From 5bd630ad1559bb9f325c6a63d0d09f1fd3bc8eef Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Tue, 28 Nov 2017 15:48:44 +0000 Subject: [PATCH] Finalizing Context setup request. Compiling now. --- srsepc/hdr/mme/s1ap_common.h | 16 +++++++++-- srsepc/src/mme/s1ap.cc | 41 ++++++++++++++++++++-------- srsepc/src/mme/s1ap_nas_transport.cc | 2 +- 3 files changed, 44 insertions(+), 15 deletions(-) diff --git a/srsepc/hdr/mme/s1ap_common.h b/srsepc/hdr/mme/s1ap_common.h index 496518ca0..3ce8260d2 100644 --- a/srsepc/hdr/mme/s1ap_common.h +++ b/srsepc/hdr/mme/s1ap_common.h @@ -21,6 +21,10 @@ #ifndef S1AP_COMMON_H #define S1AP_COMMON_H +#include "srslte/common/security.h" + +namespace srsepc{ + static const uint8_t MAX_TA=255; //Maximum TA supported static const uint8_t MAX_BPLMN=6; //Maximum broadcasted PLMNs per TAC @@ -52,8 +56,14 @@ typedef struct{ uint64_t imsi; uint32_t enb_ue_s1ap_id; uint32_t mme_ue_s1ap_id; - uint8_t xres[8]; - uint8_t k_asme[32]; + struct eps_security_ctxt{ + uint8_t k_asme[32]; + uint8_t xres[8]; + uint32_t dl_nas_count; + uint32_t ul_nas_count; + srslte::CIPHERING_ALGORITHM_ID_ENUM cipher_algo; + srslte::INTEGRITY_ALGORITHM_ID_ENUM integ_algo; + } security_ctxt; } ue_ctx_t; - +}//namespace #endif diff --git a/srsepc/src/mme/s1ap.cc b/srsepc/src/mme/s1ap.cc index fcdb6f58c..182515549 100644 --- a/srsepc/src/mme/s1ap.cc +++ b/srsepc/src/mme/s1ap.cc @@ -29,6 +29,7 @@ #include "srslte/common/bcd_helpers.h" #include "mme/s1ap.h" #include "srslte/asn1/gtpc.h" +#include "srslte/common/liblte_security.h" namespace srsepc{ @@ -365,7 +366,7 @@ s1ap::handle_initial_ue_message(LIBLTE_S1AP_MESSAGE_INITIALUEMESSAGE_STRUCT *ini m_s1ap_log->console("EPS Bearer id: %d\n", eps_bearer_id); //Get Authentication Vectors from HSS - if(!m_hss->gen_auth_info_answer_milenage(imsi, ue_ctx.k_asme, autn, rand, ue_ctx.xres)) + if(!m_hss->gen_auth_info_answer_milenage(imsi, ue_ctx.security_ctxt.k_asme, autn, rand, ue_ctx.security_ctxt.xres)) { m_s1ap_log->console("User not found. IMSI %015lu\n",imsi); m_s1ap_log->info("User not found. IMSI %015lu\n",imsi); @@ -481,7 +482,7 @@ s1ap::handle_nas_authentication_response(srslte::byte_buffer_t *nas_msg, srslte: for(int i=0; i<8;i++) { - if(auth_resp.res[i] != ue_ctx->xres[i]) + if(auth_resp.res[i] != ue_ctx->security_ctxt.xres[i]) { ue_valid = false; } @@ -492,7 +493,7 @@ s1ap::handle_nas_authentication_response(srslte::byte_buffer_t *nas_msg, srslte: std::cout<<"XRES: "; for(int i=0;i<8;i++) { - std::cout << std::hex <<(uint16_t)ue_ctx->xres[i]; + std::cout << std::hex <<(uint16_t)ue_ctx->security_ctxt.xres[i]; } std::cout<error("Did not receive S1-U TEID in create session response\n"); return false; } + uint32_t sgw_s1u_ip = cs_resp->eps_bearer_context_created.s1_u_sgw_f_teid.ipv4; + uint8_t *tmp_ptr = erab_ctxt->transportLayerAddress.buffer; + liblte_value_2_bits(sgw_s1u_ip, &tmp_ptr, 32);//FIXME consider ipv6 - erab_ctxt->transportLayerAddress = cs_resp->eps_bearer_context_created.s1_u_sgw_f_teid.ipv4; + uint32_t tmp_teid = cs_resp->eps_bearer_context_created.s1_u_sgw_f_teid.teid; + memcpy(erab_ctxt->gTP_TEID.buffer, &tmp_teid, sizeof(uint32_t)); - uint64_t tmp_teid; - tmp_teid = HTONLL(cs_resp->eps_bearer_context_created.sender_f_teid.teid); - memcpy(erab_ctxt->gTP_TEID.buffer, tmp_teid, sizeof(uint64_t)); + in_ctxt_req.UESecurityCapabilities.encryptionAlgorithms.buffer[0] = 0; //EEA0 + in_ctxt_req.UESecurityCapabilities.integrityProtectionAlgorithms.buffer[0] = 1; //EIA1 - in_ctxt_req->UESecurityCapabilities =; - in_ctxt_req->SecurityKey = ; - - + uint8_t key_enb[32]; + liblte_security_generate_k_enb(ue_ctx->security_ctxt.k_asme, ue_ctx->security_ctxt.dl_nas_count, key_enb); + liblte_unpack(key_enb, 32, in_ctxt_req.SecurityKey.buffer); + //liblte_value_2_bits(key_enb,,LIBLTE_S1AP_SECURITYKEY_BIT_STRING_LEN); + /* + typedef struct{ + bool ext; + uint8_t buffer[16]; + }LIBLTE_S1AP_INTEGRITYPROTECTIONALGORITHMS_STRUCT; + */ /* typedef struct{ uint32_t len; @@ -608,6 +618,15 @@ s1ap::send_initial_context_setup_request(uint32_t mme_ue_s1ap_id, struct srslte: uint8_t buffer[4]; }LIBLTE_S1AP_GTP_TEID_STRUCT; */ + /* + typedef struct{ + bool ext; + LIBLTE_S1AP_ENCRYPTIONALGORITHMS_STRUCT encryptionAlgorithms; + LIBLTE_S1AP_INTEGRITYPROTECTIONALGORITHMS_STRUCT integrityProtectionAlgorithms; + LIBLTE_S1AP_PROTOCOLEXTENSIONCONTAINER_STRUCT iE_Extensions; + bool iE_Extensions_present; + }LIBLTE_S1AP_UESECURITYCAPABILITIES_STRUCT; + */ /*typedef struct{ bool ext; LIBLTE_S1AP_MME_UE_S1AP_ID_STRUCT MME_UE_S1AP_ID; diff --git a/srsepc/src/mme/s1ap_nas_transport.cc b/srsepc/src/mme/s1ap_nas_transport.cc index 0d8ab035a..62828d9f6 100644 --- a/srsepc/src/mme/s1ap_nas_transport.cc +++ b/srsepc/src/mme/s1ap_nas_transport.cc @@ -293,7 +293,7 @@ s1ap_nas_transport::pack_security_mode_command(srslte::byte_buffer_t *reply_msg, uint8_t k_nas_enc[32]; uint8_t k_nas_int[32]; - srslte::security_generate_k_nas( ue_ctx->k_asme, + srslte::security_generate_k_nas( ue_ctx->security_ctxt.k_asme, srslte::CIPHERING_ALGORITHM_ID_EEA0, srslte::INTEGRITY_ALGORITHM_ID_128_EIA1, k_nas_enc,