diff --git a/cmake_targets/CMakeLists.txt b/cmake_targets/CMakeLists.txt
index fcaaa9dacb6fd189588698a0d6d6c2bd4ecac8c7..6c176a75c24a1c1945d84791e377d12aed305b59 100644
--- a/cmake_targets/CMakeLists.txt
+++ b/cmake_targets/CMakeLists.txt
@@ -595,7 +595,6 @@ Message("CPU_Affinity flag is ${CPU_AFFINITY}")
##############################################################
# ???!!! TO BE DOCUMENTED OPTIONS !!!???
##############################################################
-add_boolean_option(ENABLE_SECURITY True "Enable LTE integrity and ciphering between RRC UE and eNB")
add_boolean_option(ENABLE_USE_MME True "eNB connected to MME (INTERFACE S1-C), not standalone eNB")
add_boolean_option(NO_RRM True "DO WE HAVE A RADIO RESSOURCE MANAGER: NO")
add_boolean_option(RRC_DEFAULT_RAB_IS_AM False "set the RLC mode to AM for the default bearer")
diff --git a/cmake_targets/epc_test/CMakeLists.template b/cmake_targets/epc_test/CMakeLists.template
index e046bb75391a178a605ed390cbb13a91b05bcbd7..7a097fffb027f81f94a210f50f8ea37939639bee 100644
--- a/cmake_targets/epc_test/CMakeLists.template
+++ b/cmake_targets/epc_test/CMakeLists.template
@@ -9,7 +9,6 @@ set ( EMIT_ASN_DEBUG False )
set ( ENABLE_ITTI True )
set ( ENABLE_NAS_UE_LOGGING True )
set ( ENABLE_NEW_MULTICAST True )
-set ( ENABLE_SECURITY True )
set ( ENABLE_STANDALONE_EPC False)
set ( ENABLE_USE_CPU_EXECUTION_TIME True )
set ( ENABLE_USE_MME True )
diff --git a/cmake_targets/oaisim_build_oai/CMakeLists.template b/cmake_targets/oaisim_build_oai/CMakeLists.template
index 22faac75b5855fd33b2fb6630c5dde36e8fe83a4..cffbddc93c5b5170dcb83896f2af5c90c5ef311a 100644
--- a/cmake_targets/oaisim_build_oai/CMakeLists.template
+++ b/cmake_targets/oaisim_build_oai/CMakeLists.template
@@ -8,7 +8,6 @@ set ( ENABLE_ITTI True )
set ( ENABLE_NAS_UE_LOGGING True )
set ( ENABLE_NEW_MULTICAST True )
set ( ENABLE_RAL False )
-set ( ENABLE_SECURITY True )
set ( ENABLE_STANDALONE_EPC False)
set ( ENABLE_USE_CPU_EXECUTION_TIME True )
set ( ENABLE_USE_MME True )
diff --git a/cmake_targets/oaisim_mme_build_oai/CMakeLists.template b/cmake_targets/oaisim_mme_build_oai/CMakeLists.template
index b18b23ee9abf72e93a74a9d70a9edede932a0b8c..eac29006da6ad83a48c6b3256fbe564fba59ade4 100644
--- a/cmake_targets/oaisim_mme_build_oai/CMakeLists.template
+++ b/cmake_targets/oaisim_mme_build_oai/CMakeLists.template
@@ -8,7 +8,6 @@ set ( ENABLE_ITTI True )
set ( ENABLE_NAS_UE_LOGGING False )
set ( ENABLE_NEW_MULTICAST False )
set ( ENABLE_RAL False )
-set ( ENABLE_SECURITY False )
set ( ENABLE_STANDALONE_EPC False )
set ( ENABLE_USE_CPU_EXECUTION_TIME False )
set ( ENABLE_USE_MME False )
diff --git a/cmake_targets/oaisim_noS1_build_oai/CMakeLists.template b/cmake_targets/oaisim_noS1_build_oai/CMakeLists.template
index bc416cff55fef58c4a19492585c07addd4f60115..343e9280902b4074740fbea0d0fb3b1427394e17 100644
--- a/cmake_targets/oaisim_noS1_build_oai/CMakeLists.template
+++ b/cmake_targets/oaisim_noS1_build_oai/CMakeLists.template
@@ -7,7 +7,6 @@ set ( ENABLE_ITTI True )
set ( ENABLE_NAS_UE_LOGGING False )
set ( ENABLE_NEW_MULTICAST True )
set ( ENABLE_RAL False )
-set ( ENABLE_SECURITY False )
set ( ENABLE_STANDALONE_EPC False)
set ( ENABLE_USE_CPU_EXECUTION_TIME True )
set ( ENABLE_USE_MME False )
diff --git a/cmake_targets/s1c_mme_test/CMakeLists.template b/cmake_targets/s1c_mme_test/CMakeLists.template
index 9f1ff3e36015965cf5403c37472f259f32d29a25..e62df04bc6f345783c35f0d8749a7af523e1e68f 100644
--- a/cmake_targets/s1c_mme_test/CMakeLists.template
+++ b/cmake_targets/s1c_mme_test/CMakeLists.template
@@ -9,7 +9,6 @@ set ( ENABLE_NAS_UE_LOGGING True )
set ( ENABLE_NEW_MULTICAST True )
set ( ENABLE_PDCP_NETLINK_FIFO False )
set ( ENABLE_RAL False )
-set ( ENABLE_SECURITY True )
set ( ENABLE_STANDALONE_EPC False)
set ( ENABLE_USE_CPU_EXECUTION_TIME True )
set ( ENABLE_USE_MME True )
diff --git a/openair2/LAYER2/PDCP_v10.1.0/pdcp.c b/openair2/LAYER2/PDCP_v10.1.0/pdcp.c
index 6e9637fdc99346e713aac980eef3e745451205ca..76e36dca9a0438a951d6718ed30515ead6140656 100644
--- a/openair2/LAYER2/PDCP_v10.1.0/pdcp.c
+++ b/openair2/LAYER2/PDCP_v10.1.0/pdcp.c
@@ -50,9 +50,7 @@
#include "msc.h"
#include "targets/COMMON/openairinterface5g_limits.h"
#include "SIMULATION/ETH_TRANSPORT/proto.h"
-#if defined(ENABLE_SECURITY)
- #include "UTIL/OSA/osa_defs.h"
-#endif
+#include "UTIL/OSA/osa_defs.h"
# include "intertask_interface.h"
@@ -294,8 +292,6 @@ boolean_t pdcp_data_req(
pdcp_pdu_p->data[pdcp_header_len + sdu_buffer_sizeP + i] = 0x00;// pdu_header.mac_i[i];
}
-#if defined(ENABLE_SECURITY)
-
if ((pdcp_p->security_activated != 0) &&
(((pdcp_p->cipheringAlgorithm) != 0) ||
((pdcp_p->integrityProtAlgorithm) != 0))) {
@@ -321,7 +317,6 @@ boolean_t pdcp_data_req(
}
}
-#endif
/* Print octets of outgoing data in hexadecimal form */
LOG_D(PDCP, "Following content with size %d will be sent over RLC (PDCP PDU header is the first two bytes)\n",
pdcp_pdu_size);
@@ -442,6 +437,10 @@ pdcp_data_ind(
uint16_t pdcp_uid=0;
MessageDef *message_p = NULL;
uint8_t *gtpu_buffer_p = NULL;
+ uint32_t rx_hfn_for_count;
+ int pdcp_sn_for_count;
+ int security_ok;
+
VCD_SIGNAL_DUMPER_DUMP_FUNCTION_BY_NAME(VCD_SIGNAL_DUMPER_FUNCTIONS_PDCP_DATA_IND,VCD_FUNCTION_IN);
LOG_DUMPMSG(PDCP,DEBUG_PDCP,(char *)sdu_buffer_pP->data,sdu_buffer_sizeP,
"[MSG] PDCP UL %s PDU on rb_id %d\n", (srb_flagP)? "CONTROL" : "DATA", rb_idP);
@@ -529,10 +528,10 @@ pdcp_data_ind(
} else { // DRB
pdcp_tailer_len = 0;
- if (pdcp_p->seq_num_size == PDCP_SN_7BIT) {
+ if (pdcp_p->seq_num_size == 7) {
pdcp_header_len = PDCP_USER_PLANE_DATA_PDU_SHORT_SN_HEADER_SIZE;
sequence_number = pdcp_get_sequence_number_of_pdu_with_short_sn((unsigned char *)sdu_buffer_pP->data);
- } else if (pdcp_p->seq_num_size == PDCP_SN_12BIT) {
+ } else if (pdcp_p->seq_num_size == 12) {
pdcp_header_len = PDCP_USER_PLANE_DATA_PDU_LONG_SN_HEADER_SIZE;
sequence_number = pdcp_get_sequence_number_of_pdu_with_long_sn((unsigned char *)sdu_buffer_pP->data);
} else {
@@ -541,6 +540,7 @@ pdcp_data_ind(
PROTOCOL_PDCP_CTXT_FMT"wrong sequence number (%d) for this pdcp entity \n",
PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP, pdcp_p),
pdcp_p->seq_num_size);
+ exit(1);
}
//uint8_t dc = pdcp_get_dc_filed((unsigned char*)sdu_buffer_pP->data);
@@ -566,6 +566,8 @@ pdcp_data_ind(
return FALSE;
}
+#if 0
+ /* Removed by Cedric */
if (pdcp_is_rx_seq_number_valid(sequence_number, pdcp_p, srb_flagP) == TRUE) {
LOG_T(PDCP, "Incoming PDU has a sequence number (%d) in accordance with RX window\n", sequence_number);
/* if (dc == PDCP_DATA_PDU )
@@ -586,10 +588,18 @@ pdcp_data_ind(
free_mem_block(sdu_buffer_pP, __func__);
return FALSE;
}
+#endif
// SRB1/2: control-plane data
if (srb_flagP) {
-#if defined(ENABLE_SECURITY)
+ /* process as described in 36.323 5.1.2.2 */
+ if (sequence_number < pdcp_p->next_pdcp_rx_sn) {
+ rx_hfn_for_count = pdcp_p->rx_hfn + 1;
+ pdcp_sn_for_count = sequence_number;
+ } else {
+ rx_hfn_for_count = pdcp_p->rx_hfn;
+ pdcp_sn_for_count = sequence_number;
+ }
if (pdcp_p->security_activated == 1) {
if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
@@ -598,23 +608,45 @@ pdcp_data_ind(
start_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
}
- pdcp_validate_security(ctxt_pP,
- pdcp_p,
- srb_flagP,
- rb_idP,
- pdcp_header_len,
- sequence_number,
- sdu_buffer_pP->data,
- sdu_buffer_sizeP - pdcp_tailer_len);
+ security_ok = pdcp_validate_security(ctxt_pP,
+ pdcp_p,
+ srb_flagP,
+ rb_idP,
+ pdcp_header_len,
+ rx_hfn_for_count,
+ pdcp_sn_for_count,
+ sdu_buffer_pP->data,
+ sdu_buffer_sizeP - pdcp_tailer_len) == 0;
if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
stop_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security);
} else {
stop_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
}
+ } else {
+ security_ok = 1;
+ }
+
+ if (security_ok == 0) {
+ LOG_W(PDCP,
+ PROTOCOL_PDCP_CTXT_FMT"security not validated for incoming PDCP SRB PDU\n",
+ PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP, pdcp_p));
+ LOG_W(PDCP, "Ignoring PDU...\n");
+ free_mem_block(sdu_buffer_pP, __func__);
+ /* TODO: indicate integrity verification failure to upper layer */
+ return FALSE;
+ }
+
+ if (sequence_number < pdcp_p->next_pdcp_rx_sn)
+ pdcp_p->rx_hfn++;
+
+ pdcp_p->next_pdcp_rx_sn = sequence_number + 1;
+
+ if (pdcp_p->next_pdcp_rx_sn > pdcp_p->maximum_pdcp_rx_sn) {
+ pdcp_p->next_pdcp_rx_sn = 0;
+ pdcp_p->rx_hfn++;
}
-#endif
//rrc_lite_data_ind(module_id, //Modified MW - L2 Interface
MSC_LOG_TX_MESSAGE(
(ctxt_pP->enb_flag == ENB_FLAG_NO)? MSC_PDCP_UE:MSC_PDCP_ENB,
@@ -638,40 +670,168 @@ pdcp_data_ind(
VCD_SIGNAL_DUMPER_DUMP_FUNCTION_BY_NAME(VCD_SIGNAL_DUMPER_FUNCTIONS_PDCP_DATA_IND,VCD_FUNCTION_OUT);
return TRUE;
- }
+ } /* if (srb_flagP) */
/*
* DRBs
*/
payload_offset=pdcp_header_len;// PDCP_USER_PLANE_DATA_PDU_LONG_SN_HEADER_SIZE;
-#if defined(ENABLE_SECURITY)
- if (pdcp_p->security_activated == 1) {
- if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
- start_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security);
+ switch (pdcp_p->rlc_mode) {
+ case RLC_MODE_AM: {
+ /* process as described in 36.323 5.1.2.1.2 */
+ int reordering_window;
+
+ if (pdcp_p->seq_num_size == 7)
+ reordering_window = REORDERING_WINDOW_SN_7BIT;
+ else
+ reordering_window = REORDERING_WINDOW_SN_12BIT;
+
+ if (sequence_number - pdcp_p->last_submitted_pdcp_rx_sn > reordering_window ||
+ (pdcp_p->last_submitted_pdcp_rx_sn - sequence_number >= 0 &&
+ pdcp_p->last_submitted_pdcp_rx_sn - sequence_number < reordering_window)) {
+ /* TODO: specs say to decipher and do header decompression */
+ LOG_W(PDCP,
+ PROTOCOL_PDCP_CTXT_FMT"discard PDU, out of\n",
+ PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP, pdcp_p));
+ LOG_W(PDCP, "Ignoring PDU...\n");
+ free_mem_block(sdu_buffer_pP, __func__);
+ /* TODO: indicate integrity verification failure to upper layer */
+ return FALSE;
+
+ } else if (pdcp_p->next_pdcp_rx_sn - sequence_number > reordering_window) {
+ pdcp_p->rx_hfn++;
+ rx_hfn_for_count = pdcp_p->rx_hfn;
+ pdcp_sn_for_count = sequence_number;
+ pdcp_p->next_pdcp_rx_sn = sequence_number + 1;
+
+ } else if (sequence_number - pdcp_p->next_pdcp_rx_sn >= reordering_window) {
+ rx_hfn_for_count = pdcp_p->rx_hfn - 1;
+ pdcp_sn_for_count = sequence_number;
+
+ } else if (sequence_number >= pdcp_p->next_pdcp_rx_sn) {
+ rx_hfn_for_count = pdcp_p->rx_hfn;
+ pdcp_sn_for_count = sequence_number;
+ pdcp_p->next_pdcp_rx_sn = sequence_number + 1;
+ if (pdcp_p->next_pdcp_rx_sn > pdcp_p->maximum_pdcp_rx_sn) {
+ pdcp_p->next_pdcp_rx_sn = 0;
+ pdcp_p->rx_hfn++;
+ }
+
+ } else { /* sequence_number < pdcp_p->next_pdcp_rx_sn */
+ rx_hfn_for_count = pdcp_p->rx_hfn;
+ pdcp_sn_for_count = sequence_number;
+ }
+
+ if (pdcp_p->security_activated == 1) {
+ if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
+ start_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security);
+ } else {
+ start_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
+ }
+
+ security_ok = pdcp_validate_security(ctxt_pP,
+ pdcp_p,
+ srb_flagP,
+ rb_idP,
+ pdcp_header_len,
+ rx_hfn_for_count,
+ pdcp_sn_for_count,
+ sdu_buffer_pP->data,
+ sdu_buffer_sizeP - pdcp_tailer_len) == 0;
+
+ if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
+ stop_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security);
+ } else {
+ stop_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
+ }
} else {
- start_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
+ security_ok = 1;
}
- pdcp_validate_security(
- ctxt_pP,
- pdcp_p,
- srb_flagP,
- rb_idP,
- pdcp_header_len,
- sequence_number,
- sdu_buffer_pP->data,
- sdu_buffer_sizeP - pdcp_tailer_len);
+ if (security_ok == 0) {
+ LOG_W(PDCP,
+ PROTOCOL_PDCP_CTXT_FMT"security not validated for incoming PDPC DRB RLC/AM PDU\n",
+ PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP, pdcp_p));
+ LOG_W(PDCP, "Ignoring PDU...\n");
+ free_mem_block(sdu_buffer_pP, __func__);
+ /* TODO: indicate integrity verification failure to upper layer */
+ return FALSE;
+ }
- if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
- stop_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security);
+ /* TODO: specs say we have to store this PDU in a list and then deliver
+ * stored packets to upper layers according to a well defined
+ * procedure. The code below that deals with delivery is today
+ * too complex to do this properly, so we only send the current
+ * received packet. This is not correct and has to be fixed
+ * some day.
+ * In the meantime, let's pretend the last submitted PDCP SDU
+ * is the current one.
+ * TODO: we also have to deal with re-establishment PDU (control PDUs)
+ * that contain no SDU.
+ */
+
+ pdcp_p->last_submitted_pdcp_rx_sn = sequence_number;
+
+ break;
+ } /* case RLC_MODE_AM */
+
+ case RLC_MODE_UM:
+ /* process as described in 36.323 5.1.2.1.3 */
+ if (sequence_number < pdcp_p->next_pdcp_rx_sn) {
+ pdcp_p->rx_hfn++;
+ }
+ rx_hfn_for_count = pdcp_p->rx_hfn;
+ pdcp_sn_for_count = sequence_number;
+ pdcp_p->next_pdcp_rx_sn = sequence_number + 1;
+ if (pdcp_p->next_pdcp_rx_sn > pdcp_p->maximum_pdcp_rx_sn) {
+ pdcp_p->next_pdcp_rx_sn = 0;
+ pdcp_p->rx_hfn++;
+ }
+
+ if (pdcp_p->security_activated == 1) {
+ if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
+ start_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security);
+ } else {
+ start_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
+ }
+
+ security_ok = pdcp_validate_security(ctxt_pP,
+ pdcp_p,
+ srb_flagP,
+ rb_idP,
+ pdcp_header_len,
+ rx_hfn_for_count,
+ pdcp_sn_for_count,
+ sdu_buffer_pP->data,
+ sdu_buffer_sizeP - pdcp_tailer_len) == 0;
+
+ if (ctxt_pP->enb_flag == ENB_FLAG_NO) {
+ stop_meas(&eNB_pdcp_stats[ctxt_pP->module_id].validate_security);
+ } else {
+ stop_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
+ }
} else {
- stop_meas(&UE_pdcp_stats[ctxt_pP->module_id].validate_security);
+ security_ok = 1;
}
- }
-#endif
- } else {
+ if (security_ok == 0) {
+ LOG_W(PDCP,
+ PROTOCOL_PDCP_CTXT_FMT"security not validated for incoming PDPC DRB RLC/UM PDU\n",
+ PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP, pdcp_p));
+ LOG_W(PDCP, "Ignoring PDU...\n");
+ free_mem_block(sdu_buffer_pP, __func__);
+ /* TODO: indicate integrity verification failure to upper layer */
+ return FALSE;
+ }
+
+ break;
+
+ default:
+ LOG_E(PDCP, "bad RLC mode, cannot happen.\n");
+ exit(1);
+ } /* switch (pdcp_p->rlc_mode) */
+ } else { /* MBMS_flagP == 0 */
payload_offset=0;
}
@@ -1536,22 +1696,23 @@ pdcp_config_req_asn1 (
pdcp_pP->status_report = rb_reportP;
if (rb_snP == LTE_PDCP_Config__rlc_UM__pdcp_SN_Size_len12bits) {
- pdcp_pP->seq_num_size = PDCP_SN_12BIT;
+ pdcp_pP->seq_num_size = 12;
+ pdcp_pP->maximum_pdcp_rx_sn = (1 << 12) - 1;
} else if (rb_snP == LTE_PDCP_Config__rlc_UM__pdcp_SN_Size_len7bits) {
- pdcp_pP->seq_num_size = PDCP_SN_7BIT;
+ pdcp_pP->seq_num_size = 7;
+ pdcp_pP->maximum_pdcp_rx_sn = (1 << 7) - 1;
} else {
- pdcp_pP->seq_num_size = PDCP_SN_5BIT;
+ pdcp_pP->seq_num_size = 5;
+ pdcp_pP->maximum_pdcp_rx_sn = (1 << 5) - 1;
}
pdcp_pP->rlc_mode = rlc_modeP;
pdcp_pP->next_pdcp_tx_sn = 0;
pdcp_pP->next_pdcp_rx_sn = 0;
- pdcp_pP->next_pdcp_rx_sn_before_integrity = 0;
pdcp_pP->tx_hfn = 0;
pdcp_pP->rx_hfn = 0;
pdcp_pP->last_submitted_pdcp_rx_sn = 4095;
pdcp_pP->first_missing_pdu = -1;
- pdcp_pP->rx_hfn_offset = 0;
LOG_I(PDCP, PROTOCOL_PDCP_CTXT_FMT" Action ADD LCID %d (%s id %d) "
"configured with SN size %d bits and RLC %s\n",
PROTOCOL_PDCP_CTXT_ARGS(ctxt_pP,pdcp_pP),
diff --git a/openair2/LAYER2/PDCP_v10.1.0/pdcp.h b/openair2/LAYER2/PDCP_v10.1.0/pdcp.h
index 2b2ce39401d89729d7b7ec838845905172e7cbda..8f30608cd8a8504a21953606834aaa0279227f1a 100644
--- a/openair2/LAYER2/PDCP_v10.1.0/pdcp.h
+++ b/openair2/LAYER2/PDCP_v10.1.0/pdcp.h
@@ -177,13 +177,12 @@ typedef struct pdcp_s {
*/
pdcp_sn_t next_pdcp_tx_sn;
pdcp_sn_t next_pdcp_rx_sn;
- pdcp_sn_t next_pdcp_rx_sn_before_integrity;
+ pdcp_sn_t maximum_pdcp_rx_sn;
/*
* TX and RX Hyper Frame Numbers
*/
pdcp_hfn_t tx_hfn;
pdcp_hfn_t rx_hfn;
- pdcp_hfn_offset_t rx_hfn_offset; // related to sn mismatch
/*
* SN of the last PDCP SDU delivered to upper layers
@@ -488,14 +487,6 @@ typedef struct {
#define REORDERING_WINDOW_SN_7BIT 64
#define REORDERING_WINDOW_SN_12BIT 2048
-/*
- * SN size
- */
-#define PDCP_SN_5BIT 5
-#define PDCP_SN_7BIT 7
-#define PDCP_SN_12BIT 12
-
-
signed int pdcp_2_nas_irq;
pdcp_stats_t UE_pdcp_stats[MAX_MOBILES_PER_ENB];
pdcp_stats_t eNB_pdcp_stats[NUMBER_OF_eNB_MAX];
diff --git a/openair2/LAYER2/PDCP_v10.1.0/pdcp_primitives.h b/openair2/LAYER2/PDCP_v10.1.0/pdcp_primitives.h
index 8e57f84b0a9e9fa86ec72144b219a2b9714304f3..8b5ebe7287c52ddbb15409edceec218569127b0d 100644
--- a/openair2/LAYER2/PDCP_v10.1.0/pdcp_primitives.h
+++ b/openair2/LAYER2/PDCP_v10.1.0/pdcp_primitives.h
@@ -173,7 +173,6 @@ int pdcp_netlink_dequeue_element(const protocol_ctxt_t* const ctxt_pP,
void pdcp_config_set_security(const protocol_ctxt_t* const ctxt_pP, pdcp_t *pdcp_pP, rb_id_t rb_idP,
uint16_t lc_idP, uint8_t security_modeP, uint8_t *kRRCenc_pP, uint8_t *kRRCint_pP, uint8_t *kUPenc_pP);
-#if defined(ENABLE_SECURITY)
int pdcp_apply_security(const protocol_ctxt_t* const ctxt_pP,
pdcp_t *pdcp_entity,
srb_flag_t srb_flagP,
@@ -188,10 +187,10 @@ int pdcp_validate_security(const protocol_ctxt_t* const ctxt_pP,
srb_flag_t srb_flagP,
rb_id_t rb_id,
uint8_t pdcp_header_len,
- uint16_t current_sn,
+ uint32_t hfn,
+ int sn,
uint8_t *pdcp_pdu_buffer,
uint16_t sdu_buffer_size);
-#endif /* defined(ENABLE_SECURITY) */
#endif
/** @}*/
diff --git a/openair2/LAYER2/PDCP_v10.1.0/pdcp_security.c b/openair2/LAYER2/PDCP_v10.1.0/pdcp_security.c
index 83293a709de2b7e60b13c02f8cd97821d8fe4dc6..1528373e9883f9bab3e8faee3e605576b58df036 100644
--- a/openair2/LAYER2/PDCP_v10.1.0/pdcp_security.c
+++ b/openair2/LAYER2/PDCP_v10.1.0/pdcp_security.c
@@ -40,13 +40,6 @@
#include "msc.h"
#include "pdcp_primitives.h"
-#if defined(ENABLE_SECURITY)
-
-static
-uint32_t pdcp_get_next_count_tx(pdcp_t *const pdcp_pP, const srb_flag_t srb_flagP, const uint16_t pdcp_sn);
-static
-uint32_t pdcp_get_next_count_rx(pdcp_t *const pdcp_pP, const srb_flag_t srb_flagP, const uint16_t pdcp_sn);
-
//-----------------------------------------------------------------------------
static
uint32_t pdcp_get_next_count_tx(
@@ -79,26 +72,25 @@ static
uint32_t pdcp_get_next_count_rx(
pdcp_t * const pdcp_pP,
const srb_flag_t srb_flagP,
- const uint16_t pdcp_sn)
+ const uint32_t hfn,
+ const int sn)
{
uint32_t count;
/* For RX COUNT = RX_HFN << length of SN | pdcp SN of received PDU */
if (srb_flagP) {
/* 5 bits length SN */
- count = (((pdcp_pP->rx_hfn + pdcp_pP->rx_hfn_offset) << 5) | (pdcp_sn & 0x001F));
+ count = (hfn << 5) | (sn & 0x001F);
} else {
- if (pdcp_pP->seq_num_size == LTE_PDCP_Config__rlc_UM__pdcp_SN_Size_len7bits) {
+ if (pdcp_pP->seq_num_size == 7) {
/* 7 bits length SN */
- count = (((pdcp_pP->rx_hfn + pdcp_pP->rx_hfn_offset) << 7) | (pdcp_sn & 0x007F));
+ count = (hfn << 7) | (sn & 0x007F);
} else { // default
/* 12 bits length SN */
- count = (((pdcp_pP->rx_hfn + pdcp_pP->rx_hfn_offset) << 12) | (pdcp_sn & 0x0FFF));
+ count = (hfn << 12) | (sn & 0x0FFF);
}
}
- // reset the hfn offset
- pdcp_pP->rx_hfn_offset =0;
LOG_D(PDCP, "[OSA] RX COUNT = 0x%08x\n", count);
return count;
@@ -182,7 +174,8 @@ pdcp_validate_security(
const srb_flag_t srb_flagP,
const rb_id_t rb_id,
const uint8_t pdcp_header_len,
- const uint16_t current_sn,
+ const uint32_t hfn,
+ const int sn,
uint8_t *const pdcp_pdu_buffer,
const uint16_t sdu_buffer_size
)
@@ -201,7 +194,7 @@ pdcp_validate_security(
decrypt_params.direction = (pdcp_pP->is_ue == 1) ? SECU_DIRECTION_DOWNLINK : SECU_DIRECTION_UPLINK ;
decrypt_params.bearer = rb_id - 1;
- decrypt_params.count = pdcp_get_next_count_rx(pdcp_pP, srb_flagP, current_sn);
+ decrypt_params.count = pdcp_get_next_count_rx(pdcp_pP, srb_flagP, hfn, sn);
decrypt_params.message = &pdcp_pdu_buffer[pdcp_header_len];
decrypt_params.blength = (sdu_buffer_size - pdcp_header_len) << 3;
decrypt_params.key_length = 16;
@@ -246,5 +239,3 @@ pdcp_validate_security(
return 0;
}
-
-#endif /* ENABLE_SECURITY */
diff --git a/openair2/LAYER2/PDCP_v10.1.0/pdcp_sequence_manager.c b/openair2/LAYER2/PDCP_v10.1.0/pdcp_sequence_manager.c
index c6deb4944172b214c69d5f16df7025eb3a717dde..cdc583ef217873df5f794f6f9359136d1c2a1a33 100644
--- a/openair2/LAYER2/PDCP_v10.1.0/pdcp_sequence_manager.c
+++ b/openair2/LAYER2/PDCP_v10.1.0/pdcp_sequence_manager.c
@@ -140,152 +140,6 @@ boolean_t pdcp_advance_rx_window(pdcp_t* pdcp_entity)
return TRUE;
}
-/**
- * Checks if incoming PDU has a sequence number in accordance with the RX window
- * @return 1 if SN is okay, 0 otherwise
- * XXX Reordering window should also be handled here
- */
-boolean_t pdcp_is_rx_seq_number_valid(uint16_t seq_num, pdcp_t* pdcp_entity,srb_flag_t srb_flagP)
-{
-
- uint16_t reordering_window = 0;
-
- LOG_D(PDCP, "Incoming RX Sequence number is %04d\n", seq_num);
-
- if (pdcp_is_seq_num_size_valid(pdcp_entity) == FALSE || pdcp_is_seq_num_valid(seq_num, pdcp_entity->seq_num_size) == FALSE) {
- return FALSE;
- }
-
- /*
- * Mark received sequence numbers to keep track of missing ones
- * (and to build PDCP Control PDU for PDCP status report)
- */
- if (pdcp_mark_current_pdu_as_received(seq_num, pdcp_entity) == TRUE) {
- LOG_D(PDCP, "Received sequence number successfuly marked\n");
- } else {
- LOG_W(PDCP, "Cannot mark received sequence number on the bitmap!\n");
- }
-
- /*
- * RX Procedures for SRB and DRBs as described in sec 5.1.2 of 36.323
- */
-
- if (srb_flagP) { // SRB
-
- if (seq_num < pdcp_entity->next_pdcp_rx_sn) {
- // decipher and verify the integrity of the PDU (if applicable) using COUNT based on RX_HFN + 1 and the received PDCP SN
- pdcp_entity->rx_hfn++;
- pdcp_entity->rx_hfn_offset = 0;
- } else {
- // decipher and verify the integrity of the PDU (if applicable) using COUNT based using COUNT based on RX_HFN and the received PDCP SN
- pdcp_entity->rx_hfn_offset = 0;
- }
-
- // Assume that integrity verification is applicable and the integrity verification is passed successfully;
- // or assume that integrity verification is not applicable:
-
- // same the old next_pdcp_rx_sn to revert otherwise
- pdcp_entity->next_pdcp_rx_sn_before_integrity = pdcp_entity->next_pdcp_rx_sn;
-
- if (seq_num != pdcp_entity->next_pdcp_rx_sn) {
- LOG_D(PDCP,"Re-adjusting the sequence number to %d\n", seq_num);
- }
-
- //set Next_PDCP_RX_SN to the received PDCP SN +1 ;
- pdcp_entity->next_pdcp_rx_sn = seq_num;
- pdcp_advance_rx_window(pdcp_entity); // + 1, and check if it is larger than Maximum_PDCP_SN:
-
- } else { // DRB
-
- if (pdcp_entity->seq_num_size == PDCP_SN_7BIT) {
- reordering_window = REORDERING_WINDOW_SN_7BIT;
- } else {
- reordering_window = REORDERING_WINDOW_SN_12BIT;
- }
-
- switch (pdcp_entity->rlc_mode) {
- case RLC_MODE_AM:
- if ((seq_num - pdcp_entity->last_submitted_pdcp_rx_sn > reordering_window) ||
- ((0 <= pdcp_entity->last_submitted_pdcp_rx_sn - seq_num) &&
- (pdcp_entity->last_submitted_pdcp_rx_sn - seq_num < reordering_window) )) {
-
- if (seq_num > pdcp_entity->next_pdcp_rx_sn) {
- /*
- * decipher the PDCP PDU as specified in the subclause 5.6, using COUNT based on RX_HFN - 1 and the received PDCP SN;
- */
- pdcp_entity->rx_hfn_offset = -1;
- } else {
- /*
- * decipher the PDCP PDU as specified in the subclause 5.6, using COUNT based on RX_HFN and the received PDCP SN;
- */
- pdcp_entity->rx_hfn_offset = 0;
- }
-
- // discard this PDCP SDU;
- LOG_W(PDCP, "Out of the reordering window (Incoming SN:%d, Expected SN:%d): discard this PDCP SDU\n",
- seq_num, pdcp_entity->next_pdcp_rx_sn);
- return FALSE;
- } else if (pdcp_entity->next_pdcp_rx_sn - seq_num > reordering_window) {
- pdcp_entity->rx_hfn++;
- // use COUNT based on RX_HFN and the received PDCP SN for deciphering the PDCP PDU;
- pdcp_entity->rx_hfn_offset = 0;
- pdcp_entity->next_pdcp_rx_sn++;
- } else if (seq_num - pdcp_entity->next_pdcp_rx_sn >= reordering_window ) {
- // use COUNT based on RX_HFN – 1 and the received PDCP SN for deciphering the PDCP PDU;
- pdcp_entity->rx_hfn_offset = -1;
- } else if (seq_num >= pdcp_entity->next_pdcp_rx_sn ) {
- // use COUNT based on RX_HFN and the received PDCP SN for deciphering the PDCP PDU;
- pdcp_entity->rx_hfn_offset = 0;
- //set Next_PDCP_RX_SN to the received PDCP SN +1 ;
- pdcp_entity->next_pdcp_rx_sn = seq_num;
- pdcp_advance_rx_window(pdcp_entity); // + 1, anc check if it is larger than Maximum_PDCP_SN:
- LOG_D(PDCP,"Re-adjusting the sequence number to %d\n", seq_num);
- } else if (seq_num < pdcp_entity->next_pdcp_rx_sn) {
- // use COUNT based on RX_HFN and the received PDCP SN for deciphering the PDCP PDU;
- pdcp_entity->rx_hfn_offset = 0;
- }
-
- break;
-
- case RLC_MODE_UM :
- if (seq_num < pdcp_entity->next_pdcp_rx_sn) {
- pdcp_entity->rx_hfn++;
- }
-
- // decipher the PDCP Data PDU using COUNT based on RX_HFN and the received PDCP SN as specified in the subclause 5.6;
- //set Next_PDCP_RX_SN to the received PDCP SN +1 ;
- pdcp_entity->next_pdcp_rx_sn = seq_num;
- pdcp_advance_rx_window(pdcp_entity); // + 1, and check if it is larger than Maximum_PDCP_SN:
-
- break;
-
- case RLC_MODE_TM :
- default:
- LOG_W(PDCP,"RLC mode %d not supported\n",pdcp_entity->rlc_mode);
- return FALSE;
- }
- }
-
- /*
- if (seq_num == pdcp_entity->next_pdcp_rx_sn) {
- LOG_I(PDCP, "Next expected SN (%d) arrived, advancing RX window\n", seq_num);
-
- return pdcp_advance_rx_window(pdcp_entity);
- } else {
- LOG_E(PDCP, "Incoming SN is not the one we expected to receive! (Incoming:%d, Expected:%d)\n", \
- seq_num, pdcp_entity->next_pdcp_rx_sn);
-
-
- // Update first missing PDU (used in PDCP Control PDU for PDCP status report, see 6.2.6)
- if (pdcp_entity->first_missing_pdu != -1)
- pdcp_entity->first_missing_pdu = pdcp_entity->next_pdcp_rx_sn;
-
- return FALSE;
- }
- */
- return TRUE;
-}
-
boolean_t pdcp_mark_current_pdu_as_received(uint16_t seq_num, pdcp_t* pdcp_entity)
{
/*
diff --git a/openair2/LAYER2/PDCP_v10.1.0/pdcp_sequence_manager.h b/openair2/LAYER2/PDCP_v10.1.0/pdcp_sequence_manager.h
index ec59a4b4fe8dca5190bd26118b0e0209af2f8b8e..172c9810e69c29ad81f911f6b61a72759cf9812e 100644
--- a/openair2/LAYER2/PDCP_v10.1.0/pdcp_sequence_manager.h
+++ b/openair2/LAYER2/PDCP_v10.1.0/pdcp_sequence_manager.h
@@ -59,11 +59,6 @@ uint16_t pdcp_get_next_tx_seq_number(pdcp_t* pdcp_entity);
* Advances the RX window state of given PDCP entity upon successfull receipt of a SDU
*/
boolean_t pdcp_advance_rx_window(pdcp_t* pdcp_entity);
-/**
- * Checks if incoming PDU has a sequence number in accordance with the RX window
- * @return TRUE if it is valid, FALSE otherwise
- */
-boolean_t pdcp_is_rx_seq_number_valid(uint16_t seq_num, pdcp_t* pdcp_entity,srb_flag_t srb_flagP);
/**
* Updates missing PDU bitmap with incoming sequence number
* @return TRUE if successful, FALSE otherwise
diff --git a/openair2/RRC/LTE/MESSAGES/asn1_msg.c b/openair2/RRC/LTE/MESSAGES/asn1_msg.c
index b8cfad9cca032c03722dd66bedcea0ebdababd09..09c051a62dc43b1920c9a7d7cfd5501fad0b7d19 100644
--- a/openair2/RRC/LTE/MESSAGES/asn1_msg.c
+++ b/openair2/RRC/LTE/MESSAGES/asn1_msg.c
@@ -3724,7 +3724,6 @@ do_RRCConnectionReestablishment(
rrc->carrier[CC_id].dl_CarrierFreq,
earfcn_dl,
is_rel8_only == true ? "true": "false");
-#if defined(ENABLE_SECURITY)
if (ue_context_pP->ue_context.nh_ncc >= 0) {
derive_keNB_star(ue_context_pP->ue_context.nh, pci, earfcn_dl, is_rel8_only, KeNB_star);
@@ -3738,9 +3737,6 @@ do_RRCConnectionReestablishment(
// copy KeNB_star to ue_context_pP->ue_context.kenb
memcpy (ue_context_pP->ue_context.kenb, KeNB_star, 32);
ue_context_pP->ue_context.kenb_ncc = 0;
-#else
- rrcConnectionReestablishment->criticalExtensions.choice.c1.choice.rrcConnectionReestablishment_r8.nextHopChainingCount = 0;
-#endif
rrcConnectionReestablishment->criticalExtensions.choice.c1.choice.rrcConnectionReestablishment_r8.nonCriticalExtension = NULL;
if ( LOG_DEBUGFLAG(DEBUG_ASN1) ) {
diff --git a/openair2/RRC/LTE/defs_NB_IoT.h b/openair2/RRC/LTE/defs_NB_IoT.h
index 7af4c38d57815c21aa6cb705ca5f3e6f1fa2c11f..26eca6d781fd246814f65eaa3a8189b530c07595 100644
--- a/openair2/RRC/LTE/defs_NB_IoT.h
+++ b/openair2/RRC/LTE/defs_NB_IoT.h
@@ -261,10 +261,8 @@ typedef struct eNB_RRC_UE_NB_IoT_s {
SRB_INFO_TABLE_ENTRY_NB_IoT Srb1;
SRB_INFO_TABLE_ENTRY_NB_IoT Srb1bis;
-#if defined(ENABLE_SECURITY)
/* KeNB as derived from KASME received from EPC */
uint8_t kenb[32];
-#endif
/* Used integrity/ciphering algorithms--> maintained the same for NB-IoT */
e_LTE_CipheringAlgorithm_r12 ciphering_algorithm; //Specs. TS 36.331 V14.1.0 pag 432 Change position of chipering enumerative w.r.t previous version
diff --git a/openair2/RRC/LTE/rrc_UE.c b/openair2/RRC/LTE/rrc_UE.c
index 73ba03c600fb8eda7f22a7a47f2c7dbf0c6f9ceb..cddd409922bf7676c325083593bb626a49f1f5c4 100644
--- a/openair2/RRC/LTE/rrc_UE.c
+++ b/openair2/RRC/LTE/rrc_UE.c
@@ -69,9 +69,7 @@
#include "rrc_UE_ral.h"
#endif
-#if defined(ENABLE_SECURITY)
- #include "UTIL/OSA/osa_defs.h"
-#endif
+#include "UTIL/OSA/osa_defs.h"
#include "pdcp.h"
#include "plmn_data.h"
@@ -424,7 +422,6 @@ void init_SL_preconfig(UE_RRC_INST *UE, const uint8_t eNB_index ) {
//-----------------------------------------------------------------------------
void openair_rrc_ue_init_security( const protocol_ctxt_t *const ctxt_pP ) {
-#if defined(ENABLE_SECURITY)
// uint8_t *kRRCenc;
// uint8_t *kRRCint;
char ascii_buffer[65];
@@ -438,7 +435,6 @@ void openair_rrc_ue_init_security( const protocol_ctxt_t *const ctxt_pP ) {
LOG_T(RRC, PROTOCOL_RRC_CTXT_FMT"[OSA] kenb = %s\n",
PROTOCOL_RRC_CTXT_ARGS(ctxt_pP),
ascii_buffer);
-#endif
}
//-----------------------------------------------------------------------------
@@ -1307,12 +1303,10 @@ rrc_ue_process_radioResourceConfigDedicated(
if (radioResourceConfigDedicated->srb_ToAddModList) {
uint8_t *kRRCenc = NULL;
uint8_t *kRRCint = NULL;
-#if defined(ENABLE_SECURITY)
derive_key_rrc_enc(UE_rrc_inst[ctxt_pP->module_id].ciphering_algorithm,
UE_rrc_inst[ctxt_pP->module_id].kenb, &kRRCenc);
derive_key_rrc_int(UE_rrc_inst[ctxt_pP->module_id].integrity_algorithm,
UE_rrc_inst[ctxt_pP->module_id].kenb, &kRRCint);
-#endif
// Refresh SRBs
rrc_pdcp_config_asn1_req(ctxt_pP,
radioResourceConfigDedicated->srb_ToAddModList,
@@ -1485,10 +1479,8 @@ rrc_ue_process_radioResourceConfigDedicated(
}
uint8_t *kUPenc = NULL;
-#if defined(ENABLE_SECURITY)
derive_key_up_enc(UE_rrc_inst[ctxt_pP->module_id].integrity_algorithm,
UE_rrc_inst[ctxt_pP->module_id].kenb, &kUPenc);
-#endif
MSC_LOG_TX_MESSAGE(
MSC_RRC_UE,
MSC_PDCP_UE,
@@ -1663,7 +1655,6 @@ rrc_ue_process_securityModeCommand(
ul_dcch_msg.message.choice.c1.present = LTE_UL_DCCH_MessageType__c1_PR_securityModeFailure;
}
-#if defined(ENABLE_SECURITY)
uint8_t *kRRCenc = NULL;
uint8_t *kUPenc = NULL;
uint8_t *kRRCint = NULL;
@@ -1713,8 +1704,6 @@ rrc_ue_process_securityModeCommand(
LOG_I(RRC, "Could not get PDCP instance where key=0x%ld\n", key);
}
-#endif //#if defined(ENABLE_SECURITY)
-
if (securityModeCommand->criticalExtensions.present == LTE_SecurityModeCommand__criticalExtensions_PR_c1) {
if (securityModeCommand->criticalExtensions.choice.c1.present != LTE_SecurityModeCommand__criticalExtensions__c1_PR_securityModeCommand_r8)
LOG_W(RRC,"securityModeCommand->criticalExtensions.choice.c1.present (%d) != SecurityModeCommand__criticalExtensions__c1_PR_securityModeCommand_r8\n",
diff --git a/openair2/RRC/LTE/rrc_defs.h b/openair2/RRC/LTE/rrc_defs.h
index df9800b1339cfc6075af1590e1e99464308bd874..38fc7b7262ced788cd273a94fa97c96acea93abd 100644
--- a/openair2/RRC/LTE/rrc_defs.h
+++ b/openair2/RRC/LTE/rrc_defs.h
@@ -547,13 +547,11 @@ typedef struct eNB_RRC_UE_s {
int UE_Capability_size;
ImsiMobileIdentity_t imsi;
-#if defined(ENABLE_SECURITY)
/* KeNB as derived from KASME received from EPC */
uint8_t kenb[32];
int8_t kenb_ncc;
uint8_t nh[32];
int8_t nh_ncc;
-#endif
/* Used integrity/ciphering algorithms */
LTE_CipheringAlgorithm_r12_t ciphering_algorithm;
e_LTE_SecurityAlgorithmConfig__integrityProtAlgorithm integrity_algorithm;
@@ -825,12 +823,10 @@ typedef struct UE_RRC_INST_s {
float rsrq_db[7];
float rsrp_db_filtered[7];
float rsrq_db_filtered[7];
-#if defined(ENABLE_SECURITY)
/* KeNB as computed from parameters within USIM card */
uint8_t kenb[32];
uint8_t nh[32];
int8_t nh_ncc;
-#endif
/* Used integrity/ciphering algorithms */
LTE_CipheringAlgorithm_r12_t ciphering_algorithm;
diff --git a/openair2/RRC/LTE/rrc_eNB.c b/openair2/RRC/LTE/rrc_eNB.c
index e9dfe0af0dfbca1420aa34bbc09bb7ce64d616c4..3503956b108746292fbb28eacea58b1fe0c821d4 100644
--- a/openair2/RRC/LTE/rrc_eNB.c
+++ b/openair2/RRC/LTE/rrc_eNB.c
@@ -75,9 +75,7 @@
#include "OCG.h"
#include "OCG_extern.h"
-#if defined(ENABLE_SECURITY)
- #include "UTIL/OSA/osa_defs.h"
-#endif
+#include "UTIL/OSA/osa_defs.h"
#include "rrc_eNB_S1AP.h"
#include "rrc_eNB_GTPV1U.h"
@@ -797,6 +795,29 @@ rrc_eNB_free_mem_UE_context(
ASN_STRUCT_FREE(asn_DEF_LTE_MeasConfig, ue_context_pP->ue_context.measConfig);
ue_context_pP->ue_context.measConfig = NULL;
}
+
+#if 0
+ //HANDOVER_INFO *handover_info;
+ //uint8_t kenb[32];
+ //e_SecurityAlgorithmConfig__cipheringAlgorithm ciphering_algorithm;
+ //e_SecurityAlgorithmConfig__integrityProtAlgorithm integrity_algorithm;
+ //uint8_t Status;
+ //rnti_t rnti;
+ //uint64_t random_ue_identity;
+#if defined(ENABLE_ITTI)
+ //UE_S_TMSI Initialue_identity_s_TMSI;
+ //EstablishmentCause_t establishment_cause;
+ //ReestablishmentCause_t reestablishment_cause;
+ //uint16_t ue_initial_id;
+ //uint32_t eNB_ue_s1ap_id :24;
+ //security_capabilities_t security_capabilities;
+ //uint8_t nb_of_e_rabs;
+ //e_rab_param_t e_rab[S1AP_MAX_E_RAB];
+ //uint32_t enb_gtp_teid[S1AP_MAX_E_RAB];
+ //transport_layer_addr_t enb_gtp_addrs[S1AP_MAX_E_RAB];
+ //rb_id_t enb_gtp_ebi[S1AP_MAX_E_RAB];
+#endif
+#endif
}
//-----------------------------------------------------------------------------
@@ -6142,7 +6163,6 @@ rrc_eNB_process_RRCConnectionReconfigurationComplete(
LTE_DRB_Identity_t *drb_id_p = NULL;
T(T_ENB_RRC_CONNECTION_RECONFIGURATION_COMPLETE, T_INT(ctxt_pP->module_id), T_INT(ctxt_pP->frame),
T_INT(ctxt_pP->subframe), T_INT(ctxt_pP->rnti));
-#if defined(ENABLE_SECURITY)
/* Derive the keys from kenb */
if (DRB_configList != NULL) {
@@ -6154,7 +6174,6 @@ rrc_eNB_process_RRCConnectionReconfigurationComplete(
ue_context_pP->ue_context.kenb, &kRRCenc);
derive_key_rrc_int(ue_context_pP->ue_context.integrity_algorithm,
ue_context_pP->ue_context.kenb, &kRRCint);
-#endif
// Refresh SRBs/DRBs
MSC_LOG_TX_MESSAGE(
MSC_RRC_ENB,
diff --git a/openair2/RRC/LTE/rrc_eNB_S1AP.c b/openair2/RRC/LTE/rrc_eNB_S1AP.c
index 798980725341432c05d9898efc544441d8fa24d9..e07a4bd5d2c43cb85427975113ffad0e1659ff41 100644
--- a/openair2/RRC/LTE/rrc_eNB_S1AP.c
+++ b/openair2/RRC/LTE/rrc_eNB_S1AP.c
@@ -48,9 +48,7 @@
#include "s1ap_eNB.h"
-#if defined(ENABLE_SECURITY)
- #include "UTIL/OSA/osa_defs.h"
-#endif
+#include "UTIL/OSA/osa_defs.h"
#include "msc.h"
#include "LTE_UERadioAccessCapabilityInformation.h"
@@ -486,7 +484,6 @@ static void process_eNB_security_key (
)
//------------------------------------------------------------------------------
{
-#if defined(ENABLE_SECURITY)
char ascii_buffer[65];
uint8_t i;
/* Saves the security key */
@@ -500,7 +497,6 @@ static void process_eNB_security_key (
ascii_buffer[2 * i] = '\0';
LOG_I (RRC, "[eNB %d][UE %x] Saved security key %s\n", ctxt_pP->module_id, ue_context_pP->ue_context.rnti, ascii_buffer);
-#endif
}
@@ -513,7 +509,6 @@ rrc_pdcp_config_security(
)
//------------------------------------------------------------------------------
{
-#if defined(ENABLE_SECURITY)
LTE_SRB_ToAddModList_t *SRB_configList = ue_context_pP->ue_context.SRB_configList;
uint8_t *kRRCenc = NULL;
uint8_t *kRRCint = NULL;
@@ -571,8 +566,6 @@ rrc_pdcp_config_security(
PROTOCOL_RRC_CTXT_UE_ARGS(ctxt_pP),
DCCH);
}
-
-#endif
}
//------------------------------------------------------------------------------
diff --git a/targets/Makefile.common b/targets/Makefile.common
index ac0771770ba8c4737370a8f7670a71be2dc1b01e..ecd5f3821a8e3fabd538948d73b25bee6a6b69df 100644
--- a/targets/Makefile.common
+++ b/targets/Makefile.common
@@ -45,7 +45,6 @@ ifeq ($(OPENSSL_FOUND), 0)
@(warning "openssl library is not installed on your system, openssl lib needed, continuing with security disabled")
SECU=0
else
-CFLAGS += -DENABLE_SECURITY
LIBS += $(OPENSSL_LIBS) $(NETTLE_LIBS)
endif
endif