forked from acouzens/open5gs
X2 HO done
This commit is contained in:
Sukchan Lee
parent
f6a1944d36
commit
26386703d3
|
|
@ -54,7 +54,11 @@ void emm_handle_attach_request(
|
|||
CLEAR_EPS_BEARER_ID(mme_ue);
|
||||
CLEAR_PAGING_INFO(mme_ue);
|
||||
if (SECURITY_CONTEXT_IS_VALID(mme_ue))
|
||||
{
|
||||
mme_kdf_enb(mme_ue->kasme, mme_ue->ul_count.i32, mme_ue->kenb);
|
||||
mme_kdf_nh(mme_ue->kasme, mme_ue->kenb, mme_ue->nh);
|
||||
mme_ue->nhcc = 1;
|
||||
}
|
||||
|
||||
/* Set EPS Attach Type */
|
||||
memcpy(&mme_ue->nas_eps.attach, eps_attach_type,
|
||||
|
|
@ -405,7 +409,11 @@ void emm_handle_service_request(
|
|||
*/
|
||||
CLEAR_PAGING_INFO(mme_ue);
|
||||
if (SECURITY_CONTEXT_IS_VALID(mme_ue))
|
||||
{
|
||||
mme_kdf_enb(mme_ue->kasme, mme_ue->ul_count.i32, mme_ue->kenb);
|
||||
mme_kdf_nh(mme_ue->kasme, mme_ue->kenb, mme_ue->nh);
|
||||
mme_ue->nhcc = 1;
|
||||
}
|
||||
|
||||
/* Set EPS Update Type */
|
||||
mme_ue->nas_eps.type = MME_UE_EPS_UPDATE_TYPE;
|
||||
|
|
|
|||
|
|
@ -276,8 +276,12 @@ void emm_state_security_mode(fsm_t *s, event_t *e)
|
|||
|
||||
/* Update Kenb */
|
||||
if (SECURITY_CONTEXT_IS_VALID(mme_ue))
|
||||
{
|
||||
mme_kdf_enb(mme_ue->kasme, mme_ue->ul_count.i32,
|
||||
mme_ue->kenb);
|
||||
mme_kdf_nh(mme_ue->kasme, mme_ue->kenb, mme_ue->nh);
|
||||
mme_ue->nhcc = 1;
|
||||
}
|
||||
|
||||
mme_s6a_send_ulr(mme_ue);
|
||||
FSM_TRAN(s, &emm_state_default_esm);
|
||||
|
|
|
|||
|
|
@ -194,7 +194,6 @@ struct _mme_ue_t {
|
|||
c_uint8_t kasme[SHA256_DIGEST_SIZE];
|
||||
c_uint8_t knas_int[SHA256_DIGEST_SIZE/2];
|
||||
c_uint8_t knas_enc[SHA256_DIGEST_SIZE/2];
|
||||
c_uint8_t kenb[SHA256_DIGEST_SIZE];
|
||||
c_uint32_t dl_count;
|
||||
union {
|
||||
struct {
|
||||
|
|
@ -204,6 +203,13 @@ struct _mme_ue_t {
|
|||
} __attribute__ ((packed));
|
||||
c_uint32_t i32;
|
||||
} ul_count;
|
||||
c_uint8_t kenb[SHA256_DIGEST_SIZE];
|
||||
|
||||
struct {
|
||||
ED2(c_uint8_t nhcc_spare:5;,
|
||||
c_uint8_t nhcc:3;) /* Next Hop Channing Counter */
|
||||
};
|
||||
c_uint8_t nh[SHA256_DIGEST_SIZE]; /* NH Security Key */
|
||||
|
||||
/* defined in 'nas_ies.h'
|
||||
* #define NAS_SECURITY_ALGORITHMS_EIA0 0
|
||||
|
|
|
|||
|
|
@ -36,3 +36,17 @@ void mme_kdf_enb(c_uint8_t *kasme, c_uint32_t ul_count, c_uint8_t *kenb)
|
|||
|
||||
hmac_sha256(kasme, 32, s, 7, kenb, 32);
|
||||
}
|
||||
|
||||
void mme_kdf_nh(c_uint8_t *kasme, c_uint8_t *sync_input, c_uint8_t *kenb)
|
||||
{
|
||||
c_uint8_t s[35];
|
||||
|
||||
s[0] = 0x12; /* FC Value */
|
||||
|
||||
memcpy(s+1, sync_input, 32);
|
||||
|
||||
s[33] = 0x00;
|
||||
s[34] = 0x20;
|
||||
|
||||
hmac_sha256(kasme, 32, s, 35, kenb, 32);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,7 +19,10 @@
|
|||
CORE_DECLARE(void) mme_kdf_nas(c_uint8_t algorithm_type_distinguishers,
|
||||
c_uint8_t algorithm_identity, c_uint8_t *kasme, c_uint8_t *knas);
|
||||
|
||||
CORE_DECLARE(void) mme_kdf_enb(c_uint8_t *kasme, c_uint32_t ul_count,
|
||||
c_uint8_t *kenb);
|
||||
CORE_DECLARE(void) mme_kdf_enb(
|
||||
c_uint8_t *kasme, c_uint32_t ul_count, c_uint8_t *kenb);
|
||||
|
||||
CORE_DECLARE(void) mme_kdf_nh(
|
||||
c_uint8_t *kasme, c_uint8_t *sync_input, c_uint8_t *kenb);
|
||||
|
||||
#endif /* __MME_KDF_H__ */
|
||||
|
|
|
|||
|
|
@ -618,14 +618,14 @@ status_t s1ap_build_path_switch_ack(pkbuf_t **s1apbuf, mme_ue_t *mme_ue)
|
|||
ies->mme_ue_s1ap_id = enb_ue->mme_ue_s1ap_id;
|
||||
ies->eNB_UE_S1AP_ID = enb_ue->enb_ue_s1ap_id;
|
||||
|
||||
ies->securityContext.nextHopChainingCount = 0;
|
||||
ies->securityContext.nextHopChainingCount = mme_ue->nhcc;
|
||||
ies->securityContext.nextHopParameter.size = SHA256_DIGEST_SIZE;
|
||||
ies->securityContext.nextHopParameter.buf =
|
||||
core_calloc(ies->securityContext.nextHopParameter.size,
|
||||
sizeof(c_uint8_t));
|
||||
ies->securityContext.nextHopParameter.bits_unused = 0;
|
||||
memcpy(ies->securityContext.nextHopParameter.buf,
|
||||
mme_ue->kenb, ies->securityContext.nextHopParameter.size);
|
||||
mme_ue->nh, ies->securityContext.nextHopParameter.size);
|
||||
|
||||
message.procedureCode = S1ap_ProcedureCode_id_PathSwitchRequest;
|
||||
message.direction = S1AP_PDU_PR_successfulOutcome;
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@
|
|||
|
||||
#include "mme_event.h"
|
||||
|
||||
#include "mme_kdf.h"
|
||||
#include "s1ap_conv.h"
|
||||
#include "s1ap_path.h"
|
||||
#include "nas_path.h"
|
||||
|
|
@ -609,6 +610,13 @@ void s1ap_handle_path_switch_request(
|
|||
else
|
||||
mme_ue->ue_network_capability.eia0 = eia >> 9;
|
||||
|
||||
{
|
||||
c_uint8_t new_nh[SHA256_DIGEST_SIZE];
|
||||
mme_ue->nhcc++;
|
||||
mme_kdf_nh(mme_ue->kasme, mme_ue->nh, new_nh);
|
||||
memcpy(mme_ue->nh, new_nh, SHA256_DIGEST_SIZE);
|
||||
}
|
||||
|
||||
MODIFY_BEARER_TRANSACTION_BEGIN(mme_ue,
|
||||
MODIFY_BEARER_BY_PATH_SWITCH_REQUEST);
|
||||
|
||||
|
|
@ -642,8 +650,4 @@ void s1ap_handle_path_switch_request(
|
|||
enb_ue->enb_ue_s1ap_id,
|
||||
INET_NTOP(&enb->s1ap_sock->remote.sin_addr.s_addr, buf),
|
||||
enb->enb_id);
|
||||
|
||||
#if 0
|
||||
s1ap_send_path_switch_ack(mme_ue);
|
||||
#endif
|
||||
}
|
||||
|
|
|
|||
|
|
@ -22,6 +22,12 @@ static void handover_test1(abts_case *tc, void *data)
|
|||
int i;
|
||||
int msgindex = 9;
|
||||
|
||||
c_uint8_t tmp[MAX_SDU_LEN];
|
||||
char *_nh1 = "10"
|
||||
"3715a966536b75b4 d46e99774dcdb344 5ce5e893fbbf28f4 9f58508c36f827cc";
|
||||
char *_nh2 = "18"
|
||||
"a29ed36339514717 481992f77f47a9af 934a7b763afcec39 edf5071461db6ae8";
|
||||
|
||||
mongoc_collection_t *collection = NULL;
|
||||
bson_t *doc = NULL;
|
||||
c_int64_t count = 0;
|
||||
|
|
@ -262,6 +268,22 @@ static void handover_test1(abts_case *tc, void *data)
|
|||
recvbuf = pkbuf_alloc(0, MAX_SDU_LEN);
|
||||
rc = tests1ap_enb_read(sock1, recvbuf);
|
||||
ABTS_INT_NEQUAL(tc, 0, rc);
|
||||
ABTS_TRUE(tc, memcmp(recvbuf->payload + 26,
|
||||
CORE_HEX(_nh1, strlen(_nh1), tmp), 33) == 0);
|
||||
pkbuf_free(recvbuf);
|
||||
|
||||
/* Send Path Switch Request */
|
||||
rv = tests1ap_build_path_switch_request(&sendbuf, 1);
|
||||
ABTS_INT_EQUAL(tc, CORE_OK, rv);
|
||||
rv = tests1ap_enb_send(sock2, sendbuf);
|
||||
ABTS_INT_EQUAL(tc, CORE_OK, rv);
|
||||
|
||||
/* Receive Path Switch Ack */
|
||||
recvbuf = pkbuf_alloc(0, MAX_SDU_LEN);
|
||||
rc = tests1ap_enb_read(sock1, recvbuf);
|
||||
ABTS_INT_NEQUAL(tc, 0, rc);
|
||||
ABTS_TRUE(tc, memcmp(recvbuf->payload + 26,
|
||||
CORE_HEX(_nh2, strlen(_nh2), tmp), 33) == 0);
|
||||
pkbuf_free(recvbuf);
|
||||
|
||||
/********** Remove Subscriber in Database */
|
||||
|
|
|
|||
|
|
@ -1115,7 +1115,10 @@ status_t tests1ap_build_path_switch_request(
|
|||
"005d000007000800 0200010016001d01 0017000a0a1f0a01 2db0010000080017"
|
||||
"000a0c1f0a012db0 0100001000580005 c0010001da006440 080000f1103631d6"
|
||||
"20004340060000f1 105ba0006b400518 000c0000009d4007 0000f110000201",
|
||||
"",
|
||||
"0003"
|
||||
"005d000007000800 0200020016001d01 0017000a0a1f0a01 2d83010001080017"
|
||||
"000a0c1f0a012d83 0100011000580005 c0010001da006440 080000f110046153"
|
||||
"80004340060000f1 105ba0006b400518 000c0000009d4007 0000f110000201",
|
||||
"",
|
||||
|
||||
"",
|
||||
|
|
@ -1129,7 +1132,7 @@ status_t tests1ap_build_path_switch_request(
|
|||
};
|
||||
c_uint16_t len[TESTS1AP_MAX_MESSAGE] = {
|
||||
97,
|
||||
0,
|
||||
97,
|
||||
0,
|
||||
|
||||
0,
|
||||
|
|
|
|||
Loading…
Reference in New Issue