mirror of https://github.com/PentHertz/srsLTE.git
Added config of cipher_algo and integ_algo initialization in NAS class.
This commit is contained in:
parent
5eacdd5418
commit
997c24c099
|
@ -2492,6 +2492,8 @@ LIBLTE_ERROR_ENUM liblte_mme_unpack_transaction_identifier_ie(uint8
|
|||
#define LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_WITH_NEW_EPS_SECURITY_CONTEXT 0x3
|
||||
#define LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_AND_CIPHERED_WITH_NEW_EPS_SECURITY_CONTEXT 0x4
|
||||
#define LIBLTE_MME_SECURITY_HDR_TYPE_SERVICE_REQUEST 0xC
|
||||
const char* liblte_nas_sec_hdr_type_to_string(int code);
|
||||
|
||||
//Message Type
|
||||
#define LIBLTE_MME_MSG_TYPE_ATTACH_REQUEST 0x41
|
||||
#define LIBLTE_MME_MSG_TYPE_ATTACH_ACCEPT 0x42
|
||||
|
|
|
@ -11210,6 +11210,20 @@ LIBLTE_ERROR_ENUM liblte_mme_unpack_pdn_disconnect_request_msg(LIBLTE_BYTE_MSG_S
|
|||
/*******************************************************************************
|
||||
HELPER FUNCTIONS
|
||||
*******************************************************************************/
|
||||
const char* liblte_nas_sec_hdr_type_to_string(int code)
|
||||
{
|
||||
switch(code)
|
||||
{
|
||||
LIBLTE_CASE_STR(LIBLTE_MME_SECURITY_HDR_TYPE_PLAIN_NAS);
|
||||
LIBLTE_CASE_STR(LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY);
|
||||
LIBLTE_CASE_STR(LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_AND_CIPHERED);
|
||||
LIBLTE_CASE_STR(LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_WITH_NEW_EPS_SECURITY_CONTEXT);
|
||||
LIBLTE_CASE_STR(LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_AND_CIPHERED_WITH_NEW_EPS_SECURITY_CONTEXT);
|
||||
LIBLTE_CASE_STR(LIBLTE_MME_SECURITY_HDR_TYPE_SERVICE_REQUEST);
|
||||
default: return "NAS Message Type Unknown";
|
||||
}
|
||||
}
|
||||
|
||||
const char* liblte_nas_msg_type_to_string(int code)
|
||||
{
|
||||
switch(code)
|
||||
|
|
|
@ -142,6 +142,8 @@ typedef struct {
|
|||
uint16_t tac;
|
||||
std::string apn;
|
||||
std::string dns;
|
||||
srslte::CIPHERING_ALGORITHM_ID_ENUM cipher_algo;
|
||||
srslte::INTEGRITY_ALGORITHM_ID_ENUM integ_algo;
|
||||
} nas_init_t;
|
||||
|
||||
class nas
|
||||
|
|
|
@ -174,7 +174,7 @@ parse_args(all_args_t *args, int argc, char* argv[]) {
|
|||
// if no config file given, check users home path
|
||||
if (!vm.count("config_file")) {
|
||||
if (!config_exists(config_file, "epc.conf")) {
|
||||
cout << "Failed to read ePC configuration file " << config_file << " - exiting" << endl;
|
||||
cout << "Failed to read EPC configuration file " << config_file << " - exiting" << endl;
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -52,7 +52,10 @@ nas::init(nas_init_t args,
|
|||
m_tac = args.tac;
|
||||
m_apn = args.apn;
|
||||
m_dns = args.dns;
|
||||
|
||||
|
||||
m_sec_ctx.integ_algo= args.integ_algo;
|
||||
m_sec_ctx.cipher_algo= args.cipher_algo;
|
||||
|
||||
m_s1ap = s1ap;
|
||||
m_gtpc = gtpc;
|
||||
m_hss = hss;
|
||||
|
@ -1470,10 +1473,11 @@ bool nas::integrity_check(srslte::byte_buffer_t *pdu)
|
|||
// Check if expected mac equals the sent mac
|
||||
for (i = 0; i < 4; i++) {
|
||||
if (exp_mac[i] != mac[i]) {
|
||||
m_nas_log->warning("Integrity check failure. UL Local: count=%d, [%02x %02x %02x %02x], "
|
||||
"Received: UL count=%d, [%02x %02x %02x %02x]\n",
|
||||
m_sec_ctx.ul_nas_count, exp_mac[0], exp_mac[1], exp_mac[2], exp_mac[3],
|
||||
pdu->msg[5], mac[0], mac[1], mac[2], mac[3]);
|
||||
m_nas_log->warning("Integrity check failure. Algorithm=EIA%d\n", (int)m_sec_ctx.integ_algo);
|
||||
m_nas_log->warning("UL Local: count=%d, MAC=[%02x %02x %02x %02x], "
|
||||
"Received: UL count=%d, MAC=[%02x %02x %02x %02x]\n",
|
||||
m_sec_ctx.ul_nas_count, exp_mac[0], exp_mac[1], exp_mac[2], exp_mac[3], pdu->msg[5], mac[0],
|
||||
mac[1], mac[2], mac[3]);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -97,6 +97,8 @@ bool s1ap_nas_transport::handle_initial_ue_message(LIBLTE_S1AP_MESSAGE_INITIALUE
|
|||
nas_init.tac = m_s1ap->m_s1ap_args.tac;
|
||||
nas_init.apn = m_s1ap->m_s1ap_args.mme_apn;
|
||||
nas_init.dns = m_s1ap->m_s1ap_args.dns_addr;
|
||||
nas_init.integ_algo = m_s1ap->m_s1ap_args.integrity_algo;
|
||||
nas_init.cipher_algo = m_s1ap->m_s1ap_args.encryption_algo;
|
||||
|
||||
if(init_ue->S_TMSI_present){
|
||||
srslte::uint8_to_uint32(init_ue->S_TMSI.m_TMSI.buffer, &m_tmsi);
|
||||
|
@ -229,8 +231,9 @@ bool s1ap_nas_transport::handle_uplink_nas_transport(LIBLTE_S1AP_MESSAGE_UPLINKN
|
|||
// - DETACH REQUEST;
|
||||
// - DETACH ACCEPT;
|
||||
// - TRACKING AREA UPDATE REQUEST.
|
||||
m_s1ap_log->info("UL NAS: sec_hdr_type: 0x%x, mac_vaild: %s, msg_encrypted: %s\n", sec_hdr_type,
|
||||
mac_valid == true ? "yes" : "no", msg_encrypted == true ? "yes" : "no");
|
||||
m_s1ap_log->info("UL NAS: sec_hdr_type: %s, mac_vaild: %s, msg_encrypted: %s\n",
|
||||
liblte_nas_sec_hdr_type_to_string(sec_hdr_type), mac_valid == true ? "yes" : "no",
|
||||
msg_encrypted == true ? "yes" : "no");
|
||||
|
||||
switch (msg_type)
|
||||
{
|
||||
|
@ -269,8 +272,8 @@ bool s1ap_nas_transport::handle_uplink_nas_transport(LIBLTE_S1AP_MESSAGE_UPLINKN
|
|||
nas_ctx->handle_security_mode_complete(nas_msg);
|
||||
} else {
|
||||
// Security Mode Complete was not integrity protected
|
||||
m_s1ap_log->console("Security Mode Complete not integrity protected. Discard message.\n");
|
||||
m_s1ap_log->warning("Security Mode Complete not integrity protected. Discard message.\n");
|
||||
m_s1ap_log->console("Security Mode Complete %s. Discard message.\n", (mac_valid ? "not integrity protected": "invalid integrity"));
|
||||
m_s1ap_log->warning("Security Mode Complete %s. Discard message.\n", (mac_valid ? "not integrity protected": "invalid integrity"));
|
||||
increase_ul_nas_cnt = false;
|
||||
}
|
||||
break;
|
||||
|
|
Loading…
Reference in New Issue