mirror of https://github.com/PentHertz/srsLTE.git
Starting to integrity protect NAS messages. UE accepted security command reques, starting to parse security command complete.
This commit is contained in:
parent
bb85525ad2
commit
1621b6e93a
|
@ -52,7 +52,8 @@ typedef struct{
|
|||
uint64_t imsi;
|
||||
uint32_t enb_ue_s1ap_id;
|
||||
uint32_t mme_ue_s1ap_id;
|
||||
uint8_t xres[16];
|
||||
uint8_t xres[8];
|
||||
uint8_t k_asme[32];
|
||||
} ue_ctx_t;
|
||||
|
||||
#endif
|
||||
|
|
|
@ -278,9 +278,10 @@ s1ap::handle_initial_ue_message(LIBLTE_S1AP_MESSAGE_INITIALUEMESSAGE_STRUCT *ini
|
|||
//FIXME use this info
|
||||
uint8_t eps_bearer_id = pdn_con_req.eps_bearer_id; //TODO: Unused
|
||||
uint8_t proc_transaction_id = pdn_con_req.proc_transaction_id; //TODO: Transaction ID unused
|
||||
m_s1ap_log->console("EPS Bearer id: %d\n", eps_bearer_id);
|
||||
|
||||
//Get Authentication Vectors from HSS
|
||||
if(!m_hss->gen_auth_info_answer_milenage(imsi, k_asme, autn, rand, ue_ctx.xres))
|
||||
if(!m_hss->gen_auth_info_answer_milenage(imsi, ue_ctx.k_asme, autn, rand, ue_ctx.xres))
|
||||
{
|
||||
m_s1ap_log->console("User not found. IMSI %015lu\n",imsi);
|
||||
m_s1ap_log->info("User not found. IMSI %015lu\n",imsi);
|
||||
|
|
|
@ -26,6 +26,7 @@
|
|||
|
||||
#include "mme/s1ap.h"
|
||||
#include "mme/s1ap_nas_transport.h"
|
||||
#include "srslte/common/security.h"
|
||||
|
||||
namespace srsepc{
|
||||
|
||||
|
@ -233,6 +234,31 @@ s1ap_nas_transport::pack_security_mode_command(srslte::byte_buffer_t *reply_msg,
|
|||
return false;
|
||||
}
|
||||
|
||||
//Generate MAC for integrity protection
|
||||
//FIXME Write wrapper to support EIA1, EIA2, etc.
|
||||
//TODO which is the RB ID? Standard says a constant, but which?
|
||||
uint8_t mac[4];
|
||||
|
||||
uint8_t k_nas_enc[32];
|
||||
uint8_t k_nas_int[32];
|
||||
|
||||
srslte::security_generate_k_nas( ue_ctx->k_asme,
|
||||
srslte::CIPHERING_ALGORITHM_ID_EEA0,
|
||||
srslte::INTEGRITY_ALGORITHM_ID_128_EIA1,
|
||||
k_nas_enc,
|
||||
k_nas_int
|
||||
);
|
||||
|
||||
srslte::security_128_eia1 (&k_nas_int[16],
|
||||
count,
|
||||
0,
|
||||
SECURITY_DIRECTION_DOWNLINK,
|
||||
&nas_buffer->msg[5],
|
||||
nas_buffer->N_bytes - 5,
|
||||
mac
|
||||
);
|
||||
|
||||
memcpy(&nas_buffer->msg[1],mac,4);
|
||||
//Copy NAS PDU to Downlink NAS Trasport message buffer
|
||||
memcpy(dw_nas->NAS_PDU.buffer, nas_buffer->msg, nas_buffer->N_bytes);
|
||||
dw_nas->NAS_PDU.n_octets = nas_buffer->N_bytes;
|
||||
|
|
Loading…
Reference in New Issue