Fix short MAC integrity check at MME

master
Pedro Alvarez 4 years ago
parent 643b5a1885
commit 061385cf72

@ -1701,12 +1701,14 @@ bool nas::short_integrity_check(srsran::byte_buffer_t* pdu)
return false; return false;
} }
uint32_t estimated_count = (m_sec_ctx.ul_nas_count & 0xffffffe0) | (pdu->msg[1] & 0x1f);
switch (m_sec_ctx.integ_algo) { switch (m_sec_ctx.integ_algo) {
case srsran::INTEGRITY_ALGORITHM_ID_EIA0: case srsran::INTEGRITY_ALGORITHM_ID_EIA0:
break; break;
case srsran::INTEGRITY_ALGORITHM_ID_128_EIA1: case srsran::INTEGRITY_ALGORITHM_ID_128_EIA1:
srsran::security_128_eia1(&m_sec_ctx.k_nas_int[16], srsran::security_128_eia1(&m_sec_ctx.k_nas_int[16],
m_sec_ctx.ul_nas_count, estimated_count,
0, 0,
srsran::SECURITY_DIRECTION_UPLINK, srsran::SECURITY_DIRECTION_UPLINK,
&pdu->msg[0], &pdu->msg[0],
@ -1715,7 +1717,7 @@ bool nas::short_integrity_check(srsran::byte_buffer_t* pdu)
break; break;
case srsran::INTEGRITY_ALGORITHM_ID_128_EIA2: case srsran::INTEGRITY_ALGORITHM_ID_128_EIA2:
srsran::security_128_eia2(&m_sec_ctx.k_nas_int[16], srsran::security_128_eia2(&m_sec_ctx.k_nas_int[16],
m_sec_ctx.ul_nas_count, estimated_count,
0, 0,
srsran::SECURITY_DIRECTION_UPLINK, srsran::SECURITY_DIRECTION_UPLINK,
&pdu->msg[0], &pdu->msg[0],
@ -1724,7 +1726,7 @@ bool nas::short_integrity_check(srsran::byte_buffer_t* pdu)
break; break;
case srsran::INTEGRITY_ALGORITHM_ID_128_EIA3: case srsran::INTEGRITY_ALGORITHM_ID_128_EIA3:
srsran::security_128_eia3(&m_sec_ctx.k_nas_int[16], srsran::security_128_eia3(&m_sec_ctx.k_nas_int[16],
m_sec_ctx.ul_nas_count, estimated_count,
0, 0,
srsran::SECURITY_DIRECTION_UPLINK, srsran::SECURITY_DIRECTION_UPLINK,
&pdu->msg[0], &pdu->msg[0],
@ -1734,12 +1736,13 @@ bool nas::short_integrity_check(srsran::byte_buffer_t* pdu)
default: default:
break; break;
} }
// Check if expected mac equals the sent mac // Check if expected mac equals the sent mac
for (i = 0; i < 2; i++) { for (i = 0; i < 2; i++) {
if (exp_mac[i + 2] != mac[i]) { if (exp_mac[i + 2] != mac[i]) {
m_logger.warning("Short integrity check failure. Local: count=%d, [%02x %02x %02x %02x], " m_logger.warning("Short integrity check failure. Local: count=%d, [%02x %02x %02x %02x], "
"Received: count=%d, [%02x %02x]", "Received: count=%d, [%02x %02x]",
m_sec_ctx.ul_nas_count, estimated_count,
exp_mac[0], exp_mac[0],
exp_mac[1], exp_mac[1],
exp_mac[2], exp_mac[2],
@ -1750,7 +1753,9 @@ bool nas::short_integrity_check(srsran::byte_buffer_t* pdu)
return false; return false;
} }
} }
m_logger.info("Integrity check ok. Local: count=%d, Received: count=%d", m_sec_ctx.ul_nas_count, pdu->msg[1] & 0x1F); m_logger.info("Integrity check ok. Local: count=%d, Received: count=%d", m_sec_ctx.ul_nas_count, pdu->msg[1] & 0x1F);
m_sec_ctx.ul_nas_count = estimated_count;
return true; return true;
} }

Loading…
Cancel
Save