Initial NAS encryption fixes

7023ee59 · aligungr · ee5a2c41 · 7023ee59 · 7023ee59 · 7023ee59
Commit 7023ee59 authored Apr 17, 2021 by aligungr
Hide whitespace changes
Inline Side-by-side

Showing with 17 additions and 19 deletions

src/ue/nas/enc.cpp src/ue/nas/enc.cpp +10 -17

src/ue/nas/enc.hpp src/ue/nas/enc.hpp +1 -1

src/ue/nas/mm/transport.cpp src/ue/nas/mm/transport.cpp +6 -1

No files found.
--- a/src/ue/nas/enc.cpp
+++ b/src/ue/nas/enc.cpp
@@ -14,12 +14,13 @@
 namespace nr::ue::nas_enc
 {

-static nas::ESecurityHeaderType MakeSecurityHeaderType(const NasSecurityContext &ctx, nas::EMessageType msgType)
+static nas::ESecurityHeaderType MakeSecurityHeaderType(const NasSecurityContext &ctx, nas::EMessageType msgType,
+                                                       bool bypassCiphering)
 {
    auto &encKey = ctx.keys.kNasEnc;
    auto &intKey = ctx.keys.kNasInt;

-    bool ciphered = encKey.length() > 0;
+    bool ciphered = !bypassCiphering && encKey.length() > 0;
    bool integrityProtected = intKey.length() > 0;

    if (!ciphered && !integrityProtected)
@@ -64,7 +65,7 @@ static OctetString EncryptData(nas::ETypeOfCipheringAlgorithm alg, const NasCoun
 }

 static std::unique_ptr<nas::SecuredMmMessage> Encrypt(NasSecurityContext &ctx, OctetString &&plainNasMessage,
-                                                      nas::EMessageType msgType)
+                                                      nas::EMessageType msgType, bool bypassCiphering)
 {
    auto count = ctx.uplinkCount;
    auto is3gppAccess = ctx.is3gppAccess;
@@ -73,12 +74,13 @@ static std::unique_ptr<nas::SecuredMmMessage> Encrypt(NasSecurityContext &ctx, O
    auto intAlg = ctx.integrity;
    auto encAlg = ctx.ciphering;

-    auto encryptedData = EncryptData(encAlg, count, is3gppAccess, plainNasMessage, encKey);
+    auto encryptedData =
+        bypassCiphering ? plainNasMessage.copy() : EncryptData(encAlg, count, is3gppAccess, plainNasMessage, encKey);
    auto mac = ComputeMac(intAlg, count, is3gppAccess, true, intKey, encryptedData);

    auto secured = std::make_unique<nas::SecuredMmMessage>();
    secured->epd = nas::EExtendedProtocolDiscriminator::MOBILITY_MANAGEMENT_MESSAGES;
-    secured->sht = MakeSecurityHeaderType(ctx, msgType);
+    secured->sht = MakeSecurityHeaderType(ctx, msgType, bypassCiphering);
    secured->messageAuthenticationCode = octet4{mac};
    secured->sequenceNumber = count.sqn;
    secured->plainNasMessage = std::move(encryptedData);
@@ -120,24 +122,15 @@ static OctetString DecryptData(nas::ETypeOfCipheringAlgorithm alg, const NasCoun
    return msg;
 }

-std::unique_ptr<nas::SecuredMmMessage> Encrypt(NasSecurityContext &ctx, const nas::PlainMmMessage &msg)
+std::unique_ptr<nas::SecuredMmMessage> Encrypt(NasSecurityContext &ctx, const nas::PlainMmMessage &msg,
+                                               bool bypassCiphering)
 {
    nas::EMessageType msgType = msg.messageType;

    OctetString stream;
    nas::EncodeNasMessage(msg, stream);

-    return Encrypt(ctx, std::move(stream), msgType);
-}
-
-std::unique_ptr<nas::SecuredMmMessage> Encrypt(NasSecurityContext &ctx, const nas::SmMessage &msg)
-{
-    nas::EMessageType msgType = msg.messageType;
-
-    OctetString stream;
-    nas::EncodeNasMessage(msg, stream);
-
-    return Encrypt(ctx, std::move(stream), msgType);
+    return Encrypt(ctx, std::move(stream), msgType, bypassCiphering);
 }

 std::unique_ptr<nas::NasMessage> Decrypt(NasSecurityContext &ctx, const nas::SecuredMmMessage &msg)

--- a/src/ue/nas/enc.hpp
+++ b/src/ue/nas/enc.hpp
@@ -14,7 +14,7 @@
 namespace nr::ue::nas_enc
 {

-std::unique_ptr<nas::SecuredMmMessage> Encrypt(NasSecurityContext &ctx, const nas::PlainMmMessage &msg);
+std::unique_ptr<nas::SecuredMmMessage> Encrypt(NasSecurityContext &ctx, const nas::PlainMmMessage &msg, bool bypassCiphering);
 std::unique_ptr<nas::NasMessage> Decrypt(NasSecurityContext &ctx, const nas::SecuredMmMessage &msg);

 uint32_t ComputeMac(nas::ETypeOfIntegrityProtectionAlgorithm alg, NasCount count, bool is3gppAccess,

--- a/src/ue/nas/mm/transport.cpp
+++ b/src/ue/nas/mm/transport.cpp
@@ -34,6 +34,11 @@ static bool IsAcceptedWithoutIntegrity(const nas::PlainMmMessage &msg)
           msgType == nas::EMessageType::SERVICE_REJECT;
 }

+static bool BypassCiphering(const nas::PlainMmMessage &msg)
+{
+    return IsInitialNasMessage(msg);
+}
+
 void NasMm::sendNasMessage(const nas::PlainMmMessage &msg)
 {
    if (m_cmState == ECmState::CM_IDLE && !IsInitialNasMessage(msg))
@@ -48,7 +53,7 @@ void NasMm::sendNasMessage(const nas::PlainMmMessage &msg)
    if (m_usim->m_currentNsCtx && (m_usim->m_currentNsCtx->integrity != nas::ETypeOfIntegrityProtectionAlgorithm::IA0 ||
                                   m_usim->m_currentNsCtx->ciphering != nas::ETypeOfCipheringAlgorithm::EA0))
    {
-        auto secured = nas_enc::Encrypt(*m_usim->m_currentNsCtx, msg);
+        auto secured = nas_enc::Encrypt(*m_usim->m_currentNsCtx, msg, BypassCiphering(msg));
        nas::EncodeNasMessage(*secured, pdu);
    }
    else