From 942b9466ef788888baf7486043abde72589eb9dc Mon Sep 17 00:00:00 2001 From: Sukchan Lee Date: Sat, 13 Jul 2019 23:47:24 +0900 Subject: [PATCH] Attach Reject if UE indicates only EIA0 (#222) --- src/mme/emm-build.c | 17 ++--------------- src/mme/emm-handler.c | 11 +++++++++++ src/mme/mme-context.c | 31 +++++++++++++++++++++++++++++++ src/mme/mme-context.h | 3 +++ 4 files changed, 47 insertions(+), 15 deletions(-) diff --git a/src/mme/emm-build.c b/src/mme/emm-build.c index 7c65e4eab..70fb59342 100644 --- a/src/mme/emm-build.c +++ b/src/mme/emm-build.c @@ -241,7 +241,6 @@ int emm_build_security_mode_command( ogs_pkbuf_t **emmbuf, mme_ue_t *mme_ue) { int rv; - int i; nas_message_t message; nas_security_mode_command_t *security_mode_command = @@ -266,20 +265,8 @@ int emm_build_security_mode_command( message.emm.h.protocol_discriminator = NAS_PROTOCOL_DISCRIMINATOR_EMM; message.emm.h.message_type = NAS_SECURITY_MODE_COMMAND; - for (i = 0; i < mme_self()->num_of_integrity_order; i++) { - if (mme_ue->ue_network_capability.eia & - (0x80 >> mme_self()->integrity_order[i])) { - mme_ue->selected_int_algorithm = mme_self()->integrity_order[i]; - break; - } - } - for (i = 0; i < mme_self()->num_of_ciphering_order; i++) { - if (mme_ue->ue_network_capability.eea & - (0x80 >> mme_self()->ciphering_order[i])) { - mme_ue->selected_enc_algorithm = mme_self()->ciphering_order[i]; - break; - } - } + mme_ue->selected_int_algorithm = mme_selected_int_algorithm(mme_ue); + mme_ue->selected_enc_algorithm = mme_selected_enc_algorithm(mme_ue); selected_nas_security_algorithms->type_of_integrity_protection_algorithm = mme_ue->selected_int_algorithm; diff --git a/src/mme/emm-handler.c b/src/mme/emm-handler.c index 5de1f3ccd..65ba4b6b4 100644 --- a/src/mme/emm-handler.c +++ b/src/mme/emm-handler.c @@ -143,6 +143,17 @@ int emm_handle_attach_request( sizeof(attach_request->ms_network_capability)); } + if (mme_selected_int_algorithm(mme_ue) == NAS_SECURITY_ALGORITHMS_EIA0) { + ogs_warn("Encrypt[0x%x] can be skipped with EEA0, " + "but Integrity[0x%x] cannot be bypassed with EIA0", + mme_selected_enc_algorithm(mme_ue), + mme_selected_int_algorithm(mme_ue)); + nas_send_attach_reject(mme_ue, + EMM_CAUSE_UE_SECURITY_CAPABILITIES_MISMATCH, + ESM_CAUSE_PROTOCOL_ERROR_UNSPECIFIED); + return OGS_ERROR; + } + switch (eps_mobile_identity->imsi.type) { case NAS_EPS_MOBILE_IDENTITY_IMSI: memcpy(&mme_ue->nas_mobile_identity_imsi, diff --git a/src/mme/mme-context.c b/src/mme/mme-context.c index e416fda4e..7f023079a 100644 --- a/src/mme/mme-context.c +++ b/src/mme/mme-context.c @@ -2815,3 +2815,34 @@ int mme_m_tmsi_free(mme_m_tmsi_t *m_tmsi) return OGS_OK; } +uint8_t mme_selected_int_algorithm(mme_ue_t *mme_ue) +{ + int i; + + ogs_assert(mme_ue); + + for (i = 0; i < mme_self()->num_of_integrity_order; i++) { + if (mme_ue->ue_network_capability.eia & + (0x80 >> mme_self()->integrity_order[i])) { + return mme_self()->integrity_order[i]; + } + } + + return 0; +} + +uint8_t mme_selected_enc_algorithm(mme_ue_t *mme_ue) +{ + int i; + + ogs_assert(mme_ue); + + for (i = 0; i < mme_self()->num_of_ciphering_order; i++) { + if (mme_ue->ue_network_capability.eea & + (0x80 >> mme_self()->ciphering_order[i])) { + return mme_self()->ciphering_order[i]; + } + } + + return 0; +} diff --git a/src/mme/mme-context.h b/src/mme/mme-context.h index bb6b64259..34ce49175 100644 --- a/src/mme/mme-context.h +++ b/src/mme/mme-context.h @@ -737,6 +737,9 @@ int mme_m_tmsi_pool_generate(); mme_m_tmsi_t *mme_m_tmsi_alloc(); int mme_m_tmsi_free(mme_m_tmsi_t *tmsi); +uint8_t mme_selected_int_algorithm(mme_ue_t *mme_ue); +uint8_t mme_selected_enc_algorithm(mme_ue_t *mme_ue); + #ifdef __cplusplus } #endif