tinySIP/include/tinysip/authentication/tsip_milenage.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189

/*
* Copyright (C) 2010-2011 Mamadou Diop.
*
* Contact: Mamadou Diop <diopmamadou(at)doubango[dot]org>
*	
* This file is part of Open Source Doubango Framework.
*
* DOUBANGO is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*	
* DOUBANGO is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU General Public License for more details.
*	
* You should have received a copy of the GNU General Public License
* along with DOUBANGO.
*
*/

/**@file tsip_milenage.h
 * @brief 3GPP authentication and key agreement functions f1, f1*, f2, f3, f4, f5 and f5*.
 *
 * @section DESCRIPTION
 *
 * @sa 3G Security
 * <a href="http://www.3gpp.org/ftp/Specs/html-info/35205.htm"> 3GPP TS 35.205 </a>
 * <a href="http://www.3gpp.org/ftp/Specs/html-info/35206.htm"> 3GPP TS 35.206 </a>
 * <a href="http://www.3gpp.org/ftp/Specs/html-info/35207.htm"> 3GPP TS 35.207 </a>
 * <a href="http://www.3gpp.org/ftp/Specs/html-info/35208.htm"> 3GPP TS 35.208 </a>
 * <a href="http://www.3gpp.org/ftp/Specs/html-info/35909.htm"> 3GPP TS 35.909 </a>
 *-------------------------------------------------------------------
 *          Example algorithms f1, f1*, f2, f3, f4, f5, f5*
 *-------------------------------------------------------------------
 *
 *  A sample implementation of the example 3GPP authentication and
 *  key agreement functions f1, f1*, f2, f3, f4, f5 and f5*.  This is
 *  a byte-oriented implementation of the functions, and of the block
 *  cipher kernel function Rijndael.
 *
 *  This has been coded for clarity, not necessarily for efficiency.
 *
 *  The functions f2, f3, f4 and f5 share the same inputs and have 
 *  been coded together as a single function.  f1, f1* and f5* are
 *  all coded separately.
 *
 *-----------------------------------------------------------------
 *
 * @author Mamadou Diop <diopmamadou(at)doubango[dot]org>
 *

 */

#ifndef TINYSIP_AUTHENTICATION_MILENAGE_H
#define TINYSIP_AUTHENTICATION_MILENAGE_H

#include "tinysip_config.h"

/**@def AKA_AK_SIZE
 * a 48-bit anonymity key that is the output of either of the functions f5 and f5*. 
 * Defined in 3GPP TS 35.206 subclause 2.3.
 */

TSIP_BEGIN_DECLS

#define AKA_AK_SIZE 6
typedef uint8_t AKA_AK_T[AKA_AK_SIZE + 1];

/**@def AKA_AMF_SIZE
 * 16-bit authentication management field that is an input to the functions f1 and f1*.
 * Defined in 3GPP TS 35.206 subclause 2.3.
 */
#define AKA_AMF_SIZE 2
typedef uint8_t AKA_AMF_T[AKA_AMF_SIZE + 1];

/**@def AKA_CK_SIZE
 * a 128-bit confidentiality key that is the output of the function f3.
 * Defined in 3GPP TS 35.206 subclause 2.3.
 */
#define AKA_CK_SIZE 16
typedef uint8_t AKA_CK_T[AKA_CK_SIZE + 1];

/**@def AKA_IK_SIZE
 * a 128-bit integrity key that is the output of the function f4.
 * Defined in 3GPP TS 35.206 subclause 2.3.
 */
#define AKA_IK_SIZE 16
typedef uint8_t AKA_IK_T[AKA_IK_SIZE + 1];

/**@def AKA_K_SIZE
 * a 128-bit subscriber key that is an input to the functions f1, f1*, f2, f3, f4, f5 and f5*.
 * Defined in 3GPP TS 35.206 subclause 2.3.
 */
#define AKA_K_SIZE 16
typedef uint8_t AKA_K_T[AKA_K_SIZE + 1];

/**@def AKA_MAC_A_SIZE
 * a 64-bit network authentication code that is the output of the function f1. 
 * Defined in 3GPP TS 35.206 subclause 2.3.
 */
#define AKA_MAC_A_SIZE 8
typedef uint8_t AKA_MAC_A_T[AKA_MAC_A_SIZE + 1];

/**@def AKA_MAC_S_SIZE
 * a 64-bit network authentication code that is the output of the function f1*.
 * Defined in 3GPP TS 35.206 subclause 2.3.
 */
#define AKA_MAC_S_SIZE 8
typedef uint8_t AKA_MAC_S_T[AKA_MAC_S_SIZE + 1];

/**@def AKA_OP_SIZE
 * a 128-bit Operator Variant Algorithm Configuration Field that is a component of the functions f1, f1*, f2, f3, f4, f5 and f5*.
 * Defined in 3GPP TS 35.206 subclause 2.3.
 */
#define AKA_OP_SIZE 16
typedef uint8_t AKA_OP_T[AKA_OP_SIZE + 1];

/**@def AKA_OPC_SIZE
 * a 128-bit value derived from OP and K and used within the computation of the functions.
 * Defined in 3GPP TS 35.206 subclause 2.3.
 */
#define AKA_OPC_SIZE 16
typedef uint8_t AKA_OPC_T[AKA_OPC_SIZE + 1];

/**@def AKA_RAND_SIZE
 * a 128-bit random challenge that is an input to the functions f1, f1*, f2, f3, f4, f5 and f5*.
 * Defined in 3GPP TS 35.206 subclause 2.3.
 */
#define AKA_RAND_SIZE 16
typedef uint8_t AKA_RAND_T[AKA_RAND_SIZE + 1];

/**@def AKA_RES_SIZE
 * a 64-bit signed response that is the output of the function f2.
 * Defined in 3GPP TS 35.206 subclause 2.3.
 */
#define AKA_RES_SIZE 8
typedef uint8_t AKA_RES_T[AKA_RES_SIZE + 1];
	
/**@def AKA_SQN_SIZE
 * a 48-bit sequence number that is an input to either of the functions f1 and f1*.  (For f1* this input is more precisely called SQNMS.)
 * Defined in 3GPP TS 35.206 subclause 2.3.
 */
#define AKA_SQN_SIZE 6
typedef uint8_t AKA_SQN_T[AKA_SQN_SIZE + 1];

/**@def AKA_TEMP_SIZE
 * a 128-bit value used within the computation of the functions.
 * Defined in 3GPP TS 35.206 subclause 2.3.
 */
#define AKA_TEMP_SIZE 16
typedef uint8_t AKA_TEMP_T[AKA_TEMP_SIZE + 1];

/**@def AKA_AUTS_SIZE
* Authentication Token.  A 112 bit value generated by the client
      upon experiencing an SQN synchronization failure.
* Defined in RFC 3310 subclause 3.4
*/
#define AKA_AUTS_SIZE 14
typedef uint8_t AKA_AUTS_T[AKA_AUTS_SIZE + 1];

/**@def AKA_AUTN_SIZE
* Authentication Token.  A 128 bit value generated by the AuC, which
      together with the RAND parameter authenticates the server to the client.
* Defined in RFC 3310 subclause 3.4
*/
#define AKA_AUTN_SIZE 16
typedef uint8_t AKA_AUTN_T[AKA_AUTN_SIZE + 1];

#define AKA_XXX_DECLARE(name) AKA_##name##_T name
#define AKA_XXX_BZERO(name)	memset(name, '\0', AKA_##name##_SIZE + 1)

void f1    ( uint8_t k[16], uint8_t rand[16], uint8_t sqn[6], uint8_t amf[2],
             uint8_t mac_a[8] );
void f2345 ( uint8_t k[16], uint8_t rand[16],
             uint8_t res[8], uint8_t ck[16], uint8_t ik[16], uint8_t ak[6] );
void f1star( uint8_t k[16], uint8_t rand[16], uint8_t sqn[6], uint8_t amf[2], 
             uint8_t mac_s[8] );
void f5star( uint8_t k[16], uint8_t rand[16],
             uint8_t ak[6] );
void ComputeOPc( uint8_t op_c[16] );
void ComputeOP( uint8_t op[16] );


TSIP_END_DECLS

#endif /* TINYSIP_AUTHENTICATION_MILENAGE_H */