diff --git a/srsepc/hdr/hss/hss.h b/srsepc/hdr/hss/hss.h index c08545a9f..df19aed4e 100644 --- a/srsepc/hdr/hss/hss.h +++ b/srsepc/hdr/hss/hss.h @@ -58,7 +58,7 @@ public: void get_sqn(uint8_t sqn[6]); void gen_rand(uint8_t rand_[16]); bool get_k_amf_op(uint64_t imsi, uint8_t *k, uint8_t *amf, uint8_t *op); - bool gen_auth_info_answer_milenage(uint64_t imsi, uint8_t *kasme, uint8_t *autn, uint8_t *rand, uint8_t *xres); + bool gen_auth_info_answer_milenage(uint64_t imsi, uint8_t *k_asme, uint8_t *autn, uint8_t *rand, uint8_t *xres); private: diff --git a/srsepc/src/hss/hss.cc b/srsepc/src/hss/hss.cc index 9b6159c13..e5dc85b77 100644 --- a/srsepc/src/hss/hss.cc +++ b/srsepc/src/hss/hss.cc @@ -27,6 +27,9 @@ #include /* time */ #include #include "hss/hss.h" +#include "srslte/common/security.h" + +using namespace srslte; namespace srsepc{ @@ -82,14 +85,21 @@ hss::init(hss_args_t *hss_args, srslte::logger *logger) } bool -hss::gen_auth_info_answer_milenage(uint64_t imsi, uint8_t *kasme, uint8_t *autn, uint8_t *rand, uint8_t *xres) +hss::gen_auth_info_answer_milenage(uint64_t imsi, uint8_t *k_asme, uint8_t *autn, uint8_t *rand, uint8_t *xres) { uint8_t k[16]; uint8_t amf[2]; uint8_t op[16]; - //uint8_t rand[16]; uint8_t sqn[6]; + uint8_t ck[16]; + uint8_t ik[16]; + uint8_t ak[6]; + uint8_t mac[8]; + + uint16_t mcc=1; + uint16_t mnc=1; + if(!get_k_amf_op(imsi,k,amf,op)) { return false; @@ -97,6 +107,31 @@ hss::gen_auth_info_answer_milenage(uint64_t imsi, uint8_t *kasme, uint8_t *autn, gen_rand(rand); get_sqn(sqn); + security_milenage_f2345( k, + op, + rand, + xres, + ck, + ik, + ak); + + security_milenage_f1( k, + op, + rand, + sqn, + amf, + mac); + + // Generate K_asme + security_generate_k_asme( ck, + ik, + ak, + sqn, + mcc, + mnc, + k_asme); + + return true; } diff --git a/srsepc/src/mme/s1ap.cc b/srsepc/src/mme/s1ap.cc index 0204e1ddf..83a5d946f 100644 --- a/srsepc/src/mme/s1ap.cc +++ b/srsepc/src/mme/s1ap.cc @@ -356,107 +356,22 @@ s1ap::handle_initial_ue_message(LIBLTE_S1AP_MESSAGE_INITIALUEMESSAGE_STRUCT *msg if(msg->LHN_ID_present){ m_s1ap_log->warning("LHN Id present, but not handled."); } - - if(!m_hss->get_k_amf_op(imsi, k, amf, op)) + + + uint8_t k_asme[32]; + uint8_t autn[16]; + uint8_t rand[6]; + uint8_t xres[16]; + + if(!m_hss->gen_auth_info_answer_milenage(imsi, k_asme, autn, rand, xres)) { m_s1ap_log->console("User not found. IMSI %015lu\n",imsi); m_s1ap_log->info("User not found. IMSI %015lu\n",imsi); return false; } - + m_s1ap_nas_transport->gen_auth_request(); - /* - typedef struct{ - LIBLTE_MME_NAS_KEY_SET_ID_STRUCT nas_ksi; - LIBLTE_MME_EPS_MOBILE_ID_STRUCT eps_mobile_id; - LIBLTE_MME_UE_NETWORK_CAPABILITY_STRUCT ue_network_cap; - LIBLTE_BYTE_MSG_STRUCT esm_msg; - LIBLTE_MME_EPS_MOBILE_ID_STRUCT additional_guti; - LIBLTE_MME_TRACKING_AREA_ID_STRUCT last_visited_registered_tai; - LIBLTE_MME_DRX_PARAMETER_STRUCT drx_param; - LIBLTE_MME_MS_NETWORK_CAPABILITY_STRUCT ms_network_cap; - LIBLTE_MME_LOCATION_AREA_ID_STRUCT old_lai; - LIBLTE_MME_MOBILE_STATION_CLASSMARK_2_STRUCT ms_cm2; - LIBLTE_MME_MOBILE_STATION_CLASSMARK_3_STRUCT ms_cm3; - LIBLTE_MME_SUPPORTED_CODEC_LIST_STRUCT supported_codecs; - LIBLTE_MME_VOICE_DOMAIN_PREF_AND_UE_USAGE_SETTING_STRUCT voice_domain_pref_and_ue_usage_setting; - LIBLTE_MME_TMSI_STATUS_ENUM tmsi_status; - LIBLTE_MME_ADDITIONAL_UPDATE_TYPE_ENUM additional_update_type; - LIBLTE_MME_DEVICE_PROPERTIES_ENUM device_properties; - LIBLTE_MME_GUTI_TYPE_ENUM old_guti_type; - uint32 old_p_tmsi_signature; - uint8 eps_attach_type; - bool old_p_tmsi_signature_present; - bool additional_guti_present; - bool last_visited_registered_tai_present; - bool drx_param_present; - bool ms_network_cap_present; - bool old_lai_present; - bool tmsi_status_present; - bool ms_cm2_present; - bool ms_cm3_present; - bool supported_codecs_present; - bool additional_update_type_present; - bool voice_domain_pref_and_ue_usage_setting_present; - bool device_properties_present; - bool old_guti_type_present; - }LIBLTE_MME_ATTACH_REQUEST_MSG_STRUCT; - */ - /* - typedef struct{ - LIBLTE_MME_ACCESS_POINT_NAME_STRUCT apn; - LIBLTE_MME_PROTOCOL_CONFIG_OPTIONS_STRUCT protocol_cnfg_opts; - LIBLTE_MME_ESM_INFO_TRANSFER_FLAG_ENUM esm_info_transfer_flag; - LIBLTE_MME_DEVICE_PROPERTIES_ENUM device_properties; - uint8 eps_bearer_id; - uint8 proc_transaction_id; - uint8 pdn_type; - uint8 request_type; - bool esm_info_transfer_flag_present; - bool apn_present; - bool protocol_cnfg_opts_present; - bool device_properties_present; - }LIBLTE_MME_PDN_CONNECTIVITY_REQUEST_MSG_STRUCT; - */ - /* - typedef struct{ - bool ext; - LIBLTE_S1AP_ENB_UE_S1AP_ID_STRUCT eNB_UE_S1AP_ID; - LIBLTE_S1AP_NAS_PDU_STRUCT NAS_PDU; - LIBLTE_S1AP_TAI_STRUCT TAI; - LIBLTE_S1AP_EUTRAN_CGI_STRUCT EUTRAN_CGI; - LIBLTE_S1AP_RRC_ESTABLISHMENT_CAUSE_ENUM_EXT RRC_Establishment_Cause; - LIBLTE_S1AP_S_TMSI_STRUCT S_TMSI; - bool S_TMSI_present; - LIBLTE_S1AP_CSG_ID_STRUCT CSG_Id; - bool CSG_Id_present; - LIBLTE_S1AP_GUMMEI_STRUCT GUMMEI_ID; - bool GUMMEI_ID_present; - LIBLTE_S1AP_CELLACCESSMODE_ENUM_EXT CellAccessMode; - bool CellAccessMode_present; - LIBLTE_S1AP_TRANSPORTLAYERADDRESS_STRUCT GW_TransportLayerAddress; - bool GW_TransportLayerAddress_present; - LIBLTE_S1AP_RELAYNODE_INDICATOR_ENUM_EXT RelayNode_Indicator; - bool RelayNode_Indicator_present; - LIBLTE_S1AP_GUMMEITYPE_ENUM_EXT GUMMEIType; - bool GUMMEIType_present; - LIBLTE_S1AP_TUNNELINFORMATION_STRUCT Tunnel_Information_for_BBF; - bool Tunnel_Information_for_BBF_present; - LIBLTE_S1AP_TRANSPORTLAYERADDRESS_STRUCT SIPTO_L_GW_TransportLayerAddress; - bool SIPTO_L_GW_TransportLayerAddress_present; - LIBLTE_S1AP_LHN_ID_STRUCT LHN_ID; - bool LHN_ID_present; - }LIBLTE_S1AP_MESSAGE_INITIALUEMESSAGE_STRUCT; - */ - //Send Reply to eNB - //ssize_t n_sent = sctp_send(m_s1mme,reply_msg.msg, reply_msg.N_bytes, enb_sri, 0); - //if(n_sent == -1) - //{ - // m_s1ap_log->console("Failed to send S1 Setup Setup Reply"); - // return false; - //} - return true; }