Skip to content

O
OpenXG-RAN
Commit 6f5c0332 authored by Lionel Gauthier's avatar Lionel Gauthier
Browse files
Options

For Sync only, still problem with NAS COUNT (TODO) and MAC-I (check on real PFT SIM) 

git-svn-id: http://svn.eurecom.fr/openair4G/trunk@5311 818b1a75-f10b-46b9-bf7c-635c3b92a50f
parent 55d05b6f
Hide whitespace changes
Inline Side-by-side
Showing with 1366 additions and 619 deletions
openair-cn/COMMON/mme_app_messages_types.h
View file @ 6f5c0332
...@@ -26,6 +26,9 @@ typedef struct mme_app_connection_establishment_cnf_s { ...@@ -26,6 +26,9 @@ typedef struct mme_app_connection_establishment_cnf_s {
pre_emp_capability_t bearer_qos_pre_emp_capability; pre_emp_capability_t bearer_qos_pre_emp_capability;
ambr_t ambr; ambr_t ambr;
/* Key eNB */
uint8_t keNB[32];
nas_conn_est_cnf_t nas_conn_est_cnf; nas_conn_est_cnf_t nas_conn_est_cnf;
} mme_app_connection_establishment_cnf_t; } mme_app_connection_establishment_cnf_t;
......
openair-cn/COMMON/nas_messages_types.h
View file @ 6f5c0332
...@@ -170,7 +170,7 @@ typedef struct nas_pdn_connectivity_rsp_s { ...@@ -170,7 +170,7 @@ typedef struct nas_pdn_connectivity_rsp_s {
uint32_t mme_ue_s1ap_id; uint32_t mme_ue_s1ap_id;
/* Key eNB */ /* Key eNB */
uint8_t keNB[32]; //uint8_t keNB[32];
ambr_t ambr; ambr_t ambr;
ambr_t apn_ambr; ambr_t apn_ambr;
......
openair-cn/MME_APP/mme_app_bearer.c
View file @ 6f5c0332
...@@ -289,6 +289,7 @@ mme_app_handle_conn_est_cnf( ...@@ -289,6 +289,7 @@ mme_app_handle_conn_est_cnf(
mme_app_connection_establishment_cnf_t *establishment_cnf_p = NULL; mme_app_connection_establishment_cnf_t *establishment_cnf_p = NULL;
bearer_context_t *current_bearer_p = NULL; bearer_context_t *current_bearer_p = NULL;
ebi_t bearer_id = 0; ebi_t bearer_id = 0;
uint8_t *keNB = NULL;
MME_APP_DEBUG("Received NAS_CONNECTION_ESTABLISHMENT_CNF from NAS\n"); MME_APP_DEBUG("Received NAS_CONNECTION_ESTABLISHMENT_CNF from NAS\n");
...@@ -332,6 +333,11 @@ mme_app_handle_conn_est_cnf( ...@@ -332,6 +333,11 @@ mme_app_handle_conn_est_cnf(
establishment_cnf_p->bearer_qos_pre_emp_capability = current_bearer_p->pre_emp_capability; establishment_cnf_p->bearer_qos_pre_emp_capability = current_bearer_p->pre_emp_capability;
establishment_cnf_p->ambr = ue_context_p->used_ambr; establishment_cnf_p->ambr = ue_context_p->used_ambr;
MME_APP_DEBUG("Derive keNB with UL NAS COUNT %x\n", nas_conn_est_cnf_pP->ul_nas_count);
derive_keNB(ue_context_p->vector_in_use->kasme, nas_conn_est_cnf_pP->ul_nas_count, &keNB); //156
memcpy(establishment_cnf_p->keNB, keNB, 32);
free(keNB);
itti_send_msg_to_task(TASK_S1AP, INSTANCE_DEFAULT, message_p); itti_send_msg_to_task(TASK_S1AP, INSTANCE_DEFAULT, message_p);
} }
...@@ -471,17 +477,18 @@ mme_app_handle_create_sess_resp( ...@@ -471,17 +477,18 @@ mme_app_handle_create_sess_resp(
mme_app_dump_ue_contexts(&mme_app_desc.mme_ue_contexts); mme_app_dump_ue_contexts(&mme_app_desc.mme_ue_contexts);
{ {
uint8_t *keNB = NULL; //uint8_t *keNB = NULL;
message_p = itti_alloc_new_message(TASK_MME_APP, NAS_PDN_CONNECTIVITY_RSP); message_p = itti_alloc_new_message(TASK_MME_APP, NAS_PDN_CONNECTIVITY_RSP);
memset((void*)&message_p->ittiMsg.nas_pdn_connectivity_rsp, memset((void*)&message_p->ittiMsg.nas_pdn_connectivity_rsp,
0, 0,
sizeof(nas_pdn_connectivity_rsp_t)); sizeof(nas_pdn_connectivity_rsp_t));
derive_keNB(ue_context_p->vector_in_use->kasme, 156, &keNB); // moved to NAS_CONNECTION_ESTABLISHMENT_CONF, keNB not handled in NAS MME
memcpy(NAS_PDN_CONNECTIVITY_RSP(message_p).keNB, keNB, 32); //derive_keNB(ue_context_p->vector_in_use->kasme, 156, &keNB);
//memcpy(NAS_PDN_CONNECTIVITY_RSP(message_p).keNB, keNB, 32);
free(keNB); //free(keNB);
NAS_PDN_CONNECTIVITY_RSP(message_p).pti = ue_context_p->pending_pdn_connectivity_req_pti; // NAS internal ref NAS_PDN_CONNECTIVITY_RSP(message_p).pti = ue_context_p->pending_pdn_connectivity_req_pti; // NAS internal ref
NAS_PDN_CONNECTIVITY_RSP(message_p).ue_id = ue_context_p->pending_pdn_connectivity_req_ue_id; // NAS internal ref NAS_PDN_CONNECTIVITY_RSP(message_p).ue_id = ue_context_p->pending_pdn_connectivity_req_ue_id; // NAS internal ref
......
openair-cn/NAS/EURECOM-NAS/Makefile.inc
View file @ 6f5c0332
...@@ -17,7 +17,7 @@ SRCDIR = $(PROJDIR)/src ...@@ -17,7 +17,7 @@ SRCDIR = $(PROJDIR)/src
INCDIR = $(SRCDIR)/include INCDIR = $(SRCDIR)/include
UTILDIR = $(SRCDIR)/util UTILDIR = $(SRCDIR)/util
APIDIR = $(SRCDIR)/api APIDIR = $(SRCDIR)/api
USERAPIDIR = $(APIDIR)/user USERAPIDIR = $(APIDIR)/user
NETAPIDIR = $(APIDIR)/network NETAPIDIR = $(APIDIR)/network
USIMAPIDIR = $(APIDIR)/usim USIMAPIDIR = $(APIDIR)/usim
MMEAPIDIR = $(APIDIR)/mme MMEAPIDIR = $(APIDIR)/mme
......
openair-cn/NAS/EURECOM-NAS/src/api/network/nas_message.c
View file @ 6f5c0332
...@@ -31,6 +31,7 @@ Description Defines the layer 3 messages supported by the NAS sublayer ...@@ -31,6 +31,7 @@ Description Defines the layer 3 messages supported by the NAS sublayer
#if ((defined(EPC_BUILD) && defined(NAS_MME)) || (defined(ENABLE_NAS_UE_LOGGING) && defined(UE_BUILD) && defined(NAS_UE))) #if ((defined(EPC_BUILD) && defined(NAS_MME)) || (defined(ENABLE_NAS_UE_LOGGING) && defined(UE_BUILD) && defined(NAS_UE)))
# include "nas_itti_messaging.h" # include "nas_itti_messaging.h"
#endif #endif
#include "secu_defs.h"
/****************************************************************************/ /****************************************************************************/
/**************** E X T E R N A L D E F I N I T I O N S ****************/ /**************** E X T E R N A L D E F I N I T I O N S ****************/
...@@ -40,34 +41,55 @@ Description Defines the layer 3 messages supported by the NAS sublayer ...@@ -40,34 +41,55 @@ Description Defines the layer 3 messages supported by the NAS sublayer
/******************* L O C A L D E F I N I T I O N S *******************/ /******************* L O C A L D E F I N I T I O N S *******************/
/****************************************************************************/ /****************************************************************************/
/* Functions used to decode layer 3 NAS messages */ /* Functions used to decode layer 3 NAS messages */
static int _nas_message_header_decode(const char* buffer, static int _nas_message_header_decode(const char* buffer,
nas_message_security_header_t* header, int length); nas_message_security_header_t* header, int length);
static int _nas_message_plain_decode(const char* buffer, static int _nas_message_plain_decode(const char* buffer,
const nas_message_security_header_t* header, const nas_message_security_header_t* header,
nas_message_plain_t* msg, int length); nas_message_plain_t* msg, int length);
static int _nas_message_protected_decode(const char* buffer, static int _nas_message_protected_decode(const char* buffer,
nas_message_security_header_t* header, nas_message_security_header_t* header,
nas_message_plain_t* msg, int length); nas_message_plain_t* msg, int length);
/* Functions used to encode layer 3 NAS messages */ /* Functions used to encode layer 3 NAS messages */
static int _nas_message_header_encode(char* buffer, static int _nas_message_header_encode(char* buffer,
const nas_message_security_header_t* header, int length); const nas_message_security_header_t* header, int length);
static int _nas_message_plain_encode(char* buffer, static int _nas_message_plain_encode(char* buffer,
const nas_message_security_header_t* header, const nas_message_security_header_t* header,
const nas_message_plain_t* msg, int length); const nas_message_plain_t* msg, int length);
static int _nas_message_protected_encode(char* buffer,
const nas_message_security_protected_t* msg, int length); static int _nas_message_protected_encode(
char *buffer,
const nas_message_security_protected_t *msg,
int length,
void *security);
/* Functions used to decrypt and encrypt layer 3 NAS messages */ /* Functions used to decrypt and encrypt layer 3 NAS messages */
static int _nas_message_decrypt(char* dest, const char* src, UInt8_t type, static int _nas_message_decrypt(
UInt32_t code, UInt8_t seq, int length); char* dest,
static int _nas_message_encrypt(char* dest, const char* src, UInt8_t type, const char* src,
UInt32_t code, UInt8_t seq, int length); UInt8_t type,
UInt32_t code,
UInt8_t seq,
int length);
static int
_nas_message_encrypt(
char *dest,
const char *src,
UInt8_t type,
UInt32_t code,
UInt8_t seq,
int length,
const emm_security_context_t * const emm_security_context);
/* Functions used for integrity protection of layer 3 NAS messages */ /* Functions used for integrity protection of layer 3 NAS messages */
static UInt32_t _nas_message_get_mac(const char* buffer, UInt32_t count, static UInt32_t _nas_message_get_mac(
int length); const char * const buffer,
int const length,
int const direction,
const emm_security_context_t * const emm_security_context);
/****************************************************************************/ /****************************************************************************/
/****************** E X P O R T E D F U N C T I O N S ******************/ /****************** E X P O R T E D F U N C T I O N S ******************/
...@@ -93,48 +115,60 @@ static UInt32_t _nas_message_get_mac(const char* buffer, UInt32_t count, ...@@ -93,48 +115,60 @@ static UInt32_t _nas_message_get_mac(const char* buffer, UInt32_t count,
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
int nas_message_encrypt(const char* inbuf, char* outbuf, int
const nas_message_security_header_t* header, int length) nas_message_encrypt(
const char *inbuf,
char *outbuf,
const nas_message_security_header_t *header,
int length,
void *security)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
emm_security_context_t *emm_security_context = (emm_security_context_t*)security;
int bytes = length; int bytes = length;
/* Encode the header */ /* Encode the header */
int size = _nas_message_header_encode(outbuf, header, length); int size = _nas_message_header_encode(outbuf, header, length);
if (size < 0) { if (size < 0) {
LOG_FUNC_RETURN (TLV_ENCODE_BUFFER_TOO_SHORT); LOG_FUNC_RETURN (TLV_ENCODE_BUFFER_TOO_SHORT);
} }
else if (size > 1) { else if (size > 1) {
/* Encrypt the plain NAS message */ /* Encrypt the plain NAS message */
bytes = _nas_message_encrypt(outbuf + size, inbuf, bytes = _nas_message_encrypt(outbuf + size, inbuf,
header->security_header_type, header->security_header_type,
header->message_authentication_code, header->message_authentication_code,
header->sequence_number, header->sequence_number,
length - size); length - size,
/* Integrity protected the NAS message */ emm_security_context);
if (bytes > 0) { /* Integrity protected the NAS message */
/* Compute offset of the sequence number field */ if (bytes > 0) {
int offset = size - sizeof(UInt8_t); /* Compute offset of the sequence number field */
/* Compute the NAS message authentication code */ int offset = size - sizeof(UInt8_t);
UInt32_t mac = _nas_message_get_mac(outbuf + offset, /* Compute the NAS message authentication code */
0, // TODO !!! ul counter UInt32_t mac = _nas_message_get_mac(
length - offset); outbuf + offset,
/* Set the message authentication code of the NAS message */ length - offset,
*(UInt32_t*)(outbuf + sizeof(UInt8_t)) = mac; #ifdef NAS_MME
} SECU_DIRECTION_DOWNLINK,
#else
SECU_DIRECTION_UPLINK,
#endif
emm_security_context);
/* Set the message authentication code of the NAS message */
*(UInt32_t*)(outbuf + sizeof(UInt8_t)) = mac;
}
} }
else { else {
/* The input buffer does not need to be encrypted */ /* The input buffer does not need to be encrypted */
memcpy(outbuf, inbuf, length); memcpy(outbuf, inbuf, length);
} }
if (bytes < 0) { if (bytes < 0) {
LOG_FUNC_RETURN (bytes); LOG_FUNC_RETURN (bytes);
} }
if (size > 1) { if (size > 1) {
LOG_FUNC_RETURN (size + bytes); LOG_FUNC_RETURN (size + bytes);
} }
LOG_FUNC_RETURN (bytes); LOG_FUNC_RETURN (bytes);
} }
...@@ -159,43 +193,54 @@ int nas_message_encrypt(const char* inbuf, char* outbuf, ...@@ -159,43 +193,54 @@ int nas_message_encrypt(const char* inbuf, char* outbuf,
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
int nas_message_decrypt(const char* inbuf, char* outbuf, int nas_message_decrypt(
nas_message_security_header_t* header, int length) const char *inbuf,
char *outbuf,
nas_message_security_header_t *header,
int length,
void *security)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
int bytes = length; emm_security_context_t *emm_security_context = (emm_security_context_t*)security;
int bytes = length;
/* Decode the header */ /* Decode the header */
int size = _nas_message_header_decode(inbuf, header, length); int size = _nas_message_header_decode(inbuf, header, length);
if (size < 0) { if (size < 0) {
LOG_FUNC_RETURN (TLV_DECODE_BUFFER_TOO_SHORT); LOG_FUNC_RETURN (TLV_DECODE_BUFFER_TOO_SHORT);
} }
else if (size > 1) { else if (size > 1) {
/* Compute offset of the sequence number field */ /* Compute offset of the sequence number field */
int offset = size - sizeof(UInt8_t); int offset = size - sizeof(UInt8_t);
/* Compute the NAS message authentication code */ /* Compute the NAS message authentication code */
UInt32_t mac = _nas_message_get_mac(inbuf + offset, UInt32_t mac = _nas_message_get_mac(
0, // TODO !!! dl counter inbuf + offset,
length - offset); length - offset,
/* Check NAS message integrity */ #ifdef NAS_MME
if (mac != header->message_authentication_code) { SECU_DIRECTION_UPLINK,
LOG_FUNC_RETURN (TLV_DECODE_MAC_MISMATCH); #else
} SECU_DIRECTION_DOWNLINK,
#endif
/* Decrypt the security protected NAS message */ emm_security_context);
header->protocol_discriminator = /* Check NAS message integrity */
_nas_message_decrypt(outbuf, inbuf + size, if (mac != header->message_authentication_code) {
header->security_header_type, LOG_FUNC_RETURN (TLV_DECODE_MAC_MISMATCH);
header->message_authentication_code, }
header->sequence_number,
length - size); /* Decrypt the security protected NAS message */
bytes = length - size; header->protocol_discriminator =
_nas_message_decrypt(outbuf, inbuf + size,
header->security_header_type,
header->message_authentication_code,
header->sequence_number,
length - size);
bytes = length - size;
} }
else { else {
/* The input buffer contains a plain NAS message */ /* The input buffer contains a plain NAS message */
memcpy(outbuf, inbuf, length); memcpy(outbuf, inbuf, length);
} }
LOG_FUNC_RETURN (bytes); LOG_FUNC_RETURN (bytes);
...@@ -219,10 +264,14 @@ int nas_message_decrypt(const char* inbuf, char* outbuf, ...@@ -219,10 +264,14 @@ int nas_message_decrypt(const char* inbuf, char* outbuf,
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
int nas_message_decode(const char* const buffer, nas_message_t* msg, int length) int nas_message_decode(
const char* const buffer,
nas_message_t *msg,
int length,
void *security)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
emm_security_context_t *emm_security_context = (emm_security_context_t*)security;
int bytes; int bytes;
#if ((defined(EPC_BUILD) && defined(NAS_MME)) || (defined(ENABLE_NAS_UE_LOGGING) && defined(UE_BUILD) && defined(NAS_UE))) #if ((defined(EPC_BUILD) && defined(NAS_MME)) || (defined(ENABLE_NAS_UE_LOGGING) && defined(UE_BUILD) && defined(NAS_UE)))
int down_link; int down_link;
...@@ -244,9 +293,17 @@ int nas_message_decode(const char* const buffer, nas_message_t* msg, int length) ...@@ -244,9 +293,17 @@ int nas_message_decode(const char* const buffer, nas_message_t* msg, int length)
/* Compute offset of the sequence number field */ /* Compute offset of the sequence number field */
int offset = size - sizeof(UInt8_t); int offset = size - sizeof(UInt8_t);
/* Compute the NAS message authentication code */ /* Compute the NAS message authentication code */
UInt32_t mac = _nas_message_get_mac(buffer + offset, UInt32_t mac = _nas_message_get_mac(
0, // TODO !!! dl counter buffer + offset,
length - offset); length - offset,
#ifdef NAS_MME
SECU_DIRECTION_UPLINK,
#else
SECU_DIRECTION_DOWNLINK,
#endif
emm_security_context
);
/* Check NAS message integrity */ /* Check NAS message integrity */
if (mac != msg->header.message_authentication_code) { if (mac != msg->header.message_authentication_code) {
LOG_FUNC_RETURN (TLV_DECODE_MAC_MISMATCH); LOG_FUNC_RETURN (TLV_DECODE_MAC_MISMATCH);
...@@ -292,10 +349,15 @@ int nas_message_decode(const char* const buffer, nas_message_t* msg, int length) ...@@ -292,10 +349,15 @@ int nas_message_decode(const char* const buffer, nas_message_t* msg, int length)
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
int nas_message_encode(char* buffer, const nas_message_t* const msg, int length) int nas_message_encode(
char *buffer,
const nas_message_t *const msg,
int length,
void *security)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
emm_security_context_t *emm_security_context = (emm_security_context_t*)security;
int bytes; int bytes;
#if ((defined(EPC_BUILD) && defined(NAS_MME)) || (defined(ENABLE_NAS_UE_LOGGING) && defined(UE_BUILD) && defined(NAS_UE))) #if ((defined(EPC_BUILD) && defined(NAS_MME)) || (defined(ENABLE_NAS_UE_LOGGING) && defined(UE_BUILD) && defined(NAS_UE)))
int down_link; int down_link;
...@@ -315,18 +377,47 @@ int nas_message_encode(char* buffer, const nas_message_t* const msg, int length) ...@@ -315,18 +377,47 @@ int nas_message_encode(char* buffer, const nas_message_t* const msg, int length)
} }
else if (size > 1) { else if (size > 1) {
/* Encode security protected NAS message */ /* Encode security protected NAS message */
bytes = _nas_message_protected_encode(buffer + size, &msg->security_protected, bytes = _nas_message_protected_encode(
length - size); buffer + size,
&msg->security_protected,
length - size,
emm_security_context);
/* Integrity protect the NAS message */ /* Integrity protect the NAS message */
if (bytes > 0) { if (bytes > 0) {
/* Compute offset of the sequence number field */ /* Compute offset of the sequence number field */
int offset = size - sizeof(UInt8_t); int offset = size - sizeof(UInt8_t);
/* Compute the NAS message authentication code */ /* Compute the NAS message authentication code */
UInt32_t mac = _nas_message_get_mac(buffer + offset, UInt32_t mac = _nas_message_get_mac(
0, // TODO !!! ul counter buffer + offset,
length - offset); length - offset,
#ifdef NAS_MME
SECU_DIRECTION_DOWNLINK,
#else
SECU_DIRECTION_UPLINK,
#endif
emm_security_context);
/* Set the message authentication code of the NAS message */ /* Set the message authentication code of the NAS message */
*(UInt32_t*)(buffer + sizeof(UInt8_t)) = mac; *(UInt32_t*)(buffer + sizeof(UInt8_t)) = mac;
if (emm_security_context) {
#ifdef NAS_MME
emm_security_context->dl_count.seq_num += 1;
if ( ! emm_security_context->dl_count.seq_num) {
emm_security_context->dl_count.overflow += 1;
if ( ! emm_security_context->dl_count.overflow) {
// TODO
}
}
#else
emm_security_context->ul_count.seq_num += 1;
if ( ! emm_security_context->ul_count.seq_num) {
emm_security_context->ul_count.overflow += 1;
if ( ! emm_security_context->ul_count.overflow) {
// TODO
}
}
#endif
}
} }
#if ((defined(EPC_BUILD) && defined(NAS_MME)) || (defined(ENABLE_NAS_UE_LOGGING) && defined(UE_BUILD) && defined(NAS_UE))) #if ((defined(EPC_BUILD) && defined(NAS_MME)) || (defined(ENABLE_NAS_UE_LOGGING) && defined(UE_BUILD) && defined(NAS_UE)))
/* Log message header */ /* Log message header */
...@@ -377,9 +468,11 @@ int nas_message_encode(char* buffer, const nas_message_t* const msg, int length) ...@@ -377,9 +468,11 @@ int nas_message_encode(char* buffer, const nas_message_t* const msg, int length)
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
static int _nas_message_header_decode(const char* buffer, static int
nas_message_security_header_t* header, _nas_message_header_decode(
int length) const char *buffer,
nas_message_security_header_t *header,
int length)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
...@@ -393,11 +486,11 @@ static int _nas_message_header_decode(const char* buffer, ...@@ -393,11 +486,11 @@ static int _nas_message_header_decode(const char* buffer,
if (header->security_header_type != SECURITY_HEADER_TYPE_NOT_PROTECTED) if (header->security_header_type != SECURITY_HEADER_TYPE_NOT_PROTECTED)
{ {
if (length < NAS_MESSAGE_SECURITY_HEADER_SIZE) { if (length < NAS_MESSAGE_SECURITY_HEADER_SIZE) {
/* The buffer is not big enough to contain security header */ /* The buffer is not big enough to contain security header */
LOG_TRACE(WARNING, "NET-API - The size of the header (%u) " LOG_TRACE(WARNING, "NET-API - The size of the header (%u) "
"exceeds the buffer length (%u)", "exceeds the buffer length (%u)",
NAS_MESSAGE_SECURITY_HEADER_SIZE, length); NAS_MESSAGE_SECURITY_HEADER_SIZE, length);
LOG_FUNC_RETURN (-1); LOG_FUNC_RETURN (-1);
} }
/* Decode the message authentication code */ /* Decode the message authentication code */
DECODE_U32(buffer+size, header->message_authentication_code, size); DECODE_U32(buffer+size, header->message_authentication_code, size);
...@@ -428,26 +521,29 @@ static int _nas_message_header_decode(const char* buffer, ...@@ -428,26 +521,29 @@ static int _nas_message_header_decode(const char* buffer,
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
static int _nas_message_plain_decode(const char* buffer, static int
const nas_message_security_header_t* header, _nas_message_plain_decode(
nas_message_plain_t* msg, int length) const char *buffer,
const nas_message_security_header_t *header,
nas_message_plain_t *msg,
int length)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
int bytes = TLV_DECODE_PROTOCOL_NOT_SUPPORTED; int bytes = TLV_DECODE_PROTOCOL_NOT_SUPPORTED;
if (header->protocol_discriminator == EPS_MOBILITY_MANAGEMENT_MESSAGE) { if (header->protocol_discriminator == EPS_MOBILITY_MANAGEMENT_MESSAGE) {
/* Decode EPS Mobility Management L3 message */ /* Decode EPS Mobility Management L3 message */
bytes = emm_msg_decode(&msg->emm, (uint8_t *)buffer, length); bytes = emm_msg_decode(&msg->emm, (uint8_t *)buffer, length);
} }
else if (header->protocol_discriminator == EPS_SESSION_MANAGEMENT_MESSAGE) { else if (header->protocol_discriminator == EPS_SESSION_MANAGEMENT_MESSAGE) {
/* Decode EPS Session Management L3 message */ /* Decode EPS Session Management L3 message */
bytes = esm_msg_decode(&msg->esm, (uint8_t *)buffer, length); bytes = esm_msg_decode(&msg->esm, (uint8_t *)buffer, length);
} }
else { else {
/* Discard L3 messages with not supported protocol discriminator */ /* Discard L3 messages with not supported protocol discriminator */
LOG_TRACE(WARNING,"NET-API - Protocol discriminator 0x%x is " LOG_TRACE(WARNING,"NET-API - Protocol discriminator 0x%x is "
"not supported", header->protocol_discriminator); "not supported", header->protocol_discriminator);
} }
LOG_FUNC_RETURN (bytes); LOG_FUNC_RETURN (bytes);
...@@ -473,9 +569,11 @@ static int _nas_message_plain_decode(const char* buffer, ...@@ -473,9 +569,11 @@ static int _nas_message_plain_decode(const char* buffer,
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
static int _nas_message_protected_decode(const char* buffer, static int _nas_message_protected_decode(
nas_message_security_header_t* header, const char *buffer,
nas_message_plain_t* msg, int length) nas_message_security_header_t *header,
nas_message_plain_t *msg,
int length)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
...@@ -484,15 +582,15 @@ static int _nas_message_protected_decode(const char* buffer, ...@@ -484,15 +582,15 @@ static int _nas_message_protected_decode(const char* buffer,
char* plain_msg = (char*)malloc(length); char* plain_msg = (char*)malloc(length);
if (plain_msg) if (plain_msg)
{ {
/* Decrypt the security protected NAS message */ /* Decrypt the security protected NAS message */
header->protocol_discriminator = header->protocol_discriminator =
_nas_message_decrypt(plain_msg, buffer, _nas_message_decrypt(plain_msg, buffer,
header->security_header_type, header->security_header_type,
header->message_authentication_code, header->message_authentication_code,
header->sequence_number, length); header->sequence_number, length);
/* Decode the decrypted message as plain NAS message */ /* Decode the decrypted message as plain NAS message */
bytes = _nas_message_plain_decode(plain_msg, header, msg, length); bytes = _nas_message_plain_decode(plain_msg, header, msg, length);
free(plain_msg); free(plain_msg);
} }
LOG_FUNC_RETURN (bytes); LOG_FUNC_RETURN (bytes);
...@@ -523,8 +621,10 @@ static int _nas_message_protected_decode(const char* buffer, ...@@ -523,8 +621,10 @@ static int _nas_message_protected_decode(const char* buffer,
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
static int _nas_message_header_encode(char* buffer, static int _nas_message_header_encode(
const nas_message_security_header_t* header, int length) char *buffer,
const nas_message_security_header_t *header,
int length)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
...@@ -576,26 +676,28 @@ static int _nas_message_header_encode(char* buffer, ...@@ -576,26 +676,28 @@ static int _nas_message_header_encode(char* buffer,
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
static int _nas_message_plain_encode(char* buffer, static int _nas_message_plain_encode(
const nas_message_security_header_t* header, char *buffer,
const nas_message_plain_t* msg, int length) const nas_message_security_header_t *header,
const nas_message_plain_t *msg,
int length)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
int bytes = TLV_ENCODE_PROTOCOL_NOT_SUPPORTED; int bytes = TLV_ENCODE_PROTOCOL_NOT_SUPPORTED;
if (header->protocol_discriminator == EPS_MOBILITY_MANAGEMENT_MESSAGE) { if (header->protocol_discriminator == EPS_MOBILITY_MANAGEMENT_MESSAGE) {
/* Encode EPS Mobility Management L3 message */ /* Encode EPS Mobility Management L3 message */
bytes = emm_msg_encode((EMM_msg*)(&msg->emm), (uint8_t*)buffer, length); bytes = emm_msg_encode((EMM_msg*)(&msg->emm), (uint8_t*)buffer, length);
} }
else if (header->protocol_discriminator == EPS_SESSION_MANAGEMENT_MESSAGE) { else if (header->protocol_discriminator == EPS_SESSION_MANAGEMENT_MESSAGE) {
/* Encode EPS Session Management L3 message */ /* Encode EPS Session Management L3 message */
bytes = esm_msg_encode((ESM_msg*)(&msg->esm), (uint8_t*)buffer, length); bytes = esm_msg_encode((ESM_msg*)(&msg->esm), (uint8_t*)buffer, length);
} }
else { else {
/* Discard L3 messages with not supported protocol discriminator */ /* Discard L3 messages with not supported protocol discriminator */
LOG_TRACE(WARNING,"NET-API - Protocol discriminator 0x%x is " LOG_TRACE(WARNING,"NET-API - Protocol discriminator 0x%x is "
"not supported", header->protocol_discriminator); "not supported", header->protocol_discriminator);
} }
LOG_FUNC_RETURN (bytes); LOG_FUNC_RETURN (bytes);
...@@ -619,29 +721,36 @@ static int _nas_message_plain_encode(char* buffer, ...@@ -619,29 +721,36 @@ static int _nas_message_plain_encode(char* buffer,
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
static int _nas_message_protected_encode(char* buffer, static int _nas_message_protected_encode(
const nas_message_security_protected_t* msg, int length) char *buffer,
const nas_message_security_protected_t *msg,
int length,
void *security)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
emm_security_context_t *emm_security_context = (emm_security_context_t*)security;
int bytes = TLV_ENCODE_BUFFER_TOO_SHORT; int bytes = TLV_ENCODE_BUFFER_TOO_SHORT;
char* plain_msg = (char*)malloc(length); char* plain_msg = (char*)malloc(length);
if (plain_msg) { if (plain_msg) {
/* Encode the security protected NAS message as plain NAS message */ /* Encode the security protected NAS message as plain NAS message */
int size = _nas_message_plain_encode(plain_msg, &msg->header, int size = _nas_message_plain_encode(plain_msg, &msg->header,
&msg->plain, length); &msg->plain, length);
if (size > 0) { if (size > 0) {
//static uint8_t seq = 0; //static uint8_t seq = 0;
/* Encrypt the encoded plain NAS message */ /* Encrypt the encoded plain NAS message */
bytes = _nas_message_encrypt(buffer, plain_msg, bytes = _nas_message_encrypt(buffer,
msg->header.security_header_type, plain_msg,
msg->header.message_authentication_code, msg->header.security_header_type,
msg->header.sequence_number, size); msg->header.message_authentication_code,
//seq, size); msg->header.sequence_number,
//seq ++; size,
} emm_security_context);
free(plain_msg); //seq, size);
//seq ++;
}
free(plain_msg);
} }
LOG_FUNC_RETURN (bytes); LOG_FUNC_RETURN (bytes);
...@@ -672,8 +781,13 @@ static int _nas_message_protected_encode(char* buffer, ...@@ -672,8 +781,13 @@ static int _nas_message_protected_encode(char* buffer,
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
static int _nas_message_decrypt(char* dest, const char* src, UInt8_t type, static int _nas_message_decrypt(
UInt32_t code, UInt8_t seq, int length) char *dest,
const char *src,
UInt8_t type,
UInt32_t code,
UInt8_t seq,
int length)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
...@@ -710,8 +824,14 @@ static int _nas_message_decrypt(char* dest, const char* src, UInt8_t type, ...@@ -710,8 +824,14 @@ static int _nas_message_decrypt(char* dest, const char* src, UInt8_t type,
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
static int _nas_message_encrypt(char* dest, const char* src, UInt8_t type, static int _nas_message_encrypt(
UInt32_t code, UInt8_t seq, int length) char *dest,
const char *src,
UInt8_t type,
UInt32_t code,
UInt8_t seq,
int length,
const emm_security_context_t * const emm_security_context)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
...@@ -748,17 +868,80 @@ static int _nas_message_encrypt(char* dest, const char* src, UInt8_t type, ...@@ -748,17 +868,80 @@ static int _nas_message_encrypt(char* dest, const char* src, UInt8_t type,
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
static UInt32_t _nas_message_get_mac(const char* buffer, UInt32_t count, static UInt32_t _nas_message_get_mac(
int length) const char * const buffer,
int const length,
int const direction,
const emm_security_context_t * const emm_security_context)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
/* TODO: run integrity protection algorithm */
/* TODO: Return the message authentication code */ if (!emm_security_context) {
LOG_TRACE(DEBUG,
"No security context set for integrity protection algorithm");
#if defined(EPC_BUILD) || defined(UE_BUILD) #if defined(EPC_BUILD) || defined(UE_BUILD)
LOG_FUNC_RETURN (0); LOG_FUNC_RETURN (0);
#else
LOG_FUNC_RETURN (0xabababab);
#endif
}
switch (emm_security_context->selected_algorithms.integrity) {
case NAS_SECURITY_ALGORITHMS_EIA1:
AssertFatal(0 ,
"EIA1_128_ALG_ID not implemented");
break;
case NAS_SECURITY_ALGORITHMS_EIA2: {
UInt8_t mac[4];
nas_stream_cipher_t stream_cipher;
UInt32_t count;
UInt32_t *mac32;
if (direction == SECU_DIRECTION_UPLINK) {
count = 0x00000000 ||
((emm_security_context->ul_count.overflow && 0x0000FFFF) << 8) ||
(emm_security_context->ul_count.seq_num & 0x000000FF);
} else {
count = 0x00000000 ||
((emm_security_context->dl_count.overflow && 0x0000FFFF) << 8) ||
(emm_security_context->dl_count.seq_num & 0x000000FF);
}
stream_cipher.key = emm_security_context->knas_int.value;
stream_cipher.key_length = AUTH_KNAS_INT_SIZE;
stream_cipher.count = count;
stream_cipher.bearer = 0x00; //33.401 section 8.1.1
stream_cipher.direction = direction;
stream_cipher.message = buffer;
/* length in bits */
stream_cipher.blength = length << 3;
nas_stream_encrypt_eia2(
&stream_cipher,
mac);
LOG_TRACE(DEBUG,
"NAS_SECURITY_ALGORITHMS_EIA2 returned MAC %x.%x.%x.%x for length %d direction %d, count %d",
mac[0], mac[1], mac[2],mac[3], length, direction, count);
mac32 = (UInt32_t*)&mac;
LOG_FUNC_RETURN (*mac32);
}break;
case NAS_SECURITY_ALGORITHMS_EIA0:
#if defined(EPC_BUILD) || defined(UE_BUILD)
LOG_FUNC_RETURN (0);
#else #else
LOG_FUNC_RETURN (0xabababab); LOG_FUNC_RETURN (0xabababab);
#endif #endif
break;
default:
AssertFatal(0 ,
"Unknown integrity protection algorithm %d",
emm_security_context->selected_algorithms.integrity);
}
LOG_FUNC_RETURN (0);
} }
openair-cn/NAS/EURECOM-NAS/src/api/network/nas_message.h
View file @ 6f5c0332
...@@ -23,6 +23,9 @@ Description Defines the layer 3 messages supported by the NAS sublayer ...@@ -23,6 +23,9 @@ Description Defines the layer 3 messages supported by the NAS sublayer
#include "commonDef.h" #include "commonDef.h"
#include "emm_msg.h" #include "emm_msg.h"
#if defined(EPC_BUILD)
#include "emmData.h"
#endif
#include "esm_msg.h" #include "esm_msg.h"
/****************************************************************************/ /****************************************************************************/
...@@ -78,14 +81,29 @@ typedef union { ...@@ -78,14 +81,29 @@ typedef union {
/****************** E X P O R T E D F U N C T I O N S ******************/ /****************** E X P O R T E D F U N C T I O N S ******************/
/****************************************************************************/ /****************************************************************************/
int nas_message_encrypt(const char *inbuf, char *outbuf, int nas_message_encrypt(
const nas_message_security_header_t *header, int length); const char *inbuf,
char *outbuf,
int nas_message_decrypt(const char *inbuf, char *outbuf, const nas_message_security_header_t *header,
nas_message_security_header_t *header, int length); int length,
void *security);
int nas_message_decode(const char * const buffer, nas_message_t *msg, int length);
int nas_message_decrypt(const char *inbuf,
int nas_message_encode(char *buffer, const nas_message_t * const msg, int length); char *outbuf,
nas_message_security_header_t *header,
int length,
void *security);
int nas_message_decode(
const char * const buffer,
nas_message_t *msg,
int length,
void *security);
int nas_message_encode(
char *buffer,
const nas_message_t * const msg,
int length,
void *security);
#endif /* __NAS_MESSAGE_H__*/ #endif /* __NAS_MESSAGE_H__*/
openair-cn/NAS/EURECOM-NAS/src/emm/Attach.c
View file @ 6f5c0332
...@@ -45,6 +45,8 @@ Description Defines the attach related EMM procedure executed by the ...@@ -45,6 +45,8 @@ Description Defines the attach related EMM procedure executed by the
#include "esm_sap.h" #include "esm_sap.h"
#include "emm_cause.h" #include "emm_cause.h"
#include "NasSecurityAlgorithms.h"
#ifdef NAS_MME #ifdef NAS_MME
#include "mme_api.h" #include "mme_api.h"
# if defined(EPC_BUILD) # if defined(EPC_BUILD)
...@@ -1133,6 +1135,17 @@ int emm_proc_attach_request(unsigned int ueid, emm_proc_attach_type_t type, ...@@ -1133,6 +1135,17 @@ int emm_proc_attach_request(unsigned int ueid, emm_proc_attach_type_t type,
#if defined(EPC_BUILD) #if defined(EPC_BUILD)
emm_data_context_add(&_emm_data, *(emm_ctx)); emm_data_context_add(&_emm_data, *(emm_ctx));
#endif #endif
#warning "TRICK TO SET TAC, BUT LOOK AT SPEC"
if (tai){
LOG_TRACE(WARNING,
"EMM-PROC - Set tac %u in context %u ",
tai->tac);
(*emm_ctx)->tac = tai->tac;
} else {
LOG_TRACE(WARNING,
"EMM-PROC - Could not set tac in context, cause tai is NULL ");
}
} }
/* Update the EMM context with the current attach procedure parameters */ /* Update the EMM context with the current attach procedure parameters */
...@@ -2040,6 +2053,8 @@ static int _emm_attach_security(void *args) ...@@ -2040,6 +2053,8 @@ static int _emm_attach_security(void *args)
if (emm_ctx->security) { if (emm_ctx->security) {
memset(emm_ctx->security, 0, sizeof(emm_security_context_t)); memset(emm_ctx->security, 0, sizeof(emm_security_context_t));
emm_ctx->security->type = EMM_KSI_NOT_AVAILABLE; emm_ctx->security->type = EMM_KSI_NOT_AVAILABLE;
emm_ctx->security->selected_algorithms.encryption = NAS_SECURITY_ALGORITHMS_EEA0;
emm_ctx->security->selected_algorithms.integrity = NAS_SECURITY_ALGORITHMS_EIA0;
} else { } else {
LOG_TRACE(WARNING, "EMM-PROC - Failed to create security context"); LOG_TRACE(WARNING, "EMM-PROC - Failed to create security context");
emm_ctx->emm_cause = EMM_CAUSE_ILLEGAL_UE; emm_ctx->emm_cause = EMM_CAUSE_ILLEGAL_UE;
...@@ -2309,62 +2324,63 @@ static int _emm_attach_have_changed(const emm_data_context_t *ctx, ...@@ -2309,62 +2324,63 @@ static int _emm_attach_have_changed(const emm_data_context_t *ctx,
GUTI_t *guti, imsi_t *imsi, imei_t *imei, GUTI_t *guti, imsi_t *imsi, imei_t *imei,
int eea, int eia) int eea, int eia)
{ {
LOG_FUNC_IN;
/* Emergency bearer services indicator */ /* Emergency bearer services indicator */
if ( (type == EMM_ATTACH_TYPE_EMERGENCY) != ctx->is_emergency) { if ( (type == EMM_ATTACH_TYPE_EMERGENCY) != ctx->is_emergency) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
/* Security key set identifier */ /* Security key set identifier */
if (ksi != ctx->ksi) { if (ksi != ctx->ksi) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
/* Supported EPS encryption algorithms */ /* Supported EPS encryption algorithms */
if (eea != ctx->eea) { if (eea != ctx->eea) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
/* Supported EPS integrity algorithms */ /* Supported EPS integrity algorithms */
if (eia != ctx->eia) { if (eia != ctx->eia) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
/* The GUTI if provided by the UE */ /* The GUTI if provided by the UE */
if ( (guti) && (ctx->guti == NULL) ) { if ( (guti) && (ctx->guti == NULL) ) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
if ( (guti == NULL) && (ctx->guti) ) { if ( (guti == NULL) && (ctx->guti) ) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
if ( (guti) && (ctx->guti) ) { if ( (guti) && (ctx->guti) ) {
if (guti->m_tmsi != ctx->guti->m_tmsi) { if (guti->m_tmsi != ctx->guti->m_tmsi) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
if ( memcmp(&guti->gummei, &ctx->guti->gummei, sizeof(gummei_t)) != 0 ) { if ( memcmp(&guti->gummei, &ctx->guti->gummei, sizeof(gummei_t)) != 0 ) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
} }
/* The IMSI if provided by the UE */ /* The IMSI if provided by the UE */
if ( (imsi) && (ctx->imsi == NULL) ) { if ( (imsi) && (ctx->imsi == NULL) ) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
if ( (imsi == NULL) && (ctx->imsi) ) { if ( (imsi == NULL) && (ctx->imsi) ) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
if ( (imsi) && (ctx->imsi) ) { if ( (imsi) && (ctx->imsi) ) {
if ( memcmp(imsi, ctx->imsi, sizeof(imsi_t)) != 0 ) { if ( memcmp(imsi, ctx->imsi, sizeof(imsi_t)) != 0 ) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
} }
/* The IMEI if provided by the UE */ /* The IMEI if provided by the UE */
if ( (imei) && (ctx->imei == NULL) ) { if ( (imei) && (ctx->imei == NULL) ) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
if ( (imei == NULL) && (ctx->imei) ) { if ( (imei == NULL) && (ctx->imei) ) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
if ( (imei) && (ctx->imei) ) { if ( (imei) && (ctx->imei) ) {
if ( memcmp(imei, ctx->imei, sizeof(imei_t)) != 0 ) { if ( memcmp(imei, ctx->imei, sizeof(imei_t)) != 0 ) {
return (TRUE); LOG_FUNC_RETURN (TRUE);
} }
} }
return (FALSE); LOG_FUNC_RETURN (FALSE);
} }
/**************************************************************************** /****************************************************************************
...@@ -2396,6 +2412,7 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid, ...@@ -2396,6 +2412,7 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid,
GUTI_t *guti, imsi_t *imsi, imei_t *imei, GUTI_t *guti, imsi_t *imsi, imei_t *imei,
int eea, int eia, const OctetString *esm_msg) int eea, int eia, const OctetString *esm_msg)
{ {
LOG_FUNC_IN;
/* UE identifier */ /* UE identifier */
ctx->ueid = ueid; ctx->ueid = ueid;
/* Emergency bearer services indicator */ /* Emergency bearer services indicator */
...@@ -2414,7 +2431,7 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid, ...@@ -2414,7 +2431,7 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid,
if (ctx->guti != NULL) { if (ctx->guti != NULL) {
memcpy(ctx->guti, guti, sizeof(GUTI_t)); memcpy(ctx->guti, guti, sizeof(GUTI_t));
} else { } else {
return (RETURNerror); LOG_FUNC_RETURN (RETURNerror);
} }
} else { } else {
if (ctx->guti == NULL) { if (ctx->guti == NULL) {
...@@ -2422,6 +2439,7 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid, ...@@ -2422,6 +2439,7 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid,
} }
if (ctx->guti != NULL) { if (ctx->guti != NULL) {
/* TODO: FIXME */ /* TODO: FIXME */
LOG_TRACE(WARNING, "EMM-PROC - Assign hardcoded PLMN 208.92 and tac 0001 to emm_data_context");
ctx->guti->gummei.plmn.MCCdigit1 = 2; ctx->guti->gummei.plmn.MCCdigit1 = 2;
ctx->guti->gummei.plmn.MCCdigit2 = 0; ctx->guti->gummei.plmn.MCCdigit2 = 0;
ctx->guti->gummei.plmn.MCCdigit3 = 8; ctx->guti->gummei.plmn.MCCdigit3 = 8;
...@@ -2433,8 +2451,10 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid, ...@@ -2433,8 +2451,10 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid,
ctx->guti->gummei.MMEgid = 0; ctx->guti->gummei.MMEgid = 0;
ctx->guti->m_tmsi = (uint32_t) ctx; ctx->guti->m_tmsi = (uint32_t) ctx;
ctx->tac = 1;
} else { } else {
return (RETURNerror); LOG_FUNC_RETURN (RETURNerror);
} }
} }
/* The IMSI if provided by the UE */ /* The IMSI if provided by the UE */
...@@ -2445,7 +2465,7 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid, ...@@ -2445,7 +2465,7 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid,
if (ctx->imsi != NULL) { if (ctx->imsi != NULL) {
memcpy(ctx->imsi, imsi, sizeof(imsi_t)); memcpy(ctx->imsi, imsi, sizeof(imsi_t));
} else { } else {
return (RETURNerror); LOG_FUNC_RETURN (RETURNerror);
} }
} }
/* The IMEI if provided by the UE */ /* The IMEI if provided by the UE */
...@@ -2456,7 +2476,7 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid, ...@@ -2456,7 +2476,7 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid,
if (ctx->imei != NULL) { if (ctx->imei != NULL) {
memcpy(ctx->imei, imei, sizeof(imei_t)); memcpy(ctx->imei, imei, sizeof(imei_t));
} else { } else {
return (RETURNerror); LOG_FUNC_RETURN (RETURNerror);
} }
} }
/* The ESM message contained within the attach request */ /* The ESM message contained within the attach request */
...@@ -2468,14 +2488,14 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid, ...@@ -2468,14 +2488,14 @@ static int _emm_attach_update(emm_data_context_t *ctx, unsigned int ueid,
strncpy((char *)ctx->esm_msg.value, strncpy((char *)ctx->esm_msg.value,
(char *)esm_msg->value, esm_msg->length); (char *)esm_msg->value, esm_msg->length);
} else { } else {
return (RETURNerror); LOG_FUNC_RETURN (RETURNerror);
} }
} }
ctx->esm_msg.length = esm_msg->length; ctx->esm_msg.length = esm_msg->length;
/* Attachment indicator */ /* Attachment indicator */
ctx->is_attached = FALSE; ctx->is_attached = FALSE;
return (RETURNok); LOG_FUNC_RETURN (RETURNok);
} }
#endif // NAS_MME #endif // NAS_MME
openair-cn/NAS/EURECOM-NAS/src/emm/Authentication.c
View file @ 6f5c0332
...@@ -670,6 +670,8 @@ int emm_proc_authentication_complete(unsigned int ueid, int emm_cause, ...@@ -670,6 +670,8 @@ int emm_proc_authentication_complete(unsigned int ueid, int emm_cause,
/* RES does not match the XRES parameter */ /* RES does not match the XRES parameter */
LOG_TRACE(WARNING, "EMM-PROC - Failed to authentify the UE"); LOG_TRACE(WARNING, "EMM-PROC - Failed to authentify the UE");
emm_cause = EMM_CAUSE_ILLEGAL_UE; emm_cause = EMM_CAUSE_ILLEGAL_UE;
} else {
LOG_TRACE(DEBUG, "EMM-PROC - Success to authentify the UE RESP XRES == XRES UE CONTEXT");
} }
} }
...@@ -1151,10 +1153,10 @@ static int _authentication_kasme(const OctetString *autn, ...@@ -1151,10 +1153,10 @@ static int _authentication_kasme(const OctetString *autn,
/* Compute the KDF input parameter /* Compute the KDF input parameter
* S = FC(0x10) || SNid || 0x00 0x03 || SQN ⊕ AK || 0x00 0x06 * S = FC(0x10) || SNid || 0x00 0x03 || SQN ⊕ AK || 0x00 0x06
*/ */
UInt8_t input[kasme->length]; UInt8_t input[kasme->length];
UInt16_t length; UInt16_t length;
int offset = 0; int offset = 0;
int size_of_length = sizeof(length); int size_of_length = sizeof(length);
input[offset] = 0x10; input[offset] = 0x10;
offset += 1; offset += 1;
length = AUTH_SNID_SIZE; length = AUTH_SNID_SIZE;
......
openair-cn/NAS/EURECOM-NAS/src/emm/LowerLayer.c
View file @ 6f5c0332
...@@ -30,6 +30,7 @@ Description Defines EMM procedures executed by the Non-Access Stratum ...@@ -30,6 +30,7 @@ Description Defines EMM procedures executed by the Non-Access Stratum
#include "emm_sap.h" #include "emm_sap.h"
#include "esm_sap.h" #include "esm_sap.h"
#include "nas_log.h"
#include <string.h> // memset #include <string.h> // memset
...@@ -457,6 +458,14 @@ void emm_as_set_security_data(emm_as_security_data_t *data, const void *args, ...@@ -457,6 +458,14 @@ void emm_as_set_security_data(emm_as_security_data_t *data, const void *args,
* into use, UE and MME shall cipher and integrity protect all * into use, UE and MME shall cipher and integrity protect all
* NAS signalling messages with the selected NAS ciphering and * NAS signalling messages with the selected NAS ciphering and
* NAS integrity algorithms */ * NAS integrity algorithms */
LOG_TRACE(WARNING,
"EPS security context exists is new %u KSI %u SQN %u count %u knas_int %s",
is_new,
context->eksi,
context->ul_count.seq_num,
*(UInt32_t *)(&context->ul_count),
context->knas_int.value
);
data->is_new = is_new; data->is_new = is_new;
data->ksi = context->eksi; data->ksi = context->eksi;
data->sqn = context->ul_count.seq_num; data->sqn = context->ul_count.seq_num;
...@@ -473,9 +482,14 @@ void emm_as_set_security_data(emm_as_security_data_t *data, const void *args, ...@@ -473,9 +482,14 @@ void emm_as_set_security_data(emm_as_security_data_t *data, const void *args,
/* 3GPP TS 24.301, section 5.4.3.2 /* 3GPP TS 24.301, section 5.4.3.2
* The MME shall send the SECURITY MODE COMMAND message integrity * The MME shall send the SECURITY MODE COMMAND message integrity
* protected and unciphered */ * protected and unciphered */
LOG_TRACE(WARNING,
"EPS security context exists knas_enc %s",
context->knas_enc.value
);
data->k_enc = &context->knas_enc; data->k_enc = &context->knas_enc;
} }
} else { } else {
LOG_TRACE(WARNING, "EMM_AS_NO_KEY_AVAILABLE");
/* No valid EPS security context exists */ /* No valid EPS security context exists */
data->ksi = EMM_AS_NO_KEY_AVAILABLE; data->ksi = EMM_AS_NO_KEY_AVAILABLE;
} }
......
openair-cn/NAS/EURECOM-NAS/src/emm/SecurityModeControl.c
View file @ 6f5c0332
...@@ -46,6 +46,7 @@ Description Defines the security mode control EMM procedure executed by the ...@@ -46,6 +46,7 @@ Description Defines the security mode control EMM procedure executed by the
#if defined(ENABLE_ITTI) #if defined(ENABLE_ITTI)
# include "assertions.h" # include "assertions.h"
#endif #endif
#include "secu_defs.h"
/****************************************************************************/ /****************************************************************************/
/**************** E X T E R N A L D E F I N I T I O N S ****************/ /**************** E X T E R N A L D E F I N I T I O N S ****************/
...@@ -98,20 +99,26 @@ static void *_security_t3460_handler(void *); ...@@ -98,20 +99,26 @@ static void *_security_t3460_handler(void *);
* retransmission timer counter is exceed * retransmission timer counter is exceed
*/ */
static int _security_abort(void *); static int _security_abort(void *);
static int _security_select_algorithms(
const int ue_eiaP,
const int ue_eeaP,
int * const mme_eiaP,
int * const mme_eeaP);
/* /*
* Internal data used for security mode control procedure * Internal data used for security mode control procedure
*/ */
typedef struct { typedef struct {
unsigned int ueid; /* UE identifier */ unsigned int ueid; /* UE identifier */
#define SECURITY_COUNTER_MAX 5 #define SECURITY_COUNTER_MAX 5
unsigned int retransmission_count; /* Retransmission counter */ unsigned int retransmission_count; /* Retransmission counter */
int ksi; /* NAS key set identifier */ int ksi; /* NAS key set identifier */
int eea; /* Replayed EPS encryption algorithms */ int eea; /* Replayed EPS encryption algorithms */
int eia; /* Replayed EPS integrity algorithms */ int eia; /* Replayed EPS integrity algorithms */
int selected_eea; /* Replayed EPS encryption algorithms */
int selected_eia; /* Replayed EPS integrity algorithms */
int notify_failure; /* Indicates whether the security mode control int notify_failure; /* Indicates whether the security mode control
* procedure failure shall be notified to the * procedure failure shall be notified to the
* ongoing EMM procedure */ * ongoing EMM procedure */
} security_data_t; } security_data_t;
static int _security_request(security_data_t *data, int is_new); static int _security_request(security_data_t *data, int is_new);
...@@ -332,6 +339,8 @@ int emm_proc_security_mode_command(int native_ksi, int ksi, ...@@ -332,6 +339,8 @@ int emm_proc_security_mode_command(int native_ksi, int ksi,
* -------------------------------------------------------------------------- * --------------------------------------------------------------------------
*/ */
#ifdef NAS_MME #ifdef NAS_MME
/**************************************************************************** /****************************************************************************
** ** ** **
** Name: emm_proc_security_mode_control() ** ** Name: emm_proc_security_mode_control() **
...@@ -372,14 +381,16 @@ int emm_proc_security_mode_control(unsigned int ueid, int ksi, int eea, int eia, ...@@ -372,14 +381,16 @@ int emm_proc_security_mode_control(unsigned int ueid, int ksi, int eea, int eia,
{ {
int rc = RETURNerror; int rc = RETURNerror;
int security_context_is_new = FALSE; int security_context_is_new = FALSE;
int mme_eea = NAS_SECURITY_ALGORITHMS_EEA0;
int mme_eia = NAS_SECURITY_ALGORITHMS_EIA0;
/* Get the UE context */ /* Get the UE context */
emm_data_context_t *emm_ctx = NULL; emm_data_context_t *emm_ctx = NULL;
LOG_FUNC_IN; LOG_FUNC_IN;
LOG_TRACE(INFO, "EMM-PROC - Initiate security mode control procedure " LOG_TRACE(INFO, "EMM-PROC - Initiate security mode control procedure "
"KSI = %d", ksi); "KSI = %d EEA = %d EIA = %d",
ksi, eea, eia);
#if defined(EPC_BUILD) #if defined(EPC_BUILD)
if (ueid > 0) { if (ueid > 0) {
...@@ -402,6 +413,52 @@ int emm_proc_security_mode_control(unsigned int ueid, int ksi, int eea, int eia, ...@@ -402,6 +413,52 @@ int emm_proc_security_mode_control(unsigned int ueid, int ksi, int eea, int eia,
emm_ctx->security->dl_count.seq_num = 0; emm_ctx->security->dl_count.seq_num = 0;
/* TODO !!! Compute Kasme, and NAS cyphering and integrity keys */ /* TODO !!! Compute Kasme, and NAS cyphering and integrity keys */
// LG: Kasme should have been received from authentication
// information request (S6A)
// Kasme is located in emm_ctx->vector.kasme
rc = _security_select_algorithms(
eia,
eea,
&mme_eia,
&mme_eea);
emm_ctx->security->selected_algorithms.encryption = mme_eea;
emm_ctx->security->selected_algorithms.integrity = mme_eia;
if (rc == RETURNerror) {
LOG_TRACE(WARNING,
"EMM-PROC - Failed to select security algorithms");
LOG_FUNC_RETURN (RETURNerror);
}
if ( ! emm_ctx->security->knas_int.value) {
emm_ctx->security->knas_int.value = malloc(AUTH_KNAS_INT_SIZE);
} else {
AssertFatal(
emm_ctx->security->knas_int.length >= AUTH_KNAS_INT_SIZE,
" TODO realloc emm_ctx->security->knas_int OctetString");
}
emm_ctx->security->knas_int.length = AUTH_KNAS_INT_SIZE;
derive_key_nas(
NAS_INT_ALG,
emm_ctx->security->selected_algorithms.integrity,
emm_ctx->vector.kasme,
&emm_ctx->security->knas_int.value);
if ( ! emm_ctx->security->knas_enc.value) {
emm_ctx->security->knas_enc.value = malloc(AUTH_KNAS_ENC_SIZE);
} else {
AssertFatal(
emm_ctx->security->knas_enc.length >= AUTH_KNAS_ENC_SIZE,
" TODO realloc emm_ctx->security->knas_enc OctetString");
}
emm_ctx->security->knas_enc.length = AUTH_KNAS_ENC_SIZE;
derive_key_nas(
NAS_ENC_ALG,
emm_ctx->security->selected_algorithms.encryption,
emm_ctx->vector.kasme,
&emm_ctx->security->knas_enc.value);
/* Set new security context indicator */ /* Set new security context indicator */
security_context_is_new = TRUE; security_context_is_new = TRUE;
...@@ -434,6 +491,10 @@ int emm_proc_security_mode_control(unsigned int ueid, int ksi, int eea, int eia, ...@@ -434,6 +491,10 @@ int emm_proc_security_mode_control(unsigned int ueid, int ksi, int eea, int eia,
data->eea = eea; data->eea = eea;
/* Set the EPS integrity algorithms to be replayed to the UE */ /* Set the EPS integrity algorithms to be replayed to the UE */
data->eia = eia; data->eia = eia;
/* Set the EPS encryption algorithms to be replayed to the UE */
data->selected_eea = emm_ctx->security->selected_algorithms.encryption;
/* Set the EPS integrity algorithms to be replayed to the UE */
data->selected_eia = emm_ctx->security->selected_algorithms.integrity;
/* Set the failure notification indicator */ /* Set the failure notification indicator */
data->notify_failure = FALSE; data->notify_failure = FALSE;
/* Send security mode command message to the UE */ /* Send security mode command message to the UE */
...@@ -885,12 +946,14 @@ int _security_request(security_data_t *data, int is_new) ...@@ -885,12 +946,14 @@ int _security_request(security_data_t *data, int is_new)
* to the UE * to the UE
*/ */
emm_sap.primitive = EMMAS_SECURITY_REQ; emm_sap.primitive = EMMAS_SECURITY_REQ;
emm_sap.u.emm_as.u.security.guti = NULL; emm_sap.u.emm_as.u.security.guti = NULL;
emm_sap.u.emm_as.u.security.ueid = data->ueid; emm_sap.u.emm_as.u.security.ueid = data->ueid;
emm_sap.u.emm_as.u.security.msgType = EMM_AS_MSG_TYPE_SMC; emm_sap.u.emm_as.u.security.msgType = EMM_AS_MSG_TYPE_SMC;
emm_sap.u.emm_as.u.security.ksi = data->ksi; emm_sap.u.emm_as.u.security.ksi = data->ksi;
emm_sap.u.emm_as.u.security.eea = data->eea; emm_sap.u.emm_as.u.security.eea = data->eea;
emm_sap.u.emm_as.u.security.eia = data->eia; emm_sap.u.emm_as.u.security.eia = data->eia;
emm_sap.u.emm_as.u.security.selected_eea = data->selected_eea;
emm_sap.u.emm_as.u.security.selected_eia = data->selected_eia;
#if defined(EPC_BUILD) #if defined(EPC_BUILD)
if (data->ueid > 0) { if (data->ueid > 0) {
...@@ -976,5 +1039,64 @@ static int _security_abort(void *args) ...@@ -976,5 +1039,64 @@ static int _security_abort(void *args)
LOG_FUNC_RETURN (rc); LOG_FUNC_RETURN (rc);
} }
/****************************************************************************
** **
** Name: _security_select_algorithms() **
** **
** Description: Select int and enc algorithms based on UE capabilities and**
** MME capabilities and MME preferences **
** **
** Inputs: ue_eia: integrity algorithms supported by UE **
** ue_eea: ciphering algorithms supported by UE **
** **
** Outputs: mme_eia: integrity algorithms supported by MME **
** mme_eea: ciphering algorithms supported by MME **
** **
** Return: RETURNok, RETURNerror **
** Others: None **
** **
***************************************************************************/
static int _security_select_algorithms(
const int ue_eiaP,
const int ue_eeaP,
int * const mme_eiaP,
int * const mme_eeaP)
{
LOG_FUNC_IN;
int rc = RETURNerror;
/* TODO work with loaded preferences from config file */
if (ue_eiaP & (0x80 >> NAS_SECURITY_ALGORITHMS_EIA2)) {
LOG_TRACE(DEBUG,"Selected NAS_SECURITY_ALGORITHMS_EIA0");
*mme_eiaP = NAS_SECURITY_ALGORITHMS_EIA0;
} else if (ue_eiaP & (0x80 >> NAS_SECURITY_ALGORITHMS_EIA1)) {
LOG_TRACE(DEBUG,"Selected NAS_SECURITY_ALGORITHMS_EIA1");
*mme_eiaP = NAS_SECURITY_ALGORITHMS_EIA1;
} else if (ue_eiaP & (0x80 >> NAS_SECURITY_ALGORITHMS_EIA0)) {
LOG_TRACE(DEBUG,"Selected NAS_SECURITY_ALGORITHMS_EIA0");
*mme_eiaP = NAS_SECURITY_ALGORITHMS_EIA0;
} else {
LOG_FUNC_RETURN (rc);
}
if (ue_eeaP & (0x80 >> NAS_SECURITY_ALGORITHMS_EEA0)) {
LOG_TRACE(DEBUG,"Selected NAS_SECURITY_ALGORITHMS_EEA0");
*mme_eeaP = NAS_SECURITY_ALGORITHMS_EEA0;
} else if (ue_eeaP & (0x80 >> NAS_SECURITY_ALGORITHMS_EEA2)) {
LOG_TRACE(DEBUG,"Selected NAS_SECURITY_ALGORITHMS_EEA2");
*mme_eeaP = NAS_SECURITY_ALGORITHMS_EEA2;
} else if (ue_eeaP & (0x80 >> NAS_SECURITY_ALGORITHMS_EEA1)) {
LOG_TRACE(DEBUG,"Selected NAS_SECURITY_ALGORITHMS_EEA1");
*mme_eeaP = NAS_SECURITY_ALGORITHMS_EEA1;
} else {
LOG_FUNC_RETURN (rc);
}
LOG_FUNC_RETURN (RETURNok);
}
#endif // NAS_MME #endif // NAS_MME
openair-cn/NAS/EURECOM-NAS/src/emm/emmData.h
View file @ 6f5c0332
...@@ -113,6 +113,10 @@ typedef struct { ...@@ -113,6 +113,10 @@ typedef struct {
UInt8_t encryption:4; /* algorithm used for ciphering */ UInt8_t encryption:4; /* algorithm used for ciphering */
UInt8_t integrity:4; /* algorithm used for integrity protection */ UInt8_t integrity:4; /* algorithm used for integrity protection */
} capability; /* UE network capability */ } capability; /* UE network capability */
struct {
UInt8_t encryption:4; /* algorithm used for ciphering */
UInt8_t integrity:4; /* algorithm used for integrity protection */
} selected_algorithms; /* MME selected algorithms */
} emm_security_context_t; } emm_security_context_t;
/* /*
......
openair-cn/NAS/EURECOM-NAS/src/emm/msg/emm_cause.h
View file @ 6f5c0332
...@@ -67,7 +67,7 @@ Description Defines error cause code returned upon receiving unknown, ...@@ -67,7 +67,7 @@ Description Defines error cause code returned upon receiving unknown,
#define EMM_CAUSE_MAC_FAILURE 20 #define EMM_CAUSE_MAC_FAILURE 20
#define EMM_CAUSE_SYNCH_FAILURE 21 #define EMM_CAUSE_SYNCH_FAILURE 21
#define EMM_CAUSE_CONGESTION 22 #define EMM_CAUSE_CONGESTION 22
#define EMM_CAUSE_UE_SECURITY_MISMATCH 23 #define EMM_CAUSE_UE_SECURITY_MISMATCH 23
#define EMM_CAUSE_SECURITY_MODE_REJECTED 24 #define EMM_CAUSE_SECURITY_MODE_REJECTED 24
#define EMM_CAUSE_NON_EPS_AUTH_UNACCEPTABLE 26 #define EMM_CAUSE_NON_EPS_AUTH_UNACCEPTABLE 26
#define EMM_CAUSE_CS_SERVICE_NOT_AVAILABLE 39 #define EMM_CAUSE_CS_SERVICE_NOT_AVAILABLE 39
......
openair-cn/NAS/EURECOM-NAS/src/emm/sap/emm_as.c
View file @ 6f5c0332
...@@ -105,9 +105,20 @@ static int _emm_as_data_ind(const emm_as_data_t *msg, int *emm_cause); ...@@ -105,9 +105,20 @@ static int _emm_as_data_ind(const emm_as_data_t *msg, int *emm_cause);
*/ */
static EMM_msg *_emm_as_set_header(nas_message_t *msg, static EMM_msg *_emm_as_set_header(nas_message_t *msg,
const emm_as_security_data_t *security); const emm_as_security_data_t *security);
static int _emm_as_encode(as_nas_info_t *info, nas_message_t *msg, int length); static int
static int _emm_as_encrypt(as_nas_info_t *info, _emm_as_encode(
const nas_message_security_header_t *header, const char *buffer, int length); as_nas_info_t *info,
nas_message_t *msg,
int length,
emm_security_context_t *emm_security_context);
static int _emm_as_encrypt(
as_nas_info_t *info,
const nas_message_security_header_t *header,
const char *buffer,
int length,
emm_security_context_t *emm_security_context);
static int _emm_as_send(const emm_as_t *msg); static int _emm_as_send(const emm_as_t *msg);
#ifdef NAS_UE #ifdef NAS_UE
...@@ -310,8 +321,22 @@ static int _emm_as_recv(unsigned int ueid, const char *msg, int len, ...@@ -310,8 +321,22 @@ static int _emm_as_recv(unsigned int ueid, const char *msg, int len,
nas_message_t nas_msg; nas_message_t nas_msg;
memset(&nas_msg, 0 , sizeof(nas_message_t)); memset(&nas_msg, 0 , sizeof(nas_message_t));
emm_data_context_t *emm_ctx = NULL;
emm_security_context_t *security = NULL; /* Current EPS NAS security context */
#if defined(EPC_BUILD)
emm_ctx = emm_data_context_get(&_emm_data, ueid);
if (emm_ctx) {
security = emm_ctx->security;
}
#else
if (ueid < EMM_DATA_NB_UE_MAX) {
emm_ctx = _emm_data.ctx[ueid];
}
#endif
/* Decode the received message */ /* Decode the received message */
decoder_rc = nas_message_decode(msg, &nas_msg, len); decoder_rc = nas_message_decode(msg, &nas_msg, len, security);
if (decoder_rc < 0) { if (decoder_rc < 0) {
LOG_TRACE(WARNING, "EMMAS-SAP - Failed to decode NAS message " LOG_TRACE(WARNING, "EMMAS-SAP - Failed to decode NAS message "
...@@ -369,33 +394,38 @@ static int _emm_as_recv(unsigned int ueid, const char *msg, int len, ...@@ -369,33 +394,38 @@ static int _emm_as_recv(unsigned int ueid, const char *msg, int len,
#endif #endif
#ifdef NAS_MME #ifdef NAS_MME
case ATTACH_REQUEST: case ATTACH_REQUEST:
rc = emm_recv_attach_request(ueid, rc = emm_recv_attach_request(
&emm_msg->attach_request, ueid,
emm_cause); &emm_msg->attach_request,
emm_cause);
break; break;
case IDENTITY_RESPONSE: case IDENTITY_RESPONSE:
rc = emm_recv_identity_response(ueid, rc = emm_recv_identity_response(
&emm_msg->identity_response, ueid,
emm_cause); &emm_msg->identity_response,
emm_cause);
break; break;
case AUTHENTICATION_RESPONSE: case AUTHENTICATION_RESPONSE:
rc = emm_recv_authentication_response(ueid, rc = emm_recv_authentication_response(
&emm_msg->authentication_response, ueid,
emm_cause); &emm_msg->authentication_response,
emm_cause);
break; break;
case AUTHENTICATION_FAILURE: case AUTHENTICATION_FAILURE:
rc = emm_recv_authentication_failure(ueid, rc = emm_recv_authentication_failure(
&emm_msg->authentication_failure, ueid,
emm_cause); &emm_msg->authentication_failure,
emm_cause);
break; break;
case SECURITY_MODE_COMPLETE: case SECURITY_MODE_COMPLETE:
rc = emm_recv_security_mode_complete(ueid, rc = emm_recv_security_mode_complete(
&emm_msg->security_mode_complete, ueid,
emm_cause); &emm_msg->security_mode_complete,
emm_cause);
break; break;
case SECURITY_MODE_REJECT: case SECURITY_MODE_REJECT:
...@@ -464,10 +494,32 @@ static int _emm_as_data_ind(const emm_as_data_t *msg, int *emm_cause) ...@@ -464,10 +494,32 @@ static int _emm_as_data_ind(const emm_as_data_t *msg, int *emm_cause)
char *plain_msg = (char *)malloc(msg->NASmsg.length); char *plain_msg = (char *)malloc(msg->NASmsg.length);
if (plain_msg) { if (plain_msg) {
nas_message_security_header_t header; nas_message_security_header_t header;
emm_data_context_t *emm_ctx = NULL;
emm_security_context_t *security = NULL; /* Current EPS NAS security context */
memset(&header, 0, sizeof(header));
/* Decrypt the received security protected message */ /* Decrypt the received security protected message */
#if defined(EPC_BUILD)
if (msg->ueid > 0) {
emm_ctx = emm_data_context_get(&_emm_data, msg->ueid);
if (emm_ctx) {
security = emm_ctx->security;
}
}
#else
if (msg->ueid < EMM_DATA_NB_UE_MAX) {
emm_ctx = _emm_data.ctx[msg->ueid];
if (emm_ctx) {
security = emm_ctx->security;
}
}
#endif
int bytes = nas_message_decrypt((char *)(msg->NASmsg.value), int bytes = nas_message_decrypt((char *)(msg->NASmsg.value),
plain_msg, &header, plain_msg,
msg->NASmsg.length); &header,
msg->NASmsg.length,
security
);
if (bytes < 0) { if (bytes < 0) {
/* Failed to decrypt the message */ /* Failed to decrypt the message */
*emm_cause = EMM_CAUSE_PROTOCOL_ERROR; *emm_cause = EMM_CAUSE_PROTOCOL_ERROR;
...@@ -694,6 +746,8 @@ static int _emm_as_establish_req(const emm_as_establish_t *msg, int *emm_cause) ...@@ -694,6 +746,8 @@ static int _emm_as_establish_req(const emm_as_establish_t *msg, int *emm_cause)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
struct emm_data_context_s *emm_ctx = NULL;
emm_security_context_t *emm_security_context = NULL;
int decoder_rc; int decoder_rc;
int rc = RETURNerror; int rc = RETURNerror;
...@@ -702,9 +756,23 @@ static int _emm_as_establish_req(const emm_as_establish_t *msg, int *emm_cause) ...@@ -702,9 +756,23 @@ static int _emm_as_establish_req(const emm_as_establish_t *msg, int *emm_cause)
nas_message_t nas_msg; nas_message_t nas_msg;
memset(&nas_msg, 0 , sizeof(nas_message_t)); memset(&nas_msg, 0 , sizeof(nas_message_t));
#if defined(EPC_BUILD)
emm_ctx = emm_data_context_get(&_emm_data, msg->ueid);
#else
if (msg->ueid < EMM_DATA_NB_UE_MAX) {
emm_ctx = _emm_data.ctx[msg->ueid];
}
#endif
if (emm_ctx) {
emm_security_context = emm_ctx->security;
}
/* Decode initial NAS message */ /* Decode initial NAS message */
decoder_rc = nas_message_decode((char *)(msg->NASmsg.value), &nas_msg, decoder_rc = nas_message_decode(
msg->NASmsg.length); (char *)(msg->NASmsg.value),
&nas_msg,
msg->NASmsg.length,
emm_security_context);
if (decoder_rc < TLV_DECODE_FATAL_ERROR) { if (decoder_rc < TLV_DECODE_FATAL_ERROR) {
*emm_cause = EMM_CAUSE_PROTOCOL_ERROR; *emm_cause = EMM_CAUSE_PROTOCOL_ERROR;
...@@ -719,8 +787,10 @@ static int _emm_as_establish_req(const emm_as_establish_t *msg, int *emm_cause) ...@@ -719,8 +787,10 @@ static int _emm_as_establish_req(const emm_as_establish_t *msg, int *emm_cause)
EMM_msg *emm_msg = &nas_msg.plain.emm; EMM_msg *emm_msg = &nas_msg.plain.emm;
switch (emm_msg->header.message_type) { switch (emm_msg->header.message_type) {
case ATTACH_REQUEST: case ATTACH_REQUEST:
rc = emm_recv_attach_request(msg->ueid, &emm_msg->attach_request, rc = emm_recv_attach_request(
emm_cause); msg->ueid,
&emm_msg->attach_request,
emm_cause);
break; break;
case DETACH_REQUEST: case DETACH_REQUEST:
...@@ -728,9 +798,10 @@ static int _emm_as_establish_req(const emm_as_establish_t *msg, int *emm_cause) ...@@ -728,9 +798,10 @@ static int _emm_as_establish_req(const emm_as_establish_t *msg, int *emm_cause)
break; break;
case TRACKING_AREA_UPDATE_REQUEST: case TRACKING_AREA_UPDATE_REQUEST:
rc = emm_recv_tracking_area_update_request(msg->ueid, rc = emm_recv_tracking_area_update_request(
&emm_msg->tracking_area_update_request, msg->ueid,
emm_cause); &emm_msg->tracking_area_update_request,
emm_cause);
break; break;
case SERVICE_REQUEST: case SERVICE_REQUEST:
...@@ -919,13 +990,19 @@ static EMM_msg *_emm_as_set_header(nas_message_t *msg, ...@@ -919,13 +990,19 @@ static EMM_msg *_emm_as_set_header(nas_message_t *msg,
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
static int _emm_as_encode(as_nas_info_t *info, nas_message_t *msg, int length) static int
_emm_as_encode(
as_nas_info_t *info,
nas_message_t *msg,
int length,
emm_security_context_t *emm_security_context)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
int bytes = 0; int bytes = 0;
if (msg->header.security_header_type != SECURITY_HEADER_TYPE_NOT_PROTECTED) { if (msg->header.security_header_type != SECURITY_HEADER_TYPE_NOT_PROTECTED)
{
emm_msg_header_t *header = &msg->security_protected.plain.emm.header; emm_msg_header_t *header = &msg->security_protected.plain.emm.header;
/* Expand size of protected NAS message */ /* Expand size of protected NAS message */
length += NAS_MESSAGE_SECURITY_HEADER_SIZE; length += NAS_MESSAGE_SECURITY_HEADER_SIZE;
...@@ -937,7 +1014,12 @@ static int _emm_as_encode(as_nas_info_t *info, nas_message_t *msg, int length) ...@@ -937,7 +1014,12 @@ static int _emm_as_encode(as_nas_info_t *info, nas_message_t *msg, int length)
info->data = (Byte_t *)malloc(length * sizeof(Byte_t)); info->data = (Byte_t *)malloc(length * sizeof(Byte_t));
if (info->data != NULL) { if (info->data != NULL) {
/* Encode the NAS message */ /* Encode the NAS message */
bytes = nas_message_encode((char *)(info->data), msg, length); bytes = nas_message_encode(
(char *)(info->data),
msg,
length,
emm_security_context);
if (bytes > 0) { if (bytes > 0) {
info->length = bytes; info->length = bytes;
} else { } else {
...@@ -966,9 +1048,13 @@ static int _emm_as_encode(as_nas_info_t *info, nas_message_t *msg, int length) ...@@ -966,9 +1048,13 @@ static int _emm_as_encode(as_nas_info_t *info, nas_message_t *msg, int length)
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
static int _emm_as_encrypt(as_nas_info_t *info, static int
const nas_message_security_header_t *header, _emm_as_encrypt(
const char *msg, int length) as_nas_info_t *info,
const nas_message_security_header_t *header,
const char *msg,
int length,
emm_security_context_t *emm_security_context)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
...@@ -982,7 +1068,13 @@ static int _emm_as_encrypt(as_nas_info_t *info, ...@@ -982,7 +1068,13 @@ static int _emm_as_encrypt(as_nas_info_t *info,
info->data = (Byte_t *)malloc(length * sizeof(Byte_t)); info->data = (Byte_t *)malloc(length * sizeof(Byte_t));
if (info->data != NULL) { if (info->data != NULL) {
/* Encrypt the NAS information message */ /* Encrypt the NAS information message */
bytes = nas_message_encrypt(msg, (char *)(info->data), header, length); bytes = nas_message_encrypt(
msg,
(char *)(info->data),
header,
length,
emm_security_context);
if (bytes > 0) { if (bytes > 0) {
info->length = bytes; info->length = bytes;
} else { } else {
...@@ -1020,51 +1112,60 @@ static int _emm_as_send(const emm_as_t *msg) ...@@ -1020,51 +1112,60 @@ static int _emm_as_send(const emm_as_t *msg)
switch (msg->primitive) { switch (msg->primitive) {
case _EMMAS_DATA_REQ: case _EMMAS_DATA_REQ:
as_msg.msgID = _emm_as_data_req(&msg->u.data, as_msg.msgID = _emm_as_data_req(
&as_msg.msg.ul_info_transfer_req); &msg->u.data,
&as_msg.msg.ul_info_transfer_req);
break; break;
case _EMMAS_STATUS_IND: case _EMMAS_STATUS_IND:
as_msg.msgID = _emm_as_status_ind(&msg->u.status, as_msg.msgID = _emm_as_status_ind(
&as_msg.msg.ul_info_transfer_req); &msg->u.status,
&as_msg.msg.ul_info_transfer_req);
break; break;
case _EMMAS_RELEASE_REQ: case _EMMAS_RELEASE_REQ:
as_msg.msgID = _emm_as_release_req(&msg->u.release, as_msg.msgID = _emm_as_release_req(
&as_msg.msg.nas_release_req); &msg->u.release,
&as_msg.msg.nas_release_req);
break; break;
#ifdef NAS_UE #ifdef NAS_UE
case _EMMAS_SECURITY_RES: case _EMMAS_SECURITY_RES:
as_msg.msgID = _emm_as_security_res(&msg->u.security, as_msg.msgID = _emm_as_security_res(
&as_msg.msg.ul_info_transfer_req); &msg->u.security,
&as_msg.msg.ul_info_transfer_req);
break; break;
case _EMMAS_ESTABLISH_REQ: case _EMMAS_ESTABLISH_REQ:
as_msg.msgID = _emm_as_establish_req(&msg->u.establish, as_msg.msgID = _emm_as_establish_req(
&as_msg.msg.nas_establish_req); &msg->u.establish,
&as_msg.msg.nas_establish_req);
break; break;
#endif #endif
#ifdef NAS_MME #ifdef NAS_MME
case _EMMAS_SECURITY_REQ: case _EMMAS_SECURITY_REQ:
as_msg.msgID = _emm_as_security_req(&msg->u.security, as_msg.msgID = _emm_as_security_req(
&as_msg.msg.dl_info_transfer_req); &msg->u.security,
&as_msg.msg.dl_info_transfer_req);
break; break;
case _EMMAS_SECURITY_REJ: case _EMMAS_SECURITY_REJ:
as_msg.msgID = _emm_as_security_rej(&msg->u.security, as_msg.msgID = _emm_as_security_rej(
&as_msg.msg.dl_info_transfer_req); &msg->u.security,
&as_msg.msg.dl_info_transfer_req);
break; break;
case _EMMAS_ESTABLISH_CNF: case _EMMAS_ESTABLISH_CNF:
as_msg.msgID = _emm_as_establish_cnf(&msg->u.establish, as_msg.msgID = _emm_as_establish_cnf(
&as_msg.msg.nas_establish_rsp); &msg->u.establish,
&as_msg.msg.nas_establish_rsp);
break; break;
case _EMMAS_ESTABLISH_REJ: case _EMMAS_ESTABLISH_REJ:
as_msg.msgID = _emm_as_establish_rej(&msg->u.establish, as_msg.msgID = _emm_as_establish_rej(
&as_msg.msg.nas_establish_rsp); &msg->u.establish,
&as_msg.msg.nas_establish_rsp);
break; break;
case _EMMAS_PAGE_IND: case _EMMAS_PAGE_IND:
...@@ -1098,25 +1199,28 @@ static int _emm_as_send(const emm_as_t *msg) ...@@ -1098,25 +1199,28 @@ static int _emm_as_send(const emm_as_t *msg)
switch (as_msg.msgID) { switch (as_msg.msgID) {
case AS_DL_INFO_TRANSFER_REQ: { case AS_DL_INFO_TRANSFER_REQ: {
nas_itti_dl_data_req(as_msg.msg.dl_info_transfer_req.UEid, nas_itti_dl_data_req(
as_msg.msg.dl_info_transfer_req.nasMsg.data, as_msg.msg.dl_info_transfer_req.UEid,
as_msg.msg.dl_info_transfer_req.nasMsg.length); as_msg.msg.dl_info_transfer_req.nasMsg.data,
as_msg.msg.dl_info_transfer_req.nasMsg.length);
LOG_FUNC_RETURN (RETURNok); LOG_FUNC_RETURN (RETURNok);
} break; } break;
case AS_NAS_ESTABLISH_RSP: case AS_NAS_ESTABLISH_RSP:
case AS_NAS_ESTABLISH_CNF: { case AS_NAS_ESTABLISH_CNF: {
if (as_msg.msg.nas_establish_rsp.errCode != AS_SUCCESS) { if (as_msg.msg.nas_establish_rsp.errCode != AS_SUCCESS) {
nas_itti_dl_data_req(as_msg.msg.nas_establish_rsp.UEid, nas_itti_dl_data_req(
as_msg.msg.nas_establish_rsp.nasMsg.data, as_msg.msg.nas_establish_rsp.UEid,
as_msg.msg.nas_establish_rsp.nasMsg.length); as_msg.msg.nas_establish_rsp.nasMsg.data,
as_msg.msg.nas_establish_rsp.nasMsg.length);
LOG_FUNC_RETURN (RETURNok); LOG_FUNC_RETURN (RETURNok);
} else { } else {
/* Handle success case */ /* Handle success case */
nas_itti_establish_cnf(as_msg.msg.nas_establish_rsp.UEid, nas_itti_establish_cnf(
as_msg.msg.nas_establish_rsp.errCode, as_msg.msg.nas_establish_rsp.UEid,
as_msg.msg.nas_establish_rsp.nasMsg.data, as_msg.msg.nas_establish_rsp.errCode,
as_msg.msg.nas_establish_rsp.nasMsg.length); as_msg.msg.nas_establish_rsp.nasMsg.data,
as_msg.msg.nas_establish_rsp.nasMsg.length);
LOG_FUNC_RETURN (RETURNok); LOG_FUNC_RETURN (RETURNok);
} }
} break; } break;
...@@ -1134,32 +1238,36 @@ static int _emm_as_send(const emm_as_t *msg) ...@@ -1134,32 +1238,36 @@ static int _emm_as_send(const emm_as_t *msg)
switch (as_msg.msgID) { switch (as_msg.msgID) {
case AS_CELL_INFO_REQ: { case AS_CELL_INFO_REQ: {
nas_itti_cell_info_req(as_msg.msg.cell_info_req.plmnID, nas_itti_cell_info_req(
as_msg.msg.cell_info_req.rat); as_msg.msg.cell_info_req.plmnID,
as_msg.msg.cell_info_req.rat);
LOG_FUNC_RETURN (RETURNok); LOG_FUNC_RETURN (RETURNok);
} break; } break;
case AS_NAS_ESTABLISH_REQ: { case AS_NAS_ESTABLISH_REQ: {
nas_itti_nas_establish_req(as_msg.msg.nas_establish_req.cause, nas_itti_nas_establish_req(
as_msg.msg.nas_establish_req.type, as_msg.msg.nas_establish_req.cause,
as_msg.msg.nas_establish_req.s_tmsi, as_msg.msg.nas_establish_req.type,
as_msg.msg.nas_establish_req.plmnID, as_msg.msg.nas_establish_req.s_tmsi,
as_msg.msg.nas_establish_req.initialNasMsg.data, as_msg.msg.nas_establish_req.plmnID,
as_msg.msg.nas_establish_req.initialNasMsg.length); as_msg.msg.nas_establish_req.initialNasMsg.data,
as_msg.msg.nas_establish_req.initialNasMsg.length);
LOG_FUNC_RETURN (RETURNok); LOG_FUNC_RETURN (RETURNok);
} break; } break;
case AS_UL_INFO_TRANSFER_REQ: { case AS_UL_INFO_TRANSFER_REQ: {
nas_itti_ul_data_req(as_msg.msg.ul_info_transfer_req.UEid, nas_itti_ul_data_req(
as_msg.msg.ul_info_transfer_req.nasMsg.data, as_msg.msg.ul_info_transfer_req.UEid,
as_msg.msg.ul_info_transfer_req.nasMsg.length); as_msg.msg.ul_info_transfer_req.nasMsg.data,
as_msg.msg.ul_info_transfer_req.nasMsg.length);
LOG_FUNC_RETURN (RETURNok); LOG_FUNC_RETURN (RETURNok);
} break; } break;
case AS_RAB_ESTABLISH_RSP: { case AS_RAB_ESTABLISH_RSP: {
nas_itti_rab_establish_rsp(as_msg.msg.rab_establish_rsp.s_tmsi, nas_itti_rab_establish_rsp(
as_msg.msg.rab_establish_rsp.rabID, as_msg.msg.rab_establish_rsp.s_tmsi,
as_msg.msg.rab_establish_rsp.errCode); as_msg.msg.rab_establish_rsp.rabID,
as_msg.msg.rab_establish_rsp.errCode);
LOG_FUNC_RETURN (RETURNok); LOG_FUNC_RETURN (RETURNok);
} break; } break;
...@@ -1245,13 +1353,32 @@ static int _emm_as_data_req(const emm_as_data_t *msg, ...@@ -1245,13 +1353,32 @@ static int _emm_as_data_req(const emm_as_data_t *msg,
if (size > 0) { if (size > 0) {
int bytes; int bytes;
struct emm_data_context_s *emm_ctx = NULL;
emm_security_context_t *emm_security_context = NULL;
#if defined(EPC_BUILD)
emm_ctx = emm_data_context_get(&_emm_data, msg->ueid);
#else
if (msg->ueid < EMM_DATA_NB_UE_MAX) {
emm_ctx = _emm_data.ctx[msg->ueid];
}
#endif
if (emm_ctx) {
emm_security_context = emm_ctx->security;
}
if (!is_encoded) { if (!is_encoded) {
/* Encode the NAS information message */ /* Encode the NAS information message */
bytes = _emm_as_encode(&as_msg->nasMsg, &nas_msg, size); bytes = _emm_as_encode(&as_msg->nasMsg,
&nas_msg,
size,
emm_security_context);
} else { } else {
/* Encrypt the NAS information message */ /* Encrypt the NAS information message */
bytes = _emm_as_encrypt(&as_msg->nasMsg, &nas_msg.header, bytes = _emm_as_encrypt(&as_msg->nasMsg,
(char *)(msg->NASmsg.value), size); &nas_msg.header,
(char *)(msg->NASmsg.value),
size,
emm_security_context);
} }
if (bytes > 0) { if (bytes > 0) {
#ifdef NAS_UE #ifdef NAS_UE
...@@ -1311,8 +1438,25 @@ static int _emm_as_status_ind(const emm_as_status_t *msg, ...@@ -1311,8 +1438,25 @@ static int _emm_as_status_ind(const emm_as_status_t *msg,
} }
if (size > 0) { if (size > 0) {
struct emm_data_context_s *emm_ctx = NULL;
emm_security_context_t *emm_security_context = NULL;
#if defined(EPC_BUILD)
emm_ctx = emm_data_context_get(&_emm_data, msg->ueid);
#else
if (msg->ueid < EMM_DATA_NB_UE_MAX) {
emm_ctx = _emm_data.ctx[msg->ueid];
}
#endif
if (emm_ctx) {
emm_security_context = emm_ctx->security;
}
/* Encode the NAS information message */ /* Encode the NAS information message */
int bytes = _emm_as_encode(&as_msg->nasMsg, &nas_msg, size); int bytes = _emm_as_encode(
&as_msg->nasMsg,
&nas_msg,
size,
emm_security_context);
if (bytes > 0) { if (bytes > 0) {
#ifdef NAS_UE #ifdef NAS_UE
LOG_FUNC_RETURN (AS_UL_INFO_TRANSFER_REQ); LOG_FUNC_RETURN (AS_UL_INFO_TRANSFER_REQ);
...@@ -1407,26 +1551,32 @@ static int _emm_as_security_res(const emm_as_security_t *msg, ...@@ -1407,26 +1551,32 @@ static int _emm_as_security_res(const emm_as_security_t *msg,
/* Setup the NAS security message */ /* Setup the NAS security message */
if (emm_msg != NULL) switch (msg->msgType) { if (emm_msg != NULL) switch (msg->msgType) {
case EMM_AS_MSG_TYPE_IDENT: case EMM_AS_MSG_TYPE_IDENT:
size = emm_send_identity_response(msg, &emm_msg->identity_response); size = emm_send_identity_response(
msg,
&emm_msg->identity_response);
break; break;
case EMM_AS_MSG_TYPE_AUTH: case EMM_AS_MSG_TYPE_AUTH:
if (msg->emm_cause != EMM_CAUSE_SUCCESS) { if (msg->emm_cause != EMM_CAUSE_SUCCESS) {
size = emm_send_authentication_failure(msg, size = emm_send_authentication_failure(
&emm_msg->authentication_failure); msg,
&emm_msg->authentication_failure);
} else { } else {
size = emm_send_authentication_response(msg, size = emm_send_authentication_response(
&emm_msg->authentication_response); msg,
&emm_msg->authentication_response);
} }
break; break;
case EMM_AS_MSG_TYPE_SMC: case EMM_AS_MSG_TYPE_SMC:
if (msg->emm_cause != EMM_CAUSE_SUCCESS) { if (msg->emm_cause != EMM_CAUSE_SUCCESS) {
size = emm_send_security_mode_reject(msg, size = emm_send_security_mode_reject(
&emm_msg->security_mode_reject); msg,
&emm_msg->security_mode_reject);
} else { } else {
size = emm_send_security_mode_complete(msg, size = emm_send_security_mode_complete(
&emm_msg->security_mode_complete); msg,
&emm_msg->security_mode_complete);
} }
break; break;
...@@ -1497,21 +1647,22 @@ static int _emm_as_establish_req(const emm_as_establish_t *msg, ...@@ -1497,21 +1647,22 @@ static int _emm_as_establish_req(const emm_as_establish_t *msg,
case EMM_AS_NAS_INFO_DETACH: case EMM_AS_NAS_INFO_DETACH:
size = emm_send_initial_detach_request(msg, size = emm_send_initial_detach_request(msg,
&emm_msg->detach_request); &emm_msg->detach_request);
break; break;
case EMM_AS_NAS_INFO_TAU: case EMM_AS_NAS_INFO_TAU:
size = emm_send_initial_tau_request(msg, size = emm_send_initial_tau_request(msg,
&emm_msg->tracking_area_update_request); &emm_msg->tracking_area_update_request);
break; break;
case EMM_AS_NAS_INFO_SR: case EMM_AS_NAS_INFO_SR:
size = emm_send_initial_sr_request(msg, &emm_msg->service_request); size = emm_send_initial_sr_request(msg,
&emm_msg->service_request);
break; break;
case EMM_AS_NAS_INFO_EXTSR: case EMM_AS_NAS_INFO_EXTSR:
size = emm_send_initial_extsr_request(msg, size = emm_send_initial_extsr_request(msg,
&emm_msg->extended_service_request); &emm_msg->extended_service_request);
break; break;
default: default:
...@@ -1574,17 +1725,18 @@ static int _emm_as_security_req(const emm_as_security_t *msg, ...@@ -1574,17 +1725,18 @@ static int _emm_as_security_req(const emm_as_security_t *msg,
/* Setup the NAS security message */ /* Setup the NAS security message */
if (emm_msg != NULL) switch (msg->msgType) { if (emm_msg != NULL) switch (msg->msgType) {
case EMM_AS_MSG_TYPE_IDENT: case EMM_AS_MSG_TYPE_IDENT:
size = emm_send_identity_request(msg, &emm_msg->identity_request); size = emm_send_identity_request(msg,
&emm_msg->identity_request);
break; break;
case EMM_AS_MSG_TYPE_AUTH: case EMM_AS_MSG_TYPE_AUTH:
size = emm_send_authentication_request(msg, size = emm_send_authentication_request(msg,
&emm_msg->authentication_request); &emm_msg->authentication_request);
break; break;
case EMM_AS_MSG_TYPE_SMC: case EMM_AS_MSG_TYPE_SMC:
size = emm_send_security_mode_command(msg, size = emm_send_security_mode_command(msg,
&emm_msg->security_mode_command); &emm_msg->security_mode_command);
break; break;
default: default:
...@@ -1593,8 +1745,25 @@ static int _emm_as_security_req(const emm_as_security_t *msg, ...@@ -1593,8 +1745,25 @@ static int _emm_as_security_req(const emm_as_security_t *msg,
} }
if (size > 0) { if (size > 0) {
struct emm_data_context_s *emm_ctx = NULL;
emm_security_context_t *emm_security_context = NULL;
#if defined(EPC_BUILD)
emm_ctx = emm_data_context_get(&_emm_data, msg->ueid);
#else
if (msg->ueid < EMM_DATA_NB_UE_MAX) {
emm_ctx = _emm_data.ctx[msg->ueid];
}
#endif
if (emm_ctx) {
emm_security_context = emm_ctx->security;
}
/* Encode the NAS security message */ /* Encode the NAS security message */
int bytes = _emm_as_encode(&as_msg->nasMsg, &nas_msg, size); int bytes = _emm_as_encode(
&as_msg->nasMsg,
&nas_msg,
size,
emm_security_context);
if (bytes > 0) { if (bytes > 0) {
LOG_FUNC_RETURN (AS_DL_INFO_TRANSFER_REQ); LOG_FUNC_RETURN (AS_DL_INFO_TRANSFER_REQ);
} }
...@@ -1654,8 +1823,25 @@ static int _emm_as_security_rej(const emm_as_security_t *msg, ...@@ -1654,8 +1823,25 @@ static int _emm_as_security_rej(const emm_as_security_t *msg,
} }
if (size > 0) { if (size > 0) {
struct emm_data_context_s *emm_ctx = NULL;
emm_security_context_t *emm_security_context = NULL;
