diff options
Diffstat (limited to 'tinySIP/src/authentication/tsip_milenage.c')
-rwxr-xr-x | tinySIP/src/authentication/tsip_milenage.c | 410 |
1 files changed, 208 insertions, 202 deletions
diff --git a/tinySIP/src/authentication/tsip_milenage.c b/tinySIP/src/authentication/tsip_milenage.c index 3fd19e2..0c95e4a 100755 --- a/tinySIP/src/authentication/tsip_milenage.c +++ b/tinySIP/src/authentication/tsip_milenage.c @@ -2,19 +2,19 @@ * Partial Copyright (C) 2010-2011 Mamadou Diop. * * Contact: Mamadou Diop <diopmamadou(at)doubango[dot]org> -* +* * This file is part of Open Source Doubango Framework. * * DOUBANGO is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. -* +* * DOUBANGO is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. -* +* * You should have received a copy of the GNU General Public License * along with DOUBANGO. * @@ -42,7 +42,7 @@ * * This has been coded for clarity, not necessarily for efficiency. * -* The functions f2, f3, f4 and f5 share the same inputs and have +* The functions f2, f3, f4 and f5 share the same inputs and have * been coded together as a single function. f1, f1* and f5* are * all coded separately. * @@ -60,7 +60,8 @@ // 0xff, 0x14, 0xc1, 0xf4, 0x5f, 0x88, 0x73, 0x7d}; /*------- Insert your value of OP here -------*/ uint8_t OP[16] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + }; /*------------------------------------------------------------------- * Algorithm f1 @@ -72,58 +73,58 @@ uint8_t OP[16] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, * *-----------------------------------------------------------------*/ -void f1 ( uint8_t k[16], uint8_t rand[16], uint8_t sqn[6], uint8_t amf[2], - uint8_t mac_a[8] ) +void f1 ( uint8_t k[16], uint8_t rand[16], uint8_t sqn[6], uint8_t amf[2], + uint8_t mac_a[8] ) { - uint8_t op_c[16]; - uint8_t temp[16]; - uint8_t in1[16]; - uint8_t out1[16]; - uint8_t rijndaelInput[16]; - uint8_t i; + uint8_t op_c[16]; + uint8_t temp[16]; + uint8_t in1[16]; + uint8_t out1[16]; + uint8_t rijndaelInput[16]; + uint8_t i; - RijndaelKeySchedule( k ); + RijndaelKeySchedule( k ); - ComputeOPc( op_c ); + ComputeOPc( op_c ); - for (i=0; i<16; i++){ - rijndaelInput[i] = rand[i] ^ op_c[i]; - } - RijndaelEncrypt( rijndaelInput, temp ); + for (i=0; i<16; i++) { + rijndaelInput[i] = rand[i] ^ op_c[i]; + } + RijndaelEncrypt( rijndaelInput, temp ); - for (i=0; i<6; i++){ - in1[i] = sqn[i]; - in1[i+8] = sqn[i]; - } + for (i=0; i<6; i++) { + in1[i] = sqn[i]; + in1[i+8] = sqn[i]; + } - for (i=0; i<2; i++){ - in1[i+6] = amf[i]; - in1[i+14] = amf[i]; - } + for (i=0; i<2; i++) { + in1[i+6] = amf[i]; + in1[i+14] = amf[i]; + } - /* XOR op_c and in1, rotate by r1=64, and XOR * - * on the constant c1 (which is all zeroes) */ + /* XOR op_c and in1, rotate by r1=64, and XOR * + * on the constant c1 (which is all zeroes) */ - for (i=0; i<16; i++){ - rijndaelInput[(i+8) % 16] = in1[i] ^ op_c[i]; - } + for (i=0; i<16; i++) { + rijndaelInput[(i+8) % 16] = in1[i] ^ op_c[i]; + } - /* XOR on the value temp computed before */ + /* XOR on the value temp computed before */ - for (i=0; i<16; i++){ - rijndaelInput[i] ^= temp[i]; - } + for (i=0; i<16; i++) { + rijndaelInput[i] ^= temp[i]; + } - RijndaelEncrypt( rijndaelInput, out1 ); - for (i=0; i<16; i++){ - out1[i] ^= op_c[i]; - } + RijndaelEncrypt( rijndaelInput, out1 ); + for (i=0; i<16; i++) { + out1[i] ^= op_c[i]; + } - for (i=0; i<8; i++){ - mac_a[i] = out1[i]; - } + for (i=0; i<8; i++) { + mac_a[i] = out1[i]; + } - return; + return; } /* end of function f1 */ @@ -138,81 +139,81 @@ void f1 ( uint8_t k[16], uint8_t rand[16], uint8_t sqn[6], uint8_t amf[2], *-----------------------------------------------------------------*/ void f2345 ( uint8_t k[16], uint8_t rand[16], - uint8_t res[8], uint8_t ck[16], uint8_t ik[16], uint8_t ak[6] ) + uint8_t res[8], uint8_t ck[16], uint8_t ik[16], uint8_t ak[6] ) { - uint8_t op_c[16]; - uint8_t temp[16]; - uint8_t out[16]; - uint8_t rijndaelInput[16]; - uint8_t i; - - RijndaelKeySchedule( k ); - - ComputeOPc( op_c ); - - for (i=0; i<16; i++){ - rijndaelInput[i] = rand[i] ^ op_c[i]; - } - RijndaelEncrypt( rijndaelInput, temp ); - - /* To obtain output block OUT2: XOR OPc and TEMP, * - * rotate by r2=0, and XOR on the constant c2 (which * - * is all zeroes except that the last bit is 1). */ - - for (i=0; i<16; i++){ - rijndaelInput[i] = temp[i] ^ op_c[i]; - } - rijndaelInput[15] ^= 1; - - RijndaelEncrypt( rijndaelInput, out ); - for (i=0; i<16; i++){ - out[i] ^= op_c[i]; - } - - for (i=0; i<8; i++){ - res[i] = out[i+8]; - } - for (i=0; i<6; i++){ - ak[i] = out[i]; - } - - /* To obtain output block OUT3: XOR OPc and TEMP, * - * rotate by r3=32, and XOR on the constant c3 (which * - * is all zeroes except that the next to last bit is 1). */ - - for (i=0; i<16; i++){ - rijndaelInput[(i+12) % 16] = temp[i] ^ op_c[i]; - } - rijndaelInput[15] ^= 2; - - RijndaelEncrypt( rijndaelInput, out ); - for (i=0; i<16; i++){ - out[i] ^= op_c[i]; - } - - for (i=0; i<16; i++){ - ck[i] = out[i]; - } - - /* To obtain output block OUT4: XOR OPc and TEMP, * - * rotate by r4=64, and XOR on the constant c4 (which * - * is all zeroes except that the 2nd from last bit is 1). */ - - for (i=0; i<16; i++){ - rijndaelInput[(i+8) % 16] = temp[i] ^ op_c[i]; - } - rijndaelInput[15] ^= 4; - - RijndaelEncrypt( rijndaelInput, out ); - for (i=0; i<16; i++){ - out[i] ^= op_c[i]; - } - - for (i=0; i<16; i++){ - ik[i] = out[i]; - } - - return; + uint8_t op_c[16]; + uint8_t temp[16]; + uint8_t out[16]; + uint8_t rijndaelInput[16]; + uint8_t i; + + RijndaelKeySchedule( k ); + + ComputeOPc( op_c ); + + for (i=0; i<16; i++) { + rijndaelInput[i] = rand[i] ^ op_c[i]; + } + RijndaelEncrypt( rijndaelInput, temp ); + + /* To obtain output block OUT2: XOR OPc and TEMP, * + * rotate by r2=0, and XOR on the constant c2 (which * + * is all zeroes except that the last bit is 1). */ + + for (i=0; i<16; i++) { + rijndaelInput[i] = temp[i] ^ op_c[i]; + } + rijndaelInput[15] ^= 1; + + RijndaelEncrypt( rijndaelInput, out ); + for (i=0; i<16; i++) { + out[i] ^= op_c[i]; + } + + for (i=0; i<8; i++) { + res[i] = out[i+8]; + } + for (i=0; i<6; i++) { + ak[i] = out[i]; + } + + /* To obtain output block OUT3: XOR OPc and TEMP, * + * rotate by r3=32, and XOR on the constant c3 (which * + * is all zeroes except that the next to last bit is 1). */ + + for (i=0; i<16; i++) { + rijndaelInput[(i+12) % 16] = temp[i] ^ op_c[i]; + } + rijndaelInput[15] ^= 2; + + RijndaelEncrypt( rijndaelInput, out ); + for (i=0; i<16; i++) { + out[i] ^= op_c[i]; + } + + for (i=0; i<16; i++) { + ck[i] = out[i]; + } + + /* To obtain output block OUT4: XOR OPc and TEMP, * + * rotate by r4=64, and XOR on the constant c4 (which * + * is all zeroes except that the 2nd from last bit is 1). */ + + for (i=0; i<16; i++) { + rijndaelInput[(i+8) % 16] = temp[i] ^ op_c[i]; + } + rijndaelInput[15] ^= 4; + + RijndaelEncrypt( rijndaelInput, out ); + for (i=0; i<16; i++) { + out[i] ^= op_c[i]; + } + + for (i=0; i<16; i++) { + ik[i] = out[i]; + } + + return; } /* end of function f2345 */ @@ -226,57 +227,57 @@ void f2345 ( uint8_t k[16], uint8_t rand[16], * *-----------------------------------------------------------------*/ -void f1star( uint8_t k[16], uint8_t rand[16], uint8_t sqn[6], uint8_t amf[2], - uint8_t mac_s[8] ) +void f1star( uint8_t k[16], uint8_t rand[16], uint8_t sqn[6], uint8_t amf[2], + uint8_t mac_s[8] ) { - uint8_t op_c[16]; - uint8_t temp[16]; - uint8_t in1[16]; - uint8_t out1[16]; - uint8_t rijndaelInput[16]; - uint8_t i; - - RijndaelKeySchedule( k ); - - ComputeOPc( op_c ); - - for (i=0; i<16; i++){ - rijndaelInput[i] = rand[i] ^ op_c[i]; - } - RijndaelEncrypt( rijndaelInput, temp ); - - for (i=0; i<6; i++){ - in1[i] = sqn[i]; - in1[i+8] = sqn[i]; - } - for (i=0; i<2; i++){ - in1[i+6] = amf[i]; - in1[i+14] = amf[i]; - } - - /* XOR op_c and in1, rotate by r1=64, and XOR * - * on the constant c1 (which is all zeroes) */ - - for (i=0; i<16; i++){ - rijndaelInput[(i+8) % 16] = in1[i] ^ op_c[i]; - } - - /* XOR on the value temp computed before */ - - for (i=0; i<16; i++){ - rijndaelInput[i] ^= temp[i]; - } - - RijndaelEncrypt( rijndaelInput, out1 ); - for (i=0; i<16; i++){ - out1[i] ^= op_c[i]; - } - - for (i=0; i<8; i++){ - mac_s[i] = out1[i+8]; - } - - return; + uint8_t op_c[16]; + uint8_t temp[16]; + uint8_t in1[16]; + uint8_t out1[16]; + uint8_t rijndaelInput[16]; + uint8_t i; + + RijndaelKeySchedule( k ); + + ComputeOPc( op_c ); + + for (i=0; i<16; i++) { + rijndaelInput[i] = rand[i] ^ op_c[i]; + } + RijndaelEncrypt( rijndaelInput, temp ); + + for (i=0; i<6; i++) { + in1[i] = sqn[i]; + in1[i+8] = sqn[i]; + } + for (i=0; i<2; i++) { + in1[i+6] = amf[i]; + in1[i+14] = amf[i]; + } + + /* XOR op_c and in1, rotate by r1=64, and XOR * + * on the constant c1 (which is all zeroes) */ + + for (i=0; i<16; i++) { + rijndaelInput[(i+8) % 16] = in1[i] ^ op_c[i]; + } + + /* XOR on the value temp computed before */ + + for (i=0; i<16; i++) { + rijndaelInput[i] ^= temp[i]; + } + + RijndaelEncrypt( rijndaelInput, out1 ); + for (i=0; i<16; i++) { + out1[i] ^= op_c[i]; + } + + for (i=0; i<8; i++) { + mac_s[i] = out1[i+8]; + } + + return; } /* end of function f1star */ @@ -290,38 +291,42 @@ void f1star( uint8_t k[16], uint8_t rand[16], uint8_t sqn[6], uint8_t amf[2], *-----------------------------------------------------------------*/ void f5star( uint8_t k[16], uint8_t rand[16], - uint8_t ak[6] ) + uint8_t ak[6] ) { - uint8_t op_c[16]; - uint8_t temp[16]; - uint8_t out[16]; - uint8_t rijndaelInput[16]; - uint8_t i; + uint8_t op_c[16]; + uint8_t temp[16]; + uint8_t out[16]; + uint8_t rijndaelInput[16]; + uint8_t i; - RijndaelKeySchedule( k ); + RijndaelKeySchedule( k ); - ComputeOPc( op_c ); + ComputeOPc( op_c ); - for (i=0; i<16; i++) - rijndaelInput[i] = rand[i] ^ op_c[i]; - RijndaelEncrypt( rijndaelInput, temp ); + for (i=0; i<16; i++) { + rijndaelInput[i] = rand[i] ^ op_c[i]; + } + RijndaelEncrypt( rijndaelInput, temp ); - /* To obtain output block OUT5: XOR OPc and TEMP, * - * rotate by r5=96, and XOR on the constant c5 (which * - * is all zeroes except that the 3rd from last bit is 1). */ + /* To obtain output block OUT5: XOR OPc and TEMP, * + * rotate by r5=96, and XOR on the constant c5 (which * + * is all zeroes except that the 3rd from last bit is 1). */ - for (i=0; i<16; i++) - rijndaelInput[(i+4) % 16] = temp[i] ^ op_c[i]; - rijndaelInput[15] ^= 8; + for (i=0; i<16; i++) { + rijndaelInput[(i+4) % 16] = temp[i] ^ op_c[i]; + } + rijndaelInput[15] ^= 8; - RijndaelEncrypt( rijndaelInput, out ); - for (i=0; i<16; i++) - out[i] ^= op_c[i]; + RijndaelEncrypt( rijndaelInput, out ); + for (i=0; i<16; i++) { + out[i] ^= op_c[i]; + } - for (i=0; i<6; i++) - ak[i] = out[i]; + for (i=0; i<6; i++) { + ak[i] = out[i]; + } - return; + return; } /* end of function f5star */ @@ -332,19 +337,20 @@ already been performed. void ComputeOPc( uint8_t op_c[16] ) { - uint8_t i; + uint8_t i; - RijndaelEncrypt( OP, op_c ); - for (i=0; i<16; i++){ - op_c[i] ^= OP[i]; - } + RijndaelEncrypt( OP, op_c ); + for (i=0; i<16; i++) { + op_c[i] ^= OP[i]; + } - return; + return; } /* end of function ComputeOPc */ -void ComputeOP( uint8_t op[16] ){ - int i; - for(i=0;i<16;i++){ - OP[i]=op[i]; - } +void ComputeOP( uint8_t op[16] ) +{ + int i; + for(i=0; i<16; i++) { + OP[i]=op[i]; + } } |