UE Authentication refactor

f47f7c4b · aligungr · 8681c20d · f47f7c4b · f47f7c4b · f47f7c4b
Commit f47f7c4b authored Apr 26, 2021 by aligungr
Showing with 11 additions and 18 deletions

src/ue/nas/mm/auth.cpp src/ue/nas/mm/auth.cpp +8 -8

src/ue/nas/mm/security.cpp src/ue/nas/mm/security.cpp +0 -3

src/ue/nas/usim.hpp src/ue/nas/usim.hpp +3 -0

src/ue/types.hpp src/ue/types.hpp +0 -7

No files found.
--- a/src/ue/nas/mm/auth.cpp
+++ b/src/ue/nas/mm/auth.cpp
@@ -187,9 +187,9 @@ void NasMm::receiveAuthenticationRequestEap(const nas::AuthenticationRequest &ms
    m_usim->m_nonCurrentNsCtx = std::make_unique<NasSecurityContext>();
    m_usim->m_nonCurrentNsCtx->tsc = msg.ngKSI.tsc;
    m_usim->m_nonCurrentNsCtx->ngKsi = msg.ngKSI.ksi;
-    m_usim->m_nonCurrentNsCtx->keys.rand = std::move(receivedRand);
-    m_usim->m_nonCurrentNsCtx->keys.res = std::move(res);
-    m_usim->m_nonCurrentNsCtx->keys.resStar = {};
+    m_usim->m_rand = std::move(receivedRand);
+    m_usim->m_res = std::move(res);
+    m_usim->m_resStar = {};
    m_usim->m_nonCurrentNsCtx->keys.kAusf = std::move(kAusf);
    m_usim->m_nonCurrentNsCtx->keys.abba = msg.abba.rawData.copy();

@@ -202,7 +202,7 @@ void NasMm::receiveAuthenticationRequestEap(const nas::AuthenticationRequest &ms
    {
        auto *akaPrimeResponse =
            new eap::EapAkaPrime(eap::ECode::RESPONSE, receivedEap.id, eap::ESubType::AKA_CHALLENGE);
-        akaPrimeResponse->attributes.putRes(m_usim->m_nonCurrentNsCtx->keys.res);
+        akaPrimeResponse->attributes.putRes(m_usim->m_res);
        akaPrimeResponse->attributes.putMac(OctetString::FromSpare(16)); // Dummy mac for now
        akaPrimeResponse->attributes.putKdf(1);

@@ -268,9 +268,9 @@ void NasMm::receiveAuthenticationRequest5gAka(const nas::AuthenticationRequest &
        m_usim->m_nonCurrentNsCtx = std::make_unique<NasSecurityContext>();
        m_usim->m_nonCurrentNsCtx->tsc = msg.ngKSI.tsc;
        m_usim->m_nonCurrentNsCtx->ngKsi = msg.ngKSI.ksi;
-        m_usim->m_nonCurrentNsCtx->keys.rand = rand.copy();
-        m_usim->m_nonCurrentNsCtx->keys.resStar = keys::CalculateResStar(ckIk, snn, rand, res);
-        m_usim->m_nonCurrentNsCtx->keys.res = std::move(res);
+        m_usim->m_rand = rand.copy();
+        m_usim->m_resStar = keys::CalculateResStar(ckIk, snn, rand, res);
+        m_usim->m_res = std::move(res);
        m_usim->m_nonCurrentNsCtx->keys.kAusf = keys::CalculateKAusfFor5gAka(ck, ik, snn, sqnXorAk);
        m_usim->m_nonCurrentNsCtx->keys.abba = msg.abba.rawData.copy();

@@ -279,7 +279,7 @@ void NasMm::receiveAuthenticationRequest5gAka(const nas::AuthenticationRequest &
        // Send response
        nas::AuthenticationResponse resp;
        resp.authenticationResponseParameter = nas::IEAuthenticationResponseParameter{};
-        resp.authenticationResponseParameter->rawData = m_usim->m_nonCurrentNsCtx->keys.resStar.copy();
+        resp.authenticationResponseParameter->rawData = m_usim->m_resStar.copy();
        sendNasMessage(resp);
    }
    else if (autnCheck == EAutnValidationRes::MAC_FAILURE)

--- a/src/ue/nas/mm/security.cpp
+++ b/src/ue/nas/mm/security.cpp
@@ -40,9 +40,6 @@ static std::unique_ptr<NasSecurityContext> LocallyDeriveNsc()
    nsc->integrity = nas::ETypeOfIntegrityProtectionAlgorithm::IA0;
    nsc->ciphering = nas::ETypeOfCipheringAlgorithm::EA0;
    nsc->keys.abba = OctetString::FromSpare(2);
-    nsc->keys.rand = OctetString::FromSpare(16);
-    nsc->keys.res = OctetString::FromSpare(16);
-    nsc->keys.resStar = OctetString::FromSpare(16);
    nsc->keys.kAusf = OctetString::FromSpare(32);
    nsc->keys.kSeaf = OctetString::FromSpare(32);
    nsc->keys.kAmf = OctetString::FromSpare(32);

--- a/src/ue/nas/usim.hpp
+++ b/src/ue/nas/usim.hpp
@@ -47,6 +47,9 @@ class Usim
    std::unique_ptr<NasSecurityContext> m_currentNsCtx{};
    std::unique_ptr<NasSecurityContext> m_nonCurrentNsCtx{};
    OctetString m_sqn{};
+    OctetString m_rand{};
+    OctetString m_res{};
+    OctetString m_resStar{};

    // NSSAI related
    NetworkSlice m_defConfiguredNssai{};

--- a/src/ue/types.hpp
+++ b/src/ue/types.hpp
@@ -303,10 +303,6 @@ struct UeKeys
 {
    OctetString abba{};

-    OctetString rand{};
-    OctetString res{};
-    OctetString resStar{}; // used in 5G-AKA
-
    OctetString kAusf{};
    OctetString kSeaf{};
    OctetString kAmf{};
@@ -316,9 +312,6 @@ struct UeKeys
    [[nodiscard]] UeKeys deepCopy() const
    {
        UeKeys keys;
-        keys.rand = rand.subCopy(0);
-        keys.res = res.subCopy(0);
-        keys.resStar = resStar.subCopy(0);
        keys.kAusf = kAusf.subCopy(0);
        keys.kSeaf = kSeaf.subCopy(0);
        keys.kAmf = kAmf.subCopy(0);