Project

General

Profile

Actions
Copy link

Feature #2460

closed

Change "encryption" VTY parameter to allow more than one cipher

Added by pespin over 6 years ago. Updated over 6 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
laforge
Category:
A interface (general)
Target version:
-
Start date:
08/24/2017
Due date:
% Done:

100%

Resolution:
Spec Reference:

Description

Currently the "encryption" parameter lets define which cipher is allowed by MSC, but only one can be allowed at a given time: "encryption a5 (0|1|2|3)"

In AoIP protocol, however, the cipher is negotiated between MSC<->BSC (BSC interesected with BTS and MS capabilities). Once "Authentication Response" reaches MSC with correct challenge response, the MSC sends a "Cipher Mode Command" to the BSC with a bitmask stating the allowed ciphers.

As we currently only set 1 cipher in config, only 1 bit can be enabled at a time in the bitmask, and if that mode doesn't match the one required by BSC/BTS/MS, then BSC will send a Reject and the modem will fail to connect.

We should be able to specify "encryption" parameter either as a bitmask or a list instead of a plain integer, eg:

encryption a5 <0..7> [<0..7>] [<0..7>] [<0..7>] [<0..7>] [<0..7>] [<0..7>]

allowing

encryption a5 0 1 3

Files

encryption.diff encryption.diff 3.1 KB laforge, 12/23/2017 05:25 PM

Related issues

Related to OsmoGSMTester - Feature #2457: osmo-gsm-tester: add test case: validate "encryption" & "authentication" vty parameter Closedpespin08/22/2017

Actions
Related to OsmoBSC - Feature #2461: Improve "encryption" VTY parameterResolvedlaforge08/24/2017

Actions
Actions
Copy link

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)