Commit 212192cb authored by Cedric Roux's avatar Cedric Roux
Browse files

- Added new feature: Oaisim Security Algorithms (see README in openair2/UTIL/OSA/README

- Fix uint64_t formatting in openair_proc.c
- Removed duplicate call to pdcp_fifo_read_input_sdus

pre-ci tests passed

git-svn-id: http://svn.eurecom.fr/openair4G/trunk@4158 818b1a75-f10b-46b9-bf7c-635c3b92a50f
parent 15e4d364
......@@ -26,6 +26,7 @@ SOURCES_L2 += $(PDCP_DIR)/pdcp_fifo.c
SOURCES_L2 += $(PDCP_DIR)/pdcp_sequence_manager.c
SOURCES_L2 += $(PDCP_DIR)/pdcp_primitives.c
SOURCES_L2 += $(PDCP_DIR)/pdcp_util.c
SOURCES_L2 += $(PDCP_DIR)/pdcp_security.c
SOURCES_L2 += $(RLC_AM_DIR)/rlc_am.c
SOURCES_L2 += $(RLC_AM_DIR)/rlc_am_init.c
......
......@@ -52,6 +52,10 @@
#include "platform_constants.h"
#include "UTIL/LOG/vcd_signal_dumper.h"
#if defined(ENABLE_SECURITY)
# include "UTIL/OSA/osa_defs.h"
#endif
#define PDCP_DATA_REQ_DEBUG 0
#define PDCP_DATA_IND_DEBUG 0
......@@ -183,11 +187,23 @@ BOOL pdcp_data_req(module_id_t module_id, u32_t frame, u8_t eNB_flag, rb_id_t rb
/* Then append data... */
memcpy(&pdcp_pdu->data[pdcp_header_len], sdu_buffer, sdu_buffer_size);
//For control plane data that are not integrity protected,
// the MAC-I field is still present and should be padded with padding bits set to 0.
// NOTE: user-plane data are never integrity protected
for (i=0;i<pdcp_tailer_len;i++)
pdcp_pdu->data[pdcp_header_len + sdu_buffer_size + i] = 0x00;// pdu_header.mac_i[i];
#if defined(ENABLE_SECURITY)
if ((pdcp->security_activated != 0) &&
((pdcp->cipheringAlgorithm) != 0) &&
((pdcp->integrityProtAlgorithm) != 0)) {
pdcp_apply_security(pdcp, rb_id % NB_RB_MAX,
pdcp_header_len, current_sn, pdcp_pdu->data,
sdu_buffer_size);
}
#endif
/* Print octets of outgoing data in hexadecimal form */
LOG_D(PDCP, "Following content with size %d will be sent over RLC (PDCP PDU header is the first two bytes)\n",
pdcp_pdu_size);
......@@ -275,7 +291,8 @@ BOOL pdcp_data_ind(module_id_t module_id, u32_t frame, u8_t eNB_flag, rb_id_t rb
u16 sequence_number;
u8 payload_offset=0;
LOG_I(PDCP,"Data indication notification for PDCP entity with module ID %d and radio bearer ID %d rlc sdu size %d\n", module_id, rb_id, sdu_buffer_size);
LOG_I(PDCP,"Data indication notification for PDCP entity with module "
"ID %d and radio bearer ID %d rlc sdu size %d eNB_flag %d\n", module_id, rb_id, sdu_buffer_size, eNB_flag);
if (sdu_buffer_size == 0) {
LOG_W(PDCP, "SDU buffer size is zero! Ignoring this chunk!");
......@@ -335,18 +352,13 @@ BOOL pdcp_data_ind(module_id_t module_id, u32_t frame, u8_t eNB_flag, rb_id_t rb
}
// SRB1/2: control-plane data
if ( (rb_id % NB_RB_MAX) < DTCH ){
/*new_sdu = get_free_mem_block(sdu_buffer_size - pdcp_header_len - pdcp_tailer_len);
if (new_sdu) {
memcpy(new_sdu->data,
&sdu_buffer->data[pdcp_header_len],
sdu_buffer_size - pdcp_header_len - pdcp_tailer_len);
rrc_lite_data_ind(module_id,
frame,
eNB_flag,
rb_id,
sdu_buffer_size - pdcp_header_len - pdcp_tailer_len,
new_sdu->data);
}*/
#if defined(ENABLE_SECURITY)
if (pdcp->security_activated == 1) {
pdcp_validate_security(pdcp, rb_id % NB_RB_MAX, pdcp_header_len,
sequence_number, sdu_buffer->data,
sdu_buffer_size - pdcp_tailer_len);
}
#endif
//rrc_lite_data_ind(module_id, //Modified MW - L2 Interface
pdcp_rrc_data_ind(module_id,
frame,
......@@ -359,6 +371,13 @@ BOOL pdcp_data_ind(module_id_t module_id, u32_t frame, u8_t eNB_flag, rb_id_t rb
return TRUE;
}
payload_offset=PDCP_USER_PLANE_DATA_PDU_LONG_SN_HEADER_SIZE;
#if defined(ENABLE_SECURITY)
if (pdcp->security_activated == 1) {
pdcp_validate_security(pdcp, rb_id % NB_RB_MAX, pdcp_header_len,
sequence_number, sdu_buffer->data,
sdu_buffer_size - pdcp_tailer_len);
}
#endif
} else {
payload_offset=0;
}
......@@ -493,9 +512,6 @@ void
// IP/NAS -> PDCP traffic : TX, read the pkt from the upper layer buffer
pdcp_fifo_read_input_sdus(frame,eNB_flag);
// NAS -> PDCP traffic
pdcp_fifo_read_input_sdus(frame,eNB_flag);
// PDCP -> NAS/IP traffic: RX
pdcp_fifo_flush_sdus(frame,eNB_flag);
......@@ -505,7 +521,11 @@ void
BOOL rrc_pdcp_config_asn1_req (module_id_t module_id, u32_t frame, u8_t eNB_flag, u32_t index,
SRB_ToAddModList_t* srb2add_list,
DRB_ToAddModList_t* drb2add_list,
DRB_ToReleaseList_t* drb2release_list
DRB_ToReleaseList_t* drb2release_list,
u8 security_mode,
u8 *kRRCenc,
u8 *kRRCint,
u8 *kUPenc
#ifdef Rel10
,PMCH_InfoList_r9_t* pmch_InfoList_r9
#endif
......@@ -537,7 +557,6 @@ BOOL rrc_pdcp_config_asn1_req (module_id_t module_id, u32_t frame, u8_t eNB_flag
(eNB_flag == 1)? "eNB": "UE", index);
// srb2add_list does not define pdcp config, we use rlc info to setup the pdcp dcch0 and dcch1 channels
if (srb2add_list != NULL) {
for (cnt=0;cnt<srb2add_list->list.count;cnt++) {
srb_id = srb2add_list->list.array[cnt]->srb_Identity;
......@@ -570,7 +589,10 @@ BOOL rrc_pdcp_config_asn1_req (module_id_t module_id, u32_t frame, u8_t eNB_flag
srb_sn,
0, // drb_report
0, // header compression
0xff); //UNDEF_SECURITY_MODE
security_mode,
kRRCenc,
kRRCint,
kUPenc);
break;
}
break;
......@@ -659,7 +681,10 @@ BOOL rrc_pdcp_config_asn1_req (module_id_t module_id, u32_t frame, u8_t eNB_flag
drb_sn,
drb_report,
header_compression_profile,
0xff);
security_mode,
kRRCenc,
kRRCint,
kUPenc);
}
}
}
......@@ -681,7 +706,10 @@ BOOL rrc_pdcp_config_asn1_req (module_id_t module_id, u32_t frame, u8_t eNB_flag
0,
0,
0,
0xff);
security_mode,
kRRCenc,
kRRCint,
kUPenc);
}
}
......@@ -717,7 +745,10 @@ BOOL rrc_pdcp_config_asn1_req (module_id_t module_id, u32_t frame, u8_t eNB_flag
0, // set to deafult
0,
0,
0xff);
security_mode,
kRRCenc,
kRRCint,
kUPenc);
}
}
}
......@@ -727,18 +758,19 @@ BOOL rrc_pdcp_config_asn1_req (module_id_t module_id, u32_t frame, u8_t eNB_flag
}
BOOL pdcp_config_req_asn1 (module_id_t module_id, u32 frame, u8_t eNB_flag, u16 index,
rlc_mode_t rlc_mode, u32 action, u16 lc_id,u16 mch_id, rb_id_t rb_id,
u8 rb_sn, u8 rb_report, u16 header_compression_profile,
u8 security_mode){
u8 security_mode,
u8 *kRRCenc,
u8 *kRRCint,
u8 *kUPenc){
switch (action) {
case ACTION_ADD:
pdcp_array[module_id][lc_id].instanciated_instance = module_id + 1;
pdcp_array[module_id][lc_id].is_ue = (eNB_flag == 0) ? 1 : 0;
pdcp_array[module_id][lc_id].lcid = lc_id;
pdcp_array[module_id][lc_id].header_compression_profile=header_compression_profile;
pdcp_array[module_id][lc_id].cipheringAlgorithm=security_mode & 0x0f;
pdcp_array[module_id][lc_id].integrityProtAlgorithm=(security_mode>>4) & 0xf;
pdcp_array[module_id][lc_id].status_report = rb_report;
if (rb_sn == PDCP_Config__rlc_UM__pdcp_SN_Size_len7bits)
pdcp_array[module_id][lc_id].seq_num_size = 7;
......@@ -761,16 +793,24 @@ BOOL pdcp_config_req_asn1 (module_id_t module_id, u32 frame, u8_t eNB_flag, u16
frame, lc_id, rb_id, pdcp_array[module_id][lc_id].seq_num_size,
(rlc_mode == 1) ? "AM" : (rlc_mode == 2) ? "TM" : "UM");
/* Setup security */
if (security_mode != 0xff) {
pdcp_config_set_security(module_id, frame, eNB_flag, rb_id, lc_id, security_mode, kRRCenc, kRRCint, kUPenc);
}
LOG_D(PDCP, "[MSC_NEW][FRAME %05d][PDCP][MOD %02d][RB %02d]\n", frame, module_id,rb_id);
break;
case ACTION_MODIFY:
pdcp_array[module_id][lc_id].header_compression_profile=header_compression_profile;
pdcp_array[module_id][lc_id].cipheringAlgorithm=security_mode & 0x0f;
pdcp_array[module_id][lc_id].integrityProtAlgorithm=(security_mode>>4) & 0xf;
pdcp_array[module_id][lc_id].status_report = rb_report;
pdcp_array[module_id][lc_id].rlc_mode = rlc_mode;
/* Setup security */
if (security_mode != 0xff) {
pdcp_config_set_security(module_id, frame, eNB_flag, rb_id, lc_id, security_mode, kRRCenc, kRRCint, kUPenc);
}
if (rb_sn == PDCP_Config__rlc_UM__pdcp_SN_Size_len7bits)
pdcp_array[module_id][lc_id].seq_num_size = 7;
else if (rb_sn == PDCP_Config__rlc_UM__pdcp_SN_Size_len12bits)
......@@ -800,8 +840,21 @@ BOOL pdcp_config_req_asn1 (module_id_t module_id, u32 frame, u8_t eNB_flag, u16
pdcp_array[module_id][lc_id].last_submitted_pdcp_rx_sn = 4095;
pdcp_array[module_id][lc_id].seq_num_size = 0;
pdcp_array[module_id][lc_id].first_missing_pdu = -1;
pdcp_array[module_id][lc_id].security_activated = 0;
LOG_I(PDCP,"[%s %d] Config request : ACTION_REMOVE: Frame %d LCID %d RBID %d configured\n",
(eNB_flag) ? "eNB" : "UE", module_id, frame, lc_id,rb_id);
(eNB_flag) ? "eNB" : "UE", module_id, frame, lc_id, rb_id);
/* Security keys */
if (pdcp_array[module_id][lc_id].kUPenc != NULL) {
free(pdcp_array[module_id][lc_id].kUPenc);
}
if (pdcp_array[module_id][lc_id].kRRCint != NULL) {
free(pdcp_array[module_id][lc_id].kRRCint);
}
if (pdcp_array[module_id][lc_id].kRRCenc != NULL) {
free(pdcp_array[module_id][lc_id].kRRCenc);
}
break;
case ACTION_MBMS_ADD:
......@@ -814,15 +867,7 @@ BOOL pdcp_config_req_asn1 (module_id_t module_id, u32 frame, u8_t eNB_flag, u16
(eNB_flag == 1) ? "eNB" : "UE", module_id, frame, mch_id, lc_id, rb_id);
break;
case ACTION_SET_SECURITY_MODE:
if ((security_mode >= 0 ) && (security_mode <=0x77)) {
pdcp_array[module_id][lc_id].cipheringAlgorithm= security_mode & 0x0f;
pdcp_array[module_id][lc_id].integrityProtAlgorithm = (security_mode>>4) & 0xf;
LOG_D(PDCP,"[%s %d] Set security mode : ACTION_SET_SECURITY_MODE: Frame %d cipheringAlgorithm %d integrityProtAlgorithm %d\n",
(eNB_flag) ? "eNB" : "UE", module_id, frame,
pdcp_array[module_id][lc_id].cipheringAlgorithm,
pdcp_array[module_id][lc_id].integrityProtAlgorithm );
}else
LOG_D(PDCP,"[%s %d] bad security mode %d", security_mode);
pdcp_config_set_security(module_id, frame, eNB_flag, rb_id, lc_id, security_mode, kRRCenc, kRRCint, kUPenc);
break;
default:
LOG_W(PDCP,"unknown action %d for the config request\n",action);
......@@ -831,6 +876,28 @@ BOOL pdcp_config_req_asn1 (module_id_t module_id, u32 frame, u8_t eNB_flag, u16
return 0;
}
void pdcp_config_set_security(module_id_t module_id, u32 frame, u8 eNB_flag, rb_id_t rb_id,
u16 lc_id, u8 security_mode, u8 *kRRCenc, u8 *kRRCint, u8 *kUPenc)
{
if ((security_mode >= 0) && (security_mode <= 0x77)) {
pdcp_array[module_id][lc_id].cipheringAlgorithm = security_mode & 0x0f;
pdcp_array[module_id][lc_id].integrityProtAlgorithm = (security_mode>>4) & 0xf;
LOG_D(PDCP,"[%s %d][RB %02d] Set security mode : ACTION_SET_SECURITY_MODE: "
"Frame %d cipheringAlgorithm %d integrityProtAlgorithm %d\n",
(eNB_flag) ? "eNB" : "UE", module_id, rb_id, frame,
pdcp_array[module_id][lc_id].cipheringAlgorithm,
pdcp_array[module_id][lc_id].integrityProtAlgorithm);
pdcp_array[module_id][lc_id].kRRCenc = kRRCenc;
pdcp_array[module_id][lc_id].kRRCint = kRRCint;
pdcp_array[module_id][lc_id].kUPenc = kUPenc;
/* Activate security */
pdcp_array[module_id][lc_id].security_activated = 1;
} else {
LOG_D(PDCP,"[%s %d] bad security mode %d", security_mode);
}
}
void rrc_pdcp_config_req (module_id_t module_id, u32 frame, u8_t eNB_flag, u32 action, rb_id_t rb_id, u8 security_mode){
/*
......@@ -867,6 +934,7 @@ void rrc_pdcp_config_req (module_id_t module_id, u32 frame, u8_t eNB_flag, u32
pdcp_array[module_id][rb_id%NB_RB_MAX].last_submitted_pdcp_rx_sn = 4095;
pdcp_array[module_id][rb_id%NB_RB_MAX].seq_num_size = 0;
pdcp_array[module_id][rb_id%NB_RB_MAX].first_missing_pdu = -1;
pdcp_array[module_id][rb_id].security_activated = 0;
LOG_D(PDCP,"[%s %d] Config request : ACTION_REMOVE: Frame %d radio bearer id %d configured\n",
(eNB_flag) ? "eNB" : "UE", module_id, frame, rb_id);
......
......@@ -110,9 +110,26 @@ typedef struct pdcp_t {
BOOL instanciated_instance;
u16 header_compression_profile;
/* SR: added this flag to distinguish UE/eNB instance as pdcp_run for virtual
* mode can receive data on NETLINK for eNB while eNB_flag = 0 and for UE when eNB_flag = 1
*/
u8 is_ue;
/* Configured security algorithms */
u8 cipheringAlgorithm;
u8 integrityProtAlgorithm;
/* User-Plane encryption key
* Control-Plane RRC encryption key
* Control-Plane RRC integrity key
* These keys are configured by RRC layer
*/
u8 *kUPenc;
u8 *kRRCint;
u8 *kRRCenc;
u8 security_activated;
u8 rlc_mode;
u8 status_report;
u8 seq_num_size;
......@@ -260,14 +277,25 @@ public_pdcp(void rrc_pdcp_config_req (module_id_t module_id, u32 frame, u8_t eNB
* \param[in] srb2add_list SRB configuration list to be created.
* \param[in] drb2add_list DRB configuration list to be created.
* \param[in] drb2release_list DRB configuration list to be released.
* \param[in] security_mode Security algorithm to apply for integrity/ciphering
* \param[in] kRRCenc RRC encryption key
* \param[in] kRRCint RRC integrity key
* \param[in] kUPenc User-Plane encryption key
* \return A status about the processing, OK or error code.
*/
public_pdcp(
BOOL rrc_pdcp_config_asn1_req (module_id_t module_id, u32_t frame, u8_t eNB_flag, u32_t index,
SRB_ToAddModList_t* srb2add_list,
DRB_ToAddModList_t* drb2add_list,
DRB_ToReleaseList_t* drb2release_list,
u8 security_mode,
u8 *kRRCenc,
u8 *kRRCint,
u8 *kUPenc
#ifdef Rel10
public_pdcp(BOOL rrc_pdcp_config_asn1_req (module_id_t module_id, u32_t frame, u8_t eNB_flag, u32_t index, SRB_ToAddModList_t* srb2add_list, DRB_ToAddModList_t* drb2add_list, DRB_ToReleaseList_t* drb2release_list,PMCH_InfoList_r9_t* pmch_InfoList_r9);)
#else
public_pdcp(BOOL rrc_pdcp_config_asn1_req (module_id_t module_id, u32_t frame, u8_t eNB_flag, u32_t index, SRB_ToAddModList_t* srb2add_list, DRB_ToAddModList_t* drb2add_list, DRB_ToReleaseList_t* drb2release_list);)
,PMCH_InfoList_r9_t* pmch_InfoList_r9
#endif
));
/*! \fn BOOL pdcp_config_req_asn1 (module_id_t module_id, u32 frame, u8_t eNB_flag, u32 action, rb_id_t rb_id, u8 rb_sn, u8 rb_report, u16 header_compression_profile, u8 security_mode)
* \brief Function for RRC to configure a Radio Bearer.
......@@ -280,10 +308,18 @@ public_pdcp(BOOL rrc_pdcp_config_asn1_req (module_id_t module_id, u32_t frame, u
* \param[in] drb_report set a pdcp report for this drb
* \param[in] header_compression set the rohc profile
* \param[in] security_mode set the integrity and ciphering algs
* \param[in] kRRCenc RRC encryption key
* \param[in] kRRCint RRC integrity key
* \param[in] kUPenc User-Plane encryption key
* \return A status about the processing, OK or error code.
*/
public_pdcp(BOOL pdcp_config_req_asn1 (module_id_t module_id, u32 frame, u8_t eNB_flag, u16 index, rlc_mode_t rlc_mode, u32 action, u16 lc_id, u16 mch_id, rb_id_t rb_id, u8 rb_sn, u8 rb_report, u16 header_compression_profile, u8 security_mode);)
public_pdcp(BOOL pdcp_config_req_asn1 (module_id_t module_id, u32 frame, u8_t eNB_flag, u16 index,
rlc_mode_t rlc_mode, u32 action, u16 lc_id,u16 mch_id, rb_id_t rb_id,
u8 rb_sn, u8 rb_report, u16 header_compression_profile,
u8 security_mode,
u8 *kRRCenc,
u8 *kRRCint,
u8 *kUPenc));
/*! \fn void rrc_pdcp_config_release(module_id_t, rb_id_t)
* \brief This functions is unused
* \param[in] module_id Module ID of relevant PDCP entity
......
......@@ -153,4 +153,17 @@ BOOL pdcp_serialize_user_plane_data_pdu_with_long_sn_buffer(unsigned char* pdu_b
BOOL pdcp_serialize_control_pdu_for_pdcp_status_report(unsigned char* pdu_buffer, \
u8 bitmap[512], pdcp_control_pdu_for_pdcp_status_report* pdu);
void pdcp_config_set_security(module_id_t module_id, u32 frame, u8 eNB_flag, rb_id_t rb_id,
u16 lc_id, u8 security_mode, u8 *kRRCenc, u8 *kRRCint, u8 *kUPenc);
#if defined(ENABLE_SECURITY)
int pdcp_apply_security(pdcp_t *pdcp_entity, rb_id_t rb_id,
u8 pdcp_header_len, u16 current_sn, u8 *pdcp_pdu_buffer,
u16 sdu_buffer_size);
int pdcp_validate_security(pdcp_t *pdcp_entity, rb_id_t rb_id,
u8 pdcp_header_len, u16 current_sn, u8 *pdcp_pdu_buffer,
u16 sdu_buffer_size);
#endif /* defined(ENABLE_SECURITY) */
#endif
/*******************************************************************************
Eurecom OpenAirInterface
Copyright(c) 1999 - 2013 Eurecom
This program is free software; you can redistribute it and/or modify it
under the terms and conditions of the GNU General Public License,
version 2, as published by the Free Software Foundation.
This program is distributed in the hope it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
more details.
You should have received a copy of the GNU General Public License along with
this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
The full GNU General Public License is included in this distribution in
the file called "COPYING".
Contact Information
Openair Admin: openair_admin@eurecom.fr
Openair Tech : openair_tech@eurecom.fr
Forums : http://forums.eurecom.fsr/openairinterface
Address : Eurecom, 2229, route des crêtes, 06560 Valbonne Sophia Antipolis, France
*******************************************************************************/
/*! \file pdcp_security.c
* \brief PDCP Security Methods
* \author ROUX Sebastien
* \date 2013
*/
#include <stdint.h>
#include "assertions.h"
#include "UTIL/LOG/log.h"
#include "UTIL/OSA/osa_defs.h"
#include "LAYER2/MAC/extern.h"
#include "pdcp.h"
#include "pdcp_primitives.h"
#if defined(ENABLE_SECURITY)
static
u32 pdcp_get_next_count_tx(pdcp_t *pdcp_entity, u8 pdcp_header_len, u16 pdcp_sn);
static
u32 pdcp_get_next_count_rx(pdcp_t *pdcp_entity, u8 pdcp_header_len, u16 pdcp_sn);
static
u32 pdcp_get_next_count_tx(pdcp_t *pdcp_entity, u8 pdcp_header_len, u16 pdcp_sn)
{
u32 count;
/* For TX COUNT = TX_HFN << length of SN | pdcp SN */
if (pdcp_header_len == PDCP_CONTROL_PLANE_DATA_PDU_SN_SIZE) {
/* 5 bits length SN */
count = (pdcp_entity->tx_hfn << 5) | (pdcp_sn & 0x001F);
} else {
/* 12 bits length SN */
count = (pdcp_entity->tx_hfn << 12) | (pdcp_sn & 0x0FFF);
}
// LOG_D(PDCP, "[OSA] TX COUNT = 0x%08x\n", count);
return count;
}
static
u32 pdcp_get_next_count_rx(pdcp_t *pdcp_entity, u8 pdcp_header_len, u16 pdcp_sn)
{
u32 count;
/* For RX COUNT = RX_HFN << length of SN | pdcp SN of received PDU */
if (pdcp_header_len == PDCP_CONTROL_PLANE_DATA_PDU_SN_SIZE) {
/* 5 bits length SN */
count = (pdcp_entity->rx_hfn << 5) | (pdcp_sn & 0x001F);
} else {
/* 12 bits length SN */
count = (pdcp_entity->rx_hfn << 12) | (pdcp_sn & 0x0FFF);
}
// LOG_D(PDCP, "[OSA] RX COUNT = 0x%08x\n", count);
return count;
}
int pdcp_apply_security(pdcp_t *pdcp_entity, rb_id_t rb_id,
u8 pdcp_header_len, u16 current_sn, u8 *pdcp_pdu_buffer,
u16 sdu_buffer_size)
{
u8 *buffer_encrypted = NULL;
stream_cipher_t encrypt_params;
DevAssert(pdcp_entity != NULL);
DevAssert(pdcp_pdu_buffer != NULL);
DevCheck(rb_id < NB_RB_MAX && rb_id >= 0, rb_id, NB_RB_MAX, 0);
encrypt_params.direction = (pdcp_entity->is_ue == 1) ? SECU_DIRECTION_UPLINK : SECU_DIRECTION_DOWNLINK;
encrypt_params.bearer = rb_id;
encrypt_params.count = pdcp_get_next_count_tx(pdcp_entity, pdcp_header_len, current_sn);
encrypt_params.key_length = 16;
if (rb_id < DTCH) {
/* SRBs */
u8 *mac_i;
LOG_D(PDCP, "[OSA][RB %d] %s Applying control-plane security\n",
rb_id, (pdcp_entity->is_ue != 0) ? "UE -> eNB" : "eNB -> UE");
encrypt_params.message = pdcp_pdu_buffer;
encrypt_params.blength = (pdcp_header_len + sdu_buffer_size) << 3;
encrypt_params.key = pdcp_entity->kRRCint;
mac_i = &pdcp_pdu_buffer[pdcp_header_len + sdu_buffer_size];
/* Both header and data parts are integrity protected for
* control-plane PDUs */
stream_compute_integrity(pdcp_entity->integrityProtAlgorithm, &encrypt_params,
mac_i);
encrypt_params.key = pdcp_entity->kRRCenc;
} else {
LOG_D(PDCP, "[OSA][RB %d] %s Applying user-plane security\n",
rb_id, (pdcp_entity->is_ue != 0) ? "UE -> eNB" : "eNB -> UE");
encrypt_params.key = pdcp_entity->kUPenc;
}
encrypt_params.message = &pdcp_pdu_buffer[pdcp_header_len];
encrypt_params.blength = sdu_buffer_size << 3;
buffer_encrypted = &pdcp_pdu_buffer[pdcp_header_len];
/* Apply ciphering if any requested */
stream_encrypt(pdcp_entity->cipheringAlgorithm, &encrypt_params,
&buffer_encrypted);
return 0;
}
int pdcp_validate_security(pdcp_t *pdcp_entity, rb_id_t rb_id,
u8 pdcp_header_len, u16 current_sn, u8 *pdcp_pdu_buffer,
u16 sdu_buffer_size)
{
u8 *buffer_decrypted = NULL;
stream_cipher_t decrypt_params;
DevAssert(pdcp_entity != NULL);
DevAssert(pdcp_pdu_buffer != NULL);
DevCheck(rb_id < NB_RB_MAX && rb_id >= 0, rb_id, NB_RB_MAX, 0);
buffer_decrypted = (u8*)&pdcp_pdu_buffer[pdcp_header_len];
decrypt_params.direction = (pdcp_entity->is_ue == 1) ? SECU_DIRECTION_DOWNLINK : SECU_DIRECTION_UPLINK ;
decrypt_params.bearer = rb_id;
decrypt_params.count = pdcp_get_next_count_rx(pdcp_entity, pdcp_header_len, current_sn);
decrypt_params.message = &pdcp_pdu_buffer[pdcp_header_len];
decrypt_params.blength = (sdu_buffer_size - pdcp_header_len) << 3;
decrypt_params.key_length = 16;
if (rb_id < DTCH) {
LOG_D(PDCP, "[OSA][RB %d] %s Validating control-plane security\n",
rb_id, (pdcp_entity->is_ue != 0) ? "eNB -> UE" : "UE -> eNB");
decrypt_params.key = pdcp_entity->kRRCenc;
} else {
LOG_D(PDCP, "[OSA][RB %d] %s Validating user-plane security\n",
rb_id, (pdcp_entity->is_ue != 0) ? "eNB -> UE" : "UE -> eNB");
decrypt_params.key = pdcp_entity->kUPenc;
}
/* Uncipher the block */
stream_decrypt(pdcp_entity->cipheringAlgorithm, &decrypt_params, &buffer_decrypted);
if (rb_id < DTCH) {
/* Now check the integrity of the complete PDU */
decrypt_params.message = pdcp_pdu_buffer;
decrypt_params.blength = sdu_buffer_size << 3;
decrypt_params.key = pdcp_entity->kRRCint;
if (stream_check_integrity(pdcp_entity->integrityProtAlgorithm,
&decrypt_params, &pdcp_pdu_buffer[sdu_buffer_size]) != 0) {
LOG_E(PDCP, "[OSA] failed to validate MAC-I of incoming PDU\n");
return -1;
}
}
return 0;
}
#endif /* ENABLE_SECURITY */
......@@ -36,12 +36,22 @@
# @ingroup _mac
*/
#ifndef USER_MODE
#ifdef USER_MODE
# include <inttypes.h>
#else
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/proc_fs.h>
# ifndef PRIu64
# if __WORDSIZE == 64
# define PRIu64 "lu"
# else
# define PRIu64 "llu"
# endif
# endif
#endif
#include "LAYER2/RLC/rlc.h"
#include "LAYER2/MAC/defs.h"
#include "LAYER2/MAC/extern.h"
......@@ -114,7 +124,10 @@ int dump_eNB_l2_stats(char *buffer, int length){
eNB_mac_inst[eNB_id].eNB_UE_stats[UE_id].ncce_used_retx
</