Added config of cipher_algo and integ_algo initialization in NAS class.

2018-12-18 18:27:31 +00:00 · 2018-12-18 18:27:31 +00:00 · 997c24c099
parent 5eacdd5418
commit 997c24c099
6 changed files with 35 additions and 10 deletions
--- a/lib/include/srslte/asn1/liblte_mme.h
+++ b/lib/include/srslte/asn1/liblte_mme.h
@ -2492,6 +2492,8 @@ LIBLTE_ERROR_ENUM liblte_mme_unpack_transaction_identifier_ie(uint8
 #define LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_WITH_NEW_EPS_SECURITY_CONTEXT              0x3
 #define LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_AND_CIPHERED_WITH_NEW_EPS_SECURITY_CONTEXT 0x4
 #define LIBLTE_MME_SECURITY_HDR_TYPE_SERVICE_REQUEST                                      0xC
+const char* liblte_nas_sec_hdr_type_to_string(int code);
+
 //Message Type
 #define LIBLTE_MME_MSG_TYPE_ATTACH_REQUEST                                                0x41
 #define LIBLTE_MME_MSG_TYPE_ATTACH_ACCEPT                                                 0x42
--- a/lib/src/asn1/liblte_mme.cc
+++ b/lib/src/asn1/liblte_mme.cc
@ -11210,6 +11210,20 @@ LIBLTE_ERROR_ENUM liblte_mme_unpack_pdn_disconnect_request_msg(LIBLTE_BYTE_MSG_S
 /*******************************************************************************
                              HELPER FUNCTIONS
 *******************************************************************************/
+const char* liblte_nas_sec_hdr_type_to_string(int code)
+{
+  switch(code)
+  {
+    LIBLTE_CASE_STR(LIBLTE_MME_SECURITY_HDR_TYPE_PLAIN_NAS);                                           
+    LIBLTE_CASE_STR(LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY);
+    LIBLTE_CASE_STR(LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_AND_CIPHERED);
+    LIBLTE_CASE_STR(LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_WITH_NEW_EPS_SECURITY_CONTEXT);
+    LIBLTE_CASE_STR(LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_AND_CIPHERED_WITH_NEW_EPS_SECURITY_CONTEXT);
+    LIBLTE_CASE_STR(LIBLTE_MME_SECURITY_HDR_TYPE_SERVICE_REQUEST);
+    default: return "NAS Message Type Unknown";
+  }
+}
+
 const char* liblte_nas_msg_type_to_string(int code)
 {
  switch(code)
--- a/srsepc/hdr/mme/nas.h
+++ b/srsepc/hdr/mme/nas.h
@ -142,6 +142,8 @@ typedef struct {
  uint16_t tac;
  std::string apn;
  std::string dns;
+  srslte::CIPHERING_ALGORITHM_ID_ENUM cipher_algo;
+  srslte::INTEGRITY_ALGORITHM_ID_ENUM integ_algo;
 } nas_init_t;

 class nas
--- a/srsepc/src/main.cc
+++ b/srsepc/src/main.cc
@ -174,7 +174,7 @@ parse_args(all_args_t *args, int argc, char* argv[]) {
  // if no config file given, check users home path
  if (!vm.count("config_file")) {
    if (!config_exists(config_file, "epc.conf")) {
-      cout << "Failed to read ePC configuration file " << config_file << " - exiting" << endl;
+      cout << "Failed to read EPC configuration file " << config_file << " - exiting" << endl;
      exit(1);
    }
  }
--- a/srsepc/src/mme/nas.cc
+++ b/srsepc/src/mme/nas.cc
@ -52,7 +52,10 @@ nas::init(nas_init_t args,
  m_tac       = args.tac;
  m_apn       = args.apn;
  m_dns       = args.dns;
-
+  
+  m_sec_ctx.integ_algo= args.integ_algo; 
+  m_sec_ctx.cipher_algo= args.cipher_algo; 
+  
  m_s1ap    = s1ap;
  m_gtpc    = gtpc;
  m_hss     = hss;
@ -1470,10 +1473,11 @@ bool nas::integrity_check(srslte::byte_buffer_t *pdu)
  // Check if expected mac equals the sent mac
  for (i = 0; i < 4; i++) {
    if (exp_mac[i] != mac[i]) {
-      m_nas_log->warning("Integrity check failure. UL Local: count=%d, [%02x %02x %02x %02x], "
-                          "Received: UL count=%d, [%02x %02x %02x %02x]\n",
-                          m_sec_ctx.ul_nas_count, exp_mac[0], exp_mac[1], exp_mac[2], exp_mac[3],
-                          pdu->msg[5], mac[0], mac[1], mac[2], mac[3]);
+      m_nas_log->warning("Integrity check failure. Algorithm=EIA%d\n", (int)m_sec_ctx.integ_algo);
+      m_nas_log->warning("UL Local: count=%d, MAC=[%02x %02x %02x %02x], "
+                         "Received: UL count=%d, MAC=[%02x %02x %02x %02x]\n",
+                         m_sec_ctx.ul_nas_count, exp_mac[0], exp_mac[1], exp_mac[2], exp_mac[3], pdu->msg[5], mac[0],
+                         mac[1], mac[2], mac[3]);
      return false;
    }
  }
--- a/srsepc/src/mme/s1ap_nas_transport.cc
+++ b/srsepc/src/mme/s1ap_nas_transport.cc
@ -97,6 +97,8 @@ bool s1ap_nas_transport::handle_initial_ue_message(LIBLTE_S1AP_MESSAGE_INITIALUE
  nas_init.tac       = m_s1ap->m_s1ap_args.tac;
  nas_init.apn       = m_s1ap->m_s1ap_args.mme_apn;
  nas_init.dns       = m_s1ap->m_s1ap_args.dns_addr;
+  nas_init.integ_algo  = m_s1ap->m_s1ap_args.integrity_algo;
+  nas_init.cipher_algo = m_s1ap->m_s1ap_args.encryption_algo;

  if(init_ue->S_TMSI_present){
    srslte::uint8_to_uint32(init_ue->S_TMSI.m_TMSI.buffer, &m_tmsi);
@ -229,8 +231,9 @@ bool s1ap_nas_transport::handle_uplink_nas_transport(LIBLTE_S1AP_MESSAGE_UPLINKN
  // - DETACH REQUEST;
  // - DETACH ACCEPT;
  // - TRACKING AREA UPDATE REQUEST.
-  m_s1ap_log->info("UL NAS: sec_hdr_type: 0x%x, mac_vaild: %s, msg_encrypted: %s\n", sec_hdr_type,
-                   mac_valid == true ? "yes" : "no", msg_encrypted == true ? "yes" : "no");
+  m_s1ap_log->info("UL NAS: sec_hdr_type: %s, mac_vaild: %s, msg_encrypted: %s\n",
+                   liblte_nas_sec_hdr_type_to_string(sec_hdr_type), mac_valid == true ? "yes" : "no",
+                   msg_encrypted == true ? "yes" : "no");

  switch (msg_type)
  {
@ -269,8 +272,8 @@ bool s1ap_nas_transport::handle_uplink_nas_transport(LIBLTE_S1AP_MESSAGE_UPLINKN
      nas_ctx->handle_security_mode_complete(nas_msg);
    } else {
      // Security Mode Complete was not integrity protected
-      m_s1ap_log->console("Security Mode Complete not integrity protected. Discard message.\n");
-      m_s1ap_log->warning("Security Mode Complete not integrity protected. Discard message.\n");
+      m_s1ap_log->console("Security Mode Complete %s. Discard message.\n", (mac_valid ? "not integrity protected": "invalid integrity"));
+      m_s1ap_log->warning("Security Mode Complete %s. Discard message.\n", (mac_valid ? "not integrity protected": "invalid integrity"));
      increase_ul_nas_cnt = false;
    }
    break;