OPc in database (computed by HSS if OP provided)

git-svn-id: http://svn.eurecom.fr/openair4G/trunk@7476 818b1a75-f10b-46b9-bf7c-635c3b92a50f

openair-cn/OPENAIRHSS/auc/auc.h

@@ -50,7 +50,7 @@ extern uint8_t opc[16];
 typedef mpz_t random_t;
 typedef mpz_t sqn_t;
 
-typedef uint8_t u8;
+typedef uint8_t uint8_t;
 
 typedef struct {
   uint8_t rand[16];
@@ -60,8 +60,8 @@ typedef struct {
   uint8_t kasme[32];
 } auc_vector_t;
 
-void RijndaelKeySchedule(const u8 const key[16]);
-void RijndaelEncrypt(const u8 const in[16], u8 out[16]);
+void RijndaelKeySchedule(const uint8_t const key[16]);
+void RijndaelEncrypt(const uint8_t const in[16], uint8_t out[16]);
 
 /* Sequence number functions */
 struct sqn_ue_s;
@@ -77,19 +77,21 @@ struct random_state_s;
 void random_init(void);
 void generate_random(uint8_t *random, ssize_t length);
 
-void SetOP(char *opP);
+//void SetOP(char *opP);
 
-void f1 ( const u8 const k[16], const u8 const rand[16], const u8 const sqn[6], const u8 const amf[2],
-          u8 mac_a[8] );
-void f1star( const u8 const k[16], const u8 const rand[16], const u8 const sqn[6], const u8 const amf[2],
-             u8 mac_s[8] );
-void f2345 ( const u8 const k[16], const u8 const rand[16],
-             u8 res[8], u8 ck[16], u8 ik[16], u8 ak[6] );
-void f5star( const u8 const k[16], const u8 const rand[16],
-             u8 ak[6] );
+void ComputeOPc( const uint8_t const kP[16], const uint8_t const opP[16], uint8_t opcP[16] );
 
-void generate_autn(const u8 const sqn[6], const u8 const ak[6], const u8 const amf[2], const u8 const mac_a[8], u8 autn[16]);
-int generate_vector(uint64_t imsi, uint8_t key[16], uint8_t plmn[3],
+void f1 ( const uint8_t const kP[16],const uint8_t const k[16], const uint8_t const rand[16], const uint8_t const sqn[6], const uint8_t const amf[2],
+          uint8_t mac_a[8] );
+void f1star( const uint8_t const kP[16],const uint8_t const k[16], const uint8_t const rand[16], const uint8_t const sqn[6], const uint8_t const amf[2],
+             uint8_t mac_s[8] );
+void f2345 ( const uint8_t const kP[16],const uint8_t const k[16], const uint8_t const rand[16],
+             uint8_t res[8], uint8_t ck[16], uint8_t ik[16], uint8_t ak[6] );
+void f5star( const uint8_t const kP[16],const uint8_t const k[16], const uint8_t const rand[16],
+             uint8_t ak[6] );
+
+void generate_autn(const uint8_t const sqn[6], const uint8_t const ak[6], const uint8_t const amf[2], const uint8_t const mac_a[8], uint8_t autn[16]);
+int generate_vector(const uint8_t const opc[16], uint64_t imsi, uint8_t key[16], uint8_t plmn[3],
                     uint8_t sqn[6], auc_vector_t *vector);
 
 void kdf(uint8_t *key, uint16_t key_len, uint8_t *s, uint16_t s_len, uint8_t *out,
@@ -98,7 +100,7 @@ void kdf(uint8_t *key, uint16_t key_len, uint8_t *s, uint16_t s_len, uint8_t *ou
 void derive_kasme(uint8_t ck[16], uint8_t ik[16], uint8_t plmn[3], uint8_t sqn[6],
                   uint8_t ak[6], uint8_t kasme[32]);
 
-uint8_t *sqn_ms_derive(uint8_t *key, uint8_t *auts, uint8_t *rand);
+uint8_t *sqn_ms_derive(const uint8_t const opc[16], uint8_t *key, uint8_t *auts, uint8_t *rand);
 
 static inline void print_buffer(const char *prefix, uint8_t *buffer, int length)
 {

openair-cn/OPENAIRHSS/auc/fx.c

@@ -26,36 +26,16 @@
 extern hss_config_t hss_config;
 
 /*--------- Operator Variant Algorithm Configuration Field --------*/
-/*------- Insert your value of OP here -------*/
-extern uint8_t opc[16];
-extern uint8_t op[16];
+
 
 /*--------------------------- prototypes --------------------------*/
-void ComputeOPc( u8 opP[16] );
 
-void SetOP(char *opP)
-{
-    int ret = sscanf(opP,
-                 "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
-                 (unsigned int*)&op[0],(unsigned int*)&op[1],
-                 (unsigned int*)&op[2],(unsigned int*)&op[3],
-                 (unsigned int*)&op[4],(unsigned int*)&op[5],
-                 (unsigned int*)&op[6],(unsigned int*)&op[7],
-                 (unsigned int*)&op[8],(unsigned int*)&op[9],
-                 (unsigned int*)&op[10],(unsigned int*)&op[11],
-                 (unsigned int*)&op[12],(unsigned int*)&op[13],
-                 (unsigned int*)&op[14],(unsigned int*)&op[15]);
-    if (ret != 16) {
-      fprintf(stderr,
-              "Error in operator key\n");
-      abort();
-    }
-    printf("SetOP: OP : %02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X\n",
-		  op[0],op[1],op[2],op[3],op[4],op[5],op[6],op[7],
-		  op[8],op[9],op[10],op[11],op[12],op[13],op[14],op[15]);
-}
 
-void generate_autn(const u8 const sqn[6], const u8 const ak[6], const u8 const amf[2], const u8 const mac_a[8], u8 autn[16])
+/*-------------------------------------------------------------------
+ *
+ *-------------------------------------------------------------------
+ *-----------------------------------------------------------------*/
+void generate_autn(const uint8_t const sqn[6], const uint8_t const ak[6], const uint8_t const amf[2], const uint8_t const mac_a[8], uint8_t autn[16])
 {
   int i;
 
@@ -76,19 +56,20 @@ void generate_autn(const u8 const sqn[6], const u8 const ak[6], const u8 const a
  * field AMF.
  *
  *-----------------------------------------------------------------*/
-void f1 ( const u8 const k[16], const u8 const _rand[16], const u8 const sqn[6], const u8 const amf[2],
-          u8 mac_a[8] )
+void f1 ( const uint8_t const opc[16], const uint8_t const k[16], const uint8_t const _rand[16], const uint8_t const sqn[6], const uint8_t const amf[2],
+          uint8_t mac_a[8] )
 {
-  u8 temp[16];
-  u8 in1[16];
-  u8 out1[16];
-  u8 rijndaelInput[16];
-  u8 i;
+  uint8_t temp[16];
+  uint8_t in1[16];
+  uint8_t out1[16];
+  uint8_t rijndaelInput[16];
+  uint8_t i;
   RijndaelKeySchedule( k );
-  if (hss_config.valid_opc == 0) {
+  /*
+  if (hss_config.valid_op > 0) {
 	SetOP(hss_config.operator_key);
     ComputeOPc( opc );
-  }
+  }*/
 
   for (i=0; i<16; i++)
     rijndaelInput[i] = _rand[i] ^ opc[i];
@@ -133,18 +114,19 @@ void f1 ( const u8 const k[16], const u8 const _rand[16], const u8 const sqn[6],
  * confidentiality key CK, integrity key IK and anonymity key AK.
  *
  *-----------------------------------------------------------------*/
-void f2345 ( const u8 const k[16], const u8 const _rand[16],
-             u8 res[8], u8 ck[16], u8 ik[16], u8 ak[6] )
+void f2345 ( const uint8_t const opc[16], const uint8_t const k[16], const uint8_t const _rand[16],
+             uint8_t res[8], uint8_t ck[16], uint8_t ik[16], uint8_t ak[6] )
 {
-  u8 temp[16];
-  u8 out[16];
-  u8 rijndaelInput[16];
-  u8 i;
+  uint8_t temp[16];
+  uint8_t out[16];
+  uint8_t rijndaelInput[16];
+  uint8_t i;
   RijndaelKeySchedule( k );
-  if (hss_config.valid_opc == 0) {
+
+  /*if (hss_config.valid_op > 0) {
     SetOP(hss_config.operator_key);
     ComputeOPc( opc );
-  }
+  }*/
 
   for (i=0; i<16; i++)
     rijndaelInput[i] = _rand[i] ^ opc[i];
@@ -212,23 +194,23 @@ void f2345 ( const u8 const k[16], const u8 const _rand[16],
  * field AMF.
  *
  *-----------------------------------------------------------------*/
-void f1star( const u8 const k[16], const u8 const _rand[16], const u8 const sqn[6], const u8 const amf[2],
-             u8 mac_s[8] )
+void f1star( const uint8_t const opc[16], const uint8_t const k[16], const uint8_t const _rand[16], const uint8_t const sqn[6], const uint8_t const amf[2],
+             uint8_t mac_s[8] )
 {
-  u8 temp[16];
-  u8 in1[16];
-  u8 out1[16];
-  u8 rijndaelInput[16];
-  u8 i;
+  uint8_t temp[16];
+  uint8_t in1[16];
+  uint8_t out1[16];
+  uint8_t rijndaelInput[16];
+  uint8_t i;
   RijndaelKeySchedule( k );
-  if (hss_config.valid_opc == 0) {
+  /*if (hss_config.valid_opc == 0) {
 	SetOP(hss_config.operator_key);
     ComputeOPc( opc );
   } else {
 	  printf("Using opc:  %02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X\n",
 		         opc[0],opc[1],opc[2],opc[3],opc[4],opc[5],opc[6],opc[7],
 		         opc[8],opc[9],opc[10],opc[11],opc[12],opc[13],opc[14],opc[15] );
-  }
+  }*/
 
   for (i=0; i<16; i++)
     rijndaelInput[i] = _rand[i] ^ opc[i];
@@ -273,23 +255,23 @@ void f1star( const u8 const k[16], const u8 const _rand[16], const u8 const sqn[
  * anonymity key AK.
  *
  *-----------------------------------------------------------------*/
-void f5star( const u8 const k[16], const u8 const _rand[16],
-             u8 ak[6] )
+void f5star( const uint8_t const opc[16], const uint8_t const k[16], const uint8_t const _rand[16],
+             uint8_t ak[6] )
 {
-  u8 temp[16];
-  u8 out[16];
-  u8 rijndaelInput[16];
-  u8 i;
+  uint8_t temp[16];
+  uint8_t out[16];
+  uint8_t rijndaelInput[16];
+  uint8_t i;
 
   RijndaelKeySchedule( k );
-  if (hss_config.valid_opc == 0) {
+  /*if (hss_config.valid_opc == 0) {
 	SetOP(hss_config.operator_key);
     ComputeOPc(opc);
   } else {
 	  printf("Using OPc: %02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X\n",
 			  opc[0],opc[1],opc[2],opc[3],opc[4],opc[5],opc[6],opc[7],
 			  opc[8],opc[9],opc[10],opc[11],opc[12],opc[13],opc[14],opc[15]);
-  }
+  }*/
 
   for (i=0; i<16; i++)
     rijndaelInput[i] = _rand[i] ^ opc[i];
@@ -315,22 +297,25 @@ void f5star( const u8 const k[16], const u8 const _rand[16],
 } /* end of function f5star */
 
 /*-------------------------------------------------------------------
- * Function to compute OPc from OP and K. Assumes key schedule has
- * already been performed.
+ * Function to compute OPc from OP and K.
  *-----------------------------------------------------------------*/
-void ComputeOPc( u8 opcP[16] )
+void ComputeOPc( const uint8_t const kP[16], const uint8_t const opP[16], uint8_t opcP[16] )
 {
-  u8 i;
-
-  RijndaelEncrypt( op, opcP );
-  printf("Compute opc:\n\tIn:\t%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X\n\tRinj:\t%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X\n",
-		  op[0],op[1],op[2],op[3],op[4],op[5],op[6],op[7],
-		  op[8],op[9],op[10],op[11],op[12],op[13],op[14],op[15],
+  uint8_t i;
+
+  RijndaelKeySchedule( kP );
+  printf("Compute opc:\n\tK:\t%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X\n",
+		  kP[0],kP[1],kP[2],kP[3],kP[4],kP[5],kP[6],kP[7],
+		  kP[8],kP[9],kP[10],kP[11],kP[12],kP[13],kP[14],kP[15]);
+  RijndaelEncrypt( opP, opcP );
+  printf("\tIn:\t%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X\n\tRinj:\t%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X\n",
+		  opP[0],opP[1],opP[2],opP[3],opP[4],opP[5],opP[6],opP[7],
+		  opP[8],opP[9],opP[10],opP[11],opP[12],opP[13],opP[14],opP[15],
 	      opcP[0],opcP[1],opcP[2],opcP[3],opcP[4],opcP[5],opcP[6],opcP[7],
 	      opcP[8],opcP[9],opcP[10],opcP[11],opcP[12],opcP[13],opcP[14],opcP[15] );
 
   for (i=0; i<16; i++)
-	  opcP[i] ^= op[i];
+	  opcP[i] ^= opP[i];
   printf("\tOut:\t%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X\n",
 	         opcP[0],opcP[1],opcP[2],opcP[3],opcP[4],opcP[5],opcP[6],opcP[7],
 	         opcP[8],opcP[9],opcP[10],opcP[11],opcP[12],opcP[13],opcP[14],opcP[15] );

openair-cn/OPENAIRHSS/auc/kdf.c

@@ -41,15 +41,6 @@
 #define DEBUG_AUC_KDF 1
 extern hss_config_t hss_config;
 
-uint8_t opc[16] = {
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-};
-uint8_t op[16] = {
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-};
-
 /*
  * @param key the input key
  * @param key_len length of the key
@@ -93,9 +84,9 @@ void derive_kasme(uint8_t ck[16], uint8_t ik[16], uint8_t plmn[3], uint8_t sqn[6
   memcpy(&key[0], ck, 16);
   memcpy(&key[16], ik, 16);
 
-  if (hss_config.valid_opc == 0) {
+  /*if (hss_config.valid_opc == 0) {
     SetOP(hss_config.operator_key);
-  }
+  }*/
 
   /* FC */
   s[0] = 0x10;
@@ -137,7 +128,7 @@ void derive_kasme(uint8_t ck[16], uint8_t ik[16], uint8_t plmn[3], uint8_t sqn[6
   kdf(key, 32, s, 14, kasme, 32);
 }
 
-int generate_vector(uint64_t imsi, uint8_t key[16], uint8_t plmn[3],
+int generate_vector(const uint8_t const opc[16], uint64_t imsi, uint8_t key[16], uint8_t plmn[3],
                     uint8_t sqn[6], auc_vector_t *vector)
 {
   /* in E-UTRAN an authentication vector is composed of:
@@ -147,7 +138,8 @@ int generate_vector(uint64_t imsi, uint8_t key[16], uint8_t plmn[3],
    * - KASME
    */
 
-  uint8_t amf[] = { 0x80, 0x00 };
+  //uint8_t amf[] = { 0x80, 0x00 };
+  uint8_t amf[] = { 0x90, 0x01 };
   uint8_t mac_a[8];
   uint8_t ck[16];
   uint8_t ik[16];
@@ -158,14 +150,14 @@ int generate_vector(uint64_t imsi, uint8_t key[16], uint8_t plmn[3],
   }
 
   /* Compute MAC */
-  f1(key, vector->rand, sqn, amf, mac_a);
+  f1(opc, key, vector->rand, sqn, amf, mac_a);
 
   print_buffer("MAC_A   : ", mac_a, 8);
   print_buffer("SQN     : ", sqn, 6);
   print_buffer("RAND    : ", vector->rand, 16);
 
   /* Compute XRES, CK, IK, AK */
-  f2345(key, vector->rand, vector->xres, ck, ik, ak);
+  f2345(opc, key, vector->rand, vector->xres, ck, ik, ak);
   print_buffer("AK      : ", ak, 6);
   print_buffer("CK      : ", ck, 16);
   print_buffer("IK      : ", ik, 16);

openair-cn/OPENAIRHSS/auc/random.c

@@ -35,6 +35,7 @@
 #include <sys/time.h>
 
 #include "auc.h"
+#include "hss_config.h"
 
 typedef struct random_state_s {
   pthread_mutex_t lock;
@@ -42,6 +43,7 @@ typedef struct random_state_s {
 } random_state_t;
 
 random_state_t random_state;
+extern hss_config_t hss_config;
 
 void random_init(void)
 {
@@ -70,13 +72,18 @@ void generate_random(uint8_t *random_p, ssize_t length)
 
   //    mpz_export(random_p, NULL, 1, length, 0, 0, random_nb);
   int i;//r = 0,  mask = 0, shift;
-
-  for (i = 0; i < length; i ++) {
+  if (hss_config.random_bool > 0) {
+    for (i = 0; i < length; i ++) {
     //        if ((i % sizeof(i)) == 0)
     //            r = rand();
     //        shift = 8 * (i % sizeof(i));
     //        mask = 0xFF << shift;
     //        random_p[i] = (r & mask) >> shift;
-    random_p[i] = rand();
+	  random_p[i] = rand();
+    }
+  } else {
+    for (i = 0; i < length; i ++) {
+	  random_p[i] = 0;
+	}
   }
 }

openair-cn/OPENAIRHSS/auc/sequence_number.c

@@ -37,7 +37,7 @@
 extern hss_config_t hss_config;
 extern uint8_t op[16];
 
-uint8_t *sqn_ms_derive(uint8_t *key, uint8_t *auts, uint8_t *rand_p)
+uint8_t *sqn_ms_derive(const uint8_t const opc[16], uint8_t *key, uint8_t *auts, uint8_t *rand_p)
 {
   /* AUTS = Conc(SQN MS ) || MAC-S
    * Conc(SQN MS ) = SQN MS ^ f5* (RAND)
@@ -56,12 +56,12 @@ uint8_t *sqn_ms_derive(uint8_t *key, uint8_t *auts, uint8_t *rand_p)
 
   sqn_ms = malloc(SQN_LENGTH_OCTEST);
 
-  if (hss_config.valid_opc == 0) {
+  /*if (hss_config.valid_opc == 0) {
     SetOP(hss_config.operator_key);
-  }
+  }*/
 
   /* Derive AK from key and rand */
-  f5star(key, rand_p, ak);
+  f5star(opc, key, rand_p, ak);
 
   for (i = 0; i < 6; i++) {
     sqn_ms[i] = ak[i] ^ conc_sqn_ms[i];
@@ -74,7 +74,7 @@ uint8_t *sqn_ms_derive(uint8_t *key, uint8_t *auts, uint8_t *rand_p)
   print_buffer("sqn_ms_derive() SQN_MS : ", sqn_ms, 6);
   print_buffer("sqn_ms_derive() MAC_S  : ", mac_s, 8);
 
-  f1star(key, rand_p, sqn_ms, amf, mac_s_computed);
+  f1star(opc, key, rand_p, sqn_ms, amf, mac_s_computed);
 
   print_buffer("MAC_S +: ", mac_s_computed, 8);
 

openair-cn/OPENAIRHSS/conf/hss.conf.in

@@ -6,7 +6,6 @@ MYSQL_db     = "@MYSQL_db@";
 
 ## HSS options
 OPERATOR_key = "@OPERATOR_key@";
-OPERATOR_ckey = "@OPERATOR_ckey@";
 
 ## Freediameter options
 FD_conf = "@FREEDIAMETER_PATH@/../etc/freeDiameter/hss_fd.conf";

openair-cn/OPENAIRHSS/db/db_connector.c

@@ -42,6 +42,9 @@
 #include "hss_config.h"
 #include "db_proto.h"
 
+extern void ComputeOPc( const uint8_t const kP[16], const uint8_t const opP[16], uint8_t opcP[16] );
+
+
 database_t *db_desc;
 
 static void print_buffer(const char *prefix, uint8_t *buffer, int length)
@@ -519,7 +522,7 @@ int hss_mysql_auth_info(mysql_auth_info_req_t  *auth_info_req,
     return EINVAL;
   }
 
-  sprintf(query, "SELECT `key`,`sqn`,`rand` FROM `users` WHERE `users`.`imsi`=%s ",
+  sprintf(query, "SELECT `key`,`sqn`,`rand`,`OPc` FROM `users` WHERE `users`.`imsi`=%s ",
           auth_info_req->imsi);
 
   DB_DEBUG("Query: %s\n", query);
@@ -539,7 +542,7 @@ int hss_mysql_auth_info(mysql_auth_info_req_t  *auth_info_req,
   pthread_mutex_unlock(&db_desc->db_cs_mutex);
 
   if ((row = mysql_fetch_row(res)) != NULL) {
-    if (row[0] == NULL || row[1] == NULL || row[2] == NULL) {
+    if (row[0] == NULL || row[1] == NULL || row[2] == NULL || row[3] == NULL) {
       ret = EINVAL;
     }
 
@@ -569,6 +572,11 @@ int hss_mysql_auth_info(mysql_auth_info_req_t  *auth_info_req,
       memcpy(auth_info_resp->rand, row[2], RAND_LENGTH);
     }
 
+    if (row[3] != NULL) {
+        print_buffer("OPc: ", (uint8_t*)row[3], KEY_LENGTH);
+        memcpy(auth_info_resp->opc, row[3], KEY_LENGTH);
+    }
+
     mysql_free_result(res);
     mysql_thread_end();
     return ret;
@@ -579,3 +587,115 @@ int hss_mysql_auth_info(mysql_auth_info_req_t  *auth_info_req,
 
   return EINVAL;
 }
+
+int hss_mysql_check_opc_keys(const uint8_t const opP[16])
+{
+  int        ret   = 0;
+  MYSQL_RES *res   = NULL;
+  MYSQL_RES *res2  = NULL;
+  MYSQL_ROW  row;
+  char       query[1000];
+  char       update[1000];
+  uint8_t    k[16];
+  uint8_t    opc[16];
+  int        update_length = 0;
+  int        status        = 0;
+  int        i;
+
+  if (db_desc->db_conn == NULL) {
+	return EINVAL;
+  }
+
+  sprintf(query, "SELECT `imsi`,`key`,`OPc` FROM `users` ");
+
+  DB_DEBUG("Query: %s\n", query);
+
+  pthread_mutex_lock(&db_desc->db_cs_mutex);
+
+  if (mysql_query(db_desc->db_conn, query)) {
+	pthread_mutex_unlock(&db_desc->db_cs_mutex);
+	DB_ERROR("Query execution failed: %s\n",
+			 mysql_error(db_desc->db_conn));
+	mysql_thread_end();
+	return EINVAL;
+  }
+
+  res = mysql_store_result(db_desc->db_conn);
+
+  pthread_mutex_unlock(&db_desc->db_cs_mutex);
+
+
+  while ((row = mysql_fetch_row(res))) {
+    if (row[0] == NULL || row[1] == NULL ) {
+      DB_ERROR("Query execution failed: %s\n",
+    				 mysql_error(db_desc->db_conn));
+      ret = EINVAL;
+    } else {
+	  if (row[0] != NULL) {
+	    printf("IMSI: %s", (uint8_t*)row[0]);
+	  }
+	  if (row[1] != NULL) {
+	    print_buffer("Key: ", (uint8_t*)row[1], KEY_LENGTH);
+        memcpy(k, row[1], KEY_LENGTH);
+      }
+	  //if (row[3] != NULL)
+	  {
+	    print_buffer("OPc: ", (uint8_t*)row[2], KEY_LENGTH);
+	  //} else {
+	    ComputeOPc( k, opP, opc);
+	    update_length = sprintf(update, "UPDATE `users` SET `OPc`=UNHEX('");
+	    for (i = 0; i < KEY_LENGTH; i ++) {
+	    	update_length += sprintf(&update[update_length], "%02x", opc[i]);
+	    }
+	    update_length += sprintf(&update[update_length], "') WHERE `users`.`imsi`='%s'", (uint8_t*)row[0]);
+	    DB_DEBUG("Query: %s\n", update);
+
+	    if (mysql_query(db_desc->db_conn, update)) {
+	      DB_ERROR("Query execution failed: %s\n",
+	               mysql_error(db_desc->db_conn));
+	    } else {
+	        printf("IMSI %s Updated OPc ", (uint8_t*)row[0]);
+		    for (i = 0; i < KEY_LENGTH; i ++) {
+		    	printf("%02x", (uint8_t)(row[2][i]));
+		    }
+	        printf(" -> ");
+		    for (i = 0; i < KEY_LENGTH; i ++) {
+		    	printf("%02x", opc[i]);
+		    }
+	        printf("\n");
+
+	      /* process each statement result */
+	      do {
+	        /* did current statement return data? */
+	        res2 = mysql_store_result(db_desc->db_conn);
+
+	        if (res2) {
+	          /* yes; process rows and free the result set */
+	          mysql_free_result(res2);
+	        } else {      /* no result set or error */
+	          if (mysql_field_count(db_desc->db_conn) == 0) {
+	            DB_ERROR("%lld rows affected\n",
+	                   mysql_affected_rows(db_desc->db_conn));
+	          } else { /* some error occurred */
+	            DB_ERROR("Could not retrieve result set\n");
+	            break;
+	          }
+	        }
+
+	        /* more results? -1 = no, >0 = error, 0 = yes (keep looping) */
+	        if ((status = mysql_next_result(db_desc->db_conn)) > 0)
+	          DB_ERROR("Could not execute statement\n");
+	      } while (status == 0);
+	    }
+	  }
+    }
+  }
+
+  mysql_free_result(res);
+  mysql_thread_end();
+
+  return ret;
+
+}
+
+

openair-cn/OPENAIRHSS/db/db_proto.h

@@ -72,26 +72,33 @@ typedef struct {
 #define SQN_LENGTH  (6)
 #define RAND_LENGTH (16)
 
-typedef struct {
+typedef struct mysql_auth_info_resp_s{
   uint8_t key[KEY_LENGTH];
   uint8_t sqn[SQN_LENGTH];
   /* RAND should not be here... */
   uint8_t rand[RAND_LENGTH];
+  uint8_t opc[KEY_LENGTH];
 } mysql_auth_info_resp_t;
 
-typedef struct {
+typedef struct mysql_opc_push_s{
+  char imsi[IMSI_LENGTH_MAX + 1];
+  /* New computed SQN that will be used on next auth info req */
+  uint8_t sqn[SQN_LENGTH];
+} mysql_opc_push_t;
+
+typedef struct mysql_sqn_push_s{
   char imsi[IMSI_LENGTH_MAX + 1];
   /* New computed SQN that will be used on next auth info req */
   uint8_t sqn[SQN_LENGTH];
 } mysql_sqn_push_t;
 
-typedef struct {
+typedef struct mysql_mme_identity_s{
   /* An MME may have already been registered as serving the UE. */
   char mme_host[255];
   char mme_realm[200];
 } mysql_mme_identity_t;
 
-typedef struct {
+typedef struct mysql_ul_ans_s{
   char imsi[16];
   /* MSISDN this parameter may be NULL */
   char msisdn[16];
@@ -107,7 +114,7 @@ typedef struct {
   mysql_mme_identity_t mme_identity;
 } mysql_ul_ans_t;
 
-typedef struct {
+typedef struct mysql_ul_push_s{
   /* Bit masks indicating presence of optional fields */
 #define MME_IDENTITY_PRESENT           (0x1)
 #define MME_SUPPORTED_FEATURES_PRESENT (0x1)
@@ -140,12 +147,12 @@ typedef enum {
   IPV4_OR_IPV6 = 3,
 } pdn_type_t;
 
-typedef struct {
+typedef struct pdn_address_s{
   char ipv4_address[INET_ADDRSTRLEN];
   char ipv6_address[INET6_ADDRSTRLEN];
 } pdn_address_t;
 
-typedef struct {
+typedef struct mysql_pdn_s{
   char          apn[61];
   pdn_type_t    pdn_type;
   pdn_address_t pdn_address;
@@ -157,7 +164,7 @@ typedef struct {
   pre_emp_vul_t pre_emp_vul;
 } mysql_pdn_t;
 
-typedef struct {
+typedef struct mysql_pu_req_s{
   /* IMSI */
   char imsi[16];
 } mysql_pu_req_t;
@@ -193,4 +200,7 @@ int hss_mysql_push_rand_sqn(const char *imsi, uint8_t *rand_p, uint8_t *sqn);
 
 int hss_mysql_increment_sqn(const char *imsi);
 
+int hss_mysql_check_opc_keys(const uint8_t const opP[16]);
+
+
 #endif /* DB_PROTO_H_ */

openair-cn/OPENAIRHSS/db/oai_db.sql

@@ -3,7 +3,7 @@
 -- http://www.phpmyadmin.net
 --
 -- Host: localhost
--- Generation Time: May 04, 2015 at 10:41 AM
+-- Generation Time: May 28, 2015 at 02:32 PM
 -- Server version: 5.5.43-0ubuntu0.14.04.1
 -- PHP Version: 5.5.9-1ubuntu4.9
 
@@ -80,22 +80,19 @@ CREATE TABLE IF NOT EXISTS `pdn` (
   PRIMARY KEY (`id`,`pgw_id`,`users_imsi`),
   KEY `fk_pdn_pgw1_idx` (`pgw_id`),
   KEY `fk_pdn_users1_idx` (`users_imsi`)
-) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=19 ;
+) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=36 ;
 
 --
 -- Dumping data for table `pdn`
 --
 
 INSERT INTO `pdn` (`id`, `apn`, `pdn_type`, `pdn_ipv4`, `pdn_ipv6`, `aggregate_ambr_ul`, `aggregate_ambr_dl`, `pgw_id`, `users_imsi`, `qci`, `priority_level`, `pre_emp_cap`, `pre_emp_vul`, `LIPA-Permissions`) VALUES
-(18, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '208930000000001', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
-(1, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '20834123456789', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
-(8, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '208920000000008', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
-(9, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '208920000000009', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
+(1, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '208930000000001', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
+(11, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '20834123456789', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
 (10, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '20810000001234', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
-(11, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '208920000000053', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
-(12, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '208920000000055', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
-(13, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '31002890832150', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
-(16, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '208920000000054', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only');
+(12, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '31002890832150', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
+(2, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '208950000000002', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
+(3, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '001010123456789', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only');
 
 -- --------------------------------------------------------
 
@@ -156,6 +153,7 @@ CREATE TABLE IF NOT EXISTS `users` (
   `urrp_mme` tinyint(1) NOT NULL DEFAULT '0' COMMENT 'UE Reachability Request Parameter indicating that UE activity notification from MME has been requested by the HSS.',
   `sqn` bigint(20) unsigned zerofill NOT NULL,
   `rand` varbinary(16) NOT NULL,
+  `OPc` varbinary(16) DEFAULT NULL COMMENT 'Can be computed by HSS',
   PRIMARY KEY (`imsi`,`mmeidentity_idmmeidentity`),
   KEY `fk_users_mmeidentity_idx1` (`mmeidentity_idmmeidentity`)
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1;
@@ -164,17 +162,13 @@ CREATE TABLE IF NOT EXISTS `users` (
 -- Dumping data for table `users`
 --
 
-INSERT INTO `users` (`imsi`, `msisdn`, `imei`, `imei_sv`, `ms_ps_status`, `rau_tau_timer`, `ue_ambr_ul`, `ue_ambr_dl`, `access_restriction`, `mme_cap`, `mmeidentity_idmmeidentity`, `key`, `RFSP-Index`, `urrp_mme`, `sqn`, `rand`) VALUES
-('20834123456789', '380561234567', '12345678', '23', 'PURGED', 50, 40000000, 100000000, 47, 0000000000, 2, '+Eų\0,IHH', 0, 0, 00000000000000000096, 'PxX
 \Z1x'),
-('208920000000008', '33638060008', NULL, NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/Д	|hb', 1, 0, 00000000004294969388, 'Ij>OOK)'),
-('208920000000009', '33638060009', NULL, NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/ДWdiHC׾', 1, 0, 00000000000000033361, '\ZM{h#\\*l'),
-('20810000001234', '33611123456', NULL, NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/Д	|hb', 1, 0, 00000281454575616097, 's$rCf=:x'),
-('208920000000053', '33638060053', '35611302209415', NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/Д6`FB&w', 1, 0, 00000000004294972622, 'o.q@#\0^4'),
-('208920000000055', '33638060055', NULL, NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/ДM_^r	v', 1, 0, 00000000004294969388, 'Ij>OOK)'),
-('31002890832150', '33638060059', '35611302209414', NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/Д	|hb', 1, 0, 00000000000000012416, '`F݆Dϛ'),
-('208920000000054', '33638060054', NULL, NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/ДM_^r	v', 1, 0, 00000000000000039820, 'B@WشJUٰToC'),
-('001010123456789', '33600101789', NULL, NULL, 'PURGED', 120, 50000000, 100000000, 47, 0000000000, 2, '\0
	\n\r', 1, 0, 00000000000000000032, 'eESAj|'),
-('208930000000001', '33638060008', NULL, NULL, 'NOT_PURGED', 120, 50000000, 100000000, 47, 0000000000, 2, 'G?/Д	|hb', 1, 0, 00000000000000002487, '$N!M
p-T)#');
+INSERT INTO `users` (`imsi`, `msisdn`, `imei`, `imei_sv`, `ms_ps_status`, `rau_tau_timer`, `ue_ambr_ul`, `ue_ambr_dl`, `access_restriction`, `mme_cap`, `mmeidentity_idmmeidentity`, `key`, `RFSP-Index`, `urrp_mme`, `sqn`, `rand`, `OPc`) VALUES
+('20834123456789', '380561234567', '12345678', '23', 'PURGED', 50, 40000000, 100000000, 47, 0000000000, 2, '+Eų\0,IHH', 0, 0, 00000000000000000096, 'PxX
 \Z1x', 'g퐐jS+Aq6Y'),
+('20810000001234', '33611123456', NULL, NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/Д	|hb', 1, 0, 00000281454575616097, 's$rCf=:x', '''i.u2fz;`]'),
+('31002890832150', '33638060059', '35611302209414', NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/Д	|hb', 1, 0, 00000000000000012416, '`F݆Dϛ', '''i.u2fz;`]'),
+('001010123456789', '33600101789', NULL, NULL, 'PURGED', 120, 50000000, 100000000, 47, 0000000000, 2, '\0
	\n\r', 1, 0, 00000000000000000351, '\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0', '$_|/+6%/%'),
+('208930000000001', '33638060008', NULL, NULL, 'PURGED', 120, 50000000, 100000000, 47, 0000000000, 2, 'G?/Д	|hb', 1, 0, 00000000000000006103, 'wqgzWЁZ]', '''i.u2fz;`]'),
+('208950000000002', '33638060009', NULL, NULL, 'PURGED', 120, 50000000, 100000000, 47, 0000000000, 2, 'G?/Д	|hb', 1, 0, 00000000000000006391, 'U| wD\Z7', '''i.u2fz;`]');
 
 /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
 /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;

openair-cn/OPENAIRHSS/db/pft_db.sql

+-- phpMyAdmin SQL Dump
+-- version 4.0.10deb1
+-- http://www.phpmyadmin.net
+--
+-- Host: localhost
+-- Generation Time: May 28, 2015 at 02:24 PM
+-- Server version: 5.5.43-0ubuntu0.14.04.1
+-- PHP Version: 5.5.9-1ubuntu4.9
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8 */;
+
+--
+-- Database: `oai_db`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `apn`
+--
+
+CREATE TABLE IF NOT EXISTS `apn` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `apn-name` varchar(60) NOT NULL,
+  `pdn-type` enum('IPv4','IPv6','IPv4v6','IPv4_or_IPv6') NOT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `apn-name` (`apn-name`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `mmeidentity`
+--
+
+CREATE TABLE IF NOT EXISTS `mmeidentity` (
+  `idmmeidentity` int(11) NOT NULL AUTO_INCREMENT,
+  `mmehost` varchar(255) DEFAULT NULL,
+  `mmerealm` varchar(200) DEFAULT NULL,
+  `UE-Reachability` tinyint(1) NOT NULL COMMENT 'Indicates whether the MME supports UE Reachability Notifcation',
+  PRIMARY KEY (`idmmeidentity`)
+) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=43 ;
+
+--
+-- Dumping data for table `mmeidentity`
+--
+
+INSERT INTO `mmeidentity` (`idmmeidentity`, `mmehost`, `mmerealm`, `UE-Reachability`) VALUES
+(2, 'yang.openair4G.eur', 'openair4G.eur', 0),
+(1, 'ng40-erc.openair4G.eur', 'openair4G.eur', 0);
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pdn`
+--
+
+CREATE TABLE IF NOT EXISTS `pdn` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `apn` varchar(60) NOT NULL,
+  `pdn_type` enum('IPv4','IPv6','IPv4v6','IPv4_or_IPv6') NOT NULL DEFAULT 'IPv4',
+  `pdn_ipv4` varchar(15) DEFAULT '0.0.0.0',
+  `pdn_ipv6` varchar(45) CHARACTER SET latin1 COLLATE latin1_general_ci DEFAULT '0:0:0:0:0:0:0:0',
+  `aggregate_ambr_ul` int(10) unsigned DEFAULT '50000000',
+  `aggregate_ambr_dl` int(10) unsigned DEFAULT '100000000',
+  `pgw_id` int(11) NOT NULL,
+  `users_imsi` varchar(15) NOT NULL,
+  `qci` tinyint(3) unsigned NOT NULL DEFAULT '9',
+  `priority_level` tinyint(3) unsigned NOT NULL DEFAULT '15',
+  `pre_emp_cap` enum('ENABLED','DISABLED') DEFAULT 'DISABLED',
+  `pre_emp_vul` enum('ENABLED','DISABLED') DEFAULT 'DISABLED',
+  `LIPA-Permissions` enum('LIPA-prohibited','LIPA-only','LIPA-conditional') NOT NULL DEFAULT 'LIPA-only',
+  PRIMARY KEY (`id`,`pgw_id`,`users_imsi`),
+  KEY `fk_pdn_pgw1_idx` (`pgw_id`),
+  KEY `fk_pdn_users1_idx` (`users_imsi`)
+) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=36 ;
+
+--
+-- Dumping data for table `pdn`
+--
+
+INSERT INTO `pdn` (`id`, `apn`, `pdn_type`, `pdn_ipv4`, `pdn_ipv6`, `aggregate_ambr_ul`, `aggregate_ambr_dl`, `pgw_id`, `users_imsi`, `qci`, `priority_level`, `pre_emp_cap`, `pre_emp_vul`, `LIPA-Permissions`) VALUES
+(8, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '208920000000008', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
+(9, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '208920000000009', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
+(11, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '208920000000053', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
+(12, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '208920000000055', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only'),
+(16, 'oai.ipv4', 'IPv4', '0.0.0.0', '0:0:0:0:0:0:0:0', 50000000, 100000000, 3, '208920000000054', 9, 15, 'DISABLED', 'ENABLED', 'LIPA-only');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pgw`
+--
+
+CREATE TABLE IF NOT EXISTS `pgw` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `ipv4` varchar(15) NOT NULL,
+  `ipv6` varchar(39) NOT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `ipv4` (`ipv4`),
+  UNIQUE KEY `ipv6` (`ipv6`)
+) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=4 ;
+
+--
+-- Dumping data for table `pgw`
+--
+
+INSERT INTO `pgw` (`id`, `ipv4`, `ipv6`) VALUES
+(1, '127.0.0.1', '0:0:0:0:0:0:0:1'),
+(2, '192.168.56.101', ''),
+(3, '10.0.0.2', '0');
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `terminal-info`
+--
+
+CREATE TABLE IF NOT EXISTS `terminal-info` (
+  `imei` varchar(15) NOT NULL,
+  `sv` varchar(2) NOT NULL,
+  UNIQUE KEY `imei` (`imei`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE IF NOT EXISTS `users` (
+  `imsi` varchar(15) NOT NULL COMMENT 'IMSI is the main reference key.',
+  `msisdn` varchar(46) DEFAULT NULL COMMENT 'The basic MSISDN of the UE (Presence of MSISDN is optional).',
+  `imei` varchar(15) DEFAULT NULL COMMENT 'International Mobile Equipment Identity',
+  `imei_sv` varchar(2) DEFAULT NULL COMMENT 'International Mobile Equipment Identity Software Version Number',
+  `ms_ps_status` enum('PURGED','NOT_PURGED') DEFAULT 'PURGED' COMMENT 'Indicates that ESM and EMM status are purged from MME',
+  `rau_tau_timer` int(10) unsigned DEFAULT '120',
+  `ue_ambr_ul` bigint(20) unsigned DEFAULT '50000000' COMMENT 'The Maximum Aggregated uplink MBRs to be shared across all Non-GBR bearers according to the subscription of the user.',
+  `ue_ambr_dl` bigint(20) unsigned DEFAULT '100000000' COMMENT 'The Maximum Aggregated downlink MBRs to be shared across all Non-GBR bearers according to the subscription of the user.',
+  `access_restriction` int(10) unsigned DEFAULT '60' COMMENT 'Indicates the access restriction subscription information. 3GPP TS.29272 #7.3.31',
+  `mme_cap` int(10) unsigned zerofill DEFAULT NULL COMMENT 'Indicates the capabilities of the MME with respect to core functionality e.g. regional access restrictions.',
+  `mmeidentity_idmmeidentity` int(11) NOT NULL DEFAULT '0',
+  `key` varbinary(16) NOT NULL DEFAULT '0' COMMENT 'UE security key',
+  `RFSP-Index` smallint(5) unsigned NOT NULL DEFAULT '1' COMMENT 'An index to specific RRM configuration in the E-UTRAN. Possible values from 1 to 256',
+  `urrp_mme` tinyint(1) NOT NULL DEFAULT '0' COMMENT 'UE Reachability Request Parameter indicating that UE activity notification from MME has been requested by the HSS.',
+  `sqn` bigint(20) unsigned zerofill NOT NULL,
+  `rand` varbinary(16) NOT NULL,
+  `OPc` varbinary(16) DEFAULT NULL COMMENT 'Can be computed by HSS',
+  PRIMARY KEY (`imsi`,`mmeidentity_idmmeidentity`),
+  KEY `fk_users_mmeidentity_idx1` (`mmeidentity_idmmeidentity`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`imsi`, `msisdn`, `imei`, `imei_sv`, `ms_ps_status`, `rau_tau_timer`, `ue_ambr_ul`, `ue_ambr_dl`, `access_restriction`, `mme_cap`, `mmeidentity_idmmeidentity`, `key`, `RFSP-Index`, `urrp_mme`, `sqn`, `rand`, `OPc`) VALUES
+('208920000000008', '33638060008', NULL, NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/Д	|hb', 1, 0, 00000000004294969388, 'Ij>OOK)', '''i.u2fz;`]'),
+('208920000000009', '33638060009', NULL, NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/ДWdiHC׾', 1, 0, 00000000000000033361, '\ZM{h#\\*l', 'xJ	'),
+('208920000000053', '33638060053', '35611302209415', NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/Д6`FB&w', 1, 0, 00000000004294972622, 'o.q@#\0^4', 'O~ɭ'),
+('208920000000055', '33638060055', NULL, NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/ДM_^r	v', 1, 0, 00000000004294969388, 'Ij>OOK)', 'N0;bCR_'),
+('208920000000054', '33638060054', NULL, NULL, 'PURGED', 120, 40000000, 100000000, 47, 0000000000, 2, 'G?/ДM_^r	v', 1, 0, 00000000000000039820, 'B@WشJUٰToC', 'N0;bCR_');
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;

openair-cn/OPENAIRHSS/hss_main.c

@@ -37,6 +37,7 @@
 
 hss_config_t hss_config;
 
+
 int main(int argc, char *argv[])
 {
 
@@ -52,6 +53,10 @@ int main(int argc, char *argv[])
 
   random_init();
 
+  if (hss_config.valid_op) {
+    hss_mysql_check_opc_keys((uint8_t*)hss_config.operator_key_bin);
+  }
+
   s6a_init(&hss_config);
 
   while(1) {

openair-cn/OPENAIRHSS/s6a/s6a_auth_info.c

@@ -210,7 +210,7 @@ int s6a_auth_info_cb(struct msg **msg, struct avp *paramavp,
 
   if (auts != NULL) {
     /* Try to derive SQN_MS from previous RAND */
-    sqn = sqn_ms_derive(auth_info_resp.key, auts, auth_info_resp.rand);
+    sqn = sqn_ms_derive(auth_info_resp.opc, auth_info_resp.key, auts, auth_info_resp.rand);
 
     if (sqn != NULL) {
       /* We succeeded to verify SQN_MS... */
@@ -245,7 +245,7 @@ int s6a_auth_info_cb(struct msg **msg, struct avp *paramavp,
   hss_mysql_increment_sqn(auth_info_req.imsi);
 
   /* Generate authentication vector */
-  generate_vector(imsi, auth_info_resp.key,
+  generate_vector(auth_info_resp.opc, imsi, auth_info_resp.key,
                   hdr->avp_value->os.data, sqn, &vector);
 
   /* We add the vector */

openair-cn/OPENAIRHSS/utils/hss_config.c

@@ -65,8 +65,6 @@ int fd_g_debug_lvl = 1;
 
 /* YACC forward declarations */
 extern int  yyparse (struct hss_config_s *hss_config_p);
-extern uint8_t opc[16];
-extern uint8_t op [16];
 static int config_parse_command_line(int argc, char *argv[],
                                      hss_config_t *hss_config_p);
 static int config_parse_file(hss_config_t *hss_config_p);
@@ -91,7 +89,6 @@ int config_init(int argc, char *argv[], hss_config_t *hss_config_p)
   }
 
   hss_config_p->valid_op = 0;
-  hss_config_p->valid_opc = 0;
 
   if ((ret = config_parse_command_line(argc, argv, hss_config_p)) != 0) {
     return ret;
@@ -103,22 +100,38 @@ int config_init(int argc, char *argv[], hss_config_t *hss_config_p)
     /* Parsing of the file failed. -> abort */
     abort();
   }
-
-  config_display(hss_config_p);
+  if (hss_config_p->random) {
+    if (strcasecmp(hss_config_p->random, "false") == 0) {
+      hss_config_p->random_bool = 0;
+    } else if (strcasecmp(hss_config_p->random, "true") == 0) {
+      hss_config_p->random_bool = 1;
+    } else {
+      fprintf(stderr,
+                "Error in configuration file: random: %s (allowed values {true,false})\n",
+                hss_config_p->random);
+        abort();
+    }
+  } else {
+	  hss_config_p->random      = "true";
+	  hss_config_p->random_bool = 1;
+      fprintf(stderr,
+                "Default values for random: %s (allowed values {true,false})\n",
+                hss_config_p->random);
+  }
 
   // post processing for op key
   if (hss_config_p->operator_key) {
     if (strlen(hss_config_p->operator_key) == 32) {
       ret = sscanf(hss_config_p->operator_key,
                    "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
-                   (unsigned int*)&op[0],(unsigned int*)&op[1],
-                   (unsigned int*)&op[2],(unsigned int*)&op[3],
-                   (unsigned int*)&op[4],(unsigned int*)&op[5],
-                   (unsigned int*)&op[6],(unsigned int*)&op[7],
-                   (unsigned int*)&op[8],(unsigned int*)&op[9],
-                   (unsigned int*)&op[10],(unsigned int*)&op[11],
-                   (unsigned int*)&op[12],(unsigned int*)&op[13],
-                   (unsigned int*)&op[14],(unsigned int*)&op[15]);
+                   (unsigned int*)&hss_config_p->operator_key_bin[0],(unsigned int*)&hss_config_p->operator_key_bin[1],
+                   (unsigned int*)&hss_config_p->operator_key_bin[2],(unsigned int*)&hss_config_p->operator_key_bin[3],
+                   (unsigned int*)&hss_config_p->operator_key_bin[4],(unsigned int*)&hss_config_p->operator_key_bin[5],
+                   (unsigned int*)&hss_config_p->operator_key_bin[6],(unsigned int*)&hss_config_p->operator_key_bin[7],
+                   (unsigned int*)&hss_config_p->operator_key_bin[8],(unsigned int*)&hss_config_p->operator_key_bin[9],
+                   (unsigned int*)&hss_config_p->operator_key_bin[10],(unsigned int*)&hss_config_p->operator_key_bin[11],
+                   (unsigned int*)&hss_config_p->operator_key_bin[12],(unsigned int*)&hss_config_p->operator_key_bin[13],
+                   (unsigned int*)&hss_config_p->operator_key_bin[14],(unsigned int*)&hss_config_p->operator_key_bin[15]);
 
       if (ret != 16) {
         fprintf(stderr,
@@ -129,32 +142,9 @@ int config_init(int argc, char *argv[], hss_config_t *hss_config_p)
       hss_config_p->valid_op = 1;
     }
   }
-  if (hss_config_p->operator_ckey) {
-    if (strlen(hss_config_p->operator_ckey) == 32) {
-      ret = sscanf(hss_config_p->operator_ckey,
-                   "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
-                   (unsigned int*)&opc[0],(unsigned int*)&opc[1],
-                   (unsigned int*)&opc[2],(unsigned int*)&opc[3],
-                   (unsigned int*)&opc[4],(unsigned int*)&opc[5],
-                   (unsigned int*)&opc[6],(unsigned int*)&opc[7],
-                   (unsigned int*)&opc[8],(unsigned int*)&opc[9],
-                   (unsigned int*)&opc[10],(unsigned int*)&opc[11],
-                   (unsigned int*)&opc[12],(unsigned int*)&opc[13],
-                   (unsigned int*)&opc[14],(unsigned int*)&opc[15]);
+  config_display(hss_config_p);
+
 
-      if (ret != 16) {
-        fprintf(stderr,
-                "Error in configuration file: operator ckey: %s\n",
-                hss_config_p->operator_ckey);
-        abort();
-      }
-      hss_config_p->valid_opc = 1;
-    }
-  }
-  if ((hss_config_p->valid_opc == 0) && (hss_config_p->valid_op ==0)) {
-    fprintf(stderr, "Error in configuration file: no valid OP or OPC key\n");
-    abort();
-  }
   return 0;
 }
 
@@ -195,8 +185,8 @@ static void config_display(hss_config_t *hss_config_p)
   fprintf(stdout, "* Security:\n");
   fprintf(stdout, "\t- Operator key......: %s\n",
           hss_config_p->operator_key);
-  fprintf(stdout, "\t- Operator ckey......: %s\n",
-          hss_config_p->operator_ckey);
+  fprintf(stdout, "\t- Random      ......: %s\n",
+		  hss_config_p->random);
 }
 
 static int config_parse_command_line(int argc, char *argv[],

openair-cn/OPENAIRHSS/utils/hss_config.h

@@ -37,15 +37,17 @@ typedef struct hss_config_s {
 
 
   char *operator_key;
+  unsigned char operator_key_bin[16];
   int   valid_op;
-  char *operator_ckey;
-  int   valid_opc;
 
   /* The freediameter configuration file */
   char *freediameter_config;
 
   /* THe HSS global configuration file */
   char *config;
+
+  char *random;
+  char  random_bool;
 } hss_config_t;
 
 int config_init(int argc, char *argv[], hss_config_t *hss_config_p);

openair-cn/OPENAIRHSS/utils/hss_parser.y

@@ -70,7 +70,7 @@ int fddlex(YYSTYPE *lvalp, YYLTYPE *llocp);
 %token MYSQL_PASS
 %token MYSQL_DB
 %token OPERATOR_KEY
-%token OPERATOR_CKEY
+%token RANDOM
 
 %%
 conffile:       /* Empty is OK -- for simplicity here, we reject in daemon later */
@@ -79,7 +79,7 @@ conffile:       /* Empty is OK -- for simplicity here, we reject in daemon later
     | conffile mysql_user
     | conffile mysql_pass
     | conffile operator_key
-    | conffile operator_ckey
+    | conffile random
     | conffile fdconf
     | conffile errors
     {
@@ -118,9 +118,9 @@ operator_key: OPERATOR_KEY '=' QSTRING ';'
     }
     ;
 
-operator_ckey: OPERATOR_CKEY '=' QSTRING ';'
+random: RANDOM '=' QSTRING ';'
     {
-        hss_config_p->operator_ckey = $3;
+        hss_config_p->random = $3;
     }
     ;
 

openair-cn/OPENAIRHSS/utils/hss_scanner.l

@@ -114,7 +114,7 @@ qstring     \"[^\"\n]*\"
 (?i:"MYSQL_pass")   { return MYSQL_PASS; }
 (?i:"MYSQL_db")     { return MYSQL_DB; }
 (?i:"OPERATOR_key")     { return OPERATOR_KEY; }
-(?i:"OPERATOR_ckey")     { return OPERATOR_CKEY; }
+(?i:"RANDOM")       { return RANDOM; }
 
     /* Valid single characters for yyparse */
 <*>[=,:;{}]     { return yytext[0]; }