Fix Authentication failed(Synch Failure)

f8e13622 · yangjian · e8f18308 · f8e13622 · f8e13622 · f8e13622
Commit f8e13622 authored Mar 25, 2021 by yangjian
4 changed files
--- a/src/5gaka/authentication_algorithms_with_5gaka.cpp
+++ b/src/5gaka/authentication_algorithms_with_5gaka.cpp
@@ -521,9 +521,11 @@ uint8_t *Authentication_5gaka::sqn_ms_derive(const uint8_t opc[16],
  uint8_t *mac_s = NULL;
  uint8_t mac_s_computed[MAC_S_LENGTH] = {0};
  uint8_t *sqn_ms = NULL;
-  // uint8_t amf[2] = {0, 0};
+   uint8_t amf_tmp[2] = {0, 0};
  int i = 0;

+ // memset(amf,0,2);
+
  conc_sqn_ms = auts;
  mac_s = &auts[6];
  sqn_ms = (uint8_t *)malloc(SQN_LENGTH_OCTEST);
@@ -541,7 +543,9 @@ uint8_t *Authentication_5gaka::sqn_ms_derive(const uint8_t opc[16],
    sqn_ms[i] = ak[i] ^ conc_sqn_ms[i];
  }

-  f1star(opc, key, rand_p, sqn_ms, amf, mac_s_computed);
+  f1star(opc, key, rand_p, sqn_ms, amf_tmp, mac_s_computed);
+  print_buffer("udm_ueau","MAC_S_computed : ", mac_s_computed, 8);
+  print_buffer("udm_ueau","MAC_S2 : ", mac_s, 8);

  if (memcmp(mac_s_computed, mac_s, 8) != 0) {
    Logger::udm_ueau().error("Failed to verify computed SQN_MS");
@@ -611,12 +615,13 @@ void Authentication_5gaka::generate_random(uint8_t *random_p, ssize_t length) {
  mpz_urandomb(random_nb, random_state.state, 8 * length);
  pthread_mutex_unlock(&random_state.lock);
  mpz_export(random_p, NULL, 1, length, 0, 0, random_nb);
-  // int r = 0, mask = 0, shift;
-  // for (int i = 0; i < length; i++) {
-  //   if ((i % sizeof(i)) == 0)
-  //     r = rand();
-  //   shift = 8 * (i % sizeof(i));
-  //   mask = 0xFF << shift;
-  //   random_p[i] = (r & mask) >> shift;
-  // }
+  int r = 0, mask = 0, shift;
+    for (int i = 0; i < length; i++) {
+      if ((i % sizeof(i)) == 0) r = rand();
+      shift = 8 * (i % sizeof(i));
+      mask = 0xFF << shift;
+      random_p[i] = (r & mask) >> shift;
+    }
+
+	printf("*************** generate rand function %x ***************",r);
 }
--- a/src/impl/GenerateAuthDataApiImpl.cpp
+++ b/src/impl/GenerateAuthDataApiImpl.cpp
@@ -189,41 +189,54 @@ void GenerateAuthDataApiImpl::generate_auth_data(

      // UDR PATCH interface ------- replace SQNhe with
      // SQNms------------------------------
-      remoteUri = udr_ip + ":" + udr_port + "/nudr-dr/v2/subscription-data/" +
-                  supi + "/authentication-data/authentication-subscription";
-      Logger::udm_ueau().debug("PATCH Request:" + remoteUri);
-      Method = "PATCH";
-
-      nlohmann::json j_SequenceNumber;
-      SequenceNumber m_SequenceNumber;
-      m_SequenceNumber.setSqnScheme("NON_TIME_BASED");
-      r_sqnms_s = conv::uint8_to_hex_string(r_sqn, 6);
-      m_SequenceNumber.setSqn(r_sqnms_s);
-      std::map<std::string, int32_t> index;
-      index["ausf"] = 0;
-      m_SequenceNumber.setLastIndexes(index);
-      to_json(j_SequenceNumber, m_SequenceNumber);
-
-      nlohmann::json j_PatchItem;
-      PatchItem m_PatchItem;
-      m_PatchItem.setValue(j_SequenceNumber.dump());
-      m_PatchItem.setOp("replace");
-      m_PatchItem.setFrom("");
-      m_PatchItem.setPath("");
-      to_json(j_PatchItem, m_PatchItem);
-
-      msgBody = "[" + j_PatchItem.dump() + "]";
-      Logger::udm_ueau().debug("PATCH Request body = " + msgBody);
-
-      Curl::curl_http_client(remoteUri, Method, msgBody, Response);
+//      remoteUri = udr_ip + ":" + udr_port + "/nudr-dr/v2/subscription-data/" +
+//                  supi + "/authentication-data/authentication-subscription";
+//      Logger::udm_ueau().debug("PATCH Request:" + remoteUri);
+//      Method = "PATCH";
+//
+//      nlohmann::json j_SequenceNumber;
+//      SequenceNumber m_SequenceNumber;
+//      m_SequenceNumber.setSqnScheme("NON_TIME_BASED");
+//      r_sqnms_s = conv::uint8_to_hex_string(r_sqn, 6);
+//      m_SequenceNumber.setSqn(r_sqnms_s);
+//      std::map<std::string, int32_t> index;
+//      index["ausf"] = 0;
+//      m_SequenceNumber.setLastIndexes(index);
+//      to_json(j_SequenceNumber, m_SequenceNumber);
+//
+//      nlohmann::json j_PatchItem;
+//      PatchItem m_PatchItem;
+//      m_PatchItem.setValue(j_SequenceNumber.dump());
+//      m_PatchItem.setOp("replace");
+//      m_PatchItem.setFrom("");
+//      m_PatchItem.setPath("");
+//      to_json(j_PatchItem, m_PatchItem);
+//
+//      msgBody = "[" + j_PatchItem.dump() + "]";
+//      Logger::udm_ueau().debug("PATCH Request body = " + msgBody);
+//
+//      Curl::curl_http_client(remoteUri, Method, msgBody, Response);

