Changed PDCP configuration to explicitly have tx and rx direction. Decrypt on PDCP NR seems fine.

master
Pedro Alvarez 6 years ago committed by Andre Puschmann
parent ea3c44e9ac
commit d3b6828082

@ -77,10 +77,12 @@ typedef enum { PDCP_RB_IS_SRB, PDCP_RB_IS_DRB } pdcp_rb_type_t;
class srslte_pdcp_config_t class srslte_pdcp_config_t
{ {
public: public:
srslte_pdcp_config_t(uint8_t bearer_id_, pdcp_rb_type_t rb_type_, uint8_t direction_, uint8_t sn_len_) : srslte_pdcp_config_t(
uint8_t bearer_id_, pdcp_rb_type_t rb_type_, uint8_t tx_direction_, uint8_t rx_direction_, uint8_t sn_len_) :
bearer_id(bearer_id_), bearer_id(bearer_id_),
rb_type(rb_type_), rb_type(rb_type_),
direction(direction_), tx_direction(tx_direction_),
rx_direction(rx_direction_),
sn_len(sn_len_) sn_len(sn_len_)
{ {
hdr_len_bytes = ceil((float)sn_len / 8); hdr_len_bytes = ceil((float)sn_len / 8);
@ -88,7 +90,8 @@ public:
uint8_t bearer_id; uint8_t bearer_id;
pdcp_rb_type_t rb_type; pdcp_rb_type_t rb_type;
uint8_t direction; uint8_t tx_direction;
uint8_t rx_direction;
uint8_t sn_len; uint8_t sn_len;
uint8_t hdr_len_bytes; uint8_t hdr_len_bytes;

@ -93,7 +93,8 @@ protected:
bool do_integrity = false; bool do_integrity = false;
bool do_encryption = false; bool do_encryption = false;
srslte_pdcp_config_t cfg = {1, PDCP_RB_IS_DRB, SECURITY_DIRECTION_UPLINK, PDCP_SN_LEN_12}; srslte_pdcp_config_t cfg = {
1, PDCP_RB_IS_DRB, SECURITY_DIRECTION_DOWNLINK, SECURITY_DIRECTION_UPLINK, PDCP_SN_LEN_12};
std::mutex mutex; std::mutex mutex;

@ -45,6 +45,15 @@ void pdcp_entity_base::config_security(uint8_t* k_rrc_enc_,
} }
cipher_algo = cipher_algo_; cipher_algo = cipher_algo_;
integ_algo = integ_algo_; integ_algo = integ_algo_;
log->info("Configuring security with %s and %s\n",
integrity_algorithm_id_text[integ_algo],
ciphering_algorithm_id_text[cipher_algo]);
log->debug_hex(k_rrc_enc, 32,"K_rrc_enc");
log->debug_hex(k_up_enc, 32,"K_up_enc");
log->debug_hex(k_rrc_int, 32,"K_rrc_int");
log->debug_hex(k_up_int, 32,"K_up_int");
} }
@ -70,7 +79,7 @@ void pdcp_entity_base::integrity_generate(uint8_t* msg, uint32_t msg_len, uint32
security_128_eia1(&k_int[16], security_128_eia1(&k_int[16],
count, count,
cfg.bearer_id - 1, cfg.bearer_id - 1,
cfg.direction, cfg.tx_direction,
msg, msg,
msg_len, msg_len,
mac); mac);
@ -79,7 +88,7 @@ void pdcp_entity_base::integrity_generate(uint8_t* msg, uint32_t msg_len, uint32
security_128_eia2(&k_int[16], security_128_eia2(&k_int[16],
count, count,
cfg.bearer_id - 1, cfg.bearer_id - 1,
cfg.direction, cfg.tx_direction,
msg, msg,
msg_len, msg_len,
mac); mac);
@ -91,7 +100,7 @@ void pdcp_entity_base::integrity_generate(uint8_t* msg, uint32_t msg_len, uint32
log->debug("Integrity gen input: COUNT %d, Bearer ID %d, Direction %s\n", log->debug("Integrity gen input: COUNT %d, Bearer ID %d, Direction %s\n",
count, count,
cfg.bearer_id, cfg.bearer_id,
(cfg.direction == SECURITY_DIRECTION_DOWNLINK ? "Downlink" : "Uplink")); (cfg.tx_direction == SECURITY_DIRECTION_DOWNLINK ? "Downlink" : "Uplink"));
log->debug_hex(msg, msg_len, "Integrity gen input msg:"); log->debug_hex(msg, msg_len, "Integrity gen input msg:");
log->debug_hex(mac, 4, "MAC (generated)"); log->debug_hex(mac, 4, "MAC (generated)");
} }
@ -113,24 +122,10 @@ bool pdcp_entity_base::integrity_verify(uint8_t* msg, uint32_t msg_len, uint32_t
case INTEGRITY_ALGORITHM_ID_EIA0: case INTEGRITY_ALGORITHM_ID_EIA0:
break; break;
case INTEGRITY_ALGORITHM_ID_128_EIA1: case INTEGRITY_ALGORITHM_ID_128_EIA1:
security_128_eia1(&k_int[16], security_128_eia1(&k_int[16], count, cfg.bearer_id - 1, cfg.rx_direction, msg, msg_len, mac_exp);
count,
cfg.bearer_id - 1,
(cfg.direction == SECURITY_DIRECTION_DOWNLINK) ? (SECURITY_DIRECTION_UPLINK)
: (SECURITY_DIRECTION_DOWNLINK),
msg,
msg_len,
mac_exp);
break; break;
case INTEGRITY_ALGORITHM_ID_128_EIA2: case INTEGRITY_ALGORITHM_ID_128_EIA2:
security_128_eia2(&k_int[16], security_128_eia2(&k_int[16], count, cfg.bearer_id - 1, cfg.rx_direction, msg, msg_len, mac_exp);
count,
cfg.bearer_id - 1,
(cfg.direction == SECURITY_DIRECTION_DOWNLINK) ? (SECURITY_DIRECTION_UPLINK)
: (SECURITY_DIRECTION_DOWNLINK),
msg,
msg_len,
mac_exp);
break; break;
default: default:
break; break;
@ -139,7 +134,7 @@ bool pdcp_entity_base::integrity_verify(uint8_t* msg, uint32_t msg_len, uint32_t
log->debug("Integrity check input: COUNT %d, Bearer ID %d, Direction %s\n", log->debug("Integrity check input: COUNT %d, Bearer ID %d, Direction %s\n",
count, count,
cfg.bearer_id, cfg.bearer_id,
(cfg.direction == SECURITY_DIRECTION_DOWNLINK ? "Downlink" : "Uplink")); cfg.rx_direction == SECURITY_DIRECTION_DOWNLINK ? "Downlink" : "Uplink");
log->debug_hex(msg, msg_len, "Integrity check input msg:"); log->debug_hex(msg, msg_len, "Integrity check input msg:");
if (integ_algo != INTEGRITY_ALGORITHM_ID_EIA0) { if (integ_algo != INTEGRITY_ALGORITHM_ID_EIA0) {
@ -174,18 +169,18 @@ void pdcp_entity_base::cipher_encrypt(uint8_t* msg, uint32_t msg_len, uint32_t c
log->debug("Cipher encrypt input: COUNT: %d, Bearer ID: %d, Direction %s\n", log->debug("Cipher encrypt input: COUNT: %d, Bearer ID: %d, Direction %s\n",
count, count,
cfg.bearer_id, cfg.bearer_id,
