Skip to content

O
OpenXG-RAN
Commit 80831cd4 authored by Masayuki Harada's avatar Masayuki Harada
Browse files
Options

Fix nr_derive_key memory problem.

parent 2fb38167
Hide whitespace changes
Inline Side-by-side
Showing with 18 additions and 136 deletions
openair2/LAYER2/nr_pdcp/nr_pdcp_oai_api.c
View file @ 80831cd4
...@@ -903,9 +903,7 @@ boolean_t nr_rrc_pdcp_config_asn1_req( ...@@ -903,9 +903,7 @@ boolean_t nr_rrc_pdcp_config_asn1_req(
uint8_t *const kRRCint, uint8_t *const kRRCint,
uint8_t *const kUPenc, uint8_t *const kUPenc,
uint8_t *const kUPint uint8_t *const kUPint
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9 ,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9
#endif
,rb_id_t *const defaultDRB, ,rb_id_t *const defaultDRB,
struct NR_CellGroupConfig__rlc_BearerToAddModList *rlc_bearer2add_list) struct NR_CellGroupConfig__rlc_BearerToAddModList *rlc_bearer2add_list)
//struct NR_RLC_Config *rlc_Config) //struct NR_RLC_Config *rlc_Config)
...@@ -975,9 +973,7 @@ boolean_t rrc_pdcp_config_asn1_req( ...@@ -975,9 +973,7 @@ boolean_t rrc_pdcp_config_asn1_req(
uint8_t *const kRRCenc, uint8_t *const kRRCenc,
uint8_t *const kRRCint, uint8_t *const kRRCint,
uint8_t *const kUPenc uint8_t *const kUPenc
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9 ,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9
#endif
,rb_id_t *const defaultDRB) ,rb_id_t *const defaultDRB)
{ {
return 0; return 0;
...@@ -1240,10 +1236,8 @@ boolean_t pdcp_data_req( ...@@ -1240,10 +1236,8 @@ boolean_t pdcp_data_req(
const sdu_size_t sdu_buffer_size, const sdu_size_t sdu_buffer_size,
unsigned char *const sdu_buffer, unsigned char *const sdu_buffer,
const pdcp_transmission_mode_t mode const pdcp_transmission_mode_t mode
#if (LTE_RRC_VERSION >= MAKE_VERSION(14, 0, 0))
,const uint32_t *const sourceL2Id ,const uint32_t *const sourceL2Id
,const uint32_t *const destinationL2Id ,const uint32_t *const destinationL2Id
#endif
) )
{ {
if (srb_flagP) { if (srb_flagP) {
......
openair2/RRC/LTE/rrc_eNB.c
View file @ 80831cd4
...@@ -3618,9 +3618,7 @@ void rrc_eNB_generate_defaultRRCConnectionReconfiguration(const protocol_ctxt_t ...@@ -3618,9 +3618,7 @@ void rrc_eNB_generate_defaultRRCConnectionReconfiguration(const protocol_ctxt_t
NULL, NULL,
NULL, NULL,
NULL NULL
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
, (LTE_PMCH_InfoList_r9_t *) NULL , (LTE_PMCH_InfoList_r9_t *) NULL
#endif
, NULL); , NULL);
/* Refresh SRBs/DRBs */ /* Refresh SRBs/DRBs */
...@@ -3629,11 +3627,9 @@ void rrc_eNB_generate_defaultRRCConnectionReconfiguration(const protocol_ctxt_t ...@@ -3629,11 +3627,9 @@ void rrc_eNB_generate_defaultRRCConnectionReconfiguration(const protocol_ctxt_t
*SRB_configList2, // NULL, *SRB_configList2, // NULL,
*DRB_configList, *DRB_configList,
NULL NULL
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
, (LTE_PMCH_InfoList_r9_t *) NULL, , (LTE_PMCH_InfoList_r9_t *) NULL,
0, 0,
0 0
#endif
); );
} }
...@@ -6331,9 +6327,7 @@ rrc_eNB_generate_HO_RRCConnectionReconfiguration(const protocol_ctxt_t *const ct ...@@ -6331,9 +6327,7 @@ rrc_eNB_generate_HO_RRCConnectionReconfiguration(const protocol_ctxt_t *const ct
NULL, NULL,
NULL, NULL,
NULL NULL
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
, (LTE_PMCH_InfoList_r9_t *) NULL , (LTE_PMCH_InfoList_r9_t *) NULL
#endif
, NULL); , NULL);
/* Refresh SRBs/DRBs */ /* Refresh SRBs/DRBs */
...@@ -6342,11 +6336,9 @@ rrc_eNB_generate_HO_RRCConnectionReconfiguration(const protocol_ctxt_t *const ct ...@@ -6342,11 +6336,9 @@ rrc_eNB_generate_HO_RRCConnectionReconfiguration(const protocol_ctxt_t *const ct
*SRB_configList2, // NULL, *SRB_configList2, // NULL,
*DRB_configList, *DRB_configList,
NULL NULL
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
, (LTE_PMCH_InfoList_r9_t *) NULL, , (LTE_PMCH_InfoList_r9_t *) NULL,
0, 0,
0 0
#endif
); );
} }
......
openair2/RRC/NR/rrc_gNB.c
View file @ 80831cd4
...@@ -106,9 +106,7 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req( ...@@ -106,9 +106,7 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req(
uint8_t *const kRRCint, uint8_t *const kRRCint,
uint8_t *const kUPenc, uint8_t *const kUPenc,
uint8_t *const kUPint uint8_t *const kUPint
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9 ,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9
#endif
,rb_id_t *const defaultDRB, ,rb_id_t *const defaultDRB,
struct NR_CellGroupConfig__rlc_BearerToAddModList *rlc_bearer2add_list); struct NR_CellGroupConfig__rlc_BearerToAddModList *rlc_bearer2add_list);
...@@ -1301,49 +1299,22 @@ rrc_gNB_process_RRCReconfigurationComplete( ...@@ -1301,49 +1299,22 @@ rrc_gNB_process_RRCReconfigurationComplete(
ue_context_pP->ue_context.ue_reestablishment_timer = 0; ue_context_pP->ue_context.ue_reestablishment_timer = 0;
#ifndef PHYSIM #ifndef PHYSIM
uint8_t *k_kdf = NULL;
/* Derive the keys from kgnb */ /* Derive the keys from kgnb */
if (DRB_configList != NULL) { if (DRB_configList != NULL) {
k_kdf = NULL;
nr_derive_key_up_enc(ue_context_pP->ue_context.ciphering_algorithm, nr_derive_key_up_enc(ue_context_pP->ue_context.ciphering_algorithm,
ue_context_pP->ue_context.kgnb, ue_context_pP->ue_context.kgnb,
&k_kdf); &kUPenc);
/* kUPenc: last 128 bits of key derivation function which returns 256 bits */
kUPenc = malloc(16);
if (kUPenc == NULL) exit(1);
memcpy(kUPenc, k_kdf+16, 16);
free(k_kdf);
k_kdf = NULL;
nr_derive_key_up_int(ue_context_pP->ue_context.integrity_algorithm, nr_derive_key_up_int(ue_context_pP->ue_context.integrity_algorithm,
ue_context_pP->ue_context.kgnb, ue_context_pP->ue_context.kgnb,
&k_kdf); &kUPint);
/* kUPint: last 128 bits of key derivation function which returns 256 bits */
kUPint = malloc(16);
if (kUPint == NULL) exit(1);
memcpy(kUPint, k_kdf+16, 16);
free(k_kdf);
} }
k_kdf = NULL;
nr_derive_key_rrc_enc(ue_context_pP->ue_context.ciphering_algorithm, nr_derive_key_rrc_enc(ue_context_pP->ue_context.ciphering_algorithm,
ue_context_pP->ue_context.kgnb, ue_context_pP->ue_context.kgnb,
&k_kdf); &kRRCenc);
/* kRRCenc: last 128 bits of key derivation function which returns 256 bits */
kRRCenc = malloc(16);
if (kRRCenc == NULL) exit(1);
memcpy(kRRCenc, k_kdf+16, 16);
free(k_kdf);
k_kdf = NULL;
nr_derive_key_rrc_int(ue_context_pP->ue_context.integrity_algorithm, nr_derive_key_rrc_int(ue_context_pP->ue_context.integrity_algorithm,
ue_context_pP->ue_context.kgnb, ue_context_pP->ue_context.kgnb,
&k_kdf); &kRRCint);
/* kRRCint: last 128 bits of key derivation function which returns 256 bits */
kRRCint = malloc(16);
if (kRRCint == NULL) exit(1);
memcpy(kRRCint, k_kdf+16, 16);
free(k_kdf);
#endif #endif
/* Refresh SRBs/DRBs */ /* Refresh SRBs/DRBs */
MSC_LOG_TX_MESSAGE(MSC_RRC_GNB, MSC_PDCP_ENB, NULL, 0, MSC_AS_TIME_FMT" CONFIG_REQ UE %x DRB (security unchanged)", MSC_LOG_TX_MESSAGE(MSC_RRC_GNB, MSC_PDCP_ENB, NULL, 0, MSC_AS_TIME_FMT" CONFIG_REQ UE %x DRB (security unchanged)",
......
openair2/RRC/NR/rrc_gNB_NGAP.c
View file @ 80831cd4
...@@ -309,41 +309,19 @@ nr_rrc_pdcp_config_security( ...@@ -309,41 +309,19 @@ nr_rrc_pdcp_config_security(
static int print_keys= 1; static int print_keys= 1;
#ifndef PHYSIM #ifndef PHYSIM
uint8_t *k_kdf = NULL;
/* Derive the keys from kgnb */ /* Derive the keys from kgnb */
if (SRB_configList != NULL) { if (SRB_configList != NULL) {
k_kdf = NULL;
nr_derive_key_up_enc(ue_context_pP->ue_context.ciphering_algorithm, nr_derive_key_up_enc(ue_context_pP->ue_context.ciphering_algorithm,
ue_context_pP->ue_context.kgnb, ue_context_pP->ue_context.kgnb,
&k_kdf); &kUPenc);
/* kUPenc: last 128 bits of key derivation function which returns 256 bits */
kUPenc = malloc(16);
if (kUPenc == NULL) exit(1);
memcpy(kUPenc, k_kdf+16, 16);
free(k_kdf);
} }
k_kdf = NULL;
nr_derive_key_rrc_enc(ue_context_pP->ue_context.ciphering_algorithm, nr_derive_key_rrc_enc(ue_context_pP->ue_context.ciphering_algorithm,
ue_context_pP->ue_context.kgnb, ue_context_pP->ue_context.kgnb,
&k_kdf); &kRRCenc);
/* kRRCenc: last 128 bits of key derivation function which returns 256 bits */
kRRCenc = malloc(16);
if (kRRCenc == NULL) exit(1);
memcpy(kRRCenc, k_kdf+16, 16);
free(k_kdf);
k_kdf = NULL;
nr_derive_key_rrc_int(ue_context_pP->ue_context.integrity_algorithm, nr_derive_key_rrc_int(ue_context_pP->ue_context.integrity_algorithm,
ue_context_pP->ue_context.kgnb, ue_context_pP->ue_context.kgnb,
&k_kdf); &kRRCint);
/* kRRCint: last 128 bits of key derivation function which returns 256 bits */
kRRCint = malloc(16);
if (kRRCint == NULL) exit(1);
memcpy(kRRCint, k_kdf+16, 16);
free(k_kdf);
#endif #endif
if (!IS_SOFTMODEM_IQPLAYER) { if (!IS_SOFTMODEM_IQPLAYER) {
SET_LOG_DUMP(DEBUG_SECURITY) ; SET_LOG_DUMP(DEBUG_SECURITY) ;
......
