example: add generic PP authentication helper

Signed-off-by: Patrick McHardy <kaber@trash.net>

example/Makefile.in

@@ -5,6 +5,7 @@ PROGRAMS	+= cc ss mm-fp mm-pp pp-access-rights discover hijack
 destdir		:= usr/share/dect/examples
 
 common-obj	+= common.o event_ops.o keys.o dummy_ops.o debug.o
+pp-common-obj	+= $(common-obj) pp-auth.o
 
 cc-destdir	:= $(destdir)
 cc-obj		+= $(common-obj)

example/common.h

@@ -22,6 +22,13 @@ extern int dect_write_uak(const struct dect_ipui *ipui,
 extern int dect_read_uak(const struct dect_ipui *ipui,
 			 uint8_t uak[DECT_AUTH_KEY_LEN]);
 
+extern void dect_pp_auth_init(struct dect_ops *ops,
+			      const struct dect_ipui *ipui);
+
+struct mm_auth_priv {
+	uint8_t         dck[DECT_CIPHER_KEY_LEN];
+};
+
 extern void pexit(const char *str);
 
 #include "../src/ccitt-adpcm/g72x.h"

example/keys.c

@@ -38,28 +38,38 @@ int dect_write_uak(const struct dect_ipui *ipui,
 int dect_read_uak(const struct dect_ipui *ipui, uint8_t _uak[DECT_AUTH_KEY_LEN])
 {
 	struct dect_ipui ripui;
-	uint8_t uak[16];
+	uint8_t uak[DECT_AUTH_KEY_LEN];
 	unsigned int i;
 	FILE *f;
 
 	f = dect_keyfile_open("r");
 	if (f == NULL)
-		return -1;
+		goto err;
 
-	if (fscanf(f, "N|%04hx|%05x|", &ripui.pun.n.ipei.emc, &ripui.pun.n.ipei.psn) != 2)
-		return -1;
+	memset(&ripui, 0, sizeof(ripui));
+	ripui.put = DECT_IPUI_N;
+
+	if (fscanf(f, "N|%04hx|%05x|",
+		   &ripui.pun.n.ipei.emc,
+		   &ripui.pun.n.ipei.psn) != 2)
+		goto err;
 
 	for (i = 0; i < DECT_AUTH_KEY_LEN; i++) {
 		if (fscanf(f, "%02hhx", &uak[i]) != 1)
-			return -1;
+			goto err;
 	}
 
-	if (ipui->pun.n.ipei.emc != ripui.pun.n.ipei.emc ||
-	    ipui->pun.n.ipei.psn != ripui.pun.n.ipei.psn)
-		return -1;
+	if (dect_ipui_cmp(ipui, &ripui))
+		goto err;
 
 	memcpy(_uak, uak, DECT_AUTH_KEY_LEN);
 
 	fclose(f);
 	return 0;
+
+err:
+	fprintf(stderr, "Could not find UAK for IPUI N %4x %5x, use "
+			"'pp-access-rights' to allocate a new one\n",
+		ipui->pun.n.ipei.emc, ipui->pun.n.ipei.psn);
+	return -1;
 }

example/pp-auth.c

@@ -0,0 +1,73 @@
+/*
+ * DECT PP authentication helpers
+ *
+ * Copyright (c) 2010 Patrick McHardy <kaber@trash.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <dect/libdect.h>
+#include <dect/auth.h>
+#include "common.h"
+
+static const struct dect_ipui *auth_ipui;
+
+static void dect_mm_cipher_ind(struct dect_handle *dh,
+			       struct dect_mm_endpoint *mme,
+			       struct dect_mm_cipher_param *param)
+{
+	struct mm_auth_priv *priv = dect_mm_priv(mme);
+	struct dect_mm_cipher_param reply = {
+		.cipher_info	= param->cipher_info,
+	};
+
+	dect_mm_cipher_res(dh, mme, true, &reply, priv->dck);
+}
+
+static void dect_mm_authenticate_ind(struct dect_handle *dh,
+				     struct dect_mm_endpoint *mme,
+				     struct dect_mm_authenticate_param *param)
+{
+	struct mm_auth_priv *priv = dect_mm_priv(mme);
+	struct dect_ie_auth_res res1;
+	struct dect_mm_authenticate_param reply = {
+		.res	= &res1,
+	};
+	uint8_t uak[DECT_AUTH_KEY_LEN];
+	uint8_t k[DECT_AUTH_KEY_LEN], ks[DECT_AUTH_KEY_LEN];
+	bool accept = false;
+
+	if (dect_read_uak(auth_ipui, uak) < 0)
+		goto out;
+
+	dect_auth_b1(uak, sizeof(uak), k);
+
+	dect_auth_a11(k, param->rs->value, ks);
+	dect_auth_a12(ks, param->rand->value, priv->dck, &res1.value);
+	accept = true;
+out:
+	dect_mm_authenticate_res(dh, mme, accept, &reply);
+}
+
+static struct dect_mm_ops dect_mm_ops;
+
+void dect_pp_auth_init(struct dect_ops *ops, const struct dect_ipui *ipui)
+{
+	struct dect_mm_ops *mm_ops;
+
+	if (!ops->mm_ops)
+		ops->mm_ops = &dect_mm_ops;
+	mm_ops = (struct dect_mm_ops *)ops->mm_ops;
+
+	if (!mm_ops->priv_size)
+		mm_ops->priv_size = sizeof(struct mm_auth_priv);
+	mm_ops->mm_authenticate_ind = dect_mm_authenticate_ind;
+	mm_ops->mm_cipher_ind       = dect_mm_cipher_ind;
+
+	auth_ipui = ipui;
+}