ims-volte-vowifi
/
doubango
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

HACK: hard-code K/OPc to one specific card 

This is just for testing/development; a proper interface to an
external smart card (pc/sc reader, ...) is needed later.
This commit is contained in:
Harald Welte 2022-03-04 20:28:06 +01:00
parent 63dd97adde
commit 3a110e66c4
2 changed files with 25 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
tinySIP/src/authentication/tsip_challenge.c
View File

@ -80,6 +80,17 @@ int tsip_challenge_reset_cnonce(tsip_challenge_t *self)
return -1; return -1;
} }
static char *bin2str(uint8_t *bin, unsigned int len)
{
static char str[1024+1];
if (len > (sizeof(str)-1) / 2)
return "E2BIG";
tsk_str_from_hex(bin, len, str);
str[sizeof(str)-1] = '\0';
return str;
}
//3GPP TS 35.205/6/7/8/9 and RFC 3310 //3GPP TS 35.205/6/7/8/9 and RFC 3310
int tsip_challenge_get_akares(tsip_challenge_t *self, char const *password, char** result) int tsip_challenge_get_akares(tsip_challenge_t *self, char const *password, char** result)
{ {
@ -132,19 +143,27 @@ int tsip_challenge_get_akares(tsip_challenge_t *self, char const *password, char
} }
/* Secret key */ /* Secret key */
memcpy(K, password, (tsk_strlen(password) > AKA_K_SIZE ? AKA_K_SIZE : tsk_strlen(password))); //memcpy(K, password, (tsk_strlen(password) > AKA_K_SIZE ? AKA_K_SIZE : tsk_strlen(password)));
memcpy(K, "\xce\x57\x88\x8a\x84\x16\xbb\xde\x41\x19\xdc\xa9\x2c\xbe\x16\x7b", AKA_K_SIZE);
/* 3GPP TS 35.205: AUTN = SQN[§AK] || AMF || MAC-A */ /* 3GPP TS 35.205: AUTN = SQN[§AK] || AMF || MAC-A */
memcpy(AMF, (AUTN + AKA_SQN_SIZE), AKA_AMF_SIZE); memcpy(AMF, (AUTN + AKA_SQN_SIZE), AKA_AMF_SIZE);
memcpy(MAC_A, (AUTN + AKA_SQN_SIZE + AKA_AMF_SIZE), AKA_MAC_A_SIZE); memcpy(MAC_A, (AUTN + AKA_SQN_SIZE + AKA_AMF_SIZE), AKA_MAC_A_SIZE);
/* compute OP */ /* compute OP */
ComputeOP(TSIP_CHALLENGE_STACK(self)->security.operator_id); //ComputeOP(TSIP_CHALLENGE_STACK(self)->security.operator_id);
ComputeOP("\x22\xb3\x15\x60\x98\xe1\x1e\x17\x7e\x93\x71\x1d\x6c\xb0\xe6\x88");
TSK_DEBUG_INFO("K=%s", bin2str(K, AKA_K_SIZE));
TSK_DEBUG_INFO("RAND=%s", bin2str(RAND, AKA_RAND_SIZE));
TSK_DEBUG_INFO("AUTN=%s", bin2str(AUTN, AKA_AUTN_SIZE));
/* Checks that we hold the same AMF */ /* Checks that we hold the same AMF */
for(n=0; n<AKA_AMF_SIZE; n++) { for(n=0; n<AKA_AMF_SIZE; n++) {
if(AMF[n] != TSIP_CHALLENGE_STACK(self)->security.amf[n]) { if(AMF[n] != TSIP_CHALLENGE_STACK(self)->security.amf[n]) {
TSK_DEBUG_ERROR("IMS-AKA error: AMF <> XAMF"); uint16_t amf = AMF[0] << 8 | AMF[1];
uint16_t xamf = TSIP_CHALLENGE_STACK(self)->security.amf[0] << 8 | TSIP_CHALLENGE_STACK(self)->security.amf[1];
TSK_DEBUG_ERROR("IMS-AKA error: AMF (%04x) <> XAMF (%04x)", amf, xamf);
goto bail; goto bail;
} }
} }
@ -164,7 +183,7 @@ int tsip_challenge_get_akares(tsip_challenge_t *self, char const *password, char
f1(K, RAND, SQN, AMF, XMAC_A); f1(K, RAND, SQN, AMF, XMAC_A);
if(!tsk_strnequals(MAC_A, XMAC_A, AKA_MAC_A_SIZE)) { if(!tsk_strnequals(MAC_A, XMAC_A, AKA_MAC_A_SIZE)) {
TSK_DEBUG_ERROR("IMS-AKA error: XMAC_A [%s] <> MAC_A[%s]", XMAC_A, MAC_A); TSK_DEBUG_ERROR("IMS-AKA error: XMAC_A [%s] <> MAC_A[%s]", bin2str(XMAC_A, AKA_MAC_A_SIZE), bin2str(MAC_A, AKA_MAC_A_SIZE));
goto bail; goto bail;
} }
} }

4
tinySIP/src/authentication/tsip_milenage.c
View File

@ -339,9 +339,9 @@ void ComputeOPc( uint8_t op_c[16] )
{ {
uint8_t i; uint8_t i;
RijndaelEncrypt( OP, op_c ); //RijndaelEncrypt( OP, op_c );
for (i=0; i<16; i++) { for (i=0; i<16; i++) {
op_c[i] ^= OP[i]; op_c[i] = OP[i];
} }
return; return;