openair2/RRC/NR/rrc_gNB_nsa.c
View file @ 80831cd4
...@@ -52,9 +52,7 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req( ...@@ -52,9 +52,7 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req(
uint8_t *const kRRCint, uint8_t *const kRRCint,
uint8_t *const kUPenc, uint8_t *const kUPenc,
uint8_t *const kUPint uint8_t *const kUPint
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9 ,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9
#endif
,rb_id_t *const defaultDRB, ,rb_id_t *const defaultDRB,
struct NR_CellGroupConfig__rlc_BearerToAddModList *rlc_bearer2add_list); struct NR_CellGroupConfig__rlc_BearerToAddModList *rlc_bearer2add_list);
...@@ -215,25 +213,12 @@ void rrc_add_nsa_user(gNB_RRC_INST *rrc,struct rrc_gNB_ue_context_s *ue_context_ ...@@ -215,25 +213,12 @@ void rrc_add_nsa_user(gNB_RRC_INST *rrc,struct rrc_gNB_ue_context_s *ue_context_
LOG_I(RRC, "selecting integrity algorithm %d\n", ue_context_p->ue_context.integrity_algorithm); LOG_I(RRC, "selecting integrity algorithm %d\n", ue_context_p->ue_context.integrity_algorithm);
/* derive UP security key */ /* derive UP security key */
unsigned char *kUPenc_kdf;
nr_derive_key_up_enc(ue_context_p->ue_context.ciphering_algorithm, nr_derive_key_up_enc(ue_context_p->ue_context.ciphering_algorithm,
ue_context_p->ue_context.kgnb, ue_context_p->ue_context.kgnb,
&kUPenc_kdf); &kUPenc);
/* kUPenc: last 128 bits of key derivation function which returns 256 bits */
kUPenc = malloc(16);
if (kUPenc == NULL) exit(1);
memcpy(kUPenc, kUPenc_kdf+16, 16);
free(kUPenc_kdf);
unsigned char *kUPint_kdf;
nr_derive_key_up_int(ue_context_p->ue_context.integrity_algorithm, nr_derive_key_up_int(ue_context_p->ue_context.integrity_algorithm,
ue_context_p->ue_context.kgnb, ue_context_p->ue_context.kgnb,
&kUPint_kdf); &kUPint);
/* kUPint: last 128 bits of key derivation function which returns 256 bits */
kUPint = malloc(16);
if (kUPint == NULL) exit(1);
memcpy(kUPint, kUPint_kdf+16, 16);
free(kUPint_kdf);
e_NR_CipheringAlgorithm cipher_algo; e_NR_CipheringAlgorithm cipher_algo;
switch (ue_context_p->ue_context.ciphering_algorithm) { switch (ue_context_p->ue_context.ciphering_algorithm) {
......
openair2/RRC/NR_UE/rrc_UE.c
View file @ 80831cd4
...@@ -187,9 +187,7 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req( ...@@ -187,9 +187,7 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req(
uint8_t *const kRRCint, uint8_t *const kRRCint,
uint8_t *const kUPenc, uint8_t *const kUPenc,
uint8_t *const kUPint uint8_t *const kUPint
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9 ,LTE_PMCH_InfoList_r9_t *pmch_InfoList_r9
#endif
,rb_id_t *const defaultDRB, ,rb_id_t *const defaultDRB,
struct NR_CellGroupConfig__rlc_BearerToAddModList *rlc_bearer2add_list); struct NR_CellGroupConfig__rlc_BearerToAddModList *rlc_bearer2add_list);
...@@ -1655,37 +1653,16 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB ...@@ -1655,37 +1653,16 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB
uint8_t *kRRCenc = NULL; uint8_t *kRRCenc = NULL;
uint8_t *kUPenc = NULL; uint8_t *kUPenc = NULL;
uint8_t *kRRCint = NULL; uint8_t *kRRCint = NULL;
uint8_t *k_kdf = NULL;
#ifndef PHYSIM #ifndef PHYSIM
k_kdf = NULL;
nr_derive_key_up_enc(NR_UE_rrc_inst[ctxt_pP->module_id].cipheringAlgorithm, nr_derive_key_up_enc(NR_UE_rrc_inst[ctxt_pP->module_id].cipheringAlgorithm,
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, NR_UE_rrc_inst[ctxt_pP->module_id].kgnb,
&k_kdf); &kUPenc);
/* kUPenc: last 128 bits of key derivation function which returns 256 bits */
kUPenc = malloc(16);
if (kUPenc == NULL) exit(1);
memcpy(kUPenc, k_kdf+16, 16);
free(k_kdf);
k_kdf = NULL;
nr_derive_key_rrc_enc(NR_UE_rrc_inst[ctxt_pP->module_id].cipheringAlgorithm, nr_derive_key_rrc_enc(NR_UE_rrc_inst[ctxt_pP->module_id].cipheringAlgorithm,
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, NR_UE_rrc_inst[ctxt_pP->module_id].kgnb,
&k_kdf); &kRRCenc);
/* kRRCenc: last 128 bits of key derivation function which returns 256 bits */
kRRCenc = malloc(16);
if (kRRCenc == NULL) exit(1);
memcpy(kRRCenc, k_kdf+16, 16);
free(k_kdf);
k_kdf = NULL;
nr_derive_key_rrc_int(NR_UE_rrc_inst[ctxt_pP->module_id].integrityProtAlgorithm, nr_derive_key_rrc_int(NR_UE_rrc_inst[ctxt_pP->module_id].integrityProtAlgorithm,
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, NR_UE_rrc_inst[ctxt_pP->module_id].kgnb,
&k_kdf); &kRRCint);
/* kRRCint: last 128 bits of key derivation function which returns 256 bits */
kRRCint = malloc(16);
if (kRRCint == NULL) exit(1);
memcpy(kRRCint, k_kdf+16, 16);
free(k_kdf);
#endif #endif
LOG_I(NR_RRC, "driving kRRCenc, kRRCint and kUPenc from KgNB=" LOG_I(NR_RRC, "driving kRRCenc, kRRCint and kUPenc from KgNB="
"%02x%02x%02x%02x" "%02x%02x%02x%02x"
...@@ -2060,17 +2037,9 @@ nr_rrc_ue_establish_srb2( ...@@ -2060,17 +2037,9 @@ nr_rrc_ue_establish_srb2(
uint8_t *kRRCenc = NULL; uint8_t *kRRCenc = NULL;
uint8_t *kRRCint = NULL; uint8_t *kRRCint = NULL;
nr_derive_key_rrc_enc(NR_UE_rrc_inst[ctxt_pP->module_id].cipheringAlgorithm, nr_derive_key_rrc_enc(NR_UE_rrc_inst[ctxt_pP->module_id].cipheringAlgorithm,
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, &k_kdf); NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, &kRRCenc);
kRRCenc = malloc(16);
if (kRRCenc == NULL) exit(1);
memcpy(kRRCenc, k_kdf + 16, 16);
free(k_kdf);
nr_derive_key_rrc_int(NR_UE_rrc_inst[ctxt_pP->module_id].integrityProtAlgorithm, nr_derive_key_rrc_int(NR_UE_rrc_inst[ctxt_pP->module_id].integrityProtAlgorithm,
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, &k_kdf); NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, &kRRCint);
kRRCint = malloc(16);
if (kRRCint == NULL) exit(1);
memcpy(kRRCint, k_kdf + 16, 16);
free(k_kdf);
// Refresh SRBs // Refresh SRBs
nr_rrc_pdcp_config_asn1_req(ctxt_pP, nr_rrc_pdcp_config_asn1_req(ctxt_pP,
...@@ -2157,18 +2126,9 @@ nr_rrc_ue_establish_srb2( ...@@ -2157,18 +2126,9 @@ nr_rrc_ue_establish_srb2(
uint8_t *kUPint = NULL; uint8_t *kUPint = NULL;
nr_derive_key_up_enc(NR_UE_rrc_inst[ctxt_pP->module_id].cipheringAlgorithm, nr_derive_key_up_enc(NR_UE_rrc_inst[ctxt_pP->module_id].cipheringAlgorithm,
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, &k_kdf); NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, &kUPenc);
kUPenc = malloc(16);
if (kUPenc == NULL) exit(1);
memcpy(kUPenc, k_kdf + 16, 16);
free(k_kdf);
nr_derive_key_up_int(NR_UE_rrc_inst[ctxt_pP->module_id].integrityProtAlgorithm, nr_derive_key_up_int(NR_UE_rrc_inst[ctxt_pP->module_id].integrityProtAlgorithm,
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, &k_kdf); NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, &kUPint);
kUPint = malloc(16);
if (kUPint == NULL) exit(1);
memcpy(kUPint, k_kdf + 16, 16);
free(k_kdf);
MSC_LOG_TX_MESSAGE( MSC_LOG_TX_MESSAGE(
MSC_RRC_UE, MSC_RRC_UE,
......
openair2/UTIL/OSA/osa_key_deriver.c
View file @ 80831cd4
...@@ -121,6 +121,8 @@ int nr_derive_key(algorithm_type_dist_t alg_type, uint8_t alg_id, ...@@ -121,6 +121,8 @@ int nr_derive_key(algorithm_type_dist_t alg_type, uint8_t alg_id,
string[6] = 0x01; string[6] = 0x01;
kdf(string, 7, key, 32, out, 32); kdf(string, 7, key, 32, out, 32);
// in NR, we use the last 16 bytes, ignoring the first 16 ones
memcpy(*out, *out+16, 16);
return 0; return 0;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment