Starting to integrity protect NAS messages. UE accepted security command reques, starting to parse security command complete.

master
Pedro Alvarez 7 years ago
parent bb85525ad2
commit 1621b6e93a

@ -52,7 +52,8 @@ typedef struct{
uint64_t imsi; uint64_t imsi;
uint32_t enb_ue_s1ap_id; uint32_t enb_ue_s1ap_id;
uint32_t mme_ue_s1ap_id; uint32_t mme_ue_s1ap_id;
uint8_t xres[16]; uint8_t xres[8];
uint8_t k_asme[32];
} ue_ctx_t; } ue_ctx_t;
#endif #endif

@ -278,9 +278,10 @@ s1ap::handle_initial_ue_message(LIBLTE_S1AP_MESSAGE_INITIALUEMESSAGE_STRUCT *ini
//FIXME use this info //FIXME use this info
uint8_t eps_bearer_id = pdn_con_req.eps_bearer_id; //TODO: Unused uint8_t eps_bearer_id = pdn_con_req.eps_bearer_id; //TODO: Unused
uint8_t proc_transaction_id = pdn_con_req.proc_transaction_id; //TODO: Transaction ID unused uint8_t proc_transaction_id = pdn_con_req.proc_transaction_id; //TODO: Transaction ID unused
m_s1ap_log->console("EPS Bearer id: %d\n", eps_bearer_id);
//Get Authentication Vectors from HSS //Get Authentication Vectors from HSS
if(!m_hss->gen_auth_info_answer_milenage(imsi, k_asme, autn, rand, ue_ctx.xres)) if(!m_hss->gen_auth_info_answer_milenage(imsi, ue_ctx.k_asme, autn, rand, ue_ctx.xres))
{ {
m_s1ap_log->console("User not found. IMSI %015lu\n",imsi); m_s1ap_log->console("User not found. IMSI %015lu\n",imsi);
m_s1ap_log->info("User not found. IMSI %015lu\n",imsi); m_s1ap_log->info("User not found. IMSI %015lu\n",imsi);

@ -26,6 +26,7 @@
#include "mme/s1ap.h" #include "mme/s1ap.h"
#include "mme/s1ap_nas_transport.h" #include "mme/s1ap_nas_transport.h"
#include "srslte/common/security.h"
namespace srsepc{ namespace srsepc{
@ -233,6 +234,31 @@ s1ap_nas_transport::pack_security_mode_command(srslte::byte_buffer_t *reply_msg,
return false; return false;
} }
//Generate MAC for integrity protection
//FIXME Write wrapper to support EIA1, EIA2, etc.
//TODO which is the RB ID? Standard says a constant, but which?
uint8_t mac[4];
uint8_t k_nas_enc[32];
uint8_t k_nas_int[32];
srslte::security_generate_k_nas( ue_ctx->k_asme,
srslte::CIPHERING_ALGORITHM_ID_EEA0,
srslte::INTEGRITY_ALGORITHM_ID_128_EIA1,
k_nas_enc,
k_nas_int
);
srslte::security_128_eia1 (&k_nas_int[16],
count,
0,
SECURITY_DIRECTION_DOWNLINK,
&nas_buffer->msg[5],
nas_buffer->N_bytes - 5,
mac
);
memcpy(&nas_buffer->msg[1],mac,4);
//Copy NAS PDU to Downlink NAS Trasport message buffer //Copy NAS PDU to Downlink NAS Trasport message buffer
memcpy(dw_nas->NAS_PDU.buffer, nas_buffer->msg, nas_buffer->N_bytes); memcpy(dw_nas->NAS_PDU.buffer, nas_buffer->msg, nas_buffer->N_bytes);
dw_nas->NAS_PDU.n_octets = nas_buffer->N_bytes; dw_nas->NAS_PDU.n_octets = nas_buffer->N_bytes;

Loading…
Cancel
Save