Added XOR support the the HSS.

master
Pedro Alvarez 7 years ago
parent 0865571ec2
commit 9a0b883296

@ -14,7 +14,7 @@
# #
##################################################################### #####################################################################
[mme] [mme]
mme_code = 0x19 mme_code = 0x1a
mme_group = 0x0001 mme_group = 0x0001
tac = 0x0001 tac = 0x0001
mcc = 001 mcc = 001
@ -28,6 +28,7 @@ mme_bind_addr = 127.0.0.0/24
# #
##################################################################### #####################################################################
[hss] [hss]
auth_algo = xor
db_file = user_db.csv db_file = user_db.csv

@ -39,10 +39,12 @@
#include "srslte/common/log_filter.h" #include "srslte/common/log_filter.h"
#include "srslte/common/buffer_pool.h" #include "srslte/common/buffer_pool.h"
#include <fstream> #include <fstream>
#include <map>
namespace srsepc{ namespace srsepc{
typedef struct{ typedef struct{
std::string auth_algo;
std::string db_file; std::string db_file;
}hss_args_t; }hss_args_t;
@ -54,7 +56,10 @@ typedef struct{
uint8_t amf[2]; uint8_t amf[2];
}hss_ue_ctx_t; }hss_ue_ctx_t;
enum hss_auth_algo {
HSS_ALGO_XOR,
HSS_ALGO_MILENAGE
};
class hss class hss
{ {
@ -62,12 +67,15 @@ public:
static hss* get_instance(void); static hss* get_instance(void);
static void cleanup(void); static void cleanup(void);
int init(hss_args_t *hss_args, srslte::log_filter* hss_log); int init(hss_args_t *hss_args, srslte::log_filter* hss_log);
bool set_auth_algo(std::string auth_algo);
bool read_db_file(std::string db_file); bool read_db_file(std::string db_file);
void get_sqn(uint8_t sqn[6]); void get_sqn(uint8_t sqn[6]);
void gen_rand(uint8_t rand_[16]); void gen_rand(uint8_t rand_[16]);
bool get_k_amf_op(uint64_t imsi, uint8_t *k, uint8_t *amf, uint8_t *op); bool get_k_amf_op(uint64_t imsi, uint8_t *k, uint8_t *amf, uint8_t *op);
bool gen_auth_info_answer(uint64_t imsi, uint8_t *k_asme, uint8_t *autn, uint8_t *rand, uint8_t *xres);
bool gen_auth_info_answer_milenage(uint64_t imsi, uint8_t *k_asme, uint8_t *autn, uint8_t *rand, uint8_t *xres); bool gen_auth_info_answer_milenage(uint64_t imsi, uint8_t *k_asme, uint8_t *autn, uint8_t *rand, uint8_t *xres);
bool gen_auth_info_answer_xor(uint64_t imsi, uint8_t *k_asme, uint8_t *autn, uint8_t *rand, uint8_t *xres);
std::vector<std::string> split_string(const std::string &str, char delimiter); std::vector<std::string> split_string(const std::string &str, char delimiter);
void get_uint_vec_from_hex_str(const std::string &key_str, uint8_t *key, uint len); void get_uint_vec_from_hex_str(const std::string &key_str, uint8_t *key, uint len);
@ -84,6 +92,8 @@ private:
std::map<uint64_t,hss_ue_ctx_t*> m_imsi_to_ue_ctx; std::map<uint64_t,hss_ue_ctx_t*> m_imsi_to_ue_ctx;
enum hss_auth_algo m_auth_algo;
/*Logs*/ /*Logs*/
srslte::log_filter *m_hss_log; srslte::log_filter *m_hss_log;

@ -39,7 +39,8 @@ hss* hss::m_instance = NULL;
boost::mutex hss_instance_mutex; boost::mutex hss_instance_mutex;
hss::hss() hss::hss()
:m_sqn(0x112233445566) // :m_sqn(0x112233445566)
:m_sqn(0)
{ {
m_pool = srslte::byte_buffer_pool::get_instance(); m_pool = srslte::byte_buffer_pool::get_instance();
return; return;
@ -80,14 +81,42 @@ hss::init(hss_args_t *hss_args, srslte::log_filter *hss_log)
srand(time(NULL)); srand(time(NULL));
/*Init loggers*/ /*Init loggers*/
m_hss_log = hss_log; m_hss_log = hss_log;
m_hss_log->info("HSS Initialized\n");
m_hss_log->console("HSS Initialized\n");
/*Set authentication algorithm*/
if(set_auth_algo(hss_args->auth_algo) == false)
{
return -1;
}
/*Read user information from DB*/ /*Read user information from DB*/
read_db_file(hss_args->db_file); if(read_db_file(hss_args->db_file) == false)
{
return -1;
}
m_hss_log->info("HSS Initialized. DB file %s, authentication algorithm %s\n", hss_args->db_file.c_str(),hss_args->auth_algo.c_str());
m_hss_log->console("HSS Initialized\n");
return 0; return 0;
} }
bool
hss::set_auth_algo(std::string auth_algo)
{
if(auth_algo != "xor" && auth_algo != "milenage" )
{
m_hss_log->error("Unrecognized authentication algorithm. auth_algo = %s\n", auth_algo.c_str());
return false;
}
if(auth_algo == "xor")
{
m_auth_algo = HSS_ALGO_XOR;
}
else
{
m_auth_algo = HSS_ALGO_MILENAGE;
}
return true;
}
bool bool
hss::read_db_file(std::string db_filename) hss::read_db_file(std::string db_filename)
{ {
@ -128,6 +157,23 @@ hss::read_db_file(std::string db_filename)
return true; return true;
} }
bool
hss::gen_auth_info_answer(uint64_t imsi, uint8_t *k_asme, uint8_t *autn, uint8_t *rand, uint8_t *xres)
{
bool ret = false;
switch (m_auth_algo)
{
case HSS_ALGO_XOR:
ret = gen_auth_info_answer_xor(imsi, k_asme, autn, rand, xres);
break;
case HSS_ALGO_MILENAGE:
ret = gen_auth_info_answer_milenage(imsi, k_asme, autn, rand, xres);
break;
}
return ret;
}
bool bool
hss::gen_auth_info_answer_milenage(uint64_t imsi, uint8_t *k_asme, uint8_t *autn, uint8_t *rand, uint8_t *xres) hss::gen_auth_info_answer_milenage(uint64_t imsi, uint8_t *k_asme, uint8_t *autn, uint8_t *rand, uint8_t *xres)
{ {
@ -196,6 +242,106 @@ hss::gen_auth_info_answer_milenage(uint64_t imsi, uint8_t *k_asme, uint8_t *autn
return true; return true;
} }
bool
hss::gen_auth_info_answer_xor(uint64_t imsi, uint8_t *k_asme, uint8_t *autn, uint8_t *rand, uint8_t *xres)
{
uint8_t k[16];
uint8_t amf[2];
uint8_t op[16];
uint8_t sqn[6];
uint8_t xdout[16];
uint8_t cdout[8];
uint8_t ck[16];
uint8_t ik[16];
uint8_t ak[6];
uint8_t mac[8];
uint16_t mcc=61441; //001
uint16_t mnc=65281; //01
int i = 0;
if(!get_k_amf_op(imsi,k,amf,op))
{
return false;
}
gen_rand(rand);
get_sqn(sqn);
// Use RAND and K to compute RES, CK, IK and AK
for(i=0; i<16; i++) {
xdout[i] = k[i]^rand[i];
}
for(i=0; i<16; i++) {
xres[i] = xdout[i];
ck[i] = xdout[(i+1)%16];
ik[i] = xdout[(i+2)%16];
}
for(i=0; i<6; i++) {
ak[i] = xdout[i+3];
}
// Generate cdout
for(i=0; i<6; i++) {
cdout[i] = sqn[i];
}
for(i=0; i<2; i++) {
cdout[6+i] = amf[i];
}
// Generate MAC
for(i=0;i<8;i++) {
mac[i] = xdout[i] ^ cdout[i];
}
//Generate AUTN (autn = sqn ^ ak |+| amf |+| mac)
for(int i=0;i<6;i++ )
{
autn[i] = sqn[i]^ak[i];
}
for(int i=0;i<2;i++)
{
autn[6+i]=amf[i];
}
for(int i=0;i<8;i++)
{
autn[8+i]=mac[i];
}
// Generate K_asme
security_generate_k_asme( ck,
ik,
ak,
sqn,
mcc,
mnc,
k_asme);
//Generate AUTN (autn = sqn ^ ak |+| amf |+| mac)
for(int i=0;i<6;i++ )
{
autn[i] = sqn[i]^ak[i];
}
for(int i=0;i<2;i++)
{
autn[6+i]=amf[i];
}
for(int i=0;i<8;i++)
{
autn[8+i]=mac[i];
}
m_hss_log->debug_hex(sqn, 6, "User SQN : ");
m_hss_log->debug_hex(autn, 8, "User AUTN: ");
m_hss_log->debug_hex(xres, 8, "User XRES: ");
return true;
}
bool bool
hss::get_k_amf_op(uint64_t imsi, uint8_t *k, uint8_t *amf, uint8_t *op ) hss::get_k_amf_op(uint64_t imsi, uint8_t *k, uint8_t *amf, uint8_t *op )
{ {

@ -74,6 +74,7 @@ parse_args(all_args_t *args, int argc, char* argv[]) {
string spgw_bind_addr; string spgw_bind_addr;
string sgi_if_addr; string sgi_if_addr;
string hss_db_file; string hss_db_file;
string hss_auth_algo;
// Command line only options // Command line only options
bpo::options_description general("General options"); bpo::options_description general("General options");
@ -94,6 +95,7 @@ parse_args(all_args_t *args, int argc, char* argv[]) {
("mme.mnc", bpo::value<string>(&mnc)->default_value("01"), "Mobile Network Code") ("mme.mnc", bpo::value<string>(&mnc)->default_value("01"), "Mobile Network Code")
("mme.mme_bind_addr", bpo::value<string>(&mme_bind_addr)->default_value("127.0.0.1"),"IP address of MME for S1 connnection") ("mme.mme_bind_addr", bpo::value<string>(&mme_bind_addr)->default_value("127.0.0.1"),"IP address of MME for S1 connnection")
("hss.db_file", bpo::value<string>(&hss_db_file)->default_value("ue_db.csv"),".csv file that stores UE's keys") ("hss.db_file", bpo::value<string>(&hss_db_file)->default_value("ue_db.csv"),".csv file that stores UE's keys")
("hss.auth_algo", bpo::value<string>(&hss_auth_algo)->default_value("milenage"),"HSS uthentication algorithm.")
("spgw.gtpu_bind_addr", bpo::value<string>(&spgw_bind_addr)->default_value("127.0.0.1"),"IP address of SP-GW for the S1-U connection") ("spgw.gtpu_bind_addr", bpo::value<string>(&spgw_bind_addr)->default_value("127.0.0.1"),"IP address of SP-GW for the S1-U connection")
("spgw.sgi_if_addr", bpo::value<string>(&sgi_if_addr)->default_value("176.16.0.1"),"IP address of TUN interface for the SGi connection") ("spgw.sgi_if_addr", bpo::value<string>(&sgi_if_addr)->default_value("176.16.0.1"),"IP address of TUN interface for the SGi connection")
; ;
@ -171,6 +173,7 @@ parse_args(all_args_t *args, int argc, char* argv[]) {
args->spgw_args.gtpu_bind_addr = spgw_bind_addr; args->spgw_args.gtpu_bind_addr = spgw_bind_addr;
args->spgw_args.sgi_if_addr = sgi_if_addr; args->spgw_args.sgi_if_addr = sgi_if_addr;
args->hss_args.db_file = hss_db_file; args->hss_args.db_file = hss_db_file;
args->hss_args.auth_algo = hss_auth_algo;
return; return;
} }

@ -378,7 +378,7 @@ s1ap::handle_initial_ue_message(LIBLTE_S1AP_MESSAGE_INITIALUEMESSAGE_STRUCT *ini
memcpy(&ue_ctx.enb_sri, enb_sri, sizeof(struct sctp_sndrcvinfo)); memcpy(&ue_ctx.enb_sri, enb_sri, sizeof(struct sctp_sndrcvinfo));
//Get Authentication Vectors from HSS //Get Authentication Vectors from HSS
if(!m_hss->gen_auth_info_answer_milenage(imsi, ue_ctx.security_ctxt.k_asme, autn, rand, ue_ctx.security_ctxt.xres)) if(!m_hss->gen_auth_info_answer(imsi, ue_ctx.security_ctxt.k_asme, autn, rand, ue_ctx.security_ctxt.xres))
{ {
m_s1ap_log->console("User not found. IMSI %015lu\n",imsi); m_s1ap_log->console("User not found. IMSI %015lu\n",imsi);
m_s1ap_log->info("User not found. IMSI %015lu\n",imsi); m_s1ap_log->info("User not found. IMSI %015lu\n",imsi);
@ -468,7 +468,7 @@ s1ap::handle_uplink_nas_transport(LIBLTE_S1AP_MESSAGE_UPLINKNASTRANSPORT_STRUCT
return true; //no need for reply. FIXME this should be better structured... return true; //no need for reply. FIXME this should be better structured...
break; break;
default: default:
m_s1ap_log->info("Unhandled NAS message"); m_s1ap_log->info("Unhandled NAS message 0x%x\n", msg_type );
return false; //FIXME (nas_msg deallocate needs to be called) return false; //FIXME (nas_msg deallocate needs to be called)
} }

@ -82,7 +82,7 @@ s1ap_nas_transport::unpack_initial_ue_message(LIBLTE_S1AP_MESSAGE_INITIALUEMESSA
return false; return false;
} }
if(pdn_con_req->pdn_type != LIBLTE_MME_PDN_TYPE_IPV4) if(pdn_con_req->pdn_type == LIBLTE_MME_PDN_TYPE_IPV6)
{ {
m_s1ap_log->error("PDN Connectivity Request: Only IPv4 connectivity supported.\n"); m_s1ap_log->error("PDN Connectivity Request: Only IPv4 connectivity supported.\n");
return false; return false;
@ -331,59 +331,59 @@ s1ap_nas_transport::log_unhandled_attach_request_ies(const LIBLTE_MME_ATTACH_REQ
{ {
if(attach_req->old_p_tmsi_signature_present) if(attach_req->old_p_tmsi_signature_present)
{ {
m_s1ap_log->warning("NAS attach request: Old P-TMSI signature present, but not handled."); m_s1ap_log->warning("NAS attach request: Old P-TMSI signature present, but not handled.\n");
} }
if(attach_req->additional_guti_present) if(attach_req->additional_guti_present)
{ {
m_s1ap_log->warning("NAS attach request: Aditional GUTI present, but not handled."); m_s1ap_log->warning("NAS attach request: Aditional GUTI present, but not handled.\n");
} }
if(attach_req->last_visited_registered_tai_present) if(attach_req->last_visited_registered_tai_present)
{ {
m_s1ap_log->warning("NAS attach request: Last visited registered TAI present, but not handled."); m_s1ap_log->warning("NAS attach request: Last visited registered TAI present, but not handled.\n");
} }
if(attach_req->drx_param_present) if(attach_req->drx_param_present)
{ {
m_s1ap_log->warning("NAS attach request: DRX Param present, but not handled."); m_s1ap_log->warning("NAS attach request: DRX Param present, but not handled.\n");
} }
if(attach_req->ms_network_cap_present) if(attach_req->ms_network_cap_present)
{ {
m_s1ap_log->warning("NAS attach request: MS network cap present, but not handled."); m_s1ap_log->warning("NAS attach request: MS network cap present, but not handled.\n");
} }
if(attach_req->old_lai_present) if(attach_req->old_lai_present)
{ {
m_s1ap_log->warning("NAS attach request: Old LAI present, but not handled."); m_s1ap_log->warning("NAS attach request: Old LAI present, but not handled.\n");
} }
if(attach_req->tmsi_status_present) if(attach_req->tmsi_status_present)
{ {
m_s1ap_log->warning("NAS attach request: TSMI status present, but not handled."); m_s1ap_log->warning("NAS attach request: TSMI status present, but not handled.\n");
} }
if(attach_req->ms_cm2_present) if(attach_req->ms_cm2_present)
{ {
m_s1ap_log->warning("NAS attach request: MS CM2 present, but not handled."); m_s1ap_log->warning("NAS attach request: MS CM2 present, but not handled.\n");
} }
if(attach_req->ms_cm3_present) if(attach_req->ms_cm3_present)
{ {
m_s1ap_log->warning("NAS attach request: MS CM3 present, but not handled."); m_s1ap_log->warning("NAS attach request: MS CM3 present, but not handled.\n");
} }
if(attach_req->supported_codecs_present) if(attach_req->supported_codecs_present)
{ {
m_s1ap_log->warning("NAS attach request: Supported CODECs present, but not handled."); m_s1ap_log->warning("NAS attach request: Supported CODECs present, but not handled.\n");
} }
if(attach_req->additional_update_type_present) if(attach_req->additional_update_type_present)
{ {
m_s1ap_log->warning("NAS attach request: Additional Update Type present, but not handled."); m_s1ap_log->warning("NAS attach request: Additional Update Type present, but not handled.\n");
} }
if(attach_req->voice_domain_pref_and_ue_usage_setting_present) if(attach_req->voice_domain_pref_and_ue_usage_setting_present)
{ {
m_s1ap_log->warning("NAS attach request: Voice domain preference and UE usage setting present, but not handled."); m_s1ap_log->warning("NAS attach request: Voice domain preference and UE usage setting present, but not handled.\n");
} }
if(attach_req->device_properties_present) if(attach_req->device_properties_present)
{ {
m_s1ap_log->warning("NAS attach request: Device properties present, but not handled."); m_s1ap_log->warning("NAS attach request: Device properties present, but not handled.\n");
} }
if(attach_req->old_guti_type_present) if(attach_req->old_guti_type_present)
{ {
m_s1ap_log->warning("NAS attach request: Old GUTI type present, but not handled."); m_s1ap_log->warning("NAS attach request: Old GUTI type present, but not handled.\n");
} }
return; return;
} }
@ -394,19 +394,19 @@ s1ap_nas_transport::log_unhandled_pdn_con_request_ies(const LIBLTE_MME_PDN_CONNE
//Handle the optional flags //Handle the optional flags
if(pdn_con_req->esm_info_transfer_flag_present) if(pdn_con_req->esm_info_transfer_flag_present)
{ {
m_s1ap_log->warning("PDN Connectivity request: ESM info transfer flag properties present, but not handled."); m_s1ap_log->warning("PDN Connectivity request: ESM info transfer flag properties present, but not handled.\n");
} }
if(pdn_con_req->apn_present) if(pdn_con_req->apn_present)
{ {
m_s1ap_log->warning("PDN Connectivity request: APN present, but not handled."); m_s1ap_log->warning("PDN Connectivity request: APN present, but not handled.\n");
} }
if(pdn_con_req->protocol_cnfg_opts_present) if(pdn_con_req->protocol_cnfg_opts_present)
{ {
m_s1ap_log->warning("PDN Connectivity request: Protocol Cnfg options present, but not handled."); m_s1ap_log->warning("PDN Connectivity request: Protocol Cnfg options present, but not handled.\n");
} }
if(pdn_con_req->device_properties_present) if(pdn_con_req->device_properties_present)
{ {
m_s1ap_log->warning("PDN Connectivity request: Device properties present, but not handled."); m_s1ap_log->warning("PDN Connectivity request: Device properties present, but not handled.\n");
} }
} }
@ -415,37 +415,37 @@ void
s1ap_nas_transport::log_unhandled_initial_ue_message_ies(LIBLTE_S1AP_MESSAGE_INITIALUEMESSAGE_STRUCT *init_ue) s1ap_nas_transport::log_unhandled_initial_ue_message_ies(LIBLTE_S1AP_MESSAGE_INITIALUEMESSAGE_STRUCT *init_ue)
{ {
if(init_ue->S_TMSI_present){ if(init_ue->S_TMSI_present){
m_s1ap_log->warning("S-TMSI present, but not handled."); m_s1ap_log->warning("S-TMSI present, but not handled.\n");
} }
if(init_ue->CSG_Id_present){ if(init_ue->CSG_Id_present){
m_s1ap_log->warning("S-TMSI present, but not handled."); m_s1ap_log->warning("S-TMSI present, but not handled.\n");
} }
if(init_ue->GUMMEI_ID_present){ if(init_ue->GUMMEI_ID_present){
m_s1ap_log->warning("GUMMEI ID present, but not handled."); m_s1ap_log->warning("GUMMEI ID present, but not handled.\n");
} }
if(init_ue->CellAccessMode_present){ if(init_ue->CellAccessMode_present){
m_s1ap_log->warning("Cell Access Mode present, but not handled."); m_s1ap_log->warning("Cell Access Mode present, but not handled.\n");
} }
if(init_ue->GW_TransportLayerAddress_present){ if(init_ue->GW_TransportLayerAddress_present){
m_s1ap_log->warning("GW Transport Layer present, but not handled."); m_s1ap_log->warning("GW Transport Layer present, but not handled.\n");
} }
if(init_ue->GW_TransportLayerAddress_present){ if(init_ue->GW_TransportLayerAddress_present){
m_s1ap_log->warning("GW Transport Layer present, but not handled."); m_s1ap_log->warning("GW Transport Layer present, but not handled.\n");
} }
if(init_ue->RelayNode_Indicator_present){ if(init_ue->RelayNode_Indicator_present){
m_s1ap_log->warning("Relay Node Indicator present, but not handled."); m_s1ap_log->warning("Relay Node Indicator present, but not handled.\n");
} }
if(init_ue->GUMMEIType_present){ if(init_ue->GUMMEIType_present){
m_s1ap_log->warning("GUMMEI Type present, but not handled."); m_s1ap_log->warning("GUMMEI Type present, but not handled.\n");
} }
if(init_ue->Tunnel_Information_for_BBF_present){ if(init_ue->Tunnel_Information_for_BBF_present){
m_s1ap_log->warning("Tunnel Information for BBF present, but not handled."); m_s1ap_log->warning("Tunnel Information for BBF present, but not handled.\n");
} }
if(init_ue->SIPTO_L_GW_TransportLayerAddress_present){ if(init_ue->SIPTO_L_GW_TransportLayerAddress_present){
m_s1ap_log->warning("SIPTO GW Transport Layer Address present, but not handled."); m_s1ap_log->warning("SIPTO GW Transport Layer Address present, but not handled.\n");
} }
if(init_ue->LHN_ID_present){ if(init_ue->LHN_ID_present){
m_s1ap_log->warning("LHN Id present, but not handled."); m_s1ap_log->warning("LHN Id present, but not handled.\n");
} }
return; return;
} }

@ -9,5 +9,5 @@
# AMF: Authentication management feild, stored in hexadecimal # AMF: Authentication management feild, stored in hexadecimal
# #
# Note: Lines starting by '#' are ignored # Note: Lines starting by '#' are ignored
ue1,001010123456789,00112233445566778899aabbccddeeff,63BFA50EE6523365FF14C1F45F88737D,8000 ue1,001010123456789,00112233445566778899aabbccddeeff,63BFA50EE6523365FF14C1F45F88737D,9001
ue2,001010123456780,00112233445566778899aabbccddeeaa,63BFA50EE6523365FF14C1F45F88737D,2000 ue2,001010123456780,00112233445566778899aabbccddeeaa,63BFA50EE6523365FF14C1F45F88737D,2000

Can't render this file because it contains an unexpected character in line 3 and column 33.
Loading…
Cancel
Save