Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
O
OpenXG-RAN
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
zzha zzha
OpenXG-RAN
Commits
accae671
Commit
accae671
authored
Feb 23, 2021
by
hardy
Browse files
Options
Browse Files
Download
Plain Diff
Merge remote-tracking branch 'origin/nr-pdcp-nea2-security' into integration_2021_wk08
parents
3199b815
21ff70e8
Changes
27
Hide whitespace changes
Inline
Side-by-side
Showing
27 changed files
with
553 additions
and
118 deletions
+553
-118
cmake_targets/CMakeLists.txt
cmake_targets/CMakeLists.txt
+1
-0
openair1/SIMULATION/NR_PHY/dlsim.c
openair1/SIMULATION/NR_PHY/dlsim.c
+6
-0
openair1/SIMULATION/NR_PHY/prachsim.c
openair1/SIMULATION/NR_PHY/prachsim.c
+6
-0
openair1/SIMULATION/NR_PHY/ulsim.c
openair1/SIMULATION/NR_PHY/ulsim.c
+6
-0
openair2/COMMON/s1ap_messages_types.h
openair2/COMMON/s1ap_messages_types.h
+8
-0
openair2/COMMON/x2ap_messages_types.h
openair2/COMMON/x2ap_messages_types.h
+1
-1
openair2/GNB_APP/gnb_config.c
openair2/GNB_APP/gnb_config.c
+96
-1
openair2/GNB_APP/gnb_paramdef.h
openair2/GNB_APP/gnb_paramdef.h
+23
-0
openair2/LAYER2/nr_pdcp/nr_pdcp_entity.c
openair2/LAYER2/nr_pdcp/nr_pdcp_entity.c
+28
-3
openair2/LAYER2/nr_pdcp/nr_pdcp_entity.h
openair2/LAYER2/nr_pdcp/nr_pdcp_entity.h
+25
-3
openair2/LAYER2/nr_pdcp/nr_pdcp_entity_drb_am.c
openair2/LAYER2/nr_pdcp/nr_pdcp_entity_drb_am.c
+15
-0
openair2/LAYER2/nr_pdcp/nr_pdcp_oai_api.c
openair2/LAYER2/nr_pdcp/nr_pdcp_oai_api.c
+29
-9
openair2/LAYER2/nr_pdcp/nr_pdcp_security_nea2.c
openair2/LAYER2/nr_pdcp/nr_pdcp_security_nea2.c
+65
-0
openair2/LAYER2/nr_pdcp/nr_pdcp_security_nea2.h
openair2/LAYER2/nr_pdcp/nr_pdcp_security_nea2.h
+33
-0
openair2/RRC/LTE/rrc_defs.h
openair2/RRC/LTE/rrc_defs.h
+10
-0
openair2/RRC/LTE/rrc_eNB.c
openair2/RRC/LTE/rrc_eNB.c
+9
-67
openair2/RRC/LTE/rrc_eNB_S1AP.c
openair2/RRC/LTE/rrc_eNB_S1AP.c
+9
-0
openair2/RRC/NR/nr_rrc_defs.h
openair2/RRC/NR/nr_rrc_defs.h
+11
-0
openair2/RRC/NR/nr_rrc_proto.h
openair2/RRC/NR/nr_rrc_proto.h
+5
-1
openair2/RRC/NR/rrc_gNB.c
openair2/RRC/NR/rrc_gNB.c
+4
-1
openair2/RRC/NR/rrc_gNB_nsa.c
openair2/RRC/NR/rrc_gNB_nsa.c
+96
-23
openair2/RRC/NR/rrc_gNB_reconfig.c
openair2/RRC/NR/rrc_gNB_reconfig.c
+9
-6
openair2/RRC/NR_UE/rrc_UE.c
openair2/RRC/NR_UE/rrc_UE.c
+4
-1
openair2/UTIL/OSA/osa_defs.h
openair2/UTIL/OSA/osa_defs.h
+2
-0
openair2/UTIL/OSA/osa_key_deriver.c
openair2/UTIL/OSA/osa_key_deriver.c
+24
-0
openair3/S1AP/s1ap_eNB_handlers.c
openair3/S1AP/s1ap_eNB_handlers.c
+16
-2
targets/PROJECTS/GENERIC-LTE-EPC/CONF/testing_gnb.conf
targets/PROJECTS/GENERIC-LTE-EPC/CONF/testing_gnb.conf
+12
-0
No files found.
cmake_targets/CMakeLists.txt
View file @
accae671
...
...
@@ -1968,6 +1968,7 @@ set(NR_PDCP_SRC
${
OPENAIR2_DIR
}
/LAYER2/nr_pdcp/nr_pdcp_ue_manager.c
${
OPENAIR2_DIR
}
/LAYER2/nr_pdcp/nr_pdcp_entity.c
${
OPENAIR2_DIR
}
/LAYER2/nr_pdcp/nr_pdcp_entity_drb_am.c
${
OPENAIR2_DIR
}
/LAYER2/nr_pdcp/nr_pdcp_security_nea2.c
${
OPENAIR2_DIR
}
/LAYER2/nr_pdcp/asn1_utils.c
)
...
...
openair1/SIMULATION/NR_PHY/dlsim.c
View file @
accae671
...
...
@@ -151,6 +151,12 @@ nr_rrc_gNB_process_GTPV1U_CREATE_TUNNEL_RESP(
return
0
;
}
int
nr_derive_key
(
int
alg_type
,
uint8_t
alg_id
,
const
uint8_t
key
[
32
],
uint8_t
**
out
)
{
return
0
;
}
void
config_common
(
int
Mod_idP
,
int
pdsch_AntennaPorts
,
NR_ServingCellConfigCommon_t
*
scc
...
...
openair1/SIMULATION/NR_PHY/prachsim.c
View file @
accae671
...
...
@@ -142,6 +142,12 @@ int8_t nr_rrc_ue_decode_NR_SIB1_Message(module_id_t module_id, uint8_t gNB_index
return
0
;
}
int
nr_derive_key
(
int
alg_type
,
uint8_t
alg_id
,
const
uint8_t
key
[
32
],
uint8_t
**
out
)
{
return
0
;
}
int
main
(
int
argc
,
char
**
argv
){
char
c
;
...
...
openair1/SIMULATION/NR_PHY/ulsim.c
View file @
accae671
...
...
@@ -165,6 +165,12 @@ int8_t nr_rrc_ue_decode_NR_SIB1_Message(module_id_t module_id, uint8_t gNB_index
return
0
;
}
int
nr_derive_key
(
int
alg_type
,
uint8_t
alg_id
,
const
uint8_t
key
[
32
],
uint8_t
**
out
)
{
return
0
;
}
// needed for some functions
uint16_t
n_rnti
=
0x1234
;
openair0_config_t
openair0_cfg
[
MAX_CARDS
];
...
...
openair2/COMMON/s1ap_messages_types.h
View file @
accae671
...
...
@@ -155,6 +155,11 @@ typedef struct security_capabilities_s {
uint16_t
integrity_algorithms
;
}
security_capabilities_t
;
typedef
struct
nr_security_capabilities_s
{
uint16_t
encryption_algorithms
;
uint16_t
integrity_algorithms
;
}
nr_security_capabilities_t
;
/* Provides the establishment cause for the RRC connection request as provided
* by the upper layers. W.r.t. the cause value names: highPriorityAccess
* concerns AC11..AC15, ‘mt’ stands for ‘Mobile Terminating’ and ‘mo’ for
...
...
@@ -538,6 +543,9 @@ typedef struct s1ap_initial_context_setup_req_s {
uint8_t
nb_of_e_rabs
;
/* list of e_rab to be setup by RRC layers */
e_rab_t
e_rab_param
[
S1AP_MAX_E_RAB
];
/* NR Security algorithms (if any, set to 0 if not present) */
nr_security_capabilities_t
nr_security_capabilities
;
}
s1ap_initial_context_setup_req_t
;
typedef
struct
tai_plmn_identity_s
{
...
...
openair2/COMMON/x2ap_messages_types.h
View file @
accae671
...
...
@@ -338,7 +338,7 @@ typedef struct x2ap_ENDC_sgnb_addition_req_s {
/* used for RRC->X2AP in source eNB */
int
rnti
;
security_capabilities_t
security_capabilities
;
nr_
security_capabilities_t
security_capabilities
;
/* SgNB Security Key */
uint8_t
kgnb
[
32
];
...
...
openair2/GNB_APP/gnb_config.c
View file @
accae671
...
...
@@ -515,6 +515,101 @@ void RCconfig_nr_macrlc() {
}
void
config_security
(
gNB_RRC_INST
*
rrc
)
{
paramdef_t
logparams_defaults
[]
=
SECURITY_GLOBALPARAMS_DESC
;
int
ret
=
config_get
(
logparams_defaults
,
sizeof
(
logparams_defaults
)
/
sizeof
(
paramdef_t
),
CONFIG_STRING_SECURITY
);
int
i
;
if
(
ret
<
0
)
{
LOG_W
(
RRC
,
"configuration file does not contain a
\"
security
\"
section, applying default parameters (no security)
\n
"
);
rrc
->
security
.
ciphering_algorithms
[
0
]
=
0
;
/* nea0 = no ciphering */
rrc
->
security
.
ciphering_algorithms_count
=
1
;
rrc
->
security
.
integrity_algorithms
[
0
]
=
0
;
/* nia0 = no integrity */
rrc
->
security
.
integrity_algorithms_count
=
1
;
return
;
}
if
(
logparams_defaults
[
SECURITY_CONFIG_CIPHERING_IDX
].
numelt
>
4
)
{
LOG_E
(
RRC
,
"too much ciphering algorithms in section
\"
security
\"
of the configuration file, maximum is 4
\n
"
);
exit
(
1
);
}
if
(
logparams_defaults
[
SECURITY_CONFIG_INTEGRITY_IDX
].
numelt
>
4
)
{
LOG_E
(
RRC
,
"too much integrity algorithms in section
\"
security
\"
of the configuration file, maximum is 4
\n
"
);
exit
(
1
);
}
/* get ciphering algorithms */
rrc
->
security
.
ciphering_algorithms_count
=
0
;
for
(
i
=
0
;
i
<
logparams_defaults
[
SECURITY_CONFIG_CIPHERING_IDX
].
numelt
;
i
++
)
{
if
(
!
strcmp
(
logparams_defaults
[
SECURITY_CONFIG_CIPHERING_IDX
].
strlistptr
[
i
],
"nea0"
))
{
rrc
->
security
.
ciphering_algorithms
[
rrc
->
security
.
ciphering_algorithms_count
]
=
0
;
rrc
->
security
.
ciphering_algorithms_count
++
;
continue
;
}
if
(
!
strcmp
(
logparams_defaults
[
SECURITY_CONFIG_CIPHERING_IDX
].
strlistptr
[
i
],
"nea1"
))
{
rrc
->
security
.
ciphering_algorithms
[
rrc
->
security
.
ciphering_algorithms_count
]
=
1
;
rrc
->
security
.
ciphering_algorithms_count
++
;
continue
;
}
if
(
!
strcmp
(
logparams_defaults
[
SECURITY_CONFIG_CIPHERING_IDX
].
strlistptr
[
i
],
"nea2"
))
{
rrc
->
security
.
ciphering_algorithms
[
rrc
->
security
.
ciphering_algorithms_count
]
=
2
;
rrc
->
security
.
ciphering_algorithms_count
++
;
continue
;
}
if
(
!
strcmp
(
logparams_defaults
[
SECURITY_CONFIG_CIPHERING_IDX
].
strlistptr
[
i
],
"nea3"
))
{
rrc
->
security
.
ciphering_algorithms
[
rrc
->
security
.
ciphering_algorithms_count
]
=
3
;
rrc
->
security
.
ciphering_algorithms_count
++
;
continue
;
}
LOG_E
(
RRC
,
"unknown ciphering algorithm
\"
%s
\"
in section
\"
security
\"
of the configuration file
\n
"
,
logparams_defaults
[
SECURITY_CONFIG_CIPHERING_IDX
].
strlistptr
[
i
]);
exit
(
1
);
}
/* get integrity algorithms */
rrc
->
security
.
integrity_algorithms_count
=
0
;
for
(
i
=
0
;
i
<
logparams_defaults
[
SECURITY_CONFIG_INTEGRITY_IDX
].
numelt
;
i
++
)
{
if
(
!
strcmp
(
logparams_defaults
[
SECURITY_CONFIG_INTEGRITY_IDX
].
strlistptr
[
i
],
"nia0"
))
{
rrc
->
security
.
integrity_algorithms
[
rrc
->
security
.
integrity_algorithms_count
]
=
0
;
rrc
->
security
.
integrity_algorithms_count
++
;
continue
;
}
if
(
!
strcmp
(
logparams_defaults
[
SECURITY_CONFIG_INTEGRITY_IDX
].
strlistptr
[
i
],
"nia1"
))
{
rrc
->
security
.
integrity_algorithms
[
rrc
->
security
.
integrity_algorithms_count
]
=
1
;
rrc
->
security
.
integrity_algorithms_count
++
;
continue
;
}
if
(
!
strcmp
(
logparams_defaults
[
SECURITY_CONFIG_INTEGRITY_IDX
].
strlistptr
[
i
],
"nia2"
))
{
rrc
->
security
.
integrity_algorithms
[
rrc
->
security
.
integrity_algorithms_count
]
=
2
;
rrc
->
security
.
integrity_algorithms_count
++
;
continue
;
}
if
(
!
strcmp
(
logparams_defaults
[
SECURITY_CONFIG_INTEGRITY_IDX
].
strlistptr
[
i
],
"nia3"
))
{
rrc
->
security
.
integrity_algorithms
[
rrc
->
security
.
integrity_algorithms_count
]
=
3
;
rrc
->
security
.
integrity_algorithms_count
++
;
continue
;
}
LOG_E
(
RRC
,
"unknown integrity algorithm
\"
%s
\"
in section
\"
security
\"
of the configuration file
\n
"
,
logparams_defaults
[
SECURITY_CONFIG_INTEGRITY_IDX
].
strlistptr
[
i
]);
exit
(
1
);
}
if
(
rrc
->
security
.
ciphering_algorithms_count
==
0
)
{
LOG_W
(
RRC
,
"no preferred ciphering algorithm set in configuration file, applying default parameters (no security)
\n
"
);
rrc
->
security
.
ciphering_algorithms
[
0
]
=
0
;
/* nea0 = no ciphering */
rrc
->
security
.
ciphering_algorithms_count
=
1
;
}
if
(
rrc
->
security
.
integrity_algorithms_count
==
0
)
{
LOG_W
(
RRC
,
"no preferred integrity algorithm set in configuration file, applying default parameters (no security)
\n
"
);
rrc
->
security
.
integrity_algorithms
[
0
]
=
0
;
/* nia0 = no integrity */
rrc
->
security
.
integrity_algorithms_count
=
1
;
}
}
void
RCconfig_NRRRC
(
MessageDef
*
msg_p
,
uint32_t
i
,
gNB_RRC_INST
*
rrc
)
{
int
num_gnbs
=
0
;
...
...
@@ -681,7 +776,7 @@ void RCconfig_NRRRC(MessageDef *msg_p, uint32_t i, gNB_RRC_INST *rrc) {
}
//End for (k=0; k <num_gnbs ; k++)
}
//End if (num_gnbs>0)
config_security
(
rrc
);
}
//End RCconfig_NRRRC function
int
RCconfig_nr_gtpu
(
void
)
{
...
...
openair2/GNB_APP/gnb_paramdef.h
View file @
accae671
...
...
@@ -452,4 +452,27 @@ typedef enum {
#define CONFIG_HLP_WORKER "coding and FEP worker thread WORKER_DISABLE or WORKER_ENABLE\n"
#define CONFIG_HLP_PARALLEL "PARALLEL_SINGLE_THREAD, PARALLEL_RU_L1_SPLIT, or PARALLEL_RU_L1_TRX_SPLIT(RU_L1_TRX_SPLIT by defult)\n"
/*-------------------------------------------------------------------------------------------------------------------------------------------------------------*/
/*----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------*/
/* security configuration */
/*----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------*/
#define CONFIG_STRING_SECURITY "security"
#define SECURITY_CONFIG_CIPHERING "ciphering_algorithms"
#define SECURITY_CONFIG_INTEGRITY "integrity_algorithms"
/*----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------*/
/* security configuration */
/* optname help paramflags XXXptr defXXXval type numelt */
/*----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------*/
#define SECURITY_GLOBALPARAMS_DESC { \
{SECURITY_CONFIG_CIPHERING, "preferred ciphering algorithms\n", 0, strlistptr:NULL, defstrlistval:NULL, TYPE_STRINGLIST, 0}, \
{SECURITY_CONFIG_INTEGRITY, "preferred integrity algorithms\n", 0, strlistptr:NULL, defstrlistval:NULL, TYPE_STRINGLIST, 0}, \
}
#define SECURITY_CONFIG_CIPHERING_IDX 0
#define SECURITY_CONFIG_INTEGRITY_IDX 1
/*----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------*/
#endif
openair2/LAYER2/nr_pdcp/nr_pdcp_entity.c
View file @
accae671
...
...
@@ -22,11 +22,12 @@
#include "nr_pdcp_entity.h"
#include "nr_pdcp_entity_drb_am.h"
#include "nr_pdcp_security_nea2.h"
#include "LOG/log.h"
nr_pdcp_entity_t
*
new_nr_pdcp_entity_srb
(
int
rb_id
,
int
is_gnb
,
int
rb_id
,
void
(
*
deliver_sdu
)(
void
*
deliver_sdu_data
,
struct
nr_pdcp_entity_t
*
entity
,
char
*
buf
,
int
size
),
void
*
deliver_sdu_data
,
...
...
@@ -38,7 +39,7 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_srb(
}
nr_pdcp_entity_t
*
new_nr_pdcp_entity_drb_am
(
int
rb_id
,
int
is_gnb
,
int
rb_id
,
void
(
*
deliver_sdu
)(
void
*
deliver_sdu_data
,
struct
nr_pdcp_entity_t
*
entity
,
char
*
buf
,
int
size
),
void
*
deliver_sdu_data
,
...
...
@@ -47,7 +48,11 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_drb_am(
void
*
deliver_pdu_data
,
int
sn_size
,
int
t_reordering
,
int
discard_timer
)
int
discard_timer
,
int
ciphering_algorithm
,
int
integrity_algorithm
,
unsigned
char
*
ciphering_key
,
unsigned
char
*
integrity_key
)
{
nr_pdcp_entity_drb_am_t
*
ret
;
...
...
@@ -76,5 +81,25 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_drb_am(
ret
->
common
.
maximum_nr_pdcp_sn
=
(
1
<<
sn_size
)
-
1
;
if
(
ciphering_key
!=
NULL
&&
ciphering_algorithm
!=
0
)
{
if
(
ciphering_algorithm
!=
2
)
{
LOG_E
(
PDCP
,
"FATAL: only nea2 supported for the moment
\n
"
);
exit
(
1
);
}
ret
->
common
.
has_ciphering
=
1
;
ret
->
common
.
ciphering_algorithm
=
ciphering_algorithm
;
memcpy
(
ret
->
common
.
ciphering_key
,
ciphering_key
,
16
);
ret
->
common
.
security_context
=
nr_pdcp_security_nea2_init
(
ciphering_key
);
ret
->
common
.
cipher
=
nr_pdcp_security_nea2_cipher
;
ret
->
common
.
free_security
=
nr_pdcp_security_nea2_free_security
;
}
ret
->
common
.
is_gnb
=
is_gnb
;
if
(
integrity_key
!=
NULL
)
{
printf
(
"%s:%d:%s: TODO
\n
"
,
__FILE__
,
__LINE__
,
__FUNCTION__
);
exit
(
1
);
}
return
(
nr_pdcp_entity_t
*
)
ret
;
}
openair2/LAYER2/nr_pdcp/nr_pdcp_entity.h
View file @
accae671
...
...
@@ -42,10 +42,28 @@ typedef struct nr_pdcp_entity_t {
int
tx_hfn
;
int
next_nr_pdcp_tx_sn
;
int
maximum_nr_pdcp_sn
;
/* security */
int
has_ciphering
;
int
has_integrity
;
int
ciphering_algorithm
;
int
integrity_algorithm
;
unsigned
char
ciphering_key
[
16
];
unsigned
char
integrity_key
[
16
];
void
*
security_context
;
void
(
*
cipher
)(
void
*
security_context
,
unsigned
char
*
buffer
,
int
length
,
int
bearer
,
int
count
,
int
direction
);
void
(
*
free_security
)(
void
*
security_context
);
/* security algorithms need to know uplink/downlink information
* which is reverse for gnb and ue, so we need to know if this
* pdcp entity is for a gnb or an ue
*/
int
is_gnb
;
}
nr_pdcp_entity_t
;
nr_pdcp_entity_t
*
new_nr_pdcp_entity_srb
(
int
rb_id
,
int
is_gnb
,
int
rb_id
,
void
(
*
deliver_sdu
)(
void
*
deliver_sdu_data
,
struct
nr_pdcp_entity_t
*
entity
,
char
*
buf
,
int
size
),
void
*
deliver_sdu_data
,
...
...
@@ -54,7 +72,7 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_srb(
void
*
deliver_pdu_data
);
nr_pdcp_entity_t
*
new_nr_pdcp_entity_drb_am
(
int
rb_id
,
int
is_gnb
,
int
rb_id
,
void
(
*
deliver_sdu
)(
void
*
deliver_sdu_data
,
struct
nr_pdcp_entity_t
*
entity
,
char
*
buf
,
int
size
),
void
*
deliver_sdu_data
,
...
...
@@ -63,7 +81,11 @@ nr_pdcp_entity_t *new_nr_pdcp_entity_drb_am(
void
*
deliver_pdu_data
,
int
sn_size
,
int
t_reordering
,
int
discard_timer
);
int
discard_timer
,
int
ciphering_algorithm
,
int
integrity_algorithm
,
unsigned
char
*
ciphering_key
,
unsigned
char
*
integrity_key
);
void
nr_DRB_preconfiguration
(
uint16_t
crnti
);
...
...
openair2/LAYER2/nr_pdcp/nr_pdcp_entity_drb_am.c
View file @
accae671
...
...
@@ -29,12 +29,21 @@
void
nr_pdcp_entity_drb_am_recv_pdu
(
nr_pdcp_entity_t
*
_entity
,
char
*
buffer
,
int
size
)
{
nr_pdcp_entity_drb_am_t
*
entity
=
(
nr_pdcp_entity_drb_am_t
*
)
_entity
;
int
sn
;
if
(
size
<
3
)
abort
();
if
(
!
(
buffer
[
0
]
&
0x80
))
LOG_E
(
PDCP
,
"%s:%d:%s: fatal
\n
"
,
__FILE__
,
__LINE__
,
__FUNCTION__
);
sn
=
(((
unsigned
char
)
buffer
[
0
]
&
0x3
)
<<
16
)
|
((
unsigned
char
)
buffer
[
1
]
<<
8
)
|
(
unsigned
char
)
buffer
[
2
];
if
(
entity
->
common
.
has_ciphering
)
entity
->
common
.
cipher
(
entity
->
common
.
security_context
,
(
unsigned
char
*
)
buffer
+
3
,
size
-
3
,
entity
->
rb_id
,
sn
,
entity
->
common
.
is_gnb
?
0
:
1
);
entity
->
common
.
deliver_sdu
(
entity
->
common
.
deliver_sdu_data
,
(
nr_pdcp_entity_t
*
)
entity
,
buffer
+
3
,
size
-
3
);
}
...
...
@@ -59,6 +68,10 @@ void nr_pdcp_entity_drb_am_recv_sdu(nr_pdcp_entity_t *_entity, char *buffer, int
buf
[
2
]
=
sn
&
0xff
;
memcpy
(
buf
+
3
,
buffer
,
size
);
if
(
entity
->
common
.
has_ciphering
)
entity
->
common
.
cipher
(
entity
->
common
.
security_context
,
(
unsigned
char
*
)
buf
+
3
,
size
,
entity
->
rb_id
,
sn
,
entity
->
common
.
is_gnb
?
1
:
0
);
entity
->
common
.
deliver_pdu
(
entity
->
common
.
deliver_pdu_data
,
(
nr_pdcp_entity_t
*
)
entity
,
buf
,
size
+
3
,
sdu_id
);
}
...
...
@@ -71,5 +84,7 @@ void nr_pdcp_entity_drb_am_set_integrity_key(nr_pdcp_entity_t *_entity, char *ke
void
nr_pdcp_entity_drb_am_delete
(
nr_pdcp_entity_t
*
_entity
)
{
nr_pdcp_entity_drb_am_t
*
entity
=
(
nr_pdcp_entity_drb_am_t
*
)
_entity
;
if
(
entity
->
common
.
free_security
!=
NULL
)
entity
->
common
.
free_security
(
entity
->
common
.
security_context
);
free
(
entity
);
}
openair2/LAYER2/nr_pdcp/nr_pdcp_oai_api.c
View file @
accae671
...
...
@@ -591,7 +591,11 @@ static void add_srb(int rnti, struct NR_SRB_ToAddMod *s)
TODO
;
}
static
void
add_drb_am
(
int
rnti
,
struct
NR_DRB_ToAddMod
*
s
)
static
void
add_drb_am
(
int
is_gnb
,
int
rnti
,
struct
NR_DRB_ToAddMod
*
s
,
int
ciphering_algorithm
,
int
integrity_algorithm
,
unsigned
char
*
ciphering_key
,
unsigned
char
*
integrity_key
)
{
nr_pdcp_entity_t
*
pdcp_drb
;
nr_pdcp_ue_t
*
ue
;
...
...
@@ -621,8 +625,11 @@ static void add_drb_am(int rnti, struct NR_DRB_ToAddMod *s)
LOG_D
(
PDCP
,
"%s:%d:%s: warning DRB %d already exist for ue %d, do nothing
\n
"
,
__FILE__
,
__LINE__
,
__FUNCTION__
,
drb_id
,
rnti
);
}
else
{
pdcp_drb
=
new_nr_pdcp_entity_drb_am
(
drb_id
,
deliver_sdu_drb
,
ue
,
deliver_pdu_drb
,
ue
,
sn_size_dl
,
t_reordering
,
discard_timer
);
pdcp_drb
=
new_nr_pdcp_entity_drb_am
(
is_gnb
,
drb_id
,
deliver_sdu_drb
,
ue
,
deliver_pdu_drb
,
ue
,
sn_size_dl
,
t_reordering
,
discard_timer
,
ciphering_algorithm
,
integrity_algorithm
,
ciphering_key
,
integrity_key
);
nr_pdcp_ue_add_drb_pdcp_entity
(
ue
,
drb_id
,
pdcp_drb
);
LOG_D
(
PDCP
,
"%s:%d:%s: added drb %d to ue rnti %x
\n
"
,
__FILE__
,
__LINE__
,
__FUNCTION__
,
drb_id
,
rnti
);
...
...
@@ -630,16 +637,23 @@ static void add_drb_am(int rnti, struct NR_DRB_ToAddMod *s)
nr_pdcp_manager_unlock
(
nr_pdcp_ue_manager
);
}
static
void
add_drb
(
int
rnti
,
struct
NR_DRB_ToAddMod
*
s
,
NR_RLC_Config_t
*
rlc_Config
)
static
void
add_drb
(
int
is_gnb
,
int
rnti
,
struct
NR_DRB_ToAddMod
*
s
,
NR_RLC_Config_t
*
rlc_Config
,
int
ciphering_algorithm
,
int
integrity_algorithm
,
unsigned
char
*
ciphering_key
,
unsigned
char
*
integrity_key
)
{
switch
(
rlc_Config
->
present
)
{
case
NR_RLC_Config_PR_am
:
add_drb_am
(
rnti
,
s
);
add_drb_am
(
is_gnb
,
rnti
,
s
,
ciphering_algorithm
,
integrity_algorithm
,
ciphering_key
,
integrity_key
);
break
;
case
NR_RLC_Config_PR_um_Bi_Directional
:
//add_drb_um(rnti, s);
/* hack */
add_drb_am
(
rnti
,
s
);
add_drb_am
(
is_gnb
,
rnti
,
s
,
ciphering_algorithm
,
integrity_algorithm
,
ciphering_key
,
integrity_key
);
break
;
default:
LOG_E
(
PDCP
,
"%s:%d:%s: fatal: unhandled DRB type
\n
"
,
...
...
@@ -657,7 +671,8 @@ boolean_t nr_rrc_pdcp_config_asn1_req(
const
uint8_t
security_modeP
,
uint8_t
*
const
kRRCenc
,
uint8_t
*
const
kRRCint
,
uint8_t
*
const
kUPenc
uint8_t
*
const
kUPenc
,
uint8_t
*
const
kUPint
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
,
LTE_PMCH_InfoList_r9_t
*
pmch_InfoList_r9
#endif
...
...
@@ -676,7 +691,7 @@ boolean_t nr_rrc_pdcp_config_asn1_req(
//srb2add_list == NULL ||
//drb2add_list != NULL ||
drb2release_list
!=
NULL
||
security_modeP
!=
255
||
//
security_modeP != 255 ||
//kRRCenc != NULL ||
//kRRCint != NULL ||
//kUPenc != NULL ||
...
...
@@ -693,7 +708,10 @@ boolean_t nr_rrc_pdcp_config_asn1_req(
if
(
drb2add_list
!=
NULL
)
{
for
(
i
=
0
;
i
<
drb2add_list
->
list
.
count
;
i
++
)
{
add_drb
(
rnti
,
drb2add_list
->
list
.
array
[
i
],
rlc_bearer2add_list
->
list
.
array
[
i
]
->
rlc_Config
);
add_drb
(
ctxt_pP
->
enb_flag
,
rnti
,
drb2add_list
->
list
.
array
[
i
],
rlc_bearer2add_list
->
list
.
array
[
i
]
->
rlc_Config
,
security_modeP
&
0x0f
,
(
security_modeP
>>
4
)
&
0x0f
,
kUPenc
,
kUPint
);
}
}
...
...
@@ -705,6 +723,7 @@ boolean_t nr_rrc_pdcp_config_asn1_req(
free
(
kRRCenc
);
free
(
kRRCint
);
free
(
kUPenc
);
free
(
kUPint
);
return
0
;
}
...
...
@@ -805,6 +824,7 @@ void nr_DRB_preconfiguration(uint16_t crnti)
NULL
,
NULL
,
NULL
,
NULL
,
Rlc_Bearer_ToAdd_list
);
nr_rrc_rlc_config_asn1_req
(
&
ctxt
,
...
...
openair2/LAYER2/nr_pdcp/nr_pdcp_security_nea2.c
0 → 100644
View file @
accae671
/*
* Licensed to the OpenAirInterface (OAI) Software Alliance under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The OpenAirInterface Software Alliance licenses this file to You under
* the OAI Public License, Version 1.1 (the "License"); you may not use this file
* except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.openairinterface.org/?page_id=698
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*-------------------------------------------------------------------------------
* For more information about the OpenAirInterface (OAI) Software Alliance:
* contact@openairinterface.org
*/
#include "nr_pdcp_security_nea2.h"
#include <stdlib.h>
#include <string.h>
#include <nettle/nettle-meta.h>
#include <nettle/aes.h>
#include <nettle/ctr.h>
void
*
nr_pdcp_security_nea2_init
(
unsigned
char
*
ciphering_key
)
{
void
*
ctx
=
calloc
(
1
,
nettle_aes128
.
context_size
);
if
(
ctx
==
NULL
)
exit
(
1
);
#if NETTLE_VERSION_MAJOR < 3
nettle_aes128
.
set_encrypt_key
(
ctx
,
16
,
ciphering_key
);
#else
nettle_aes128
.
set_encrypt_key
(
ctx
,
ciphering_key
);
#endif
return
ctx
;
}
void
nr_pdcp_security_nea2_cipher
(
void
*
security_context
,
unsigned
char
*
buffer
,
int
length
,
int
bearer
,
int
count
,
int
direction
)
{
unsigned
char
t
[
16
];
t
[
0
]
=
(
count
>>
24
)
&
255
;
t
[
1
]
=
(
count
>>
16
)
&
255
;
t
[
2
]
=
(
count
>>
8
)
&
255
;
t
[
3
]
=
(
count
)
&
255
;
t
[
4
]
=
((
bearer
-
1
)
<<
3
)
|
(
direction
<<
2
);
memset
(
&
t
[
5
],
0
,
16
-
5
);
nettle_ctr_crypt
(
security_context
,
nettle_aes128
.
encrypt
,
nettle_aes128
.
block_size
,
t
,
length
,
buffer
,
buffer
);
}
void
nr_pdcp_security_nea2_free_security
(
void
*
security_context
)
{
free
(
security_context
);
}
openair2/LAYER2/nr_pdcp/nr_pdcp_security_nea2.h
0 → 100644
View file @
accae671
/*
* Licensed to the OpenAirInterface (OAI) Software Alliance under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The OpenAirInterface Software Alliance licenses this file to You under
* the OAI Public License, Version 1.1 (the "License"); you may not use this file
* except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.openairinterface.org/?page_id=698
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*-------------------------------------------------------------------------------
* For more information about the OpenAirInterface (OAI) Software Alliance:
* contact@openairinterface.org
*/
#ifndef _NR_PDCP_SECURITY_NEA2_H_
#define _NR_PDCP_SECURITY_NEA2_H_
void
*
nr_pdcp_security_nea2_init
(
unsigned
char
*
ciphering_key
);
void
nr_pdcp_security_nea2_cipher
(
void
*
security_context
,
unsigned
char
*
buffer
,
int
length
,
int
bearer
,
int
count
,
int
direction
);
void
nr_pdcp_security_nea2_free_security
(
void
*
security_context
);
#endif
/* _NR_PDCP_SECURITY_NEA2_H_ */
openair2/RRC/LTE/rrc_defs.h
View file @
accae671
...
...
@@ -546,6 +546,13 @@ typedef struct rrc_gummei_s {
uint16_t
mme_group_id
;
}
rrc_gummei_t
;
typedef
struct
{
uint16_t
ciphering_algorithms
;
uint16_t
integrity_algorithms
;
uint16_t
sk_counter
;
uint8_t
kgNB
[
32
];
}
lte_rrc_nr_security_t
;
typedef
struct
eNB_RRC_UE_s
{
uint8_t
primaryCC_id
;
LTE_SCellToAddMod_r10_t
sCell_config
[
2
];
...
...
@@ -615,6 +622,9 @@ typedef struct eNB_RRC_UE_s {
security_capabilities_t
security_capabilities
;
/* security capabilities and settings for an UE in ENDC mode */
lte_rrc_nr_security_t
nr_security
;
int
next_hop_chain_count
;
uint8_t
next_security_key
[
SECURITY_KEY_LENGTH
];
...
...
openair2/RRC/LTE/rrc_eNB.c
View file @
accae671
...
...
@@ -4426,69 +4426,11 @@ static int encode_CG_ConfigInfo(
struct
NR_RadioBearerConfig
*
rb_config
=
NULL
;
asn_enc_rval_t
enc_rval
;
int
RRC_OK
=
1
;
int
index
=
0
;
char
temp_buff
[
ASN_MAX_ENCODE_SIZE
];
NR_UE_CapabilityRAT_ContainerList_t
*
ue_cap_rat_container_list
=
NULL
;
NR_UE_CapabilityRAT_Container_t
*
ue_cap_rat_container_MRDC
=
NULL
;
NR_UE_CapabilityRAT_Container_t
*
ue_cap_rat_container_nr
=
NULL
;
int
RAT_Container_count
=
0
;
rb_config
=
calloc
(
1
,
sizeof
(
struct
NR_RadioBearerConfig
));
AssertFatal
(
rb_config
!=
NULL
,
"failed to allocate memory for rb_config"
);
if
(
ue_context_pP
->
ue_context
.
DRB_configList
->
list
.
count
!=
0
)
{
rb_config
->
drb_ToAddModList
=
calloc
(
1
,
sizeof
(
struct
NR_DRB_ToAddModList
));
AssertFatal
(
rb_config
->
drb_ToAddModList
!=
NULL
,
"failed to allocated memory for drbtoaddmodlist"
);
rb_config
->
drb_ToAddModList
->
list
.
count
=
NUMBEROF_DRBS_TOBE_ADDED
;
rb_config
->
drb_ToAddModList
->
list
.
array
=
calloc
(
NUMBEROF_DRBS_TOBE_ADDED
,
sizeof
(
struct
NR_DRB_ToAddMod
*
));
AssertFatal
(
rb_config
->
drb_ToAddModList
->
list
.
array
!=
NULL
,
"falied to allocate memory for list.array"
);
for
(
index
=
0
;
index
<
NUMBEROF_DRBS_TOBE_ADDED
;
index
++
)
{
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
=
calloc
(
1
,
sizeof
(
struct
NR_DRB_ToAddMod
));
AssertFatal
(
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
!=
NULL
,
"failed to allocate memory for drb_toaddmod"
);
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
drb_Identity
=
ue_context_pP
->
ue_context
.
DRB_configList
->
list
.
array
[
index
]
->
drb_Identity
;
if
(
ue_context_pP
->
ue_context
.
DRB_configList
->
list
.
array
[
index
]
->
eps_BearerIdentity
)
{
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
cnAssociation
=
calloc
(
1
,
sizeof
(
struct
NR_DRB_ToAddMod__cnAssociation
));
AssertFatal
(
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
cnAssociation
!=
NULL
,
"failed to allocate memory cnAssociation"
);
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
cnAssociation
->
present
=
NR_DRB_ToAddMod__cnAssociation_PR_eps_BearerIdentity
;
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
cnAssociation
->
choice
.
eps_BearerIdentity
=
*
(
ue_context_pP
->
ue_context
.
DRB_configList
->
list
.
array
[
index
]
->
eps_BearerIdentity
);
}
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
pdcp_Config
=
calloc
(
1
,
sizeof
(
struct
NR_PDCP_Config
));
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
pdcp_Config
->
drb
=
calloc
(
1
,
sizeof
(
struct
NR_PDCP_Config__drb
));
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
pdcp_Config
->
drb
->
discardTimer
=
calloc
(
1
,
sizeof
(
long
));
*
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
pdcp_Config
->
drb
->
discardTimer
=
*
(
ue_context_pP
->
ue_context
.
DRB_configList
->
list
.
array
[
index
]
->
pdcp_Config
->
discardTimer
);
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
pdcp_Config
->
drb
->
pdcp_SN_SizeUL
=
calloc
(
1
,
sizeof
(
long
));
*
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
pdcp_Config
->
drb
->
pdcp_SN_SizeUL
=
NR_PDCP_Config__drb__pdcp_SN_SizeUL_len18bits
;
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
pdcp_Config
->
drb
->
pdcp_SN_SizeDL
=
calloc
(
1
,
sizeof
(
long
));
*
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
pdcp_Config
->
drb
->
pdcp_SN_SizeDL
=
NR_PDCP_Config__drb__pdcp_SN_SizeDL_len18bits
;
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
pdcp_Config
->
drb
->
headerCompression
.
present
=
NR_PDCP_Config__drb__headerCompression_PR_notUsed
;
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
pdcp_Config
->
drb
->
headerCompression
.
choice
.
notUsed
=
0
;
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
pdcp_Config
->
t_Reordering
=
calloc
(
1
,
sizeof
(
long
));
*
rb_config
->
drb_ToAddModList
->
list
.
array
[
index
]
->
pdcp_Config
->
t_Reordering
=
NR_PDCP_Config__t_Reordering_ms0
;
}
rb_config
->
securityConfig
=
calloc
(
1
,
sizeof
(
struct
NR_SecurityConfig
));
rb_config
->
securityConfig
->
securityAlgorithmConfig
=
calloc
(
1
,
sizeof
(
struct
NR_SecurityAlgorithmConfig
));
rb_config
->
securityConfig
->
securityAlgorithmConfig
->
cipheringAlgorithm
=
NR_CipheringAlgorithm_nea0
;
rb_config
->
securityConfig
->
securityAlgorithmConfig
->
integrityProtAlgorithm
=
NULL
;
rb_config
->
securityConfig
->
keyToUse
=
calloc
(
1
,
sizeof
(
long
));
*
rb_config
->
securityConfig
->
keyToUse
=
NR_SecurityConfig__keyToUse_master
;
}
cg_configinfo
=
calloc
(
1
,
sizeof
(
struct
NR_CG_ConfigInfo
));
AssertFatal
(
cg_configinfo
!=
NULL
,
"failed to allocate memory for cg_configinfo"
);
...
...
@@ -4548,15 +4490,6 @@ static int encode_CG_ConfigInfo(
(
const
char
*
)
temp_buff
,
(
enc_rval
.
encoded
+
7
)
>>
3
);
}
cg_configinfo
->
criticalExtensions
.
choice
.
c1
->
choice
.
cg_ConfigInfo
->
mcg_RB_Config
=
calloc
(
1
,
sizeof
(
OCTET_STRING_t
));
AssertFatal
(
cg_configinfo
->
criticalExtensions
.
choice
.
c1
->
choice
.
cg_ConfigInfo
->
mcg_RB_Config
!=
NULL
,
"failed to allocate memory for mcg_rb_config"
);
enc_rval
=
uper_encode_to_buffer
(
&
asn_DEF_NR_RadioBearerConfig
,
NULL
,(
void
*
)
rb_config
,
temp_buff
,
ASN_MAX_ENCODE_SIZE
);
AssertFatal
(
enc_rval
.
encoded
>
0
,
"ASN1 message encoding failed (%s, %jd)!
\n
"
,
enc_rval
.
failed_type
->
name
,
enc_rval
.
encoded
);
OCTET_STRING_fromBuf
(
cg_configinfo
->
criticalExtensions
.
choice
.
c1
->
choice
.
cg_ConfigInfo
->
mcg_RB_Config
,
(
const
char
*
)
temp_buff
,
(
enc_rval
.
encoded
+
7
)
>>
3
);
// this xer_fprint can be enabled for additional debugging messages
// xer_fprint(stdout,&asn_DEF_NR_CG_ConfigInfo,(void *)cg_configinfo);
enc_rval
=
uper_encode_to_buffer
(
&
asn_DEF_NR_CG_ConfigInfo
,
NULL
,(
void
*
)
cg_configinfo
,
...
...
@@ -4665,11 +4598,20 @@ rrc_eNB_process_MeasurementReport(
msg
=
itti_alloc_new_message
(
TASK_RRC_ENB
,
0
,
X2AP_ENDC_SGNB_ADDITION_REQ
);
memset
(
&
(
X2AP_ENDC_SGNB_ADDITION_REQ
(
msg
)),
0
,
sizeof
(
x2ap_ENDC_sgnb_addition_req_t
));
X2AP_ENDC_SGNB_ADDITION_REQ
(
msg
).
rnti
=
ctxt_pP
->
rnti
;
X2AP_ENDC_SGNB_ADDITION_REQ
(
msg
).
security_capabilities
.
encryption_algorithms
=
ue_context_pP
->
ue_context
.
nr_security
.
ciphering_algorithms
;
X2AP_ENDC_SGNB_ADDITION_REQ
(
msg
).
security_capabilities
.
integrity_algorithms
=
ue_context_pP
->
ue_context
.
nr_security
.
integrity_algorithms
;
memcpy
(
X2AP_ENDC_SGNB_ADDITION_REQ
(
msg
).
kgnb
,
ue_context_pP
->
ue_context
.
nr_security
.
kgNB
,
32
);
memcpy
(
X2AP_ENDC_SGNB_ADDITION_REQ
(
msg
).
rrc_buffer
,
enc_buf
,
enc_size
);
X2AP_ENDC_SGNB_ADDITION_REQ
(
msg
).
rrc_buffer_size
=
enc_size
;
X2AP_ENDC_SGNB_ADDITION_REQ
(
msg
).
target_physCellId
=
measResults2
->
measResultNeighCells
->
choice
.
measResultListEUTRA
.
list
.
array
[
0
]
->
physCellId
;
//For the moment we have a single E-RAB which will be the one to be added to the gNB
//Not sure how to select bearers to be added if there are multiple.
X2AP_ENDC_SGNB_ADDITION_REQ
(
msg
).
nb_e_rabs_tobeadded
=
1
;
...
...
openair2/RRC/LTE/rrc_eNB_S1AP.c
View file @
accae671
...
...
@@ -1045,6 +1045,15 @@ int rrc_eNB_process_S1AP_INITIAL_CONTEXT_SETUP_REQ(MessageDef *msg_p, const char
}
}
ue_context_p
->
ue_context
.
nr_security
.
ciphering_algorithms
=
S1AP_INITIAL_CONTEXT_SETUP_REQ
(
msg_p
).
nr_security_capabilities
.
encryption_algorithms
;
ue_context_p
->
ue_context
.
nr_security
.
integrity_algorithms
=
S1AP_INITIAL_CONTEXT_SETUP_REQ
(
msg_p
).
nr_security_capabilities
.
integrity_algorithms
;
/* let's initialize sk_counter to 0 */
ue_context_p
->
ue_context
.
nr_security
.
sk_counter
=
0
;
/* let's compute kgNB */
derive_skgNB
(
ue_context_p
->
ue_context
.
kenb
,
ue_context_p
->
ue_context
.
nr_security
.
sk_counter
,
ue_context_p
->
ue_context
.
nr_security
.
kgNB
);
// in case, send the S1SP initial context response if it is not sent with the attach complete message
if
(
ue_context_p
->
ue_context
.
Status
==
RRC_RECONFIGURED
)
{
LOG_I
(
RRC
,
"Sending rrc_eNB_send_S1AP_INITIAL_CONTEXT_SETUP_RESP, cause %ld
\n
"
,
ue_context_p
->
ue_context
.
reestablishment_cause
);
...
...
openair2/RRC/NR/nr_rrc_defs.h
View file @
accae671
...
...
@@ -447,6 +447,15 @@ typedef struct {
//---------------------------------------------------
typedef
struct
{
/* nea0 = 0, nea1 = 1, ... */
int
ciphering_algorithms
[
4
];
int
ciphering_algorithms_count
;
/* nia0 = 0, nia1 = 1, ... */
int
integrity_algorithms
[
4
];
int
integrity_algorithms_count
;
}
nr_security_configuration_t
;
//---NR---(completely change)---------------------
typedef
struct
gNB_RRC_INST_s
{
...
...
@@ -479,6 +488,8 @@ typedef struct gNB_RRC_INST_s {
int
srb1_timer_status_prohibit
;
int
srs_enable
[
MAX_NUM_CCs
];
// security configuration (preferred algorithms)
nr_security_configuration_t
security
;
}
gNB_RRC_INST
;
#include "nr_rrc_proto.h" //should be put here otherwise compilation error
...
...
openair2/RRC/NR/nr_rrc_proto.h
View file @
accae671
...
...
@@ -39,6 +39,7 @@
#include "LTE_UE-CapabilityRAT-ContainerList.h"
#include "NR_CG-Config.h"
#include "NR_CG-ConfigInfo.h"
#include "NR_SecurityConfig.h"
int
rrc_init_nr_global_param
(
void
);
...
...
@@ -90,7 +91,10 @@ void fill_default_reconfig(NR_ServingCellConfigCommon_t *servingcellconfigcommon
int
n_physical_antenna_ports
,
int
initial_csi_index
);
void
fill_default_rbconfig
(
NR_RadioBearerConfig_t
*
rbconfig
);
void
fill_default_rbconfig
(
NR_RadioBearerConfig_t
*
rbconfig
,
int
eps_bearer_id
,
int
rb_id
,
e_NR_CipheringAlgorithm
ciphering_algorithm
,
e_NR_SecurityConfig__keyToUse
key_to_use
);
int
generate_CG_Config
(
gNB_RRC_INST
*
rrc
,
NR_CG_Config_t
*
cg_Config
,
...
...
openair2/RRC/NR/rrc_gNB.c
View file @
accae671
...
...
@@ -103,7 +103,8 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req(
const
uint8_t
security_modeP
,
uint8_t
*
const
kRRCenc
,
uint8_t
*
const
kRRCint
,
uint8_t
*
const
kUPenc
uint8_t
*
const
kUPenc
,
uint8_t
*
const
kUPint
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
,
LTE_PMCH_InfoList_r9_t
*
pmch_InfoList_r9
#endif
...
...
@@ -887,6 +888,7 @@ rrc_gNB_process_RRCReconfigurationComplete(
kUPenc
,
NULL
,
NULL
,
NULL
,
NULL
);
/* Refresh SRBs/DRBs */
nr_rrc_rlc_config_asn1_req
(
ctxt_pP
,
...
...
@@ -1702,6 +1704,7 @@ int nr_rrc_gNB_decode_ccch(protocol_ctxt_t *const ctxt_pP,
// NULL,
// NULL,
// NULL,
// NULL,
// NULL);
// if (!NODE_IS_CU(RC.nrrrc[ctxt_pP->module_id]->node_type)) {
...
...
openair2/RRC/NR/rrc_gNB_nsa.c
View file @
accae671
...
...
@@ -39,6 +39,7 @@
#include "openair2/RRC/LTE/rrc_eNB_GTPV1U.h"
#include "executables/softmodem-common.h"
#include <openair2/RRC/NR/rrc_gNB_UE_context.h>
#include "UTIL/OSA/osa_defs.h"
extern
boolean_t
nr_rrc_pdcp_config_asn1_req
(
const
protocol_ctxt_t
*
const
ctxt_pP
,
...
...
@@ -48,7 +49,8 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req(
const
uint8_t
security_modeP
,
uint8_t
*
const
kRRCenc
,
uint8_t
*
const
kRRCint
,
uint8_t
*
const
kUPenc
uint8_t
*
const
kUPenc
,
uint8_t
*
const
kUPint
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
,
LTE_PMCH_InfoList_r9_t
*
pmch_InfoList_r9
#endif
...
...
@@ -115,28 +117,14 @@ void rrc_parse_ue_capabilities(gNB_RRC_INST *rrc, NR_UE_CapabilityRAT_ContainerL
// dump ue_capabilities
if
(
LOG_DEBUGFLAG
(
DEBUG_ASN1
&&
ueCapabilityRAT_Container_nr
!=
NULL
)
)
{
if
(
LOG_DEBUGFLAG
(
DEBUG_ASN1
)
&&
ueCapabilityRAT_Container_nr
!=
NULL
)
{
xer_fprint
(
stdout
,
&
asn_DEF_NR_UE_NR_Capability
,
ue_context_p
->
ue_context
.
UE_Capability_nr
);
}
if
(
LOG_DEBUGFLAG
(
DEBUG_ASN1
&&
ueCapabilityRAT_Container_MRDC
!=
NULL
)
)
{
if
(
LOG_DEBUGFLAG
(
DEBUG_ASN1
)
&&
ueCapabilityRAT_Container_MRDC
!=
NULL
)
{
xer_fprint
(
stdout
,
&
asn_DEF_NR_UE_MRDC_Capability
,
ue_context_p
->
ue_context
.
UE_Capability_MRDC
);
}
if
(
cg_config_info
&&
cg_config_info
->
mcg_RB_Config
)
{
asn_dec_rval_t
dec_rval
=
uper_decode
(
NULL
,
&
asn_DEF_NR_RadioBearerConfig
,
(
void
**
)
&
ue_context_p
->
ue_context
.
rb_config
,
cg_config_info
->
mcg_RB_Config
->
buf
,
cg_config_info
->
mcg_RB_Config
->
size
,
0
,
0
);
if
((
dec_rval
.
code
!=
RC_OK
)
&&
(
dec_rval
.
consumed
==
0
))
{
AssertFatal
(
1
==
0
,
"[InterNode] Failed to decode mcg_rb_config (%zu bits), size of OCTET_STRING %lu
\n
"
,
dec_rval
.
consumed
,
cg_config_info
->
mcg_RB_Config
->
size
);
}
}
xer_fprint
(
stdout
,
&
asn_DEF_NR_RadioBearerConfig
,
(
const
void
*
)
ue_context_p
->
ue_context
.
rb_config
);
rrc_add_nsa_user
(
rrc
,
ue_context_p
,
m
);
}
...
...
@@ -152,6 +140,8 @@ void rrc_add_nsa_user(gNB_RRC_INST *rrc,struct rrc_gNB_ue_context_s *ue_context_
gtpv1u_enb_create_tunnel_req_t
create_tunnel_req
;
gtpv1u_enb_create_tunnel_resp_t
create_tunnel_resp
;
protocol_ctxt_t
ctxt
=
{
0
};
unsigned
char
*
kUPenc
=
NULL
;
int
i
;
// NR RRCReconfiguration
AssertFatal
(
rrc
->
Nb_ue
<
MAX_NR_RRC_UE_CONTEXTS
,
"cannot add another UE
\n
"
);
ue_context_p
->
ue_context
.
reconfig
=
calloc
(
1
,
sizeof
(
NR_RRCReconfiguration_t
));
...
...
@@ -162,9 +152,91 @@ void rrc_add_nsa_user(gNB_RRC_INST *rrc,struct rrc_gNB_ue_context_s *ue_context_
NR_RRCReconfiguration_IEs_t
*
reconfig_ies
=
calloc
(
1
,
sizeof
(
NR_RRCReconfiguration_IEs_t
));
ue_context_p
->
ue_context
.
reconfig
->
criticalExtensions
.
choice
.
rrcReconfiguration
=
reconfig_ies
;
carrier
->
initial_csi_index
[
rrc
->
Nb_ue
]
=
0
;
ue_context_p
->
ue_context
.
rb_config
=
calloc
(
1
,
sizeof
(
NR_RRCReconfiguration_t
));
if
(
get_softmodem_params
()
->
phy_test
==
1
||
get_softmodem_params
()
->
do_ra
==
1
||
get_softmodem_params
()
->
sa
==
1
){
ue_context_p
->
ue_context
.
rb_config
=
calloc
(
1
,
sizeof
(
NR_RRCReconfiguration_t
));
fill_default_rbconfig
(
ue_context_p
->
ue_context
.
rb_config
);
fill_default_rbconfig
(
ue_context_p
->
ue_context
.
rb_config
,
5
/* EPS bearer ID */
,
1
/* drb ID */
,
NR_CipheringAlgorithm_nea0
,
NR_SecurityConfig__keyToUse_master
);
}
else
{
/* TODO: handle more than one bearer */
if
(
m
==
NULL
)
{
LOG_E
(
RRC
,
"fatal: m==NULL
\n
"
);
exit
(
1
);
}
if
(
m
->
nb_e_rabs_tobeadded
!=
1
)
{
LOG_E
(
RRC
,
"fatal: m->nb_e_rabs_tobeadded = %d, should be 1
\n
"
,
m
->
nb_e_rabs_tobeadded
);
exit
(
1
);
}
/* store security key and security capabilities */
memcpy
(
ue_context_p
->
ue_context
.
kgnb
,
m
->
kgnb
,
32
);
ue_context_p
->
ue_context
.
security_capabilities
.
nRencryption_algorithms
=
m
->
security_capabilities
.
encryption_algorithms
;
ue_context_p
->
ue_context
.
security_capabilities
.
nRintegrity_algorithms
=
m
->
security_capabilities
.
integrity_algorithms
;
/* Select ciphering algorithm based on gNB configuration file and
* UE's supported algorithms.
* We take the first from the list that is supported by the UE.
* The ordering of the list comes from the configuration file.
*/
/* preset nea0 as fallback */
ue_context_p
->
ue_context
.
ciphering_algorithm
=
0
;
for
(
i
=
0
;
i
<
rrc
->
security
.
ciphering_algorithms_count
;
i
++
)
{
int
nea_mask
[
4
]
=
{
0
,
0x8000
,
/* nea1 */
0x4000
,
/* nea2 */
0x2000
/* nea3 */
};
if
(
rrc
->
security
.
ciphering_algorithms
[
i
]
==
0
)
{
/* nea0 already preselected */
break
;
}
if
(
ue_context_p
->
ue_context
.
security_capabilities
.
nRencryption_algorithms
&
nea_mask
[
rrc
->
security
.
ciphering_algorithms
[
i
]])
{
ue_context_p
->
ue_context
.
ciphering_algorithm
=
rrc
->
security
.
ciphering_algorithms
[
i
];
break
;
}
}
LOG_I
(
RRC
,
"selecting ciphering algorithm %d
\n
"
,
(
int
)
ue_context_p
->
ue_context
.
ciphering_algorithm
);
/* integrity: no integrity protection for DRB in ENDC mode
* as written in 38.331: "If UE is connected to E-UTRA/EPC, this field
* indicates the integrity protection algorithm to be used for SRBs
* configured with NR PDCP, as specified in TS 33.501"
* So nothing for DRB. Plus a test with a COTS UE revealed that it
* did not apply integrity on the DRB.
*/
ue_context_p
->
ue_context
.
integrity_algorithm
=
0
;
LOG_I
(
RRC
,
"selecting integrity algorithm %d
\n
"
,
ue_context_p
->
ue_context
.
integrity_algorithm
);
/* derive UP security key */
unsigned
char
*
kUPenc_kdf
;
nr_derive_key_up_enc
(
ue_context_p
->
ue_context
.
ciphering_algorithm
,
ue_context_p
->
ue_context
.
kgnb
,
&
kUPenc_kdf
);
/* kUPenc: last 128 bits of key derivation function which returns 256 bits */
kUPenc
=
malloc
(
16
);
if
(
kUPenc
==
NULL
)
exit
(
1
);
memcpy
(
kUPenc
,
kUPenc_kdf
+
16
,
16
);
free
(
kUPenc_kdf
);
e_NR_CipheringAlgorithm
cipher_algo
;
switch
(
ue_context_p
->
ue_context
.
ciphering_algorithm
)
{
case
0
:
cipher_algo
=
NR_CipheringAlgorithm_nea0
;
break
;
case
1
:
cipher_algo
=
NR_CipheringAlgorithm_nea1
;
break
;
case
2
:
cipher_algo
=
NR_CipheringAlgorithm_nea2
;
break
;
case
3
:
cipher_algo
=
NR_CipheringAlgorithm_nea3
;
break
;
default:
LOG_E
(
RRC
,
"%s:%d:%s: fatal
\n
"
,
__FILE__
,
__LINE__
,
__FUNCTION__
);
exit
(
1
);
}
fill_default_rbconfig
(
ue_context_p
->
ue_context
.
rb_config
,
m
->
e_rabs_tobeadded
[
0
].
e_rab_id
,
m
->
e_rabs_tobeadded
[
0
].
drb_ID
,
cipher_algo
,
NR_SecurityConfig__keyToUse_secondary
);
}
fill_default_reconfig
(
carrier
->
servingcellconfigcommon
,
reconfig_ies
,
...
...
@@ -285,10 +357,11 @@ void rrc_add_nsa_user(gNB_RRC_INST *rrc,struct rrc_gNB_ue_context_s *ue_context_
(
NR_SRB_ToAddModList_t
*
)
NULL
,
ue_context_p
->
ue_context
.
rb_config
->
drb_ToAddModList
,
ue_context_p
->
ue_context
.
rb_config
->
drb_ToReleaseList
,
0xff
,
NULL
,
NULL
,
NULL
,
(
ue_context_p
->
ue_context
.
integrity_algorithm
<<
4
)
|
ue_context_p
->
ue_context
.
ciphering_algorithm
,
NULL
,
/* kRRCenc - unused */
NULL
,
/* kRRCint - unused */
kUPenc
,
/* kUPenc */
NULL
,
/* kUPint - unused */
NULL
,
NULL
,
ue_context_p
->
ue_context
.
secondaryCellGroup
->
rlc_BearerToAddModList
);
...
...
openair2/RRC/NR/rrc_gNB_reconfig.c
View file @
accae671
...
...
@@ -1329,7 +1329,10 @@ void fill_default_reconfig(NR_ServingCellConfigCommon_t *servingcellconfigcommon
reconfig
->
nonCriticalExtension
=
NULL
;
}
void
fill_default_rbconfig
(
NR_RadioBearerConfig_t
*
rbconfig
)
{
void
fill_default_rbconfig
(
NR_RadioBearerConfig_t
*
rbconfig
,
int
eps_bearer_id
,
int
rb_id
,
e_NR_CipheringAlgorithm
ciphering_algorithm
,
e_NR_SecurityConfig__keyToUse
key_to_use
)
{
rbconfig
->
srb_ToAddModList
=
NULL
;
rbconfig
->
srb3_ToRelease
=
NULL
;
...
...
@@ -1337,8 +1340,8 @@ void fill_default_rbconfig(NR_RadioBearerConfig_t *rbconfig) {
NR_DRB_ToAddMod_t
*
drb_ToAddMod
=
calloc
(
1
,
sizeof
(
*
drb_ToAddMod
));
drb_ToAddMod
->
cnAssociation
=
calloc
(
1
,
sizeof
(
*
drb_ToAddMod
->
cnAssociation
));
drb_ToAddMod
->
cnAssociation
->
present
=
NR_DRB_ToAddMod__cnAssociation_PR_eps_BearerIdentity
;
drb_ToAddMod
->
cnAssociation
->
choice
.
eps_BearerIdentity
=
5
;
drb_ToAddMod
->
drb_Identity
=
1
;
drb_ToAddMod
->
cnAssociation
->
choice
.
eps_BearerIdentity
=
eps_bearer_id
;
drb_ToAddMod
->
drb_Identity
=
rb_id
;
drb_ToAddMod
->
reestablishPDCP
=
NULL
;
drb_ToAddMod
->
recoverPDCP
=
NULL
;
drb_ToAddMod
->
pdcp_Config
=
calloc
(
1
,
sizeof
(
*
drb_ToAddMod
->
pdcp_Config
));
...
...
@@ -1367,12 +1370,12 @@ void fill_default_rbconfig(NR_RadioBearerConfig_t *rbconfig) {
rbconfig
->
securityConfig
=
calloc
(
1
,
sizeof
(
*
rbconfig
->
securityConfig
));
rbconfig
->
securityConfig
->
securityAlgorithmConfig
=
calloc
(
1
,
sizeof
(
*
rbconfig
->
securityConfig
->
securityAlgorithmConfig
));
rbconfig
->
securityConfig
->
securityAlgorithmConfig
->
cipheringAlgorithm
=
NR_CipheringAlgorithm_nea0
;
rbconfig
->
securityConfig
->
securityAlgorithmConfig
->
cipheringAlgorithm
=
ciphering_algorithm
;
rbconfig
->
securityConfig
->
securityAlgorithmConfig
->
integrityProtAlgorithm
=
NULL
;
rbconfig
->
securityConfig
->
keyToUse
=
calloc
(
1
,
sizeof
(
*
rbconfig
->
securityConfig
->
keyToUse
));
*
rbconfig
->
securityConfig
->
keyToUse
=
NR_SecurityConfig__keyToUse_master
;
*
rbconfig
->
securityConfig
->
keyToUse
=
key_to_use
;
xer_fprint
(
stdout
,
&
asn_DEF_NR_RadioBearerConfig
,
(
const
void
*
)
rbconfig
);
//
xer_fprint(stdout, &asn_DEF_NR_RadioBearerConfig, (const void*)rbconfig);
}
/* Function to set or overwrite PTRS DL RRC parameters */
void
rrc_config_dl_ptrs_params
(
NR_BWP_Downlink_t
*
bwp
,
int
*
ptrsNrb
,
int
*
ptrsMcs
,
int
*
epre_Ratio
,
int
*
reOffset
)
...
...
openair2/RRC/NR_UE/rrc_UE.c
View file @
accae671
...
...
@@ -186,7 +186,8 @@ extern boolean_t nr_rrc_pdcp_config_asn1_req(
const
uint8_t
security_modeP
,
uint8_t
*
const
kRRCenc
,
uint8_t
*
const
kRRCint
,
uint8_t
*
const
kUPenc
uint8_t
*
const
kUPenc
,
uint8_t
*
const
kUPint
#if (LTE_RRC_VERSION >= MAKE_VERSION(9, 0, 0))
,
LTE_PMCH_InfoList_r9_t
*
pmch_InfoList_r9
#endif
...
...
@@ -2085,6 +2086,7 @@ nr_sa_rrc_ue_process_radioBearerConfig(
// NULL,
// NULL,
// NULL,
// NULL,
// NULL);
// Refresh SRBs
// nr_rrc_rlc_config_asn1_req(ctxt_pP,
...
...
@@ -2176,6 +2178,7 @@ nr_sa_rrc_ue_process_radioBearerConfig(
// NULL,
// kUPenc,
// NULL,
// NULL,
// NR_UE_rrc_inst[ctxt_pP->module_id].defaultDRB,
// NULL);
// Refresh DRBs
...
...
openair2/UTIL/OSA/osa_defs.h
View file @
accae671
...
...
@@ -53,6 +53,8 @@ typedef enum {
//int derive_keNB(const uint8_t kasme[32], const uint32_t nas_count, uint8_t **keNB);
int
derive_skgNB
(
const
uint8_t
*
keNB
,
const
uint16_t
sk_counter
,
uint8_t
*
skgNB
);
int
derive_key
(
algorithm_type_dist_t
nas_alg_type
,
uint8_t
nas_enc_alg_id
,
const
uint8_t
key
[
32
],
uint8_t
**
out
);
int
nr_derive_key
(
algorithm_type_dist_t
alg_type
,
uint8_t
alg_id
,
...
...
openair2/UTIL/OSA/osa_key_deriver.c
View file @
accae671
...
...
@@ -159,3 +159,27 @@ int derive_keNB(const uint8_t key[32], const uint32_t nas_count, uint8_t **keNB)
return 0;
}
*/
int
derive_skgNB
(
const
uint8_t
*
keNB
,
const
uint16_t
sk_counter
,
uint8_t
*
skgNB
)
{
uint8_t
*
out
;
uint8_t
s
[
5
];
/* FC is 0x1c (see 3gpp 33.401 annex A.15) */
s
[
0
]
=
0x1c
;
/* put sk_counter */
s
[
1
]
=
(
sk_counter
>>
8
)
&
0xff
;
s
[
2
]
=
sk_counter
&
0xff
;
/* put length of sk_counter (2) */
s
[
3
]
=
0x00
;
s
[
4
]
=
0x02
;
kdf
(
s
,
5
,
keNB
,
32
,
&
out
,
32
);
memcpy
(
skgNB
,
out
,
32
);
free
(
out
);
return
0
;
}
openair3/S1AP/s1ap_eNB_handlers.c
View file @
accae671
...
...
@@ -864,22 +864,36 @@ int s1ap_eNB_handle_initial_context_request(uint32_t assoc_id,
BIT_STRING_to_uint16
(
&
ie
->
value
.
choice
.
UESecurityCapabilities
.
encryptionAlgorithms
);
S1AP_INITIAL_CONTEXT_SETUP_REQ
(
message_p
).
security_capabilities
.
integrity_algorithms
=
BIT_STRING_to_uint16
(
&
ie
->
value
.
choice
.
UESecurityCapabilities
.
integrityProtectionAlgorithms
);
/* id-SecurityKey : Copy the security key */
}
else
{
/* ie != NULL */
return
-
1
;
}
/* id-SecurityKey : Copy the security key */
S1AP_FIND_PROTOCOLIE_BY_ID
(
S1AP_InitialContextSetupRequestIEs_t
,
ie
,
container
,
S1AP_ProtocolIE_ID_id_SecurityKey
,
true
);
if
(
ie
!=
NULL
)
{
/* checked by macro but cppcheck doesn't see it */
memcpy
(
&
S1AP_INITIAL_CONTEXT_SETUP_REQ
(
message_p
).
security_key
,
ie
->
value
.
choice
.
SecurityKey
.
buf
,
ie
->
value
.
choice
.
SecurityKey
.
size
);
itti_send_msg_to_task
(
TASK_RRC_ENB
,
ue_desc_p
->
eNB_instance
->
instance
,
message_p
);
}
else
{
/* ie != NULL */
return
-
1
;
}
/* id-NRUESecurityCapabilities */
S1AP_FIND_PROTOCOLIE_BY_ID
(
S1AP_InitialContextSetupRequestIEs_t
,
ie
,
container
,
S1AP_ProtocolIE_ID_id_NRUESecurityCapabilities
,
false
);
if
(
ie
!=
NULL
)
{
S1AP_INITIAL_CONTEXT_SETUP_REQ
(
message_p
).
nr_security_capabilities
.
encryption_algorithms
=
BIT_STRING_to_uint16
(
&
ie
->
value
.
choice
.
NRUESecurityCapabilities
.
nRencryptionAlgorithms
);
S1AP_INITIAL_CONTEXT_SETUP_REQ
(
message_p
).
nr_security_capabilities
.
integrity_algorithms
=
BIT_STRING_to_uint16
(
&
ie
->
value
.
choice
.
NRUESecurityCapabilities
.
nRintegrityProtectionAlgorithms
);
}
else
{
S1AP_INITIAL_CONTEXT_SETUP_REQ
(
message_p
).
nr_security_capabilities
.
encryption_algorithms
=
0
;
S1AP_INITIAL_CONTEXT_SETUP_REQ
(
message_p
).
nr_security_capabilities
.
integrity_algorithms
=
0
;
}
itti_send_msg_to_task
(
TASK_RRC_ENB
,
ue_desc_p
->
eNB_instance
->
instance
,
message_p
);
return
0
;
}
...
...
targets/PROJECTS/GENERIC-LTE-EPC/CONF/testing_gnb.conf
View file @
accae671
...
...
@@ -278,6 +278,18 @@ THREAD_STRUCT = (
}
);
security
= {
# preferred ciphering algorithms
# the first one of the list that an UE supports in chosen
# valid values: nea0, nea1, nea2, nea3
ciphering_algorithms
= (
"nea0"
,
"nea2"
);
# preferred integrity algorithms
# the first one of the list that an UE supports in chosen
# valid values: nia0, nia1, nia2, nia3
integrity_algorithms
= (
"nia0"
);
};
log_config
:
{
global_log_level
=
"info"
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment