sysmocom
/
open5gs
forked from acouzens/open5gs
11
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[NAS] Discard message if Integrity failed (#1848)

This commit is contained in:
Sukchan Lee 2022-10-29 21:31:18 +09:00
parent 78359374ab
commit 243bf9850a
2 changed files with 70 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/amf/gmm-sm.c
View File

@ -797,29 +797,35 @@ void gmm_state_security_mode(ogs_fsm_t *s, amf_event_t *e)
case OGS_NAS_5GS_SECURITY_MODE_COMPLETE:
ogs_debug("[%s] Security mode complete", amf_ue->supi);
CLEAR_AMF_UE_TIMER(amf_ue->t3560);
/* Now, We will check the MAC in the NAS message*/
/*
* TS24.501
* Section 4.4.4.3
* Integrity checking of NAS signalling messages in the AMF
*
* Once the secure exchange of NAS messages has been established
* for the NAS signalling connection, the receiving 5GMM entity
* in the AMF shall not process any NAS signalling messages
* unless they have been successfully integrity checked by the NAS.
* If any NAS signalling message, having not successfully passed
* the integrity check, is received, then the NAS in the AMF shall
* discard that message. If any NAS signalling message is received,
* as not integrity protected even though the secure exchange
* of NAS messages has been established, then the NAS shall discard
* this message.
*/
if (h.integrity_protected == 0) {
ogs_error("[%s] Security-mode : No Integrity Protected",
amf_ue->supi);
ogs_assert(OGS_OK ==
nas_5gs_send_gmm_reject(amf_ue,
OGS_5GMM_CAUSE_SECURITY_MODE_REJECTED_UNSPECIFIED));
OGS_FSM_TRAN(s, &gmm_state_exception);
break;
}
if (!SECURITY_CONTEXT_IS_VALID(amf_ue)) {
ogs_warn("[%s] No Security Context", amf_ue->supi);
ogs_assert(OGS_OK ==
nas_5gs_send_gmm_reject(amf_ue,
OGS_5GMM_CAUSE_SECURITY_MODE_REJECTED_UNSPECIFIED));
OGS_FSM_TRAN(s, &gmm_state_exception);
break;
}
CLEAR_AMF_UE_TIMER(amf_ue->t3560);
gmm_cause = gmm_handle_security_mode_complete(
amf_ue, &nas_message->gmm.security_mode_complete);
if (gmm_cause != OGS_5GMM_CAUSE_REQUEST_ACCEPTED) {

90
src/mme/emm-sm.c
View File

@ -870,26 +870,30 @@ void emm_state_security_mode(ogs_fsm_t *s, mme_event_t *e)
CLEAR_MME_UE_TIMER(mme_ue->t3460);
/* Now, We will check the MAC in the NAS message*/
/*
* TS24.301
* Section 4.4.4.3
* Integrity checking of NAS signalling messages in the MME:
*
* Once the secure exchange of NAS messages has been established
* for the NAS signalling connection, the receiving EMM or ESM entity
* in the MME shall not process any NAS signalling messages
* unless they have been successfully integrity checked by the NAS.
* If any NAS signalling message, having not successfully passed
* the integrity check, is received, then the NAS in the MME shall
* discard that message. If any NAS signalling message is received,
* as not integrity protected even though the secure exchange
* of NAS messages has been established, then the NAS shall discard
* this message.
*/
h.type = e->nas_type;
if (h.integrity_protected == 0) {
ogs_error("[%s] No Integrity Protected", mme_ue->imsi_bcd);
ogs_assert(OGS_OK ==
nas_eps_send_attach_reject(mme_ue,
OGS_NAS_EMM_CAUSE_SECURITY_MODE_REJECTED_UNSPECIFIED,
OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED));
OGS_FSM_TRAN(s, &emm_state_exception);
break;
}
if (!SECURITY_CONTEXT_IS_VALID(mme_ue)) {
ogs_warn("[%s] No Security Context", mme_ue->imsi_bcd);
ogs_assert(OGS_OK ==
nas_eps_send_attach_reject(mme_ue,
OGS_NAS_EMM_CAUSE_SECURITY_MODE_REJECTED_UNSPECIFIED,
OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED));
OGS_FSM_TRAN(s, &emm_state_exception);
break;
}
@ -1038,30 +1042,35 @@ void emm_state_initial_context_setup(ogs_fsm_t *s, mme_event_t *e)
case OGS_NAS_EPS_ATTACH_COMPLETE:
ogs_info("[%s] Attach complete", mme_ue->imsi_bcd);
CLEAR_MME_UE_TIMER(mme_ue->t3450);
/*
* TS24.301
* Section 4.4.4.3
* Integrity checking of NAS signalling messages in the MME:
*
* Once the secure exchange of NAS messages has been established
* for the NAS signalling connection, the receiving EMM or ESM entity
* in the MME shall not process any NAS signalling messages
* unless they have been successfully integrity checked by the NAS.
* If any NAS signalling message, having not successfully passed
* the integrity check, is received, then the NAS in the MME shall
* discard that message. If any NAS signalling message is received,
* as not integrity protected even though the secure exchange
* of NAS messages has been established, then the NAS shall discard
* this message.
*/
h.type = e->nas_type;
if (h.integrity_protected == 0) {
ogs_error("[%s] No Integrity Protected", mme_ue->imsi_bcd);
ogs_assert(OGS_OK ==
nas_eps_send_attach_reject(mme_ue,
OGS_NAS_EMM_CAUSE_SECURITY_MODE_REJECTED_UNSPECIFIED,
OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED));
OGS_FSM_TRAN(s, &emm_state_exception);
break;
}
if (!SECURITY_CONTEXT_IS_VALID(mme_ue)) {
ogs_warn("[%s] No Security Context", mme_ue->imsi_bcd);
ogs_assert(OGS_OK ==
nas_eps_send_attach_reject(mme_ue,
OGS_NAS_EMM_CAUSE_SECURITY_MODE_REJECTED_UNSPECIFIED,
OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED));
OGS_FSM_TRAN(s, &emm_state_exception);
break;
}
CLEAR_MME_UE_TIMER(mme_ue->t3450);
rv = emm_handle_attach_complete(
mme_ue, &message->emm.attach_complete);
if (rv != OGS_OK) {
@ -1085,30 +1094,35 @@ void emm_state_initial_context_setup(ogs_fsm_t *s, mme_event_t *e)
case OGS_NAS_EPS_TRACKING_AREA_UPDATE_COMPLETE:
ogs_debug("[%s] Tracking area update complete", mme_ue->imsi_bcd);
CLEAR_MME_UE_TIMER(mme_ue->t3450);
/*
* TS24.301
* Section 4.4.4.3
* Integrity checking of NAS signalling messages in the MME:
*
* Once the secure exchange of NAS messages has been established
* for the NAS signalling connection, the receiving EMM or ESM entity
* in the MME shall not process any NAS signalling messages
* unless they have been successfully integrity checked by the NAS.
* If any NAS signalling message, having not successfully passed
* the integrity check, is received, then the NAS in the MME shall
* discard that message. If any NAS signalling message is received,
* as not integrity protected even though the secure exchange
* of NAS messages has been established, then the NAS shall discard
* this message.
*/
h.type = e->nas_type;
if (h.integrity_protected == 0) {
ogs_error("[%s] No Integrity Protected", mme_ue->imsi_bcd);
ogs_assert(OGS_OK ==
nas_eps_send_attach_reject(mme_ue,
OGS_NAS_EMM_CAUSE_SECURITY_MODE_REJECTED_UNSPECIFIED,
OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED));
OGS_FSM_TRAN(s, &emm_state_exception);
break;
}
if (!SECURITY_CONTEXT_IS_VALID(mme_ue)) {
ogs_warn("[%s] No Security Context", mme_ue->imsi_bcd);
ogs_assert(OGS_OK ==
nas_eps_send_attach_reject(mme_ue,
OGS_NAS_EMM_CAUSE_SECURITY_MODE_REJECTED_UNSPECIFIED,
OGS_NAS_ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED));
OGS_FSM_TRAN(s, &emm_state_exception);
break;
}
CLEAR_MME_UE_TIMER(mme_ue->t3450);
/* Confirm GUTI */
if (mme_ue->next.m_tmsi)
mme_ue_confirm_guti(mme_ue);