Fixed bug on network authentication.

7 years ago · bb85525ad2
parent dc107edd41
commit bb85525ad2
3 changed files with 55 additions and 71 deletions
--- a/srsepc/src/hss/hss.cc
+++ b/srsepc/src/hss/hss.cc
@ -25,6 +25,8 @@
 */
 #include <stdlib.h>     /* srand, rand */
 #include <time.h>       /* time */
+#include <string>
+#include <sstream>
 #include <boost/thread/mutex.hpp>
 #include "hss/hss.h"
 #include "srslte/common/security.h"
@ -145,6 +147,29 @@ hss::gen_auth_info_answer_milenage(uint64_t imsi, uint8_t *k_asme, uint8_t *autn
    autn[8+i]=mac[i];
  }

+
+
+  //std::stringstream ss;
+  std::cout<<"SQN: ";
+  for(int i=0;i<6;i++)
+  {
+    std::cout << std::hex <<(uint16_t)sqn[i];
+  }
+  std::cout<<std::endl;
+  std::cout<<"AUTN: ";
+  for(int i=0;i<8;i++)
+  {
+    std::cout << std::hex <<(uint16_t)autn[i];
+  }
+  std::cout<<std::endl;
+  std::cout<<"XRES: ";
+  for(int i=0;i<16;i++)
+  {
+    std::cout << std::hex <<(uint16_t)xres[i];
+  }
+  std::cout<<std::endl;
+  //std::string autn_str = ss.str();
+  //m_hss_log.console("AUTN: %s", autn_str.c_str());
  return true;
 }

--- a/srsepc/src/mme/s1ap.cc
+++ b/srsepc/src/mme/s1ap.cc
@ -248,7 +248,7 @@ s1ap::handle_initial_ue_message(LIBLTE_S1AP_MESSAGE_INITIALUEMESSAGE_STRUCT *ini
  uint8_t     k_asme[32];
  uint8_t     autn[16]; 
  uint8_t     rand[6];
-  uint8_t     xres[16];
+  uint8_t     xres[8];

  ue_ctx_t ue_ctx;

@ -332,17 +332,19 @@ s1ap::handle_uplink_nas_transport(LIBLTE_S1AP_MESSAGE_UPLINKNASTRANSPORT_STRUCT
  if(it == m_active_ues.end())
  {
    //TODO UE not registered, send error message.
+    m_s1ap_log->console("Could not find UE. MME-UE S1AP id: %lu\n",mme_ue_s1ap_id);
    return false;
  }
+  m_s1ap_log->console("Found UE. MME-UE S1AP id: %lu",mme_ue_s1ap_id);

  //Get NAS authentication response
  if(!m_s1ap_nas_transport.unpack_authentication_response(ul_xport, &auth_resp))
  {
-    //TODO set up error reply
+    m_s1ap_log->warning("Error unpacking authentication response\n");
    return false;
  }

-  for(int i=0; i<16;i++)
+  for(int i=0; i<8;i++)
  {
    if(auth_resp.res[i] != ue_ctx->xres[i])
    {
@ -351,78 +353,35 @@ s1ap::handle_uplink_nas_transport(LIBLTE_S1AP_MESSAGE_UPLINKNASTRANSPORT_STRUCT
  }
  if(!ue_valid)
  {
+    std::cout<<std::endl;
+    std::cout<<"XRES: ";
+    for(int i=0;i<8;i++)
+    {
+      std::cout << std::hex <<(uint16_t)ue_ctx->xres[i];
+    }
+    std::cout<<std::endl;
+   
+    m_s1ap_log->console("UE Authentication Rejected. IMSI: %lu\n", ue_ctx->imsi);
    m_s1ap_log->warning("UE Authentication Rejected. IMSI: %lu\n", ue_ctx->imsi);
    //TODO send back error reply
    return false;
  }
  m_s1ap_log->console("UE Authentication Accepted. IMSI: %lu\n", ue_ctx->imsi);

-  reply_msg = m_pool->allocate();

+  //Send Security Mode Command
+  reply_msg = m_pool->allocate();
  m_s1ap_nas_transport.pack_security_mode_command(reply_msg, ue_ctx);

-  /*
-  typedef struct{
-  bool                                                         ext;
-  LIBLTE_S1AP_MME_UE_S1AP_ID_STRUCT                            MME_UE_S1AP_ID;
-  LIBLTE_S1AP_ENB_UE_S1AP_ID_STRUCT                            eNB_UE_S1AP_ID;
-  LIBLTE_S1AP_NAS_PDU_STRUCT                                   NAS_PDU;
-  LIBLTE_S1AP_EUTRAN_CGI_STRUCT                                EUTRAN_CGI;
-  LIBLTE_S1AP_TAI_STRUCT                                       TAI;
-  LIBLTE_S1AP_TRANSPORTLAYERADDRESS_STRUCT                     GW_TransportLayerAddress;
-  bool                                                         GW_TransportLayerAddress_present;
-  LIBLTE_S1AP_TRANSPORTLAYERADDRESS_STRUCT                     SIPTO_L_GW_TransportLayerAddress;
-  bool                                                         SIPTO_L_GW_TransportLayerAddress_present;
-  LIBLTE_S1AP_LHN_ID_STRUCT                                    LHN_ID;
-  bool                                                         LHN_ID_present;
-  }LIBLTE_S1AP_MESSAGE_UPLINKNASTRANSPORT_STRUCT;
-  */
-  /*
-  typedef struct{
-    uint8 res[16];
-  }LIBLTE_MME_AUTHENTICATION_RESPONSE_MSG_STRUCT;
-  */
-
-  /*
-  typedef struct{
-    LIBLTE_MME_NAS_SECURITY_ALGORITHMS_STRUCT  selected_nas_sec_algs;
-    LIBLTE_MME_NAS_KEY_SET_ID_STRUCT           nas_ksi;
-    LIBLTE_MME_UE_SECURITY_CAPABILITIES_STRUCT ue_security_cap;
-    LIBLTE_MME_IMEISV_REQUEST_ENUM             imeisv_req;
-    uint32                                     nonce_ue;
-    uint32                                     nonce_mme;
-    bool                                       imeisv_req_present;
-    bool                                       nonce_ue_present;
-    bool                                       nonce_mme_present;
-  }LIBLTE_MME_SECURITY_MODE_COMMAND_MSG_STRUCT;
-  */
-  /*
-  typedef struct{
-    LIBLTE_MME_TYPE_OF_CIPHERING_ALGORITHM_ENUM type_of_eea;
-    LIBLTE_MME_TYPE_OF_INTEGRITY_ALGORITHM_ENUM type_of_eia;
-  }LIBLTE_MME_NAS_SECURITY_ALGORITHMS_STRUCT;
-  */
-  /*
-  typedef struct{
-    LIBLTE_MME_TYPE_OF_SECURITY_CONTEXT_FLAG_ENUM tsc_flag;
-    uint8                                         nas_ksi;
-  }LIBLTE_MME_NAS_KEY_SET_ID_STRUCT;
-  */
-  /*
-  typedef struct{
-    bool eea[8];
-    bool eia[8];
-    bool uea[8];
-    bool uea_present;
-    bool uia[8];
-    bool uia_present;
-    bool gea[8];
-    bool gea_present;
-  }LIBLTE_MME_UE_SECURITY_CAPABILITIES_STRUCT;
-  */
-
-
-  //m_s1ap_nas_transport.log_unhandled_uplink_nas_transport_message_ies(ul_xport);
+  //Send Reply to eNB
+  ssize_t n_sent = sctp_send(m_s1mme,reply_msg->msg, reply_msg->N_bytes, enb_sri, 0);
+  if(n_sent == -1)
+  {
+    m_s1ap_log->console("Failed to send NAS Attach Request");
+    return false;
+  }
+  m_s1ap_log->console("Sent Security Mode Command\n");
+  m_pool->deallocate(reply_msg);

  return true;
 }
--- a/srsepc/src/mme/s1ap_nas_transport.cc
+++ b/srsepc/src/mme/s1ap_nas_transport.cc
@ -205,13 +205,13 @@ s1ap_nas_transport::pack_security_mode_command(srslte::byte_buffer_t *reply_msg,
  dw_nas->eNB_UE_S1AP_ID.ENB_UE_S1AP_ID = ue_ctx->enb_ue_s1ap_id;
  dw_nas->HandoverRestrictionList_present=false;
  dw_nas->SubscriberProfileIDforRFP_present=false;
-  m_s1ap_log->console("Dw NAS id %d\n", ue_ctx->enb_ue_s1ap_id);
+  m_s1ap_log->console("Sending Security Mode command to MME-UE S1AP Id %d\n", ue_ctx->mme_ue_s1ap_id);

  //Pack NAS PDU 
  LIBLTE_MME_SECURITY_MODE_COMMAND_MSG_STRUCT sm_cmd;
 
  sm_cmd.selected_nas_sec_algs.type_of_eea = LIBLTE_MME_TYPE_OF_CIPHERING_ALGORITHM_EEA0;
-  sm_cmd.selected_nas_sec_algs.type_of_eia = LIBLTE_MME_TYPE_OF_INTEGRITY_ALGORITHM_EIA0;
+  sm_cmd.selected_nas_sec_algs.type_of_eia = LIBLTE_MME_TYPE_OF_INTEGRITY_ALGORITHM_128_EIA1;

  sm_cmd.nas_ksi.tsc_flag=LIBLTE_MME_TYPE_OF_SECURITY_CONTEXT_FLAG_NATIVE;
  sm_cmd.nas_ksi.nas_ksi=0;
@ -219,12 +219,12 @@ s1ap_nas_transport::pack_security_mode_command(srslte::byte_buffer_t *reply_msg,
  //FIXME UE security cap not used by srsUE.
  //sm_cmd.ue_security_cap;

- sm_cmd.imeisv_req_present=false;
+  sm_cmd.imeisv_req_present=false;
  sm_cmd.nonce_ue_present=false;
  sm_cmd.nonce_mme_present=false;

-  uint8_t  sec_hdr_type;
-  uint32_t count;
+  uint8_t  sec_hdr_type=3;
+  uint32_t count=0;

  LIBLTE_ERROR_ENUM err = liblte_mme_pack_security_mode_command_msg(&sm_cmd,sec_hdr_type, count,(LIBLTE_BYTE_MSG_STRUCT *) nas_buffer);
  if(err != LIBLTE_SUCCESS)