nrUE: handle security settings for SRB1 and reestablishment

For the moment absoluteFrequencySSB is hardcoded. To be fixed.

nrUE: handle security settings for SRB1 and reestablishment
For the moment absoluteFrequencySSB is hardcoded. To be fixed.
4b7bfae5 · Cedric Roux · francescomani · 86564fdb · 4b7bfae5
Commit 4b7bfae5 authored Jan 30, 2024 by Cedric Roux Committed by francescomani Feb 14, 2024
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 7 deletions

openair2/RRC/NR_UE/rrc_UE.c openair2/RRC/NR_UE/rrc_UE.c +30 -7

No files found.
--- a/openair2/RRC/NR_UE/rrc_UE.c
+++ b/openair2/RRC/NR_UE/rrc_UE.c
@@ -594,7 +594,8 @@ static void nr_rrc_handle_msg3_indication(NR_UE_RRC_INST_t *rrc, rnti_t rnti, in
      // re-establish RLC for SRB1
      // apply the specified configuration defined in 9.2.1 for SRB1
      nr_rlc_reestablish_default_srb(rrc->ue_id, srb_id);
-      // TODO configure lower layers to suspend integrity protection and ciphering for SRB1
+      // suspend integrity protection and ciphering for SRB1
+      nr_pdcp_config_set_security(rrc->ue_id, srb_id, 0, NULL, NULL, NULL);
      // resume SRB1
      rrcPerNB_t *rrcNB = rrc->perNB + gnb_id;
      rrcNB->Srb[srb_id] = RB_ESTABLISHED;
@@ -1356,14 +1357,36 @@ static void nr_rrc_ue_process_rrcReestablishment(NR_UE_RRC_INST_t *rrc,
  // store the nextHopChainingCount value
  NR_RRCReestablishment_IEs_t *ies = rrcReestablishment->criticalExtensions.choice.rrcReestablishment;
  AssertFatal(ies, "Not expecting RRCReestablishment_IEs to be NULL\n");
-  int nh = rrcReestablishment->criticalExtensions.choice.rrcReestablishment->nextHopChainingCount;
-  // TODO update the K gNB key based on the current K gNB key or the NH, using the stored nextHopChainingCount value
-  // TODO derive the K RRCenc and K UPenc keys associated with the previously configured cipheringAlgorithm
-  // TODO derive the K RRCint and K UPint keys associated with the previously configured integrityProtAlgorithm
+  // TODO need to understand how to use nextHopChainingCount
+  // int nh = rrcReestablishment->criticalExtensions.choice.rrcReestablishment->nextHopChainingCount;
+
+  // update the K gNB key based on the current K gNB key or the NH, using the stored nextHopChainingCount value
+  /* TODO: retrieve absoluteFrequencySSB correctly */
+  int absoluteFrequencySSB = 621312;
+  nr_derive_key_ng_ran_star(rrc->phyCellID, absoluteFrequencySSB, rrc->kgnb, rrc->kgnb);
+
+  // derive the K RRCenc and K UPenc keys associated with the previously configured cipheringAlgorithm
+  // derive the K RRCint and K UPint keys associated with the previously configured integrityProtAlgorithm
+  uint8_t kRRCenc[16] = {0};
+  uint8_t kRRCint[16] = {0};
+  uint8_t kUPenc[16] = {0};
+  uint8_t kUPint[16] = {0};
+
+  nr_derive_key(UP_ENC_ALG, rrc->cipheringAlgorithm, rrc->kgnb, kUPenc);
+  nr_derive_key(UP_INT_ALG, rrc->integrityProtAlgorithm, rrc->kgnb, kUPint);
+  nr_derive_key(RRC_ENC_ALG, rrc->cipheringAlgorithm, rrc->kgnb, kRRCenc);
+  nr_derive_key(RRC_INT_ALG, rrc->integrityProtAlgorithm, rrc->kgnb, kRRCint);
+
  // TODO request lower layers to verify the integrity protection of the RRCReestablishment message
  // TODO if the integrity protection check of the RRCReestablishment message fails -> go to IDLE
-  // TODO configure lower layers to resume integrity protection for SRB1
-  // TODO configure lower layers to resume ciphering for SRB1
+
+  // configure lower layers to resume integrity protection for SRB1
+  // configure lower layers to resume ciphering for SRB1
+  int srb_id = 1;
+  int security_mode = (rrc->integrityProtAlgorithm << 4)
+                      | rrc->cipheringAlgorithm;
+  nr_pdcp_config_set_security(rrc->ue_id, srb_id, security_mode, kRRCenc, kRRCint, kUPenc);
+
  // release the measurement gap configuration indicated by the measGapConfig, if configured
  rrcPerNB_t *rrcNB = rrc->perNB + gNB_index;
  asn1cFreeStruc(asn_DEF_NR_MeasGapConfig, rrcNB->measGapConfig);