(cfg.direction == SECURITY_DIRECTION_DOWNLINK) ? "Downlink" : "Uplink"); cfg.tx_direction == SECURITY_DIRECTION_DOWNLINK ? "Downlink" : "Uplink");
log->debug_hex(msg, msg_len, "Cipher encrypt input msg"); log->debug_hex(msg, msg_len, "Cipher encrypt input msg");
switch (cipher_algo) { switch (cipher_algo) {
case CIPHERING_ALGORITHM_ID_EEA0: case CIPHERING_ALGORITHM_ID_EEA0:
break; break;
case CIPHERING_ALGORITHM_ID_128_EEA1: case CIPHERING_ALGORITHM_ID_128_EEA1:
security_128_eea1(&(k_enc[16]), count, cfg.bearer_id - 1, cfg.direction, msg, msg_len, ct_tmp.msg); security_128_eea1(&(k_enc[16]), count, cfg.bearer_id - 1, cfg.tx_direction, msg, msg_len, ct_tmp.msg);
memcpy(ct, ct_tmp.msg, msg_len); memcpy(ct, ct_tmp.msg, msg_len);
break; break;
case CIPHERING_ALGORITHM_ID_128_EEA2: case CIPHERING_ALGORITHM_ID_128_EEA2:
security_128_eea2(&(k_enc[16]), count, cfg.bearer_id - 1, cfg.direction, msg, msg_len, ct_tmp.msg); security_128_eea2(&(k_enc[16]), count, cfg.bearer_id - 1, cfg.tx_direction, msg, msg_len, ct_tmp.msg);
memcpy(ct, ct_tmp.msg, msg_len); memcpy(ct, ct_tmp.msg, msg_len);
break; break;
default: default:
@ -209,7 +204,7 @@ void pdcp_entity_base::cipher_decrypt(uint8_t* ct, uint32_t ct_len, uint32_t cou
log->debug("Cipher decrypt input: COUNT: %d, Bearer ID: %d, Direction %s\n", log->debug("Cipher decrypt input: COUNT: %d, Bearer ID: %d, Direction %s\n",
count, count,
cfg.bearer_id, cfg.bearer_id,
(cfg.direction == SECURITY_DIRECTION_DOWNLINK) ? "Downlink" : "Uplink"); (cfg.rx_direction == SECURITY_DIRECTION_DOWNLINK) ? "Downlink" : "Uplink");
log->debug_hex(ct, ct_len, "Cipher decrypt input msg"); log->debug_hex(ct, ct_len, "Cipher decrypt input msg");
switch(cipher_algo) switch(cipher_algo)
@ -217,25 +212,11 @@ void pdcp_entity_base::cipher_decrypt(uint8_t* ct, uint32_t ct_len, uint32_t cou
case CIPHERING_ALGORITHM_ID_EEA0: case CIPHERING_ALGORITHM_ID_EEA0:
break; break;
case CIPHERING_ALGORITHM_ID_128_EEA1: case CIPHERING_ALGORITHM_ID_128_EEA1:
security_128_eea1(&(k_enc[16]), security_128_eea1(&k_enc[16], count, cfg.bearer_id - 1, cfg.rx_direction, ct, ct_len, msg_tmp.msg);
count,
cfg.bearer_id - 1,
(cfg.direction == SECURITY_DIRECTION_DOWNLINK) ? (SECURITY_DIRECTION_UPLINK)
: (SECURITY_DIRECTION_DOWNLINK),
ct,
ct_len,
msg_tmp.msg);
memcpy(msg, msg_tmp.msg, ct_len); memcpy(msg, msg_tmp.msg, ct_len);
break; break;
case CIPHERING_ALGORITHM_ID_128_EEA2: case CIPHERING_ALGORITHM_ID_128_EEA2:
security_128_eea2(&(k_enc[16]), security_128_eea2(&k_enc[16], count, cfg.bearer_id - 1, cfg.rx_direction, ct, ct_len, msg_tmp.msg);
count,
cfg.bearer_id - 1,
(cfg.direction == SECURITY_DIRECTION_DOWNLINK) ? (SECURITY_DIRECTION_UPLINK)
: (SECURITY_DIRECTION_DOWNLINK),
ct,
ct_len,
msg_tmp.msg);
memcpy(msg, msg_tmp.msg, ct_len); memcpy(msg, msg_tmp.msg, ct_len);
break; break;
default: default:

@ -107,7 +107,7 @@ private:
int test_tx_basic(srslte::byte_buffer_pool* pool, srslte::log* log) int test_tx_basic(srslte::byte_buffer_pool* pool, srslte::log* log)
{ {
srslte::pdcp_entity_nr pdcp; srslte::pdcp_entity_nr pdcp;
srslte::srslte_pdcp_config_t cfg = {1, srslte::PDCP_RB_IS_DRB, SECURITY_DIRECTION_UPLINK, srslte::PDCP_SN_LEN_12}; srslte::srslte_pdcp_config_t cfg = {1, srslte::PDCP_RB_IS_DRB, SECURITY_DIRECTION_UPLINK, SECURITY_DIRECTION_DOWNLINK, srslte::PDCP_SN_LEN_12};
rlc_dummy rlc(log); rlc_dummy rlc(log);
rrc_dummy rrc(log); rrc_dummy rrc(log);
@ -149,11 +149,11 @@ int test_tx_basic(srslte::byte_buffer_pool* pool, srslte::log* log)
bool test_rx_basic(srslte::byte_buffer_pool* pool, srslte::log* log) bool test_rx_basic(srslte::byte_buffer_pool* pool, srslte::log* log)
{ {
srslte::pdcp_entity_nr pdcp; srslte::pdcp_entity_nr pdcp;
srslte::srslte_pdcp_config_t cfg = {1, srslte::PDCP_RB_IS_DRB, SECURITY_DIRECTION_UPLINK, srslte::PDCP_SN_LEN_12}; srslte::srslte_pdcp_config_t cfg = {1, srslte::PDCP_RB_IS_DRB, SECURITY_DIRECTION_DOWNLINK, SECURITY_DIRECTION_UPLINK, srslte::PDCP_SN_LEN_12};
rlc_dummy rlc(log); rlc_dummy rlc(log);
rrc_dummy rrc(log); rrc_dummy rrc(log);
gw_dummy gw(log); gw_dummy gw(log);
pdcp.init(&rlc, &rrc, &gw, log, 0, cfg); pdcp.init(&rlc, &rrc, &gw, log, 0, cfg);
pdcp.config_security(k_enc, k_int, k_enc, k_int, srslte::CIPHERING_ALGORITHM_ID_128_EEA2, srslte::INTEGRITY_ALGORITHM_ID_128_EIA2); pdcp.config_security(k_enc, k_int, k_enc, k_int, srslte::CIPHERING_ALGORITHM_ID_128_EEA2, srslte::INTEGRITY_ALGORITHM_ID_128_EIA2);

@ -194,10 +194,11 @@ void rrc::add_user(uint16_t rnti)
if (rnti == SRSLTE_MRNTI) { if (rnti == SRSLTE_MRNTI) {
srslte::srslte_pdcp_config_t cfg = { srslte::srslte_pdcp_config_t cfg = {
.bearer_id = 1, .bearer_id = 1,
.rb_type = srslte::PDCP_RB_IS_DRB, .rb_type = srslte::PDCP_RB_IS_DRB,
.sn_len = srslte::PDCP_SN_LEN_12, .tx_direction = SECURITY_DIRECTION_DOWNLINK,
.direction = SECURITY_DIRECTION_DOWNLINK, .rx_direction = SECURITY_DIRECTION_UPLINK,
.sn_len = srslte::PDCP_SN_LEN_12,
}; };
uint32_t teid_in = 1; uint32_t teid_in = 1;
@ -1531,10 +1532,11 @@ void rrc::ue::send_connection_setup(bool is_setup)
parent->rlc->add_bearer(rnti, 1, srslte::rlc_config_t::srb_config(1)); parent->rlc->add_bearer(rnti, 1, srslte::rlc_config_t::srb_config(1));
// Configure SRB1 in PDCP // Configure SRB1 in PDCP
srslte::srslte_pdcp_config_t pdcp_cnfg{.bearer_id = 1, srslte::srslte_pdcp_config_t pdcp_cnfg{.bearer_id = 1,
.rb_type = srslte::PDCP_RB_IS_DRB, .rb_type = srslte::PDCP_RB_IS_DRB,
.sn_len = srslte::PDCP_SN_LEN_5, .tx_direction = SECURITY_DIRECTION_DOWNLINK,
.direction = SECURITY_DIRECTION_DOWNLINK}; .rx_direction = SECURITY_DIRECTION_UPLINK,
.sn_len = srslte::PDCP_SN_LEN_5};
parent->pdcp->add_bearer(rnti, 1, pdcp_cnfg); parent->pdcp->add_bearer(rnti, 1, pdcp_cnfg);
// Configure PHY layer // Configure PHY layer
@ -1739,10 +1741,11 @@ void rrc::ue::send_connection_reconf(srslte::unique_byte_buffer_t pdu)
parent->rlc->add_bearer(rnti, 2, srslte::rlc_config_t::srb_config(2)); parent->rlc->add_bearer(rnti, 2, srslte::rlc_config_t::srb_config(2));
// Configure SRB2 in PDCP // Configure SRB2 in PDCP
srslte::srslte_pdcp_config_t pdcp_cnfg_srb = {.bearer_id = 2, srslte::srslte_pdcp_config_t pdcp_cnfg_srb = {.bearer_id = 2,
.rb_type = srslte::PDCP_RB_IS_SRB, .rb_type = srslte::PDCP_RB_IS_SRB,
.direction = SECURITY_DIRECTION_DOWNLINK, .tx_direction = SECURITY_DIRECTION_DOWNLINK,
.sn_len = srslte::PDCP_SN_LEN_5}; .rx_direction = SECURITY_DIRECTION_UPLINK,
.sn_len = srslte::PDCP_SN_LEN_5};
parent->pdcp->add_bearer(rnti, 2, pdcp_cnfg_srb); parent->pdcp->add_bearer(rnti, 2, pdcp_cnfg_srb);
parent->pdcp->config_security(rnti, 2, k_rrc_enc, k_rrc_int, k_up_enc, cipher_algo, integ_algo); parent->pdcp->config_security(rnti, 2, k_rrc_enc, k_rrc_int, k_up_enc, cipher_algo, integ_algo);
parent->pdcp->enable_integrity(rnti, 2); parent->pdcp->enable_integrity(rnti, 2);
@ -1752,10 +1755,11 @@ void rrc::ue::send_connection_reconf(srslte::unique_byte_buffer_t pdu)
parent->rlc->add_bearer(rnti, 3, srslte::make_rlc_config_t(conn_reconf->rr_cfg_ded.drb_to_add_mod_list[0].rlc_cfg)); parent->rlc->add_bearer(rnti, 3, srslte::make_rlc_config_t(conn_reconf->rr_cfg_ded.drb_to_add_mod_list[0].rlc_cfg));
// Configure DRB1 in PDCP // Configure DRB1 in PDCP
srslte::srslte_pdcp_config_t pdcp_cnfg_drb = {.bearer_id = 1, srslte::srslte_pdcp_config_t pdcp_cnfg_drb = {.bearer_id = 1,
.rb_type = srslte::PDCP_RB_IS_DRB, .rb_type = srslte::PDCP_RB_IS_DRB,
.direction = SECURITY_DIRECTION_DOWNLINK, .tx_direction = SECURITY_DIRECTION_DOWNLINK,
.sn_len = srslte::PDCP_SN_LEN_12}; .rx_direction = SECURITY_DIRECTION_UPLINK,
.sn_len = srslte::PDCP_SN_LEN_12};
if (conn_reconf->rr_cfg_ded.drb_to_add_mod_list[0].pdcp_cfg.rlc_um_present) { if (conn_reconf->rr_cfg_ded.drb_to_add_mod_list[0].pdcp_cfg.rlc_um_present) {
if (conn_reconf->rr_cfg_ded.drb_to_add_mod_list[0].pdcp_cfg.rlc_um.pdcp_sn_size.value == if (conn_reconf->rr_cfg_ded.drb_to_add_mod_list[0].pdcp_cfg.rlc_um.pdcp_sn_size.value ==
pdcp_cfg_s::rlc_um_s_::pdcp_sn_size_e_::len7bits) { pdcp_cfg_s::rlc_um_s_::pdcp_sn_size_e_::len7bits) {
@ -1820,10 +1824,11 @@ void rrc::ue::send_connection_reconf_new_bearer(LIBLTE_S1AP_E_RABTOBESETUPLISTBE
// Configure DRB in PDCP // Configure DRB in PDCP
srslte::srslte_pdcp_config_t pdcp_config = { srslte::srslte_pdcp_config_t pdcp_config = {
.bearer_id = (uint8_t)(drb_item.drb_id - 1), // TODO: Review all ID mapping LCID DRB ERAB EPSBID Mapping .bearer_id = (uint8_t)(drb_item.drb_id - 1), // TODO: Review all ID mapping LCID DRB ERAB EPSBID Mapping
.rb_type = srslte::PDCP_RB_IS_DRB, .rb_type = srslte::PDCP_RB_IS_DRB,
.sn_len = srslte::PDCP_SN_LEN_12, .tx_direction = SECURITY_DIRECTION_DOWNLINK,
.direction = SECURITY_DIRECTION_DOWNLINK}; .rx_direction = SECURITY_DIRECTION_UPLINK,
.sn_len = srslte::PDCP_SN_LEN_12};
parent->pdcp->add_bearer(rnti, lcid, pdcp_config); parent->pdcp->add_bearer(rnti, lcid, pdcp_config);
// DRB has already been configured in GTPU through bearer setup // DRB has already been configured in GTPU through bearer setup

@ -3147,7 +3147,8 @@ void rrc::add_srb(srb_to_add_mod_s* srb_cnfg)
// Setup PDCP // Setup PDCP
srslte_pdcp_config_t pdcp_cfg = {.bearer_id = srb_cnfg->srb_id, srslte_pdcp_config_t pdcp_cfg = {.bearer_id = srb_cnfg->srb_id,
.rb_type = PDCP_RB_IS_SRB, .rb_type = PDCP_RB_IS_SRB,
.direction = SECURITY_DIRECTION_DOWNLINK, .tx_direction = SECURITY_DIRECTION_UPLINK,
.rx_direction = SECURITY_DIRECTION_DOWNLINK,
.sn_len = PDCP_SN_LEN_5}; .sn_len = PDCP_SN_LEN_5};
pdcp->add_bearer(srb_cnfg->srb_id, pdcp_cfg); pdcp->add_bearer(srb_cnfg->srb_id, pdcp_cfg);
if (RB_ID_SRB2 == srb_cnfg->srb_id) { if (RB_ID_SRB2 == srb_cnfg->srb_id) {
@ -3223,7 +3224,8 @@ void rrc::add_drb(drb_to_add_mod_s* drb_cnfg)
// Setup PDCP // Setup PDCP
srslte_pdcp_config_t pdcp_cfg = {.bearer_id = drb_cnfg->drb_id, srslte_pdcp_config_t pdcp_cfg = {.bearer_id = drb_cnfg->drb_id,
.rb_type = PDCP_RB_IS_DRB, .rb_type = PDCP_RB_IS_DRB,
.direction = SECURITY_DIRECTION_DOWNLINK, .tx_direction = SECURITY_DIRECTION_UPLINK,
.rx_direction = SECURITY_DIRECTION_DOWNLINK,
.sn_len = PDCP_SN_LEN_12}; .sn_len = PDCP_SN_LEN_12};
if (drb_cnfg->pdcp_cfg.rlc_um_present) { if (drb_cnfg->pdcp_cfg.rlc_um_present) {
if (drb_cnfg->pdcp_cfg.rlc_um.pdcp_sn_size == pdcp_cfg_s::rlc_um_s_::pdcp_sn_size_e_::len7bits) { if (drb_cnfg->pdcp_cfg.rlc_um.pdcp_sn_size == pdcp_cfg_s::rlc_um_s_::pdcp_sn_size_e_::len7bits) {

Loading…
Cancel
Save