Commit 39a15212 authored by HFJ's avatar HFJ

response fixed

parent 94ce9678
......@@ -649,7 +649,7 @@ void Authentication_5gaka::sha256(unsigned char *message, int msg_len, unsigned
}
//
//hxres
void Authentication_5gaka::generate_Hxres(uint8_t rand[16],uint8_t xresStar[16],
uint8_t *hxresStar) {
uint8_t inputString[40];
......@@ -670,4 +670,33 @@ void Authentication_5gaka::generate_Hxres(uint8_t rand[16],uint8_t xresStar[16],
// for (int i = 0; i < 16; i++)printf("%x ", hxresStar[i]);
// cout << endl;
}
//may not be appropriate
// void Authentication_5gaka::generate_authCtxId(uint8_t autn[16],
// uint8_t *authCtxId) {
// unsigned char sha256Out[Sha256::DIGEST_SIZE];
// Authentication_5gaka::sha256((unsigned char *)autn, 32, sha256Out); //note risk in type change
// for (int j = 0; j < 16; j++)
// authCtxId[j] = (uint8_t)sha256Out[j];
// cout << "authCtxId" << std::endl;
// for (int i = 0; i < 16; i++)printf("%x ", authCtxId[i]);
// cout << endl;
// }
bool Authentication_5gaka::equal_uint8(uint8_t *oldVal,uint8_t *newVal,
int msg_len) {
for (int i = 0; i < msg_len; i++)
{
if (oldVal[i] != newVal[i])
return false;
};
return true;
}
\ No newline at end of file
......@@ -138,7 +138,10 @@ public:
static void sha256(unsigned char *message, int msg_len, unsigned char *output);
static void generate_Hxres(uint8_t rand[16],uint8_t xresStar[16],
uint8_t *hxresStar);
// static void generate_authCtxId(uint8_t autn[16],
// uint8_t *authCtxId);
static bool equal_uint8(uint8_t *oldVal,uint8_t *newVal,
int msg_len);
public:
/****** Rijndael ********/
......
......@@ -43,8 +43,10 @@ using namespace org::openapitools::server::model;
//stored temporarily
uint8_t XRES_STAR[16]; //store xres*
// uint8_t KSEAF[32];
uint8_t kAUSF[32];
// uint8_t KAUSF[32];
std::string SUPI_AUSF; //store supi
std:: string KAUSF_TMP; //store Kausf(string)
typedef struct {
uint8_t rand[16];
......@@ -87,32 +89,31 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
/*---------------------认证确认-amf--------------------------------*/
ConfirmationDataResponse confirmResponse;
//1.验证AV是否过期: 认证成功后,AUSF将存储 KAUSF ?
bool is_auth_vectors_present = true;
uint8_t authCtxId_seaf[16];
conv::hex_str_to_uint8(authCtxId.c_str(), authCtxId_seaf); //authCtxId in seaf
//av up to date?
Logger::ausf_server().debug("authCtxId in ausf:\n %s", (conv::uint8_to_hex_string(ausf_av_s.autn, 16)).c_str());
bool is_auth_vectors_present = Authentication_5gaka::equal_uint8(ausf_av_s.autn,authCtxId_seaf,16);
if(!is_auth_vectors_present) //AV expired
{
Logger::ausf_server().error("Authentication failure by home network with authCtxId %s: AV expired",authCtxId.c_str());
confirmResponse.setAuthResult(is_auth_vectors_present); //向SEAF指示,从本地网络角度认证否成功
confirmResponse.setAuthResult(is_auth_vectors_present); //向SEAF指示,从本地网络角度认证not成功
KAUSF_TMP = "invalid";
}
else //AV valid
{
Logger::ausf_server().info("AV is up to date, handling received res*...");
//store Kausf
//2.将接收到的RES*与存储的XRES*进行比较:RES*与XRES*相等,AUSF将从家庭网络角度认为认证成功
//get stored xres* -----
uint8_t xresStar[16] = {0};
memcpy(xresStar,XRES_STAR,16); //xres* stored for 5g-aka-confirmation
Logger::ausf_server().debug("xres* in ausf:\n %s", (conv::uint8_to_hex_string(xresStar, 16)).c_str());
//res* verification
bool authResult = true;
for (int i = 0; i < 16; i++)
{
if (xresStar[i] != resStar[i])
authResult = false;
}
bool authResult = Authentication_5gaka::equal_uint8(xresStar,resStar,16);
confirmResponse.setAuthResult(authResult); //3.向SEAF指示,从本地网络角度认证是否成功
if(!authResult) //fail
......@@ -128,7 +129,11 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
kseaf_s = conv::uint8_to_hex_string(ausf_av_s.kseaf, 32); // convert uint8_t to string
confirmResponse.setKseaf(kseaf_s);
//supi ignored
//send supi when supi_ausf exists
if(!SUPI_AUSF.empty())
{
confirmResponse.setSupi(SUPI_AUSF);
}
}
}
......@@ -229,6 +234,12 @@ void DefaultApiImpl::ue_authentications_post(
memcpy(ausf_av_s.hxresStar,hxresStar,16);
memcpy(ausf_av_s.kseaf,kseaf,32);
//store supi in ausf
SUPI_AUSF = authenticationInfo.getSupiOrSuci();
//store kausf_tmp in ausf
KAUSF_TMP = conv::uint8_to_hex_string(kausf_ausf,32);
/*----------------ausf --> seaf-----------*/
//---forming response
// convert uint8_t to string
......@@ -239,19 +250,6 @@ void DefaultApiImpl::ue_authentications_post(
string hxresStar_s;
hxresStar_s = conv::uint8_to_hex_string(hxresStar, 16);
// convert to json
// nlohmann::json AuthInfoResult = {};
// AuthInfoResult["authType"] = "5G_AKA";
// AuthInfoResult["_links"] = "5G_AKA";
// AuthInfoResult["5gAuthData"]["avType"] = "5G_SE_AKA";
// AuthInfoResult["5gAuthData"]["rand"] = rand_s;
// AuthInfoResult["5gAuthData"]["autn"] = autn_s;
// AuthInfoResult["5gAuthData"]["hxresStar"] = hxresStar_s;
// Logger::ausf_server().debug("auth response:\n %s",AuthInfoResult.dump().c_str());
// Logger::ausf_server().info("Send response to seaf");
// response.send(Pistache::Http::Code::Created, AuthInfoResult.dump());
UEAuthenticationCtx UEAuthCtx;
//-------authType(string)
UEAuthCtx.setAuthType("5G_AKA");
......@@ -259,18 +257,18 @@ void DefaultApiImpl::ue_authentications_post(
//-------_links(std::map)
std::map<std::string, LinksValueSchema> ausf_links;
LinksValueSchema ausf_Href;
std::string resourceURI;
std::string authCtxId;
std::string ausf_ip = std::string(inet_ntoa (*((struct in_addr *)&ausf_cfg.nudr.addr4)));
std::string ausf_port = std::to_string(ausf_cfg.sbi.port);
authCtxId = supi; //unsecure, supi leaked
std::string authCtxId_s;
authCtxId_s = autn_s; // authCtxId = autn
resourceURI = "http://" + ausf_ip + ":" + ausf_port + "/nausf-auth/v1/ue-authentications/" + authCtxId + "/5g-aka-confirmation";
std::string ausf_ip = std::string(inet_ntoa (*((struct in_addr *)&ausf_cfg.nudr.addr4)));
std::string ausf_port = std::to_string(ausf_cfg.sbi.port);
resourceURI = "http://" + ausf_ip + ":" + ausf_port + "/nausf-auth/v1/ue-authentications/" + authCtxId_s + "/5g-aka-confirmation";
ausf_Href.setHref(resourceURI); //"/nausf-auth/v1/ue-authentications/640110987654321/5g-aka-confirmation"
cout << ausf_Href.getHref().c_str() << endl;
// cout << ausf_Href.getHref().c_str() << endl;
ausf_links["5g_aka_confirmation_put"] = ausf_Href;
UEAuthCtx.setLinks(ausf_links);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment