UE authentication procedure improvements

src/ue/nas/mm/auth.cpp

@@ -289,12 +289,6 @@ void NasMm::receiveAuthenticationRequest5gAka(const nas::AuthenticationRequest &
     auto &rand = msg.authParamRAND->value;
     auto &autn = msg.authParamAUTN->value;
 
-    if (USE_SQN_HACK)
-    {
-        auto ak = calculateMilenage(OctetString::FromSpare(6), rand, false).ak;
-        m_usim->m_sqn = OctetString::Xor(autn.subCopy(0, 6), ak);
-    }
-
     auto milenage = calculateMilenage(m_usim->m_sqn, rand, false);
     auto &res = milenage.res;
     auto &ck = milenage.ck;
@@ -441,10 +435,8 @@ EAutnValidationRes NasMm::validateAutn(const OctetString &ak, const OctetString
     }
 
     // Verify that the received sequence number SQN is in the correct range
-    if (!checkSqn(receivedSQN))
-    {
+    if (!m_usim->checkSqn(receivedSQN))
         return EAutnValidationRes::SYNCHRONISATION_FAILURE;
-    }
 
     // Check MAC
     if (receivedMAC != mac)
@@ -457,14 +449,6 @@ EAutnValidationRes NasMm::validateAutn(const OctetString &ak, const OctetString
     return EAutnValidationRes::OK;
 }
 
-bool NasMm::checkSqn(const OctetString &sqn)
-{
-    // TODO:
-    //  Verify the freshness of sequence numbers to determine whether the specified sequence number is
-    //  in the correct range and acceptable by the USIM. See 3GPP TS 33.102, Annex C.2.
-    return true;
-}
-
 crypto::milenage::Milenage NasMm::calculateMilenage(const OctetString &sqn, const OctetString &rand, bool dummyAmf)
 {
     OctetString amf = dummyAmf ? OctetString::FromSpare(2) : m_base->config->amf.copy();

src/ue/nas/mm/mm.hpp

@@ -115,7 +115,6 @@ class NasMm
     void receiveEapFailureMessage(const eap::Eap &eap);
     void receiveEapResponseMessage(const eap::Eap &eap);
     EAutnValidationRes validateAutn(const OctetString &ak, const OctetString &mac, const OctetString &autn);
-    bool checkSqn(const OctetString &sqn);
     crypto::milenage::Milenage calculateMilenage(const OctetString &sqn, const OctetString &rand, bool dummyAmf);
 
   private: /* Security */

src/ue/nas/usim.cpp

@@ -33,4 +33,10 @@ void Usim::invalidate()
     m_isValid = false;
 }
 
+bool Usim::checkSqn(const OctetString &sqn)
+{
+    // TODO
+    return false;
+}
+
 } // namespace nr::ue

src/ue/nas/usim.hpp

@@ -46,7 +46,6 @@ class Usim
     // Security related
     std::unique_ptr<NasSecurityContext> m_currentNsCtx{};
     std::unique_ptr<NasSecurityContext> m_nonCurrentNsCtx{};
-    OctetString m_sqn{};
     OctetString m_rand{};
     OctetString m_res{};
     OctetString m_resStar{};
@@ -68,10 +67,16 @@ class Usim
     // eCall related
     bool m_isECallOnly{};
 
+    // SQN management
+    OctetString m_sqn{};
+
   public:
     void initialize(bool hasSupi, const UeConfig::Initials &initials);
+
     bool isValid();
     void invalidate();
+
+    bool checkSqn(const OctetString &sqn);
 };
 
 } // namespace nr::ue
\ No newline at end of file