example: add generic PP authentication helper
Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
parent
9e6a9bba93
commit
10d50440b5
|
@ -5,6 +5,7 @@ PROGRAMS += cc ss mm-fp mm-pp pp-access-rights discover hijack
|
|||
destdir := usr/share/dect/examples
|
||||
|
||||
common-obj += common.o event_ops.o keys.o dummy_ops.o debug.o
|
||||
pp-common-obj += $(common-obj) pp-auth.o
|
||||
|
||||
cc-destdir := $(destdir)
|
||||
cc-obj += $(common-obj)
|
||||
|
|
|
@ -22,6 +22,13 @@ extern int dect_write_uak(const struct dect_ipui *ipui,
|
|||
extern int dect_read_uak(const struct dect_ipui *ipui,
|
||||
uint8_t uak[DECT_AUTH_KEY_LEN]);
|
||||
|
||||
extern void dect_pp_auth_init(struct dect_ops *ops,
|
||||
const struct dect_ipui *ipui);
|
||||
|
||||
struct mm_auth_priv {
|
||||
uint8_t dck[DECT_CIPHER_KEY_LEN];
|
||||
};
|
||||
|
||||
extern void pexit(const char *str);
|
||||
|
||||
#include "../src/ccitt-adpcm/g72x.h"
|
||||
|
|
|
@ -38,28 +38,38 @@ int dect_write_uak(const struct dect_ipui *ipui,
|
|||
int dect_read_uak(const struct dect_ipui *ipui, uint8_t _uak[DECT_AUTH_KEY_LEN])
|
||||
{
|
||||
struct dect_ipui ripui;
|
||||
uint8_t uak[16];
|
||||
uint8_t uak[DECT_AUTH_KEY_LEN];
|
||||
unsigned int i;
|
||||
FILE *f;
|
||||
|
||||
f = dect_keyfile_open("r");
|
||||
if (f == NULL)
|
||||
return -1;
|
||||
goto err;
|
||||
|
||||
if (fscanf(f, "N|%04hx|%05x|", &ripui.pun.n.ipei.emc, &ripui.pun.n.ipei.psn) != 2)
|
||||
return -1;
|
||||
memset(&ripui, 0, sizeof(ripui));
|
||||
ripui.put = DECT_IPUI_N;
|
||||
|
||||
if (fscanf(f, "N|%04hx|%05x|",
|
||||
&ripui.pun.n.ipei.emc,
|
||||
&ripui.pun.n.ipei.psn) != 2)
|
||||
goto err;
|
||||
|
||||
for (i = 0; i < DECT_AUTH_KEY_LEN; i++) {
|
||||
if (fscanf(f, "%02hhx", &uak[i]) != 1)
|
||||
return -1;
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (ipui->pun.n.ipei.emc != ripui.pun.n.ipei.emc ||
|
||||
ipui->pun.n.ipei.psn != ripui.pun.n.ipei.psn)
|
||||
return -1;
|
||||
if (dect_ipui_cmp(ipui, &ripui))
|
||||
goto err;
|
||||
|
||||
memcpy(_uak, uak, DECT_AUTH_KEY_LEN);
|
||||
|
||||
fclose(f);
|
||||
return 0;
|
||||
|
||||
err:
|
||||
fprintf(stderr, "Could not find UAK for IPUI N %4x %5x, use "
|
||||
"'pp-access-rights' to allocate a new one\n",
|
||||
ipui->pun.n.ipei.emc, ipui->pun.n.ipei.psn);
|
||||
return -1;
|
||||
}
|
||||
|
|
|
@ -0,0 +1,73 @@
|
|||
/*
|
||||
* DECT PP authentication helpers
|
||||
*
|
||||
* Copyright (c) 2010 Patrick McHardy <kaber@trash.net>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License version 2 as
|
||||
* published by the Free Software Foundation.
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#include <dect/libdect.h>
|
||||
#include <dect/auth.h>
|
||||
#include "common.h"
|
||||
|
||||
static const struct dect_ipui *auth_ipui;
|
||||
|
||||
static void dect_mm_cipher_ind(struct dect_handle *dh,
|
||||
struct dect_mm_endpoint *mme,
|
||||
struct dect_mm_cipher_param *param)
|
||||
{
|
||||
struct mm_auth_priv *priv = dect_mm_priv(mme);
|
||||
struct dect_mm_cipher_param reply = {
|
||||
.cipher_info = param->cipher_info,
|
||||
};
|
||||
|
||||
dect_mm_cipher_res(dh, mme, true, &reply, priv->dck);
|
||||
}
|
||||
|
||||
static void dect_mm_authenticate_ind(struct dect_handle *dh,
|
||||
struct dect_mm_endpoint *mme,
|
||||
struct dect_mm_authenticate_param *param)
|
||||
{
|
||||
struct mm_auth_priv *priv = dect_mm_priv(mme);
|
||||
struct dect_ie_auth_res res1;
|
||||
struct dect_mm_authenticate_param reply = {
|
||||
.res = &res1,
|
||||
};
|
||||
uint8_t uak[DECT_AUTH_KEY_LEN];
|
||||
uint8_t k[DECT_AUTH_KEY_LEN], ks[DECT_AUTH_KEY_LEN];
|
||||
bool accept = false;
|
||||
|
||||
if (dect_read_uak(auth_ipui, uak) < 0)
|
||||
goto out;
|
||||
|
||||
dect_auth_b1(uak, sizeof(uak), k);
|
||||
|
||||
dect_auth_a11(k, param->rs->value, ks);
|
||||
dect_auth_a12(ks, param->rand->value, priv->dck, &res1.value);
|
||||
accept = true;
|
||||
out:
|
||||
dect_mm_authenticate_res(dh, mme, accept, &reply);
|
||||
}
|
||||
|
||||
static struct dect_mm_ops dect_mm_ops;
|
||||
|
||||
void dect_pp_auth_init(struct dect_ops *ops, const struct dect_ipui *ipui)
|
||||
{
|
||||
struct dect_mm_ops *mm_ops;
|
||||
|
||||
if (!ops->mm_ops)
|
||||
ops->mm_ops = &dect_mm_ops;
|
||||
mm_ops = (struct dect_mm_ops *)ops->mm_ops;
|
||||
|
||||
if (!mm_ops->priv_size)
|
||||
mm_ops->priv_size = sizeof(struct mm_auth_priv);
|
||||
mm_ops->mm_authenticate_ind = dect_mm_authenticate_ind;
|
||||
mm_ops->mm_cipher_ind = dect_mm_cipher_ind;
|
||||
|
||||
auth_ipui = ipui;
|
||||
}
|
Reference in New Issue