Beispiel #1
0
/** Milenage check
 *
 * @param[out] ik	Buffer for IK = 128-bit integrity key (f4), or NULL.
 * @param[out] ck	Buffer for CK = 128-bit confidentiality key (f3), or NULL.
 * @param[out] res	Buffer for RES = 64-bit signed response (f2), or NULL.
 * @param[in] auts	112-bit buffer for AUTS.
 * @param[in] opc	128-bit operator variant algorithm configuration field (encr.).
 * @param[in] ki	128-bit subscriber key.
 * @param[in] sqn	48-bit sequence number.
 * @param[in] rand	128-bit random challenge.
 * @param[in] autn	128-bit authentication token.
 * @return
 *	- 0 on success.
 *	- -1 on failure.
 *	- -2 on synchronization failure
 */
int milenage_check(uint8_t ik[MILENAGE_IK_SIZE],
		   uint8_t ck[MILENAGE_CK_SIZE],
		   uint8_t res[MILENAGE_RES_SIZE],
		   uint8_t auts[MILENAGE_AUTS_SIZE],
		   uint8_t const opc[MILENAGE_OPC_SIZE],
		   uint8_t const ki[MILENAGE_KI_SIZE],
		   uint64_t sqn,
		   uint8_t const rand[MILENAGE_RAND_SIZE],
		   uint8_t const autn[MILENAGE_AUTN_SIZE])
{

	uint8_t mac_a[MILENAGE_MAC_A_SIZE], ak[MILENAGE_AK_SIZE], rx_sqn[MILENAGE_SQN_SIZE];
	uint8_t sqn_buff[MILENAGE_SQN_SIZE];
	const uint8_t *amf;
	size_t i;

	uint48_to_buff(sqn_buff, sqn);

	FR_PROTO_HEX_DUMP(autn, MILENAGE_AUTN_SIZE, "AUTN");
	FR_PROTO_HEX_DUMP(rand, MILENAGE_RAND_SIZE, "RAND");

	if (milenage_f2345(res, ck, ik, ak, NULL, opc, ki, rand)) return -1;

	FR_PROTO_HEX_DUMP(res, MILENAGE_RES_SIZE, "RES");
	FR_PROTO_HEX_DUMP(ck, MILENAGE_CK_SIZE, "CK");
	FR_PROTO_HEX_DUMP(ik, MILENAGE_IK_SIZE, "IK");
	FR_PROTO_HEX_DUMP(ak, MILENAGE_AK_SIZE, "AK");

	/* AUTN = (SQN ^ AK) || AMF || MAC */
	for (i = 0; i < 6; i++) rx_sqn[i] = autn[i] ^ ak[i];
	FR_PROTO_HEX_DUMP(rx_sqn, MILENAGE_SQN_SIZE, "SQN");

	if (memcmp(rx_sqn, sqn_buff, sizeof(rx_sqn)) <= 0) {
		uint8_t auts_amf[MILENAGE_AMF_SIZE] = { 0x00, 0x00 }; /* TS 33.102 v7.0.0, 6.3.3 */

		if (milenage_f2345(NULL, NULL, NULL, NULL, ak, opc, ki, rand)) return -1;

		FR_PROTO_HEX_DUMP(ak, sizeof(ak), "AK*");
		for (i = 0; i < 6; i++) auts[i] = sqn_buff[i] ^ ak[i];

		if (milenage_f1(NULL, auts + 6, opc, ki, rand, sqn_buff, auts_amf) < 0) return -1;
		FR_PROTO_HEX_DUMP(auts, 14, "AUTS");
		return -2;
	}

	amf = autn + 6;
	FR_PROTO_HEX_DUMP(amf, MILENAGE_AMF_SIZE, "AMF");
	if (milenage_f1(mac_a, NULL, opc, ki, rand, rx_sqn, amf) < 0) return -1;

	FR_PROTO_HEX_DUMP(mac_a, MILENAGE_MAC_A_SIZE, "MAC_A");

	if (CRYPTO_memcmp(mac_a, autn + 8, 8) != 0) {
		FR_PROTO_HEX_DUMP(autn + 8, 8, "Received MAC_A");
		fr_strerror_printf("MAC mismatch");
		return -1;
	}

	return 0;
}
Beispiel #2
0
/**
 * milenage_generate - Generate AKA AUTN,IK,CK,RES
 * @opc: OPc = 128-bit operator variant algorithm configuration field (encr.)
 * @k: K = 128-bit subscriber key
 * @sqn: SQN = 48-bit sequence number
 * @_rand: RAND = 128-bit random challenge
 * @autn: AUTN = 128-bit authentication token
 * @ik: Buffer for IK = 128-bit integrity key (f4), or %NULL
 * @ck: Buffer for CK = 128-bit confidentiality key (f3), or %NULL
 * @res: Buffer for RES = 64-bit signed response (f2), or %NULL
 * @res_len: Variable that will be set to RES length
 * @auts: 112-bit buffer for AUTS
 * Returns: 0 on success, -1 on failure, or -2 on synchronization failure
 */
int milenage_check(const u8 *opc, const u8 *k, const u8 *sqn, const u8 *_rand,
        const u8 *autn, u8 *ik, u8 *ck, u8 *res, size_t *res_len,
        u8 *auts)
{
    int i;
    u8 mac_a[8], ak[6], rx_sqn[6];
    const u8 *amf;

    wpa_hexdump(MSG_DEBUG, "Milenage: AUTN", autn, 16);
    wpa_hexdump(MSG_DEBUG, "Milenage: RAND", _rand, 16);

    if (milenage_f2345(opc, k, _rand, res, ck, ik, ak, NULL))
        return -1;

    *res_len = 8;
    wpa_hexdump_key(MSG_DEBUG, "Milenage: RES", res, *res_len);
    wpa_hexdump_key(MSG_DEBUG, "Milenage: CK", ck, 16);
    wpa_hexdump_key(MSG_DEBUG, "Milenage: IK", ik, 16);
    wpa_hexdump_key(MSG_DEBUG, "Milenage: AK", ak, 6);

    /* AUTN = (SQN ^ AK) || AMF || MAC */
    for (i = 0; i < 6; i++)
        rx_sqn[i] = autn[i] ^ ak[i];
    wpa_hexdump(MSG_DEBUG, "Milenage: SQN", rx_sqn, 6);

    if (os_memcmp(rx_sqn, sqn, 6) <= 0) {
        u8 auts_amf[2] = { 0x00, 0x00 }; /* TS 33.102 v7.0.0, 6.3.3 */
        if (milenage_f2345(opc, k, _rand, NULL, NULL, NULL, NULL, ak))
            return -1;
        wpa_hexdump_key(MSG_DEBUG, "Milenage: AK*", ak, 6);
        for (i = 0; i < 6; i++)
            auts[i] = sqn[i] ^ ak[i];
        if (milenage_f1(opc, k, _rand, sqn, auts_amf, NULL, auts + 6))
            return -1;
        wpa_hexdump(MSG_DEBUG, "Milenage: AUTS", auts, 14);
        return -2;
    }

    amf = autn + 6;
    wpa_hexdump(MSG_DEBUG, "Milenage: AMF", amf, 2);
    if (milenage_f1(opc, k, _rand, rx_sqn, amf, mac_a, NULL))
        return -1;

    wpa_hexdump(MSG_DEBUG, "Milenage: MAC_A", mac_a, 8);

    if (os_memcmp(mac_a, autn + 8, 8) != 0) {
        wpa_printf(MSG_DEBUG, "Milenage: MAC mismatch");
        wpa_hexdump(MSG_DEBUG, "Milenage: Received MAC_A",
                autn + 8, 8);
        return -1;
    }

    return 0;
}
Beispiel #3
0
/** Generate AKA AUTN, IK, CK, RES
 *
 * @param[out] autn	Buffer for AUTN = 128-bit authentication token.
 * @param[out] ik	Buffer for IK = 128-bit integrity key (f4), or NULL.
 * @param[out] ck	Buffer for CK = 128-bit confidentiality key (f3), or NULL.
 * @param[out] ak	Buffer for AK = 48-bit anonymity key (f5), or NULL
 * @param[out] res	Buffer for RES = 64-bit signed response (f2), or NULL.
 * @param[in] opc	128-bit operator variant algorithm configuration field (encr.).
 * @param[in] amf	16-bit authentication management field.
 * @param[in] ki	128-bit subscriber key.
 * @param[in] sqn	48-bit sequence number (host byte order).
 * @param[in] rand	128-bit random challenge.
 * @return
 *	- 0 on success.
 *	- -1 on failure.
 */
int milenage_umts_generate(uint8_t autn[MILENAGE_AUTN_SIZE],
			   uint8_t ik[MILENAGE_IK_SIZE],
			   uint8_t ck[MILENAGE_CK_SIZE],
			   uint8_t ak[MILENAGE_AK_SIZE],
			   uint8_t res[MILENAGE_RES_SIZE],
			   uint8_t const opc[MILENAGE_OPC_SIZE],
			   uint8_t const amf[MILENAGE_AMF_SIZE],
			   uint8_t const ki[MILENAGE_KI_SIZE],
			   uint64_t sqn,
			   uint8_t const rand[MILENAGE_RAND_SIZE])
{
	uint8_t		mac_a[8], ak_buff[MILENAGE_AK_SIZE];
	uint8_t		sqn_buff[MILENAGE_SQN_SIZE];
	uint8_t		*p = autn;
	size_t		i;

	if ((milenage_f1(mac_a, NULL, opc, ki, rand,
			 uint48_to_buff(sqn_buff, sqn), amf) < 0) ||
	    (milenage_f2345(res, ik, ck, ak_buff, NULL, opc, ki, rand) < 0)) return -1;

	/*
	 *	AUTN = (SQN ^ AK) || AMF || MAC_A
	 */
	for (i = 0; i < sizeof(sqn_buff); i++) *p++ = sqn_buff[i] ^ ak_buff[i];
	memcpy(p, amf, MILENAGE_AMF_SIZE);
	p += MILENAGE_AMF_SIZE;
	memcpy(p, mac_a, sizeof(mac_a));

	/*
	 *	Output the anonymity key if required
	 */
	if (ak) memcpy(ak, ak_buff, sizeof(ak_buff));

	return 0;
}
Beispiel #4
0
/** Generate GSM-Milenage (3GPP TS 55.205) authentication triplet
 *
 * @param[out] sres	Buffer for SRES = 32-bit SRES.
 * @param[out] kc	64-bit Kc.
 * @param[in] opc	128-bit operator variant algorithm configuration field (encr.).
 * @param[in] ki	128-bit subscriber key.
 * @param[in] rand	128-bit random challenge.
 * @return
 *	- 0 on success.
 *	- -1 on failure.
 */
int milenage_gsm_generate(uint8_t sres[MILENAGE_SRES_SIZE],
			  uint8_t kc[MILENAGE_KC_SIZE],
			  uint8_t const opc[MILENAGE_OPC_SIZE],
			  uint8_t const ki[MILENAGE_KI_SIZE],
			  uint8_t const rand[MILENAGE_RAND_SIZE])
{
	uint8_t		res[MILENAGE_RES_SIZE], ck[MILENAGE_CK_SIZE], ik[MILENAGE_IK_SIZE];

	if (milenage_f2345(res, ik, ck, NULL, NULL, opc, ki, rand)) return -1;

	milenage_gsm_from_umts(sres, kc, ik, ck, res);

	return 0;
}
Beispiel #5
0
/**
 * milenage_auts - Milenage AUTS validation
 * @opc: OPc = 128-bit operator variant algorithm configuration field (encr.)
 * @k: K = 128-bit subscriber key
 * @_rand: RAND = 128-bit random challenge
 * @auts: AUTS = 112-bit authentication token from client
 * @sqn: Buffer for SQN = 48-bit sequence number
 * Returns: 0 = success (sqn filled), -1 on failure
 */
int milenage_auts(const u8 *opc, const u8 *k, const u8 *_rand, const u8 *auts,
        u8 *sqn)
{
    u8 amf[2] = { 0x00, 0x00 }; /* TS 33.102 v7.0.0, 6.3.3 */
    u8 ak[6], mac_s[8];
    int i;

    if (milenage_f2345(opc, k, _rand, NULL, NULL, NULL, NULL, ak))
        return -1;
    for (i = 0; i < 6; i++)
        sqn[i] = auts[i] ^ ak[i];
    if (milenage_f1(opc, k, _rand, sqn, amf, NULL, mac_s) ||
            memcmp(mac_s, auts + 6, 8) != 0)
        return -1;
    return 0;
}
Beispiel #6
0
/**
 * gsm_milenage - Generate GSM-Milenage (3GPP TS 55.205) authentication triplet
 * @opc: OPc = 128-bit operator variant algorithm configuration field (encr.)
 * @k: K = 128-bit subscriber key
 * @_rand: RAND = 128-bit random challenge
 * @sres: Buffer for SRES = 32-bit SRES
 * @kc: Buffer for Kc = 64-bit Kc
 * Returns: 0 on success, -1 on failure
 */
int gsm_milenage(const u8 *opc, const u8 *k, const u8 *_rand, u8 *sres, u8 *kc)
{
    u8 res[8], ck[16], ik[16];
    int i;

    if (milenage_f2345(opc, k, _rand, res, ck, ik, NULL, NULL))
        return -1;

    for (i = 0; i < 8; i++)
        kc[i] = ck[i] ^ ck[i + 8] ^ ik[i] ^ ik[i + 8];

#ifdef GSM_MILENAGE_ALT_SRES
    os_memcpy(sres, res, 4);
#else /* GSM_MILENAGE_ALT_SRES */
    for (i = 0; i < 4; i++)
        sres[i] = res[i] ^ res[i + 4];
#endif /* GSM_MILENAGE_ALT_SRES */
    return 0;
}
Beispiel #7
0
/** Milenage AUTS validation
 *
 * @param[out] sqn	Buffer for SQN = 48-bit sequence number (host byte order).
 * @param[in] opc	128-bit operator variant algorithm configuration field (encr.).
 * @param[in] ki	128-bit subscriber key.
 * @param[in] rand	128-bit random challenge.
 * @param[in] auts	112-bit authentication token from client.
 * @return
 *	- 0 on success with sqn filled.
 *	- -1 on failure.
 */
int milenage_auts(uint64_t sqn,
		  uint8_t const opc[MILENAGE_OPC_SIZE],
		  uint8_t const ki[MILENAGE_KI_SIZE],
		  uint8_t const rand[MILENAGE_RAND_SIZE],
		  uint8_t const auts[MILENAGE_AUTS_SIZE])
{
	uint8_t		amf[MILENAGE_AMF_SIZE] = { 0x00, 0x00 }; /* TS 33.102 v7.0.0, 6.3.3 */
	uint8_t		ak[MILENAGE_AK_SIZE], mac_s[MILENAGE_MAC_S_SIZE];
	uint8_t		sqn_buff[MILENAGE_SQN_SIZE];
	size_t		i;

	uint48_to_buff(sqn_buff, sqn);

	if (milenage_f2345(NULL, NULL, NULL, NULL, ak, opc, ki, rand)) return -1;
	for (i = 0; i < sizeof(sqn_buff); i++) sqn_buff[i] = auts[i] ^ ak[i];

	if (milenage_f1(NULL, mac_s, opc, ki, rand, sqn_buff, amf) || CRYPTO_memcmp(mac_s, auts + 6, 8) != 0) return -1;
	return 0;
}
Beispiel #8
0
/**
 * milenage_generate - Generate AKA AUTN,IK,CK,RES
 * @opc: OPc = 128-bit operator variant algorithm configuration field (encr.)
 * @amf: AMF = 16-bit authentication management field
 * @k: K = 128-bit subscriber key
 * @sqn: SQN = 48-bit sequence number
 * @_rand: RAND = 128-bit random challenge
 * @autn: Buffer for AUTN = 128-bit authentication token
 * @ik: Buffer for IK = 128-bit integrity key (f4), or %NULL
 * @ck: Buffer for CK = 128-bit confidentiality key (f3), or %NULL
 * @res: Buffer for RES = 64-bit signed response (f2), or %NULL
 * @res_len: Max length for res; set to used length or 0 on failure
 */
void milenage_generate(const u8 *opc, const u8 *amf, const u8 *k,
        const u8 *sqn, const u8 *_rand, u8 *autn, u8 *ik,
        u8 *ck, u8 *res, size_t *res_len)
{
    int i;
    u8 mac_a[8], ak[6];

    if (*res_len < 8) {
        *res_len = 0;
        return;
    }
    if (milenage_f1(opc, k, _rand, sqn, amf, mac_a, NULL) ||
            milenage_f2345(opc, k, _rand, res, ck, ik, ak, NULL)) {
        *res_len = 0;
        return;
    }
    *res_len = 8;

    /* AUTN = (SQN ^ AK) || AMF || MAC */
    for (i = 0; i < 6; i++)
        autn[i] = sqn[i] ^ ak[i];
    os_memcpy(autn + 6, amf, 2);
    os_memcpy(autn + 8, mac_a, 8);
}
int main(int argc, char *argv[])
{
	u8 buf[16], buf2[16], buf3[16], buf4[16], buf5[16], opc[16];
	u8 auts[14], sqn[6], _rand[16];
	int ret = 0, res, i;
	const struct milenage_test_set *t;
	size_t res_len;

	wpa_debug_level = 0;

	printf("Milenage test sets\n");
	for (i = 0; i < NUM_TESTS; i++) {
		t = &test_sets[i];
		printf("Test Set %d\n", i + 1);

		milenage_opc(t->op, t->k, opc);
		if (memcmp(opc, t->opc, 16) != 0) {
			printf("- milenage_opc failed\n");
			ret++;
		}

		if (milenage_f1(opc, t->k, t->rand, t->sqn, t->amf, buf, buf2)
		    ||  memcmp(buf, t->f1, 8) != 0) {
			printf("- milenage_f1 failed\n");
			ret++;
		}
		if (memcmp(buf2, t->f1star, 8) != 0) {
			printf("- milenage_f1* failed\n");
			ret++;
		}

		if (milenage_f2345(opc, t->k, t->rand, buf, buf2, buf3, buf4,
				   buf5) ||
		    memcmp(buf, t->f2, 8) != 0) {
			printf("- milenage_f2 failed\n");
			ret++;
		}
		if (memcmp(buf2, t->f3, 16) != 0) {
			printf("- milenage_f3 failed\n");
			ret++;
		}
		if (memcmp(buf3, t->f4, 16) != 0) {
			printf("- milenage_f4 failed\n");
			ret++;
		}
		if (memcmp(buf4, t->f5, 6) != 0) {
			printf("- milenage_f5 failed\n");
			ret++;
		}
		if (memcmp(buf5, t->f5star, 6) != 0) {
			printf("- milenage_f5* failed\n");
			ret++;
		}
	}

	printf("milenage_auts test:\n");
	os_memcpy(auts, "\x4f\x20\x39\x39\x2d\xdd", 6);
	os_memcpy(auts + 6, "\x4b\xb4\x31\x6e\xd4\xa1\x46\x88", 8);
	res = milenage_auts(t->opc, t->k, t->rand, auts, buf);
	printf("AUTS for test set %d: %d / SQN=%02x%02x%02x%02x%02x%02x\n",
	       i, res, buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
	if (res)
		ret++;

	os_memset(_rand, 0xaa, sizeof(_rand));
	os_memcpy(auts,
		  "\x43\x68\x1a\xd3\xda\xf0\x06\xbc\xde\x40\x5a\x20\x72\x67",
		  14);
	res = milenage_auts(t->opc, t->k, _rand, auts, buf);
	printf("AUTS from a test USIM: %d / SQN=%02x%02x%02x%02x%02x%02x\n",
	       res, buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
	if (res)
		ret++;

	printf("milenage_generate test:\n");
	os_memcpy(sqn, "\x00\x00\x00\x00\x40\x44", 6);
	os_memcpy(_rand, "\x12\x69\xb8\x23\x41\x39\x35\x66\xfb\x99\x41\xe9\x84"
		  "\x4f\xe6\x2f", 16);
	res_len = 8;
	milenage_generate(t->opc, t->amf, t->k, sqn, _rand, buf, buf2, buf3,
			  buf4, &res_len);
	wpa_hexdump(MSG_DEBUG, "SQN", sqn, 6);
	wpa_hexdump(MSG_DEBUG, "RAND", _rand, 16);
	wpa_hexdump(MSG_DEBUG, "AUTN", buf, 16);
	wpa_hexdump(MSG_DEBUG, "IK", buf2, 16);
	wpa_hexdump(MSG_DEBUG, "CK", buf3, 16);
	wpa_hexdump(MSG_DEBUG, "RES", buf4, res_len);

	printf("GSM-Milenage test sets\n");
	for (i = 0; i < NUM_GSM_TESTS; i++) {
		const struct gsm_milenage_test_set *g;
		u8 sres[4], kc[8];
		g = &gsm_test_sets[i];
		printf("Test Set %d\n", i + 1);
		gsm_milenage(g->opc, g->ki, g->rand, sres, kc);
		if (memcmp(g->kc, kc, 8) != 0) {
			printf("- gsm_milenage Kc failed\n");
			ret++;
		}
#ifdef GSM_MILENAGE_ALT_SRES
		if (memcmp(g->sres2, sres, 4) != 0) {
			printf("- gsm_milenage SRES#2 failed\n");
			ret++;
		}
#else /* GSM_MILENAGE_ALT_SRES */
		if (memcmp(g->sres1, sres, 4) != 0) {
			printf("- gsm_milenage SRES#1 failed\n");
			ret++;
		}
#endif /* GSM_MILENAGE_ALT_SRES */
	}

	if (ret)
		printf("Something failed\n");
	else
		printf("OK\n");

	return ret;
}
Beispiel #10
0
void test_set_19(void)
{
	/*
	 *	Inputs
	 */
	uint8_t ki[]		= { 0x51, 0x22, 0x25, 0x02, 0x14, 0xc3, 0x3e, 0x72,
				    0x3a, 0x5d, 0xd5, 0x23, 0xfc, 0x14, 0x5f, 0xc0 };
	uint8_t rand[]		= { 0x81, 0xe9, 0x2b, 0x6c, 0x0e, 0xe0, 0xe1, 0x2e,
				    0xbc, 0xeb, 0xa8, 0xd9, 0x2a, 0x99, 0xdf, 0xa5 };
	uint8_t sqn[]		= { 0x16, 0xf3, 0xb3, 0xf7, 0x0f, 0xc2 };
	uint8_t amf[]		= { 0xc3, 0xab };
	uint8_t op[]		= { 0xc9, 0xe8, 0x76, 0x32, 0x86, 0xb5, 0xb9, 0xff,
				    0xbd, 0xf5, 0x6e, 0x12, 0x97, 0xd0, 0x88, 0x7b };
	uint8_t opc[]		= { 0x98, 0x1d, 0x46, 0x4c, 0x7c, 0x52, 0xeb, 0x6e,
				    0x50, 0x36, 0x23, 0x49, 0x84, 0xad, 0x0b, 0xcf };

	/*
	 *	Outputs
	 */
	uint8_t opc_out[MILENAGE_OPC_SIZE];
	uint8_t	mac_a_out[MILENAGE_MAC_A_SIZE];
	uint8_t	mac_s_out[MILENAGE_MAC_S_SIZE];
	uint8_t res_out[MILENAGE_RES_SIZE];
	uint8_t ck_out[MILENAGE_CK_SIZE];
	uint8_t ik_out[MILENAGE_IK_SIZE];
	uint8_t ak_out[MILENAGE_AK_SIZE];
	uint8_t ak_resync_out[MILENAGE_AK_SIZE];

	/* function 1 */
	uint8_t mac_a[]		= { 0x2a, 0x5c, 0x23, 0xd1, 0x5e, 0xe3, 0x51, 0xd5 };
	/* function 1* */
	uint8_t mac_s[]		= { 0x62, 0xda, 0xe3, 0x85, 0x3f, 0x3a, 0xf9, 0xd2 };
	/* function 2 */
	uint8_t res[]		= { 0x28, 0xd7, 0xb0, 0xf2, 0xa2, 0xec, 0x3d, 0xe5 };
	/* function 3 */
	uint8_t ck[]		= { 0x53, 0x49, 0xfb, 0xe0, 0x98, 0x64, 0x9f, 0x94,
				    0x8f, 0x5d, 0x2e, 0x97, 0x3a, 0x81, 0xc0, 0x0f };
	/* function 4 */
	uint8_t ik[]		= { 0x97, 0x44, 0x87, 0x1a, 0xd3, 0x2b, 0xf9, 0xbb,
				    0xd1, 0xdd, 0x5c, 0xe5, 0x4e, 0x3e, 0x2e, 0x5a };
	/* function 5 */
	uint8_t ak[]		= { 0xad, 0xa1, 0x5a, 0xeb, 0x7b, 0xb8 };
	/* function 5* */
	uint8_t ak_resync[]	= { 0xd4, 0x61, 0xbc, 0x15, 0x47, 0x5d };

	int ret = 0;

/*
	fr_log_fp = stdout;
	fr_debug_lvl = 4;
*/

	ret = milenage_opc_generate(opc_out, op, ki);
	TEST_CHECK(ret == 0);

	FR_PROTO_HEX_DUMP(opc_out, sizeof(opc_out), "opc");

	TEST_CHECK(memcmp(opc_out, opc, sizeof(opc_out)) == 0);

	if ((milenage_f1(mac_a_out, mac_s_out, opc, ki, rand, sqn, amf) < 0) ||
	    (milenage_f2345(res_out, ik_out, ck_out, ak_out, ak_resync_out, opc, ki, rand) < 0)) ret = -1;

	FR_PROTO_HEX_DUMP(mac_a, sizeof(mac_a_out), "mac_a");
	FR_PROTO_HEX_DUMP(mac_s, sizeof(mac_s_out), "mac_s");
	FR_PROTO_HEX_DUMP(ik_out, sizeof(ik_out), "ik");
	FR_PROTO_HEX_DUMP(ck_out, sizeof(ck_out), "ck");
	FR_PROTO_HEX_DUMP(res_out, sizeof(res_out), "res");
	FR_PROTO_HEX_DUMP(ak_out, sizeof(ak_out), "ak");
	FR_PROTO_HEX_DUMP(ak_resync_out, sizeof(ak_resync_out), "ak_resync");

	TEST_CHECK(ret == 0);
	TEST_CHECK(memcmp(mac_a_out, mac_a, sizeof(mac_a_out)) == 0);
	TEST_CHECK(memcmp(mac_s_out, mac_s, sizeof(mac_s_out)) == 0);
	TEST_CHECK(memcmp(res_out, res, sizeof(res_out)) == 0);
	TEST_CHECK(memcmp(ck_out, ck, sizeof(ck_out)) == 0);
	TEST_CHECK(memcmp(ik_out, ik, sizeof(ik_out)) == 0);
	TEST_CHECK(memcmp(ak_out, ak, sizeof(ak_out)) == 0);
	TEST_CHECK(memcmp(ak_resync, ak_resync, sizeof(ak_resync_out)) == 0);
}
Beispiel #11
0
void test_set_1(void)
{
	/*
	 *	Inputs
	 */
	uint8_t ki[]		= { 0x46, 0x5b, 0x5c, 0xe8, 0xb1, 0x99, 0xb4, 0x9f,
				    0xaa, 0x5f, 0x0a, 0x2e, 0xe2, 0x38, 0xa6, 0xbc };
	uint8_t rand[]		= { 0x23, 0x55, 0x3c, 0xbe, 0x96, 0x37, 0xa8, 0x9d,
				    0x21, 0x8a, 0xe6, 0x4d, 0xae, 0x47, 0xbf, 0x35  };
	uint8_t sqn[]		= { 0xff, 0x9b, 0xb4, 0xd0, 0xb6, 0x07 };
	uint8_t amf[]		= { 0xb9, 0xb9 };
	uint8_t op[]		= { 0xcd, 0xc2, 0x02, 0xd5, 0x12, 0x3e, 0x20, 0xf6,
				    0x2b, 0x6d, 0x67, 0x6a, 0xc7, 0x2c, 0xb3, 0x18 };
	uint8_t opc[]		= { 0xcd, 0x63, 0xcb, 0x71, 0x95, 0x4a, 0x9f, 0x4e,
				    0x48, 0xa5, 0x99, 0x4e, 0x37, 0xa0, 0x2b, 0xaf };

	/*
	 *	Outputs
	 */
	uint8_t opc_out[MILENAGE_OPC_SIZE];
	uint8_t	mac_a_out[MILENAGE_MAC_A_SIZE];
	uint8_t	mac_s_out[MILENAGE_MAC_S_SIZE];
	uint8_t res_out[MILENAGE_RES_SIZE];
	uint8_t ck_out[MILENAGE_CK_SIZE];
	uint8_t ik_out[MILENAGE_IK_SIZE];
	uint8_t ak_out[MILENAGE_AK_SIZE];
	uint8_t ak_resync_out[MILENAGE_AK_SIZE];

	/* function 1 */
	uint8_t mac_a[]		= { 0x4a, 0x9f, 0xfa, 0xc3, 0x54, 0xdf, 0xaf, 0xb3 };
	/* function 1* */
	uint8_t mac_s[]		= { 0x01, 0xcf, 0xaf, 0x9e, 0xc4, 0xe8, 0x71, 0xe9 };
	/* function 2 */
	uint8_t res[]		= { 0xa5, 0x42, 0x11, 0xd5, 0xe3, 0xba, 0x50, 0xbf };
	/* function 3 */
	uint8_t ck[]		= { 0xb4, 0x0b, 0xa9, 0xa3, 0xc5, 0x8b, 0x2a, 0x05,
				    0xbb, 0xf0, 0xd9, 0x87, 0xb2, 0x1b, 0xf8, 0xcb };
	/* function 4 */
	uint8_t ik[]		= { 0xf7, 0x69, 0xbc, 0xd7, 0x51, 0x04, 0x46, 0x04,
			    	    0x12, 0x76, 0x72, 0x71, 0x1c, 0x6d, 0x34, 0x41 };
	/* function 5 */
	uint8_t ak[]		= { 0xaa, 0x68, 0x9c, 0x64, 0x83, 0x70 };
	/* function 5* */
	uint8_t ak_resync[]	= { 0x45, 0x1e, 0x8b, 0xec, 0xa4, 0x3b };

	int ret = 0;

/*
	fr_log_fp = stdout;
	fr_debug_lvl = 4;
*/
	ret = milenage_opc_generate(opc_out, op, ki);
	TEST_CHECK(ret == 0);

	FR_PROTO_HEX_DUMP(opc_out, sizeof(opc_out), "opc");

	TEST_CHECK(memcmp(opc_out, opc, sizeof(opc_out)) == 0);

	if ((milenage_f1(mac_a_out, mac_s_out, opc, ki, rand, sqn, amf) < 0) ||
	    (milenage_f2345(res_out, ik_out, ck_out, ak_out, ak_resync_out, opc, ki, rand) < 0)) ret = -1;

	FR_PROTO_HEX_DUMP(mac_a, sizeof(mac_a_out), "mac_a");
	FR_PROTO_HEX_DUMP(mac_s, sizeof(mac_s_out), "mac_s");
	FR_PROTO_HEX_DUMP(ik_out, sizeof(ik_out), "ik");
	FR_PROTO_HEX_DUMP(ck_out, sizeof(ck_out), "ck");
	FR_PROTO_HEX_DUMP(res_out, sizeof(res_out), "res");
	FR_PROTO_HEX_DUMP(ak_out, sizeof(ak_out), "ak");
	FR_PROTO_HEX_DUMP(ak_resync_out, sizeof(ak_resync_out), "ak_resync");

	TEST_CHECK(ret == 0);
	TEST_CHECK(memcmp(mac_a_out, mac_a, sizeof(mac_a_out)) == 0);
	TEST_CHECK(memcmp(mac_s_out, mac_s, sizeof(mac_s_out)) == 0);
	TEST_CHECK(memcmp(res_out, res, sizeof(res_out)) == 0);
	TEST_CHECK(memcmp(ck_out, ck, sizeof(ck_out)) == 0);
	TEST_CHECK(memcmp(ik_out, ik, sizeof(ik_out)) == 0);
	TEST_CHECK(memcmp(ak_out, ak, sizeof(ak_out)) == 0);
	TEST_CHECK(memcmp(ak_resync, ak_resync, sizeof(ak_resync_out)) == 0);
}