diff options
Diffstat (limited to 'include/osmocom/crypt')
| -rw-r--r-- | include/osmocom/crypt/Makefile.am | 3 | ||||
| -rw-r--r-- | include/osmocom/crypt/auth.h | 91 | ||||
| -rw-r--r-- | include/osmocom/crypt/gprs_cipher.h | 54 |
3 files changed, 148 insertions, 0 deletions
diff --git a/include/osmocom/crypt/Makefile.am b/include/osmocom/crypt/Makefile.am new file mode 100644 index 00000000..e4a6e538 --- /dev/null +++ b/include/osmocom/crypt/Makefile.am @@ -0,0 +1,3 @@ +osmocrypt_HEADERS = gprs_cipher.h auth.h + +osmocryptdir = $(includedir)/osmocom/crypt diff --git a/include/osmocom/crypt/auth.h b/include/osmocom/crypt/auth.h new file mode 100644 index 00000000..67b32009 --- /dev/null +++ b/include/osmocom/crypt/auth.h @@ -0,0 +1,91 @@ +#ifndef _OSMOCRYPTO_AUTH_H +#define _OSMOCRYPTO_AUTH_H + +#include <stdint.h> + +#include <osmocom/core/linuxlist.h> + +/*! \brief Authentication Type */ +enum osmo_sub_auth_type { + OSMO_AUTH_TYPE_NONE = 0x00, + OSMO_AUTH_TYPE_GSM = 0x01, + OSMO_AUTH_TYPE_UMTS = 0x02, +}; + +/*! \brief Authentication Algorithm */ +enum osmo_auth_algo { + OSMO_AUTH_ALG_NONE, + OSMO_AUTH_ALG_COMP128v1, + OSMO_AUTH_ALG_COMP128v2, + OSMO_AUTH_ALG_COMP128v3, + OSMO_AUTH_ALG_XOR, + OSMO_AUTH_ALG_MILENAGE, + _OSMO_AUTH_ALG_NUM, +}; + +/*! \brief permanent (secret) subscriber auth data */ +struct osmo_sub_auth_data { + enum osmo_sub_auth_type type; + enum osmo_auth_algo algo; + union { + struct { + uint8_t opc[16]; + uint8_t k[16]; + uint8_t amf[2]; + uint64_t sqn; + int opc_is_op; + } umts; + struct { + uint8_t ki[16]; + } gsm; + } u; +}; + +/* data structure describing a computed auth vector, generated by AuC */ +struct osmo_auth_vector { + uint8_t rand[16]; + uint8_t autn[16]; + uint8_t ck[16]; + uint8_t ik[16]; + uint8_t res[16]; + uint8_t res_len; + uint8_t kc[8]; + uint8_t sres[4]; + uint32_t auth_types; /*!< bitmask of OSMO_AUTH_TYPE_* */ +}; + +/* \brief An implementation of an authentication algorithm */ +struct osmo_auth_impl { + struct llist_head list; + enum osmo_auth_algo algo; + const char *name; + unsigned int priority; + + int (*gen_vec)(struct osmo_auth_vector *vec, + struct osmo_sub_auth_data *aud, + const uint8_t *_rand); + + int (*gen_vec_auts)(struct osmo_auth_vector *vec, + struct osmo_sub_auth_data *aud, + const uint8_t *rand_auts, const uint8_t *auts, + const uint8_t *_rand); +}; + +int osmo_auth_gen_vec(struct osmo_auth_vector *vec, + struct osmo_sub_auth_data *aud, const uint8_t *_rand); + +int osmo_auth_gen_vec_auts(struct osmo_auth_vector *vec, + struct osmo_sub_auth_data *aud, + const uint8_t *rand_auts, const uint8_t *auts, + const uint8_t *_rand); + +int osmo_auth_register(struct osmo_auth_impl *impl); + +int osmo_auth_load(const char *path); + +int osmo_auth_supported(enum osmo_auth_algo algo); + +const char *osmo_auth_alg_name(enum osmo_auth_algo alg); +enum osmo_auth_algo osmo_auth_alg_parse(const char *name); + +#endif /* _OSMOCRYPTO_AUTH_H */ diff --git a/include/osmocom/crypt/gprs_cipher.h b/include/osmocom/crypt/gprs_cipher.h new file mode 100644 index 00000000..30510711 --- /dev/null +++ b/include/osmocom/crypt/gprs_cipher.h @@ -0,0 +1,54 @@ +#ifndef _GPRS_CIPHER_H +#define _GPRS_CIPHER_H + +#include <osmocom/core/linuxlist.h> + +#define GSM0464_CIPH_MAX_BLOCK 1523 + +enum gprs_ciph_algo { + GPRS_ALGO_GEA0, + GPRS_ALGO_GEA1, + GPRS_ALGO_GEA2, + GPRS_ALGO_GEA3, + _GPRS_ALGO_NUM +}; + +enum gprs_cipher_direction { + GPRS_CIPH_MS2SGSN, + GPRS_CIPH_SGSN2MS, +}; + +/* An implementation of a GPRS cipher */ +struct gprs_cipher_impl { + struct llist_head list; + enum gprs_ciph_algo algo; + const char *name; + unsigned int priority; + + /* As specified in 04.64 Annex A. Uses Kc, IV and direction + * to generate the 1523 bytes cipher stream that need to be + * XORed wit the plaintext for encrypt / ciphertext for decrypt */ + int (*run)(uint8_t *out, uint16_t len, uint64_t kc, uint32_t iv, + enum gprs_cipher_direction direction); +}; + +/* register a cipher with the core (from a plugin) */ +int gprs_cipher_register(struct gprs_cipher_impl *ciph); + +/* load all available GPRS cipher plugins */ +int gprs_cipher_load(const char *path); + +/* function to be called by core code */ +int gprs_cipher_run(uint8_t *out, uint16_t len, enum gprs_ciph_algo algo, + uint64_t kc, uint32_t iv, enum gprs_cipher_direction dir); + +/* Do we have an implementation for this cipher? */ +int gprs_cipher_supported(enum gprs_ciph_algo algo); + +/* GSM TS 04.64 / Section A.2.1 : Generation of 'input' */ +uint32_t gprs_cipher_gen_input_ui(uint32_t iov_ui, uint8_t sapi, uint32_t lfn, uint32_t oc); + +/* GSM TS 04.64 / Section A.2.1 : Generation of 'input' */ +uint32_t gprs_cipher_gen_input_i(uint32_t iov_i, uint32_t lfn, uint32_t oc); + +#endif /* _GPRS_CIPHER_H */ |