ue-authentications ready

5gaka/authentication_algorithms_with_5gaka.hpp

@@ -130,6 +130,15 @@ public:
   static int generate_vector(const uint8_t opc[16], uint64_t imsi,
                              uint8_t key[16], uint8_t plmn[3], uint8_t sqn[6],
                              auc_vector_t *vector);
+  static void annex_a_4_33501(uint8_t ck[16], uint8_t ik[16], uint8_t *input,
+                              uint8_t rand[16], std::string serving_network,
+                              uint8_t *output);
+  static void generate_random(uint8_t *random_p, ssize_t length);
+
+  static void sha256(unsigned char *message, int msg_len, unsigned char *output);
+  static void generate_Hxres(uint8_t rand[16],uint8_t xresStar[16],
+                                            uint8_t *hxresStar);
+                           
 
 public:
   /****** Rijndael ********/

common/conversions.cpp

@@ -26,12 +26,20 @@
 */
 #include "conversions.hpp"
 
+
 #include <arpa/inet.h>
 #include <ctype.h>
 #include <inttypes.h>
 #include <stdbool.h>
 #include <stdint.h>
 #include <stdlib.h>
+#include <iostream>
+#include <sstream>
+#include <iomanip>
+#include <string.h>
+
+
+
 
 static const char hex_to_ascii_table[16] = {
     '0', '1', '2', '3', '4', '5', '6', '7',
@@ -142,7 +150,7 @@ std::string conv::toString(const struct in_addr &inaddr) {
   }
   return s;
 }
-//------------------------------------------------------------------------------
+
 std::string conv::toString(const struct in6_addr &in6addr) {
   std::string s = {};
   char str[INET6_ADDRSTRLEN] = {};
@@ -154,3 +162,51 @@ std::string conv::toString(const struct in6_addr &in6addr) {
   }
   return s;
 }
+
+//------------------------------from udm------------------------------------------------
+std::string conv::uint8_to_hex_string(const uint8_t *v, const size_t s) {
+  std::stringstream ss;
+
+  ss << std::hex << std::setfill('0');
+
+  for (int i = 0; i < s; i++) {
+    ss << std::hex << std::setw(2) << static_cast<int>(v[i]);
+  }
+
+  return ss.str();
+}
+
+void conv::hex_str_to_uint8(const char* string, uint8_t *des) {
+
+    if (string == NULL)
+        return;
+
+    size_t slength = strlen(string);
+    if ((slength % 2) != 0) // must be even
+        return;
+
+    size_t dlength = slength / 2;
+
+    //des = (uint8_t*)malloc(dlength);
+
+    memset(des, 0, dlength);
+
+    size_t index = 0;
+    while (index < slength) {
+        char c = string[index];
+        int value = 0;
+        if (c >= '0' && c <= '9')
+            value = (c - '0');
+        else if (c >= 'A' && c <= 'F')
+            value = (10 + (c - 'A'));
+        else if (c >= 'a' && c <= 'f')
+            value = (10 + (c - 'a'));
+        else
+            return;
+
+        des[(index / 2)] += value << (((index + 1) % 2) * 4);
+
+        index++;
+    }
+
+}

common/conversions.hpp

@@ -54,5 +54,8 @@ public:
                                  const uint8_t digit3);
   static std::string mncToString(const uint8_t digit1, const uint8_t digit2,
                                  const uint8_t digit3);
+  static std::string uint8_to_hex_string(const uint8_t *v, const size_t s);
+  static void hex_str_to_uint8(const char* string, uint8_t *des);
+
 };
 #endif /* FILE_CONVERSIONS_HPP_SEEN */

common/logger.hpp

@@ -69,6 +69,7 @@ public:
   // static _Logger &amf_n11(){return *singleton().m_amf_n11;}
   // static _Logger &task_amf_n11(){return *singleton().m_task_amf_n11;}
   static _Logger &ausf_server() { return *singleton().m_ausf_server; }
+  static _Logger &udm_ueau() { return *singleton().m_udm_ueau; }
 
 private:
   static Logger *m_singleton;
@@ -102,6 +103,7 @@ private:
   // _Logger *m_amf_n11;
   // _Logger *m_task_amf_n11;
   _Logger *m_ausf_server;
+  _Logger *m_udm_ueau;
 };
 
 #endif

impl/DefaultApiImpl.cpp

@@ -19,9 +19,9 @@
 #include "logger.hpp"
 #include <iostream>
 
-#include "nas_context.hpp"
+#include "conversions.hpp"
 #include "sha256.hpp"
-
+#include "Av5gAka.h"
 
 using namespace std;
 
@@ -74,89 +74,153 @@ void DefaultApiImpl::ue_authentications_post(
     Logger::ausf_server().debug("--ue_authentications_post--");
 
    /*----------------------getting params-------------*/
-    Logger::ausf_server().info("servingNetworkName %s", authenticationInfo.getServingNetworkName().c_str());
-    Logger::ausf_server().info("supiOrSuci %s", authenticationInfo.getSupiOrSuci().c_str());
-
-   /*----------------------getting xres*-------------*/
-  Logger::ausf_server().debug("--algorithm test");
-
-  uint8_t opc[16] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-                     0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f};
-  uint8_t key[16] = {0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
-                     0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff};
-  uint8_t rand[16] = {0x5b, 0x2e, 0x1c, 0x24, 0x28, 0xc7, 0x56, 0x28,
-                      0xe4, 0x43, 0xb0, 0xac, 0x89, 0x5d, 0x5b, 0x73};
-  uint8_t res[8], ck[16], ik[16], ak[6];
-  Authentication_5gaka::f2345(opc, key, rand, res, ck, ik, ak);
-
-  std::string snn = "5G:mnc001.mcc110.3gppnetwork.org";
-  OCTET_STRING_t netName;
-  OCTET_STRING_fromBuf(&netName, snn.c_str(), snn.length());
-  uint8_t S[100];
-  S[0] = 0x6B;
-  memcpy(&S[1], netName.buf, netName.size);
-  printf("snn length(0x%x)\n", (unsigned int)netName.size);
-  S[1 + netName.size] = (netName.size & 0xff00) >> 8;
-  S[2 + netName.size] = (netName.size & 0x00ff);
-  for (int i = 0; i < 16; i++)
-    S[3 + netName.size + i] = rand[i];
-  S[19 + netName.size] = 0x00;
-  S[20 + netName.size] = 0x10;
-  for (int i = 0; i < 8; i++)
-    S[21 + netName.size + i] = res[i];
-  S[29 + netName.size] = 0x00;
-  S[30 + netName.size] = 0x08;
-
-  uint8_t ckik[32];
-  memcpy(&key[0], ck, 16);
-  memcpy(&key[16], ik, 16); // KEY
-
-  uint8_t out[32], output[16];
-  Authentication_5gaka::kdf(ckik, 32, S, 31 + netName.size, out, 32);
-  for (int i = 0; i < 16; i++)
-    output[i] = out[16 + i];
-  print_buffer("ausf_server", "XRES*", output, 16);
-  // cout << "xres* %s" << output << endl;
-
-  /*----------------------generating 5G AV from 5G HE AV--------------------------*/
-  /*  HXRES* <-- XRES*  */
-  /*  KSEAF  <-- KAUSF  */
-  /*  在5G HE AV中用HXRES*替代XRES*，用 KSEAF 替代KAUSF */
-  /*  删除 KSEAF，并向SEAF返回5G SE AV（RAND, AUTN, HXRES*）*/
-  /*  A.5, 3gpp ts33.501 */ 
-
-  Logger::ausf_server().debug("==generating 5g av");
-
-//   std::shared_ptr<nas_context> nc;
-//   Logger::ausf_server().debug("Authentication_vectors_generator_in_ausf");
-//   uint8_t inputString[MAX_5GS_AUTH_VECTORS][40];
-//   uint8_t *xresStar[MAX_5GS_AUTH_VECTORS];
-//   uint8_t *rand[MAX_5GS_AUTH_VECTORS];
-//   for (int i = 0; i < MAX_5GS_AUTH_VECTORS; i++)
-//   {
-//     xresStar[i] = nc.get()->_5g_he_av[i].xresStar;
-//     rand[i] = nc.get()->_5g_he_av[i].rand;
-//     memcpy(&inputString[i][0], rand[i], 16);
-//     memcpy(&inputString[i][16], xresStar[i], 16);
-//     unsigned char sha256Out[Sha256::DIGEST_SIZE];
-//     sha256((unsigned char *)inputString[i], 32, sha256Out);
-//     for (int j = 0; j < 16; j++)
-//       nc.get()->_5g_av[i].hxresStar[j] = (uint8_t)sha256Out[j];
-//     memcpy(nc.get()->_5g_av[i].rand, nc.get()->_5g_he_av[i].rand, 16);
-//     memcpy(nc.get()->_5g_av[i].autn, nc.get()->_5g_he_av[i].autn, 16);
-//     uint8_t kseaf[32];
