/** * * \section COPYRIGHT * * Copyright 2013-2017 Software Radio Systems Limited * * \section LICENSE * * This file is part of srsLTE. * * srsLTE is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as * published by the Free Software Foundation, either version 3 of * the License, or (at your option) any later version. * * srsLTE is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * A copy of the GNU Affero General Public License can be found in * the LICENSE file in the top-level directory of this distribution * and at http://www.gnu.org/licenses/. * */ #include "srsepc/hdr/hss/hss.h" #include "srslte/common/security.h" #include // for printing uint64_t #include #include #include /* srand, rand */ #include #include namespace srsepc { hss* hss::m_instance = NULL; pthread_mutex_t hss_instance_mutex = PTHREAD_MUTEX_INITIALIZER; hss::hss() { return; } hss::~hss() { return; } hss* hss::get_instance() { pthread_mutex_lock(&hss_instance_mutex); if (NULL == m_instance) { m_instance = new hss(); } pthread_mutex_unlock(&hss_instance_mutex); return (m_instance); } void hss::cleanup() { pthread_mutex_lock(&hss_instance_mutex); if (NULL != m_instance) { delete m_instance; m_instance = NULL; } pthread_mutex_unlock(&hss_instance_mutex); } int hss::init(hss_args_t* hss_args, srslte::log_filter* hss_log) { srand(time(NULL)); /*Init loggers*/ m_hss_log = hss_log; /*Read user information from DB*/ if (read_db_file(hss_args->db_file) == false) { m_hss_log->console("Error reading user database file %s\n", hss_args->db_file.c_str()); return -1; } mcc = hss_args->mcc; mnc = hss_args->mnc; db_file = hss_args->db_file; m_hss_log->info("HSS Initialized. DB file %s, MCC: %d, MNC: %d\n", hss_args->db_file.c_str(), mcc, mnc); m_hss_log->console("HSS Initialized.\n"); return 0; } void hss::stop() { write_db_file(db_file); std::map::iterator it = m_imsi_to_ue_ctx.begin(); while (it != m_imsi_to_ue_ctx.end()) { m_hss_log->info("Deleting UE context in HSS. IMSI: %015" PRIu64 "\n", it->second->imsi); m_hss_log->console("Deleting UE context in HSS. IMSI: %015" PRIu64 "\n", it->second->imsi); delete it->second; m_imsi_to_ue_ctx.erase(it++); } return; } bool hss::read_db_file(std::string db_filename) { std::ifstream m_db_file; m_db_file.open(db_filename.c_str(), std::ifstream::in); if (!m_db_file.is_open()) { return false; } m_hss_log->info("Opened DB file: %s\n", db_filename.c_str()); std::string line; while (std::getline(m_db_file, line)) { if (line[0] != '#') { uint column_size = 10; std::vector split = split_string(line, ','); if (split.size() != column_size) { m_hss_log->error("Error parsing UE database. Wrong number of columns in .csv\n"); m_hss_log->error("Columns: %zd, Expected %d.\n", split.size(), column_size); if (split.size() == 8) { m_hss_log->console("\nError parsing UE database. Wrong number of columns in user database CSV.\n"); m_hss_log->console("Perhaps you are using an old user_db.csv?\n"); m_hss_log->console("In the new 19.03 version of srsLTE you are required to specify the authentication " "algorithim in the CSV file.\n"); m_hss_log->console("See 'srsepc/user_db.csv.example' for an example.\n\n"); } return false; } hss_ue_ctx_t* ue_ctx = new hss_ue_ctx_t; ue_ctx->name = split[0]; if (split[1] == std::string("xor")) { ue_ctx->algo = HSS_ALGO_XOR; } else if (split[1] == std::string("mil")) { ue_ctx->algo = HSS_ALGO_MILENAGE; } else { m_hss_log->error("Neither XOR nor MILENAGE configured.\n"); return false; } ue_ctx->imsi = atoll(split[2].c_str()); get_uint_vec_from_hex_str(split[3], ue_ctx->key, 16); if (split[4] == std::string("op")) { ue_ctx->op_configured = true; get_uint_vec_from_hex_str(split[5], ue_ctx->op, 16); srslte::compute_opc(ue_ctx->key, ue_ctx->op, ue_ctx->opc); } else if (split[4] == std::string("opc")) { ue_ctx->op_configured = false; get_uint_vec_from_hex_str(split[5], ue_ctx->opc, 16); } else { m_hss_log->error("Neither OP nor OPc configured.\n"); return false; } get_uint_vec_from_hex_str(split[6], ue_ctx->amf, 2); get_uint_vec_from_hex_str(split[7], ue_ctx->sqn, 6); m_hss_log->debug("Added user from DB, IMSI: %015" PRIu64 "\n", ue_ctx->imsi); m_hss_log->debug_hex(ue_ctx->key, 16, "User Key : "); if (ue_ctx->op_configured) { m_hss_log->debug_hex(ue_ctx->op, 16, "User OP : "); } m_hss_log->debug_hex(ue_ctx->opc, 16, "User OPc : "); m_hss_log->debug_hex(ue_ctx->amf, 2, "AMF : "); m_hss_log->debug_hex(ue_ctx->sqn, 6, "SQN : "); ue_ctx->qci = atoi(split[8].c_str()); m_hss_log->debug("Default Bearer QCI: %d\n", ue_ctx->qci); if (split[9] == std::string("dynamic")) { ue_ctx->static_ip_addr = "0.0.0.0"; } else { char buf[128]; if (inet_ntop(AF_INET, split[9].c_str(), buf, sizeof(buf))) { if (m_ip_to_imsi.insert(std::make_pair(split[8], ue_ctx->imsi)).second) { ue_ctx->static_ip_addr = split[9]; m_hss_log->info("static ip addr %s\n", ue_ctx->static_ip_addr.c_str()); } else { m_hss_log->info("duplicate static ip addr %s\n", split[9].c_str()); return false; } } else { m_hss_log->info("invalid static ip addr %s, %s\n", split[9].c_str(), strerror(errno)); return false; } } m_imsi_to_ue_ctx.insert(std::pair(ue_ctx->imsi, ue_ctx)); } } if (m_db_file.is_open()) { m_db_file.close(); } return true; } bool hss::write_db_file(std::string db_filename) { std::string line; uint8_t k[16]; uint8_t amf[2]; uint8_t op[16]; uint8_t sqn[6]; std::ofstream m_db_file; m_db_file.open(db_filename.c_str(), std::ofstream::out); if (!m_db_file.is_open()) { return false; } m_hss_log->info("Opened DB file: %s\n", db_filename.c_str()); //Write comment info m_db_file << "# " << std::endl << "# .csv to store UE's information in HSS " << std::endl << "# Kept in the following format: \"Name,IMSI,Key,OP_Type,OP,AMF,SQN,QCI\" " << std::endl << "# " << std::endl << "# Name: Human readable name to help distinguish UE's. Ignored by the HSS " << std::endl << "# IMSI: UE's IMSI value " << std::endl << "# Auth: Authentication algorithm used by the UE. Valid algorithms are XOR " "(xor) and MILENAGE (mil)" << std::endl << "# Key: UE's key, where other keys are derived from. Stored in hexadecimal" << std::endl << "# OP_Type: Operator's code type, either OP or OPc " << std::endl << "# OP/OPc: Operator Code/Cyphered Operator Code, stored in hexadecimal " << std::endl << "# AMF: Authentication management field, stored in hexadecimal " << std::endl << "# SQN: UE's Sequence number for freshness of the authentication " << std::endl << "# QCI: QoS Class Identifier for the UE's default bearer. " << std::endl << "# " << std::endl << "# Note: Lines starting by '#' are ignored and will be overwritten " << std::endl; std::map::iterator it = m_imsi_to_ue_ctx.begin(); while (it != m_imsi_to_ue_ctx.end()) { m_db_file << it->second->name; m_db_file << ","; m_db_file << (it->second->algo == HSS_ALGO_XOR ? "xor" : "mil"); m_db_file << ","; m_db_file << std::setfill('0') << std::setw(15) << it->second->imsi; m_db_file << ","; m_db_file << hex_string(it->second->key, 16); m_db_file << ","; if (it->second->op_configured) { m_db_file << "op,"; m_db_file << hex_string(it->second->op, 16); } else { m_db_file << "opc,"; m_db_file << hex_string(it->second->opc, 16); } m_db_file << ","; m_db_file << hex_string(it->second->amf, 2); m_db_file << ","; m_db_file << hex_string(it->second->sqn, 6); m_db_file << ","; m_db_file << it->second->qci; if (it->second->static_ip_addr != "0.0.0.0") { m_db_file << ","; m_db_file << it->second->static_ip_addr; } else { m_db_file << ",dynamic"; } m_db_file << std::endl; it++; } if (m_db_file.is_open()) { m_db_file.close(); } return true; } bool hss::gen_auth_info_answer(uint64_t imsi, uint8_t* k_asme, uint8_t* autn, uint8_t* rand, uint8_t* xres) { hss_ue_ctx_t* ue_ctx = NULL; bool ret = get_ue_ctx(imsi, &ue_ctx); if (ret == false) { m_hss_log->console("User not found at HSS. IMSI: %015" PRIu64 "\n", imsi); m_hss_log->error("User not found at HSS. IMSI: %015" PRIu64 "\n", imsi); return false; } switch (ue_ctx->algo) { case HSS_ALGO_XOR: ret = gen_auth_info_answer_xor(imsi, k_asme, autn, rand, xres); break; case HSS_ALGO_MILENAGE: ret = gen_auth_info_answer_milenage(imsi, k_asme, autn, rand, xres); break; } increment_ue_sqn(imsi); return ret; } bool hss::gen_auth_info_answer_milenage(uint64_t imsi, uint8_t* k_asme, uint8_t* autn, uint8_t* rand, uint8_t* xres) { uint8_t k[16]; uint8_t amf[2]; uint8_t opc[16]; uint8_t sqn[6]; uint8_t ck[16]; uint8_t ik[16]; uint8_t ak[6]; uint8_t mac[8]; if (!get_k_amf_opc_sqn(imsi, k, amf, opc, sqn)) { return false; } gen_rand(rand); srslte::security_milenage_f2345(k, opc, rand, xres, ck, ik, ak); m_hss_log->debug_hex(k, 16, "User Key : "); m_hss_log->debug_hex(opc, 16, "User OPc : "); m_hss_log->debug_hex(rand, 16, "User Rand : "); m_hss_log->debug_hex(xres, 8, "User XRES: "); m_hss_log->debug_hex(ck, 16, "User CK: "); m_hss_log->debug_hex(ik, 16, "User IK: "); m_hss_log->debug_hex(ak, 6, "User AK: "); srslte::security_milenage_f1(k, opc, rand, sqn, amf, mac); m_hss_log->debug_hex(sqn, 6, "User SQN : "); m_hss_log->debug_hex(mac, 8, "User MAC : "); // Generate K_asme srslte::security_generate_k_asme(ck, ik, ak, sqn, mcc, mnc, k_asme); m_hss_log->debug("User MCC : %x MNC : %x \n", mcc, mnc); m_hss_log->debug_hex(k_asme, 32, "User k_asme : "); // Generate AUTN (autn = sqn ^ ak |+| amf |+| mac) for (int i = 0; i < 6; i++) { autn[i] = sqn[i] ^ ak[i]; } for (int i = 0; i < 2; i++) { autn[6 + i] = amf[i]; } for (int i = 0; i < 8; i++) { autn[8 + i] = mac[i]; } m_hss_log->debug_hex(autn, 16, "User AUTN: "); set_last_rand(imsi, rand); return true; } bool hss::gen_auth_info_answer_xor(uint64_t imsi, uint8_t* k_asme, uint8_t* autn, uint8_t* rand, uint8_t* xres) { uint8_t k[16]; uint8_t amf[2]; uint8_t opc[16]; uint8_t sqn[6]; uint8_t xdout[16]; uint8_t cdout[8]; uint8_t ck[16]; uint8_t ik[16]; uint8_t ak[6]; uint8_t mac[8]; int i = 0; if (!get_k_amf_opc_sqn(imsi, k, amf, opc, sqn)) { return false; } gen_rand(rand); // Use RAND and K to compute RES, CK, IK and AK for (i = 0; i < 16; i++) { xdout[i] = k[i] ^ rand[i]; } for (i = 0; i < 16; i++) { xres[i] = xdout[i]; ck[i] = xdout[(i + 1) % 16]; ik[i] = xdout[(i + 2) % 16]; } for (i = 0; i < 6; i++) { ak[i] = xdout[i + 3]; } m_hss_log->debug_hex(k, 16, "User Key : "); m_hss_log->debug_hex(opc, 16, "User OPc : "); m_hss_log->debug_hex(rand, 16, "User Rand : "); m_hss_log->debug_hex(xres, 8, "User XRES: "); m_hss_log->debug_hex(ck, 16, "User CK: "); m_hss_log->debug_hex(ik, 16, "User IK: "); m_hss_log->debug_hex(ak, 6, "User AK: "); // Generate cdout for (i = 0; i < 6; i++) { cdout[i] = sqn[i]; } for (i = 0; i < 2; i++) { cdout[6 + i] = amf[i]; } // Generate MAC for (i = 0; i < 8; i++) { mac[i] = xdout[i] ^ cdout[i]; } m_hss_log->debug_hex(sqn, 6, "User SQN : "); m_hss_log->debug_hex(mac, 8, "User MAC : "); // Generate AUTN (autn = sqn ^ ak |+| amf |+| mac) for (int i = 0; i < 6; i++) { autn[i] = sqn[i] ^ ak[i]; } for (int i = 0; i < 2; i++) { autn[6 + i] = amf[i]; } for (int i = 0; i < 8; i++) { autn[8 + i] = mac[i]; } // Generate K_asme srslte::security_generate_k_asme(ck, ik, ak, sqn, mcc, mnc, k_asme); m_hss_log->debug("User MCC : %x MNC : %x \n", mcc, mnc); m_hss_log->debug_hex(k_asme, 32, "User k_asme : "); // Generate AUTN (autn = sqn ^ ak |+| amf |+| mac) for (int i = 0; i < 6; i++) { autn[i] = sqn[i] ^ ak[i]; } for (int i = 0; i < 2; i++) { autn[6 + i] = amf[i]; } for (int i = 0; i < 8; i++) { autn[8 + i] = mac[i]; } m_hss_log->debug_hex(autn, 8, "User AUTN: "); set_last_rand(imsi, rand); return true; } bool hss::gen_update_loc_answer(uint64_t imsi, uint8_t* qci) { std::map::iterator ue_ctx_it = m_imsi_to_ue_ctx.find(imsi); if (ue_ctx_it == m_imsi_to_ue_ctx.end()) { m_hss_log->info("User not found. IMSI: %015" PRIu64 "\n", imsi); m_hss_log->console("User not found at HSS. IMSI: %015" PRIu64 "\n", imsi); return false; } hss_ue_ctx_t* ue_ctx = ue_ctx_it->second; m_hss_log->info("Found User %015" PRIu64 "\n", imsi); *qci = ue_ctx->qci; return true; } bool hss::get_k_amf_opc_sqn(uint64_t imsi, uint8_t* k, uint8_t* amf, uint8_t* opc, uint8_t* sqn) { std::map::iterator ue_ctx_it = m_imsi_to_ue_ctx.find(imsi); if (ue_ctx_it == m_imsi_to_ue_ctx.end()) { m_hss_log->info("User not found. IMSI: %015" PRIu64 "\n", imsi); m_hss_log->console("User not found at HSS. IMSI: %015" PRIu64 "\n", imsi); return false; } hss_ue_ctx_t* ue_ctx = ue_ctx_it->second; m_hss_log->info("Found User %015" PRIu64 "\n", imsi); memcpy(k, ue_ctx->key, 16); memcpy(amf, ue_ctx->amf, 2); memcpy(opc, ue_ctx->opc, 16); memcpy(sqn, ue_ctx->sqn, 6); return true; } bool hss::resync_sqn(uint64_t imsi, uint8_t* auts) { hss_ue_ctx_t* ue_ctx = NULL; bool ret = get_ue_ctx(imsi, &ue_ctx); if (ret == false) { m_hss_log->console("User not found at HSS. IMSI: %015" PRIu64 "\n", imsi); m_hss_log->error("User not found at HSS. IMSI: %015" PRIu64 "\n", imsi); return false; } switch (ue_ctx->algo) { case HSS_ALGO_XOR: ret = resync_sqn_xor(imsi, auts); break; case HSS_ALGO_MILENAGE: ret = resync_sqn_milenage(imsi, auts); break; } increment_seq_after_resync(imsi); return ret; } bool hss::resync_sqn_xor(uint64_t imsi, uint8_t* auts) { m_hss_log->error("XOR SQN synchronization not supported yet\n"); m_hss_log->console("XOR SQNs synchronization not supported yet\n"); return false; } bool hss::resync_sqn_milenage(uint64_t imsi, uint8_t* auts) { uint8_t last_rand[16]; uint8_t ak[6]; uint8_t mac_s[8]; uint8_t sqn_ms_xor_ak[6]; uint8_t k[16]; uint8_t amf[2]; uint8_t opc[16]; uint8_t sqn[6]; if (!get_k_amf_opc_sqn(imsi, k, amf, opc, sqn)) { return false; } get_last_rand(imsi, last_rand); for (int i = 0; i < 6; i++) { sqn_ms_xor_ak[i] = auts[i]; } for (int i = 0; i < 8; i++) { mac_s[i] = auts[i + 6]; } m_hss_log->debug_hex(k, 16, "User Key : "); m_hss_log->debug_hex(opc, 16, "User OPc : "); m_hss_log->debug_hex(last_rand, 16, "User Last Rand : "); m_hss_log->debug_hex(auts, 16, "AUTS : "); m_hss_log->debug_hex(sqn_ms_xor_ak, 6, "SQN xor AK : "); m_hss_log->debug_hex(mac_s, 8, "MAC : "); srslte::security_milenage_f5_star(k, opc, last_rand, ak); m_hss_log->debug_hex(ak, 6, "Resynch AK : "); uint8_t sqn_ms[6]; for (int i = 0; i < 6; i++) { sqn_ms[i] = sqn_ms_xor_ak[i] ^ ak[i]; } m_hss_log->debug_hex(sqn_ms, 6, "SQN MS : "); m_hss_log->debug_hex(sqn, 6, "SQN HE : "); m_hss_log->debug_hex(amf, 2, "AMF : "); uint8_t mac_s_tmp[8]; for (int i = 0; i < 2; i++) { amf[i] = 0; } srslte::security_milenage_f1_star(k, opc, last_rand, sqn_ms, amf, mac_s_tmp); m_hss_log->debug_hex(mac_s_tmp, 8, "MAC calc : "); set_sqn(imsi, sqn_ms); return true; } void hss::increment_ue_sqn(uint64_t imsi) { hss_ue_ctx_t* ue_ctx = NULL; bool ret = get_ue_ctx(imsi, &ue_ctx); if (ret == false) { return; } increment_sqn(ue_ctx->sqn, ue_ctx->sqn); m_hss_log->debug("Incremented SQN -- IMSI: %015" PRIu64 "\n", imsi); m_hss_log->debug_hex(ue_ctx->sqn, 6, "SQN: "); } void hss::increment_sqn(uint8_t* sqn, uint8_t* next_sqn) { // The following SQN incrementation function is implemented according to 3GPP TS 33.102 version 11.5.1 Annex C uint64_t seq; uint64_t ind; uint64_t sqn64; sqn64 = 0; for (int i = 0; i < 6; i++) { sqn64 |= (uint64_t)sqn[i] << (5 - i) * 8; } seq = sqn64 >> LTE_FDD_ENB_IND_HE_N_BITS; ind = sqn64 & LTE_FDD_ENB_IND_HE_MASK; uint64_t nextseq; uint64_t nextind; uint64_t nextsqn; nextseq = (seq + 1) % LTE_FDD_ENB_SEQ_HE_MAX_VALUE; nextind = (ind + 1) % LTE_FDD_ENB_IND_HE_MAX_VALUE; nextsqn = (nextseq << LTE_FDD_ENB_IND_HE_N_BITS) | nextind; for (int i = 0; i < 6; i++) { next_sqn[i] = (nextsqn >> (5 - i) * 8) & 0xFF; } return; } void hss::increment_seq_after_resync(uint64_t imsi) { // This function only increment the SEQ part of the SQN for resynchronization purpose hss_ue_ctx_t* ue_ctx = NULL; bool ret = get_ue_ctx(imsi, &ue_ctx); if (ret == false) { return; } uint8_t* sqn = ue_ctx->sqn; uint64_t seq; uint64_t ind; uint64_t sqn64; sqn64 = 0; for (int i = 0; i < 6; i++) { sqn64 |= (uint64_t)sqn[i] << (5 - i) * 8; } seq = sqn64 >> LTE_FDD_ENB_IND_HE_N_BITS; ind = sqn64 & LTE_FDD_ENB_IND_HE_MASK; uint64_t nextseq; uint64_t nextsqn; nextseq = (seq + 1) % LTE_FDD_ENB_SEQ_HE_MAX_VALUE; nextsqn = (nextseq << LTE_FDD_ENB_IND_HE_N_BITS) | ind; for (int i = 0; i < 6; i++) { sqn[i] = (nextsqn >> (5 - i) * 8) & 0xFF; } return; } void hss::set_sqn(uint64_t imsi, uint8_t* sqn) { hss_ue_ctx_t* ue_ctx = NULL; bool ret = get_ue_ctx(imsi, &ue_ctx); if (ret == false) { return; } memcpy(ue_ctx->sqn, sqn, 6); } void hss::set_last_rand(uint64_t imsi, uint8_t* rand) { hss_ue_ctx_t* ue_ctx = NULL; bool ret = get_ue_ctx(imsi, &ue_ctx); if (ret == false) { return; } memcpy(ue_ctx->last_rand, rand, 16); } void hss::get_last_rand(uint64_t imsi, uint8_t* rand) { hss_ue_ctx_t* ue_ctx = NULL; bool ret = get_ue_ctx(imsi, &ue_ctx); if (ret == false) { return; } memcpy(rand, ue_ctx->last_rand, 16); } void hss::gen_rand(uint8_t rand_[16]) { for (int i = 0; i < 16; i++) { rand_[i] = rand() % 256; // Pulls on byte at a time. It's slow, but does not depend on RAND_MAX. } return; } bool hss::get_ue_ctx(uint64_t imsi, hss_ue_ctx_t** ue_ctx) { std::map::iterator ue_ctx_it = m_imsi_to_ue_ctx.find(imsi); if (ue_ctx_it == m_imsi_to_ue_ctx.end()) { m_hss_log->info("User not found. IMSI: %015" PRIu64 "\n", imsi); return false; } *ue_ctx = ue_ctx_it->second; return true; } /* Helper functions*/ std::vector hss::split_string(const std::string& str, char delimiter) { std::vector tokens; std::string token; std::istringstream tokenStream(str); while (std::getline(tokenStream, token, delimiter)) { tokens.push_back(token); } return tokens; } void hss::get_uint_vec_from_hex_str(const std::string& key_str, uint8_t* key, uint len) { const char* pos = key_str.c_str(); for (uint count = 0; count < len; count++) { sscanf(pos, "%2hhx", &key[count]); pos += 2; } return; } std::string hss::hex_string(uint8_t* hex, int size) { std::stringstream ss; ss << std::hex << std::setfill('0'); for (int i = 0; i < size; i++) { ss << std::setw(2) << static_cast(hex[i]); } return ss.str(); } std::map hss::get_ip_to_imsi(void) const { return m_ip_to_imsi; } } // namespace srsepc