Generating k_enb in the securty mode command. Fixed wrong k_enb generation. Integrity is being checked corretly in upstream NAS messages.

srsepc/hdr/mme/s1ap_common.h

@@ -115,6 +115,7 @@ typedef struct{
   srslte::INTEGRITY_ALGORITHM_ID_ENUM integ_algo;
   uint8_t k_nas_enc[32];
   uint8_t k_nas_int[32];
+  uint8_t k_enb[32];
   LIBLTE_MME_UE_NETWORK_CAPABILITY_STRUCT ue_network_cap;
   bool ms_network_cap_present;
   LIBLTE_MME_MS_NETWORK_CAPABILITY_STRUCT ms_network_cap;

srsepc/src/mme/s1ap_ctx_mngmt_proc.cc

@@ -167,10 +167,9 @@ s1ap_ctx_mngmt_proc::send_initial_context_setup_request(uint32_t mme_ue_s1ap_id,
     }
     // in_ctxt_req->UESecurityCapabilities.integrityProtectionAlgorithms.buffer[0] = 1; //EIA1
   }
-  uint8_t key_enb[32];
-  liblte_security_generate_k_enb(ue_emm_ctx->security_ctxt.k_asme, ue_emm_ctx->security_ctxt.ul_nas_count, key_enb);
-  liblte_unpack(key_enb, 32, in_ctxt_req->SecurityKey.buffer);
-  m_s1ap_log->info("Generating KeNB with UL NAS COUNT: %d\n",ue_emm_ctx->security_ctxt.ul_nas_count);
+  //Get K eNB
+  liblte_unpack(ue_emm_ctx->security_ctxt.k_enb, 32, in_ctxt_req->SecurityKey.buffer);
+  m_s1ap_log->info_hex(ue_emm_ctx->security_ctxt.k_enb, 32, "Initial Context Setup Request -- Key eNB\n");
   //Set Attach accepted and activat default bearer NAS messages
   if(cs_resp->paa_present != true)
   {

srsepc/src/mme/s1ap_nas_transport.cc

@@ -27,6 +27,7 @@
 #include "mme/s1ap.h"
 #include "mme/s1ap_nas_transport.h"
 #include "srslte/common/security.h"
+#include "srslte/common/liblte_security.h"
 
 namespace srsepc{
 
@@ -1042,17 +1043,25 @@ s1ap_nas_transport::pack_security_mode_command(srslte::byte_buffer_t *reply_msg,
     return false;
   }
 
-  //Generate MAC for integrity protection
-  //FIXME Write wrapper to support EIA1, EIA2, etc.
+  //Generate EPS security context
   uint8_t mac[4];
-
   srslte::security_generate_k_nas( ue_emm_ctx->security_ctxt.k_asme,
                            srslte::CIPHERING_ALGORITHM_ID_EEA0,
                            srslte::INTEGRITY_ALGORITHM_ID_128_EIA1,
                            ue_emm_ctx->security_ctxt.k_nas_enc,
                            ue_emm_ctx->security_ctxt.k_nas_int
                          );
-
+  srslte::security_generate_k_nas( ue_emm_ctx->security_ctxt.k_asme,
+                                   srslte::CIPHERING_ALGORITHM_ID_EEA0,
+                                   srslte::INTEGRITY_ALGORITHM_ID_128_EIA1,
+                                   ue_emm_ctx->security_ctxt.k_nas_enc,
+                                   ue_emm_ctx->security_ctxt.k_nas_int
+                                   );
+  uint8_t key_enb[32];
+  liblte_security_generate_k_enb(ue_emm_ctx->security_ctxt.k_asme, ue_emm_ctx->security_ctxt.ul_nas_count, ue_emm_ctx->security_ctxt.k_enb);
+  m_s1ap_log->info("Generating KeNB with UL NAS COUNT: %d\n",ue_emm_ctx->security_ctxt.ul_nas_count);
+  //Generate MAC for integrity protection
+  //FIXME Write wrapper to support EIA1, EIA2, etc.
   srslte::security_128_eia1 (&ue_emm_ctx->security_ctxt.k_nas_int[16],
                      ue_emm_ctx->security_ctxt.dl_nas_count,
                      0,