Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
O
OpenXG-RAN
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
lizhongxiao
OpenXG-RAN
Commits
d0575640
Commit
d0575640
authored
3 years ago
by
Masayuki Harada
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add calc kgnb and PDCP security settings in nrUE.
parent
b590cec2
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
94 additions
and
39 deletions
+94
-39
openair2/RRC/NR_UE/rrc_UE.c
openair2/RRC/NR_UE/rrc_UE.c
+58
-38
openair3/NAS/NR_UE/nr_nas_msg_sim.c
openair3/NAS/NR_UE/nr_nas_msg_sim.c
+36
-1
No files found.
openair2/RRC/NR_UE/rrc_UE.c
View file @
d0575640
...
@@ -1571,6 +1571,7 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB
...
@@ -1571,6 +1571,7 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB
}
}
extern
uint8_t
global_kgnb
[
32
];
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
void
void
nr_rrc_ue_process_securityModeCommand
(
nr_rrc_ue_process_securityModeCommand
(
...
@@ -1655,45 +1656,64 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB
...
@@ -1655,45 +1656,64 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB
uint8_t
*
kRRCenc
=
NULL
;
uint8_t
*
kRRCenc
=
NULL
;
uint8_t
*
kUPenc
=
NULL
;
uint8_t
*
kUPenc
=
NULL
;
uint8_t
*
kRRCint
=
NULL
;
uint8_t
*
kRRCint
=
NULL
;
pdcp_t
*
pdcp_p
=
NULL
;
uint8_t
*
k_kdf
=
NULL
;
hash_key_t
key
=
HASHTABLE_NOT_A_KEY_VALUE
;
#ifndef PHYSIM
hashtable_rc_t
h_rc
;
memcpy
(
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
,
global_kgnb
,
32
);
key
=
PDCP_COLL_KEY_VALUE
(
ctxt_pP
->
module_id
,
ctxt_pP
->
rnti
,
ctxt_pP
->
enb_flag
,
DCCH
,
SRB_FLAG_YES
);
k_kdf
=
NULL
;
h_rc
=
hashtable_get
(
pdcp_coll_p
,
key
,
(
void
**
)
&
pdcp_p
);
nr_derive_key_up_enc
(
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
cipheringAlgorithm
,
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
,
if
(
h_rc
==
HASH_TABLE_OK
)
{
&
k_kdf
);
LOG_D
(
NR_RRC
,
"PDCP_COLL_KEY_VALUE() returns valid key = %ld
\n
"
,
key
);
/* kUPenc: last 128 bits of key derivation function which returns 256 bits */
LOG_D
(
NR_RRC
,
"driving kRRCenc, kRRCint and kUPenc from KgNB="
kUPenc
=
malloc
(
16
);
"%02x%02x%02x%02x"
if
(
kUPenc
==
NULL
)
exit
(
1
);
"%02x%02x%02x%02x"
memcpy
(
kUPenc
,
k_kdf
+
16
,
16
);
"%02x%02x%02x%02x"
free
(
k_kdf
);
"%02x%02x%02x%02x"
"%02x%02x%02x%02x"
k_kdf
=
NULL
;
"%02x%02x%02x%02x"
nr_derive_key_rrc_enc
(
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
cipheringAlgorithm
,
"%02x%02x%02x%02x"
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
,
"%02x%02x%02x%02x
\n
"
,
&
k_kdf
);
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
0
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
1
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
2
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
3
],
/* kRRCenc: last 128 bits of key derivation function which returns 256 bits */
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
4
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
5
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
6
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
7
],
kRRCenc
=
malloc
(
16
);
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
8
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
9
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
10
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
11
],
if
(
kRRCenc
==
NULL
)
exit
(
1
);
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
12
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
13
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
14
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
15
],
memcpy
(
kRRCenc
,
k_kdf
+
16
,
16
);
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
16
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
17
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
18
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
19
],
free
(
k_kdf
);
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
20
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
21
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
22
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
23
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
24
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
25
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
26
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
27
],
k_kdf
=
NULL
;
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
28
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
29
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
30
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
31
]);
nr_derive_key_rrc_int
(
