Commit 0f11865f authored by Raphael Defosseux's avatar Raphael Defosseux

Merge remote-tracking branch 'origin/issue-404-pdcp-integrity' into develop_integration_2019_w09

Signed-off-by: default avatarRaphael Defosseux <raphael.defosseux@eurecom.fr>
parents 53f5f668 e3782b5c
...@@ -595,7 +595,6 @@ Message("CPU_Affinity flag is ${CPU_AFFINITY}") ...@@ -595,7 +595,6 @@ Message("CPU_Affinity flag is ${CPU_AFFINITY}")
############################################################## ##############################################################
# ???!!! TO BE DOCUMENTED OPTIONS !!!??? # ???!!! TO BE DOCUMENTED OPTIONS !!!???
############################################################## ##############################################################
add_boolean_option(ENABLE_SECURITY True "Enable LTE integrity and ciphering between RRC UE and eNB")
add_boolean_option(ENABLE_USE_MME True "eNB connected to MME (INTERFACE S1-C), not standalone eNB") add_boolean_option(ENABLE_USE_MME True "eNB connected to MME (INTERFACE S1-C), not standalone eNB")
add_boolean_option(NO_RRM True "DO WE HAVE A RADIO RESSOURCE MANAGER: NO") add_boolean_option(NO_RRM True "DO WE HAVE A RADIO RESSOURCE MANAGER: NO")
add_boolean_option(RRC_DEFAULT_RAB_IS_AM False "set the RLC mode to AM for the default bearer") add_boolean_option(RRC_DEFAULT_RAB_IS_AM False "set the RLC mode to AM for the default bearer")
......
...@@ -9,7 +9,6 @@ set ( EMIT_ASN_DEBUG False ) ...@@ -9,7 +9,6 @@ set ( EMIT_ASN_DEBUG False )
set ( ENABLE_ITTI True ) set ( ENABLE_ITTI True )
set ( ENABLE_NAS_UE_LOGGING True ) set ( ENABLE_NAS_UE_LOGGING True )
set ( ENABLE_NEW_MULTICAST True ) set ( ENABLE_NEW_MULTICAST True )
set ( ENABLE_SECURITY True )
set ( ENABLE_STANDALONE_EPC False) set ( ENABLE_STANDALONE_EPC False)
set ( ENABLE_USE_CPU_EXECUTION_TIME True ) set ( ENABLE_USE_CPU_EXECUTION_TIME True )
set ( ENABLE_USE_MME True ) set ( ENABLE_USE_MME True )
......
...@@ -8,7 +8,6 @@ set ( ENABLE_ITTI True ) ...@@ -8,7 +8,6 @@ set ( ENABLE_ITTI True )
set ( ENABLE_NAS_UE_LOGGING True ) set ( ENABLE_NAS_UE_LOGGING True )
set ( ENABLE_NEW_MULTICAST True ) set ( ENABLE_NEW_MULTICAST True )
set ( ENABLE_RAL False ) set ( ENABLE_RAL False )
set ( ENABLE_SECURITY True )
set ( ENABLE_STANDALONE_EPC False) set ( ENABLE_STANDALONE_EPC False)
set ( ENABLE_USE_CPU_EXECUTION_TIME True ) set ( ENABLE_USE_CPU_EXECUTION_TIME True )
set ( ENABLE_USE_MME True ) set ( ENABLE_USE_MME True )
......
...@@ -8,7 +8,6 @@ set ( ENABLE_ITTI True ) ...@@ -8,7 +8,6 @@ set ( ENABLE_ITTI True )
set ( ENABLE_NAS_UE_LOGGING False ) set ( ENABLE_NAS_UE_LOGGING False )
set ( ENABLE_NEW_MULTICAST False ) set ( ENABLE_NEW_MULTICAST False )
set ( ENABLE_RAL False ) set ( ENABLE_RAL False )
set ( ENABLE_SECURITY False )
set ( ENABLE_STANDALONE_EPC False ) set ( ENABLE_STANDALONE_EPC False )
set ( ENABLE_USE_CPU_EXECUTION_TIME False ) set ( ENABLE_USE_CPU_EXECUTION_TIME False )
set ( ENABLE_USE_MME False ) set ( ENABLE_USE_MME False )
......
...@@ -7,7 +7,6 @@ set ( ENABLE_ITTI True ) ...@@ -7,7 +7,6 @@ set ( ENABLE_ITTI True )
set ( ENABLE_NAS_UE_LOGGING False ) set ( ENABLE_NAS_UE_LOGGING False )
set ( ENABLE_NEW_MULTICAST True ) set ( ENABLE_NEW_MULTICAST True )
set ( ENABLE_RAL False ) set ( ENABLE_RAL False )
set ( ENABLE_SECURITY False )
set ( ENABLE_STANDALONE_EPC False) set ( ENABLE_STANDALONE_EPC False)
set ( ENABLE_USE_CPU_EXECUTION_TIME True ) set ( ENABLE_USE_CPU_EXECUTION_TIME True )
set ( ENABLE_USE_MME False ) set ( ENABLE_USE_MME False )
......
...@@ -9,7 +9,6 @@ set ( ENABLE_NAS_UE_LOGGING True ) ...@@ -9,7 +9,6 @@ set ( ENABLE_NAS_UE_LOGGING True )
set ( ENABLE_NEW_MULTICAST True ) set ( ENABLE_NEW_MULTICAST True )
set ( ENABLE_PDCP_NETLINK_FIFO False ) set ( ENABLE_PDCP_NETLINK_FIFO False )
set ( ENABLE_RAL False ) set ( ENABLE_RAL False )
set ( ENABLE_SECURITY True )
set ( ENABLE_STANDALONE_EPC False) set ( ENABLE_STANDALONE_EPC False)
set ( ENABLE_USE_CPU_EXECUTION_TIME True ) set ( ENABLE_USE_CPU_EXECUTION_TIME True )
set ( ENABLE_USE_MME True ) set ( ENABLE_USE_MME True )
......
