diff options
author | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2017-02-02 20:05:14 +0100 |
---|---|---|
committer | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2017-02-02 20:34:16 +0100 |
commit | 8352d31a8666e328e399ba1d2ae581c8f0021e48 (patch) | |
tree | 8a3599765d6481fdbfeeb481d221bfcd97712b7e | |
parent | 4a7f87cdc848891f7306109a009e51684b6c5c0e (diff) |
GSUP, OAP, osmo-gen-vec: fix AUTS length to 14, not 16
GSUP transmits AUTS for UMTS authentication procedures, and OAP uses the same
procedures to authenticate. osmo-gen-vec is a utility program that passes AUTS
to our osmo_auth_gen_vec_auts() API.
According to 3GPP 33.102 6.3.3, AUTS = SQN^AK || MAC-S, which are 6 || 8 == 14
bytes. This is confirmed by 24.008 9.2.3a where the TLV has 16 bytes, TL = 2
and AUTS being the V = 14.
It is not harmful for milenage_gen_vec_auts() to pass two more AUTS bytes. But
writing 16 bytes to a GSUP struct is a potential problem when passing in a 14
byte long AUTS buffer to the GSUP API, which then reads past the AUTS buffer.
The API implies the length, so far to be 16, so passing in a 14 byte buffer to
GSUP would require copying to a larger buffer first.
Fix this by using a length of 14 for AUTS everywhere instead.
This constitues an ABI breakage, we may handle it as a "fix before an official
release", otherwise we need a version bump.
The OAP protocol document has also been updated, needs an update in the
osmo-gsm-manuals as well.
Change-Id: If25b173d9ec57ea4c504d860954912b7d82af455
-rw-r--r-- | TODO-RELEASE | 3 | ||||
-rw-r--r-- | doc/osmocom-authn-protocol.txt | 2 | ||||
-rw-r--r-- | include/osmocom/gsm/oap.h | 2 | ||||
-rw-r--r-- | src/gsm/gsup.c | 2 | ||||
-rw-r--r-- | tests/oap/oap_test.c | 4 | ||||
-rw-r--r-- | tests/oap/oap_test.ok | 2 | ||||
-rw-r--r-- | utils/osmo-auc-gen.c | 2 |
7 files changed, 10 insertions, 7 deletions
diff --git a/TODO-RELEASE b/TODO-RELEASE index 5c6bfa3c..a23fcea7 100644 --- a/TODO-RELEASE +++ b/TODO-RELEASE @@ -8,3 +8,6 @@ # If any interfaces have been removed or changed since the last public release: c:r:0. #library what description / commit summary line libosmocore new function osmo_sock_get_name() +libosmogsm/gsup ABI change fix AUTS length to 14, not 16 (length is implicit) +libosmogsm/oap ABI change fix AUTS length to 14, not 16 (length is implicit) +osmo-auc-gen UI change fix AUTS length to 14, not 16 (length is implicit) diff --git a/doc/osmocom-authn-protocol.txt b/doc/osmocom-authn-protocol.txt index 6d057bea..ad4fba0f 100644 --- a/doc/osmocom-authn-protocol.txt +++ b/doc/osmocom-authn-protocol.txt @@ -181,7 +181,7 @@ Client -> Server IEI Info Element Type Pres. Format Length Message type 4.2.1 M V 1 - 20 AUTS octet string (16) M TLV 18 + 20 AUTS octet string (14) M TLV 16 3.2.8. Sync Error diff --git a/include/osmocom/gsm/oap.h b/include/osmocom/gsm/oap.h index d973013a..ff561bf1 100644 --- a/include/osmocom/gsm/oap.h +++ b/include/osmocom/gsm/oap.h @@ -64,7 +64,7 @@ struct osmo_oap_message { int xres_present; uint8_t xres[8]; int auts_present; - uint8_t auts[16]; + uint8_t auts[14]; }; int osmo_oap_decode(struct osmo_oap_message *oap_msg, const uint8_t *data, diff --git a/src/gsm/gsup.c b/src/gsm/gsup.c index 22f57ab7..b1b97ca5 100644 --- a/src/gsm/gsup.c +++ b/src/gsm/gsup.c @@ -497,7 +497,7 @@ void osmo_gsup_encode(struct msgb *msg, const struct osmo_gsup_message *gsup_msg } if (gsup_msg->auts) - msgb_tlv_put(msg, OSMO_GSUP_AUTS_IE, 16, gsup_msg->auts); + msgb_tlv_put(msg, OSMO_GSUP_AUTS_IE, 14, gsup_msg->auts); if (gsup_msg->rand) msgb_tlv_put(msg, OSMO_GSUP_RAND_IE, 16, gsup_msg->rand); diff --git a/tests/oap/oap_test.c b/tests/oap/oap_test.c index ccf49069..0c4c16ea 100644 --- a/tests/oap/oap_test.c +++ b/tests/oap/oap_test.c @@ -155,8 +155,8 @@ static void test_oap_messages_dec_enc(void) printf("- Sync Request\n"); CLEAR(); oap_msg.message_type = OAP_MSGT_SYNC_REQUEST; - osmo_hexparse("102030405060708090a0b0c0d0e0f001", - oap_msg.auts, 16); + osmo_hexparse("102030405060708090a0b0c0d0e0", + oap_msg.auts, 14); oap_msg.auts_present = 1; CHECK(); diff --git a/tests/oap/oap_test.ok b/tests/oap/oap_test.ok index 9260d442..4c099290 100644 --- a/tests/oap/oap_test.ok +++ b/tests/oap/oap_test.ok @@ -37,6 +37,6 @@ encoded message: ok - Sync Request encoded message: -0c 25 10 10 20 30 40 50 60 70 80 90 a0 b0 c0 d0 e0 f0 01 +0c 25 0e 10 20 30 40 50 60 70 80 90 a0 b0 c0 d0 e0 ok Done. diff --git a/utils/osmo-auc-gen.c b/utils/osmo-auc-gen.c index 3b3e5577..4c3e891b 100644 --- a/utils/osmo-auc-gen.c +++ b/utils/osmo-auc-gen.c @@ -87,7 +87,7 @@ int main(int argc, char **argv) { struct osmo_auth_vector _vec; struct osmo_auth_vector *vec = &_vec; - uint8_t _rand[16], _auts[16]; + uint8_t _rand[16], _auts[14]; int rc, option_index; int rand_is_set = 0; int auts_is_set = 0; |