mirror of https://github.com/PentHertz/srsLTE.git
Configurable sec algo preference list
This commit is contained in:
parent
fd34e22c84
commit
39c49ab1ef
|
@ -155,6 +155,8 @@ nof_ctrl_symbols = 3
|
|||
# enable_mbsfn: Enable MBMS transmission in the eNB
|
||||
# m1u_multiaddr: Multicast addres the M1-U socket will register to
|
||||
# m1u_if_addr: Address of the inteferface the M1-U interface will listen for multicast packets.
|
||||
# eea_pref_list: Ordered preference list for the selection of encryption algorithm (EEA) (default: EEA0, EEA2, EEA1).
|
||||
# eia_pref_list: Ordered preference list for the selection of integrity algorithm (EIA) (default: EIA2, EIA1, EIA0).
|
||||
#
|
||||
#####################################################################
|
||||
[expert]
|
||||
|
@ -172,3 +174,5 @@ nof_ctrl_symbols = 3
|
|||
#enable_mbsfn = false
|
||||
#m1u_multiaddr = 239.255.0.1
|
||||
#m1u_if_addr = 127.0.1.201
|
||||
#eea_pref_list = EEA0, EEA2, EEA1
|
||||
#eia_pref_list = EIA2, EIA1, EIA0
|
|
@ -47,6 +47,7 @@
|
|||
|
||||
#include "srslte/radio/radio.h"
|
||||
|
||||
#include "srslte/common/security.h"
|
||||
#include "srslte/common/bcd_helpers.h"
|
||||
#include "srslte/common/buffer_pool.h"
|
||||
#include "srslte/interfaces/ue_interfaces.h"
|
||||
|
@ -132,6 +133,8 @@ typedef struct {
|
|||
bool print_buffer_state;
|
||||
std::string m1u_multiaddr;
|
||||
std::string m1u_if_addr;
|
||||
std::string eia_pref_list;
|
||||
std::string eea_pref_list;
|
||||
}expert_args_t;
|
||||
|
||||
typedef struct {
|
||||
|
|
|
@ -90,7 +90,11 @@ typedef struct {
|
|||
srslte_cell_t cell;
|
||||
bool enable_mbsfn;
|
||||
uint32_t inactivity_timeout_ms;
|
||||
}rrc_cfg_t;
|
||||
srslte::CIPHERING_ALGORITHM_ID_ENUM
|
||||
eea_preference_list[srslte::CIPHERING_ALGORITHM_ID_N_ITEMS];
|
||||
srslte::INTEGRITY_ALGORITHM_ID_ENUM
|
||||
eia_preference_list[srslte::INTEGRITY_ALGORITHM_ID_N_ITEMS];
|
||||
} rrc_cfg_t;
|
||||
|
||||
static const char rrc_state_text[RRC_STATE_N_ITEMS][100] = {"IDLE",
|
||||
"WAIT FOR CON SETUP COMPLETE",
|
||||
|
|
|
@ -179,6 +179,56 @@ bool enb::init(all_args_t *args_)
|
|||
rrc_cfg.inactivity_timeout_ms = args->expert.rrc_inactivity_timer;
|
||||
rrc_cfg.enable_mbsfn = args->expert.enable_mbsfn;
|
||||
|
||||
// Parse EEA preference list
|
||||
std::vector<std::string> eea_pref_list;
|
||||
boost::split(eea_pref_list, args->expert.eea_pref_list,
|
||||
boost::is_any_of(","));
|
||||
int i = 0;
|
||||
for (std::vector<std::string>::iterator it = eea_pref_list.begin();
|
||||
it != eea_pref_list.end() && i < srslte::CIPHERING_ALGORITHM_ID_N_ITEMS;
|
||||
it++) {
|
||||
boost::trim_left(*it);
|
||||
if ((*it).compare("EEA0") == 0) {
|
||||
rrc_cfg.eea_preference_list[i] = srslte::CIPHERING_ALGORITHM_ID_EEA0;
|
||||
i++;
|
||||
} else if ((*it).compare("EEA1") == 0) {
|
||||
rrc_cfg.eea_preference_list[i] = srslte::CIPHERING_ALGORITHM_ID_128_EEA1;
|
||||
i++;
|
||||
} else if ((*it).compare("EEA2") == 0) {
|
||||
rrc_cfg.eea_preference_list[i] = srslte::CIPHERING_ALGORITHM_ID_128_EEA2;
|
||||
i++;
|
||||
} else {
|
||||
fprintf(stderr, "Failed to parse EEA prefence list %s \n",
|
||||
args->expert.eea_pref_list.c_str());
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// Parse EIA preference list
|
||||
std::vector<std::string> eia_pref_list;
|
||||
boost::split(eia_pref_list, args->expert.eia_pref_list,
|
||||
boost::is_any_of(","));
|
||||
i = 0;
|
||||
for (std::vector<std::string>::iterator it = eia_pref_list.begin();
|
||||
it != eia_pref_list.end() && i < srslte::INTEGRITY_ALGORITHM_ID_N_ITEMS;
|
||||
it++) {
|
||||
boost::trim_left(*it);
|
||||
if ((*it).compare("EIA0") == 0) {
|
||||
rrc_cfg.eia_preference_list[i] = srslte::INTEGRITY_ALGORITHM_ID_EIA0;
|
||||
i++;
|
||||
} else if ((*it).compare("EIA1") == 0) {
|
||||
rrc_cfg.eia_preference_list[i] = srslte::INTEGRITY_ALGORITHM_ID_128_EIA1;
|
||||
i++;
|
||||
} else if ((*it).compare("EIA2") == 0) {
|
||||
rrc_cfg.eia_preference_list[i] = srslte::INTEGRITY_ALGORITHM_ID_128_EIA2;
|
||||
i++;
|
||||
} else {
|
||||
fprintf(stderr, "Failed to parse EIA prefence list %s \n",
|
||||
args->expert.eia_pref_list.c_str());
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// Copy cell struct to rrc and phy
|
||||
memcpy(&rrc_cfg.cell, &cell_cfg, sizeof(srslte_cell_t));
|
||||
memcpy(&phy_cfg.cell, &cell_cfg, sizeof(srslte_cell_t));
|
||||
|
|
|
@ -155,6 +155,8 @@ void parse_args(all_args_t *args, int argc, char* argv[]) {
|
|||
("expert.print_buffer_state", bpo::value<bool>(&args->expert.print_buffer_state)->default_value(false), "Prints on the console the buffer state every 10 seconds")
|
||||
("expert.m1u_multiaddr", bpo::value<string>(&args->expert.m1u_multiaddr)->default_value("239.255.0.1"), "M1-U Multicast address the eNB joins.")
|
||||
("expert.m1u_if_addr", bpo::value<string>(&args->expert.m1u_if_addr)->default_value("127.0.1.201"), "IP address of the interface the eNB will listen for M1-U traffic.")
|
||||
("expert.eea_pref_list", bpo::value<string>(&args->expert.eea_pref_list)->default_value("EEA0, EEA2, EEA1"), "Ordered preference list for the selection of encryption algorithm (EEA) (default: EEA0, EEA2, EEA1).")
|
||||
("expert.eia_pref_list", bpo::value<string>(&args->expert.eia_pref_list)->default_value("EIA2, EIA1, EIA0"), "Ordered preference list for the selection of integrity algorithm (EIA) (default: EIA2, EIA1, EIA0).")
|
||||
;
|
||||
|
||||
// Positional options - config file location
|
||||
|
|
|
@ -1214,7 +1214,7 @@ void rrc::ue::set_security_key(uint8_t* key, uint32_t length)
|
|||
// Selects security algorithms (cipher_algo and integ_algo) based on capabilities and config preferences
|
||||
select_security_algorithms();
|
||||
|
||||
parent->rrc_log->info("Selected security algorithms EEA: EEA-%d EIA: EIA-%d\n", cipher_algo, integ_algo);
|
||||
parent->rrc_log->info("Selected security algorithms EEA: EEA%d EIA: EIA%d\n", cipher_algo, integ_algo);
|
||||
|
||||
// Generate K_rrc_enc and K_rrc_int
|
||||
srslte::security_generate_k_rrc(k_enb, cipher_algo, integ_algo, k_rrc_enc, k_rrc_int);
|
||||
|
@ -1903,35 +1903,23 @@ void rrc::ue::send_ue_cap_enquiry()
|
|||
|
||||
/********************** HELPERS ***************************/
|
||||
|
||||
bool rrc::ue::select_security_algorithms()
|
||||
{
|
||||
srslte::CIPHERING_ALGORITHM_ID_ENUM
|
||||
enc_algo_preference[srslte::CIPHERING_ALGORITHM_ID_N_ITEMS] = {
|
||||
srslte::CIPHERING_ALGORITHM_ID_128_EEA2,
|
||||
srslte::CIPHERING_ALGORITHM_ID_128_EEA1,
|
||||
srslte::CIPHERING_ALGORITHM_ID_EEA0};
|
||||
|
||||
srslte::INTEGRITY_ALGORITHM_ID_ENUM
|
||||
intgrity_algo_preference[srslte::INTEGRITY_ALGORITHM_ID_N_ITEMS] = {
|
||||
srslte::INTEGRITY_ALGORITHM_ID_128_EIA2,
|
||||
srslte::INTEGRITY_ALGORITHM_ID_128_EIA1,
|
||||
srslte::INTEGRITY_ALGORITHM_ID_EIA0};
|
||||
|
||||
bool rrc::ue::select_security_algorithms() {
|
||||
// Each position in the bitmap represents an encryption algorithm:
|
||||
// “all bits equal to 0” – UE supports no other algorithm than EEA0,
|
||||
// “first bit” – 128-EEA1,
|
||||
// “second bit” – 128-EEA2,
|
||||
// “third bit” – 128-EEA3,
|
||||
// other bits reserved for future use. Value ‘1’ indicates support and value ‘0’ indicates no support of the algorithm.
|
||||
// other bits reserved for future use. Value ‘1’ indicates support and value
|
||||
// ‘0’ indicates no support of the algorithm.
|
||||
// Algorithms are defined in TS 33.401 [15].
|
||||
// Note: information missing
|
||||
// Note: information missing
|
||||
|
||||
bool enc_algo_found = false;
|
||||
bool enc_algo_found = false;
|
||||
bool integ_algo_found = false;
|
||||
bool zero_vector = true;
|
||||
int i = 0;
|
||||
for (i = 0; i < srslte::CIPHERING_ALGORITHM_ID_N_ITEMS; i++) {
|
||||
switch (enc_algo_preference[i]) {
|
||||
switch (parent->cfg.eea_preference_list[i]) {
|
||||
case srslte::CIPHERING_ALGORITHM_ID_EEA0:
|
||||
// “all bits equal to 0” – UE supports no other algorithm than EEA0,
|
||||
zero_vector = true;
|
||||
|
@ -1974,7 +1962,7 @@ bool rrc::ue::select_security_algorithms()
|
|||
}
|
||||
|
||||
for (i = 0; i < srslte::INTEGRITY_ALGORITHM_ID_N_ITEMS; i++) {
|
||||
switch (intgrity_algo_preference[i]) {
|
||||
switch (parent->cfg.eia_preference_list[i]) {
|
||||
case srslte::INTEGRITY_ALGORITHM_ID_EIA0:
|
||||
// “all bits equal to 0” – UE supports no other algorithm than EEA0,
|
||||
zero_vector = true;
|
||||
|
@ -2015,7 +2003,7 @@ bool rrc::ue::select_security_algorithms()
|
|||
}
|
||||
}
|
||||
|
||||
if(integ_algo_found == false || enc_algo_found == false){
|
||||
if (integ_algo_found == false || enc_algo_found == false) {
|
||||
// TODO: if no security algorithm found abort radio connection and issue
|
||||
// cryption-and-or-integrity-protection-algorithms-not-supported message
|
||||
return false;
|
||||
|
|
Loading…
Reference in New Issue