --git a/include/osmocom/crypt/auth.h b/include/osmocom/crypt/auth.h
new file mode 100644
index 00000000..12690f84
--- /dev/null
+++ b/include/osmocom/crypt/auth.h
@@ -0,0 +1,87 @@
+#ifndef _OSMOCRYPTO_AUTH_H
+#define _OSMOCRYPTO_AUTH_H
+
+#include <stdint.h>
+
+#include <osmocom/core/linuxlist.h>
+
+/*! \brief Authentication Type */
+enum osmo_sub_auth_type {
+ OSMO_AUTH_TYPE_NONE = 0x00,
+ OSMO_AUTH_TYPE_GSM = 0x01,
+ OSMO_AUTH_TYPE_UMTS = 0x02,
+};
+
+/*! \brief Authentication Algorithm */
+enum osmo_auth_algo {
+ OSMO_AUTH_ALG_NONE,
+ OSMO_AUTH_ALG_COMP128v1,
+ OSMO_AUTH_ALG_COMP128v2,
+ OSMO_AUTH_ALG_COMP128v3,
+ OSMO_AUTH_ALG_XOR,
+ OSMO_AUTH_ALG_MILENAGE,
+ _OSMO_AUTH_ALG_NUM,
+};
+
+/*! \brief permanent (secret) subscriber auth data */
+struct osmo_sub_auth_data {
+ enum osmo_sub_auth_type type;
+ enum osmo_auth_algo algo;
+ union {
+ struct {
+ uint8_t opc[16];
+ uint8_t k[16];
+ uint8_t amf[2];
+ uint64_t sqn;
+ } umts;
+ struct {
+ uint8_t ki[16];
+ } gsm;
+ };
+};
+
+/* data structure describing a computed auth vector, generated by AuC */
+struct osmo_auth_vector {
+ uint8_t rand[16];
+ uint8_t autn[16];
+ uint8_t ck[16];
+ uint8_t ik[16];
+ uint8_t res[16];
+ uint8_t res_len;
+ uint8_t kc[8];
+ uint8_t sres[4];
+ uint32_t auth_types; /*!< bitmask of OSMO_AUTH_TYPE_* */
+};
+
+/* \brief An implementation of an authentication algorithm */
+struct osmo_auth_impl {
+ struct llist_head list;
+ enum osmo_auth_algo algo;
+ const char *name;
+ unsigned int priority;
+
+ int (*gen_vec)(struct osmo_auth_vector *vec,
+ struct osmo_sub_auth_data *aud,
+ const uint8_t *_rand);
+
+ int (*gen_vec_auts)(struct osmo_auth_vector *vec,
+ struct osmo_sub_auth_data *aud,
+ const uint8_t *rand_auts, const uint8_t *auts,
+ const uint8_t *_rand);
+};
+
+int osmo_auth_gen_vec(struct osmo_auth_vector *vec,
+ struct osmo_sub_auth_data *aud, const uint8_t *_rand);
+
+int osmo_auth_gen_vec_auts(struct osmo_auth_vector *vec,
+ struct osmo_sub_auth_data *aud,
+ const uint8_t *rand_auts, const uint8_t *auts,
+ const uint8_t *_rand);
+
+int osmo_auth_register(struct osmo_auth_impl *impl);
+
+int osmo_auth_load(const char *path);
+
+int osmo_auth_supported(enum osmo_auth_algo algo);
+
+#endif /* _OSMOCRYPTO_AUTH_H */
diff --git a/src/gsm/Makefile.am b/src/gsm/Makefile.am
index 2fa6b4dd..ec05148d 100644
--- a/src/gsm/Makefile.am
+++ b/src/gsm/Makefile.am
@@ -11,7 +11,7 @@ libosmogsm_la_SOURCES = a5.c rxlev_stat.c tlv_parser.c comp128.c gsm_utils.c \
rsl.c gsm48.c gsm48_ie.c gsm0808.c sysinfo.c \
gprs_cipher_core.c gsm0480.c abis_nm.c gsm0502.c \
gsm0411_utils.c gsm0411_smc.c gsm0411_smr.c \
- lapd_core.c lapdm.c
+ lapd_core.c lapdm.c auth_core.c auth_comp128v1.c
libosmogsm_la_LDFLAGS = -version-info $(LIBVERSION)
libosmogsm_la_LIBADD = $(top_builddir)/src/libosmocore.la
diff --git a/src/gsm/auth_comp128v1.c b/src/gsm/auth_comp128v1.c
new file mode 100644
index 00000000..2e1ad2c9
--- /dev/null
+++ b/src/gsm/auth_comp128v1.c
@@ -0,0 +1,47 @@
+
+/* GSM/GPRS/3G authentication core infrastructure */
+
+/* (C) 2010-2011 by Harald Welte <laforge@gnumonks.org>
+ *
+ * All Rights Reserved
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#include <osmocom/crypt/auth.h>
+#include <osmocom/gsm/comp128.h>
+
+static int c128v1_gen_vec(struct osmo_auth_vector *vec,
+ struct osmo_sub_auth_data *aud,
+ const uint8_t *_rand)
+{
+ comp128(aud->gsm.ki, _rand, vec->sres, vec->kc);
+ vec->auth_types = OSMO_AUTH_TYPE_GSM;
+
+ return 0;
+}
+
+static struct osmo_auth_impl c128v1_alg = {
+ .algo = OSMO_AUTH_ALG_COMP128v1,
+ .name = "COMP128v1 (libosmogsm built-in)",
+ .priority = 1000,
+ .gen_vec = &c128v1_gen_vec,
+};
+
+static __attribute__((constructor)) void on_dso_load_c128(void)
+{
+ osmo_auth_register(&c128v1_alg);
+}
diff --git a/src/gsm/auth_core.c b/src/gsm/auth_core.c
new file mode 100644
index 00000000..78121bf7
--- /dev/null
+++ b/src/gsm/auth_core.c
@@ -0,0 +1,93 @@
+/* GSM/GPRS/3G authentication core infrastructure */
+
+/* (C) 2010-2011 by Harald Welte <laforge@gnumonks.org>
+ *
+ * All Rights Reserved
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#include <errno.h>
+#include <stdint.h>
+
+#include <osmocom/core/utils.h>
+#include <osmocom/core/linuxlist.h>
+#include <osmocom/core/plugin.h>
+
+#include <osmocom/crypt/auth.h>
+
+static LLIST_HEAD(osmo_auths);
+
+static struct osmo_auth_impl *selected_auths[_OSMO_AUTH_ALG_NUM];
+
+/* register a cipher with the core */
+int osmo_auth_register(struct osmo_auth_impl *impl)
+{
+ if (impl->algo >= ARRAY_SIZE(selected_auths))
+ return -ERANGE;
+
+ llist_add_tail(&impl->list, &osmo_auths);
+
+ /* check if we want to select this implementation over others */
+ if (!selected_auths[impl->algo] ||
+ (selected_auths[impl->algo]->priority > impl->priority))
+ selected_auths[impl->algo] = impl;
+
+ return 0;
+}
+
+/* load all available GPRS cipher plugins */
+int osmo_auth_load(const char *path)
+{
+ /* load all plugins available from path */
+ return osmo_plugin_load_all(path);
+}
+
+int osmo_auth_supported(enum osmo_auth_algo algo)
+{
+ if (algo >= ARRAY_SIZE(selected_auths))
+ return -ERANGE;
+
+ if (selected_auths[algo])
+ return 1;
+
+ return 0;
+}
+
+int osmo_auth_gen_vec(struct osmo_auth_vector *vec,
+ struct osmo_sub_auth_data *aud,
+ const uint8_t *_rand)
+{
+ struct osmo_auth_impl *impl = selected_auths[aud->type];
+
+ if (!impl)
+ return -ENOENT;
+
+ return impl->gen_vec(vec, aud, _rand);
+}
+
+int osmo_auth_gen_vec_auts(struct osmo_auth_vector *vec,
+ struct osmo_sub_auth_data *aud,
+ const uint8_t *rand_auts, const uint8_t *auts,
+ const uint8_t *_rand)
+{
+ struct osmo_auth_impl *impl = selected_auths[aud->type];
+
+ if (!impl || !impl->gen_vec_auts)
+ return -ENOENT;
+
+ return impl->gen_vec_auts(vec, aud, rand_auts, auts, _rand);
+}