Projects
osmocom:master
open5gs
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 421
View file
commit_7c14073533e6f1ce39c53d4187fab6847fac0d44.txt
Added
View file
commit_cf4ad1f2484ce8229aa0c468af77d7474736e4ec.txt
Deleted
View file
open5gs_2.7.0.116.cf4ad.dsc -> open5gs_2.7.0.117.7c140.dsc
Changed
@@ -2,7 +2,7 @@ Source: open5gs Binary: open5gs-common, open5gs-mme, open5gs-sgwc, open5gs-smf, open5gs-amf, open5gs-sgwu, open5gs-upf, open5gs-hss, open5gs-pcrf, open5gs-nrf, open5gs-scp, open5gs-sepp, open5gs-ausf, open5gs-udm, open5gs-pcf, open5gs-nssf, open5gs-bsf, open5gs-udr, open5gs, open5gs-dbg Architecture: any -Version: 2.7.0.116.cf4ad +Version: 2.7.0.117.7c140 Maintainer: Harald Welte <laforge@gnumonks.org> Uploaders: Sukchan Lee <acetcom@gmail.com> Homepage: https://open5gs.org @@ -32,8 +32,8 @@ open5gs-udr deb net optional arch=any open5gs-upf deb net optional arch=any Checksums-Sha1: - adea80b9dd81c8dc704497fe01a9e45691c98fc2 14485984 open5gs_2.7.0.116.cf4ad.tar.xz + 07fe51dc333933e2a58a908d7b3822081bee8743 14485772 open5gs_2.7.0.117.7c140.tar.xz Checksums-Sha256: - 6c36daf5a374a6405234ef4af4f3df6362ed9305ad61a813565d40a18dbc2c15 14485984 open5gs_2.7.0.116.cf4ad.tar.xz + e3a3bea16bb26ef8072725172848b1bd23971b8558c015af6ddad2a2527ae419 14485772 open5gs_2.7.0.117.7c140.tar.xz Files: - e87fdd14d65d8502fb46a11048994d32 14485984 open5gs_2.7.0.116.cf4ad.tar.xz + 26d169a248642364e8d5fa99d6e93340 14485772 open5gs_2.7.0.117.7c140.tar.xz
View file
open5gs_2.7.0.116.cf4ad.tar.xz/.tarball-version -> open5gs_2.7.0.117.7c140.tar.xz/.tarball-version
Changed
@@ -1 +1 @@ -2.7.0.116-cf4ad +2.7.0.117-7c140
View file
open5gs_2.7.0.116.cf4ad.tar.xz/debian/changelog -> open5gs_2.7.0.117.7c140.tar.xz/debian/changelog
Changed
@@ -1,8 +1,8 @@ -open5gs (2.7.0.116.cf4ad) unstable; urgency=medium +open5gs (2.7.0.117.7c140) unstable; urgency=medium * Automatically generated changelog entry for building the Osmocom master feed - -- Osmocom OBS scripts <info@osmocom.org> Sun, 24 Mar 2024 00:50:48 +0000 + -- Osmocom OBS scripts <info@osmocom.org> Sun, 24 Mar 2024 05:20:52 +0000 open5gs (2.7.0) unstable; urgency=medium
View file
open5gs_2.7.0.116.cf4ad.tar.xz/lib/crypt/ecc.c -> open5gs_2.7.0.117.7c140.tar.xz/lib/crypt/ecc.c
Changed
@@ -4,6 +4,8 @@ #include <string.h> +#include "ogs-core.h" + #define NUM_ECC_DIGITS (ECC_BYTES/8) #define MAX_TRIES 16 @@ -82,6 +84,7 @@ HCRYPTPROV l_prov; if(!CryptAcquireContext(&l_prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { + ogs_error("CryptAcquireContext() failed"); return 0; } @@ -107,9 +110,11 @@ int l_fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC); if(l_fd == -1) { + ogs_error("open(/dev/urandom) failed"); l_fd = open("/dev/random", O_RDONLY | O_CLOEXEC); if(l_fd == -1) { + ogs_error("open(/dev/random) failed"); return 0; } } @@ -122,6 +127,7 @@ if(l_read <= 0) { // read failed close(l_fd); + ogs_error("read() failed"); return 0; } l_left -= l_read; @@ -1073,6 +1079,7 @@ { if(!getRandomNumber(l_private) || (l_tries++ >= MAX_TRIES)) { + ogs_error("getRandomNumber() failed %d", l_tries); return 0; } if(vli_isZero(l_private)) @@ -1096,6 +1103,45 @@ return 1; } +#define CURVE_A_32 {0xFFFFFFFFFFFFFFFCull, 0x00000000FFFFFFFFull, 0x0000000000000000ull, 0xFFFFFFFF00000001ull} + +static int ecdh_validate_pubkey(EccPoint l_public, uint64_t l_privateNUM_ECC_DIGITS) { + uint64_t leftNUM_ECC_DIGITS; + uint64_t rightNUM_ECC_DIGITS; + uint64_t curve_aNUM_ECC_DIGITS = CURVE_A_32; + /* + * To ensure l_public is a valid point on the curve, we need to check: + * y^2 % p == (x^3 + a * x + b) % p) + */ + + /* Compute y^2 % p and store in `left` */ + vli_modSquare_fast(left, l_public.y); + + /* Compute x^3 and store in `right` */ + vli_modSquare_fast(right, l_public.x); + vli_modMult_fast(right, right, l_public.x); + + /* Compute a * x and store in `curve_a` */ + vli_modMult_fast(curve_a, curve_a, l_public.x); + /* Store ((a * x) + b) % p in `curve_a */ + vli_modAdd(curve_a, curve_a, curve_b, curve_p); + + /* + * Combine x^3 and ((a * x) + b) to make (x^3 + a * x + b) % p); + * store in `right` + */ + vli_modAdd(right, right, curve_a, curve_p); + + int i; + for (i = 0; i < NUM_ECC_DIGITS; i++) { + if (lefti != righti) { + return 0; // y^2 % p != (x^3 + a * x + b) % p) + } + } + + return 1; +} + int ecdh_shared_secret(const uint8_t p_publicKeyECC_BYTES+1, const uint8_t p_privateKeyECC_BYTES, uint8_t p_secretECC_BYTES) { EccPoint l_public; @@ -1104,12 +1150,23 @@ if(!getRandomNumber(l_random)) { + ogs_error("getRandomNumber() failed"); return 0; } ecc_point_decompress(&l_public, p_publicKey); ecc_bytes2native(l_private, p_privateKey); + /* + * Validate received public key `p_publicKey` is a valid point + * on curve P-256 + */ + if (!ecdh_validate_pubkey(l_public, l_private)) + { + ogs_error("ecdh_validate_pubkey() failed"); + return 0; + } + EccPoint l_product; EccPoint_mult(&l_product, &l_public, l_private, l_random); @@ -1202,6 +1259,7 @@ { if(!getRandomNumber(k) || (l_tries++ >= MAX_TRIES)) { + ogs_error("getRandomNumber() failed %d", l_tries); return 0; } if(vli_isZero(k)) @@ -1256,11 +1314,13 @@ if(vli_isZero(l_r) || vli_isZero(l_s)) { /* r, s must not be 0. */ + ogs_error("r, s must not be 0"); return 0; } if(vli_cmp(curve_n, l_r) != 1 || vli_cmp(curve_n, l_s) != 1) { /* r, s must be < n. */ + ogs_error("r, s must be < n"); return 0; }
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.