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
integrityProtAlgorithm
,
derive_key_rrc_enc
(
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
cipheringAlgorithm
,
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
,
&
kRRCenc
);
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
,
derive_key_rrc_int
(
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
integrityProtAlgorithm
,
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
,
&
kRRCint
);
&
k_kdf
);
derive_key_up_enc
(
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
cipheringAlgorithm
,
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
,
&
kUPenc
);
/* kRRCint: last 128 bits of key derivation function which returns 256 bits */
kRRCint
=
malloc
(
16
);
if
(
securityMode
!=
0xff
)
{
if
(
kRRCint
==
NULL
)
exit
(
1
);
pdcp_config_set_security
(
ctxt_pP
,
pdcp_p
,
0
,
0
,
memcpy
(
kRRCint
,
k_kdf
+
16
,
16
);
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
cipheringAlgorithm
free
(
k_kdf
);
|
(
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
integrityProtAlgorithm
<<
4
),
#endif
kRRCenc
,
kRRCint
,
kUPenc
);
LOG_I
(
NR_RRC
,
"driving kRRCenc, kRRCint and kUPenc from KgNB="
}
else
{
"%02x%02x%02x%02x"
LOG_I
(
NR_RRC
,
"skipped pdcp_config_set_security() as securityMode == 0x%02x"
,
securityMode
);
"%02x%02x%02x%02x"
}
"%02x%02x%02x%02x"
"%02x%02x%02x%02x"
"%02x%02x%02x%02x"
"%02x%02x%02x%02x"
"%02x%02x%02x%02x"
"%02x%02x%02x%02x
\n
"
,
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
0
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
1
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
2
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
3
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
4
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
5
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
6
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
7
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
8
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
9
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
10
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
11
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
12
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
13
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
14
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
15
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
16
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
17
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
18
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
19
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
20
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
21
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
22
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
23
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
24
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
25
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
26
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
27
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
28
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
29
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
30
],
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
kgnb
[
31
]);
if
(
securityMode
!=
0xff
)
{
pdcp_config_set_security
(
ctxt_pP
,
NULL
,
DCCH
,
DCCH
+
2
,
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
cipheringAlgorithm
|
(
NR_UE_rrc_inst
[
ctxt_pP
->
module_id
].
integrityProtAlgorithm
<<
4
),
kRRCenc
,
kRRCint
,
kUPenc
);
}
else
{
}
else
{
LOG_I
(
NR_RRC
,
"
Could not get PDCP instance where key=0x%ld
\n
"
,
key
);
LOG_I
(
NR_RRC
,
"
skipped pdcp_config_set_security() as securityMode == 0x%02x"
,
securityMode
);
}
}
if
(
securityModeCommand
->
criticalExtensions
.
present
==
NR_SecurityModeCommand__criticalExtensions_PR_securityModeCommand
)
{
if
(
securityModeCommand
->
criticalExtensions
.
present
==
NR_SecurityModeCommand__criticalExtensions_PR_securityModeCommand
)
{
...
...
This diff is collapsed.
Click to expand it.
openair3/NAS/NR_UE/nr_nas_msg_sim.c
View file @
d0575640
...
@@ -374,6 +374,7 @@ void generateIdentityResponse(as_nas_info_t *initialNasMsg, uint8_t identitytype
...
@@ -374,6 +374,7 @@ void generateIdentityResponse(as_nas_info_t *initialNasMsg, uint8_t identitytype
}
}
OctetString
knas_int
;
OctetString
knas_int
;
uint8_t
kamf
[
32
];
static
void
generateAuthenticationResp
(
as_nas_info_t
*
initialNasMsg
,
uint8_t
*
buf
,
uicc_t
*
uicc
){
static
void
generateAuthenticationResp
(
as_nas_info_t
*
initialNasMsg
,
uint8_t
*
buf
,
uicc_t
*
uicc
){
uint8_t
ak
[
6
];
uint8_t
ak
[
6
];
...
@@ -381,7 +382,6 @@ static void generateAuthenticationResp(as_nas_info_t *initialNasMsg, uint8_t *bu
...
@@ -381,7 +382,6 @@ static void generateAuthenticationResp(as_nas_info_t *initialNasMsg, uint8_t *bu
uint8_t
kausf
[
32
];
uint8_t
kausf
[
32
];
uint8_t
sqn
[
6
];
uint8_t
sqn
[
6
];
uint8_t
kseaf
[
32
];
uint8_t
kseaf
[
32
];
uint8_t
kamf
[
32
];
OctetString
res
;
OctetString
res
;
// get RAND for authentication request
// get RAND for authentication request
...
@@ -465,6 +465,40 @@ static void generateAuthenticationResp(as_nas_info_t *initialNasMsg, uint8_t *bu
...
@@ -465,6 +465,40 @@ static void generateAuthenticationResp(as_nas_info_t *initialNasMsg, uint8_t *bu
initialNasMsg
->
length
=
mm_msg_encode
(
mm_msg
,
(
uint8_t
*
)(
initialNasMsg
->
data
),
size
);
initialNasMsg
->
length
=
mm_msg_encode
(
mm_msg
,
(
uint8_t
*
)(
initialNasMsg
->
data
),
size
);
}
}
uint8_t
global_kgnb
[
32
];
static
void
get_kgnb
(
uint32_t
count
)
{
/* Compute the KDF input parameter
* S = FC(0x11) || UL NAS Count || 0x00 0x04
*/
uint8_t
input
[
32
];
// uint16_t length = 4;
// int offset = 0;
LOG_TRACE
(
INFO
,
"%s with count= %d"
,
__FUNCTION__
,
count
);
memset
(
input
,
0
,
32
);
input
[
0
]
=
0x6E
;
// P0
input
[
1
]
=
count
>>
24
;
input
[
2
]
=
(
uint8_t
)(
count
>>
16
);
input
[
3
]
=
(
uint8_t
)(
count
>>
8
);
input
[
4
]
=
(
uint8_t
)
count
;
// L0
input
[
5
]
=
0
;
input
[
6
]
=
4
;
// P1
input
[
7
]
=
0x01
;
// L1
input
[
8
]
=
0
;
input
[
9
]
=
1
;
kdf
(
kamf
,
32
,
input
,
10
,
global_kgnb
,
32
);
printf
(
"global_kgnb : "
);
for
(
int
pp
=
0
;
pp
<
32
;
pp
++
)
printf
(
"%02x "
,
global_kgnb
[
pp
]);
printf
(
"
\n
"
);
}
static
void
generateSecurityModeComplete
(
as_nas_info_t
*
initialNasMsg
)
static
void
generateSecurityModeComplete
(
as_nas_info_t
*
initialNasMsg
)
{
{
int
size
=
sizeof
(
mm_msg_header_t
);
int
size
=
sizeof
(
mm_msg_header_t
);
...
@@ -893,6 +927,7 @@ void *nas_nrue_task(void *args_p)
...
@@ -893,6 +927,7 @@ void *nas_nrue_task(void *args_p)
generateAuthenticationResp
(
&
initialNasMsg
,
pdu_buffer
,
uicc
);
generateAuthenticationResp
(
&
initialNasMsg
,
pdu_buffer
,
uicc
);
break
;
break
;
case
FGS_SECURITY_MODE_COMMAND
:
case
FGS_SECURITY_MODE_COMMAND
:
get_kgnb
(
0
);
generateSecurityModeComplete
(
&
initialNasMsg
);
generateSecurityModeComplete
(
&
initialNasMsg
);
break
;
break
;
case
FGS_DOWNLINK_NAS_TRANSPORT
:
case
FGS_DOWNLINK_NAS_TRANSPORT
:
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment