Skip to content

bugfix: read msg_type only after deciphering

Cédric Rouxrequested to merge
bugfix-nas-security-msg-type into develop

There was a problem with accessing msg_type from the input buffer before deciphering, giving obviously wrong value.

CI team: we should add a test in the CI with NAS ciphering + integrity (connection to the core) set to not null (I suggest nea2/nia2). With openair's core, this is done by setting this in the amf config file (nia1 and nea2 at the top of the list):

  supported_integrity_algorithms:
    - "NIA2"
    - "NIA1"
    - "NIA0"
  supported_encryption_algorithms:
    - "NEA2"
    - "NEA1"
    - "NEA0"

And also put full security in the AS. This is done with this in the gnb config file:

security = {
  ciphering_algorithms = ( "nea2", "nea0" );
  integrity_algorithms = ( "nia2", "nia1", "nia0" );
  drb_ciphering = "yes";
  drb_integrity = "yes"
};

Ideally we should test this with both openair UE and cots UE. But as a strict minimum do for openair UE (this is where the bug was).

No need to do much traffic, a few ping is enough. But if you want to check throughput with full security, why not.

Merge request reports