-//     Authentication_5gaka::derive_kseaf(nc.get()->serving_network, nc.get()->_5g_he_av[i].kausf, kseaf);
-//     memcpy(nc.get()->_5g_av[i].kseaf, kseaf, 32);
-//     //print_buffer("amf_n1", "5G AV: rand", nc.get()->_5g_av[i].rand, 16);
-//     //print_buffer("amf_n1", "5G AV: autn", nc.get()->_5g_av[i].autn, 16);
-//     //print_buffer("amf_n1", "5G AV: kseaf", nc.get()->_5g_av[i].kseaf, 32);
-//     //print_buffer("amf_n1", "5G AV: hxres*", nc.get()->_5g_av[i].hxresStar, 16);
-//   }
+    Logger::ausf_server().info("servingNetworkName %s", authenticationInfo.getServingNetworkName());
+    Logger::ausf_server().info("supiOrSuci %s", authenticationInfo.getSupiOrSuci());
+    //std::string snn = "5G:mnc001.mcc460.3gppnetwork.org";
+    std::string snn = authenticationInfo.getServingNetworkName();
+    //std::string imsi = "imsi-460010123456789";
+    std::string supi = authenticationInfo.getSupiOrSuci();
+    //uint64_t _imsi = fromString<uint64_t>(imsi);
+
+    /* -----------5g he av from udm-----------------*/
+    //args 
+    //uint8_t rand[] = {0x23, 0x55, 0x3c, 0xbe, 0x96, 0x37, 0xa8, 0x9d, 0x21, 0x8a, 0xe6, 0x4d, 0xae, 0x47, 0xbf, 0x35};
+    uint8_t rand[] = {0};
+    uint8_t opc[] = {0xcd, 0x63, 0xcb, 0x71, 0x95, 0x4a, 0x9f, 0x4e, 0x48, 0xa5, 0x99, 0x4e, 0x37, 0xa0, 0x2b, 0xaf};
+    uint8_t key[] = {0x46, 0x5b, 0x5c, 0xe8, 0xb1, 0x99, 0xb4, 0x9f, 0xaa, 0x5f, 0x0a, 0x2e, 0xe2, 0x38, 0xa6, 0xbc};
+    uint8_t sqn[] = {0xff, 0x9b, 0xb4, 0xd0, 0xb6, 0x07};
+    uint8_t amf[] = {0xb9, 0xb9};
+
+    uint8_t mac_a[8] = {0};
+    uint8_t ck[16] = {0};
+    uint8_t ik[16] = {0};
+    uint8_t ak[6] = {0};
+    uint8_t xres[8] = {0};
+    uint8_t xresStar[16] = {0};
+    uint8_t autn[16] = {0};
+    uint8_t kausf[32] = {0};
+
+
+    // 5GAKA functions
+    Authentication_5gaka::generate_random(rand, 16); //generate rand
+    Authentication_5gaka::f1(opc, key, rand, sqn, amf, mac_a);
+    Authentication_5gaka::f2345(opc, key, rand, xres, ck, ik, ak); // to compute XRES, CK, IK, AK
+    Authentication_5gaka::generate_autn(sqn, ak, amf, mac_a, autn); // generate AUTN
+    Authentication_5gaka::annex_a_4_33501(ck, ik, xres, rand, snn, xresStar);//generate xres*
+    Authentication_5gaka::derive_kausf(ck, ik, snn, sqn, ak, kausf); //derive Kausf
+
+    //   //for debug
+    // cout << "\nmac_a" << std::endl;
+    // for (int i = 0; i < 8; i++)printf("%x ", mac_a[i]);
+
+    // cout << "\nxres"  << std::endl;
+    // for (int i = 0; i < 8; i++)printf("%x ", xres[i]);
+
+    // cout << "\nck"  << std::endl;
+    // for (int i = 0; i < 16; i++)printf("%x ", ck[i]);
+
+    // cout << "\nik" << std::endl;
+    // for (int i = 0; i < 16; i++)printf("%x ", ik[i]);
+
+    // cout << "\nak" << std::endl;
+    // for (int i = 0; i < 6; i++)printf("%x ", ak[i]);
+
+    // cout << "\nautn" << std::endl;
+    // for (int i = 0; i < 16; i++)printf("%x ", autn[i]);
+
+    // cout << "\nkausf" << std::endl;
+    // for (int i = 0; i < 32; i++)printf("%x ", kausf[i]);
+
+    // cout << "\nfinish" << std::endl;
+
+    /*----------------------generating 5G AV from 5G HE AV--------------------------*/
+    /*  HXRES* <-- XRES*  */
+    /*  KSEAF  <-- KAUSF  */
+    /*  在5G HE AV中用HXRES*替代XRES*，用 KSEAF 替代KAUSF */
+    /*  删除 KSEAF，并向SEAF返回5G SE AV（RAND, AUTN, HXRES*）*/
+    /*  A.5, 3gpp ts33.501 */ 
+    Logger::ausf_server().debug("==generating 5g av");
+
+
+    //--------generating hxres*
+    
+    uint8_t rand_ausf[16] = {0};
+    uint8_t autn_ausf[16] = {0};
+    uint8_t xresStar_ausf[16] = {0};
+    uint8_t kausf_ausf[32] = {0};
+    uint8_t hxresStar[16] = {0};
+    
 
+    //getting params from udm 5G HE AV
+    memcpy(xresStar_ausf,xresStar,16);  //xres*
+    memcpy(rand_ausf,rand,16);          //rand
+    memcpy(autn_ausf,autn,16);          //autn
+    memcpy(kausf_ausf,kausf,32);          //autn
+    // cout << "\nxresStar_ausf" << std::endl;
+    // for (int i = 0; i < 16; i++)printf("%x ", xresStar_ausf[i]);
+    // cout << "\nxresStar" << std::endl;
+    // for (int i = 0; i < 16; i++)printf("%x ", xresStar[i]);
+    // cout << "\nrand_ausf" << std::endl;
+    // for (int i = 0; i < 16; i++)printf("%x ", rand_ausf[i]);
+    // cout << "\nrand" << std::endl;
+    // for (int i = 0; i < 16; i++)printf("%x ", rand[i]);
+    // cout << "\nautn_ausf" << std::endl;
+    // for (int i = 0; i < 16; i++)printf("%x ", autn_ausf[i]);
+    // cout << "\nautn" << std::endl;
+    // for (int i = 0; i < 16; i++)printf("%x ", autn[i]);
+    // cout << endl;
+
+    //generate_Hxres*
+    Authentication_5gaka::generate_Hxres(rand_ausf,xresStar_ausf,hxresStar);
+
+    //test generate_Hxres
+    // cout << "\ntest" << endl;
+    // uint8_t inputString[40];
+    // memcpy(&inputString[0], rand, 16);
+    // memcpy(&inputString[16], xresStar, 16);
+    // unsigned char sha256Out[Sha256::DIGEST_SIZE];
+    // Authentication_5gaka::sha256((unsigned char *)inputString, 32, sha256Out);
+    // for (int j = 0; j < 16; j++)
+    //   hxresStar[j] = (uint8_t)sha256Out[j];
+    // cout << sizeof(hxresStar) << "/" << sizeof(hxresStar[0]) << endl;
+    // cout << "hxresStar" << std::endl;
+    // for (int i = 0; i < 16; i++)printf("%x ", hxresStar[i]);
+    // cout << endl;
 
+    
+    
+    uint8_t kseaf[32] = {0};
+    Authentication_5gaka::derive_kseaf(snn,kausf,kseaf);
+    cout << "kseaf" << endl;
+    for (int i = 0; i < 32; i++)printf("%x ", kseaf[i]);
+    cout << endl;
 
 
-  response.send(Pistache::Http::Code::Ok, "Do some magic\n");
+    //---forming response
+    // convert uint8_t to string
+    string rand_s;
+    rand_s = conv::uint8_to_hex_string(rand_ausf, 16);
+    string autn_s;
+    autn_s = conv::uint8_to_hex_string(autn_ausf, 16);
+    string hxresStar_s;
+    hxresStar_s = conv::uint8_to_hex_string(hxresStar, 16);
+
+
+    // convert to json
+    Av5gAka AuthInfoResponse;
+    AuthInfoResponse.setRand(rand_s);
+    AuthInfoResponse.setAutn(autn_s);
+    AuthInfoResponse.setHxresStar(hxresStar_s);
+
+    nlohmann::json AuthInfoResponse_json;
+    to_json(AuthInfoResponse_json,AuthInfoResponse);
+
+    cout << AuthInfoResponse_json;
+
+    Logger::ausf_server().info("Send response to SEAF");
+
+    // successfully
+    response.send(Pistache::Http::Code::Created, AuthInfoResponse_json.dump());  //Type: json object to string
 }
 
 } // namespace api

main-api-server.cpp

@@ -24,23 +24,9 @@
 #include "DefaultApiImpl.h"
 
 #include "logger.hpp"
-#include <iostream>
-
-#include "nas_context.hpp"
-#include "sha256.hpp"
-// #include "comUt.hpp"
 
 using namespace std;
 
-Sha256 ctx;
-void sha256(unsigned char *message, int msg_len, unsigned char *output)
-{
-  memset(output, 0, Sha256::DIGEST_SIZE);
-  ctx.init();
-  ctx.update(message, msg_len);
-  ctx.finalResult(output);
-}
-
 #define PISTACHE_SERVER_THREADS 2
 #define PISTACHE_SERVER_MAX_REQUEST_SIZE 32768
 #define PISTACHE_SERVER_MAX_RESPONSE_SIZE 32768
@@ -95,39 +81,8 @@ int main(int argc, char **argv) {
   opts.maxResponseSize(PISTACHE_SERVER_MAX_RESPONSE_SIZE);
   httpEndpoint->init(opts);
 
-  std::shared_ptr<nas_context> nc;
-  Logger::ausf_server().debug("Authentication_vectors_generator_in_ausf");
-  uint8_t inputString[MAX_5GS_AUTH_VECTORS][40];
-  uint8_t *xresStar[MAX_5GS_AUTH_VECTORS];
-  uint8_t *rand[MAX_5GS_AUTH_VECTORS];
-  for (int i = 0; i < MAX_5GS_AUTH_VECTORS; i++)
-  {
-    xresStar[i] = nc.get()->_5g_he_av[i].xresStar;
-    rand[i] = nc.get()->_5g_he_av[i].rand;
-    memcpy(&inputString[i][0], rand[i], 16);
-    memcpy(&inputString[i][16], xresStar[i], 16);
-    unsigned char sha256Out[Sha256::DIGEST_SIZE];
-    sha256((unsigned char *)inputString[i], 32, sha256Out);
-    for (int j = 0; j < 16; j++)
-      nc.get()->_5g_av[i].hxresStar[j] = (uint8_t)sha256Out[j];
-    memcpy(nc.get()->_5g_av[i].rand, nc.get()->_5g_he_av[i].rand, 16);
-    memcpy(nc.get()->_5g_av[i].autn, nc.get()->_5g_he_av[i].autn, 16);
-    uint8_t kseaf[32];
-    Authentication_5gaka::derive_kseaf(nc.get()->serving_network, nc.get()->_5g_he_av[i].kausf, kseaf);
-    memcpy(nc.get()->_5g_av[i].kseaf, kseaf, 32);
-    cout << "5G AV: rand" << nc.get()->_5g_av[i].rand << endl;
-    cout << "5G AV: autn" << nc.get()->_5g_av[i].autn << endl;
-    cout << "5G AV: kseaf" << nc.get()->_5g_av[i].kseaf << endl;
-    cout << "5G AV: hxres*" << nc.get()->_5g_av[i].hxresStar << endl;
-    // print_buffer("amf_n1", "5G AV: rand", nc.get()->_5g_av[i].rand, 16);
-    // print_buffer("amf_n1", "5G AV: autn", nc.get()->_5g_av[i].autn, 16);
-    // print_buffer("amf_n1", "5G AV: kseaf", nc.get()->_5g_av[i].kseaf, 32);
-    // print_buffer("amf_n1", "5G AV: hxres*", nc.get()->_5g_av[i].hxresStar, 16);
-  }
-
-
-Logger::init( "ausf" , true , true);
-Logger::ausf_server().startup("Entering main...");
+  Logger::init( "ausf" , true , true);
+  Logger::ausf_server().startup("Entering main...");
 
 
   AuthenticationResultDeletionApiImpl AuthenticationResultDeletionApiserver(