Update Security Mode Command

src/amf-app/amf_n1.cpp

@@ -2405,11 +2405,8 @@ bool amf_n1::start_security_mode_control_procedure(
     smc->setUE_Security_Capability(nc->ueSecurityCapEnc, nc->ueSecurityCapInt);
   }
 
-  if (smc->ie_ue_security_capability != NULL) {
-    smc->ie_ue_security_capability->SetLengthIndicator(nc->ueSecurityCaplen);
-  } else {
-    Logger::amf_n1().error("UE Security Capability is missing");
-  }
+  // TODO: remove
+  // smc->ie_ue_security_capability->SetLengthIndicator(nc->ueSecurityCaplen);
 
   smc->setIMEISV_Request(0xe1);  // TODO: remove hardcoded value
   smc->setAdditional_5G_Security_Information(true, false);

src/nas/ies/EPS_NAS_Security_Algorithms.cpp

@@ -48,22 +48,23 @@ EPS_NAS_Security_Algorithms::EPS_NAS_Security_Algorithms(
 }
 
 //------------------------------------------------------------------------------
-void EPS_NAS_Security_Algorithms::setCIPHERING(uint8_t value) {
+void EPS_NAS_Security_Algorithms::SetTypeOfCipheringAlgorithm(uint8_t value) {
   CIPHERING = value;
 }
 
 //------------------------------------------------------------------------------
-void EPS_NAS_Security_Algorithms::setINTEGRITY_PROTECTION(uint8_t value) {
+void EPS_NAS_Security_Algorithms::SetTypeOfIntegrityProtectionAlgorithm(
+    uint8_t value) {
   INTEGRITY_PROTECTION = value;
 }
 
 //------------------------------------------------------------------------------
-uint8_t EPS_NAS_Security_Algorithms::getCIPHERING() {
+uint8_t EPS_NAS_Security_Algorithms::GetTypeOfCipheringAlgorithm() {
   return CIPHERING;
 }
 
 //------------------------------------------------------------------------------
-uint8_t EPS_NAS_Security_Algorithms::getINTEGRITY_PROTECTION() {
+uint8_t EPS_NAS_Security_Algorithms::GetTypeOfIntegrityProtectionAlgorithm() {
   return INTEGRITY_PROTECTION;
 }
 

src/nas/ies/EPS_NAS_Security_Algorithms.hpp

@@ -39,10 +39,10 @@ class EPS_NAS_Security_Algorithms {
   ~EPS_NAS_Security_Algorithms();
   EPS_NAS_Security_Algorithms(
       uint8_t iei, uint8_t ciphering, uint8_t integrity_protection);
-  void setCIPHERING(uint8_t value);
-  void setINTEGRITY_PROTECTION(uint8_t value);
-  uint8_t getCIPHERING();
-  uint8_t getINTEGRITY_PROTECTION();
+  void SetTypeOfCipheringAlgorithm(uint8_t value);
+  void SetTypeOfIntegrityProtectionAlgorithm(uint8_t value);
+  uint8_t GetTypeOfCipheringAlgorithm();
+  uint8_t GetTypeOfIntegrityProtectionAlgorithm();
   int Encode(uint8_t* buf, int len);
   int Decode(uint8_t* buf, int len, bool is_option);
 

src/nas/ies/NAS_Security_Algorithms.cpp

@@ -35,64 +35,116 @@ using namespace nas;
 using namespace std;
 
 //------------------------------------------------------------------------------
-NAS_Security_Algorithms::NAS_Security_Algorithms() {}
+NAS_Security_Algorithms::NAS_Security_Algorithms()
+    : Type3NasIe(),
+      type_of_ciphering_algorithm_(),
+      type_of_integrity_protection_algorithm_() {
+  SetIeName(kNasSecurityAlgorithmsIeName);
+}
+
+//------------------------------------------------------------------------------
+NAS_Security_Algorithms::NAS_Security_Algorithms(uint8_t iei)
+    : Type3NasIe(iei),
+      type_of_ciphering_algorithm_(),
+      type_of_integrity_protection_algorithm_() {
+  SetIeName(kNasSecurityAlgorithmsIeName);
+}
 
 //------------------------------------------------------------------------------
 NAS_Security_Algorithms::~NAS_Security_Algorithms() {}
 
 //------------------------------------------------------------------------------
 NAS_Security_Algorithms::NAS_Security_Algorithms(
-    uint8_t ciphering, uint8_t integrity_protection) {
-  CIPHERING            = ciphering;
-  INTEGRITY_PROTECTION = integrity_protection;
+    uint8_t ciphering, uint8_t integrity_protection)
+    : Type3NasIe() {
+  type_of_ciphering_algorithm_            = ciphering & 0x0f;
+  type_of_integrity_protection_algorithm_ = integrity_protection & 0x0f;
+  SetIeName(kNasSecurityAlgorithmsIeName);
 }
 
 //------------------------------------------------------------------------------
-void NAS_Security_Algorithms::setCIPHERING(uint8_t value) {
-  CIPHERING = value;
+void NAS_Security_Algorithms::SetTypeOfCipheringAlgorithm(uint8_t value) {
+  type_of_ciphering_algorithm_ = value & 0x0f;
 }
 
 //------------------------------------------------------------------------------
-void NAS_Security_Algorithms::setINTEGRITY_PROTECTION(uint8_t value) {
-  INTEGRITY_PROTECTION = value;
+void NAS_Security_Algorithms::SetTypeOfIntegrityProtectionAlgorithm(
+    uint8_t value) {
+  type_of_integrity_protection_algorithm_ = value & 0x0f;
 }
 
 //------------------------------------------------------------------------------
-uint8_t NAS_Security_Algorithms::getCIPHERING() {
-  return CIPHERING;
+uint8_t NAS_Security_Algorithms::GetTypeOfCipheringAlgorithm() const {
+  return type_of_ciphering_algorithm_;
 }
 
 //------------------------------------------------------------------------------
-uint8_t NAS_Security_Algorithms::getINTEGRITY_PROTECTION() {
-  return INTEGRITY_PROTECTION;
+uint8_t NAS_Security_Algorithms::GetTypeOfIntegrityProtectionAlgorithm() const {
+  return type_of_integrity_protection_algorithm_;
+}
+
+//------------------------------------------------------------------------------
+void NAS_Security_Algorithms::Set(
+    uint8_t ciphering, uint8_t integrity_protection) {
+  type_of_ciphering_algorithm_            = ciphering & 0x0f;
+  type_of_integrity_protection_algorithm_ = integrity_protection & 0x0f;
+}
+//------------------------------------------------------------------------------
+void NAS_Security_Algorithms::Get(
+    uint8_t& ciphering, uint8_t& integrity_protection) const {
+  ciphering            = type_of_ciphering_algorithm_;
+  integrity_protection = type_of_integrity_protection_algorithm_;
 }
 
 //------------------------------------------------------------------------------
 int NAS_Security_Algorithms::Encode(uint8_t* buf, int len) {
-  Logger::nas_mm().debug("encoding NAS_Security_Algorithms ");
-  if (len < 1) {
-    Logger::nas_mm().error("len is less than one");
-    return -1;
-  } else {
-    *buf = ((CIPHERING & 0x0f) << 4) | (INTEGRITY_PROTECTION & 0x0f);
-    Logger::nas_mm().debug("encoded NAS_Security_Algorithms IE 0x%x", *buf);
+  Logger::nas_mm().debug("Encoding %s", GetIeName().c_str());
+
+  if (len < kNasSecurityAlgorithmsLength) {
+    Logger::nas_mm().error(
+        "Buffer length is less than the minimum length of this IE (%d octet)",
+        kNasSecurityAlgorithmsLength);
+    return KEncodeDecodeError;
   }
-  return 1;
+  int encoded_size = 0;
+
+  // IEI
+  encoded_size += Type3NasIe::Encode(buf + encoded_size, len);
+
+  uint8_t octet = 0;
+  octet         = ((type_of_ciphering_algorithm_ & 0x0f) << 4) |
+          (type_of_integrity_protection_algorithm_ & 0x0f);
+
+  ENCODE_U8(buf + encoded_size, octet, encoded_size);
+
+  Logger::nas_mm().debug(
+      "Encoded %s, len (%d)", GetIeName().c_str(), encoded_size);
+  return encoded_size;
 }
 
 //------------------------------------------------------------------------------
-int NAS_Security_Algorithms::Decode(uint8_t* buf, int len, bool is_option) {
-  Logger::nas_mm().debug("decoding NAS_Security_Algorithms IE");
-  if (len < 1) {
-    Logger::nas_mm().error("len is less than one");
-    return 0;
-  } else {
-    CIPHERING            = (*buf & 0xf0) >> 4;
-    INTEGRITY_PROTECTION = *buf & 0x0f;
-    Logger::nas_mm().debug(
-        "decoded NAS_Security_Algorithms len 1 "
-        "octet,CIPHERING=0x%x,INTEGRITY_PROTECTION=0x%x",
-        CIPHERING, INTEGRITY_PROTECTION);
-    return 1;
+int NAS_Security_Algorithms::Decode(uint8_t* buf, int len, bool is_iei) {
+  Logger::nas_mm().debug("Decoding %s", GetIeName().c_str());
+
+  if (len < kNasSecurityAlgorithmsLength) {
+    Logger::nas_mm().error(
+        "Buffer length is less than the minimum length of this IE (%d octet)",
+        kNasSecurityAlgorithmsLength);
+    return KEncodeDecodeError;
   }
+
+  int decoded_size = 0;
+
+  // IEI and Length
+  decoded_size += Type3NasIe::Decode(buf + decoded_size, len, is_iei);
+
+  uint8_t octet = 0;
+  DECODE_U8(buf + decoded_size, octet, decoded_size);
+
+  type_of_ciphering_algorithm_            = (octet & 0xf0) >> 4;
+  type_of_integrity_protection_algorithm_ = octet & 0x0f;
+
+  Logger::nas_mm().debug(
+      "Decoded %s, len (%d)", GetIeName().c_str(), decoded_size);
+  return decoded_size;
 }

src/nas/ies/NAS_Security_Algorithms.hpp

@@ -19,35 +19,41 @@
  *      contact@openairinterface.org
  */
 
-/*! \file
- \brief
- \author  Keliang DU, BUPT
- \date 2020
- \email: contact@openairinterface.org
- */
-
-#ifndef __NAS_Security_Algorithms_H
-#define __NAS_Security_Algorithms_H
+#ifndef _NAS_SECURITY_ALGORITHS_H
+#define _NAS_SECURITY_ALGORITHS_H
 
+#include "Type3NasIe.hpp"
 #include <stdint.h>
 
+constexpr uint8_t kNasSecurityAlgorithmsLength = 2;
+constexpr auto kNasSecurityAlgorithmsIeName    = "NAS Security Algorithms";
+
 namespace nas {
 
-class NAS_Security_Algorithms {
+class NAS_Security_Algorithms : public Type3NasIe {
  public:
   NAS_Security_Algorithms();
-  ~NAS_Security_Algorithms();
+  NAS_Security_Algorithms(uint8_t iei);
   NAS_Security_Algorithms(uint8_t ciphering, uint8_t integrity_protection);
-  void setCIPHERING(uint8_t value);
-  void setINTEGRITY_PROTECTION(uint8_t value);
-  uint8_t getCIPHERING();
-  uint8_t getINTEGRITY_PROTECTION();
+  NAS_Security_Algorithms(
+      uint8_t iei, uint8_t ciphering, uint8_t integrity_protection);
+  ~NAS_Security_Algorithms();
+
+  void SetTypeOfCipheringAlgorithm(uint8_t value);
+  uint8_t GetTypeOfCipheringAlgorithm() const;
+
+  void SetTypeOfIntegrityProtectionAlgorithm(uint8_t value);
+  uint8_t GetTypeOfIntegrityProtectionAlgorithm() const;
+
+  void Set(uint8_t ciphering, uint8_t integrity_protection);
+  void Get(uint8_t& ciphering, uint8_t& integrity_protection) const;
+
   int Encode(uint8_t* buf, int len);
-  int Decode(uint8_t* buf, int len, bool is_option);
+  int Decode(uint8_t* buf, int len, bool is_iei);
 
  private:
-  uint8_t CIPHERING;
-  uint8_t INTEGRITY_PROTECTION;
+  uint8_t type_of_ciphering_algorithm_;
+  uint8_t type_of_integrity_protection_algorithm_;
 };
 
 }  // namespace nas

src/nas/ies/UESecurityCapability.cpp

@@ -145,6 +145,22 @@ bool UESecurityCapability::GetEia(uint8_t& value) const {
   return false;
 }
 
+//------------------------------------------------------------------------------
+void UESecurityCapability::Set(uint8_t _5g_ea, uint8_t _5g_ia) {
+  _5g_ea_ = _5g_ea;
+  _5g_ia_ = _5g_ia;
+}
+
+//------------------------------------------------------------------------------
+void UESecurityCapability::Set(
+    uint8_t _5g_ea, uint8_t _5g_ia, uint8_t eea, uint8_t eia) {
+  _5g_ea_ = _5g_ea;
+  _5g_ia_ = _5g_ia;
+  eea_    = std::optional<uint8_t>(eea);
+  eia_    = std::optional<uint8_t>(eia);
+  SetLengthIndicator(4);
+}
+
 //------------------------------------------------------------------------------
 int UESecurityCapability::Encode(uint8_t* buf, int len) {
   Logger::nas_mm().debug("Encoding %s", GetIeName().c_str());

src/nas/ies/UESecurityCapability.hpp

@@ -56,6 +56,9 @@ class UESecurityCapability : public Type4NasIe {
   void SetEia(uint8_t value);
   bool GetEia(uint8_t& value) const;
 
+  void Set(uint8_t _5g_ea, uint8_t _5g_ia);
+  void Set(uint8_t _5g_ea, uint8_t _5g_ia, uint8_t eea, uint8_t eia);
+
   int Encode(uint8_t* buf, int len);
   int Decode(uint8_t* buf, int len, bool is_iei);
 

src/nas/msgs/SecurityModeCommand.hpp

@@ -19,50 +19,58 @@
  *      contact@openairinterface.org
  */
 
-/*! \file
- \brief
- \author  Keliang DU, BUPT
- \date 2020
- \email: contact@openairinterface.org
- */
-
-#ifndef _SecurityModeCommand_H_
-#define _SecurityModeCommand_H_
+#ifndef _SECURITY_MODE_COMMAND_H_
+#define _SECURITY_MODE_COMMAND_H_
 
 #include "NasIeHeader.hpp"
 
 namespace nas {
 
-class SecurityModeCommand {
+class SecurityModeCommand : public NasMmPlainHeader {
  public:
   SecurityModeCommand();
   ~SecurityModeCommand();
+
+  void setHeader(uint8_t security_header_type);
+
   int Encode(uint8_t* buf, int len);
   int Decode(NasMmPlainHeader* header, uint8_t* buf, int len);
-  void setHeader(uint8_t security_header_type);
+
   void setNAS_Security_Algorithms(uint8_t ciphering, uint8_t integrity);
+
   void setngKSI(uint8_t tsc, uint8_t key_set_id);
+
   void setUE_Security_Capability(uint8_t g_EASel, uint8_t g_IASel);
+
   void setUE_Security_Capability(
       uint8_t g_EASel, uint8_t g_IASel, uint8_t eea, uint8_t eia);
+
   void setIMEISV_Request(uint8_t value);
+
   void setEPS_NAS_Security_Algorithms(uint8_t ciphering, uint8_t integrity);
+
   void setAdditional_5G_Security_Information(bool rinmr, bool hdp);
+
   void SetEapMessage(bstring eap);
+
   void setABBA(uint8_t length, uint8_t* value);
+
   void setS1_UE_Security_Capability(uint8_t g_EEASel, uint8_t g_EIASel);
 
  public:
-  NasMmPlainHeader* plain_header;
-  NAS_Security_Algorithms* ie_selected_nas_security_algorithms;
-  NasKeySetIdentifier* ie_ngKSI;
-  UESecurityCapability* ie_ue_security_capability;
-  IMEISV_Request* ie_imeisv_request;
-  EPS_NAS_Security_Algorithms* ie_eps_nas_security_algorithms;
-  Additional_5G_Security_Information* ie_additional_5G_security_information;
-  EapMessage* ie_eap_message;
-  ABBA* ie_abba;
-  S1_UE_Security_Capability* ie_s1_ue_security_capability;
+  NAS_Security_Algorithms ie_selected_nas_security_algorithms;  // Mandatory
+  NasKeySetIdentifier ie_ngKSI;                                 // Mandatory
+  UESecurityCapability ie_ue_security_capability;               // Mandatory
+
+  std::optional<IMEISV_Request> ie_imeisv_request;  // Optional
+  std::optional<EPS_NAS_Security_Algorithms>
+      ie_eps_nas_security_algorithms;  // Optional
+  std::optional<Additional_5G_Security_Information>
+      ie_additional_5G_security_information;  // Optional
+  std::optional<EapMessage> ie_eap_message;   // Optional
+  std::optional<ABBA> ie_abba;                // Optional
+  std::optional<S1_UE_Security_Capability>
+      ie_s1_ue_security_capability;  // Optional
 };
 
 }  // namespace nas