srsue/extnas: move EEA/EIA API from 'nas' to 'nas_base'

This way 'nas_ext' would also be able to use it.
extnas/release_20_10
Vadim Yanitskiy 2 years ago
parent b594b15e79
commit 19ed00e9bb
  1. 48
      srsue/hdr/stack/upper/nas.h
  2. 1
      srsue/hdr/stack/upper/nas_ext.h
  3. 22
      srsue/src/stack/upper/nas.cc
  4. 6
      srsue/src/stack/upper/nas_ext.cc

@ -66,6 +66,31 @@ protected:
// PCAP
srslte::nas_pcap* pcap = nullptr;
// Security context
uint8_t k_nas_enc[32] = { };
uint8_t k_nas_int[32] = { };
struct nas_sec_ctxt {
uint8_t ksi;
uint8_t k_asme[32];
uint32_t tx_count;
uint32_t rx_count;
uint32_t k_enb_count;
srslte::CIPHERING_ALGORITHM_ID_ENUM cipher_algo;
srslte::INTEGRITY_ALGORITHM_ID_ENUM integ_algo;
LIBLTE_MME_EPS_MOBILE_ID_GUTI_STRUCT guti;
} ctxt = { };
void integrity_generate(uint8_t* key_128, uint32_t count, uint8_t direction,
uint8_t* msg, uint32_t msg_len, uint8_t* mac);
bool integrity_check(srslte::byte_buffer_t* pdu);
void cipher_encrypt(srslte::byte_buffer_t* pdu);
void cipher_decrypt(srslte::byte_buffer_t* pdu);
void set_k_enb_count(uint32_t count);
uint32_t get_k_enb_count();
};
class nas : public nas_base
@ -83,7 +108,6 @@ public:
bool paging(srslte::s_tmsi_t* ue_identity) override;
void set_barring(srslte::barring_t barring) override;
void write_pdu(uint32_t lcid, srslte::unique_byte_buffer_t pdu) override;
uint32_t get_k_enb_count() override;
bool is_attached() override;
bool get_k_asme(uint8_t* k_asme_, uint32_t n) override;
uint32_t get_ipv4_addr() override;
@ -113,18 +137,6 @@ private:
std::vector<srslte::plmn_id_t> known_plmns;
// Security context
struct nas_sec_ctxt {
uint8_t ksi;
uint8_t k_asme[32];
uint32_t tx_count;
uint32_t rx_count;
uint32_t k_enb_count;
srslte::CIPHERING_ALGORITHM_ID_ENUM cipher_algo;
srslte::INTEGRITY_ALGORITHM_ID_ENUM integ_algo;
LIBLTE_MME_EPS_MOBILE_ID_GUTI_STRUCT guti;
};
typedef enum { DEFAULT_EPS_BEARER = 0, DEDICATED_EPS_BEARER } eps_bearer_type_t;
typedef struct {
@ -139,7 +151,6 @@ private:
bool have_guti = false;
bool have_ctxt = false;
nas_sec_ctxt ctxt = {};
bool auth_request = false;
uint8_t current_sec_hdr = LIBLTE_MME_SECURITY_HDR_TYPE_PLAIN_NAS;
@ -175,8 +186,6 @@ private:
// Security
bool eia_caps[8] = {};
bool eea_caps[8] = {};
uint8_t k_nas_enc[32] = {};
uint8_t k_nas_int[32] = {};
// Airplane mode simulation
typedef enum { DISABLED = 0, ENABLED } airplane_mode_state_t;
@ -187,16 +196,9 @@ private:
bool running = false;
void
integrity_generate(uint8_t* key_128, uint32_t count, uint8_t direction, uint8_t* msg, uint32_t msg_len, uint8_t* mac);
bool integrity_check(srslte::byte_buffer_t* pdu);
void cipher_encrypt(srslte::byte_buffer_t* pdu);
void cipher_decrypt(srslte::byte_buffer_t* pdu);
int apply_security_config(srslte::unique_byte_buffer_t& pdu, uint8_t sec_hdr_type);
void reset_security_context();
void set_k_enb_count(uint32_t count);
bool check_cap_replay(LIBLTE_MME_UE_SECURITY_CAPABILITIES_STRUCT* caps);
void select_plmn();

@ -58,7 +58,6 @@ public:
bool paging(srslte::s_tmsi_t* ue_identity);
void set_barring(srslte::barring_t barring);
void write_pdu(uint32_t lcid, srslte::unique_byte_buffer_t pdu);
uint32_t get_k_enb_count();
bool is_attached();
bool get_k_asme(uint8_t* k_asme_, uint32_t n);
uint32_t get_ipv4_addr();

@ -713,14 +713,14 @@ void nas::write_pdu(uint32_t lcid, unique_byte_buffer_t pdu)
}
}
void nas::set_k_enb_count(uint32_t count)
void nas_base::set_k_enb_count(uint32_t count)
{
// UL count for RRC key derivation depends on UL Count of the Attach Request or Service Request.
// On the case of an Authentication Request, the UL count used to generate K_enb must be reset to zero.
ctxt.k_enb_count = count;
}
uint32_t nas::get_k_enb_count()
uint32_t nas_base::get_k_enb_count()
{
return ctxt.k_enb_count;
}
@ -768,12 +768,12 @@ void nas_base::start_pcap(srslte::nas_pcap* pcap_)
* Security
******************************************************************************/
void nas::integrity_generate(uint8_t* key_128,
uint32_t count,
uint8_t direction,
uint8_t* msg,
uint32_t msg_len,
uint8_t* mac)
void nas_base::integrity_generate(uint8_t* key_128,
uint32_t count,
uint8_t direction,
uint8_t* msg,
uint32_t msg_len,
uint8_t* mac)
{
switch (ctxt.integ_algo) {
case INTEGRITY_ALGORITHM_ID_EIA0:
@ -812,7 +812,7 @@ void nas::integrity_generate(uint8_t* key_128,
// This function depends to a valid k_nas_int.
// This key is generated in the security mode command.
bool nas::integrity_check(byte_buffer_t* pdu)
bool nas_base::integrity_check(byte_buffer_t* pdu)
{
if (pdu == nullptr) {
nas_log->error("Invalid PDU\n");
@ -866,7 +866,7 @@ bool nas::integrity_check(byte_buffer_t* pdu)
}
}
void nas::cipher_encrypt(byte_buffer_t* pdu)
void nas_base::cipher_encrypt(byte_buffer_t* pdu)
{
byte_buffer_t pdu_tmp;
switch (ctxt.cipher_algo) {
@ -908,7 +908,7 @@ void nas::cipher_encrypt(byte_buffer_t* pdu)
}
}
void nas::cipher_decrypt(byte_buffer_t* pdu)
void nas_base::cipher_decrypt(byte_buffer_t* pdu)
{
byte_buffer_t tmp_pdu;
switch (ctxt.cipher_algo) {

@ -387,12 +387,6 @@ void nas_ext::write_pdu(uint32_t lcid, srslte::unique_byte_buffer_t pdu)
iface->write(msg);
}
uint32_t nas_ext::get_k_enb_count()
{
// FIXME: we probably need to maintain a security context
return 0; // return a dummy value for now
}
bool nas_ext::is_attached()
{
// FIXME: we probably need to maintain the state

Loading…
Cancel
Save