Merge branch 'next' of github.com:softwareradiosystems/srsLTE into next

master
Ismael Gomez 7 years ago
commit 75e8df2e9f

@ -2814,6 +2814,8 @@ typedef struct{
}LIBLTE_MME_AUTHENTICATION_RESPONSE_MSG_STRUCT; }LIBLTE_MME_AUTHENTICATION_RESPONSE_MSG_STRUCT;
// Functions // Functions
LIBLTE_ERROR_ENUM liblte_mme_pack_authentication_response_msg(LIBLTE_MME_AUTHENTICATION_RESPONSE_MSG_STRUCT *auth_resp, LIBLTE_ERROR_ENUM liblte_mme_pack_authentication_response_msg(LIBLTE_MME_AUTHENTICATION_RESPONSE_MSG_STRUCT *auth_resp,
uint8 sec_hdr_type,
uint32 count,
LIBLTE_BYTE_MSG_STRUCT *msg); LIBLTE_BYTE_MSG_STRUCT *msg);
LIBLTE_ERROR_ENUM liblte_mme_unpack_authentication_response_msg(LIBLTE_BYTE_MSG_STRUCT *msg, LIBLTE_ERROR_ENUM liblte_mme_unpack_authentication_response_msg(LIBLTE_BYTE_MSG_STRUCT *msg,
LIBLTE_MME_AUTHENTICATION_RESPONSE_MSG_STRUCT *auth_resp); LIBLTE_MME_AUTHENTICATION_RESPONSE_MSG_STRUCT *auth_resp);

@ -6180,6 +6180,8 @@ LIBLTE_ERROR_ENUM liblte_mme_unpack_authentication_request_msg(LIBLTE_BYTE_MSG_S
Document Reference: 24.301 v10.2.0 Section 8.2.8 Document Reference: 24.301 v10.2.0 Section 8.2.8
*********************************************************************/ *********************************************************************/
LIBLTE_ERROR_ENUM liblte_mme_pack_authentication_response_msg(LIBLTE_MME_AUTHENTICATION_RESPONSE_MSG_STRUCT *auth_resp, LIBLTE_ERROR_ENUM liblte_mme_pack_authentication_response_msg(LIBLTE_MME_AUTHENTICATION_RESPONSE_MSG_STRUCT *auth_resp,
uint8 sec_hdr_type,
uint32 count,
LIBLTE_BYTE_MSG_STRUCT *msg) LIBLTE_BYTE_MSG_STRUCT *msg)
{ {
LIBLTE_ERROR_ENUM err = LIBLTE_ERROR_INVALID_INPUTS; LIBLTE_ERROR_ENUM err = LIBLTE_ERROR_INVALID_INPUTS;
@ -6188,6 +6190,21 @@ LIBLTE_ERROR_ENUM liblte_mme_pack_authentication_response_msg(LIBLTE_MME_AUTHENT
if(auth_resp != NULL && if(auth_resp != NULL &&
msg != NULL) msg != NULL)
{ {
if(LIBLTE_MME_SECURITY_HDR_TYPE_PLAIN_NAS != sec_hdr_type)
{
// Protocol Discriminator and Security Header Type
*msg_ptr = (sec_hdr_type << 4) | (LIBLTE_MME_PD_EPS_MOBILITY_MANAGEMENT);
msg_ptr++;
// MAC will be filled in later
msg_ptr += 4;
// Sequence Number
*msg_ptr = count & 0xFF;
msg_ptr++;
}
// Protocol Discriminator and Security Header Type // Protocol Discriminator and Security Header Type
*msg_ptr = (LIBLTE_MME_SECURITY_HDR_TYPE_PLAIN_NAS << 4) | (LIBLTE_MME_PD_EPS_MOBILITY_MANAGEMENT); *msg_ptr = (LIBLTE_MME_SECURITY_HDR_TYPE_PLAIN_NAS << 4) | (LIBLTE_MME_PD_EPS_MOBILITY_MANAGEMENT);
msg_ptr++; msg_ptr++;

@ -25,12 +25,12 @@ tac = 0x0007
mcc = 001 mcc = 001
mnc = 01 mnc = 01
mme_addr = 127.0.1.100 mme_addr = 127.0.1.100
gtp_bind_addr = 127.0.0.1 gtp_bind_addr = 127.0.1.1
s1c_bind_addr = 127.0.1.1
n_prb = 50 n_prb = 50
#tm = 4 #tm = 4
#nof_ports = 2 #nof_ports = 2
##################################################################### #####################################################################
# eNB configuration files # eNB configuration files
# #

@ -49,6 +49,7 @@ typedef struct {
uint16_t mnc; // BCD-coded with 0xF filler uint16_t mnc; // BCD-coded with 0xF filler
std::string mme_addr; std::string mme_addr;
std::string gtp_bind_addr; std::string gtp_bind_addr;
std::string s1c_bind_addr;
std::string enb_name; std::string enb_name;
}s1ap_args_t; }s1ap_args_t;

@ -77,6 +77,7 @@ void parse_args(all_args_t *args, int argc, char* argv[]) {
("enb.mnc", bpo::value<string>(&mnc)->default_value("01"), "Mobile Network Code") ("enb.mnc", bpo::value<string>(&mnc)->default_value("01"), "Mobile Network Code")
("enb.mme_addr", bpo::value<string>(&args->enb.s1ap.mme_addr)->default_value("127.0.0.1"),"IP address of MME for S1 connnection") ("enb.mme_addr", bpo::value<string>(&args->enb.s1ap.mme_addr)->default_value("127.0.0.1"),"IP address of MME for S1 connnection")
("enb.gtp_bind_addr", bpo::value<string>(&args->enb.s1ap.gtp_bind_addr)->default_value("192.168.3.1"), "Local IP address to bind for GTP connection") ("enb.gtp_bind_addr", bpo::value<string>(&args->enb.s1ap.gtp_bind_addr)->default_value("192.168.3.1"), "Local IP address to bind for GTP connection")
("enb.s1c_bind_addr", bpo::value<string>(&args->enb.s1ap.s1c_bind_addr)->default_value("192.168.3.1"), "Local IP address to bind for S1AP connection")
("enb.phy_cell_id", bpo::value<uint32_t>(&args->enb.pci)->default_value(0), "Physical Cell Identity (PCI)") ("enb.phy_cell_id", bpo::value<uint32_t>(&args->enb.pci)->default_value(0), "Physical Cell Identity (PCI)")
("enb.n_prb", bpo::value<uint32_t>(&args->enb.n_prb)->default_value(25), "Number of PRB") ("enb.n_prb", bpo::value<uint32_t>(&args->enb.n_prb)->default_value(25), "Number of PRB")
("enb.nof_ports", bpo::value<uint32_t>(&args->enb.nof_ports)->default_value(1), "Number of ports") ("enb.nof_ports", bpo::value<uint32_t>(&args->enb.nof_ports)->default_value(1), "Number of ports")

@ -274,8 +274,8 @@ bool s1ap::connect_mme()
memset(&local_addr, 0, sizeof(struct sockaddr_in)); memset(&local_addr, 0, sizeof(struct sockaddr_in));
local_addr.sin_family = ADDR_FAMILY; local_addr.sin_family = ADDR_FAMILY;
local_addr.sin_port = 0; // Any local port will do local_addr.sin_port = 0; // Any local port will do
if(inet_pton(AF_INET, args.gtp_bind_addr.c_str(), &(local_addr.sin_addr)) != 1) { if(inet_pton(AF_INET, args.s1c_bind_addr.c_str(), &(local_addr.sin_addr)) != 1) {
s1ap_log->error("Error converting IP address (%s) to sockaddr_in structure\n", args.gtp_bind_addr.c_str()); s1ap_log->error("Error converting IP address (%s) to sockaddr_in structure\n", args.s1c_bind_addr.c_str());
return false; return false;
} }
bind(socket_fd, (struct sockaddr *)&local_addr, sizeof(local_addr)); bind(socket_fd, (struct sockaddr *)&local_addr, sizeof(local_addr));

@ -166,7 +166,7 @@ private:
// Parsers // Parsers
void parse_attach_accept(uint32_t lcid, byte_buffer_t *pdu); void parse_attach_accept(uint32_t lcid, byte_buffer_t *pdu);
void parse_attach_reject(uint32_t lcid, byte_buffer_t *pdu); void parse_attach_reject(uint32_t lcid, byte_buffer_t *pdu);
void parse_authentication_request(uint32_t lcid, byte_buffer_t *pdu); void parse_authentication_request(uint32_t lcid, byte_buffer_t *pdu, const uint8_t sec_hdr_type);
void parse_authentication_reject(uint32_t lcid, byte_buffer_t *pdu); void parse_authentication_reject(uint32_t lcid, byte_buffer_t *pdu);
void parse_identity_request(uint32_t lcid, byte_buffer_t *pdu); void parse_identity_request(uint32_t lcid, byte_buffer_t *pdu);
void parse_security_mode_command(uint32_t lcid, byte_buffer_t *pdu); void parse_security_mode_command(uint32_t lcid, byte_buffer_t *pdu);
@ -182,7 +182,7 @@ private:
void send_identity_response(); void send_identity_response();
void send_service_request(); void send_service_request();
void send_esm_information_response(const uint8 proc_transaction_id); void send_esm_information_response(const uint8 proc_transaction_id);
void send_authentication_response(const uint8_t* res, const size_t res_len); void send_authentication_response(const uint8_t* res, const size_t res_len, const uint8_t sec_hdr_type);
void send_authentication_failure(const uint8_t cause, const uint8_t* auth_fail_param); void send_authentication_failure(const uint8_t cause, const uint8_t* auth_fail_param);
void gen_pdn_connectivity_request(LIBLTE_BYTE_MSG_STRUCT *msg); void gen_pdn_connectivity_request(LIBLTE_BYTE_MSG_STRUCT *msg);
void send_security_mode_reject(uint8_t cause); void send_security_mode_reject(uint8_t cause);

@ -330,7 +330,7 @@ void nas::write_pdu(uint32_t lcid, byte_buffer_t *pdu) {
parse_attach_reject(lcid, pdu); parse_attach_reject(lcid, pdu);
break; break;
case LIBLTE_MME_MSG_TYPE_AUTHENTICATION_REQUEST: case LIBLTE_MME_MSG_TYPE_AUTHENTICATION_REQUEST:
parse_authentication_request(lcid, pdu); parse_authentication_request(lcid, pdu, sec_hdr_type);
break; break;
case LIBLTE_MME_MSG_TYPE_AUTHENTICATION_REJECT: case LIBLTE_MME_MSG_TYPE_AUTHENTICATION_REJECT:
parse_authentication_reject(lcid, pdu); parse_authentication_reject(lcid, pdu);
@ -721,7 +721,7 @@ void nas::parse_attach_reject(uint32_t lcid, byte_buffer_t *pdu) {
// FIXME: Command RRC to release? // FIXME: Command RRC to release?
} }
void nas::parse_authentication_request(uint32_t lcid, byte_buffer_t *pdu) { void nas::parse_authentication_request(uint32_t lcid, byte_buffer_t *pdu, const uint8_t sec_hdr_type) {
LIBLTE_MME_AUTHENTICATION_REQUEST_MSG_STRUCT auth_req; LIBLTE_MME_AUTHENTICATION_REQUEST_MSG_STRUCT auth_req;
bzero(&auth_req, sizeof(LIBLTE_MME_AUTHENTICATION_REQUEST_MSG_STRUCT)); bzero(&auth_req, sizeof(LIBLTE_MME_AUTHENTICATION_REQUEST_MSG_STRUCT));
@ -755,8 +755,8 @@ void nas::parse_authentication_request(uint32_t lcid, byte_buffer_t *pdu) {
if (auth_result == AUTH_OK) { if (auth_result == AUTH_OK) {
nas_log->info("Network authentication successful\n"); nas_log->info("Network authentication successful\n");
send_authentication_response(res, res_len); send_authentication_response(res, res_len, sec_hdr_type);
nas_log->info("Generated k_asme=%s\n", hex_to_string(ctxt.k_asme, 32).c_str()); nas_log->info_hex(ctxt.k_asme, 32, "Generated k_asme:\n");
} else if (auth_result == AUTH_SYNCH_FAILURE) { } else if (auth_result == AUTH_SYNCH_FAILURE) {
nas_log->error("Network authentication synchronization failure.\n"); nas_log->error("Network authentication synchronization failure.\n");
send_authentication_failure(LIBLTE_MME_EMM_CAUSE_SYNCH_FAILURE, res); send_authentication_failure(LIBLTE_MME_EMM_CAUSE_SYNCH_FAILURE, res);
@ -877,8 +877,8 @@ void nas::parse_security_mode_command(uint32_t lcid, byte_buffer_t *pdu)
// Generate NAS keys // Generate NAS keys
usim->generate_nas_keys(ctxt.k_asme, k_nas_enc, k_nas_int, usim->generate_nas_keys(ctxt.k_asme, k_nas_enc, k_nas_int,
ctxt.cipher_algo, ctxt.integ_algo); ctxt.cipher_algo, ctxt.integ_algo);
nas_log->debug_hex(k_nas_enc, 32, "NAS encryption key - k_nas_enc"); nas_log->info_hex(k_nas_enc, 32, "NAS encryption key - k_nas_enc");
nas_log->debug_hex(k_nas_int, 32, "NAS integrity key - k_nas_int"); nas_log->info_hex(k_nas_int, 32, "NAS integrity key - k_nas_int");
nas_log->debug("Generating integrity check. integ_algo:%d, count_dl:%d, lcid:%d\n", nas_log->debug("Generating integrity check. integ_algo:%d, count_dl:%d, lcid:%d\n",
ctxt.integ_algo, ctxt.rx_count, lcid); ctxt.integ_algo, ctxt.rx_count, lcid);
@ -1128,9 +1128,9 @@ void nas::send_security_mode_reject(uint8_t cause) {
} }
void nas::send_authentication_response(const uint8_t* res, const size_t res_len) { void nas::send_authentication_response(const uint8_t* res, const size_t res_len, const uint8_t sec_hdr_type) {
byte_buffer_t *msg = pool_allocate; byte_buffer_t *pdu = pool_allocate;
if (!msg) { if (!pdu) {
nas_log->error("Fatal Error: Couldn't allocate PDU in send_authentication_response().\n"); nas_log->error("Fatal Error: Couldn't allocate PDU in send_authentication_response().\n");
return; return;
} }
@ -1142,13 +1142,24 @@ void nas::send_authentication_response(const uint8_t* res, const size_t res_len)
auth_res.res[i] = res[i]; auth_res.res[i] = res[i];
} }
auth_res.res_len = res_len; auth_res.res_len = res_len;
liblte_mme_pack_authentication_response_msg(&auth_res, (LIBLTE_BYTE_MSG_STRUCT *)msg); liblte_mme_pack_authentication_response_msg(&auth_res, sec_hdr_type, ctxt.tx_count, (LIBLTE_BYTE_MSG_STRUCT *)pdu);
if(pcap != NULL) { if(pcap != NULL) {
pcap->write_nas(msg->msg, msg->N_bytes); pcap->write_nas(pdu->msg, pdu->N_bytes);
}
if (sec_hdr_type == LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_AND_CIPHERED && pdu->N_bytes > 5) {
cipher_encrypt(pdu);
integrity_generate(&k_nas_int[16],
ctxt.tx_count,
SECURITY_DIRECTION_UPLINK,
&pdu->msg[5],
pdu->N_bytes - 5,
&pdu->msg[1]);
} }
nas_log->info("Sending Authentication Response\n"); nas_log->info("Sending Authentication Response\n");
rrc->write_sdu(cfg.lcid, msg); rrc->write_sdu(cfg.lcid, pdu);
} }

@ -250,7 +250,7 @@ auth_result_t pcsc_usim::generate_authentication_response(uint8_t *rand,
mcc, mcc,
mnc, mnc,
k_asme); k_asme);
log->debug_hex(k_asme, KEY_LEN, "K_ASME:\n"); log->info_hex(k_asme, KEY_LEN, "K_ASME:\n");
ret = AUTH_OK; ret = AUTH_OK;

@ -2042,9 +2042,9 @@ void rrc::parse_dl_dcch(uint32_t lcid, byte_buffer_t *pdu) {
uint8_t k_asme[32]; uint8_t k_asme[32];
nas->get_k_asme(k_asme, 32); nas->get_k_asme(k_asme, 32);
usim->generate_as_keys(k_asme, nas->get_ul_count(), k_rrc_enc, k_rrc_int, k_up_enc, k_up_int, cipher_algo, integ_algo); usim->generate_as_keys(k_asme, nas->get_ul_count(), k_rrc_enc, k_rrc_int, k_up_enc, k_up_int, cipher_algo, integ_algo);
rrc_log->debug_hex(k_rrc_enc, 32, "RRC encryption key - k_rrc_enc"); rrc_log->info_hex(k_rrc_enc, 32, "RRC encryption key - k_rrc_enc");
rrc_log->debug_hex(k_rrc_int, 32, "RRC integrity key - k_rrc_int"); rrc_log->info_hex(k_rrc_int, 32, "RRC integrity key - k_rrc_int");
rrc_log->debug_hex(k_up_enc, 32, "UP encryption key - k_up_enc"); rrc_log->info_hex(k_up_enc, 32, "UP encryption key - k_up_enc");
security_is_activated = true; security_is_activated = true;

Loading…
Cancel
Save