From 470c8151963656e4b7ac3600f17fbc055cf6553b Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Wed, 1 Nov 2017 14:07:44 +0000 Subject: [PATCH] Generating RAND --- srsepc/hdr/hss/hss.h | 5 +++- srsepc/src/hss/hss.cc | 60 +++++++++++++++++++++++++++++++++++------- srsepc/src/mme/s1ap.cc | 2 +- 3 files changed, 56 insertions(+), 11 deletions(-) diff --git a/srsepc/hdr/hss/hss.h b/srsepc/hdr/hss/hss.h index b9251cc9d..c08545a9f 100644 --- a/srsepc/hdr/hss/hss.h +++ b/srsepc/hdr/hss/hss.h @@ -55,8 +55,10 @@ public: static void cleanup(void); int init(hss_args_t *hss_args, srslte::logger* logger); - uint64_t get_sqn(); + void get_sqn(uint8_t sqn[6]); + void gen_rand(uint8_t rand_[16]); bool get_k_amf_op(uint64_t imsi, uint8_t *k, uint8_t *amf, uint8_t *op); + bool gen_auth_info_answer_milenage(uint64_t imsi, uint8_t *kasme, uint8_t *autn, uint8_t *rand, uint8_t *xres); private: @@ -64,6 +66,7 @@ private: virtual ~hss(); static hss *m_instance; + uint64_t m_sqn; //48 bits srslte::byte_buffer_pool *m_pool; /*Logs*/ diff --git a/srsepc/src/hss/hss.cc b/srsepc/src/hss/hss.cc index 7045d848d..9b6159c13 100644 --- a/srsepc/src/hss/hss.cc +++ b/srsepc/src/hss/hss.cc @@ -23,7 +23,8 @@ * and at http://www.gnu.org/licenses/. * */ - +#include /* srand, rand */ +#include /* time */ #include #include "hss/hss.h" @@ -33,6 +34,7 @@ hss* hss::m_instance = NULL; boost::mutex hss_instance_mutex; hss::hss() + :m_sqn(0) { m_pool = srslte::byte_buffer_pool::get_instance(); return; @@ -72,27 +74,52 @@ hss::init(hss_args_t *hss_args, srslte::logger *logger) m_hss_log.set_level(srslte::LOG_LEVEL_DEBUG); m_hss_log.set_hex_limit(32); + srand(time(NULL)); + m_hss_log.info("Initialized HSS\n"); m_hss_log.console("Initialized HSS\n"); return 0; } bool -hss::get_k_amf_op(uint64_t imsi, uint8_t *k, uint8_t *amf, uint8_t *op ) +hss::gen_auth_info_answer_milenage(uint64_t imsi, uint8_t *kasme, uint8_t *autn, uint8_t *rand, uint8_t *xres) { + uint8_t k[16]; + uint8_t amf[2]; + uint8_t op[16]; + //uint8_t rand[16]; + uint8_t sqn[6]; - uint8_t k_tmp[16]; - for(int i=0;i<8;i++) + if(!get_k_amf_op(imsi,k,amf,op)) { - k_tmp[2*i]=i; - k_tmp[2*i+1]=i; + return false; } + gen_rand(rand); + get_sqn(sqn); + + return true; +} + +bool +hss::get_k_amf_op(uint64_t imsi, uint8_t *k, uint8_t *amf, uint8_t *op ) +{ + + uint8_t k_tmp[16]; uint8_t amf_tmp[2]={0x80,0x00}; uint8_t op_tmp[16]={0x63,0xbf,0xA5,0x0E,0xE6,0x52,0x33,0x65,0xFF,0x14,0xC1,0xF4,0x5F,0x88,0x73,0x7D}; + if(imsi != 1010123456789) { + m_hss_log.console("Usernot found. IMSI: %015lu\n",imsi); return false; } + + for(int i=0;i<8;i++) + { + k_tmp[2*i]=i; + k_tmp[2*i+1]=i; + } + m_hss_log.console("Found User %015lu\n",imsi); memcpy(k,k_tmp,16); memcpy(amf,amf_tmp,2); @@ -101,10 +128,25 @@ hss::get_k_amf_op(uint64_t imsi, uint8_t *k, uint8_t *amf, uint8_t *op ) return true; } -uint64_t -hss::get_sqn( ) +void +hss::get_sqn(uint8_t sqn[6]) { - return 0; + for (int i=0; i<6; i++) + { + sqn[i] = ((uint8_t *)&m_sqn)[i]; + } + m_sqn++; + return; //TODO See TS 33.102, Annex C +} + +void +hss::gen_rand(uint8_t rand_[16]) +{ + for(int i=0;i<16;i++) + { + rand_[i]=rand()%256; //Pulls on byte at a time. It's slow, but does not depend on RAND_MAX. + } + return; } } //namespace srsepc diff --git a/srsepc/src/mme/s1ap.cc b/srsepc/src/mme/s1ap.cc index c65c55d58..0204e1ddf 100644 --- a/srsepc/src/mme/s1ap.cc +++ b/srsepc/src/mme/s1ap.cc @@ -363,7 +363,7 @@ s1ap::handle_initial_ue_message(LIBLTE_S1AP_MESSAGE_INITIALUEMESSAGE_STRUCT *msg m_s1ap_log->info("User not found. IMSI %015lu\n",imsi); return false; } - + /*