Merge remote-tracking branch 'origin/nr-pdcp-nea2-security' into integration_2021_wk08

accae671 · hardy · 3199b815 · 21ff70e8 · accae671 · accae671
Commit accae671 authored Feb 23, 2021 by hardy
27 changed files
--- a/cmake_targets/CMakeLists.txt
+++ b/cmake_targets/CMakeLists.txt
@@ -1968,6 +1968,7 @@ set(NR_PDCP_SRC
  ${OPENAIR2_DIR}/LAYER2/nr_pdcp/nr_pdcp_ue_manager.c
  ${OPENAIR2_DIR}/LAYER2/nr_pdcp/nr_pdcp_entity.c
  ${OPENAIR2_DIR}/LAYER2/nr_pdcp/nr_pdcp_entity_drb_am.c
+  ${OPENAIR2_DIR}/LAYER2/nr_pdcp/nr_pdcp_security_nea2.c
  ${OPENAIR2_DIR}/LAYER2/nr_pdcp/asn1_utils.c
  )


--- a/openair1/SIMULATION/NR_PHY/dlsim.c
+++ b/openair1/SIMULATION/NR_PHY/dlsim.c
@@ -151,6 +151,12 @@ nr_rrc_gNB_process_GTPV1U_CREATE_TUNNEL_RESP(
  return 0;
 }

+int nr_derive_key(int alg_type, uint8_t alg_id,
+               const uint8_t key[32], uint8_t **out)
+{
+  return 0;
+}
+
 void config_common(int Mod_idP,
                   int pdsch_AntennaPorts, 
 		   NR_ServingCellConfigCommon_t *scc

--- a/openair1/SIMULATION/NR_PHY/prachsim.c
+++ b/openair1/SIMULATION/NR_PHY/prachsim.c
@@ -142,6 +142,12 @@ int8_t nr_rrc_ue_decode_NR_SIB1_Message(module_id_t module_id, uint8_t gNB_index
  return 0;
 }

+int nr_derive_key(int alg_type, uint8_t alg_id,
+               const uint8_t key[32], uint8_t **out)
+{
+  return 0;
+}
+
 int main(int argc, char **argv){

  char c;

--- a/openair1/SIMULATION/NR_PHY/ulsim.c
+++ b/openair1/SIMULATION/NR_PHY/ulsim.c
@@ -165,6 +165,12 @@ int8_t nr_rrc_ue_decode_NR_SIB1_Message(module_id_t module_id, uint8_t gNB_index
  return 0;
 }

+int nr_derive_key(int alg_type, uint8_t alg_id,
+               const uint8_t key[32], uint8_t **out)
+{
+  return 0;
+}
+
 // needed for some functions
 uint16_t n_rnti = 0x1234;
 openair0_config_t openair0_cfg[MAX_CARDS];

--- a/openair2/COMMON/s1ap_messages_types.h
+++ b/openair2/COMMON/s1ap_messages_types.h
@@ -155,6 +155,11 @@ typedef struct security_capabilities_s {
  uint16_t integrity_algorithms;
 } security_capabilities_t;

+typedef struct nr_security_capabilities_s {
+  uint16_t encryption_algorithms;
+  uint16_t integrity_algorithms;
+} nr_security_capabilities_t;
+
 /* Provides the establishment cause for the RRC connection request as provided
 * by the upper layers. W.r.t. the cause value names: highPriorityAccess
 * concerns AC11..AC15, ‘mt’ stands for ‘Mobile Terminating’ and ‘mo’ for
@@ -538,6 +543,9 @@ typedef struct s1ap_initial_context_setup_req_s {
  uint8_t  nb_of_e_rabs;
  /* list of e_rab to be setup by RRC layers */
  e_rab_t  e_rab_param[S1AP_MAX_E_RAB];
+
+  /* NR Security algorithms (if any, set to 0 if not present) */
+  nr_security_capabilities_t nr_security_capabilities;
 } s1ap_initial_context_setup_req_t;

 typedef struct tai_plmn_identity_s {

--- a/openair2/COMMON/x2ap_messages_types.h
+++ b/openair2/COMMON/x2ap_messages_types.h
@@ -338,7 +338,7 @@ typedef struct x2ap_ENDC_sgnb_addition_req_s {
  /* used for RRC->X2AP in source eNB */
  int rnti;

-  security_capabilities_t security_capabilities;
+  nr_security_capabilities_t security_capabilities;

  /* SgNB Security Key */
  uint8_t      kgnb[32];

--- a/openair2/GNB_APP/gnb_config.c
+++ b/openair2/GNB_APP/gnb_config.c
@@ -515,6 +515,101 @@ void RCconfig_nr_macrlc() {

 }

+void config_security(gNB_RRC_INST *rrc)
+{
+  paramdef_t logparams_defaults[] = SECURITY_GLOBALPARAMS_DESC;
+  int ret = config_get(logparams_defaults,
+                       sizeof(logparams_defaults) / sizeof(paramdef_t),
+                       CONFIG_STRING_SECURITY);
+  int i;
+
+  if (ret < 0) {
+    LOG_W(RRC, "configuration file does not contain a \"security\" section, applying default parameters (no security)\n");
+    rrc->security.ciphering_algorithms[0]    = 0;  /* nea0 = no ciphering */
+    rrc->security.ciphering_algorithms_count = 1;
+    rrc->security.integrity_algorithms[0]    = 0;  /* nia0 = no integrity */
+    rrc->security.integrity_algorithms_count = 1;
+    return;
+  }
+
+  if (logparams_defaults[SECURITY_CONFIG_CIPHERING_IDX].numelt > 4) {
+    LOG_E(RRC, "too much ciphering algorithms in section \"security\" of the configuration file, maximum is 4\n");
+    exit(1);
+  }
+  if (logparams_defaults[SECURITY_CONFIG_INTEGRITY_IDX].numelt > 4) {
+    LOG_E(RRC, "too much integrity algorithms in section \"security\" of the configuration file, maximum is 4\n");
+    exit(1);
+  }
+
+  /* get ciphering algorithms */
+  rrc->security.ciphering_algorithms_count = 0;
+  for (i = 0; i < logparams_defaults[SECURITY_CONFIG_CIPHERING_IDX].numelt; i++) {
+    if (!strcmp(logparams_defaults[SECURITY_CONFIG_CIPHERING_IDX].strlistptr[i], "nea0")) {
+      rrc->security.ciphering_algorithms[rrc->security.ciphering_algorithms_count] = 0;
+      rrc->security.ciphering_algorithms_count++;
+      continue;
+    }
+    if (!strcmp(logparams_defaults[SECURITY_CONFIG_CIPHERING_IDX].strlistptr[i], "nea1")) {
+      rrc->security.ciphering_algorithms[rrc->security.ciphering_algorithms_count] = 1;
+      rrc->security.ciphering_algorithms_count++;
+      continue;
+    }
+    if (!strcmp(logparams_defaults[SECURITY_CONFIG_CIPHERING_IDX].strlistptr[i], "nea2")) {
+      rrc->security.ciphering_algorithms[rrc->security.ciphering_algorithms_count] = 2;
+      rrc->security.ciphering_algorithms_count++;
+      continue;
+    }
+    if (!strcmp(logparams_defaults[SECURITY_CONFIG_CIPHERING_IDX].strlistptr[i], "nea3")) {
+      rrc->security.ciphering_algorithms[rrc->security.ciphering_algorithms_count] = 3;
+      rrc->security.ciphering_algorithms_count++;
+      continue;
+    }
+    LOG_E(RRC, "unknown ciphering algorithm \"%s\" in section \"security\" of the configuration file\n",
+          logparams_defaults[SECURITY_CONFIG_CIPHERING_IDX].strlistptr[i]);
+    exit(1);
+  }
+
+  /* get integrity algorithms */
+  rrc->security.integrity_algorithms_count = 0;
+  for (i = 0; i < logparams_defaults[SECURITY_CONFIG_INTEGRITY_IDX].numelt; i++) {
+    if (!strcmp(logparams_defaults[SECURITY_CONFIG_INTEGRITY_IDX].strlistptr[i], "nia0")) {
+      rrc->security.integrity_algorithms[rrc->security.integrity_algorithms_count] = 0;
+      rrc->security.integrity_algorithms_count++;
+      continue;
+    }
+    if (!strcmp(logparams_defaults[SECURITY_CONFIG_INTEGRITY_IDX].strlistptr[i], "nia1")) {
+      rrc->security.integrity_algorithms[rrc->security.integrity_algorithms_count] = 1;
+      rrc->security.integrity_algorithms_count++;
+      continue;
+    }
+    if (!strcmp(logparams_defaults[SECURITY_CONFIG_INTEGRITY_IDX].strlistptr[i], "nia2")) {
+      rrc->security.integrity_algorithms[rrc->security.integrity_algorithms_count] = 2;
+      rrc->security.integrity_algorithms_count++;
+      continue;
+    }
+    if (!strcmp(logparams_defaults[SECURITY_CONFIG_INTEGRITY_IDX].strlistptr[i], "nia3")) {
+      rrc->security.integrity_algorithms[rrc->security.integrity_algorithms_count] = 3;
+      rrc->security.integrity_algorithms_count++;
+      continue;
+    }
+    LOG_E(RRC, "unknown integrity algorithm \"%s\" in section \"security\" of the configuration file\n",
+          logparams_defaults[SECURITY_CONFIG_INTEGRITY_IDX].strlistptr[i]);
+    exit(1);
+  }
+
+  if (rrc->security.ciphering_algorithms_count == 0) {
+    LOG_W(RRC, "no preferred ciphering algorithm set in configuration file, applying default parameters (no security)\n");
+    rrc->security.ciphering_algorithms[0]    = 0;  /* nea0 = no ciphering */
+    rrc->security.ciphering_algorithms_count = 1;
+  }
+
+  if (rrc->security.integrity_algorithms_count == 0) {
+    LOG_W(RRC, "no preferred integrity algorithm set in configuration file, applying default parameters (no security)\n");
+    rrc->security.integrity_algorithms[0]    = 0;  /* nia0 = no integrity */
+    rrc->security.integrity_algorithms_count = 1;
+  }
+}
+
 void RCconfig_NRRRC(MessageDef *msg_p, uint32_t i, gNB_RRC_INST *rrc) {

  int                    num_gnbs                                                      = 0;
@@ -681,7 +776,7 @@ void RCconfig_NRRRC(MessageDef *msg_p, uint32_t i, gNB_RRC_INST *rrc) {
    }//End for (k=0; k <num_gnbs ; k++)
  }//End if (num_gnbs>0)

-
+  config_security(rrc);
 }//End RCconfig_NRRRC function

 int RCconfig_nr_gtpu(void ) {

--- a/openair2/GNB_APP/gnb_paramdef.h
+++ b/openair2/GNB_APP/gnb_paramdef.h
@@ -452,4 +452,27 @@ typedef enum {
 #define CONFIG_HLP_WORKER                          "coding and FEP worker thread WORKER_DISABLE or WORKER_ENABLE\n"
 #define CONFIG_HLP_PARALLEL                        "PARALLEL_SINGLE_THREAD, PARALLEL_RU_L1_SPLIT, or PARALLEL_RU_L1_TRX_SPLIT(RU_L1_TRX_SPLIT by defult)\n"
 /*-------------------------------------------------------------------------------------------------------------------------------------------------------------*/
+
+
+/*----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------*/
+/* security configuration                                                                                                                                                           */
+/*----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------*/
+#define CONFIG_STRING_SECURITY      "security"
+
+#define SECURITY_CONFIG_CIPHERING   "ciphering_algorithms"
+#define SECURITY_CONFIG_INTEGRITY   "integrity_algorithms"
+
+/*----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------*/
+/*   security configuration                                                                                                                                                         */
+/*   optname                               help                                          paramflags         XXXptr               defXXXval                 type              numelt */
+/*----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------*/
+#define SECURITY_GLOBALPARAMS_DESC { \
+    {SECURITY_CONFIG_CIPHERING,            "preferred ciphering algorithms\n",            0,                strlistptr:NULL,      defstrlistval:NULL,       TYPE_STRINGLIST,  0}, \
+    {SECURITY_CONFIG_INTEGRITY,            "preferred integrity algorithms\n",            0,                strlistptr:NULL,      defstrlistval:NULL,       TYPE_STRINGLIST,  0}, \
+}
+
+#define SECURITY_CONFIG_CIPHERING_IDX   0
+#define SECURITY_CONFIG_INTEGRITY_IDX   1
+/*----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------*/
+
 #endif
--- a/openair2/LAYER2/nr_pdcp/nr_pdcp_entity.c
+++ b/openair2/LAYER2/nr_pdcp/nr_pdcp_entity.c
@@ -22,11 +22,12 @@
 #include "nr_pdcp_entity.h"

 #include "nr_pdcp_entity_drb_am.h"
+#include "nr_pdcp_security_nea2.h"

 #include "LOG/log.h"

 nr_pdcp_entity_t *new_nr_pdcp_entity_srb(
-    int rb_id,
+    int is_gnb, int rb_id,
    void (*deliver_sdu)(void *deliver_sdu_data, struct nr_pdcp_entity_t *entity,
                        char *buf, int size),
    void *deliver_sdu_data,
@@ -38,7 +39,7 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_srb(
 }

 nr_pdcp_entity_t *new_nr_pdcp_entity_drb_am(
-    int rb_id,
+    int is_gnb, int rb_id,
    void (*deliver_sdu)(void *deliver_sdu_data, struct nr_pdcp_entity_t *entity,
                        char *buf, int size),
    void *deliver_sdu_data,
@@ -47,7 +48,11 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_drb_am(
    void *deliver_pdu_data,
    int sn_size,
    int t_reordering,
-    int discard_timer)
+    int discard_timer,
+    int ciphering_algorithm,
+    int integrity_algorithm,
+    unsigned char *ciphering_key,
+    unsigned char *integrity_key)
 {
  nr_pdcp_entity_drb_am_t *ret;

@@ -76,5 +81,25 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_drb_am(

  ret->common.maximum_nr_pdcp_sn = (1 << sn_size) - 1;

+  if (ciphering_key != NULL && ciphering_algorithm != 0) {
+    if (ciphering_algorithm != 2) {
+      LOG_E(PDCP, "FATAL: only nea2 supported for the moment\n");
+      exit(1);
+    }
+    ret->common.has_ciphering = 1;
+    ret->common.ciphering_algorithm = ciphering_algorithm;
+    memcpy(ret->common.ciphering_key, ciphering_key, 16);
+
+    ret->common.security_context = nr_pdcp_security_nea2_init(ciphering_key);
+    ret->common.cipher = nr_pdcp_security_nea2_cipher;
+    ret->common.free_security = nr_pdcp_security_nea2_free_security;
+  }
+  ret->common.is_gnb = is_gnb;
+
+  if (integrity_key != NULL) {
+    printf("%s:%d:%s: TODO\n", __FILE__, __LINE__, __FUNCTION__);
+    exit(1);
+  }
+
  return (nr_pdcp_entity_t *)ret;
 }
--- a/openair2/LAYER2/nr_pdcp/nr_pdcp_entity.h
+++ b/openair2/LAYER2/nr_pdcp/nr_pdcp_entity.h
@@ -42,10 +42,28 @@ typedef struct nr_pdcp_entity_t {
  int tx_hfn;
  int next_nr_pdcp_tx_sn;
  int maximum_nr_pdcp_sn;
+
+  /* security */
+  int has_ciphering;
+  int has_integrity;
+  int ciphering_algorithm;
+  int integrity_algorithm;
+  unsigned char ciphering_key[16];
+  unsigned char integrity_key[16];
+  void *security_context;
+  void (*cipher)(void *security_context,
+                 unsigned char *buffer, int length,
+                 int bearer, int count, int direction);
+  void (*free_security)(void *security_context);
+  /* security algorithms need to know uplink/downlink information
+   * which is reverse for gnb and ue, so we need to know if this
+   * pdcp entity is for a gnb or an ue
+   */
+  int is_gnb;
 } nr_pdcp_entity_t;

 nr_pdcp_entity_t *new_nr_pdcp_entity_srb(
-    int rb_id,
+    int is_gnb, int rb_id,
    void (*deliver_sdu)(void *deliver_sdu_data, struct nr_pdcp_entity_t *entity,
                        char *buf, int size),
    void *deliver_sdu_data,
@@ -54,7 +72,7 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_srb(
    void *deliver_pdu_data);

 nr_pdcp_entity_t *new_nr_pdcp_entity_drb_am(
-    int rb_id,
+    int is_gnb, int rb_id,
    void (*deliver_sdu)(void *deliver_sdu_data, struct nr_pdcp_entity_t *entity,
                        char *buf, int size),
    void *deliver_sdu_data,
@@ -63,7 +81,11 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_drb_am(
    void *deliver_pdu_data,
    int sn_size,
    int t_reordering,
-    int discard_timer);
+    int discard_timer,
+    int ciphering_algorithm,
+    int integrity_algorithm,
+    unsigned char *ciphering_key,
+    unsigned char *integrity_key);

 void nr_DRB_preconfiguration(uint16_t crnti);


--- a/openair2/LAYER2/nr_pdcp/nr_pdcp_entity_drb_am.c
+++ b/openair2/LAYER2/nr_pdcp/nr_pdcp_entity_drb_am.c
@@ -29,12 +29,21 @@
 void nr_pdcp_entity_drb_am_recv_pdu(nr_pdcp_entity_t *_entity, char *buffer, int size)
 {
  nr_pdcp_entity_drb_am_t *entity = (nr_pdcp_entity_drb_am_t *)_entity;
+  int sn;

  if (size < 3) abort();

  if (!(buffer[0] & 0x80))
    LOG_E(PDCP, "%s:%d:%s: fatal\n", __FILE__, __LINE__, __FUNCTION__);

+  sn = (((unsigned char)buffer[0] & 0x3) << 16) |
+        ((unsigned char)buffer[1]        <<  8) |
+         (unsigned char)buffer[2];
+
+  if (entity->common.has_ciphering)
+    entity->common.cipher(entity->common.security_context, (unsigned char *)buffer+3, size-3,
+                          entity->rb_id, sn, entity->common.is_gnb ? 0 : 1);
+
  entity->common.deliver_sdu(entity->common.deliver_sdu_data,
                             (nr_pdcp_entity_t *)entity, buffer+3, size-3);
 }
@@ -59,6 +68,10 @@ void nr_pdcp_entity_drb_am_recv_sdu(nr_pdcp_entity_t *_entity, char *buffer, int
  buf[2] = sn & 0xff;
  memcpy(buf+3, buffer, size);

+  if (entity->common.has_ciphering)
+    entity->common.cipher(entity->common.security_context, (unsigned char *)buf+3, size,
+                          entity->rb_id, sn, entity->common.is_gnb ? 1 : 0);
+
  entity->common.deliver_pdu(entity->common.deliver_pdu_data,
                             (nr_pdcp_entity_t *)entity, buf, size+3, sdu_id);
 }
@@ -71,5 +84,7 @@ void nr_pdcp_entity_drb_am_set_integrity_key(nr_pdcp_entity_t *_entity, char *ke
 void nr_pdcp_entity_drb_am_delete(nr_pdcp_entity_t *_entity)
 {
  nr_pdcp_entity_drb_am_t *entity = (nr_pdcp_entity_drb_am_t *)_entity;
+  if (entity->common.free_security != NULL)
+    entity->common.free_security(entity->common.security_context);
  free(entity);
 }
--- a/openair2/LAYER2/nr_pdcp/nr_pdcp_oai_api.c
+++ b/openair2/LAYER2/nr_pdcp/nr_pdcp_oai_api.c
@@ -591,7 +591,11 @@ static void add_srb(int rnti, struct NR_SRB_ToAddMod *s)
  TODO;
 }

-static void add_drb_am(int rnti, struct NR_DRB_ToAddMod *s)
+static void add_drb_am(int is_gnb, int rnti, struct NR_DRB_ToAddMod *s,
+                       int ciphering_algorithm,
+                       int integrity_algorithm,
+                       unsigned char *ciphering_key,
+                       unsigned char *integrity_key)
 {
  nr_pdcp_entity_t *pdcp_drb;
  nr_pdcp_ue_t *ue;
@@ -621,8 +625,11 @@ static void add_drb_am(int rnti, struct NR_DRB_ToAddMod *s)
    LOG_D(PDCP, "%s:%d:%s: warning DRB %d already exist for ue %d, do nothing\n",
          __FILE__, __LINE__, __FUNCTION__, drb_id, rnti);
  } else {
-    pdcp_drb = new_nr_pdcp_entity_drb_am(drb_id, deliver_sdu_drb, ue, deliver_pdu_drb, ue,
-                                         sn_size_dl, t_reordering, discard_timer);
+    pdcp_drb = new_nr_pdcp_entity_drb_am(is_gnb, drb_id,
+                                         deliver_sdu_drb, ue, deliver_pdu_drb, ue,
+                                         sn_size_dl, t_reordering, discard_timer,
+                                         ciphering_algorithm, integrity_algorithm,
+                                         ciphering_key, integrity_key);
    nr_pdcp_ue_add_drb_pdcp_entity(ue, drb_id, pdcp_drb);

    LOG_D(PDCP, "%s:%d:%s: added drb %d to ue rnti %x\n", __FILE__, __LINE__, __FUNCTION__, drb_id, rnti);
@@ -630,16 +637,23 @@ static void add_drb_am(int rnti, struct NR_DRB_ToAddMod *s)
  nr_pdcp_manager_unlock(nr_pdcp_ue_manager);
 }

-static void add_drb(int rnti, struct NR_DRB_ToAddMod *s, NR_RLC_Config_t *rlc_Config)
+static void add_drb(int is_gnb, int rnti, struct NR_DRB_ToAddMod *s,
+                    NR_RLC_Config_t *rlc_Config,
+                    int ciphering_algorithm,
+                    int integrity_algorithm,
+                    unsigned char *ciphering_key,
+                    unsigned char *integrity_key)
 {
  switch (rlc_Config->present) {
  case NR_RLC_Config_PR_am:
-    add_drb_am(rnti, s);
+    add_drb_am(is_gnb, rnti, s, ciphering_algorithm, integrity_algorithm,
+               ciphering_key, integrity_key);
    break;
  case NR_RLC_Config_PR_um_Bi_Directional:
    //add_drb_um(rnti, s);
    /* hack */
-    add_drb_am(rnti, s);
+    add_drb_am(is_gnb, rnti, s, ciphering_algorithm, integrity_algorithm,
+               ciphering_key, integrity_key);
    break;
  default:
    LOG_E(PDCP, "%s:%d:%s: fatal: unhandled DRB type\n",
@@ -657,7 +671,8 @@ boolean_t nr_rrc_pdcp_config_asn1_req(
  const uint8_t                   security_modeP,
  uint8_t                  *const kRRCenc,
  uint8_t                  *const kRRCint,
-  uint8_t                  *const kUPenc
+  uint8_t                  *const kUPenc,
+  uint8_t                  *const kUPint
 #if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
  ,LTE_PMCH_InfoList_r9_t  *pmch_InfoList_r9
 #endif
@@ -676,7 +691,7 @@ boolean_t nr_rrc_pdcp_config_asn1_req(
      //srb2add_list == NULL ||
      //drb2add_list != NULL ||
      drb2release_list != NULL ||
-      security_modeP != 255 ||
+      //security_modeP != 255 ||
      //kRRCenc != NULL ||
      //kRRCint != NULL ||
      //kUPenc != NULL ||
@@ -693,7 +708,10 @@ boolean_t nr_rrc_pdcp_config_asn1_req(

  if (drb2add_list != NULL) {
    for (i = 0; i < drb2add_list->list.count; i++) {
-      add_drb(rnti, drb2add_list->list.array[i], rlc_bearer2add_list->list.array[i]->rlc_Config);
+      add_drb(ctxt_pP->enb_flag, rnti, drb2add_list->list.array[i],
+              rlc_bearer2add_list->list.array[i]->rlc_Config,
+              security_modeP & 0x0f, (security_modeP >> 4) & 0x0f,
+              kUPenc, kUPint);
    }
  }

@@ -705,6 +723,7 @@ boolean_t nr_rrc_pdcp_config_asn1_req(
  free(kRRCenc);
  free(kRRCint);
  free(kUPenc);
+  free(kUPint);

  return 0;
 }
@@ -805,6 +824,7 @@ void nr_DRB_preconfiguration(uint16_t crnti)
    NULL,
    NULL,
    NULL,
+    NULL,
    Rlc_Bearer_ToAdd_list);

  nr_rrc_rlc_config_asn1_req (&ctxt,

--- a/openair2/LAYER2/nr_pdcp/nr_pdcp_security_nea2.c
+++ b/openair2/LAYER2/nr_pdcp/nr_pdcp_security_nea2.c
+/*
+ * Licensed to the OpenAirInterface (OAI) Software Alliance under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The OpenAirInterface Software Alliance licenses this file to You under
+ * the OAI Public License, Version 1.1  (the "License"); you may not use this file
+ * except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.openairinterface.org/?page_id=698
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *-------------------------------------------------------------------------------
+ * For more information about the OpenAirInterface (OAI) Software Alliance:
+ *      contact@openairinterface.org
+ */
+
+#include "nr_pdcp_security_nea2.h"
+
+#include <stdlib.h>
+#include <string.h>
+#include <nettle/nettle-meta.h>
+#include <nettle/aes.h>
+#include <nettle/ctr.h>
+
+void *nr_pdcp_security_nea2_init(unsigned char *ciphering_key)
+{
+  void *ctx = calloc(1, nettle_aes128.context_size);
+  if (ctx == NULL) exit(1);
+
+#if NETTLE_VERSION_MAJOR < 3
+  nettle_aes128.set_encrypt_key(ctx, 16, ciphering_key);
+#else
+  nettle_aes128.set_encrypt_key(ctx, ciphering_key);
+#endif
+
+  return ctx;
+}
+
+void nr_pdcp_security_nea2_cipher(void *security_context,
+                                  unsigned char *buffer, int length,
+                                  int bearer, int count, int direction)
+{
+  unsigned char t[16];
+
+  t[0] = (count >> 24) & 255;
+  t[1] = (count >> 16) & 255;
+  t[2] = (count >>  8) & 255;
+  t[3] = (count      ) & 255;
+  t[4] = ((bearer-1) << 3) | (direction << 2);
+  memset(&t[5], 0, 16-5);
+
+  nettle_ctr_crypt(security_context, nettle_aes128.encrypt,
+                   nettle_aes128.block_size, t,
+                   length, buffer, buffer);
+}
+
+void nr_pdcp_security_nea2_free_security(void *security_context)
+{
+  free(security_context);
+}
--- a/openair2/LAYER2/nr_pdcp/nr_pdcp_security_nea2.h
+++ b/openair2/LAYER2/nr_pdcp/nr_pdcp_security_nea2.h
+/*
+ * Licensed to the OpenAirInterface (OAI) Software Alliance under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The OpenAirInterface Software Alliance licenses this file to You under
+ * the OAI Public License, Version 1.1  (the "License"); you may not use this file
+ * except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.openairinterface.org/?page_id=698
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *-------------------------------------------------------------------------------
+ * For more information about the OpenAirInterface (OAI) Software Alliance:
+ *      contact@openairinterface.org
+ */
+
+#ifndef _NR_PDCP_SECURITY_NEA2_H_
+#define _NR_PDCP_SECURITY_NEA2_H_
+
+void *nr_pdcp_security_nea2_init(unsigned char *ciphering_key);
+
+void nr_pdcp_security_nea2_cipher(void *security_context,
+                                  unsigned char *buffer, int length,
+                                  int bearer, int count, int direction);
+
+void nr_pdcp_security_nea2_free_security(void *security_context);
+
+#endif /* _NR_PDCP_SECURITY_NEA2_H_ */
--- a/openair2/RRC/LTE/rrc_defs.h
+++ b/openair2/RRC/LTE/rrc_defs.h
@@ -546,6 +546,13 @@ typedef struct rrc_gummei_s {
  uint16_t mme_group_id;
 } rrc_gummei_t;

+typedef struct {
+  uint16_t ciphering_algorithms;
+  uint16_t integrity_algorithms;
+  uint16_t sk_counter;
+  uint8_t  kgNB[32];
+} lte_rrc_nr_security_t;
+
 typedef struct eNB_RRC_UE_s {
  uint8_t                            primaryCC_id;
  LTE_SCellToAddMod_r10_t            sCell_config[2];
@@ -615,6 +622,9 @@ typedef struct eNB_RRC_UE_s {

  security_capabilities_t            security_capabilities;

+  /* security capabilities and settings for an UE in ENDC mode */
+  lte_rrc_nr_security_t              nr_security;
+
  int                                next_hop_chain_count;

  uint8_t                            next_security_key[SECURITY_KEY_LENGTH];

--- a/openair2/RRC/LTE/rrc_eNB.c
+++ b/openair2/RRC/LTE/rrc_eNB.c
@@ -4426,69 +4426,11 @@ static int encode_CG_ConfigInfo(
  struct NR_RadioBearerConfig *rb_config = NULL;
  asn_enc_rval_t enc_rval;
  int RRC_OK = 1;
-  int index = 0;
  char temp_buff[ASN_MAX_ENCODE_SIZE];
  NR_UE_CapabilityRAT_ContainerList_t *ue_cap_rat_container_list = NULL;
  NR_UE_CapabilityRAT_Container_t *ue_cap_rat_container_MRDC = NULL;
  NR_UE_CapabilityRAT_Container_t *ue_cap_rat_container_nr = NULL;
  int RAT_Container_count = 0;
-  rb_config = calloc(1,sizeof(struct NR_RadioBearerConfig));
-  AssertFatal(rb_config != NULL,"failed to allocate memory for rb_config");
-
-  if(ue_context_pP->ue_context.DRB_configList->list.count != 0) {
-    rb_config->drb_ToAddModList = calloc(1,sizeof(struct NR_DRB_ToAddModList ));
-    AssertFatal(rb_config->drb_ToAddModList != NULL,"failed to allocated memory for drbtoaddmodlist");
-    rb_config->drb_ToAddModList->list.count = NUMBEROF_DRBS_TOBE_ADDED;
-    rb_config->drb_ToAddModList->list.array
-      = calloc(NUMBEROF_DRBS_TOBE_ADDED, sizeof(struct NR_DRB_ToAddMod *));
-    AssertFatal( rb_config->drb_ToAddModList->list.array != NULL,
-                 "falied to allocate memory for list.array");
-
-    for(index = 0; index < NUMBEROF_DRBS_TOBE_ADDED; index++) {
-      rb_config->drb_ToAddModList->list.array[index]
-        = calloc(1,sizeof(struct NR_DRB_ToAddMod));
-      AssertFatal(rb_config->drb_ToAddModList->list.array[index] != NULL,
-                  "failed to allocate memory for drb_toaddmod");
-      rb_config->drb_ToAddModList->list.array[index]->drb_Identity
-        = ue_context_pP->ue_context.DRB_configList->list.array[index]->drb_Identity;
-
-      if(ue_context_pP->ue_context.DRB_configList->list.array[index]->eps_BearerIdentity) {
-        rb_config->drb_ToAddModList->list.array[index]->cnAssociation
-          = calloc(1,sizeof(struct NR_DRB_ToAddMod__cnAssociation));
-        AssertFatal(rb_config->drb_ToAddModList->list.array[index]->cnAssociation != NULL,
-                    "failed to allocate memory cnAssociation");
-        rb_config->drb_ToAddModList->list.array[index]->cnAssociation->present
-          = NR_DRB_ToAddMod__cnAssociation_PR_eps_BearerIdentity;
-        rb_config->drb_ToAddModList->list.array[index]->cnAssociation->choice.eps_BearerIdentity
-          = *(ue_context_pP->ue_context.DRB_configList->list.array[index]->eps_BearerIdentity);
-      }
-
-      rb_config->drb_ToAddModList->list.array[index]->pdcp_Config = calloc(1,sizeof(struct NR_PDCP_Config));
-      rb_config->drb_ToAddModList->list.array[index]->pdcp_Config->drb = calloc(1,sizeof(struct NR_PDCP_Config__drb));
-      rb_config->drb_ToAddModList->list.array[index]->pdcp_Config->drb->discardTimer = calloc(1,sizeof(long));
-      *rb_config->drb_ToAddModList->list.array[index]->pdcp_Config->drb->discardTimer
-        = *(ue_context_pP->ue_context.DRB_configList->list.array[index]->pdcp_Config->discardTimer);
-      rb_config->drb_ToAddModList->list.array[index]->pdcp_Config->drb->pdcp_SN_SizeUL = calloc(1,sizeof(long));
-      *rb_config->drb_ToAddModList->list.array[index]->pdcp_Config->drb->pdcp_SN_SizeUL
-        = NR_PDCP_Config__drb__pdcp_SN_SizeUL_len18bits;
-      rb_config->drb_ToAddModList->list.array[index]->pdcp_Config->drb->pdcp_SN_SizeDL = calloc(1,sizeof(long));
-      *rb_config->drb_ToAddModList->list.array[index]->pdcp_Config->drb->pdcp_SN_SizeDL
-        = NR_PDCP_Config__drb__pdcp_SN_SizeDL_len18bits;
-      rb_config->drb_ToAddModList->list.array[index]->pdcp_Config->drb->headerCompression.present
-        = NR_PDCP_Config__drb__headerCompression_PR_notUsed;
-      rb_config->drb_ToAddModList->list.array[index]->pdcp_Config->drb->headerCompression.choice.notUsed = 0;
-      rb_config->drb_ToAddModList->list.array[index]->pdcp_Config->t_Reordering = calloc(1,sizeof(long));
-      *rb_config->drb_ToAddModList->list.array[index]->pdcp_Config->t_Reordering
-        = NR_PDCP_Config__t_Reordering_ms0;
-    }
-
-    rb_config->securityConfig = calloc(1,sizeof(struct NR_SecurityConfig ));
-    rb_config->securityConfig->securityAlgorithmConfig = calloc(1,sizeof(struct NR_SecurityAlgorithmConfig));
-    rb_config->securityConfig->securityAlgorithmConfig->cipheringAlgorithm = NR_CipheringAlgorithm_nea0;
-    rb_config->securityConfig->securityAlgorithmConfig->integrityProtAlgorithm = NULL;
-    rb_config->securityConfig->keyToUse = calloc(1,sizeof(long));
-    *rb_config->securityConfig->keyToUse = NR_SecurityConfig__keyToUse_master;
-  }

  cg_configinfo = calloc(1,sizeof(struct NR_CG_ConfigInfo));
  AssertFatal(cg_configinfo != NULL,"failed to allocate memory for cg_configinfo");
@@ -4548,15 +4490,6 @@ static int encode_CG_ConfigInfo(
                         (const char *)temp_buff, (enc_rval.encoded+7)>>3);
  }

-  cg_configinfo->criticalExtensions.choice.c1->choice.cg_ConfigInfo->mcg_RB_Config
-    = calloc(1,sizeof(OCTET_STRING_t));
-  AssertFatal(cg_configinfo->criticalExtensions.choice.c1->choice.cg_ConfigInfo->
-              mcg_RB_Config != NULL, "failed to allocate memory for mcg_rb_config");
-  enc_rval = uper_encode_to_buffer(&asn_DEF_NR_RadioBearerConfig,NULL,(void *)rb_config,temp_buff,ASN_MAX_ENCODE_SIZE);
-  AssertFatal(enc_rval.encoded > 0, "ASN1 message encoding failed (%s, %jd)!\n",
-              enc_rval.failed_type->name, enc_rval.encoded);
-  OCTET_STRING_fromBuf(cg_configinfo->criticalExtensions.choice.c1->choice.cg_ConfigInfo->mcg_RB_Config,
-                       (const char *)temp_buff, (enc_rval.encoded+7)>>3);
  // this xer_fprint can be enabled for additional debugging messages
  // xer_fprint(stdout,&asn_DEF_NR_CG_ConfigInfo,(void *)cg_configinfo);
  enc_rval = uper_encode_to_buffer(&asn_DEF_NR_CG_ConfigInfo,NULL,(void *)cg_configinfo,
@@ -4665,11 +4598,20 @@ rrc_eNB_process_MeasurementReport(

        msg = itti_alloc_new_message(TASK_RRC_ENB, 0, X2AP_ENDC_SGNB_ADDITION_REQ);
        memset(&(X2AP_ENDC_SGNB_ADDITION_REQ(msg)), 0, sizeof(x2ap_ENDC_sgnb_addition_req_t));
+
        X2AP_ENDC_SGNB_ADDITION_REQ(msg).rnti = ctxt_pP->rnti;
+
+        X2AP_ENDC_SGNB_ADDITION_REQ(msg).security_capabilities.encryption_algorithms = ue_context_pP->ue_context.nr_security.ciphering_algorithms;
+        X2AP_ENDC_SGNB_ADDITION_REQ(msg).security_capabilities.integrity_algorithms = ue_context_pP->ue_context.nr_security.integrity_algorithms;
+
+        memcpy(X2AP_ENDC_SGNB_ADDITION_REQ(msg).kgnb, ue_context_pP->ue_context.nr_security.kgNB, 32);
+
        memcpy(X2AP_ENDC_SGNB_ADDITION_REQ(msg).rrc_buffer,enc_buf,enc_size);
        X2AP_ENDC_SGNB_ADDITION_REQ(msg).rrc_buffer_size = enc_size;
+
        X2AP_ENDC_SGNB_ADDITION_REQ(msg).target_physCellId
          = measResults2->measResultNeighCells->choice.measResultListEUTRA.list.array[0]->physCellId;
+
        //For the moment we have a single E-RAB which will be the one to be added to the gNB
        //Not sure how to select bearers to be added if there are multiple.
        X2AP_ENDC_SGNB_ADDITION_REQ(msg).nb_e_rabs_tobeadded = 1;

--- a/openair2/RRC/LTE/rrc_eNB_S1AP.c
+++ b/openair2/RRC/LTE/rrc_eNB_S1AP.c
@@ -1045,6 +1045,15 @@ int rrc_eNB_process_S1AP_INITIAL_CONTEXT_SETUP_REQ(MessageDef *msg_p, const char
      }
    }

+    ue_context_p->ue_context.nr_security.ciphering_algorithms = S1AP_INITIAL_CONTEXT_SETUP_REQ(msg_p).nr_security_capabilities.encryption_algorithms;
+    ue_context_p->ue_context.nr_security.integrity_algorithms = S1AP_INITIAL_CONTEXT_SETUP_REQ(msg_p).nr_security_capabilities.integrity_algorithms;
+    /* let's initialize sk_counter to 0 */
+    ue_context_p->ue_context.nr_security.sk_counter = 0;
+    /* let's compute kgNB */
+    derive_skgNB(ue_context_p->ue_context.kenb,
+                 ue_context_p->ue_context.nr_security.sk_counter,
+                 ue_context_p->ue_context.nr_security.kgNB);
+
    // in case, send the S1SP initial context response if it is not sent with the attach complete message
    if (ue_context_p->ue_context.Status == RRC_RECONFIGURED) {
      LOG_I(RRC, "Sending rrc_eNB_send_S1AP_INITIAL_CONTEXT_SETUP_RESP, cause %ld\n", ue_context_p->ue_context.reestablishment_cause);

--- a/openair2/RRC/NR/nr_rrc_defs.h
+++ b/openair2/RRC/NR/nr_rrc_defs.h
@@ -447,6 +447,15 @@ typedef struct {
 //---------------------------------------------------


+typedef struct {
+  /* nea0 = 0, nea1 = 1, ... */
+  int ciphering_algorithms[4];
+  int ciphering_algorithms_count;
+
+  /* nia0 = 0, nia1 = 1, ... */
+  int integrity_algorithms[4];
+  int integrity_algorithms_count;
+} nr_security_configuration_t;

 //---NR---(completely change)---------------------
 typedef struct gNB_RRC_INST_s {
@@ -479,6 +488,8 @@ typedef struct gNB_RRC_INST_s {
  int srb1_timer_status_prohibit;
  int srs_enable[MAX_NUM_CCs];

+  // security configuration (preferred algorithms)
+  nr_security_configuration_t security;
 } gNB_RRC_INST;

 #include "nr_rrc_proto.h" //should be put here otherwise compilation error

--- a/openair2/RRC/NR/nr_rrc_proto.h
+++ b/openair2/RRC/NR/nr_rrc_proto.h
@@ -39,6 +39,7 @@
 #include "LTE_UE-CapabilityRAT-ContainerList.h"
 #include "NR_CG-Config.h"
 #include "NR_CG-ConfigInfo.h"
+#include "NR_SecurityConfig.h"

 int rrc_init_nr_global_param(void);

@@ -90,7 +91,10 @@ void fill_default_reconfig(NR_ServingCellConfigCommon_t *servingcellconfigcommon
 			   int n_physical_antenna_ports,
 			   int initial_csi_index);

-void fill_default_rbconfig(NR_RadioBearerConfig_t *rbconfig);
+void fill_default_rbconfig(NR_RadioBearerConfig_t *rbconfig,
+                           int eps_bearer_id, int rb_id,
+                           e_NR_CipheringAlgorithm ciphering_algorithm,
+                           e_NR_SecurityConfig__keyToUse key_to_use);

 int generate_CG_Config(gNB_RRC_INST *rrc, 
 		       NR_CG_Config_t *cg_Config,

--- a/openair2/RRC/NR/rrc_gNB.c
+++ b/openair2/RRC/NR/rrc_gNB.c
@@ -103,7 +103,8 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req(
    const uint8_t                   security_modeP,
    uint8_t                  *const kRRCenc,
    uint8_t                  *const kRRCint,
-    uint8_t                  *const kUPenc
+    uint8_t                  *const kUPenc,
+    uint8_t                  *const kUPint
  #if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
    ,LTE_PMCH_InfoList_r9_t  *pmch_InfoList_r9
  #endif
@@ -887,6 +888,7 @@ rrc_gNB_process_RRCReconfigurationComplete(
                              kUPenc,
                              NULL,
                              NULL,
+                              NULL,
                              NULL);
  /* Refresh SRBs/DRBs */
  nr_rrc_rlc_config_asn1_req(ctxt_pP,
@@ -1702,6 +1704,7 @@ int nr_rrc_gNB_decode_ccch(protocol_ctxt_t    *const ctxt_pP,
          //                         NULL,
          //                         NULL,
          //                         NULL,
+          //                         NULL,
          //                         NULL);

          // if (!NODE_IS_CU(RC.nrrrc[ctxt_pP->module_id]->node_type)) {

--- a/openair2/RRC/NR/rrc_gNB_nsa.c
+++ b/openair2/RRC/NR/rrc_gNB_nsa.c
@@ -39,6 +39,7 @@
 #include "openair2/RRC/LTE/rrc_eNB_GTPV1U.h"
 #include "executables/softmodem-common.h"
 #include <openair2/RRC/NR/rrc_gNB_UE_context.h>
+#include "UTIL/OSA/osa_defs.h"

 extern boolean_t nr_rrc_pdcp_config_asn1_req(
    const protocol_ctxt_t *const  ctxt_pP,
@@ -48,7 +49,8 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req(
    const uint8_t                   security_modeP,
    uint8_t                  *const kRRCenc,
    uint8_t                  *const kRRCint,
-    uint8_t                  *const kUPenc
+    uint8_t                  *const kUPenc,
+    uint8_t                  *const kUPint
  #if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
    ,LTE_PMCH_InfoList_r9_t  *pmch_InfoList_r9
  #endif
@@ -115,28 +117,14 @@ void rrc_parse_ue_capabilities(gNB_RRC_INST *rrc, NR_UE_CapabilityRAT_ContainerL

  // dump ue_capabilities

-  if ( LOG_DEBUGFLAG(DEBUG_ASN1 && ueCapabilityRAT_Container_nr != NULL) ) {
+  if ( LOG_DEBUGFLAG(DEBUG_ASN1) && ueCapabilityRAT_Container_nr != NULL ) {
    xer_fprint(stdout, &asn_DEF_NR_UE_NR_Capability, ue_context_p->ue_context.UE_Capability_nr);
  }

-  if ( LOG_DEBUGFLAG(DEBUG_ASN1 && ueCapabilityRAT_Container_MRDC != NULL) ) {
+  if ( LOG_DEBUGFLAG(DEBUG_ASN1) && ueCapabilityRAT_Container_MRDC != NULL ) {
    xer_fprint(stdout, &asn_DEF_NR_UE_MRDC_Capability, ue_context_p->ue_context.UE_Capability_MRDC);
  }

-  if(cg_config_info && cg_config_info->mcg_RB_Config) {
-    asn_dec_rval_t dec_rval = uper_decode(NULL,
-                                          &asn_DEF_NR_RadioBearerConfig,
-                                          (void **)&ue_context_p->ue_context.rb_config,
-                                          cg_config_info->mcg_RB_Config->buf,
-                                          cg_config_info->mcg_RB_Config->size, 0, 0);
-
-    if((dec_rval.code != RC_OK) && (dec_rval.consumed == 0)) {
-      AssertFatal(1==0,"[InterNode] Failed to decode mcg_rb_config (%zu bits), size of OCTET_STRING %lu\n",
-                  dec_rval.consumed, cg_config_info->mcg_RB_Config->size);
-    }
-  }
-
-  xer_fprint(stdout, &asn_DEF_NR_RadioBearerConfig, (const void *)ue_context_p->ue_context.rb_config);
  rrc_add_nsa_user(rrc,ue_context_p, m);
 }

@@ -152,6 +140,8 @@ void rrc_add_nsa_user(gNB_RRC_INST *rrc,struct rrc_gNB_ue_context_s *ue_context_
  gtpv1u_enb_create_tunnel_req_t  create_tunnel_req;
  gtpv1u_enb_create_tunnel_resp_t create_tunnel_resp;
  protocol_ctxt_t ctxt={0};
+  unsigned char *kUPenc = NULL;
+  int i;
  // NR RRCReconfiguration
  AssertFatal(rrc->Nb_ue < MAX_NR_RRC_UE_CONTEXTS,"cannot add another UE\n");
  ue_context_p->ue_context.reconfig = calloc(1,sizeof(NR_RRCReconfiguration_t));
@@ -162,9 +152,91 @@ void rrc_add_nsa_user(gNB_RRC_INST *rrc,struct rrc_gNB_ue_context_s *ue_context_
  NR_RRCReconfiguration_IEs_t *reconfig_ies=calloc(1,sizeof(NR_RRCReconfiguration_IEs_t));
  ue_context_p->ue_context.reconfig->criticalExtensions.choice.rrcReconfiguration = reconfig_ies;
  carrier->initial_csi_index[rrc->Nb_ue] = 0;
+  ue_context_p->ue_context.rb_config = calloc(1,sizeof(NR_RRCReconfiguration_t));
  if (get_softmodem_params()->phy_test == 1 || get_softmodem_params()->do_ra == 1 || get_softmodem_params()->sa == 1){
-    ue_context_p->ue_context.rb_config = calloc(1,sizeof(NR_RRCReconfiguration_t));
-    fill_default_rbconfig(ue_context_p->ue_context.rb_config);
+    fill_default_rbconfig(ue_context_p->ue_context.rb_config,
+                          5 /* EPS bearer ID */,
+                          1 /* drb ID */,
+                          NR_CipheringAlgorithm_nea0,
+                          NR_SecurityConfig__keyToUse_master);
+  } else {
+    /* TODO: handle more than one bearer */
+    if (m == NULL) {
+      LOG_E(RRC, "fatal: m==NULL\n");
+      exit(1);
+    }
+    if (m->nb_e_rabs_tobeadded != 1) {
+      LOG_E(RRC, "fatal: m->nb_e_rabs_tobeadded = %d, should be 1\n", m->nb_e_rabs_tobeadded);
+      exit(1);
+    }
+
+    /* store security key and security capabilities */
+    memcpy(ue_context_p->ue_context.kgnb, m->kgnb, 32);
+    ue_context_p->ue_context.security_capabilities.nRencryption_algorithms = m->security_capabilities.encryption_algorithms;
+    ue_context_p->ue_context.security_capabilities.nRintegrity_algorithms = m->security_capabilities.integrity_algorithms;
+
+    /* Select ciphering algorithm based on gNB configuration file and
+     * UE's supported algorithms.
+     * We take the first from the list that is supported by the UE.
+     * The ordering of the list comes from the configuration file.
+     */
+    /* preset nea0 as fallback */
+    ue_context_p->ue_context.ciphering_algorithm = 0;
+    for (i = 0; i < rrc->security.ciphering_algorithms_count; i++) {
+      int nea_mask[4] = {
+        0,
+        0x8000,  /* nea1 */
+        0x4000,  /* nea2 */
+        0x2000   /* nea3 */
+      };
+      if (rrc->security.ciphering_algorithms[i] == 0) {
+        /* nea0 already preselected */
+        break;
+      }
+      if (ue_context_p->ue_context.security_capabilities.nRencryption_algorithms & nea_mask[rrc->security.ciphering_algorithms[i]]) {
+        ue_context_p->ue_context.ciphering_algorithm = rrc->security.ciphering_algorithms[i];
+        break;
+      }
+    }
+
+    LOG_I(RRC, "selecting ciphering algorithm %d\n", (int)ue_context_p->ue_context.ciphering_algorithm);
+
+    /* integrity: no integrity protection for DRB in ENDC mode
+     * as written in 38.331: "If UE is connected to E-UTRA/EPC, this field
+     * indicates the integrity protection algorithm to be used for SRBs
+     * configured with NR PDCP, as specified in TS 33.501"
+     * So nothing for DRB. Plus a test with a COTS UE revealed that it
+     * did not apply integrity on the DRB.
+     */
+    ue_context_p->ue_context.integrity_algorithm = 0;
+
+    LOG_I(RRC, "selecting integrity algorithm %d\n", ue_context_p->ue_context.integrity_algorithm);
+
+    /* derive UP security key */
+    unsigned char *kUPenc_kdf;
+    nr_derive_key_up_enc(ue_context_p->ue_context.ciphering_algorithm,
+                         ue_context_p->ue_context.kgnb,
+                         &kUPenc_kdf);
+    /* kUPenc: last 128 bits of key derivation function which returns 256 bits */
+    kUPenc = malloc(16);
+    if (kUPenc == NULL) exit(1);
+    memcpy(kUPenc, kUPenc_kdf+16, 16);
+    free(kUPenc_kdf);
+
+    e_NR_CipheringAlgorithm cipher_algo;
+    switch (ue_context_p->ue_context.ciphering_algorithm) {
+    case 0: cipher_algo = NR_CipheringAlgorithm_nea0; break;
+    case 1: cipher_algo = NR_CipheringAlgorithm_nea1; break;
+    case 2: cipher_algo = NR_CipheringAlgorithm_nea2; break;
+    case 3: cipher_algo = NR_CipheringAlgorithm_nea3; break;
+    default: LOG_E(RRC, "%s:%d:%s: fatal\n", __FILE__, __LINE__, __FUNCTION__); exit(1);
+    }
+
+    fill_default_rbconfig(ue_context_p->ue_context.rb_config,
+                          m->e_rabs_tobeadded[0].e_rab_id,
+                          m->e_rabs_tobeadded[0].drb_ID,
+                          cipher_algo,
+                          NR_SecurityConfig__keyToUse_secondary);
  }
  fill_default_reconfig(carrier->servingcellconfigcommon,
                        reconfig_ies,
@@ -285,10 +357,11 @@ void rrc_add_nsa_user(gNB_RRC_INST *rrc,struct rrc_gNB_ue_context_s *ue_context_
    (NR_SRB_ToAddModList_t *) NULL,
    ue_context_p->ue_context.rb_config->drb_ToAddModList ,
    ue_context_p->ue_context.rb_config->drb_ToReleaseList,
-    0xff,
-    NULL,
-    NULL,
-    NULL,
+    (ue_context_p->ue_context.integrity_algorithm << 4) | ue_context_p->ue_context.ciphering_algorithm,
+    NULL,          /* kRRCenc - unused */
+    NULL,          /* kRRCint - unused */
+    kUPenc,        /* kUPenc  */
+    NULL,          /* kUPint  - unused */
    NULL,
    NULL,
    ue_context_p->ue_context.secondaryCellGroup->rlc_BearerToAddModList);

--- a/openair2/RRC/NR/rrc_gNB_reconfig.c
+++ b/openair2/RRC/NR/rrc_gNB_reconfig.c
@@ -1329,7 +1329,10 @@ void fill_default_reconfig(NR_ServingCellConfigCommon_t *servingcellconfigcommon
  reconfig->nonCriticalExtension = NULL;
 }

-void fill_default_rbconfig(NR_RadioBearerConfig_t *rbconfig) {
+void fill_default_rbconfig(NR_RadioBearerConfig_t *rbconfig,
+                          int eps_bearer_id, int rb_id,
+                           e_NR_CipheringAlgorithm ciphering_algorithm,
+                           e_NR_SecurityConfig__keyToUse key_to_use) {

  rbconfig->srb_ToAddModList = NULL;
  rbconfig->srb3_ToRelease = NULL;
@@ -1337,8 +1340,8 @@ void fill_default_rbconfig(NR_RadioBearerConfig_t *rbconfig) {
  NR_DRB_ToAddMod_t *drb_ToAddMod = calloc(1,sizeof(*drb_ToAddMod));
  drb_ToAddMod->cnAssociation = calloc(1,sizeof(*drb_ToAddMod->cnAssociation));
  drb_ToAddMod->cnAssociation->present = NR_DRB_ToAddMod__cnAssociation_PR_eps_BearerIdentity;
-  drb_ToAddMod->cnAssociation->choice.eps_BearerIdentity= 5;
-  drb_ToAddMod->drb_Identity = 1;
+  drb_ToAddMod->cnAssociation->choice.eps_BearerIdentity= eps_bearer_id;
+  drb_ToAddMod->drb_Identity = rb_id;
  drb_ToAddMod->reestablishPDCP = NULL;
  drb_ToAddMod->recoverPDCP = NULL;
  drb_ToAddMod->pdcp_Config = calloc(1,sizeof(*drb_ToAddMod->pdcp_Config));
@@ -1367,12 +1370,12 @@ void fill_default_rbconfig(NR_RadioBearerConfig_t *rbconfig) {

  rbconfig->securityConfig = calloc(1,sizeof(*rbconfig->securityConfig));
  rbconfig->securityConfig->securityAlgorithmConfig = calloc(1,sizeof(*rbconfig->securityConfig->securityAlgorithmConfig));
-  rbconfig->securityConfig->securityAlgorithmConfig->cipheringAlgorithm = NR_CipheringAlgorithm_nea0;
+  rbconfig->securityConfig->securityAlgorithmConfig->cipheringAlgorithm = ciphering_algorithm;
  rbconfig->securityConfig->securityAlgorithmConfig->integrityProtAlgorithm=NULL;
  rbconfig->securityConfig->keyToUse = calloc(1,sizeof(*rbconfig->securityConfig->keyToUse));
-  *rbconfig->securityConfig->keyToUse = NR_SecurityConfig__keyToUse_master;
+  *rbconfig->securityConfig->keyToUse = key_to_use;

-  xer_fprint(stdout, &asn_DEF_NR_RadioBearerConfig, (const void*)rbconfig);
+//  xer_fprint(stdout, &asn_DEF_NR_RadioBearerConfig, (const void*)rbconfig);
 }
 /* Function to set or overwrite PTRS DL RRC parameters */
 void rrc_config_dl_ptrs_params(NR_BWP_Downlink_t *bwp, int *ptrsNrb, int *ptrsMcs, int *epre_Ratio, int * reOffset)

--- a/openair2/RRC/NR_UE/rrc_UE.c
+++ b/openair2/RRC/NR_UE/rrc_UE.c
@@ -186,7 +186,8 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req(
    const uint8_t                   security_modeP,
    uint8_t                  *const kRRCenc,
    uint8_t                  *const kRRCint,
-    uint8_t                  *const kUPenc
+    uint8_t                  *const kUPenc,
+    uint8_t                  *const kUPint
  #if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
    ,LTE_PMCH_InfoList_r9_t  *pmch_InfoList_r9
  #endif
@@ -2085,6 +2086,7 @@ nr_sa_rrc_ue_process_radioBearerConfig(
    //                             NULL,
    //                             NULL,
    //                             NULL,
+    //                             NULL,
    //                             NULL);
    // Refresh SRBs
    // nr_rrc_rlc_config_asn1_req(ctxt_pP,
@@ -2176,6 +2178,7 @@ nr_sa_rrc_ue_process_radioBearerConfig(
      //                             NULL,
      //                             kUPenc,
      //                             NULL,
+      //                             NULL,
      //                             NR_UE_rrc_inst[ctxt_pP->module_id].defaultDRB,
      //                             NULL);
      // Refresh DRBs

--- a/openair2/UTIL/OSA/osa_defs.h
+++ b/openair2/UTIL/OSA/osa_defs.h
@@ -53,6 +53,8 @@ typedef enum {

 //int derive_keNB(const uint8_t kasme[32], const uint32_t nas_count, uint8_t **keNB);

+int derive_skgNB(const uint8_t *keNB, const uint16_t sk_counter, uint8_t *skgNB);
+
 int derive_key(algorithm_type_dist_t nas_alg_type, uint8_t nas_enc_alg_id,
               const uint8_t key[32], uint8_t **out);
 int nr_derive_key(algorithm_type_dist_t alg_type, uint8_t alg_id,

--- a/openair2/UTIL/OSA/osa_key_deriver.c
+++ b/openair2/UTIL/OSA/osa_key_deriver.c
@@ -159,3 +159,27 @@ int derive_keNB(const uint8_t key[32], const uint32_t nas_count, uint8_t **keNB)
    return 0;
 }
 */
+
+int derive_skgNB(const uint8_t *keNB, const uint16_t sk_counter, uint8_t *skgNB)
+{
+  uint8_t *out;
+  uint8_t s[5];
+
+  /* FC is 0x1c (see 3gpp 33.401 annex A.15) */
+  s[0] = 0x1c;
+
+  /* put sk_counter */
+  s[1] = (sk_counter >> 8) & 0xff;
+  s[2] = sk_counter & 0xff;
+
+  /* put length of sk_counter (2) */
+  s[3] = 0x00;
+  s[4] = 0x02;
+
+  kdf(s, 5, keNB, 32, &out, 32);
+
+  memcpy(skgNB, out, 32);
+  free(out);
+
+  return 0;
+}
--- a/openair3/S1AP/s1ap_eNB_handlers.c
+++ b/openair3/S1AP/s1ap_eNB_handlers.c
@@ -864,22 +864,36 @@ int s1ap_eNB_handle_initial_context_request(uint32_t   assoc_id,
      BIT_STRING_to_uint16(&ie->value.choice.UESecurityCapabilities.encryptionAlgorithms);
    S1AP_INITIAL_CONTEXT_SETUP_REQ(message_p).security_capabilities.integrity_algorithms =
      BIT_STRING_to_uint16(&ie->value.choice.UESecurityCapabilities.integrityProtectionAlgorithms);
-    /* id-SecurityKey : Copy the security key */
  } else {/* ie != NULL */
    return -1;
  }

+  /* id-SecurityKey : Copy the security key */
  S1AP_FIND_PROTOCOLIE_BY_ID(S1AP_InitialContextSetupRequestIEs_t, ie, container,
                             S1AP_ProtocolIE_ID_id_SecurityKey, true);

  if (ie != NULL) { /* checked by macro but cppcheck doesn't see it */
    memcpy(&S1AP_INITIAL_CONTEXT_SETUP_REQ(message_p).security_key,
           ie->value.choice.SecurityKey.buf, ie->value.choice.SecurityKey.size);
-    itti_send_msg_to_task(TASK_RRC_ENB, ue_desc_p->eNB_instance->instance, message_p);
  } else {/* ie != NULL */
    return -1;
  }

+  /* id-NRUESecurityCapabilities */
+  S1AP_FIND_PROTOCOLIE_BY_ID(S1AP_InitialContextSetupRequestIEs_t, ie, container,
+                             S1AP_ProtocolIE_ID_id_NRUESecurityCapabilities, false);
+  if (ie != NULL) {
+    S1AP_INITIAL_CONTEXT_SETUP_REQ(message_p).nr_security_capabilities.encryption_algorithms =
+      BIT_STRING_to_uint16(&ie->value.choice.NRUESecurityCapabilities.nRencryptionAlgorithms);
+    S1AP_INITIAL_CONTEXT_SETUP_REQ(message_p).nr_security_capabilities.integrity_algorithms =
+      BIT_STRING_to_uint16(&ie->value.choice.NRUESecurityCapabilities.nRintegrityProtectionAlgorithms);
+  } else {
+    S1AP_INITIAL_CONTEXT_SETUP_REQ(message_p).nr_security_capabilities.encryption_algorithms = 0;
+    S1AP_INITIAL_CONTEXT_SETUP_REQ(message_p).nr_security_capabilities.integrity_algorithms = 0;
+  }
+
+  itti_send_msg_to_task(TASK_RRC_ENB, ue_desc_p->eNB_instance->instance, message_p);
+
  return 0;
 }


--- a/targets/PROJECTS/GENERIC-LTE-EPC/CONF/testing_gnb.conf
+++ b/targets/PROJECTS/GENERIC-LTE-EPC/CONF/testing_gnb.conf
@@ -278,6 +278,18 @@ THREAD_STRUCT = (
  }
 );

+security = {
+  # preferred ciphering algorithms
+  # the first one of the list that an UE supports in chosen
+  # valid values: nea0, nea1, nea2, nea3
+  ciphering_algorithms = ( "nea0", "nea2" );
+
+  # preferred integrity algorithms
+  # the first one of the list that an UE supports in chosen
+  # valid values: nia0, nia1, nia2, nia3
+  integrity_algorithms = ( "nia0" );
+};
+
     log_config :
     {
       global_log_level                      ="info";