      // replace SQNhe with SQNms
-      int i = 0;
-      for (i; i < 6; i++)
+      uint64_t sqn_value = 0;
+      for (int i=0; i < 6; i++)
+      {
        sqn[i] = r_sqn[i]; // generate first, increase later
-      sqn_s = conv::uint8_to_hex_string(sqn, 16);
+
+        sqn_value = sqn_value << 8;
+        sqn_value |= (sqn[i] & 0xff);
+      }
+
+      // increment sqn
+      sqn_value += 32;
+      for (int i=0; i < 6; i++)
+      {
+        sqn[i] = (sqn_value  >> ((5-i)*8)) & 0xff;
+      }
+
+      sqn_s = conv::uint8_to_hex_string(sqn, 6);
      // Logger::udm_ueau().debug("sqn string = "+sqn_s);
-      sqn_s[12] = '\0';
+      //sqn_s[12] = '\0';

      print_buffer("udm_ueau", "SQNms", sqn, 6);

@@ -268,17 +281,32 @@ void GenerateAuthDataApiImpl::generate_auth_data(
  response.send(Pistache::Http::Code::Ok, AuthInfoResult.dump());

  // calculate new sqn----------------------------------------------------------
-  unsigned long long sqn_value;
-  std::stringstream s1;
-  s1 << std::hex << sqn_s;
-  s1 >> sqn_value; // hex string to decimal value
+//  unsigned long long sqn_value;
+//  std::stringstream s1;
+//  s1 << std::hex << sqn_s;
+//  s1 >> sqn_value; // hex string to decimal value
+//  sqn_value += 32;
+//  std::stringstream s2;
+//  s2 << std::hex << std::setw(12) << std::setfill('0')
+//     << sqn_value; // decimal value to hex string
+//  std::string new_sqn(s2.str());
+
+  // increment sqn
+  uint64_t sqn_value = 0;
+  for (int i=0; i < 6; i++)
+  {
+    sqn_value = sqn_value << 8;
+    sqn_value |= (sqn[i] & 0xff);
+  }
  sqn_value += 32;
-  std::stringstream s2;
-  s2 << std::hex << std::setw(12) << std::setfill('0')
-     << sqn_value; // decimal value to hex string
-  std::string new_sqn(s2.str());
+  for (int i=0; i < 6; i++)
+  {
+    sqn[i] = (sqn_value  >> ((5-i)*8)) & 0xff;
+  }
+
+  sqn_s = conv::uint8_to_hex_string(sqn, 6);

-  Logger::udm_ueau().debug("new_sqn = " + new_sqn);
+  Logger::udm_ueau().debug("new sqn = " + sqn_s);

  // UDR PATCH interface ------- increase
  // sqn------------------------------------
@@ -290,7 +318,7 @@ void GenerateAuthDataApiImpl::generate_auth_data(
  nlohmann::json j_SequenceNumber;
  SequenceNumber m_SequenceNumber;
  m_SequenceNumber.setSqnScheme("NON_TIME_BASED");
-  m_SequenceNumber.setSqn(new_sqn);
+  m_SequenceNumber.setSqn(sqn_s);
  std::map<std::string, int32_t> index;
  index["ausf"] = 0;
  m_SequenceNumber.setLastIndexes(index);

--- a/src/udm_app/main.cpp
+++ b/src/udm_app/main.cpp
@@ -101,6 +101,8 @@ int main(int argc, char **argv) {
  setUpUnixSignals(sigs);
 #endif

+  srand(time(NULL));
+
  if (!Options::parse(argc, argv)) {
    std::cout << "Options::parse() failed\n Please input args" << std::endl;
    return 1;

--- a/src/utils/curl.hpp
+++ b/src/utils/curl.hpp
@@ -43,7 +43,7 @@
 #include "logger.hpp"
 #include "udm_config.hpp"

-#define CURL_TIMEOUT_MS 100L
+#define CURL_TIMEOUT_MS 300L

 class Curl {
 public: