From 494be243c071cdb6c574b8c17b09339b715150a8 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Tue, 23 Jul 2019 18:14:33 +0100 Subject: [PATCH] Changed security direction to use an enum. --- lib/include/srslte/common/interfaces_common.h | 19 ++++--- lib/include/srslte/common/security.h | 49 ++++++++----------- lib/test/upper/pdcp_nr_test.cc | 6 +-- srsenb/src/stack/rrc/rrc.cc | 20 ++++---- srsepc/src/mme/nas.cc | 34 ++++++++----- 5 files changed, 67 insertions(+), 61 deletions(-) diff --git a/lib/include/srslte/common/interfaces_common.h b/lib/include/srslte/common/interfaces_common.h index b9e985bb9..ee3e41192 100644 --- a/lib/include/srslte/common/interfaces_common.h +++ b/lib/include/srslte/common/interfaces_common.h @@ -77,8 +77,11 @@ typedef enum { PDCP_RB_IS_SRB, PDCP_RB_IS_DRB } pdcp_rb_type_t; class srslte_pdcp_config_t { public: - srslte_pdcp_config_t( - uint8_t bearer_id_, pdcp_rb_type_t rb_type_, uint8_t tx_direction_, uint8_t rx_direction_, uint8_t sn_len_) : + srslte_pdcp_config_t(uint8_t bearer_id_, + pdcp_rb_type_t rb_type_, + security_direction_t tx_direction_, + security_direction_t rx_direction_, + uint8_t sn_len_) : bearer_id(bearer_id_), rb_type(rb_type_), tx_direction(tx_direction_), @@ -88,12 +91,12 @@ public: hdr_len_bytes = ceil((float)sn_len / 8); } - uint8_t bearer_id; - pdcp_rb_type_t rb_type; - uint8_t tx_direction; - uint8_t rx_direction; - uint8_t sn_len; - uint8_t hdr_len_bytes; + uint8_t bearer_id; + pdcp_rb_type_t rb_type; + security_direction_t tx_direction; + security_direction_t rx_direction; + uint8_t sn_len; + uint8_t hdr_len_bytes; // TODO: Support the following configurations // bool do_rohc; diff --git a/lib/include/srslte/common/security.h b/lib/include/srslte/common/security.h index 69a06e7b1..9062d6e9d 100644 --- a/lib/include/srslte/common/security.h +++ b/lib/include/srslte/common/security.h @@ -29,36 +29,33 @@ #include "srslte/common/common.h" - -#define SECURITY_DIRECTION_UPLINK 0 -#define SECURITY_DIRECTION_DOWNLINK 1 - namespace srslte { -typedef enum{ - CIPHERING_ALGORITHM_ID_EEA0 = 0, - CIPHERING_ALGORITHM_ID_128_EEA1, - CIPHERING_ALGORITHM_ID_128_EEA2, - CIPHERING_ALGORITHM_ID_N_ITEMS, -}CIPHERING_ALGORITHM_ID_ENUM; -static const char ciphering_algorithm_id_text[CIPHERING_ALGORITHM_ID_N_ITEMS][20] = {"EEA0", - "128-EEA1", - "128-EEA2"}; -typedef enum{ - INTEGRITY_ALGORITHM_ID_EIA0 = 0, - INTEGRITY_ALGORITHM_ID_128_EIA1, - INTEGRITY_ALGORITHM_ID_128_EIA2, - INTEGRITY_ALGORITHM_ID_N_ITEMS, -}INTEGRITY_ALGORITHM_ID_ENUM; -static const char integrity_algorithm_id_text[INTEGRITY_ALGORITHM_ID_N_ITEMS][20] = {"EIA0", - "128-EIA1", - "128-EIA2"}; - +typedef enum { + CIPHERING_ALGORITHM_ID_EEA0 = 0, + CIPHERING_ALGORITHM_ID_128_EEA1, + CIPHERING_ALGORITHM_ID_128_EEA2, + CIPHERING_ALGORITHM_ID_N_ITEMS, +} CIPHERING_ALGORITHM_ID_ENUM; +static const char ciphering_algorithm_id_text[CIPHERING_ALGORITHM_ID_N_ITEMS][20] = {"EEA0", "128-EEA1", "128-EEA2"}; +typedef enum { + INTEGRITY_ALGORITHM_ID_EIA0 = 0, + INTEGRITY_ALGORITHM_ID_128_EIA1, + INTEGRITY_ALGORITHM_ID_128_EIA2, + INTEGRITY_ALGORITHM_ID_N_ITEMS, +} INTEGRITY_ALGORITHM_ID_ENUM; +static const char integrity_algorithm_id_text[INTEGRITY_ALGORITHM_ID_N_ITEMS][20] = {"EIA0", "128-EIA1", "128-EIA2"}; + +typedef enum { + SECURITY_DIRECTION_UPLINK = 0, + SECURITY_DIRECTION_DOWNLINK = 1, + SECURITY_DIRECTION_N_ITEMS, +} security_direction_t; +static const char security_direction_text[INTEGRITY_ALGORITHM_ID_N_ITEMS][20] = {"Uplink", "Downlink"}; /****************************************************************************** * Key Generation *****************************************************************************/ - uint8_t security_generate_k_asme( uint8_t *ck, uint8_t *ik, uint8_t *ak, @@ -101,7 +98,6 @@ uint8_t security_generate_k_up( uint8_t *k_enb, /****************************************************************************** * Integrity Protection *****************************************************************************/ - uint8_t security_128_eia1( uint8_t *key, uint32_t count, uint32_t bearer, @@ -126,7 +122,6 @@ uint8_t security_md5(const uint8_t *input, /****************************************************************************** * Encryption / Decryption *****************************************************************************/ - uint8_t security_128_eea1( uint8_t *key, uint32_t count, uint8_t bearer, @@ -177,7 +172,5 @@ uint8_t security_milenage_f5_star( uint8_t *k, uint8_t *rand, uint8_t *ak); - } // namespace srslte - #endif // SRSLTE_SECURITY_H diff --git a/lib/test/upper/pdcp_nr_test.cc b/lib/test/upper/pdcp_nr_test.cc index 89d742970..31064a4a5 100644 --- a/lib/test/upper/pdcp_nr_test.cc +++ b/lib/test/upper/pdcp_nr_test.cc @@ -141,7 +141,7 @@ int test_tx(uint32_t n_packets, { srslte::pdcp_entity_nr pdcp; srslte::srslte_pdcp_config_t cfg = { - 1, srslte::PDCP_RB_IS_DRB, SECURITY_DIRECTION_UPLINK, SECURITY_DIRECTION_DOWNLINK, pdcp_sn_len}; + 1, srslte::PDCP_RB_IS_DRB, srslte::SECURITY_DIRECTION_UPLINK, srslte::SECURITY_DIRECTION_DOWNLINK, pdcp_sn_len}; rlc_dummy rlc(log); rrc_dummy rrc(log); @@ -265,9 +265,9 @@ int test_rx_in_sequence(uint32_t n_packets, uint8_t pdcp_sn_len, srslte::byte_bu srslte::pdcp_entity_nr pdcp_tx; srslte::pdcp_entity_nr pdcp_rx; srslte::srslte_pdcp_config_t cfg_tx = { - 1, srslte::PDCP_RB_IS_DRB, SECURITY_DIRECTION_UPLINK, SECURITY_DIRECTION_DOWNLINK, pdcp_sn_len}; + 1, srslte::PDCP_RB_IS_DRB, srslte::SECURITY_DIRECTION_UPLINK, srslte::SECURITY_DIRECTION_DOWNLINK, pdcp_sn_len}; srslte::srslte_pdcp_config_t cfg_rx = { - 1, srslte::PDCP_RB_IS_DRB, SECURITY_DIRECTION_DOWNLINK, SECURITY_DIRECTION_UPLINK, pdcp_sn_len}; + 1, srslte::PDCP_RB_IS_DRB, srslte::SECURITY_DIRECTION_DOWNLINK, srslte::SECURITY_DIRECTION_UPLINK, pdcp_sn_len}; rlc_dummy rlc_tx(log); rrc_dummy rrc_tx(log); diff --git a/srsenb/src/stack/rrc/rrc.cc b/srsenb/src/stack/rrc/rrc.cc index d1c1147d7..bb5e3933b 100644 --- a/srsenb/src/stack/rrc/rrc.cc +++ b/srsenb/src/stack/rrc/rrc.cc @@ -196,8 +196,8 @@ void rrc::add_user(uint16_t rnti) srslte::srslte_pdcp_config_t cfg = { .bearer_id = 1, .rb_type = srslte::PDCP_RB_IS_DRB, - .tx_direction = SECURITY_DIRECTION_DOWNLINK, - .rx_direction = SECURITY_DIRECTION_UPLINK, + .tx_direction = srslte::SECURITY_DIRECTION_DOWNLINK, + .rx_direction = srslte::SECURITY_DIRECTION_UPLINK, .sn_len = srslte::PDCP_SN_LEN_12, }; @@ -1534,8 +1534,8 @@ void rrc::ue::send_connection_setup(bool is_setup) // Configure SRB1 in PDCP srslte::srslte_pdcp_config_t pdcp_cnfg{.bearer_id = 1, .rb_type = srslte::PDCP_RB_IS_SRB, - .tx_direction = SECURITY_DIRECTION_DOWNLINK, - .rx_direction = SECURITY_DIRECTION_UPLINK, + .tx_direction = srslte::SECURITY_DIRECTION_DOWNLINK, + .rx_direction = srslte::SECURITY_DIRECTION_UPLINK, .sn_len = srslte::PDCP_SN_LEN_5}; parent->pdcp->add_bearer(rnti, 1, pdcp_cnfg); @@ -1743,8 +1743,8 @@ void rrc::ue::send_connection_reconf(srslte::unique_byte_buffer_t pdu) // Configure SRB2 in PDCP srslte::srslte_pdcp_config_t pdcp_cnfg_srb = {.bearer_id = 2, .rb_type = srslte::PDCP_RB_IS_SRB, - .tx_direction = SECURITY_DIRECTION_DOWNLINK, - .rx_direction = SECURITY_DIRECTION_UPLINK, + .tx_direction = srslte::SECURITY_DIRECTION_DOWNLINK, + .rx_direction = srslte::SECURITY_DIRECTION_UPLINK, .sn_len = srslte::PDCP_SN_LEN_5}; parent->pdcp->add_bearer(rnti, 2, pdcp_cnfg_srb); parent->pdcp->config_security(rnti, 2, k_rrc_enc, k_rrc_int, k_up_enc, cipher_algo, integ_algo); @@ -1757,8 +1757,8 @@ void rrc::ue::send_connection_reconf(srslte::unique_byte_buffer_t pdu) // Configure DRB1 in PDCP srslte::srslte_pdcp_config_t pdcp_cnfg_drb = {.bearer_id = 1, .rb_type = srslte::PDCP_RB_IS_DRB, - .tx_direction = SECURITY_DIRECTION_DOWNLINK, - .rx_direction = SECURITY_DIRECTION_UPLINK, + .tx_direction = srslte::SECURITY_DIRECTION_DOWNLINK, + .rx_direction = srslte::SECURITY_DIRECTION_UPLINK, .sn_len = srslte::PDCP_SN_LEN_12}; if (conn_reconf->rr_cfg_ded.drb_to_add_mod_list[0].pdcp_cfg.rlc_um_present) { if (conn_reconf->rr_cfg_ded.drb_to_add_mod_list[0].pdcp_cfg.rlc_um.pdcp_sn_size.value == @@ -1826,8 +1826,8 @@ void rrc::ue::send_connection_reconf_new_bearer(LIBLTE_S1AP_E_RABTOBESETUPLISTBE srslte::srslte_pdcp_config_t pdcp_config = { .bearer_id = (uint8_t)(drb_item.drb_id - 1), // TODO: Review all ID mapping LCID DRB ERAB EPSBID Mapping .rb_type = srslte::PDCP_RB_IS_DRB, - .tx_direction = SECURITY_DIRECTION_DOWNLINK, - .rx_direction = SECURITY_DIRECTION_UPLINK, + .tx_direction = srslte::SECURITY_DIRECTION_DOWNLINK, + .rx_direction = srslte::SECURITY_DIRECTION_UPLINK, .sn_len = srslte::PDCP_SN_LEN_12}; parent->pdcp->add_bearer(rnti, lcid, pdcp_config); diff --git a/srsepc/src/mme/nas.cc b/srsepc/src/mme/nas.cc index 2fac230b1..bf7e84ab4 100644 --- a/srsepc/src/mme/nas.cc +++ b/srsepc/src/mme/nas.cc @@ -1554,12 +1554,22 @@ bool nas::short_integrity_check(srslte::byte_buffer_t* pdu) case srslte::INTEGRITY_ALGORITHM_ID_EIA0: break; case srslte::INTEGRITY_ALGORITHM_ID_128_EIA1: - srslte::security_128_eia1(&m_sec_ctx.k_nas_int[16], m_sec_ctx.ul_nas_count, 0, SECURITY_DIRECTION_UPLINK, - &pdu->msg[0], 2, &exp_mac[0]); + srslte::security_128_eia1(&m_sec_ctx.k_nas_int[16], + m_sec_ctx.ul_nas_count, + 0, + srslte::SECURITY_DIRECTION_UPLINK, + &pdu->msg[0], + 2, + &exp_mac[0]); break; case srslte::INTEGRITY_ALGORITHM_ID_128_EIA2: - srslte::security_128_eia2(&m_sec_ctx.k_nas_int[16], m_sec_ctx.ul_nas_count, 0, SECURITY_DIRECTION_UPLINK, - &pdu->msg[0], 2, &exp_mac[0]); + srslte::security_128_eia2(&m_sec_ctx.k_nas_int[16], + m_sec_ctx.ul_nas_count, + 0, + srslte::SECURITY_DIRECTION_UPLINK, + &pdu->msg[0], + 2, + &exp_mac[0]); break; default: break; @@ -1592,7 +1602,7 @@ bool nas::integrity_check(srslte::byte_buffer_t* pdu) srslte::security_128_eia1(&m_sec_ctx.k_nas_int[16], m_sec_ctx.ul_nas_count, 0, - SECURITY_DIRECTION_UPLINK, + srslte::SECURITY_DIRECTION_UPLINK, &pdu->msg[5], pdu->N_bytes - 5, &exp_mac[0]); @@ -1601,7 +1611,7 @@ bool nas::integrity_check(srslte::byte_buffer_t* pdu) srslte::security_128_eia2(&m_sec_ctx.k_nas_int[16], m_sec_ctx.ul_nas_count, 0, - SECURITY_DIRECTION_UPLINK, + srslte::SECURITY_DIRECTION_UPLINK, &pdu->msg[5], pdu->N_bytes - 5, &exp_mac[0]); @@ -1633,7 +1643,7 @@ void nas::integrity_generate(srslte::byte_buffer_t* pdu, uint8_t* mac) srslte::security_128_eia1(&m_sec_ctx.k_nas_int[16], m_sec_ctx.dl_nas_count, 0, // Bearer always 0 for NAS - SECURITY_DIRECTION_DOWNLINK, + srslte::SECURITY_DIRECTION_DOWNLINK, &pdu->msg[5], pdu->N_bytes - 5, mac); @@ -1642,7 +1652,7 @@ void nas::integrity_generate(srslte::byte_buffer_t* pdu, uint8_t* mac) srslte::security_128_eia2(&m_sec_ctx.k_nas_int[16], m_sec_ctx.dl_nas_count, 0, // Bearer always 0 for NAS - SECURITY_DIRECTION_DOWNLINK, + srslte::SECURITY_DIRECTION_DOWNLINK, &pdu->msg[5], pdu->N_bytes - 5, mac); @@ -1665,7 +1675,7 @@ void nas::cipher_decrypt(srslte::byte_buffer_t* pdu) srslte::security_128_eea1(&m_sec_ctx.k_nas_enc[16], pdu->msg[5], 0, // Bearer always 0 for NAS - SECURITY_DIRECTION_UPLINK, + srslte::SECURITY_DIRECTION_UPLINK, &pdu->msg[6], pdu->N_bytes - 6, &tmp_pdu.msg[6]); @@ -1676,7 +1686,7 @@ void nas::cipher_decrypt(srslte::byte_buffer_t* pdu) srslte::security_128_eea2(&m_sec_ctx.k_nas_enc[16], pdu->msg[5], 0, // Bearer always 0 for NAS - SECURITY_DIRECTION_UPLINK, + srslte::SECURITY_DIRECTION_UPLINK, &pdu->msg[6], pdu->N_bytes - 6, &tmp_pdu.msg[6]); @@ -1699,7 +1709,7 @@ void nas::cipher_encrypt(srslte::byte_buffer_t* pdu) srslte::security_128_eea1(&m_sec_ctx.k_nas_enc[16], pdu->msg[5], 0, // Bearer always 0 for NAS - SECURITY_DIRECTION_DOWNLINK, + srslte::SECURITY_DIRECTION_DOWNLINK, &pdu->msg[6], pdu->N_bytes - 6, &pdu_tmp.msg[6]); @@ -1710,7 +1720,7 @@ void nas::cipher_encrypt(srslte::byte_buffer_t* pdu) srslte::security_128_eea2(&m_sec_ctx.k_nas_enc[16], pdu->msg[5], 0, // Bearer always 0 for NAS - SECURITY_DIRECTION_DOWNLINK, + srslte::SECURITY_DIRECTION_DOWNLINK, &pdu->msg[6], pdu->N_bytes - 6, &pdu_tmp.msg[6]);