Skip to content

O
OpenXG-RAN
Commit 10e021e9 authored by Cedric Roux's avatar Cedric Roux
Browse files
Options

NSA: first draft of nea2 security for gNB 

The code is forced to use nea2, no matter what the UE supports.

After 2^18 PDCP packets, it will fail to work (we don't use HFN yet).

These limitations will be fixed in later commits.

The existing security function was not reused, because it does too
much memory allocation and initializes the security context at each
ciphering. So here comes nr_pdcp_security_nea2_cipher(). And also
the ciphering is done inplace. To be changed if necessary.
parent 0b4335ac
Hide whitespace changes
Inline Side-by-side
Showing with 238 additions and 26 deletions
cmake_targets/CMakeLists.txt
View file @ 10e021e9
......@@ -1968,6 +1968,7 @@ set(NR_PDCP_SRC
${OPENAIR2_DIR}/LAYER2/nr_pdcp/nr_pdcp_ue_manager.c
${OPENAIR2_DIR}/LAYER2/nr_pdcp/nr_pdcp_entity.c
${OPENAIR2_DIR}/LAYER2/nr_pdcp/nr_pdcp_entity_drb_am.c
${OPENAIR2_DIR}/LAYER2/nr_pdcp/nr_pdcp_security_nea2.c
${OPENAIR2_DIR}/LAYER2/nr_pdcp/asn1_utils.c
)
......
openair2/LAYER2/nr_pdcp/nr_pdcp_entity.c
View file @ 10e021e9
......@@ -22,11 +22,12 @@
#include "nr_pdcp_entity.h"
#include "nr_pdcp_entity_drb_am.h"
#include "nr_pdcp_security_nea2.h"
#include "LOG/log.h"
nr_pdcp_entity_t *new_nr_pdcp_entity_srb(
int rb_id,
int is_gnb, int rb_id,
void (*deliver_sdu)(void *deliver_sdu_data, struct nr_pdcp_entity_t *entity,
char *buf, int size),
void *deliver_sdu_data,
......@@ -38,7 +39,7 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_srb(
}
nr_pdcp_entity_t *new_nr_pdcp_entity_drb_am(
int rb_id,
int is_gnb, int rb_id,
void (*deliver_sdu)(void *deliver_sdu_data, struct nr_pdcp_entity_t *entity,
char *buf, int size),
void *deliver_sdu_data,
......@@ -47,7 +48,11 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_drb_am(
void *deliver_pdu_data,
int sn_size,
int t_reordering,
int discard_timer)
int discard_timer,
int ciphering_algorithm,
int integrity_algorithm,
unsigned char *ciphering_key,
unsigned char *integrity_key)
{
nr_pdcp_entity_drb_am_t *ret;
......@@ -76,5 +81,25 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_drb_am(
ret->common.maximum_nr_pdcp_sn = (1 << sn_size) - 1;
if (ciphering_key != NULL && ciphering_algorithm != 0) {
if (ciphering_algorithm != 2) {
LOG_E(PDCP, "FATAL: only nea2 supported for the moment\n");
exit(1);
}
ret->common.has_ciphering = 1;
ret->common.ciphering_algorithm = ciphering_algorithm;
memcpy(ret->common.ciphering_key, ciphering_key, 16);
ret->common.security_context = nr_pdcp_security_nea2_init(ciphering_key);
ret->common.cipher = nr_pdcp_security_nea2_cipher;
ret->common.free_security = nr_pdcp_security_nea2_free_security;
}
ret->common.is_gnb = is_gnb;
if (integrity_key != NULL) {
printf("%s:%d:%s: TODO\n", __FILE__, __LINE__, __FUNCTION__);
exit(1);
}
return (nr_pdcp_entity_t *)ret;
}
openair2/LAYER2/nr_pdcp/nr_pdcp_entity.h
View file @ 10e021e9
......@@ -42,10 +42,28 @@ typedef struct nr_pdcp_entity_t {
int tx_hfn;
int next_nr_pdcp_tx_sn;
int maximum_nr_pdcp_sn;
/* security */
int has_ciphering;
int has_integrity;
int ciphering_algorithm;
int integrity_algorithm;
unsigned char ciphering_key[16];
unsigned char integrity_key[16];
void *security_context;
void (*cipher)(void *security_context,
unsigned char *buffer, int length,
int bearer, int count, int direction);
void (*free_security)(void *security_context);
/* security algorithms need to know uplink/downlink information
* which is reverse for gnb and ue, so we need to know if this
* pdcp entity is for a gnb or an ue
*/
int is_gnb;
} nr_pdcp_entity_t;
nr_pdcp_entity_t *new_nr_pdcp_entity_srb(
int rb_id,
int is_gnb, int rb_id,
void (*deliver_sdu)(void *deliver_sdu_data, struct nr_pdcp_entity_t *entity,
char *buf, int size),
void *deliver_sdu_data,
......@@ -54,7 +72,7 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_srb(
void *deliver_pdu_data);
nr_pdcp_entity_t *new_nr_pdcp_entity_drb_am(
int rb_id,
int is_gnb, int rb_id,
void (*deliver_sdu)(void *deliver_sdu_data, struct nr_pdcp_entity_t *entity,
char *buf, int size),
void *deliver_sdu_data,
......@@ -63,7 +81,11 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_drb_am(
void *deliver_pdu_data,
int sn_size,
int t_reordering,
int discard_timer);
int discard_timer,
int ciphering_algorithm,
int integrity_algorithm,
unsigned char *ciphering_key,
unsigned char *integrity_key);
void nr_DRB_preconfiguration(uint16_t crnti);
......
openair2/LAYER2/nr_pdcp/nr_pdcp_entity_drb_am.c
View file @ 10e021e9
......@@ -29,12 +29,21 @@
void nr_pdcp_entity_drb_am_recv_pdu(nr_pdcp_entity_t *_entity, char *buffer, int size)
{
nr_pdcp_entity_drb_am_t *entity = (nr_pdcp_entity_drb_am_t *)_entity;
int sn;
if (size < 3) abort();
if (!(buffer[0] & 0x80))
LOG_E(PDCP, "%s:%d:%s: fatal\n", __FILE__, __LINE__, __FUNCTION__);
sn = (((unsigned char)buffer[0] & 0x3) << 16) |
((unsigned char)buffer[1] << 8) |
(unsigned char)buffer[2];
if (entity->common.has_ciphering)
entity->common.cipher(entity->common.security_context, (unsigned char *)buffer+3, size-3,
entity->rb_id, sn, entity->common.is_gnb ? 0 : 1);
entity->common.deliver_sdu(entity->common.deliver_sdu_data,
(nr_pdcp_entity_t *)entity, buffer+3, size-3);
}
......@@ -59,6 +68,10 @@ void nr_pdcp_entity_drb_am_recv_sdu(nr_pdcp_entity_t *_entity, char *buffer, int
buf[2] = sn & 0xff;
memcpy(buf+3, buffer, size);
if (entity->common.has_ciphering)
entity->common.cipher(entity->common.security_context, (unsigned char *)buf+3, size,
entity->rb_id, sn, entity->common.is_gnb ? 1 : 0);
entity->common.deliver_pdu(entity->common.deliver_pdu_data,
(nr_pdcp_entity_t *)entity, buf, size+3, sdu_id);
}
......@@ -71,5 +84,7 @@ void nr_pdcp_entity_drb_am_set_integrity_key(nr_pdcp_entity_t *_entity, char *ke
void nr_pdcp_entity_drb_am_delete(nr_pdcp_entity_t *_entity)
{
nr_pdcp_entity_drb_am_t *entity = (nr_pdcp_entity_drb_am_t *)_entity;
if (entity->common.free_security != NULL)
entity->common.free_security(entity->common.security_context);
free(entity);
}
openair2/LAYER2/nr_pdcp/nr_pdcp_oai_api.c
View file @ 10e021e9
......@@ -591,7 +591,11 @@ static void add_srb(int rnti, struct NR_SRB_ToAddMod *s)
TODO;
}
static void add_drb_am(int rnti, struct NR_DRB_ToAddMod *s)
static void add_drb_am(int is_gnb, int rnti, struct NR_DRB_ToAddMod *s,
int ciphering_algorithm,
int integrity_algorithm,
unsigned char *ciphering_key,
unsigned char *integrity_key)
{
nr_pdcp_entity_t *pdcp_drb;
nr_pdcp_ue_t *ue;
......@@ -621,8 +625,11 @@ static void add_drb_am(int rnti, struct NR_DRB_ToAddMod *s)
LOG_D(PDCP, "%s:%d:%s: warning DRB %d already exist for ue %d, do nothing\n",
__FILE__, __LINE__, __FUNCTION__, drb_id, rnti);
} else {
pdcp_drb = new_nr_pdcp_entity_drb_am(drb_id, deliver_sdu_drb, ue, deliver_pdu_drb, ue,
sn_size_dl, t_reordering, discard_timer);
pdcp_drb = new_nr_pdcp_entity_drb_am(is_gnb, drb_id,
deliver_sdu_drb, ue, deliver_pdu_drb, ue,
sn_size_dl, t_reordering, discard_timer,
ciphering_algorithm, integrity_algorithm,
ciphering_key, integrity_key);
nr_pdcp_ue_add_drb_pdcp_entity(ue, drb_id, pdcp_drb);
LOG_D(PDCP, "%s:%d:%s: added drb %d to ue rnti %x\n", __FILE__, __LINE__, __FUNCTION__, drb_id, rnti);
......@@ -630,16 +637,21 @@ static void add_drb_am(int rnti, struct NR_DRB_ToAddMod *s)
nr_pdcp_manager_unlock(nr_pdcp_ue_manager);
}
static void add_drb(int rnti, struct NR_DRB_ToAddMod *s, NR_RLC_Config_t *rlc_Config)
static void add_drb(int is_gnb, int rnti, struct NR_DRB_ToAddMod *s,
NR_RLC_Config_t *rlc_Config,
int ciphering_algorithm,
int integrity_algorithm,
unsigned char *ciphering_key,
unsigned char *integrity_key)
{
switch (rlc_Config->present) {
case NR_RLC_Config_PR_am:
add_drb_am(rnti, s);
add_drb_am(is_gnb, rnti, s, ciphering_algorithm, integrity_algorithm,
ciphering_key, integrity_key);
break;
case NR_RLC_Config_PR_um_Bi_Directional:
//add_drb_um(rnti, s);
/* hack */
add_drb_am(rnti, s);
LOG_E(PDCP, "%s:%d:%s: TODO\n", __FILE__, __LINE__, __FUNCTION__);
exit(1);
break;
default:
LOG_E(PDCP, "%s:%d:%s: fatal: unhandled DRB type\n",
......@@ -657,7 +669,8 @@ boolean_t nr_rrc_pdcp_config_asn1_req(
const uint8_t security_modeP,
uint8_t *const kRRCenc,
uint8_t *const kRRCint,
uint8_t *const kUPenc
uint8_t *const kUPenc,
uint8_t *const kUPint
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9
#endif
......@@ -676,7 +689,7 @@ boolean_t nr_rrc_pdcp_config_asn1_req(
//srb2add_list == NULL ||
//drb2add_list != NULL ||
drb2release_list != NULL ||
security_modeP != 255 ||
//security_modeP != 255 ||
//kRRCenc != NULL ||
//kRRCint != NULL ||
//kUPenc != NULL ||
......@@ -693,7 +706,10 @@ boolean_t nr_rrc_pdcp_config_asn1_req(
if (drb2add_list != NULL) {
for (i = 0; i < drb2add_list->list.count; i++) {
add_drb(rnti, drb2add_list->list.array[i], rlc_bearer2add_list->list.array[i]->rlc_Config);
add_drb(ctxt_pP->enb_flag, rnti, drb2add_list->list.array[i],
rlc_bearer2add_list->list.array[i]->rlc_Config,
security_modeP & 0x0f, (security_modeP >> 4) & 0x0f,
kUPenc, kUPint);
}
}
......@@ -705,6 +721,7 @@ boolean_t nr_rrc_pdcp_config_asn1_req(
free(kRRCenc);
free(kRRCint);
free(kUPenc);
free(kUPint);
return 0;
}
......@@ -805,6 +822,7 @@ void nr_DRB_preconfiguration(uint16_t crnti)
NULL,
NULL,
NULL,
NULL,
Rlc_Bearer_ToAdd_list);
nr_rrc_rlc_config_asn1_req (&ctxt,
......
openair2/LAYER2/nr_pdcp/nr_pdcp_security_nea2.c 0 → 100644
View file @ 10e021e9
/*
* Licensed to the OpenAirInterface (OAI) Software Alliance under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The OpenAirInterface Software Alliance licenses this file to You under
* the OAI Public License, Version 1.1 (the "License"); you may not use this file
* except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.openairinterface.org/?page_id=698
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*-------------------------------------------------------------------------------
* For more information about the OpenAirInterface (OAI) Software Alliance:
* contact@openairinterface.org
*/
#include "nr_pdcp_security_nea2.h"
#include <stdlib.h>
#include <string.h>
#include <nettle/nettle-meta.h>
#include <nettle/aes.h>
#include <nettle/ctr.h>
void *nr_pdcp_security_nea2_init(unsigned char *ciphering_key)
{
void *ctx = calloc(1, nettle_aes128.context_size);
if (ctx == NULL) exit(1);
#if NETTLE_VERSION_MAJOR < 3
nettle_aes128.set_encrypt_key(ctx, 16, ciphering_key);
#else
nettle_aes128.set_encrypt_key(ctx, ciphering_key);
#endif
return ctx;
}
void nr_pdcp_security_nea2_cipher(void *security_context,
unsigned char *buffer, int length,
int bearer, int count, int direction)
{
unsigned char t[16];
t[0] = (count >> 24) & 255;
t[1] = (count >> 16) & 255;
t[2] = (count >> 8) & 255;
t[3] = (count ) & 255;
t[4] = ((bearer-1) << 3) | (direction << 2);
memset(&t[5], 0, 16-5);
nettle_ctr_crypt(security_context, nettle_aes128.encrypt,
nettle_aes128.block_size, t,
length, buffer, buffer);
}
void nr_pdcp_security_nea2_free_security(void *security_context)
{
free(security_context);
}
openair2/LAYER2/nr_pdcp/nr_pdcp_security_nea2.h 0 → 100644
View file @ 10e021e9
/*
* Licensed to the OpenAirInterface (OAI) Software Alliance under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The OpenAirInterface Software Alliance licenses this file to You under
* the OAI Public License, Version 1.1 (the "License"); you may not use this file
* except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.openairinterface.org/?page_id=698
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*-------------------------------------------------------------------------------
* For more information about the OpenAirInterface (OAI) Software Alliance:
* contact@openairinterface.org
*/
#ifndef _NR_PDCP_SECURITY_NEA2_H_
#define _NR_PDCP_SECURITY_NEA2_H_
void *nr_pdcp_security_nea2_init(unsigned char *ciphering_key);
void nr_pdcp_security_nea2_cipher(void *security_context,
unsigned char *buffer, int length,
int bearer, int count, int direction);
void nr_pdcp_security_nea2_free_security(void *security_context);
#endif /* _NR_PDCP_SECURITY_NEA2_H_ */
openair2/RRC/LTE/rrc_eNB.c
View file @ 10e021e9
......@@ -4484,10 +4484,10 @@ static int encode_CG_ConfigInfo(
rb_config->securityConfig = calloc(1,sizeof(struct NR_SecurityConfig ));
rb_config->securityConfig->securityAlgorithmConfig = calloc(1,sizeof(struct NR_SecurityAlgorithmConfig));
rb_config->securityConfig->securityAlgorithmConfig->cipheringAlgorithm = NR_CipheringAlgorithm_nea0;
rb_config->securityConfig->securityAlgorithmConfig->cipheringAlgorithm = NR_CipheringAlgorithm_nea2;
rb_config->securityConfig->securityAlgorithmConfig->integrityProtAlgorithm = NULL;
rb_config->securityConfig->keyToUse = calloc(1,sizeof(long));
*rb_config->securityConfig->keyToUse = NR_SecurityConfig__keyToUse_master;
*rb_config->securityConfig->keyToUse = NR_SecurityConfig__keyToUse_secondary;
}
cg_configinfo = calloc(1,sizeof(struct NR_CG_ConfigInfo));
......
openair2/RRC/NR/rrc_gNB.c
View file @ 10e021e9
......@@ -103,7 +103,8 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req(
const uint8_t security_modeP,
uint8_t *const kRRCenc,
uint8_t *const kRRCint,
uint8_t *const kUPenc
uint8_t *const kUPenc,
uint8_t *const kUPint
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9
#endif
......@@ -887,6 +888,7 @@ rrc_gNB_process_RRCReconfigurationComplete(
kUPenc,
NULL,
NULL,
NULL,
NULL);
/* Refresh SRBs/DRBs */
nr_rrc_rlc_config_asn1_req(ctxt_pP,
......@@ -1702,6 +1704,7 @@ int nr_rrc_gNB_decode_ccch(protocol_ctxt_t *const ctxt_pP,
// NULL,
// NULL,
// NULL,
// NULL,
// NULL);
// if (!NODE_IS_CU(RC.nrrrc[ctxt_pP->module_id]->node_type)) {
......
openair2/RRC/NR/rrc_gNB_nsa.c
View file @ 10e021e9
......@@ -39,6 +39,7 @@
#include "openair2/RRC/LTE/rrc_eNB_GTPV1U.h"
#include "executables/softmodem-common.h"
#include <openair2/RRC/NR/rrc_gNB_UE_context.h>
#include "UTIL/OSA/osa_defs.h"
extern boolean_t nr_rrc_pdcp_config_asn1_req(
const protocol_ctxt_t *const ctxt_pP,
......@@ -48,7 +49,8 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req(
const uint8_t security_modeP,
uint8_t *const kRRCenc,
uint8_t *const kRRCint,
uint8_t *const kUPenc
uint8_t *const kUPenc,
uint8_t *const kUPint
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9
#endif
......@@ -280,15 +282,40 @@ void rrc_add_nsa_user(gNB_RRC_INST *rrc,struct rrc_gNB_ue_context_s *ue_context_
ctxt.eNB_index);
}
/* store security key and security capabilities*/
memcpy(ue_context_p->ue_context.kgnb, m->kgnb, 32);
ue_context_p->ue_context.security_capabilities.nRencryption_algorithms = m->security_capabilities.encryption_algorithms;
ue_context_p->ue_context.security_capabilities.nRintegrity_algorithms = m->security_capabilities.integrity_algorithms;
/* select ciphering algorithm based on gNB configuration file and
* UE's supported algorithms
*/
/* hardcode ciphering to nea2 of the moment */
ue_context_p->ue_context.ciphering_algorithm = 2; //NR_CipheringAlgorithm_nea2;
/* integrity: no integrity protection */
ue_context_p->ue_context.integrity_algorithm = 0;
/* derive UP security key */
unsigned char *kUPenc_kdf, *kUPenc;
nr_derive_key_up_enc(ue_context_p->ue_context.ciphering_algorithm,
ue_context_p->ue_context.kgnb,
&kUPenc_kdf);
/* kUPenc: last 128 bits of key derivation function which returns 256 bits */
kUPenc = malloc(16);
if (kUPenc == NULL) exit(1);
memcpy(kUPenc, kUPenc_kdf+16, 16);
free(kUPenc_kdf);
nr_rrc_pdcp_config_asn1_req(
&ctxt,
(NR_SRB_ToAddModList_t *) NULL,
ue_context_p->ue_context.rb_config->drb_ToAddModList ,
ue_context_p->ue_context.rb_config->drb_ToReleaseList,
0xff,
NULL,
NULL,
NULL,
(ue_context_p->ue_context.integrity_algorithm << 4) | ue_context_p->ue_context.ciphering_algorithm,
NULL, /* kRRCenc - unused */
NULL, /* kRRCint - unused */
kUPenc, /* kUPenc */
NULL, /* kUPint - unused */
NULL,
NULL,
ue_context_p->ue_context.secondaryCellGroup->rlc_BearerToAddModList);
......
openair2/RRC/NR_UE/rrc_UE.c
View file @ 10e021e9
......@@ -186,7 +186,8 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req(
const uint8_t security_modeP,
uint8_t *const kRRCenc,
uint8_t *const kRRCint,
uint8_t *const kUPenc
uint8_t *const kUPenc,
uint8_t *const kUPint
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9
#endif
......@@ -2085,6 +2086,7 @@ nr_sa_rrc_ue_process_radioBearerConfig(
// NULL,
// NULL,
// NULL,
// NULL,
// NULL);
// Refresh SRBs
// nr_rrc_rlc_config_asn1_req(ctxt_pP,
......@@ -2176,6 +2178,7 @@ nr_sa_rrc_ue_process_radioBearerConfig(
// NULL,
// kUPenc,
// NULL,
// NULL,
// NR_UE_rrc_inst[ctxt_pP->module_id].defaultDRB,
// NULL);
// Refresh DRBs
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment