5g-team
/
srsRAN_4G
mirror of https://github.com/pvnis/srsRAN_4G.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added encryption of security mode command and attach accept again. Attach is working with encryption.

Browse Source
master
Pedro Alvarez 6 years ago
parent 412b08c4bf
commit 179aeddfa2
3 changed files with 46 additions and 25 deletions
Show Stats Download Patch File Download Diff File

1
srsepc/hdr/mme/nas.h
Unescape Escape View File

@ -269,6 +269,7 @@ public:
/* Security functions */ /* Security functions */
bool integrity_check(srslte::byte_buffer_t* pdu); bool integrity_check(srslte::byte_buffer_t* pdu);
bool short_integrity_check(srslte::byte_buffer_t* pdu); bool short_integrity_check(srslte::byte_buffer_t* pdu);
void integrity_generate(srslte::byte_buffer_t* pdu, uint8_t *mac);
void cipher_decrypt(srslte::byte_buffer_t* pdu); void cipher_decrypt(srslte::byte_buffer_t* pdu);
void cipher_encrypt(srslte::byte_buffer_t* pdu); void cipher_encrypt(srslte::byte_buffer_t* pdu);

68
srsepc/src/mme/nas.cc
Unescape Escape View File

@ -53,8 +53,8 @@ nas::init(nas_init_t args,
m_apn = args.apn; m_apn = args.apn;
m_dns = args.dns; m_dns = args.dns;
m_sec_ctx.integ_algo= args.integ_algo; m_sec_ctx.integ_algo = args.integ_algo;
m_sec_ctx.cipher_algo= args.cipher_algo; m_sec_ctx.cipher_algo = args.cipher_algo;
m_s1ap = s1ap; m_s1ap = s1ap;
m_gtpc = gtpc; m_gtpc = gtpc;
@ -1079,8 +1079,8 @@ nas::pack_security_mode_command(srslte::byte_buffer_t *nas_buffer)
//Pack NAS PDU //Pack NAS PDU
LIBLTE_MME_SECURITY_MODE_COMMAND_MSG_STRUCT sm_cmd; LIBLTE_MME_SECURITY_MODE_COMMAND_MSG_STRUCT sm_cmd;
sm_cmd.selected_nas_sec_algs.type_of_eea = LIBLTE_MME_TYPE_OF_CIPHERING_ALGORITHM_EEA0; sm_cmd.selected_nas_sec_algs.type_of_eea = (LIBLTE_MME_TYPE_OF_CIPHERING_ALGORITHM_ENUM) m_sec_ctx.cipher_algo;
sm_cmd.selected_nas_sec_algs.type_of_eia = LIBLTE_MME_TYPE_OF_INTEGRITY_ALGORITHM_128_EIA1; sm_cmd.selected_nas_sec_algs.type_of_eia = (LIBLTE_MME_TYPE_OF_INTEGRITY_ALGORITHM_ENUM) m_sec_ctx.integ_algo;
sm_cmd.nas_ksi.tsc_flag=LIBLTE_MME_TYPE_OF_SECURITY_CONTEXT_FLAG_NATIVE; sm_cmd.nas_ksi.tsc_flag=LIBLTE_MME_TYPE_OF_SECURITY_CONTEXT_FLAG_NATIVE;
sm_cmd.nas_ksi.nas_ksi=m_sec_ctx.eksi; sm_cmd.nas_ksi.nas_ksi=m_sec_ctx.eksi;
@ -1112,8 +1112,8 @@ nas::pack_security_mode_command(srslte::byte_buffer_t *nas_buffer)
//Generate EPS security context //Generate EPS security context
uint8_t mac[4]; uint8_t mac[4];
srslte::security_generate_k_nas( m_sec_ctx.k_asme, srslte::security_generate_k_nas( m_sec_ctx.k_asme,
srslte::CIPHERING_ALGORITHM_ID_EEA0, m_sec_ctx.cipher_algo,
srslte::INTEGRITY_ALGORITHM_ID_128_EIA1, m_sec_ctx.integ_algo,
m_sec_ctx.k_nas_enc, m_sec_ctx.k_nas_enc,
m_sec_ctx.k_nas_int m_sec_ctx.k_nas_int
); );
@ -1159,16 +1159,11 @@ nas::pack_esm_information_request(srslte::byte_buffer_t *nas_buffer)
return false; return false;
} }
cipher_encrypt(nas_buffer);
uint8_t mac[4]; uint8_t mac[4];
srslte::security_128_eia1 (&m_sec_ctx.k_nas_int[16], integrity_generate(nas_buffer, mac);
m_sec_ctx.dl_nas_count, memcpy(&nas_buffer->msg[1], mac, 4);
0,
SECURITY_DIRECTION_DOWNLINK,
&nas_buffer->msg[5],
nas_buffer->N_bytes - 5,
mac
);
memcpy(&nas_buffer->msg[1],mac,4);
return true; return true;
} }
@ -1286,17 +1281,13 @@ nas::pack_attach_accept(srslte::byte_buffer_t *nas_buffer)
m_sec_ctx.dl_nas_count++; m_sec_ctx.dl_nas_count++;
liblte_mme_pack_activate_default_eps_bearer_context_request_msg(&act_def_eps_bearer_context_req, &attach_accept.esm_msg); liblte_mme_pack_activate_default_eps_bearer_context_request_msg(&act_def_eps_bearer_context_req, &attach_accept.esm_msg);
liblte_mme_pack_attach_accept_msg(&attach_accept, sec_hdr_type, m_sec_ctx.dl_nas_count, (LIBLTE_BYTE_MSG_STRUCT *) nas_buffer); liblte_mme_pack_attach_accept_msg(&attach_accept, sec_hdr_type, m_sec_ctx.dl_nas_count, (LIBLTE_BYTE_MSG_STRUCT *) nas_buffer);
//Integrity protect NAS message
uint8_t mac[4];
srslte::security_128_eia1 (&m_sec_ctx.k_nas_int[16],
m_sec_ctx.dl_nas_count,
0,
SECURITY_DIRECTION_DOWNLINK,
&nas_buffer->msg[5],
nas_buffer->N_bytes - 5,
mac
);
// Encrypt NAS message
cipher_encrypt(nas_buffer);
// Integrity protect NAS message
uint8_t mac[4];
integrity_generate(nas_buffer, mac);
memcpy(&nas_buffer->msg[1],mac,4); memcpy(&nas_buffer->msg[1],mac,4);
//Log attach accept info //Log attach accept info
@ -1486,6 +1477,33 @@ bool nas::integrity_check(srslte::byte_buffer_t *pdu)
return true; return true;
} }
void nas::integrity_generate(srslte::byte_buffer_t* pdu, uint8_t* mac)
{
switch (m_sec_ctx.integ_algo) {
case srslte::INTEGRITY_ALGORITHM_ID_EIA0:
break;
case srslte::INTEGRITY_ALGORITHM_ID_128_EIA1:
srslte::security_128_eia1(&m_sec_ctx.k_nas_int[16],
m_sec_ctx.dl_nas_count,
0, // Bearer always 0 for NAS
SECURITY_DIRECTION_DOWNLINK,
&pdu->msg[5],
pdu->N_bytes - 5,
mac);
break;
case srslte::INTEGRITY_ALGORITHM_ID_128_EIA2:
srslte::security_128_eia2(&m_sec_ctx.k_nas_int[16],
m_sec_ctx.dl_nas_count,
0, // Bearer always 0 for NAS
SECURITY_DIRECTION_DOWNLINK,
&pdu->msg[5],
pdu->N_bytes - 5,
mac);
break;
default:
break;
}
}
void nas::cipher_decrypt(srslte::byte_buffer_t *pdu) void nas::cipher_decrypt(srslte::byte_buffer_t *pdu)
{ {

2
srsepc/src/mme/s1ap_nas_transport.cc
Unescape Escape View File

@ -198,8 +198,10 @@ bool s1ap_nas_transport::handle_uplink_nas_transport(LIBLTE_S1AP_MESSAGE_UPLINKN
if (sec_hdr_type == LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_AND_CIPHERED || if (sec_hdr_type == LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_AND_CIPHERED ||
sec_hdr_type == LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_AND_CIPHERED_WITH_NEW_EPS_SECURITY_CONTEXT) sec_hdr_type == LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_AND_CIPHERED_WITH_NEW_EPS_SECURITY_CONTEXT)
{ {
m_s1ap_log->debug_hex(nas_msg->msg, nas_msg->N_bytes, "Encrypted");
nas_ctx->cipher_decrypt(nas_msg); nas_ctx->cipher_decrypt(nas_msg);
msg_encrypted = true; msg_encrypted = true;
m_s1ap_log->debug_hex(nas_msg->msg, nas_msg->N_bytes, "Decrypted");
} }
// Now parse message header and handle message // Now parse message header and handle message

Write Preview
Loading…
Cancel
Save