...@@ -50,9 +50,7 @@ ...@@ -50,9 +50,7 @@
#include "msc.h" #include "msc.h"
#include "targets/COMMON/openairinterface5g_limits.h" #include "targets/COMMON/openairinterface5g_limits.h"
#include "SIMULATION/ETH_TRANSPORT/proto.h" #include "SIMULATION/ETH_TRANSPORT/proto.h"
#if defined(ENABLE_SECURITY) #include "UTIL/OSA/osa_defs.h"
#include "UTIL/OSA/osa_defs.h"
#endif
# include "intertask_interface.h" # include "intertask_interface.h"
...@@ -294,8 +292,6 @@ boolean_t pdcp_data_req( ...@@ -294,8 +292,6 @@ boolean_t pdcp_data_req(
pdcp_pdu_p->data[pdcp_header_len + sdu_buffer_sizeP + i] = 0x00;// pdu_header.mac_i[i]; pdcp_pdu_p->data[pdcp_header_len + sdu_buffer_sizeP + i] = 0x00;// pdu_header.mac_i[i];
} }
#if defined(ENABLE_SECURITY)
if ((pdcp_p->security_activated != 0) && if ((pdcp_p->security_activated != 0) &&
(((pdcp_p->cipheringAlgorithm) != 0) || (((pdcp_p->cipheringAlgorithm) != 0) ||
((pdcp_p->integrityProtAlgorithm) != 0))) { ((pdcp_p->integrityProtAlgorithm) != 0))) {
...@@ -321,7 +317,6 @@ boolean_t pdcp_data_req( ...@@ -321,7 +317,6 @@ boolean_t pdcp_data_req(
} }
} }
#endif
/* Print octets of outgoing data in hexadecimal form */ /* Print octets of outgoing data in hexadecimal form */
LOG_D(PDCP, "Following content with size %d will be sent over RLC (PDCP PDU header is the first two bytes)\n", LOG_D(PDCP, "Following content with size %d will be sent over RLC (PDCP PDU header is the first two bytes)\n",
pdcp_pdu_size); pdcp_pdu_size);
...@@ -442,6 +437,10 @@ pdcp_data_ind( ...@@ -442,6 +437,10 @@ pdcp_data_ind(
uint16_t pdcp_uid=0; uint16_t pdcp_uid=0;
MessageDef *message_p = NULL; MessageDef *message_p = NULL;
uint8_t *gtpu_buffer_p = NULL; uint8_t *gtpu_buffer_p = NULL;
uint32_t rx_hfn_for_count;
int pdcp_sn_for_count;
int security_ok;
VCD_SIGNAL_DUMPER_DUMP_FUNCTION_BY_NAME(VCD_SIGNAL_DUMPER_FUNCTIONS_PDCP_DATA_IND,VCD_FUNCTION_IN); VCD_SIGNAL_DUMPER_DUMP_FUNCTION_BY_NAME(VCD_SIGNAL_DUMPER_FUNCTIONS_PDCP_DATA_IND,VCD_FUNCTION_IN);
LOG_DUMPMSG(PDCP,DEBUG_PDCP,(char *)sdu_buffer_pP->data,sdu_buffer_sizeP, LOG_DUMPMSG(PDCP,DEBUG_PDCP,(char *)sdu_buffer_pP->data,sdu_buffer_sizeP,
"[MSG] PDCP UL %s PDU on rb_id %d\n", (srb_flagP)? "CONTROL" : "DATA", rb_idP); "[MSG] PDCP UL %s PDU on rb_id %d\n", (srb_flagP)? "CONTROL" : "DATA", rb_idP);
...@@ -529,10 +528,10 @@ pdcp_data_ind( ...@@ -529,10 +528,10 @@ pdcp_data_ind(
} else { // DRB } else { // DRB
pdcp_tailer_len = 0; pdcp_tailer_len = 0;
if (pdcp_p->seq_num_size == PDCP_SN_7BIT) { if (pdcp_p->seq_num_size == 7) {
pdcp_header_len = PDCP_USER_PLANE_DATA_PDU_SHORT_SN_HEADER_SIZE; pdcp_header_len = PDCP_USER_PLANE_DATA_PDU_SHORT_SN_HEADER_SIZE;
sequence_number = pdcp_get_sequence_number_of_pdu_with_short_sn((unsigned char *)sdu_buffer_pP->data); sequence_number = pdcp_get_sequence_number_of_pdu_with_short_sn((unsigned char *)sdu_buffer_pP->data);
} else if (pdcp_p->seq_num_size == PDCP_SN_12BIT) { } else if (pdcp_p->seq_num_size == 12) {
pdcp_header_len = PDCP_USER_PLANE_DATA_PDU_LONG_SN_HEADER_SIZE; pdcp_header_len = PDCP_USER_PLANE_DATA_PDU_LONG_SN_HEADER_SIZE;
sequence_number = pdcp_get_sequence_number_of_pdu_with_long_sn((unsigned char *)sdu_buffer_pP->data); sequence_number = pdcp_get_sequence_number_of_pdu_with_long_sn((unsigned char *)sdu_buffer_pP->data);
} else { } else {
...@@ -541,6 +540,7 @@ pdcp_data_ind( ...@@ -541,6 +540,7 @@ pdcp_data_ind(
PROTOCOL_PDCP_CTXT_FMT"wrong sequence number (%d) for this pdcp entity \n", PROTOCOL_PDCP_CTXT_FMT"wrong sequence number (%d) for this pdcp entity \n",
PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP, pdcp_p), PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP, pdcp_p),
pdcp_p->seq_num_size); pdcp_p->seq_num_size);
exit(1);
} }
//uint8_t dc = pdcp_get_dc_filed((unsigned char*)sdu_buffer_pP->data); //uint8_t dc = pdcp_get_dc_filed((unsigned char*)sdu_buffer_pP->data);
...@@ -566,6 +566,8 @@ pdcp_data_ind( ...@@ -566,6 +566,8 @@ pdcp_data_ind(
return FALSE; return FALSE;
} }
#if 0
/* Removed by Cedric */
if (pdcp_is_rx_seq_number_valid(sequence_number, pdcp_p, srb_flagP) == TRUE) { if (pdcp_is_rx_seq_number_valid(sequence_number, pdcp_p, srb_flagP) == TRUE) {
LOG_T(PDCP, "Incoming PDU has a sequence number (%d) in accordance with RX window\n", sequence_number); LOG_T(PDCP, "Incoming PDU has a sequence number (%d) in accordance with RX window\n", sequence_number);
/* if (dc == PDCP_DATA_PDU ) /* if (dc == PDCP_DATA_PDU )
...@@ -586,10 +588,18 @@ pdcp_data_ind( ...@@ -586,10 +588,18 @@ pdcp_data_ind(
free_mem_block(sdu_buffer_pP, __func__); free_mem_block(sdu_buffer_pP, __func__);
return FALSE; return FALSE;
} }
#endif
// SRB1/2: control-plane data // SRB1/2: control-plane data
if (srb_flagP) { if (srb_flagP) {
#if defined(ENABLE_SECURITY) /* process as described in 36.323 5.1.2.2 */
if (sequence_number < pdcp_p->next_pdcp_rx_sn) {
rx_hfn_for_count = pdcp_p->rx_hfn + 1;
pdcp_sn_for_count = sequence_number;
} else {
rx_hfn_for_count = pdcp_p->rx_hfn;
pdcp_sn_for_count = sequence_number;
}
if (pdcp_p->security_activated == 1) { if (pdcp_p->security_activated == 1) {
if (ctxt_pP->enb_flag == ENB_FLAG_NO) { if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
...@@ -598,23 +608,45 @@ pdcp_data_ind( ...@@ -598,23 +608,45 @@ pdcp_data_ind(
start_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security); start_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
} }
pdcp_validate_security(ctxt_pP, security_ok = pdcp_validate_security(ctxt_pP,
pdcp_p, pdcp_p,
srb_flagP, srb_flagP,
rb_idP, rb_idP,
pdcp_header_len, pdcp_header_len,
sequence_number, rx_hfn_for_count,
sdu_buffer_pP->data, pdcp_sn_for_count,
sdu_buffer_sizeP - pdcp_tailer_len); sdu_buffer_pP->data,
sdu_buffer_sizeP - pdcp_tailer_len) == 0;
if (ctxt_pP->enb_flag == ENB_FLAG_NO) { if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
stop_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security); stop_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security);
} else { } else {
stop_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security); stop_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
} }
} else {
security_ok = 1;
}
if (security_ok == 0) {
LOG_W(PDCP,
PROTOCOL_PDCP_CTXT_FMT"security not validated for incoming PDCP SRB PDU\n",
PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP, pdcp_p));
LOG_W(PDCP, "Ignoring PDU...\n");
free_mem_block(sdu_buffer_pP, __func__);
/* TODO: indicate integrity verification failure to upper layer */
return FALSE;
}
if (sequence_number < pdcp_p->next_pdcp_rx_sn)
pdcp_p->rx_hfn++;
pdcp_p->next_pdcp_rx_sn = sequence_number + 1;
if (pdcp_p->next_pdcp_rx_sn > pdcp_p->maximum_pdcp_rx_sn) {
pdcp_p->next_pdcp_rx_sn = 0;
pdcp_p->rx_hfn++;
} }
#endif
//rrc_lite_data_ind(module_id, //Modified MW - L2 Interface //rrc_lite_data_ind(module_id, //Modified MW - L2 Interface
MSC_LOG_TX_MESSAGE( MSC_LOG_TX_MESSAGE(
(ctxt_pP->enb_flag == ENB_FLAG_NO)? MSC_PDCP_UE:MSC_PDCP_ENB, (ctxt_pP->enb_flag == ENB_FLAG_NO)? MSC_PDCP_UE:MSC_PDCP_ENB,
...@@ -638,40 +670,168 @@ pdcp_data_ind( ...@@ -638,40 +670,168 @@ pdcp_data_ind(
VCD_SIGNAL_DUMPER_DUMP_FUNCTION_BY_NAME(VCD_SIGNAL_DUMPER_FUNCTIONS_PDCP_DATA_IND,VCD_FUNCTION_OUT); VCD_SIGNAL_DUMPER_DUMP_FUNCTION_BY_NAME(VCD_SIGNAL_DUMPER_FUNCTIONS_PDCP_DATA_IND,VCD_FUNCTION_OUT);
return TRUE; return TRUE;
} } /* if (srb_flagP) */
/* /*
* DRBs * DRBs
*/ */
payload_offset=pdcp_header_len;// PDCP_USER_PLANE_DATA_PDU_LONG_SN_HEADER_SIZE; payload_offset=pdcp_header_len;// PDCP_USER_PLANE_DATA_PDU_LONG_SN_HEADER_SIZE;
#if defined(ENABLE_SECURITY)
if (pdcp_p->security_activated == 1) { switch (pdcp_p->rlc_mode) {
if (ctxt_pP->enb_flag == ENB_FLAG_NO) { case RLC_MODE_AM: {
start_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security); /* process as described in 36.323 5.1.2.1.2 */
int reordering_window;
if (pdcp_p->seq_num_size == 7)
reordering_window = REORDERING_WINDOW_SN_7BIT;
else
reordering_window = REORDERING_WINDOW_SN_12BIT;
if (sequence_number - pdcp_p->last_submitted_pdcp_rx_sn > reordering_window ||
(pdcp_p->last_submitted_pdcp_rx_sn - sequence_number >= 0 &&
pdcp_p->last_submitted_pdcp_rx_sn - sequence_number < reordering_window)) {
/* TODO: specs say to decipher and do header decompression */
LOG_W(PDCP,
PROTOCOL_PDCP_CTXT_FMT"discard PDU, out of\n",
PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP, pdcp_p));
LOG_W(PDCP, "Ignoring PDU...\n");
free_mem_block(sdu_buffer_pP, __func__);
/* TODO: indicate integrity verification failure to upper layer */
return FALSE;
} else if (pdcp_p->next_pdcp_rx_sn - sequence_number > reordering_window) {
pdcp_p->rx_hfn++;
rx_hfn_for_count = pdcp_p->rx_hfn;
pdcp_sn_for_count = sequence_number;
pdcp_p->next_pdcp_rx_sn = sequence_number + 1;
} else if (sequence_number - pdcp_p->next_pdcp_rx_sn >= reordering_window) {
rx_hfn_for_count = pdcp_p->rx_hfn - 1;
pdcp_sn_for_count = sequence_number;
} else if (sequence_number >= pdcp_p->next_pdcp_rx_sn) {
rx_hfn_for_count = pdcp_p->rx_hfn;
pdcp_sn_for_count = sequence_number;
pdcp_p->next_pdcp_rx_sn = sequence_number + 1;
if (pdcp_p->next_pdcp_rx_sn > pdcp_p->maximum_pdcp_rx_sn) {
pdcp_p->next_pdcp_rx_sn = 0;
pdcp_p->rx_hfn++;
}
} else { /* sequence_number < pdcp_p->next_pdcp_rx_sn */
rx_hfn_for_count = pdcp_p->rx_hfn;
pdcp_sn_for_count = sequence_number;
}
if (pdcp_p->security_activated == 1) {
if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
start_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security);
} else {
start_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
}
security_ok = pdcp_validate_security(ctxt_pP,
pdcp_p,
srb_flagP,
rb_idP,
pdcp_header_len,
rx_hfn_for_count,
pdcp_sn_for_count,
sdu_buffer_pP->data,
sdu_buffer_sizeP - pdcp_tailer_len) == 0;
if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
stop_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security);
} else {
stop_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
}
} else { } else {
start_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security); security_ok = 1;
} }
pdcp_validate_security( if (security_ok == 0) {
ctxt_pP, LOG_W(PDCP,
pdcp_p, PROTOCOL_PDCP_CTXT_FMT"security not validated for incoming PDPC DRB RLC/AM PDU\n",
srb_flagP, PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP, pdcp_p));
rb_idP, LOG_W(PDCP, "Ignoring PDU...\n");
pdcp_header_len, free_mem_block(sdu_buffer_pP, __func__);
sequence_number, /* TODO: indicate integrity verification failure to upper layer */
sdu_buffer_pP->data, return FALSE;
sdu_buffer_sizeP - pdcp_tailer_len); }
if (ctxt_pP->enb_flag == ENB_FLAG_NO) { /* TODO: specs say we have to store this PDU in a list and then deliver
stop_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security); * stored packets to upper layers according to a well defined
* procedure. The code below that deals with delivery is today
* too complex to do this properly, so we only send the current
* received packet. This is not correct and has to be fixed
* some day.
* In the meantime, let's pretend the last submitted PDCP SDU
* is the current one.
* TODO: we also have to deal with re-establishment PDU (control PDUs)
* that contain no SDU.
*/
pdcp_p->last_submitted_pdcp_rx_sn = sequence_number;
break;
} /* case RLC_MODE_AM */
case RLC_MODE_UM:
/* process as described in 36.323 5.1.2.1.3 */
if (sequence_number < pdcp_p->next_pdcp_rx_sn) {
pdcp_p->rx_hfn++;
}
rx_hfn_for_count = pdcp_p->rx_hfn;
pdcp_sn_for_count = sequence_number;
pdcp_p->next_pdcp_rx_sn = sequence_number + 1;
if (pdcp_p->next_pdcp_rx_sn > pdcp_p->maximum_pdcp_rx_sn) {
pdcp_p->next_pdcp_rx_sn = 0;
pdcp_p->rx_hfn++;
}
if (pdcp_p->security_activated == 1) {
if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
start_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security);
} else {
start_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
}
security_ok = pdcp_validate_security(ctxt_pP,
pdcp_p,
srb_flagP,
rb_idP,
pdcp_header_len,
rx_hfn_for_count,
pdcp_sn_for_count,
sdu_buffer_pP->data,
sdu_buffer_sizeP - pdcp_tailer_len) == 0;
if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
stop_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security);
} else {
stop_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
}
} else { } else {
stop_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security); security_ok = 1;
} }
}
#endif if (security_ok == 0) {
} else { LOG_W(PDCP,
PROTOCOL_PDCP_CTXT_FMT"security not validated for incoming PDPC DRB RLC/UM PDU\n",
PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP, pdcp_p));
LOG_W(PDCP, "Ignoring PDU...\n");
free_mem_block(sdu_buffer_pP, __func__);
/* TODO: indicate integrity verification failure to upper layer */
return FALSE;
}
break;
default:
LOG_E(PDCP, "bad RLC mode, cannot happen.\n");
exit(1);
} /* switch (pdcp_p->rlc_mode) */
} else { /* MBMS_flagP == 0 */
payload_offset=0; payload_offset=0;
} }
...@@ -1536,22 +1696,23 @@ pdcp_config_req_asn1 ( ...@@ -1536,22 +1696,23 @@ pdcp_config_req_asn1 (
pdcp_pP->status_report = rb_reportP; pdcp_pP->status_report = rb_reportP;
if (rb_snP == LTE_PDCP_Config__rlc_UM__pdcp_SN_Size_len12bits) { if (rb_snP == LTE_PDCP_Config__rlc_UM__pdcp_SN_Size_len12bits) {
pdcp_pP->seq_num_size = PDCP_SN_12BIT; pdcp_pP->seq_num_size = 12;
pdcp_pP->maximum_pdcp_rx_sn = (1 << 12) - 1;
} else if (rb_snP == LTE_PDCP_Config__rlc_UM__pdcp_SN_Size_len7bits) { } else if (rb_snP == LTE_PDCP_Config__rlc_UM__pdcp_SN_Size_len7bits) {
pdcp_pP->seq_num_size = PDCP_SN_7BIT; pdcp_pP->seq_num_size = 7;
pdcp_pP->maximum_pdcp_rx_sn = (1 << 7) - 1;
} else { } else {
pdcp_pP->seq_num_size = PDCP_SN_5BIT; pdcp_pP->seq_num_size = 5;
pdcp_pP->maximum_pdcp_rx_sn = (1 << 5) - 1;
} }
pdcp_pP->rlc_mode = rlc_modeP; pdcp_pP->rlc_mode = rlc_modeP;
pdcp_pP->next_pdcp_tx_sn = 0; pdcp_pP->next_pdcp_tx_sn = 0;
pdcp_pP->next_pdcp_rx_sn = 0; pdcp_pP->next_pdcp_rx_sn = 0;
pdcp_pP->next_pdcp_rx_sn_before_integrity = 0;
pdcp_pP->tx_hfn = 0; pdcp_pP->tx_hfn = 0;
pdcp_pP->rx_hfn = 0; pdcp_pP->rx_hfn = 0;
pdcp_pP->last_submitted_pdcp_rx_sn = 4095; pdcp_pP->last_submitted_pdcp_rx_sn = 4095;
pdcp_pP->first_missing_pdu = -1; pdcp_pP->first_missing_pdu = -1;
pdcp_pP->rx_hfn_offset = 0;
LOG_I(PDCP, PROTOCOL_PDCP_CTXT_FMT" Action ADD LCID %d (%s id %d) " LOG_I(PDCP, PROTOCOL_PDCP_CTXT_FMT" Action ADD LCID %d (%s id %d) "
"configured with SN size %d bits and RLC %s\n", "configured with SN size %d bits and RLC %s\n",
PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP,pdcp_pP), PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP,pdcp_pP),
......
...@@ -177,13 +177,12 @@ typedef struct pdcp_s { ...@@ -177,13 +177,12 @@ typedef struct pdcp_s {
*/ */
pdcp_sn_t next_pdcp_tx_sn; pdcp_sn_t next_pdcp_tx_sn;
pdcp_sn_t next_pdcp_rx_sn; pdcp_sn_t next_pdcp_rx_sn;
pdcp_sn_t next_pdcp_rx_sn_before_integrity; pdcp_sn_t maximum_pdcp_rx_sn;
/* /*
* TX and RX Hyper Frame Numbers * TX and RX Hyper Frame Numbers
*/ */
pdcp_hfn_t tx_hfn; pdcp_hfn_t tx_hfn;
pdcp_hfn_t rx_hfn; pdcp_hfn_t rx_hfn;
pdcp_hfn_offset_t rx_hfn_offset; // related to sn mismatch
/* /*
* SN of the last PDCP SDU delivered to upper layers * SN of the last PDCP SDU delivered to upper layers
...@@ -488,14 +487,6 @@ typedef struct { ...@@ -488,14 +487,6 @@ typedef struct {
#define REORDERING_WINDOW_SN_7BIT 64 #define REORDERING_WINDOW_SN_7BIT 64
#define REORDERING_WINDOW_SN_12BIT 2048 #define REORDERING_WINDOW_SN_12BIT 2048
/*
* SN size
*/
#define PDCP_SN_5BIT 5
#define PDCP_SN_7BIT 7
#define PDCP_SN_12BIT 12
signed int pdcp_2_nas_irq; signed int pdcp_2_nas_irq;
pdcp_stats_t UE_pdcp_stats[MAX_MOBILES_PER_ENB]; pdcp_stats_t UE_pdcp_stats[MAX_MOBILES_PER_ENB];
pdcp_stats_t eNB_pdcp_stats[NUMBER_OF_eNB_MAX]; pdcp_stats_t eNB_pdcp_stats[NUMBER_OF_eNB_MAX];
......
...@@ -173,7 +173,6 @@ int pdcp_netlink_dequeue_element(const protocol_ctxt_t* const ctxt_pP, ...@@ -173,7 +173,6 @@ int pdcp_netlink_dequeue_element(const protocol_ctxt_t* const ctxt_pP,
void pdcp_config_set_security(const protocol_ctxt_t* const ctxt_pP, pdcp_t *pdcp_pP, rb_id_t rb_idP, void pdcp_config_set_security(const protocol_ctxt_t* const ctxt_pP, pdcp_t *pdcp_pP, rb_id_t rb_idP,
uint16_t lc_idP, uint8_t security_modeP, uint8_t *kRRCenc_pP, uint8_t *kRRCint_pP, uint8_t *kUPenc_pP); uint16_t lc_idP, uint8_t security_modeP, uint8_t *kRRCenc_pP, uint8_t *kRRCint_pP, uint8_t *kUPenc_pP);
#if defined(ENABLE_SECURITY)
int pdcp_apply_security(const protocol_ctxt_t* const ctxt_pP, int pdcp_apply_security(const protocol_ctxt_t* const ctxt_pP,
pdcp_t *pdcp_entity, pdcp_t *pdcp_entity,
srb_flag_t srb_flagP, srb_flag_t srb_flagP,
...@@ -188,10 +187,10 @@ int pdcp_validate_security(const protocol_ctxt_t* const ctxt_pP, ...@@ -188,10 +187,10 @@ int pdcp_validate_security(const protocol_ctxt_t* const ctxt_pP,
srb_flag_t srb_flagP, srb_flag_t srb_flagP,
rb_id_t rb_id, rb_id_t rb_id,
uint8_t pdcp_header_len, uint8_t pdcp_header_len,
uint16_t current_sn, uint32_t hfn,
int sn,
uint8_t *pdcp_pdu_buffer, uint8_t *pdcp_pdu_buffer,
uint16_t sdu_buffer_size); uint16_t sdu_buffer_size);
#endif /* defined(ENABLE_SECURITY) */
#endif #endif
/** @}*/ /** @}*/
...@@ -40,13 +40,6 @@ ...@@ -40,13 +40,6 @@
#include "msc.h" #include "msc.h"
#include "pdcp_primitives.h" #include "pdcp_primitives.h"
#if defined(ENABLE_SECURITY)
static
uint32_t pdcp_get_next_count_tx(pdcp_t *const pdcp_pP, const srb_flag_t srb_flagP, const uint16_t pdcp_sn);
static
uint32_t pdcp_get_next_count_rx(pdcp_t *const pdcp_pP, const srb_flag_t srb_flagP, const uint16_t pdcp_sn);
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
static static
uint32_t pdcp_get_next_count_tx( uint32_t pdcp_get_next_count_tx(
...@@ -79,26 +72,25 @@ static ...@@ -79,26 +72,25 @@ static
uint32_t pdcp_get_next_count_rx( uint32_t pdcp_get_next_count_rx(
pdcp_t * const pdcp_pP, pdcp_t * const pdcp_pP,
const srb_flag_t srb_flagP, const srb_flag_t srb_flagP,
const uint16_t pdcp_sn) const uint32_t hfn,
const int sn)
{ {
uint32_t count; uint32_t count;
/* For RX COUNT = RX_HFN << length of SN | pdcp SN of received PDU */ /* For RX COUNT = RX_HFN << length of SN | pdcp SN of received PDU */
if (srb_flagP) { if (srb_flagP) {
/* 5 bits length SN */ /* 5 bits length SN */
count = (((pdcp_pP->rx_hfn + pdcp_pP->rx_hfn_offset) << 5) | (pdcp_sn & 0x001F)); count = (hfn << 5) | (sn & 0x001F);
} else { } else {
if (pdcp_pP->seq_num_size == LTE_PDCP_Config__rlc_UM__pdcp_SN_Size_len7bits) { if (pdcp_pP->seq_num_size == 7) {
/* 7 bits length SN */ /* 7 bits length SN */
count = (((pdcp_pP->rx_hfn + pdcp_pP->rx_hfn_offset) << 7) | (pdcp_sn & 0x007F)); count = (hfn << 7) | (sn & 0x007F);
} else { // default } else { // default
/* 12 bits length SN */ /* 12 bits length SN */
count = (((pdcp_pP->rx_hfn + pdcp_pP->rx_hfn_offset) << 12) | (pdcp_sn & 0x0FFF)); count = (hfn << 12) | (sn & 0x0FFF);
} }
} }
// reset the hfn offset
pdcp_pP->rx_hfn_offset =0;
LOG_D(PDCP, "[OSA] RX COUNT = 0x%08x\n", count); LOG_D(PDCP, "[OSA] RX COUNT = 0x%08x\n", count);
return count; return count;
...@@ -182,7 +174,8 @@ pdcp_validate_security( ...@@ -182,7 +174,8 @@ pdcp_validate_security(
const srb_flag_t srb_flagP, const srb_flag_t srb_flagP,
const rb_id_t rb_id, const rb_id_t rb_id,
const uint8_t pdcp_header_len, const uint8_t pdcp_header_len,
const uint16_t current_sn, const uint32_t hfn,
const int sn,
uint8_t *const pdcp_pdu_buffer, uint8_t *const pdcp_pdu_buffer,
const uint16_t sdu_buffer_size const uint16_t sdu_buffer_size
) )
...@@ -201,7 +194,7 @@ pdcp_validate_security( ...@@ -201,7 +194,7 @@ pdcp_validate_security(
decrypt_params.direction = (pdcp_pP->is_ue == 1) ? SECU_DIRECTION_DOWNLINK : SECU_DIRECTION_UPLINK ; decrypt_params.direction = (pdcp_pP->is_ue == 1) ? SECU_DIRECTION_DOWNLINK : SECU_DIRECTION_UPLINK ;
decrypt_params.bearer = rb_id - 1; decrypt_params.bearer = rb_id - 1;
decrypt_params.count = pdcp_get_next_count_rx(pdcp_pP, srb_flagP, current_sn); decrypt_params.count = pdcp_get_next_count_rx(pdcp_pP, srb_flagP, hfn, sn);
decrypt_params.message = &pdcp_pdu_buffer[pdcp_header_len]; decrypt_params.message = &pdcp_pdu_buffer[pdcp_header_len];
decrypt_params.blength = (sdu_buffer_size - pdcp_header_len) << 3; decrypt_params.blength = (sdu_buffer_size - pdcp_header_len) << 3;
decrypt_params.key_length = 16; decrypt_params.key_length = 16;
...@@ -246,5 +239,3 @@ pdcp_validate_security( ...@@ -246,5 +239,3 @@ pdcp_validate_security(
return 0; return 0;
} }
#endif /* ENABLE_SECURITY */
...@@ -140,152 +140,6 @@ boolean_t pdcp_advance_rx_window(pdcp_t* pdcp_entity) ...@@ -140,152 +140,6 @@ boolean_t pdcp_advance_rx_window(pdcp_t* pdcp_entity)
return TRUE; return TRUE;
} }
/**
* Checks if incoming PDU has a sequence number in accordance with the RX window
* @return 1 if SN is okay, 0 otherwise
* XXX Reordering window should also be handled here
*/
boolean_t pdcp_is_rx_seq_number_valid(uint16_t seq_num, pdcp_t* pdcp_entity,srb_flag_t srb_flagP)
{
uint16_t reordering_window = 0;
LOG_D(PDCP, "Incoming RX Sequence number is %04d\n", seq_num);
if (pdcp_is_seq_num_size_valid(pdcp_entity) == FALSE || pdcp_is_seq_num_valid(seq_num, pdcp_entity->seq_num_size) == FALSE) {
return FALSE;
}
/*
* Mark received sequence numbers to keep track of missing ones
* (and to build PDCP Control PDU for PDCP status report)
*/
if (pdcp_mark_current_pdu_as_received(seq_num, pdcp_entity) == TRUE) {
LOG_D(PDCP, "Received sequence number successfuly marked\n");
} else {
LOG_W(PDCP, "Cannot mark received sequence number on the bitmap!\n");
}
/*
* RX Procedures for SRB and DRBs as described in sec 5.1.2 of 36.323
*/
if (srb_flagP) { // SRB
if (seq_num < pdcp_entity->next_pdcp_rx_sn) {
// decipher and verify the integrity of the PDU (if applicable) using COUNT based on RX_HFN + 1 and the received PDCP SN
pdcp_entity->rx_hfn++;
pdcp_entity->rx_hfn_offset = 0;
} else {
// decipher and verify the integrity of the PDU (if applicable) using COUNT based using COUNT based on RX_HFN and the received PDCP SN
pdcp_entity->rx_hfn_offset = 0;
}
// Assume that integrity verification is applicable and the integrity verification is passed successfully;
// or assume that integrity verification is not applicable:
// same the old next_pdcp_rx_sn to revert otherwise
pdcp_entity->next_pdcp_rx_sn_before_integrity = pdcp_entity->next_pdcp_rx_sn;
if (seq_num != pdcp_entity->next_pdcp_rx_sn) {
LOG_D(PDCP,"Re-adjusting the sequence number to %d\n", seq_num);
}
//set Next_PDCP_RX_SN to the received PDCP SN +1 ;
pdcp_entity->next_pdcp_rx_sn = seq_num;
pdcp_advance_rx_window(pdcp_entity); // + 1, and check if it is larger than Maximum_PDCP_SN:
} else { // DRB
if (pdcp_entity->seq_num_size == PDCP_SN_7BIT) {
reordering_window = REORDERING_WINDOW_SN_7BIT;
} else {
reordering_window = REORDERING_WINDOW_SN_12BIT;
}
switch (pdcp_entity->rlc_mode) {
case RLC_MODE_AM:
if ((seq_num - pdcp_entity->last_submitted_pdcp_rx_sn > reordering_window) ||
((0 <= pdcp_entity->last_submitted_pdcp_rx_sn - seq_num) &&
(pdcp_entity->last_submitted_pdcp_rx_sn - seq_num < reordering_window) )) {
if (seq_num > pdcp_entity->next_pdcp_rx_sn) {
/*
* decipher the PDCP PDU as specified in the subclause 5.6, using COUNT based on RX_HFN - 1 and the received PDCP SN;
*/
pdcp_entity->rx_hfn_offset = -1;
} else {
/*
* decipher the PDCP PDU as specified in the subclause 5.6, using COUNT based on RX_HFN and the received PDCP SN;
*/
pdcp_entity->rx_hfn_offset = 0;
}
// discard this PDCP SDU;
LOG_W(PDCP, "Out of the reordering window (Incoming SN:%d, Expected SN:%d): discard this PDCP SDU\n",
seq_num, pdcp_entity->next_pdcp_rx_sn);
return FALSE;
} else if (pdcp_entity->next_pdcp_rx_sn - seq_num > reordering_window) {
pdcp_entity->rx_hfn++;
// use COUNT based on RX_HFN and the received PDCP SN for deciphering the PDCP PDU;
pdcp_entity->rx_hfn_offset = 0;
pdcp_entity->next_pdcp_rx_sn++;
} else if (seq_num - pdcp_entity->next_pdcp_rx_sn >= reordering_window ) {
// use COUNT based on RX_HFN – 1 and the received PDCP SN for deciphering the PDCP PDU;
pdcp_entity->rx_hfn_offset = -1;
} else if (seq_num >= pdcp_entity->next_pdcp_rx_sn ) {
// use COUNT based on RX_HFN and the received PDCP SN for deciphering the PDCP PDU;
pdcp_entity->rx_hfn_offset = 0;
//set Next_PDCP_RX_SN to the received PDCP SN +1 ;
pdcp_entity->next_pdcp_rx_sn = seq_num;
pdcp_advance_rx_window(pdcp_entity); // + 1, anc check if it is larger than Maximum_PDCP_SN:
LOG_D(PDCP,"Re-adjusting the sequence number to %d\n", seq_num);
} else if (seq_num < pdcp_entity->next_pdcp_rx_sn) {
// use COUNT based on RX_HFN and the received PDCP SN for deciphering the PDCP PDU;
pdcp_entity->rx_hfn_offset = 0;
}
break;
case RLC_MODE_UM :
if (seq_num < pdcp_entity->next_pdcp_rx_sn) {
pdcp_entity->rx_hfn++;
}
// decipher the PDCP Data PDU using COUNT based on RX_HFN and the received PDCP SN as specified in the subclause 5.6;
//set Next_PDCP_RX_SN to the received PDCP SN +1 ;
pdcp_entity->next_pdcp_rx_sn = seq_num;
pdcp_advance_rx_window(pdcp_entity); // + 1, and check if it is larger than Maximum_PDCP_SN:
break;
case RLC_MODE_TM :
default:
LOG_W(PDCP,"RLC mode %d not supported\n",pdcp_entity->rlc_mode);
return FALSE;
}
}
/*
if (seq_num == pdcp_entity->next_pdcp_rx_sn) {
LOG_I(PDCP, "Next expected SN (%d) arrived, advancing RX window\n", seq_num);
return pdcp_advance_rx_window(pdcp_entity);
} else {
LOG_E(PDCP, "Incoming SN is not the one we expected to receive! (Incoming:%d, Expected:%d)\n", \
seq_num, pdcp_entity->next_pdcp_rx_sn);
// Update first missing PDU (used in PDCP Control PDU for PDCP status report, see 6.2.6)
if (pdcp_entity->first_missing_pdu != -1)
pdcp_entity->first_missing_pdu = pdcp_entity->next_pdcp_rx_sn;
return FALSE;
}
*/
return TRUE;
}
boolean_t pdcp_mark_current_pdu_as_received(uint16_t seq_num, pdcp_t* pdcp_entity) boolean_t pdcp_mark_current_pdu_as_received(uint16_t seq_num, pdcp_t* pdcp_entity)
{ {
/* /*
......
...@@ -59,11 +59,6 @@ uint16_t pdcp_get_next_tx_seq_number(pdcp_t* pdcp_entity); ...@@ -59,11 +59,6 @@ uint16_t pdcp_get_next_tx_seq_number(pdcp_t* pdcp_entity);
* Advances the RX window state of given PDCP entity upon successfull receipt of a SDU * Advances the RX window state of given PDCP entity upon successfull receipt of a SDU
*/ */
boolean_t pdcp_advance_rx_window(pdcp_t* pdcp_entity); boolean_t pdcp_advance_rx_window(pdcp_t* pdcp_entity);
/**
* Checks if incoming PDU has a sequence number in accordance with the RX window
* @return TRUE if it is valid, FALSE otherwise
*/
boolean_t pdcp_is_rx_seq_number_valid(uint16_t seq_num, pdcp_t* pdcp_entity,srb_flag_t srb_flagP);
/** /**
* Updates missing PDU bitmap with incoming sequence number * Updates missing PDU bitmap with incoming sequence number
* @return TRUE if successful, FALSE otherwise * @return TRUE if successful, FALSE otherwise
......
...@@ -3724,7 +3724,6 @@ do_RRCConnectionReestablishment( ...@@ -3724,7 +3724,6 @@ do_RRCConnectionReestablishment(
rrc->carrier[CC_id].dl_CarrierFreq, rrc->carrier[CC_id].dl_CarrierFreq,
earfcn_dl, earfcn_dl,
is_rel8_only == true ? "true": "false"); is_rel8_only == true ? "true": "false");
#if defined(ENABLE_SECURITY)
if (ue_context_pP->ue_context.nh_ncc >= 0) { if (ue_context_pP->ue_context.nh_ncc >= 0) {
derive_keNB_star(ue_context_pP->ue_context.nh, pci, earfcn_dl, is_rel8_only, KeNB_star); derive_keNB_star(ue_context_pP->ue_context.nh, pci, earfcn_dl, is_rel8_only, KeNB_star);
...@@ -3738,9 +3737,6 @@ do_RRCConnectionReestablishment( ...@@ -3738,9 +3737,6 @@ do_RRCConnectionReestablishment(
// copy KeNB_star to ue_context_pP->ue_context.kenb // copy KeNB_star to ue_context_pP->ue_context.kenb
memcpy (ue_context_pP->ue_context.kenb, KeNB_star, 32); memcpy (ue_context_pP->ue_context.kenb, KeNB_star, 32);
ue_context_pP->ue_context.kenb_ncc = 0; ue_context_pP->ue_context.kenb_ncc = 0;
#else
rrcConnectionReestablishment->criticalExtensions.choice.c1.choice.rrcConnectionReestablishment_r8.nextHopChainingCount = 0;
#endif
rrcConnectionReestablishment->criticalExtensions.choice.c1.choice.rrcConnectionReestablishment_r8.nonCriticalExtension = NULL; rrcConnectionReestablishment->criticalExtensions.choice.c1.choice.rrcConnectionReestablishment_r8.nonCriticalExtension = NULL;
if ( LOG_DEBUGFLAG(DEBUG_ASN1) ) { if ( LOG_DEBUGFLAG(DEBUG_ASN1) ) {
......
...@@ -261,10 +261,8 @@ typedef struct eNB_RRC_UE_NB_IoT_s { ...@@ -261,10 +261,8 @@ typedef struct eNB_RRC_UE_NB_IoT_s {
SRB_INFO_TABLE_ENTRY_NB_IoT Srb1; SRB_INFO_TABLE_ENTRY_NB_IoT Srb1;
SRB_INFO_TABLE_ENTRY_NB_IoT Srb1bis; SRB_INFO_TABLE_ENTRY_NB_IoT Srb1bis;
#if defined(ENABLE_SECURITY)
/* KeNB as derived from KASME received from EPC */ /* KeNB as derived from KASME received from EPC */
uint8_t kenb[32]; uint8_t kenb[32];
#endif
/* Used integrity/ciphering algorithms--> maintained the same for NB-IoT */ /* Used integrity/ciphering algorithms--> maintained the same for NB-IoT */
e_LTE_CipheringAlgorithm_r12 ciphering_algorithm; //Specs. TS 36.331 V14.1.0 pag 432 Change position of chipering enumerative w.r.t previous version e_LTE_CipheringAlgorithm_r12 ciphering_algorithm; //Specs. TS 36.331 V14.1.0 pag 432 Change position of chipering enumerative w.r.t previous version
......
...@@ -69,9 +69,7 @@ ...@@ -69,9 +69,7 @@
#include "rrc_UE_ral.h" #include "rrc_UE_ral.h"
#endif #endif
#if defined(ENABLE_SECURITY) #include "UTIL/OSA/osa_defs.h"
#include "UTIL/OSA/osa_defs.h"
#endif
#include "pdcp.h" #include "pdcp.h"
#include "plmn_data.h" #include "plmn_data.h"
...@@ -424,7 +422,6 @@ void init_SL_preconfig(UE_RRC_INST *UE, const uint8_t eNB_index ) { ...@@ -424,7 +422,6 @@ void init_SL_preconfig(UE_RRC_INST *UE, const uint8_t eNB_index ) {
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
void openair_rrc_ue_init_security( const protocol_ctxt_t *const ctxt_pP ) { void openair_rrc_ue_init_security( const protocol_ctxt_t *const ctxt_pP ) {
#if defined(ENABLE_SECURITY)
// uint8_t *kRRCenc; // uint8_t *kRRCenc;
// uint8_t *kRRCint; // uint8_t *kRRCint;
char ascii_buffer[65]; char ascii_buffer[65];
...@@ -438,7 +435,6 @@ void openair_rrc_ue_init_security( const protocol_ctxt_t *const ctxt_pP ) { ...@@ -438,7 +435,6 @@ void openair_rrc_ue_init_security( const protocol_ctxt_t *const ctxt_pP ) {
LOG_T(RRC, PROTOCOL_RRC_CTXT_FMT"[OSA] kenb = %s\n", LOG_T(RRC, PROTOCOL_RRC_CTXT_FMT"[OSA] kenb = %s\n",
PROTOCOL_RRC_CTXT_ARGS(ctxt_pP), PROTOCOL_RRC_CTXT_ARGS(ctxt_pP),
ascii_buffer); ascii_buffer);
#endif
} }
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
...@@ -1307,12 +1303,10 @@ rrc_ue_process_radioResourceConfigDedicated( ...@@ -1307,12 +1303,10 @@ rrc_ue_process_radioResourceConfigDedicated(
if (radioResourceConfigDedicated->srb_ToAddModList) { if (radioResourceConfigDedicated->srb_ToAddModList) {
uint8_t *kRRCenc = NULL; uint8_t *kRRCenc = NULL;
uint8_t *kRRCint = NULL; uint8_t *kRRCint = NULL;
#if defined(ENABLE_SECURITY)
derive_key_rrc_enc(UE_rrc_inst[ctxt_pP->module_id].ciphering_algorithm, derive_key_rrc_enc(UE_rrc_inst[ctxt_pP->module_id].ciphering_algorithm,
UE_rrc_inst[ctxt_pP->module_id].kenb, &kRRCenc); UE_rrc_inst[ctxt_pP->module_id].kenb, &kRRCenc);
derive_key_rrc_int(UE_rrc_inst[ctxt_pP->module_id].integrity_algorithm, derive_key_rrc_int(UE_rrc_inst[ctxt_pP->module_id].integrity_algorithm,
UE_rrc_inst[ctxt_pP->module_id].kenb, &kRRCint); UE_rrc_inst[ctxt_pP->module_id].kenb, &kRRCint);
#endif
// Refresh SRBs // Refresh SRBs
rrc_pdcp_config_asn1_req(ctxt_pP, rrc_pdcp_config_asn1_req(ctxt_pP,
radioResourceConfigDedicated->srb_ToAddModList, radioResourceConfigDedicated->srb_ToAddModList,
...@@ -1485,10 +1479,8 @@ rrc_ue_process_radioResourceConfigDedicated( ...@@ -1485,10 +1479,8 @@ rrc_ue_process_radioResourceConfigDedicated(
} }
uint8_t *kUPenc = NULL; uint8_t *kUPenc = NULL;
#if defined(ENABLE_SECURITY)
derive_key_up_enc(UE_rrc_inst[ctxt_pP->module_id].integrity_algorithm, derive_key_up_enc(UE_rrc_inst[ctxt_pP->module_id].integrity_algorithm,
UE_rrc_inst[ctxt_pP->module_id].kenb, &kUPenc); UE_rrc_inst[ctxt_pP->module_id].kenb, &kUPenc);
#endif
MSC_LOG_TX_MESSAGE( MSC_LOG_TX_MESSAGE(
MSC_RRC_UE, MSC_RRC_UE,
MSC_PDCP_UE, MSC_PDCP_UE,
...@@ -1663,7 +1655,6 @@ rrc_ue_process_securityModeCommand( ...@@ -1663,7 +1655,6 @@ rrc_ue_process_securityModeCommand(
ul_dcch_msg.message.choice.c1.present = LTE_UL_DCCH_MessageType__c1_PR_securityModeFailure; ul_dcch_msg.message.choice.c1.present = LTE_UL_DCCH_MessageType__c1_PR_securityModeFailure;
} }
#if defined(ENABLE_SECURITY)
uint8_t *kRRCenc = NULL; uint8_t *kRRCenc = NULL;
uint8_t *kUPenc = NULL; uint8_t *kUPenc = NULL;
uint8_t *kRRCint = NULL; uint8_t *kRRCint = NULL;
...@@ -1713,8 +1704,6 @@ rrc_ue_process_securityModeCommand( ...@@ -1713,8 +1704,6 @@ rrc_ue_process_securityModeCommand(
LOG_I(RRC, "Could not get PDCP instance where key=0x%ld\n", key); LOG_I(RRC, "Could not get PDCP instance where key=0x%ld\n", key);
} }
#endif //#if defined(ENABLE_SECURITY)
if (securityModeCommand->criticalExtensions.present == LTE_SecurityModeCommand__criticalExtensions_PR_c1) { if (securityModeCommand->criticalExtensions.present == LTE_SecurityModeCommand__criticalExtensions_PR_c1) {
if (securityModeCommand->criticalExtensions.choice.c1.present != LTE_SecurityModeCommand__criticalExtensions__c1_PR_securityModeCommand_r8) if (securityModeCommand->criticalExtensions.choice.c1.present != LTE_SecurityModeCommand__criticalExtensions__c1_PR_securityModeCommand_r8)
LOG_W(RRC,"securityModeCommand->criticalExtensions.choice.c1.present (%d) != SecurityModeCommand__criticalExtensions__c1_PR_securityModeCommand_r8\n", LOG_W(RRC,"securityModeCommand->criticalExtensions.choice.c1.present (%d) != SecurityModeCommand__criticalExtensions__c1_PR_securityModeCommand_r8\n",
......
...@@ -547,13 +547,11 @@ typedef struct eNB_RRC_UE_s { ...@@ -547,13 +547,11 @@ typedef struct eNB_RRC_UE_s {
int UE_Capability_size; int UE_Capability_size;
ImsiMobileIdentity_t imsi; ImsiMobileIdentity_t imsi;
#if defined(ENABLE_SECURITY)
/* KeNB as derived from KASME received from EPC */ /* KeNB as derived from KASME received from EPC */
uint8_t kenb[32]; uint8_t kenb[32];
int8_t kenb_ncc; int8_t kenb_ncc;
uint8_t nh[32]; uint8_t nh[32];
int8_t nh_ncc; int8_t nh_ncc;
#endif
/* Used integrity/ciphering algorithms */ /* Used integrity/ciphering algorithms */
LTE_CipheringAlgorithm_r12_t ciphering_algorithm; LTE_CipheringAlgorithm_r12_t ciphering_algorithm;
e_LTE_SecurityAlgorithmConfig__integrityProtAlgorithm integrity_algorithm; e_LTE_SecurityAlgorithmConfig__integrityProtAlgorithm integrity_algorithm;
...@@ -825,12 +823,10 @@ typedef struct UE_RRC_INST_s { ...@@ -825,12 +823,10 @@ typedef struct UE_RRC_INST_s {
float rsrq_db[7]; float rsrq_db[7];
float rsrp_db_filtered[7]; float rsrp_db_filtered[7];
float rsrq_db_filtered[7]; float rsrq_db_filtered[7];
#if defined(ENABLE_SECURITY)
/* KeNB as computed from parameters within USIM card */ /* KeNB as computed from parameters within USIM card */
uint8_t kenb[32]; uint8_t kenb[32];
uint8_t nh[32]; uint8_t nh[32];
int8_t nh_ncc; int8_t nh_ncc;
#endif
/* Used integrity/ciphering algorithms */ /* Used integrity/ciphering algorithms */
LTE_CipheringAlgorithm_r12_t ciphering_algorithm; LTE_CipheringAlgorithm_r12_t ciphering_algorithm;
......
...@@ -75,9 +75,7 @@ ...@@ -75,9 +75,7 @@
#include "OCG.h" #include "OCG.h"
#include "OCG_extern.h" #include "OCG_extern.h"
#if defined(ENABLE_SECURITY) #include "UTIL/OSA/osa_defs.h"
#include "UTIL/OSA/osa_defs.h"
#endif
#include "rrc_eNB_S1AP.h" #include "rrc_eNB_S1AP.h"
#include "rrc_eNB_GTPV1U.h" #include "rrc_eNB_GTPV1U.h"
...@@ -797,6 +795,29 @@ rrc_eNB_free_mem_UE_context( ...@@ -797,6 +795,29 @@ rrc_eNB_free_mem_UE_context(
ASN_STRUCT_FREE(asn_DEF_LTE_MeasConfig, ue_context_pP->ue_context.measConfig); ASN_STRUCT_FREE(asn_DEF_LTE_MeasConfig, ue_context_pP->ue_context.measConfig);
ue_context_pP->ue_context.measConfig = NULL; ue_context_pP->ue_context.measConfig = NULL;
} }
#if 0
//HANDOVER_INFO *handover_info;
//uint8_t kenb[32];
//e_SecurityAlgorithmConfig__cipheringAlgorithm ciphering_algorithm;
//e_SecurityAlgorithmConfig__integrityProtAlgorithm integrity_algorithm;
//uint8_t Status;
//rnti_t rnti;
//uint64_t random_ue_identity;
#if defined(ENABLE_ITTI)
//UE_S_TMSI Initialue_identity_s_TMSI;
//EstablishmentCause_t establishment_cause;
//ReestablishmentCause_t reestablishment_cause;
//uint16_t ue_initial_id;
//uint32_t eNB_ue_s1ap_id :24;
//security_capabilities_t security_capabilities;
//uint8_t nb_of_e_rabs;
//e_rab_param_t e_rab[S1AP_MAX_E_RAB];
//uint32_t enb_gtp_teid[S1AP_MAX_E_RAB];
//transport_layer_addr_t enb_gtp_addrs[S1AP_MAX_E_RAB];
//rb_id_t enb_gtp_ebi[S1AP_MAX_E_RAB];
#endif
#endif
} }
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
...@@ -6142,7 +6163,6 @@ rrc_eNB_process_RRCConnectionReconfigurationComplete( ...@@ -6142,7 +6163,6 @@ rrc_eNB_process_RRCConnectionReconfigurationComplete(
LTE_DRB_Identity_t *drb_id_p = NULL; LTE_DRB_Identity_t *drb_id_p = NULL;
T(T_ENB_RRC_CONNECTION_RECONFIGURATION_COMPLETE, T_INT(ctxt_pP->module_id), T_INT(ctxt_pP->frame), T(T_ENB_RRC_CONNECTION_RECONFIGURATION_COMPLETE, T_INT(ctxt_pP->module_id), T_INT(ctxt_pP->frame),
T_INT(ctxt_pP->subframe), T_INT(ctxt_pP->rnti)); T_INT(ctxt_pP->subframe), T_INT(ctxt_pP->rnti));
#if defined(ENABLE_SECURITY)
/* Derive the keys from kenb */ /* Derive the keys from kenb */
if (DRB_configList != NULL) { if (DRB_configList != NULL) {
...@@ -6154,7 +6174,6 @@ rrc_eNB_process_RRCConnectionReconfigurationComplete( ...@@ -6154,7 +6174,6 @@ rrc_eNB_process_RRCConnectionReconfigurationComplete(
ue_context_pP->ue_context.kenb, &kRRCenc); ue_context_pP->ue_context.kenb, &kRRCenc);
derive_key_rrc_int(ue_context_pP->ue_context.integrity_algorithm, derive_key_rrc_int(ue_context_pP->ue_context.integrity_algorithm,
ue_context_pP->ue_context.kenb, &kRRCint); ue_context_pP->ue_context.kenb, &kRRCint);
#endif
// Refresh SRBs/DRBs // Refresh SRBs/DRBs
MSC_LOG_TX_MESSAGE( MSC_LOG_TX_MESSAGE(
MSC_RRC_ENB, MSC_RRC_ENB,
......
...@@ -48,9 +48,7 @@ ...@@ -48,9 +48,7 @@
#include "s1ap_eNB.h" #include "s1ap_eNB.h"
#if defined(ENABLE_SECURITY) #include "UTIL/OSA/osa_defs.h"
#include "UTIL/OSA/osa_defs.h"
#endif
#include "msc.h" #include "msc.h"
#include "LTE_UERadioAccessCapabilityInformation.h" #include "LTE_UERadioAccessCapabilityInformation.h"
...@@ -486,7 +484,6 @@ static void process_eNB_security_key ( ...@@ -486,7 +484,6 @@ static void process_eNB_security_key (
) )
//------------------------------------------------------------------------------ //------------------------------------------------------------------------------
{ {
#if defined(ENABLE_SECURITY)
char ascii_buffer[65]; char ascii_buffer[65];
uint8_t i; uint8_t i;
/* Saves the security key */ /* Saves the security key */
...@@ -500,7 +497,6 @@ static void process_eNB_security_key ( ...@@ -500,7 +497,6 @@ static void process_eNB_security_key (
ascii_buffer[2 * i] = '\0'; ascii_buffer[2 * i] = '\0';
LOG_I (RRC, "[eNB %d][UE %x] Saved security key %s\n", ctxt_pP->module_id, ue_context_pP->ue_context.rnti, ascii_buffer); LOG_I (RRC, "[eNB %d][UE %x] Saved security key %s\n", ctxt_pP->module_id, ue_context_pP->ue_context.rnti, ascii_buffer);
#endif
} }
...@@ -513,7 +509,6 @@ rrc_pdcp_config_security( ...@@ -513,7 +509,6 @@ rrc_pdcp_config_security(
) )
//------------------------------------------------------------------------------ //------------------------------------------------------------------------------
{ {
#if defined(ENABLE_SECURITY)
LTE_SRB_ToAddModList_t *SRB_configList = ue_context_pP->ue_context.SRB_configList; LTE_SRB_ToAddModList_t *SRB_configList = ue_context_pP->ue_context.SRB_configList;
uint8_t *kRRCenc = NULL; uint8_t *kRRCenc = NULL;
uint8_t *kRRCint = NULL; uint8_t *kRRCint = NULL;
...@@ -571,8 +566,6 @@ rrc_pdcp_config_security( ...@@ -571,8 +566,6 @@ rrc_pdcp_config_security(
PROTOCOL_RRC_CTXT_UE_ARGS(ctxt_pP), PROTOCOL_RRC_CTXT_UE_ARGS(ctxt_pP),
DCCH); DCCH);
} }
#endif
} }
//------------------------------------------------------------------------------ //------------------------------------------------------------------------------
......
...@@ -45,7 +45,6 @@ ifeq ($(OPENSSL_FOUND), 0) ...@@ -45,7 +45,6 @@ ifeq ($(OPENSSL_FOUND), 0)
@(warning "openssl library is not installed on your system, openssl lib needed, continuing with security disabled") @(warning "openssl library is not installed on your system, openssl lib needed, continuing with security disabled")
SECU=0 SECU=0
else else
CFLAGS += -DENABLE_SECURITY
LIBS += $(OPENSSL_LIBS) $(NETTLE_LIBS) LIBS += $(OPENSSL_LIBS) $(NETTLE_LIBS)
endif endif
endif endif
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment