PentHertz
/
srsLTE
mirror of https://github.com/PentHertz/srsLTE.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Generating k_enb in the securty mode command. Fixed wrong k_enb generation. Integrity is being checked corretly in upstream NAS messages.

This commit is contained in:
Pedro Alvarez 2018-02-14 12:28:55 +00:00
parent aedcfbb686
commit 1c4dce8066
3 changed files with 17 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
srsepc/hdr/mme/s1ap_common.h
View File

@ -115,6 +115,7 @@ typedef struct{
srslte::INTEGRITY_ALGORITHM_ID_ENUM integ_algo; srslte::INTEGRITY_ALGORITHM_ID_ENUM integ_algo;
uint8_t k_nas_enc[32]; uint8_t k_nas_enc[32];
uint8_t k_nas_int[32]; uint8_t k_nas_int[32];
uint8_t k_enb[32];
LIBLTE_MME_UE_NETWORK_CAPABILITY_STRUCT ue_network_cap; LIBLTE_MME_UE_NETWORK_CAPABILITY_STRUCT ue_network_cap;
bool ms_network_cap_present; bool ms_network_cap_present;
LIBLTE_MME_MS_NETWORK_CAPABILITY_STRUCT ms_network_cap; LIBLTE_MME_MS_NETWORK_CAPABILITY_STRUCT ms_network_cap;

7
srsepc/src/mme/s1ap_ctx_mngmt_proc.cc
View File

@ -167,10 +167,9 @@ s1ap_ctx_mngmt_proc::send_initial_context_setup_request(uint32_t mme_ue_s1ap_id,
} }
// in_ctxt_req->UESecurityCapabilities.integrityProtectionAlgorithms.buffer[0] = 1; //EIA1 // in_ctxt_req->UESecurityCapabilities.integrityProtectionAlgorithms.buffer[0] = 1; //EIA1
} }
uint8_t key_enb[32]; //Get K eNB
liblte_security_generate_k_enb(ue_emm_ctx->security_ctxt.k_asme, ue_emm_ctx->security_ctxt.ul_nas_count, key_enb); liblte_unpack(ue_emm_ctx->security_ctxt.k_enb, 32, in_ctxt_req->SecurityKey.buffer);
liblte_unpack(key_enb, 32, in_ctxt_req->SecurityKey.buffer); m_s1ap_log->info_hex(ue_emm_ctx->security_ctxt.k_enb, 32, "Initial Context Setup Request -- Key eNB\n");
m_s1ap_log->info("Generating KeNB with UL NAS COUNT: %d\n",ue_emm_ctx->security_ctxt.ul_nas_count);
//Set Attach accepted and activat default bearer NAS messages //Set Attach accepted and activat default bearer NAS messages
if(cs_resp->paa_present != true) if(cs_resp->paa_present != true)
{ {

17
srsepc/src/mme/s1ap_nas_transport.cc
View File

@ -27,6 +27,7 @@
#include "mme/s1ap.h" #include "mme/s1ap.h"
#include "mme/s1ap_nas_transport.h" #include "mme/s1ap_nas_transport.h"
#include "srslte/common/security.h" #include "srslte/common/security.h"
#include "srslte/common/liblte_security.h"
namespace srsepc{ namespace srsepc{
@ -1042,17 +1043,25 @@ s1ap_nas_transport::pack_security_mode_command(srslte::byte_buffer_t *reply_msg,
return false; return false;
} }
//Generate MAC for integrity protection //Generate EPS security context
//FIXME Write wrapper to support EIA1, EIA2, etc.
uint8_t mac[4]; uint8_t mac[4];
srslte::security_generate_k_nas( ue_emm_ctx->security_ctxt.k_asme, srslte::security_generate_k_nas( ue_emm_ctx->security_ctxt.k_asme,
srslte::CIPHERING_ALGORITHM_ID_EEA0, srslte::CIPHERING_ALGORITHM_ID_EEA0,
srslte::INTEGRITY_ALGORITHM_ID_128_EIA1, srslte::INTEGRITY_ALGORITHM_ID_128_EIA1,
ue_emm_ctx->security_ctxt.k_nas_enc, ue_emm_ctx->security_ctxt.k_nas_enc,
ue_emm_ctx->security_ctxt.k_nas_int ue_emm_ctx->security_ctxt.k_nas_int
); );
srslte::security_generate_k_nas( ue_emm_ctx->security_ctxt.k_asme,
srslte::CIPHERING_ALGORITHM_ID_EEA0,
srslte::INTEGRITY_ALGORITHM_ID_128_EIA1,
ue_emm_ctx->security_ctxt.k_nas_enc,
ue_emm_ctx->security_ctxt.k_nas_int
);
uint8_t key_enb[32];
liblte_security_generate_k_enb(ue_emm_ctx->security_ctxt.k_asme, ue_emm_ctx->security_ctxt.ul_nas_count, ue_emm_ctx->security_ctxt.k_enb);
m_s1ap_log->info("Generating KeNB with UL NAS COUNT: %d\n",ue_emm_ctx->security_ctxt.ul_nas_count);
//Generate MAC for integrity protection
//FIXME Write wrapper to support EIA1, EIA2, etc.
srslte::security_128_eia1 (&ue_emm_ctx->security_ctxt.k_nas_int[16], srslte::security_128_eia1 (&ue_emm_ctx->security_ctxt.k_nas_int[16],
ue_emm_ctx->security_ctxt.dl_nas_count, ue_emm_ctx->security_ctxt.dl_nas_count,
0, 0,