From b675e1fcc92f39c10c74b7d5056314d94a18887d Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Mon, 14 Jan 2019 17:00:16 +0000 Subject: [PATCH] Ciphering EMM information message. Chainging detach_request security header in the UE to integrity and ciphered to avoid malformed message. --- srsepc/src/mme/nas.cc | 6 +++++- srsue/src/upper/nas.cc | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/srsepc/src/mme/nas.cc b/srsepc/src/mme/nas.cc index c2c7804be..9fb7450ec 100644 --- a/srsepc/src/mme/nas.cc +++ b/srsepc/src/mme/nas.cc @@ -1321,7 +1321,7 @@ nas::pack_emm_information(srslte::byte_buffer_t *nas_buffer) emm_info.utc_and_local_time_zone_present = false; emm_info.net_dst_present = false; - uint8_t sec_hdr_type =2; + uint8_t sec_hdr_type =LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_AND_CIPHERED; m_sec_ctx.dl_nas_count++; LIBLTE_ERROR_ENUM err = liblte_mme_pack_emm_information_msg(&emm_info, sec_hdr_type, m_sec_ctx.dl_nas_count, (LIBLTE_BYTE_MSG_STRUCT *) nas_buffer); if (err != LIBLTE_SUCCESS) { @@ -1330,6 +1330,10 @@ nas::pack_emm_information(srslte::byte_buffer_t *nas_buffer) return false; } + // Encrypt NAS message + cipher_encrypt(nas_buffer); + + // Integrity protect NAS message uint8_t mac[4]; integrity_generate(nas_buffer,mac); memcpy(&nas_buffer->msg[1],mac,4); diff --git a/srsue/src/upper/nas.cc b/srsue/src/upper/nas.cc index 88e056391..447aaab51 100644 --- a/srsue/src/upper/nas.cc +++ b/srsue/src/upper/nas.cc @@ -1351,7 +1351,7 @@ void nas::send_detach_request(bool switch_off) detach_request.nas_ksi.nas_ksi = ctxt.ksi; nas_log->info("Requesting Detach with GUTI\n"); liblte_mme_pack_detach_request_msg(&detach_request, - LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY, + LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY_AND_CIPHERED, ctxt.tx_count, (LIBLTE_BYTE_MSG_STRUCT *) pdu);