@@ -2,7 +2,7 @@

 Source: open5gs

 Binary: open5gs-common, open5gs-mme, open5gs-sgwc, open5gs-smf, open5gs-amf, open5gs-sgwu, open5gs-upf, open5gs-hss, open5gs-pcrf, open5gs-nrf, open5gs-scp, open5gs-sepp, open5gs-ausf, open5gs-udm, open5gs-pcf, open5gs-nssf, open5gs-bsf, open5gs-udr, open5gs, open5gs-dbg

 Architecture: any

-Version: 2.7.0.116.cf4ad

+Version: 2.7.0.117.7c140

 Maintainer: Harald Welte <laforge@gnumonks.org>

 Uploaders: Sukchan Lee <acetcom@gmail.com>

 Homepage: https://open5gs.org

@@ -32,8 +32,8 @@

  open5gs-udr deb net optional arch=any

  open5gs-upf deb net optional arch=any

 Checksums-Sha1:

- adea80b9dd81c8dc704497fe01a9e45691c98fc2 14485984 open5gs_2.7.0.116.cf4ad.tar.xz

+ 07fe51dc333933e2a58a908d7b3822081bee8743 14485772 open5gs_2.7.0.117.7c140.tar.xz

 Checksums-Sha256:

- 6c36daf5a374a6405234ef4af4f3df6362ed9305ad61a813565d40a18dbc2c15 14485984 open5gs_2.7.0.116.cf4ad.tar.xz

+ e3a3bea16bb26ef8072725172848b1bd23971b8558c015af6ddad2a2527ae419 14485772 open5gs_2.7.0.117.7c140.tar.xz

 Files:

- e87fdd14d65d8502fb46a11048994d32 14485984 open5gs_2.7.0.116.cf4ad.tar.xz

+ 26d169a248642364e8d5fa99d6e93340 14485772 open5gs_2.7.0.117.7c140.tar.xz

​

@@ -1 +1 @@

-2.7.0.116-cf4ad

+2.7.0.117-7c140

​

@@ -1,8 +1,8 @@

-open5gs (2.7.0.116.cf4ad) unstable; urgency=medium

+open5gs (2.7.0.117.7c140) unstable; urgency=medium

   * Automatically generated changelog entry for building the Osmocom master feed

- -- Osmocom OBS scripts <info@osmocom.org>  Sun, 24 Mar 2024 00:50:48 +0000

+ -- Osmocom OBS scripts <info@osmocom.org>  Sun, 24 Mar 2024 05:20:52 +0000

 open5gs (2.7.0) unstable; urgency=medium

​

@@ -4,6 +4,8 @@

 #include <string.h>

+#include "ogs-core.h"

+

 #define NUM_ECC_DIGITS (ECC_BYTES/8)

 #define MAX_TRIES 16

@@ -82,6 +84,7 @@

     HCRYPTPROV l_prov;

     if(!CryptAcquireContext(&l_prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))

     {

+        ogs_error("CryptAcquireContext() failed");

         return 0;

     }

@@ -107,9 +110,11 @@

     int l_fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC);

     if(l_fd == -1)

     {

+        ogs_error("open(/dev/urandom) failed");

         l_fd = open("/dev/random", O_RDONLY | O_CLOEXEC);

         if(l_fd == -1)

         {

+            ogs_error("open(/dev/random) failed");

             return 0;

         }

     }

@@ -122,6 +127,7 @@

         if(l_read <= 0)

         { // read failed

             close(l_fd);

+            ogs_error("read() failed");

             return 0;

         }

         l_left -= l_read;

@@ -1073,6 +1079,7 @@

     {

         if(!getRandomNumber(l_private) || (l_tries++ >= MAX_TRIES))

         {

+            ogs_error("getRandomNumber() failed %d", l_tries);

             return 0;

         }

         if(vli_isZero(l_private))

@@ -1096,6 +1103,45 @@

     return 1;

 }

+#define CURVE_A_32 {0xFFFFFFFFFFFFFFFCull, 0x00000000FFFFFFFFull, 0x0000000000000000ull, 0xFFFFFFFF00000001ull}

+

+static int ecdh_validate_pubkey(EccPoint l_public, uint64_t l_privateNUM_ECC_DIGITS) {

+    uint64_t leftNUM_ECC_DIGITS;

+    uint64_t rightNUM_ECC_DIGITS;

+    uint64_t curve_aNUM_ECC_DIGITS = CURVE_A_32;

+    /*

+     * To ensure l_public is a valid point on the curve, we need to check:

+     * y^2 % p == (x^3 + a * x + b) % p)

+     */

+

+    /* Compute y^2 % p and store in `left` */

+    vli_modSquare_fast(left, l_public.y);

+

+    /* Compute x^3 and store in `right` */

+    vli_modSquare_fast(right, l_public.x);

+    vli_modMult_fast(right, right, l_public.x);

+

+    /* Compute a * x and store in `curve_a` */

+    vli_modMult_fast(curve_a, curve_a, l_public.x);

+    /* Store ((a * x) + b) % p in `curve_a */

+    vli_modAdd(curve_a, curve_a, curve_b, curve_p);

+

+    /*

+     * Combine x^3 and ((a * x) + b) to make (x^3 + a * x + b) % p);

+     * store in `right`

+     */

+    vli_modAdd(right, right, curve_a, curve_p);

+

+    int i;

+    for (i = 0; i < NUM_ECC_DIGITS; i++) {

+        if (lefti != righti) {

+            return 0; // y^2 % p != (x^3 + a * x + b) % p)

+        }

+    }

+

+    return 1;

+}

+

 int ecdh_shared_secret(const uint8_t p_publicKeyECC_BYTES+1, const uint8_t p_privateKeyECC_BYTES, uint8_t p_secretECC_BYTES)

 {

     EccPoint l_public;

@@ -1104,12 +1150,23 @@

     if(!getRandomNumber(l_random))

     {

+        ogs_error("getRandomNumber() failed");

         return 0;

     }

     ecc_point_decompress(&l_public, p_publicKey);

     ecc_bytes2native(l_private, p_privateKey);

+    /*

+     * Validate received public key `p_publicKey` is a valid point

+     * on curve P-256

+     */

+    if (!ecdh_validate_pubkey(l_public, l_private))

+    {

+        ogs_error("ecdh_validate_pubkey() failed");

+        return 0;

+    }

+

     EccPoint l_product;

     EccPoint_mult(&l_product, &l_public, l_private, l_random);

@@ -1202,6 +1259,7 @@

     {

         if(!getRandomNumber(k) || (l_tries++ >= MAX_TRIES))

         {

+            ogs_error("getRandomNumber() failed %d", l_tries);

             return 0;

         }

         if(vli_isZero(k))

@@ -1256,11 +1314,13 @@

     if(vli_isZero(l_r) || vli_isZero(l_s))

     { /* r, s must not be 0. */

+        ogs_error("r, s must not be 0");

         return 0;

     }

     if(vli_cmp(curve_n, l_r) != 1 || vli_cmp(curve_n, l_s) != 1)

     { /* r, s must be < n. */

+        ogs_error("r, s must be < n");

         return 0;

     }

​