#if defined(EPC_BUILD)
emm_ctx = emm_data_context_get(&_emm_data, msg->ueid);
#else
if (msg->ueid < EMM_DATA_NB_UE_MAX) {
emm_ctx = _emm_data.ctx[msg->ueid];
}
#endif
if (emm_ctx) {
emm_security_context = emm_ctx->security;
}
/* Encode the NAS security message */ /* Encode the NAS security message */
int bytes = _emm_as_encode(&as_msg->nasMsg, &nas_msg, size); int bytes = _emm_as_encode(
&as_msg->nasMsg,
&nas_msg,
size,
emm_security_context);
if (bytes > 0) { if (bytes > 0) {
LOG_FUNC_RETURN (AS_DL_INFO_TRANSFER_REQ); LOG_FUNC_RETURN (AS_DL_INFO_TRANSFER_REQ);
} }
...@@ -1708,8 +1894,9 @@ static int _emm_as_establish_cnf(const emm_as_establish_t *msg, ...@@ -1708,8 +1894,9 @@ static int _emm_as_establish_cnf(const emm_as_establish_t *msg,
/* Setup the initial NAS information message */ /* Setup the initial NAS information message */
if (emm_msg != NULL) switch (msg->NASinfo) { if (emm_msg != NULL) switch (msg->NASinfo) {
case EMM_AS_NAS_INFO_ATTACH: case EMM_AS_NAS_INFO_ATTACH:
LOG_TRACE(WARNING, "EMMAS-SAP - emm_as_establish.nasMSG.length"\ LOG_TRACE(WARNING,
"=%d", msg->NASmsg.length); "EMMAS-SAP - emm_as_establish.nasMSG.length=%d",
msg->NASmsg.length);
size = emm_send_attach_accept(msg, &emm_msg->attach_accept); size = emm_send_attach_accept(msg, &emm_msg->attach_accept);
break; break;
...@@ -1720,8 +1907,32 @@ static int _emm_as_establish_cnf(const emm_as_establish_t *msg, ...@@ -1720,8 +1907,32 @@ static int _emm_as_establish_cnf(const emm_as_establish_t *msg,
} }
if (size > 0) { if (size > 0) {
struct emm_data_context_s *emm_ctx = NULL;
emm_security_context_t *emm_security_context = NULL;
#if defined(EPC_BUILD)
emm_ctx = emm_data_context_get(&_emm_data, msg->ueid);
#else
if (msg->ueid < EMM_DATA_NB_UE_MAX) {
emm_ctx = _emm_data.ctx[msg->ueid];
}
#endif
if (emm_ctx) {
emm_security_context = emm_ctx->security;
if (emm_security_context) {
as_msg->nas_ul_count = 0x00000000 |
(emm_security_context->ul_count.overflow << 8) |
emm_security_context->ul_count.seq_num;
LOG_TRACE(DEBUG, "EMMAS-SAP - NAS UL COUNT %8x",
as_msg->nas_ul_count);
}
}
/* Encode the initial NAS information message */ /* Encode the initial NAS information message */
int bytes = _emm_as_encode(&as_msg->nasMsg, &nas_msg, size); int bytes = _emm_as_encode(
&as_msg->nasMsg,
&nas_msg,
size,
emm_security_context);
if (bytes > 0) { if (bytes > 0) {
as_msg->errCode = AS_SUCCESS; as_msg->errCode = AS_SUCCESS;
LOG_FUNC_RETURN (AS_NAS_ESTABLISH_CNF); LOG_FUNC_RETURN (AS_NAS_ESTABLISH_CNF);
...@@ -1780,7 +1991,8 @@ static int _emm_as_establish_rej(const emm_as_establish_t *msg, ...@@ -1780,7 +1991,8 @@ static int _emm_as_establish_rej(const emm_as_establish_t *msg,
break; break;
case EMM_AS_NAS_INFO_TAU: case EMM_AS_NAS_INFO_TAU:
size = emm_send_tracking_area_update_reject(msg, &emm_msg->tracking_area_update_reject); size = emm_send_tracking_area_update_reject(msg,
&emm_msg->tracking_area_update_reject);
break; break;
default: default:
...@@ -1790,8 +2002,24 @@ static int _emm_as_establish_rej(const emm_as_establish_t *msg, ...@@ -1790,8 +2002,24 @@ static int _emm_as_establish_rej(const emm_as_establish_t *msg,
} }
if (size > 0) { if (size > 0) {
struct emm_data_context_s *emm_ctx = NULL;
emm_security_context_t *emm_security_context = NULL;
#if defined(EPC_BUILD)
emm_ctx = emm_data_context_get(&_emm_data, msg->ueid);
#else
if (msg->ueid < EMM_DATA_NB_UE_MAX) {
emm_ctx = _emm_data.ctx[msg->ueid];
}
#endif
if (emm_ctx) {
emm_security_context = emm_ctx->security;
}
/* Encode the initial NAS information message */ /* Encode the initial NAS information message */
int bytes = _emm_as_encode(&as_msg->nasMsg, &nas_msg, size); int bytes = _emm_as_encode(
&as_msg->nasMsg,
&nas_msg,
size,
emm_security_context);
if (bytes > 0) { if (bytes > 0) {
as_msg->errCode = AS_TERMINATED_NAS; as_msg->errCode = AS_TERMINATED_NAS;
LOG_FUNC_RETURN (AS_NAS_ESTABLISH_RSP); LOG_FUNC_RETURN (AS_NAS_ESTABLISH_RSP);
......
openair-cn/NAS/EURECOM-NAS/src/emm/sap/emm_asDef.h
View file @ 6f5c0332
...@@ -98,6 +98,10 @@ typedef struct { ...@@ -98,6 +98,10 @@ typedef struct {
UInt8_t eea; /* Replayed EPS encryption algorithms */ UInt8_t eea; /* Replayed EPS encryption algorithms */
UInt8_t eia; /* Replayed EPS integrity algorithms */ UInt8_t eia; /* Replayed EPS integrity algorithms */
// Added by LG
UInt8_t selected_eea; /* Selected EPS encryption algorithms */
UInt8_t selected_eia; /* Selected EPS integrity algorithms */
#define EMM_AS_MSG_TYPE_IDENT 0x01 /* Identification message */ #define EMM_AS_MSG_TYPE_IDENT 0x01 /* Identification message */
#define EMM_AS_MSG_TYPE_AUTH 0x02 /* Authentication message */ #define EMM_AS_MSG_TYPE_AUTH 0x02 /* Authentication message */
#define EMM_AS_MSG_TYPE_SMC 0x03 /* Security Mode Command */ #define EMM_AS_MSG_TYPE_SMC 0x03 /* Security Mode Command */
......
openair-cn/NAS/EURECOM-NAS/src/emm/sap/emm_cn.c
View file @ 6f5c0332
...@@ -101,11 +101,14 @@ static int _emm_cn_authentication_res(const emm_cn_auth_res_t *msg) ...@@ -101,11 +101,14 @@ static int _emm_cn_authentication_res(const emm_cn_auth_res_t *msg)
* and NAS security setup to activate integrity protection and NAS * and NAS security setup to activate integrity protection and NAS
* ciphering are mandatory. * ciphering are mandatory.
*/ */
rc = emm_proc_authentication(emm_ctx, emm_ctx->ueid, 0, // TODO: eksi != 0 rc = emm_proc_authentication(emm_ctx,
&loc_rand, &autn, emm_ctx->ueid,
emm_attach_security, 0, // TODO: eksi != 0
NULL, &loc_rand,
NULL); &autn,
emm_attach_security,
NULL,
NULL);
if (rc != RETURNok) { if (rc != RETURNok) {
/* Failed to initiate the authentication procedure */ /* Failed to initiate the authentication procedure */
LOG_TRACE(WARNING, "EMM-PROC - " LOG_TRACE(WARNING, "EMM-PROC - "
......
openair-cn/NAS/EURECOM-NAS/src/emm/sap/emm_recv.c
View file @ 6f5c0332
...@@ -983,9 +983,11 @@ int emm_recv_authentication_failure(unsigned int ueid, ...@@ -983,9 +983,11 @@ int emm_recv_authentication_failure(unsigned int ueid,
** Others: None ** ** Others: None **
** ** ** **
***************************************************************************/ ***************************************************************************/
int emm_recv_security_mode_complete(unsigned int ueid, int
security_mode_complete_msg *msg, emm_recv_security_mode_complete(
int *emm_cause) unsigned int ueid,
security_mode_complete_msg *msg,
int *emm_cause)
{ {
LOG_FUNC_IN; LOG_FUNC_IN;
......
openair-cn/NAS/EURECOM-NAS/src/emm/sap/emm_send.c
View file @ 6f5c0332
...@@ -1205,9 +1205,9 @@ int emm_send_security_mode_command(const emm_as_security_t *msg, ...@@ -1205,9 +1205,9 @@ int emm_send_security_mode_command(const emm_as_security_t *msg,
/* Selected NAS security algorithms */ /* Selected NAS security algorithms */
size += NAS_SECURITY_ALGORITHMS_MAXIMUM_LENGTH; size += NAS_SECURITY_ALGORITHMS_MAXIMUM_LENGTH;
emm_msg->selectednassecurityalgorithms.typeofcipheringalgorithm = emm_msg->selectednassecurityalgorithms.typeofcipheringalgorithm =
NAS_SECURITY_ALGORITHMS_EEA0; msg->selected_eea;
emm_msg->selectednassecurityalgorithms.typeofintegrityalgorithm = emm_msg->selectednassecurityalgorithms.typeofintegrityalgorithm =
NAS_SECURITY_ALGORITHMS_EIA0; msg->selected_eia;
/* NAS key set identifier */ /* NAS key set identifier */
size += NAS_KEY_SET_IDENTIFIER_MAXIMUM_LENGTH; size += NAS_KEY_SET_IDENTIFIER_MAXIMUM_LENGTH;
......
openair-cn/NAS/EURECOM-NAS/src/include/securityDef.h
View file @ 6f5c0332
...@@ -48,8 +48,8 @@ Description Contains global security definitions ...@@ -48,8 +48,8 @@ Description Contains global security definitions
#define AUTH_RES_SIZE 16 /* Authentication response: 128 bits */ #define AUTH_RES_SIZE 16 /* Authentication response: 128 bits */
#define AUTH_SNID_SIZE 3 /* Serving network's identity: 24 bits */ #define AUTH_SNID_SIZE 3 /* Serving network's identity: 24 bits */
#define AUTH_KASME_SIZE 32 /* KASME security key: 256 bits */ #define AUTH_KASME_SIZE 32 /* KASME security key: 256 bits */
#define AUTH_KNAS_INT_SIZE AUTH_KASME_SIZE /* NAS integrity key */ #define AUTH_KNAS_INT_SIZE 16 /* NAS integrity key */
#define AUTH_KNAS_ENC_SIZE AUTH_KASME_SIZE /* NAS cyphering key */ #define AUTH_KNAS_ENC_SIZE 16 /* NAS cyphering key */
#define AUTH_KENB_SIZE AUTH_KASME_SIZE /* eNodeB security key */ #define AUTH_KENB_SIZE AUTH_KASME_SIZE /* eNodeB security key */
/* "Separation bit" of AMF field */ /* "Separation bit" of AMF field */
......
openair-cn/NAS/EURECOM-NAS/tst/as_simulator/nas_process.c
View file @ 6f5c0332
...@@ -98,10 +98,15 @@ static int _esm_status(char* buffer, int length, const esm_status_msg* msg); ...@@ -98,10 +98,15 @@ static int _esm_status(char* buffer, int length, const esm_status_msg* msg);
/* /*
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
* Process NAS message * Process NAS message
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
int nas_process(char* buffer, int length, const char* msg, int size) int
nas_process(
char* buffer,
int length,
const char* msg,
int size)
{ {
int index = 0; int index = 0;
int bytes; int bytes;
...@@ -111,26 +116,28 @@ int nas_process(char* buffer, int length, const char* msg, int size) ...@@ -111,26 +116,28 @@ int nas_process(char* buffer, int length, const char* msg, int size)
memset(&nas_msg, 0, sizeof(nas_message_t)); memset(&nas_msg, 0, sizeof(nas_message_t));
bytes = nas_message_decode(msg, &nas_msg, size); bytes = nas_message_decode(msg, &nas_msg, size);
if (bytes < 0) { if (bytes < 0) {
printf("ERROR\t: %s - Failed to decode NAS message (err=%d)\n", printf("ERROR\t: %s - Failed to decode NAS message (err=%d)\n",
__FUNCTION__, bytes); __FUNCTION__, bytes);
return (RETURNerror); return (RETURNerror);
} }
int protocol_discriminator = nas_msg.header.protocol_discriminator; int protocol_discriminator = nas_msg.header.protocol_discriminator;
if (protocol_discriminator == EPS_MOBILITY_MANAGEMENT_MESSAGE) { if (protocol_discriminator == EPS_MOBILITY_MANAGEMENT_MESSAGE) {
/* Process EPS Mobility Management NAS message */ /* Process EPS Mobility Management NAS message */
index += _nas_process_emm(buffer + index, length - index, index += _nas_process_emm(buffer + index,
&nas_msg.plain.emm); length - index,
&nas_msg.plain.emm);
} }
else if (protocol_discriminator == EPS_SESSION_MANAGEMENT_MESSAGE) { else if (protocol_discriminator == EPS_SESSION_MANAGEMENT_MESSAGE) {
/* Process EPS Session Management NAS message */ /* Process EPS Session Management NAS message */
index += _nas_process_esm(buffer + index, length - index, index += _nas_process_esm(buffer + index,
&nas_msg.plain.esm); length - index,
&nas_msg.plain.esm);
} }
else { else {
printf("ERROR\t: %s - Protocol discriminator is not valid (%d)\n", printf("ERROR\t: %s - Protocol discriminator is not valid (%d)\n",
__FUNCTION__, protocol_discriminator); __FUNCTION__, protocol_discriminator);
return (RETURNerror); return (RETURNerror);
} }
buffer[index] = '\0'; buffer[index] = '\0';
...@@ -150,116 +157,121 @@ int nas_process(char* buffer, int length, const char* msg, int size) ...@@ -150,116 +157,121 @@ int nas_process(char* buffer, int length, const char* msg, int size)
/* /*
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
* Process EPS Mobility Management NAS message * Process EPS Mobility Management NAS message
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _nas_process_emm(char* buffer, int length, const EMM_msg* msg) static int
_nas_process_emm(
char* buffer,
int length,
const EMM_msg* msg)
{ {
int index = 0; int index = 0;
const EsmMessageContainer* esm_container = NULL; const EsmMessageContainer* esm_container = NULL;
printf("INFO\t: Process %s\n", emmMsgType(msg->header.message_type)); printf("INFO\t: Process %s\n", emmMsgType(msg->header.message_type));
index += snprintf(buffer + index, length - index, "%s (", index += snprintf(buffer + index, length - index, "%s (",
emmMsgType(msg->header.message_type)); emmMsgType(msg->header.message_type));
switch (msg->header.message_type) switch (msg->header.message_type)
{ {
case ATTACH_REQUEST: case ATTACH_REQUEST:
esm_container = &msg->attach_request.esmmessagecontainer; esm_container = &msg->attach_request.esmmessagecontainer;
index += _attach_request(buffer + index, length - index, index += _attach_request(buffer + index, length - index,
&msg->attach_request); &msg->attach_request);
break; break;
case ATTACH_ACCEPT: case ATTACH_ACCEPT:
esm_container = &msg->attach_accept.esmmessagecontainer; esm_container = &msg->attach_accept.esmmessagecontainer;
index += _attach_accept(buffer + index, length - index, index += _attach_accept(buffer + index, length - index,
&msg->attach_accept); &msg->attach_accept);
break; break;
case ATTACH_REJECT: case ATTACH_REJECT:
esm_container = &msg->attach_reject.esmmessagecontainer; esm_container = &msg->attach_reject.esmmessagecontainer;
index += _attach_reject(buffer + index, length - index, index += _attach_reject(buffer + index, length - index,
&msg->attach_reject); &msg->attach_reject);
break; break;
case ATTACH_COMPLETE: case ATTACH_COMPLETE:
esm_container = &msg->attach_complete.esmmessagecontainer; esm_container = &msg->attach_complete.esmmessagecontainer;
index += _attach_complete(buffer + index, length - index, index += _attach_complete(buffer + index, length - index,
&msg->attach_complete); &msg->attach_complete);
break; break;
case DETACH_REQUEST: case DETACH_REQUEST:
index += _detach_request(buffer + index, length - index, index += _detach_request(buffer + index, length - index,
&msg->detach_request); &msg->detach_request);
break; break;
case DETACH_ACCEPT: case DETACH_ACCEPT:
index += _detach_accept(buffer + index, length - index, index += _detach_accept(buffer + index, length - index,
&msg->detach_accept); &msg->detach_accept);
break; break;
case IDENTITY_REQUEST: case IDENTITY_REQUEST:
index += _identity_request(buffer + index, length - index, index += _identity_request(buffer + index, length - index,
&msg->identity_request); &msg->identity_request);
break; break;
case IDENTITY_RESPONSE: case IDENTITY_RESPONSE:
index += _identity_response(buffer + index, length - index, index += _identity_response(buffer + index, length - index,
&msg->identity_response); &msg->identity_response);
break; break;
case AUTHENTICATION_REQUEST: case AUTHENTICATION_REQUEST:
index += _authentication_request(buffer + index, length - index, index += _authentication_request(buffer + index, length - index,
&msg->authentication_request); &msg->authentication_request);
break; break;
case AUTHENTICATION_RESPONSE: case AUTHENTICATION_RESPONSE:
index += _authentication_response(buffer + index, length - index, index += _authentication_response(buffer + index, length - index,
&msg->authentication_response); &msg->authentication_response);
break; break;
case AUTHENTICATION_FAILURE: case AUTHENTICATION_FAILURE:
index += _authentication_failure(buffer + index, length - index, index += _authentication_failure(buffer + index, length - index,
&msg->authentication_failure); &msg->authentication_failure);
break; break;
case AUTHENTICATION_REJECT: case AUTHENTICATION_REJECT:
index += _authentication_reject(buffer + index, length - index, index += _authentication_reject(buffer + index, length - index,
&msg->authentication_reject); &msg->authentication_reject);
break; break;
case SECURITY_MODE_COMMAND: case SECURITY_MODE_COMMAND:
index += _security_mode_command(buffer + index, length - index, index += _security_mode_command(buffer + index, length - index,
&msg->security_mode_command); &msg->security_mode_command);
break; break;
case SECURITY_MODE_COMPLETE: case SECURITY_MODE_COMPLETE:
index += _security_mode_complete(buffer + index, length - index, index += _security_mode_complete(buffer + index, length - index,
&msg->security_mode_complete); &msg->security_mode_complete);
break; break;
case SECURITY_MODE_REJECT: case SECURITY_MODE_REJECT:
index += _security_mode_reject(buffer + index, length - index, index += _security_mode_reject(buffer + index, length - index,
&msg->security_mode_reject); &msg->security_mode_reject);
break; break;
case EMM_STATUS: case EMM_STATUS:
index += _emm_status(buffer + index, length - index, index += _emm_status(buffer + index, length - index,
&msg->emm_status); &msg->emm_status);
break; break;
default: default:
printf("WARNING\t: %s - EMM NAS message is not valid (0x%x)\n", printf("WARNING\t: %s - EMM NAS message is not valid (0x%x)\n",
__FUNCTION__, msg->header.message_type); __FUNCTION__, msg->header.message_type);
break; break;
} }
index += snprintf(buffer + index, length - index, ")"); index += snprintf(buffer + index, length - index, ")");
/* Process ESM message container */ /* Process ESM message container */
if (esm_container) { if (esm_container) {
index += _esm_message_container(buffer + index, length - index, index += _esm_message_container(buffer + index,
esm_container); length - index,
esm_container);
} }
return (index); return (index);
...@@ -267,36 +279,42 @@ static int _nas_process_emm(char* buffer, int length, const EMM_msg* msg) ...@@ -267,36 +279,42 @@ static int _nas_process_emm(char* buffer, int length, const EMM_msg* msg)
/* /*
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
* Process Attach Request * Process Attach Request
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _attach_request(char* buffer, int length, static int
const attach_request_msg* msg) _attach_request(
char* buffer,
int length,
const attach_request_msg* msg)
{ {
int index = 0; int index = 0;
/* EPS attach type */ /* EPS attach type */
index += snprintf(buffer + index, length - index, "Type = %s", index += snprintf(buffer + index, length - index, "Type = %s",
attachType(&msg->epsattachtype)); attachType(&msg->epsattachtype));
/* NAS key set identifier */ /* NAS key set identifier */
index += snprintf(buffer + index, length - index, ", KSI = "); index += snprintf(buffer + index, length - index, ", KSI = ");
index += nasKeySetIdentifier(buffer + index, length - index, index += nasKeySetIdentifier(buffer + index, length - index,
&msg->naskeysetidentifier); &msg->naskeysetidentifier);
/* EPS mobile identity */ /* EPS mobile identity */
index += snprintf(buffer + index, length - index, ", "); index += snprintf(buffer + index, length - index, ", ");
index += epsIdentity(buffer + index, length - index, index += epsIdentity(buffer + index, length - index,
&msg->oldgutiorimsi); &msg->oldgutiorimsi);
return (index); return (index);
} }
/* /*
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
* Process Attach Accept * Process Attach Accept
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _attach_accept(char* buffer, int length, static int
const attach_accept_msg* msg) _attach_accept(
char* buffer,
int length,
const attach_accept_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -310,7 +328,7 @@ static int _attach_accept(char* buffer, int length, ...@@ -310,7 +328,7 @@ static int _attach_accept(char* buffer, int length,
#endif #endif
/* GUTI */ /* GUTI */
if (msg->presencemask & ATTACH_ACCEPT_GUTI_PRESENT) { if (msg->presencemask & ATTACH_ACCEPT_GUTI_PRESENT) {
index += epsIdentity(buffer + index, length - index, &msg->guti); index += epsIdentity(buffer + index, length - index, &msg->guti);
} }
return (index); return (index);
...@@ -321,14 +339,17 @@ static int _attach_accept(char* buffer, int length, ...@@ -321,14 +339,17 @@ static int _attach_accept(char* buffer, int length,
* Process Attach Reject * Process Attach Reject
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _attach_reject(char* buffer, int length, static int
const attach_reject_msg* msg) _attach_reject(
char* buffer,
int length,
const attach_reject_msg* msg)
{ {
int index = 0; int index = 0;
/* EMM cause code */ /* EMM cause code */
index += snprintf(buffer + index, length - index, "EmmCause = %s (%d)", index += snprintf(buffer + index, length - index, "EmmCause = %s (%d)",
emmCauseCode(msg->emmcause), msg->emmcause); emmCauseCode(msg->emmcause), msg->emmcause);
return (index); return (index);
} }
...@@ -338,8 +359,11 @@ static int _attach_reject(char* buffer, int length, ...@@ -338,8 +359,11 @@ static int _attach_reject(char* buffer, int length,
* Process Attach Complete * Process Attach Complete
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _attach_complete(char* buffer, int length, static int
const attach_complete_msg* msg) _attach_complete(
char* buffer,
int length,
const attach_complete_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -351,8 +375,11 @@ static int _attach_complete(char* buffer, int length, ...@@ -351,8 +375,11 @@ static int _attach_complete(char* buffer, int length,
* Process Identity Request * Process Identity Request
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _identity_request(char* buffer, int length, static int
const identity_request_msg* msg) _identity_request(
char* buffer,
int length,
const identity_request_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -368,8 +395,11 @@ static int _identity_request(char* buffer, int length, ...@@ -368,8 +395,11 @@ static int _identity_request(char* buffer, int length,
* Process Detach Request * Process Detach Request
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _detach_request(char* buffer, int length, static int
const detach_request_msg* msg) _detach_request(
char* buffer,
int length,
const detach_request_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -393,8 +423,11 @@ static int _detach_request(char* buffer, int length, ...@@ -393,8 +423,11 @@ static int _detach_request(char* buffer, int length,
* Process Detach Accept * Process Detach Accept
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _detach_accept(char* buffer, int length, static int
const detach_accept_msg* msg) _detach_accept(
char* buffer,
int length,
const detach_accept_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -406,8 +439,11 @@ static int _detach_accept(char* buffer, int length, ...@@ -406,8 +439,11 @@ static int _detach_accept(char* buffer, int length,
* Process Identity Response * Process Identity Response
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _identity_response(char* buffer, int length, static int
const identity_response_msg* msg) _identity_response(
char* buffer,
int length,
const identity_response_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -423,8 +459,11 @@ static int _identity_response(char* buffer, int length, ...@@ -423,8 +459,11 @@ static int _identity_response(char* buffer, int length,
* Process Authentication Request * Process Authentication Request
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _authentication_request(char* buffer, int length, static int
const authentication_request_msg* msg) _authentication_request(
char* buffer,
int length,
const authentication_request_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -449,8 +488,11 @@ static int _authentication_request(char* buffer, int length, ...@@ -449,8 +488,11 @@ static int _authentication_request(char* buffer, int length,
* Process Authentication Response * Process Authentication Response
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _authentication_response(char* buffer, int length, static int
const authentication_response_msg* msg) _authentication_response(
char* buffer,
int length,
const authentication_response_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -467,8 +509,11 @@ static int _authentication_response(char* buffer, int length, ...@@ -467,8 +509,11 @@ static int _authentication_response(char* buffer, int length,
* Process Authentication Failure * Process Authentication Failure
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _authentication_failure(char* buffer, int length, static int
const authentication_failure_msg* msg) _authentication_failure(
char* buffer,
int length,
const authentication_failure_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -491,8 +536,11 @@ static int _authentication_failure(char* buffer, int length, ...@@ -491,8 +536,11 @@ static int _authentication_failure(char* buffer, int length,
* Process Authentication Reject * Process Authentication Reject
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _authentication_reject(char* buffer, int length, static int
const authentication_reject_msg* msg) _authentication_reject(
char* buffer,
int length,
const authentication_reject_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -504,23 +552,28 @@ static int _authentication_reject(char* buffer, int length, ...@@ -504,23 +552,28 @@ static int _authentication_reject(char* buffer, int length,
* Process Security Mode Command * Process Security Mode Command
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _security_mode_command(char* buffer, int length, static int
const security_mode_command_msg* msg) _security_mode_command(
char* buffer,
int length,
const security_mode_command_msg* msg)
{ {
int index = 0; int index = 0;
/* Selected NAS ciphering algorithm */ /* Selected NAS ciphering algorithm */
index += snprintf(buffer + index, length - index, "%s (%d)", index += snprintf(buffer + index, length - index, "%s (%d)",
nasCipheringAlgorithm(&msg->selectednassecurityalgorithms), nasCipheringAlgorithm(&msg->selectednassecurityalgorithms),
msg->selectednassecurityalgorithms.typeofcipheringalgorithm); msg->selectednassecurityalgorithms.typeofcipheringalgorithm);
/* Selected NAS integrity algorithm */ /* Selected NAS integrity algorithm */
index += snprintf(buffer + index, length - index, ", %s (%d)", index += snprintf(buffer + index, length - index, ", %s (%d)",
nasIntegrityAlgorithm(&msg->selectednassecurityalgorithms), nasIntegrityAlgorithm(&msg->selectednassecurityalgorithms),
msg->selectednassecurityalgorithms.typeofintegrityalgorithm); msg->selectednassecurityalgorithms.typeofintegrityalgorithm);
/* NAS key set identifier */ /* NAS key set identifier */
index += snprintf(buffer + index, length - index, ", KSI = "); index += snprintf(buffer + index, length - index, ", KSI = ");
index += nasKeySetIdentifier(buffer + index, length - index, index += nasKeySetIdentifier(buffer + index, length - index,
&msg->naskeysetidentifier); &msg->naskeysetidentifier);
return (index); return (index);
} }
...@@ -530,8 +583,11 @@ static int _security_mode_command(char* buffer, int length, ...@@ -530,8 +583,11 @@ static int _security_mode_command(char* buffer, int length,
* Process Security Mode Complete * Process Security Mode Complete
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _security_mode_complete(char* buffer, int length, static int
const security_mode_complete_msg* msg) _security_mode_complete(
char* buffer,
int length,
const security_mode_complete_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -543,8 +599,11 @@ static int _security_mode_complete(char* buffer, int length, ...@@ -543,8 +599,11 @@ static int _security_mode_complete(char* buffer, int length,
* Process Security Mode Reject * Process Security Mode Reject
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _security_mode_reject(char* buffer, int length, static int
const security_mode_reject_msg* msg) _security_mode_reject(
char* buffer,
int length,
const security_mode_reject_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -560,8 +619,11 @@ static int _security_mode_reject(char* buffer, int length, ...@@ -560,8 +619,11 @@ static int _security_mode_reject(char* buffer, int length,
* ESM message container * ESM message container
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _esm_message_container(char* buffer, int length, static int
const EsmMessageContainer* msg) _esm_message_container(
char* buffer,
int length,
const EsmMessageContainer* msg)
{ {
int index = 0; int index = 0;
int bytes; int bytes;
...@@ -595,7 +657,11 @@ static int _esm_message_container(char* buffer, int length, ...@@ -595,7 +657,11 @@ static int _esm_message_container(char* buffer, int length,
* Process EMM Status * Process EMM Status
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _emm_status(char* buffer, int length, const emm_status_msg* msg) static int
_emm_status(
char* buffer,
int length,
const emm_status_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -616,95 +682,99 @@ static int _emm_status(char* buffer, int length, const emm_status_msg* msg) ...@@ -616,95 +682,99 @@ static int _emm_status(char* buffer, int length, const emm_status_msg* msg)
* Process EPS Session MAnagement NAS message * Process EPS Session MAnagement NAS message
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _nas_process_esm(char* buffer, int length, const ESM_msg* msg) static int
_nas_process_esm(
char* buffer,
int length,
const ESM_msg* msg)
{ {
int index = 0; int index = 0;
printf("INFO\t: Process %s\n", esmMsgType(msg->header.message_type)); printf("INFO\t: Process %s\n", esmMsgType(msg->header.message_type));
index += snprintf(buffer + index, length - index, "%s (pti=%d, ebi=%d", index += snprintf(buffer + index, length - index, "%s (pti=%d, ebi=%d",
esmMsgType(msg->header.message_type), esmMsgType(msg->header.message_type),
msg->header.procedure_transaction_identity, msg->header.procedure_transaction_identity,
msg->header.eps_bearer_identity); msg->header.eps_bearer_identity);
switch (msg->header.message_type) switch (msg->header.message_type)
{ {
case PDN_CONNECTIVITY_REQUEST: case PDN_CONNECTIVITY_REQUEST:
index += _pdn_connectivity_request(buffer + index, length - index, index += _pdn_connectivity_request(buffer + index, length - index,
&msg->pdn_connectivity_request); &msg->pdn_connectivity_request);
break; break;
case PDN_CONNECTIVITY_REJECT: case PDN_CONNECTIVITY_REJECT:
index += _pdn_connectivity_reject(buffer + index, length - index, index += _pdn_connectivity_reject(buffer + index, length - index,
&msg->pdn_connectivity_reject); &msg->pdn_connectivity_reject);
break; break;
case PDN_DISCONNECT_REQUEST: case PDN_DISCONNECT_REQUEST:
index += _pdn_disconnect_request(buffer + index, length - index, index += _pdn_disconnect_request(buffer + index, length - index,
&msg->pdn_disconnect_request); &msg->pdn_disconnect_request);
break; break;
case PDN_DISCONNECT_REJECT: case PDN_DISCONNECT_REJECT:
index += _pdn_disconnect_reject(buffer + index, length - index, index += _pdn_disconnect_reject(buffer + index, length - index,
&msg->pdn_disconnect_reject); &msg->pdn_disconnect_reject);
break; break;
case ACTIVATE_DEFAULT_EPS_BEARER_CONTEXT_REQUEST: case ACTIVATE_DEFAULT_EPS_BEARER_CONTEXT_REQUEST:
index += _activate_default_eps_bearer_context_request( index += _activate_default_eps_bearer_context_request(
buffer + index, length - index, buffer + index, length - index,
&msg->activate_default_eps_bearer_context_request); &msg->activate_default_eps_bearer_context_request);
break; break;
case ACTIVATE_DEFAULT_EPS_BEARER_CONTEXT_ACCEPT: case ACTIVATE_DEFAULT_EPS_BEARER_CONTEXT_ACCEPT:
index += _activate_default_eps_bearer_context_accept( index += _activate_default_eps_bearer_context_accept(
buffer + index, length - index, buffer + index, length - index,
&msg->activate_default_eps_bearer_context_accept); &msg->activate_default_eps_bearer_context_accept);
break; break;
case ACTIVATE_DEFAULT_EPS_BEARER_CONTEXT_REJECT: case ACTIVATE_DEFAULT_EPS_BEARER_CONTEXT_REJECT:
index += _activate_default_eps_bearer_context_reject( index += _activate_default_eps_bearer_context_reject(
buffer + index, length - index, buffer + index, length - index,
&msg->activate_default_eps_bearer_context_reject); &msg->activate_default_eps_bearer_context_reject);
break; break;
case ACTIVATE_DEDICATED_EPS_BEARER_CONTEXT_REQUEST: case ACTIVATE_DEDICATED_EPS_BEARER_CONTEXT_REQUEST:
index += _activate_dedicated_eps_bearer_context_request( index += _activate_dedicated_eps_bearer_context_request(
buffer + index, length - index, buffer + index, length - index,
&msg->activate_dedicated_eps_bearer_context_request); &msg->activate_dedicated_eps_bearer_context_request);
break; break;
case ACTIVATE_DEDICATED_EPS_BEARER_CONTEXT_ACCEPT: case ACTIVATE_DEDICATED_EPS_BEARER_CONTEXT_ACCEPT:
index += _activate_dedicated_eps_bearer_context_accept( index += _activate_dedicated_eps_bearer_context_accept(
buffer + index, length - index, buffer + index, length - index,
&msg->activate_dedicated_eps_bearer_context_accept); &msg->activate_dedicated_eps_bearer_context_accept);
break; break;
case ACTIVATE_DEDICATED_EPS_BEARER_CONTEXT_REJECT: case ACTIVATE_DEDICATED_EPS_BEARER_CONTEXT_REJECT:
index += _activate_dedicated_eps_bearer_context_reject( index += _activate_dedicated_eps_bearer_context_reject(
buffer + index, length - index, buffer + index, length - index,
&msg->activate_dedicated_eps_bearer_context_reject); &msg->activate_dedicated_eps_bearer_context_reject);
break; break;
case DEACTIVATE_EPS_BEARER_CONTEXT_REQUEST: case DEACTIVATE_EPS_BEARER_CONTEXT_REQUEST:
index += _deactivate_eps_bearer_context_request(buffer + index, index += _deactivate_eps_bearer_context_request(buffer + index,
length - index, length - index,
&msg->deactivate_eps_bearer_context_request); &msg->deactivate_eps_bearer_context_request);
break; break;
case DEACTIVATE_EPS_BEARER_CONTEXT_ACCEPT: case DEACTIVATE_EPS_BEARER_CONTEXT_ACCEPT:
index += _deactivate_eps_bearer_context_accept(buffer + index, index += _deactivate_eps_bearer_context_accept(buffer + index,
length - index, length - index,
&msg->deactivate_eps_bearer_context_accept); &msg->deactivate_eps_bearer_context_accept);
break; break;
case ESM_STATUS: case ESM_STATUS:
index += _esm_status(buffer + index, length - index, index += _esm_status(buffer + index, length - index,
&msg->esm_status); &msg->esm_status);
break; break;
default: default:
printf("WARNING\t: %s - ESM NAS message is not valid (0x%x)\n", printf("WARNING\t: %s - ESM NAS message is not valid (0x%x)\n",
__FUNCTION__, msg->header.message_type); __FUNCTION__, msg->header.message_type);
break; break;
} }
index += snprintf(buffer + index, length - index, ")"); index += snprintf(buffer + index, length - index, ")");
...@@ -714,24 +784,27 @@ static int _nas_process_esm(char* buffer, int length, const ESM_msg* msg) ...@@ -714,24 +784,27 @@ static int _nas_process_esm(char* buffer, int length, const ESM_msg* msg)
/* /*
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
* Process PDN Connectivity Request * Process PDN Connectivity Request
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _pdn_connectivity_request(char* buffer, int length, static int
const pdn_connectivity_request_msg* msg) _pdn_connectivity_request(
char* buffer,
int length,
const pdn_connectivity_request_msg* msg)
{ {
int index = 0; int index = 0;
/* PDN request type and PDN type */ /* PDN request type and PDN type */
index += snprintf(buffer + index, length - index, index += snprintf(buffer + index, length - index,
", RequestType = %s, PdnType = %s", ", RequestType = %s, PdnType = %s",
requestType(&msg->requesttype), requestType(&msg->requesttype),
pdnType(&msg->pdntype)); pdnType(&msg->pdntype));
/* Access Point Name */ /* Access Point Name */
if (msg->presencemask & PDN_CONNECTIVITY_REQUEST_ACCESS_POINT_NAME_PRESENT) if (msg->presencemask & PDN_CONNECTIVITY_REQUEST_ACCESS_POINT_NAME_PRESENT)
{ {
index += snprintf(buffer + index, length - index, ", APN = %s", index += snprintf(buffer + index, length - index, ", APN = %s",
(char*)msg->accesspointname.accesspointnamevalue.value); (char*)msg->accesspointname.accesspointnamevalue.value);
} }
return (index); return (index);
...@@ -739,17 +812,20 @@ static int _pdn_connectivity_request(char* buffer, int length, ...@@ -739,17 +812,20 @@ static int _pdn_connectivity_request(char* buffer, int length,
/* /*
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
* Process PDN Connectivity Reject * Process PDN Connectivity Reject
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _pdn_connectivity_reject(char* buffer, int length, static int
const pdn_connectivity_reject_msg* msg) _pdn_connectivity_reject(
char* buffer,
int length,
const pdn_connectivity_reject_msg* msg)
{ {
int index = 0; int index = 0;
/* ESM cause code */ /* ESM cause code */
index += snprintf(buffer + index, length - index, ", EsmCause = %s (%d)", index += snprintf(buffer + index, length - index, ", EsmCause = %s (%d)",
esmCauseCode(msg->esmcause), msg->esmcause); esmCauseCode(msg->esmcause), msg->esmcause);
return (index); return (index);
} }
...@@ -759,48 +835,57 @@ static int _pdn_connectivity_reject(char* buffer, int length, ...@@ -759,48 +835,57 @@ static int _pdn_connectivity_reject(char* buffer, int length,
* Process PDN Disconnect Request * Process PDN Disconnect Request
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _pdn_disconnect_request(char* buffer, int length, static int
const pdn_disconnect_request_msg* msg) _pdn_disconnect_request(
char* buffer,
int length,
const pdn_disconnect_request_msg* msg)
{ {
int index = 0; int index = 0;
/* Linked EPS bearer identity */ /* Linked EPS bearer identity */
index += snprintf(buffer + index, length - index, ", Linked EBI = %d", index += snprintf(buffer + index, length - index, ", Linked EBI = %d",
msg->linkedepsbeareridentity); msg->linkedepsbeareridentity);
return (index); return (index);
} }
/* /*
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
* Process PDN Disconnect Reject * Process PDN Disconnect Reject
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _pdn_disconnect_reject(char* buffer, int length, static int
const pdn_disconnect_reject_msg* msg) _pdn_disconnect_reject(
char* buffer,
int length,
const pdn_disconnect_reject_msg* msg)
{ {
int index = 0; int index = 0;
/* ESM cause code */ /* ESM cause code */
index += snprintf(buffer + index, length - index, ", EsmCause = %s (%d)", index += snprintf(buffer + index, length - index, ", EsmCause = %s (%d)",
esmCauseCode(msg->esmcause), msg->esmcause); esmCauseCode(msg->esmcause), msg->esmcause);
return (index); return (index);
} }
/* /*
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
* Process Activate Default EPS Bearer Context Request * Process Activate Default EPS Bearer Context Request
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _activate_default_eps_bearer_context_request(char* buffer, int length, static int
const activate_default_eps_bearer_context_request_msg* msg) _activate_default_eps_bearer_context_request(
char* buffer,
int length,
const activate_default_eps_bearer_context_request_msg* msg)
{ {
int index = 0; int index = 0;
/* Access Point Name */ /* Access Point Name */
index += snprintf(buffer + index, length - index, ", APN = %s", index += snprintf(buffer + index, length - index, ", APN = %s",
(char*)msg->accesspointname.accesspointnamevalue.value); (char*)msg->accesspointname.accesspointnamevalue.value);
/* PDN address */ /* PDN address */
index += snprintf(buffer + index, length - index, ", PDN addr = "); index += snprintf(buffer + index, length - index, ", PDN addr = ");
...@@ -814,8 +899,11 @@ static int _activate_default_eps_bearer_context_request(char* buffer, int length ...@@ -814,8 +899,11 @@ static int _activate_default_eps_bearer_context_request(char* buffer, int length
* Process Activate Default EPS Bearer Context Accept * Process Activate Default EPS Bearer Context Accept
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _activate_default_eps_bearer_context_accept(char* buffer, int length, static int
const activate_default_eps_bearer_context_accept_msg* msg) _activate_default_eps_bearer_context_accept(
char* buffer,
int length,
const activate_default_eps_bearer_context_accept_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -827,14 +915,17 @@ static int _activate_default_eps_bearer_context_accept(char* buffer, int length, ...@@ -827,14 +915,17 @@ static int _activate_default_eps_bearer_context_accept(char* buffer, int length,
* Process Activate Default EPS Bearer Context Reject * Process Activate Default EPS Bearer Context Reject
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _activate_default_eps_bearer_context_reject(char* buffer, int length, static int
const activate_default_eps_bearer_context_reject_msg* msg) _activate_default_eps_bearer_context_reject(
char* buffer,
int length,
const activate_default_eps_bearer_context_reject_msg* msg)
{ {
int index = 0; int index = 0;
/* ESM cause code */ /* ESM cause code */
index += snprintf(buffer + index, length - index, ", EsmCause = %s (%d)", index += snprintf(buffer + index, length - index, ", EsmCause = %s (%d)",
esmCauseCode(msg->esmcause), msg->esmcause); esmCauseCode(msg->esmcause), msg->esmcause);
return (index); return (index);
} }
...@@ -844,9 +935,11 @@ static int _activate_default_eps_bearer_context_reject(char* buffer, int length, ...@@ -844,9 +935,11 @@ static int _activate_default_eps_bearer_context_reject(char* buffer, int length,
* Process Activate Dedicated EPS Bearer Context Request * Process Activate Dedicated EPS Bearer Context Request
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _activate_dedicated_eps_bearer_context_request( static int
char* buffer, int length, _activate_dedicated_eps_bearer_context_request(
const activate_dedicated_eps_bearer_context_request_msg* msg) char* buffer,
int length,
const activate_dedicated_eps_bearer_context_request_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -862,9 +955,11 @@ static int _activate_dedicated_eps_bearer_context_request( ...@@ -862,9 +955,11 @@ static int _activate_dedicated_eps_bearer_context_request(
* Process Activate Dedicated EPS Bearer Context Accept * Process Activate Dedicated EPS Bearer Context Accept
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _activate_dedicated_eps_bearer_context_accept( static int
char* buffer, int length, _activate_dedicated_eps_bearer_context_accept(
const activate_dedicated_eps_bearer_context_accept_msg* msg) char* buffer,
int length,
const activate_dedicated_eps_bearer_context_accept_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -876,15 +971,17 @@ static int _activate_dedicated_eps_bearer_context_accept( ...@@ -876,15 +971,17 @@ static int _activate_dedicated_eps_bearer_context_accept(
* Process Activate Dedicated EPS Bearer Context Reject * Process Activate Dedicated EPS Bearer Context Reject
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _activate_dedicated_eps_bearer_context_reject( static int
char* buffer, int length, _activate_dedicated_eps_bearer_context_reject(
const activate_dedicated_eps_bearer_context_reject_msg* msg) char* buffer,
int length,
const activate_dedicated_eps_bearer_context_reject_msg* msg)
{ {
int index = 0; int index = 0;
/* ESM cause code */ /* ESM cause code */
index += snprintf(buffer + index, length - index, ", EsmCause = %s (%d)", index += snprintf(buffer + index, length - index, ", EsmCause = %s (%d)",
esmCauseCode(msg->esmcause), msg->esmcause); esmCauseCode(msg->esmcause), msg->esmcause);
return (index); return (index);
} }
...@@ -894,14 +991,16 @@ static int _activate_dedicated_eps_bearer_context_reject( ...@@ -894,14 +991,16 @@ static int _activate_dedicated_eps_bearer_context_reject(
* Process Deactivate EPS Bearer Context Request * Process Deactivate EPS Bearer Context Request
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _deactivate_eps_bearer_context_request(char* buffer, int length, static int _deactivate_eps_bearer_context_request(
const deactivate_eps_bearer_context_request_msg* msg) char* buffer,
int length,
const deactivate_eps_bearer_context_request_msg* msg)
{ {
int index = 0; int index = 0;
/* ESM cause code */ /* ESM cause code */
index += snprintf(buffer + index, length - index, ", EsmCause = %s (%d)", index += snprintf(buffer + index, length - index, ", EsmCause = %s (%d)",
esmCauseCode(msg->esmcause), msg->esmcause); esmCauseCode(msg->esmcause), msg->esmcause);
return (index); return (index);
} }
...@@ -911,8 +1010,11 @@ static int _deactivate_eps_bearer_context_request(char* buffer, int length, ...@@ -911,8 +1010,11 @@ static int _deactivate_eps_bearer_context_request(char* buffer, int length,
* Process Deactivate EPS Bearer Context Accept * Process Deactivate EPS Bearer Context Accept
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _deactivate_eps_bearer_context_accept(char* buffer, int length, static int
const deactivate_eps_bearer_context_accept_msg* msg) _deactivate_eps_bearer_context_accept(
char* buffer,
int length,
const deactivate_eps_bearer_context_accept_msg* msg)
{ {
int index = 0; int index = 0;
...@@ -924,13 +1026,17 @@ static int _deactivate_eps_bearer_context_accept(char* buffer, int length, ...@@ -924,13 +1026,17 @@ static int _deactivate_eps_bearer_context_accept(char* buffer, int length,
* Process ESM Status * Process ESM Status
*----------------------------------------------------------------------------- *-----------------------------------------------------------------------------
*/ */
static int _esm_status(char* buffer, int length, const esm_status_msg* msg) static int
_esm_status(
char* buffer,
int length,
const esm_status_msg* msg)
{ {
int index = 0; int index = 0;
/* ESM cause code */ /* ESM cause code */
index += snprintf(buffer + index, length - index, ", EsmCause = %s (%d)", index += snprintf(buffer + index, length - index, ", EsmCause = %s (%d)",
esmCauseCode(msg->esmcause), msg->esmcause); esmCauseCode(msg->esmcause), msg->esmcause);
return (index); return (index);
} }
......
openair-cn/NAS/Makefile.am
View file @ 6f5c0332
...@@ -8,6 +8,7 @@ AM_CFLAGS = \ ...@@ -8,6 +8,7 @@ AM_CFLAGS = \
-DEPC_BUILD \ -DEPC_BUILD \
-DENABLE_ITTI \ -DENABLE_ITTI \
-I$(top_srcdir)/COMMON \ -I$(top_srcdir)/COMMON \
-I$(top_srcdir)/SECU \
-I$(top_srcdir)/INTERTASK_INTERFACE \ -I$(top_srcdir)/INTERTASK_INTERFACE \
-I$(top_srcdir)/NAS/EURECOM-NAS/src/api/user \ -I$(top_srcdir)/NAS/EURECOM-NAS/src/api/user \
-I$(top_srcdir)/NAS/EURECOM-NAS/src/api/mme \ -I$(top_srcdir)/NAS/EURECOM-NAS/src/api/mme \
......
openair-cn/NAS/Makefile.inc
View file @ 6f5c0332
libnas_api_SRCS = \ libnas_api_SRCS = \
EURECOM-NAS/src/api/mme/mme_api.c \ EURECOM-NAS/src/api/mme/mme_api.c \
EURECOM-NAS/src/api/mme/mme_api.h \ EURECOM-NAS/src/api/mme/mme_api.h \
EURECOM-NAS/src/api/network/nas_message.c \ EURECOM-NAS/src/api/network/nas_message.c \
EURECOM-NAS/src/api/network/nas_message.h EURECOM-NAS/src/api/network/nas_message.h
libnas_emm_SRCS = \ libnas_emm_SRCS = \
......
openair-cn/README
View file @ 6f5c0332
...@@ -11,7 +11,7 @@ MME + P-GW + S-GW implementation of 3GPP standard. ...@@ -11,7 +11,7 @@ MME + P-GW + S-GW implementation of 3GPP standard.
Controle plane: Controle plane:
eNB MME HSS eNB MME HSS
|----------------------------| |----------------------------|
| MME Application layer | | MME Application layer |
|----------------------------| |----------------------------|
...@@ -88,7 +88,7 @@ Current options supported for configure: ...@@ -88,7 +88,7 @@ Current options supported for configure:
code build switch: UPDATE_RELEASE_9 and UPDATE_RELEASE_10 code build switch: UPDATE_RELEASE_9 and UPDATE_RELEASE_10
NOTE: Release 10 is enabled by default NOTE: Release 10 is enabled by default
--enable-standalone-epc: all-in-one package, MME, S-GW and P-GW are compiled in a single --enable-standalone-epc: all-in-one package, MME, S-GW and P-GW are compiled in a single
executable and S11 interface is not used; messages are exchanged internally, executable and S11 interface is not used; messages are exchanged internally,
linking MME applicative layer to S+P-GW applicative layer linking MME applicative layer to S+P-GW applicative layer
How to run EPC environnement ? How to run EPC environnement ?
......
openair-cn/S1AP/s1ap_mme_nas_procedures.c
View file @ 6f5c0332
...@@ -653,12 +653,18 @@ void s1ap_handle_conn_est_cnf(const mme_app_connection_establishment_cnf_t * con ...@@ -653,12 +653,18 @@ void s1ap_handle_conn_est_cnf(const mme_app_connection_establishment_cnf_t * con
initialContextSetupRequest_p->ueSecurityCapabilities.integrityProtectionAlgorithms.bits_unused initialContextSetupRequest_p->ueSecurityCapabilities.integrityProtectionAlgorithms.bits_unused
= 0; = 0;
// initialContextSetupRequest_p->securityKey.buf = initial_p->keNB; /* 256 bits length */ if (conn_est_cnf_pP->keNB) {
uint8_t keNB[32]; initialContextSetupRequest_p->securityKey.buf = malloc(32);
memset(keNB, 0, sizeof(keNB)); memcpy(initialContextSetupRequest_p->securityKey.buf,
conn_est_cnf_pP->keNB,
32);
initialContextSetupRequest_p->securityKey.buf = keNB; initialContextSetupRequest_p->securityKey.size = 32;
initialContextSetupRequest_p->securityKey.size = 32; } else {
S1AP_DEBUG("No keNB\n");
initialContextSetupRequest_p->securityKey.buf = NULL;
initialContextSetupRequest_p->securityKey.size = 0;
}
initialContextSetupRequest_p->securityKey.bits_unused = 0; initialContextSetupRequest_p->securityKey.bits_unused = 0;
if (s1ap_mme_encode_pdu(&message, &buffer_p, &length) < 0) { if (s1ap_mme_encode_pdu(&message, &buffer_p, &length) < 0) {
......
openair-cn/SECU/nas_stream_eia2.c
View file @ 6f5c0332
...@@ -9,10 +9,15 @@ ...@@ -9,10 +9,15 @@
#include <openssl/cmac.h> #include <openssl/cmac.h>
#include <openssl/evp.h> #include <openssl/evp.h>
// test
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include "assertions.h" #include "assertions.h"
#include "conversions.h" #include "conversions.h"
// #define SECU_DEBUG #define SECU_DEBUG
/*! /*!
* @brief Create integrity cmac t for a given message. * @brief Create integrity cmac t for a given message.
...@@ -21,19 +26,19 @@ ...@@ -21,19 +26,19 @@
*/ */
int nas_stream_encrypt_eia2(nas_stream_cipher_t *stream_cipher, uint8_t out[4]) int nas_stream_encrypt_eia2(nas_stream_cipher_t *stream_cipher, uint8_t out[4])
{ {
uint8_t *m; uint8_t *m = NULL;
uint32_t local_count; uint32_t local_count;
size_t size = 4; size_t size = 4;
uint8_t data[16];
uint8_t data[16]; CMAC_CTX *cmac_ctx = NULL;
const EVP_CIPHER *cipher = EVP_aes_128_cbc();
CMAC_CTX *cmac_ctx; uint32_t zero_bit = 0;
uint32_t m_length;
uint32_t zero_bit = 0; int ret;
uint32_t m_length;
DevAssert(stream_cipher != NULL); DevAssert(stream_cipher != NULL);
DevAssert(stream_cipher->key != NULL); DevAssert(stream_cipher->key != NULL);
DevAssert(stream_cipher->key_length > 0);
DevAssert(out != NULL); DevAssert(out != NULL);
memset(data, 0, 16); memset(data, 0, 16);
...@@ -59,24 +64,36 @@ int nas_stream_encrypt_eia2(nas_stream_cipher_t *stream_cipher, uint8_t out[4]) ...@@ -59,24 +64,36 @@ int nas_stream_encrypt_eia2(nas_stream_cipher_t *stream_cipher, uint8_t out[4])
printf("Byte length: %u, Zero bits: %u\nm: ", m_length + 8, zero_bit); printf("Byte length: %u, Zero bits: %u\nm: ", m_length + 8, zero_bit);
for (i = 0; i < m_length + 8; i++) for (i = 0; i < m_length + 8; i++)
printf("%02x", m[i]); printf("%02x", m[i]);
printf("\nKey:");
for (i = 0; i < stream_cipher->key_length; i++)
printf("%02x", stream_cipher->key[i]);
printf("\nMessage:");
for (i = 0; i < m_length; i++)
printf("%02x", stream_cipher->message[i]);
printf("\n"); printf("\n");
} }
#endif #endif
cmac_ctx = CMAC_CTX_new(); cmac_ctx = CMAC_CTX_new();
ret = CMAC_Init(cmac_ctx, stream_cipher->key, stream_cipher->key_length, cipher, NULL);
CMAC_Init(cmac_ctx, stream_cipher->key, stream_cipher->key_length, EVP_aes_128_cbc(), NULL); #if defined(SECU_DEBUG)
CMAC_Update(cmac_ctx, m, m_length + 8); printf("CMAC_Init returned %d\n", ret);
#endif
ret = CMAC_Update(cmac_ctx, m, m_length + 8);
#if defined(SECU_DEBUG)
printf("CMAC_Update returned %d\n", ret);
#endif
CMAC_Final(cmac_ctx, data, &size); CMAC_Final(cmac_ctx, data, &size);
#if defined(SECU_DEBUG)
printf("CMAC_Final returned %d, size = %u\n", ret, size);
#endif
CMAC_CTX_free(cmac_ctx); CMAC_CTX_free(cmac_ctx);
#if defined(SECU_DEBUG) #if defined(SECU_DEBUG)
{ {
int i; int i;
printf("out: "); printf("out: ");
for (i = 0; i < 16; i++) for (i = 0; i < size; i++)
printf("%02x", data[i]); printf("%02x", data[i]);
printf("\n"); printf("\n");
} }
......
openair-cn/SECU/secu_defs.h
View file @ 6f5c0332
...@@ -7,6 +7,13 @@ ...@@ -7,6 +7,13 @@
#define EIA1_128_ALG_ID 0x01 #define EIA1_128_ALG_ID 0x01
#define EIA2_128_ALG_ID 0x02 #define EIA2_128_ALG_ID 0x02
#define EEA0_ALG_ID 0x00
#define EEA1_128_ALG_ID 0x01
#define EEA2_128_ALG_ID 0x02
#define SECU_DIRECTION_UPLINK 0
#define SECU_DIRECTION_DOWNLINK 1
inline inline
void kdf(const uint8_t *s, const uint32_t s_length, const uint8_t *key, void kdf(const uint8_t *s, const uint32_t s_length, const uint8_t *key,
const uint32_t key_length, uint8_t **out, uint32_t out_length); const uint32_t key_length, uint8_t **out, uint32_t out_length);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment