Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-ttcn3-hacks / 80b981a162b87d08b52364972325bfda5c8e9782 / . / mme / LTE_CryptoFunctions.ttcn
blob: f0ea990fefa5b6b47440e337516b7498fa4578fd [file] [log] [blame]
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]1/* Utility functions from ogslib imported to TTCN-3
2 *
3 * (C) 2019 Harald Welte <laforge@gnumonks.org>
4 * All rights reserved.
5 *
6 * Released under the terms of GNU General Public License, Version 2 or
7 * (at your option) any later version.
8 *
9 * SPDX-License-Identifier: GPL-2.0-or-later
10 */
11
12module LTE_CryptoFunctions {
13
14import from General_Types all;
Pau Espin Pedrol49762172023-12-14 18:03:27 +0100[diff] [blame]15import from Misc_Helpers all;
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]16
17import from S1AP_Types all;
18import from S1AP_PDU_Descriptions all;
19
20import from NAS_EPS_Types all;
21import from NAS_Templates all;
22
23/*********************************************************************************
24 * low-level API (external C/C++ code)
25 *********************************************************************************/
26
27external function f_snow_3g_f8(in OCT16 key, in integer count, in integer bearer,
28 in boolean is_downlink, in octetstring data) return octetstring;
29
30external function f_snow_3g_f9(in OCT16 key, in integer count, in integer fresh,
31 in boolean is_downlink, in octetstring data) return OCT4;
32
33external function f_kdf_kasme(in OCT16 ck, in OCT16 ik, in OCT3 plmn_id,
34 in OCT6 sqn, in OCT6 ak) return OCT32;
35
36external function f_kdf_nas_int(in integer alg_id, in OCT32 kasme) return OCT32;
37external function f_kdf_nas_enc(in integer alg_id, in OCT32 kasme) return OCT32;
38
39external function f_kdf_enb(in OCT16 kasme, in integer ul_count) return OCT32;
40
41external function f_kdf_nh(in OCT16 kasme, in OCT32 sync_inp) return OCT32;
42
Pau Espin Pedrol3be4d922024-01-15 15:21:57 +0100[diff] [blame]43external function f_kdf_nas_token(in OCT16 kasme, in integer ul_count) return OCT32;
44
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]45/*********************************************************************************
46 * mid-level API
47 *********************************************************************************/
48
49function f_nas_mac_calc(NAS_ALG_INT alg, octetstring k_nas_int, integer seq_nr,
50 integer bearer, boolean is_downlink, octetstring data) return OCT4 {
51 select (alg) {
52 case (NAS_ALG_IP_EIA0) {
53 return '00000000'O;
54 }
55 case (NAS_ALG_IP_EIA1) {
56 return f_snow_3g_f9(k_nas_int, seq_nr, bearer, is_downlink, data);
57 }
58 case else {
Pau Espin Pedrol49762172023-12-14 18:03:27 +0100[diff] [blame]59 Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, log2str("Unsupported EIA: ", alg));
60 return '00000000'O; /* never reached */
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]61 }
62 }
63}
64
65function f_nas_encrypt(NAS_ALG_ENC alg, octetstring k_nas_enc, integer count,
66 integer bearer, boolean is_downlink, inout octetstring data) {
67 select (alg) {
68 case (NAS_ALG_ENC_EEA0) { }
69 case (NAS_ALG_ENC_EEA1) {
70 f_snow_3g_f8(k_nas_enc, count, bearer, is_downlink, data);
71 }
72 case else {
Pau Espin Pedrol49762172023-12-14 18:03:27 +0100[diff] [blame]73 Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, log2str("Unsupported EEA: ", alg));
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]74 }
75 }
76}
77
78
79/*********************************************************************************
80 * high-level API (full NAS encapsulation/decapsulation)
81 *********************************************************************************/
82
83type record NAS_UE_State {
84 NAS_Role role, /* ATS implements UE or MME role? */
85
86 NAS_ALG_INT alg_int, /* NAS Integrity Protection Algorithm */
87 octetstring k_nas_int, /* NAS Integrity Protection Key */
88 NAS_ALG_ENC alg_enc, /* NAS Encryption Algorithm */
89 octetstring k_nas_enc, /* NAS Encryption Key */
90 integer rx_count, /* frame counter (ATS rx side) */
91 integer tx_count /* frame counter (ATS tx side) */
92};
93
94template (value) NAS_UE_State t_NAS_UE_State(NAS_Role role) := {
95 role := role,
96 alg_int := NAS_ALG_IP_EIA0,
97 k_nas_int := ''O,
98 alg_enc := NAS_ALG_ENC_EEA0,
99 k_nas_enc := ''O,
100 rx_count := 0,
101 tx_count := 0
102};
103
104type enumerated NAS_Role {
105 NAS_ROLE_UE, /* ATS implements/emulates UE */
106 NAS_ROLE_MME /* ATS implements/emulates MME */
107};
108type enumerated NAS_ALG_INT {
109 NAS_ALG_IP_EIA0, /* no integrity protection */
110 NAS_ALG_IP_EIA1, /* SNOW-3G F9 based */
111 NAS_ALG_IP_EIA2, /* AES based */
112 NAS_ALG_IP_EIA3 /* ZUC */
113};
114type enumerated NAS_ALG_ENC {
115 NAS_ALG_ENC_EEA0, /* no encryption */
116 NAS_ALG_ENC_EEA1, /* SNOW-3G F8 based */
117 NAS_ALG_ENC_EEA2, /* AES based */
118 NAS_ALG_ENC_EEA3 /* ZUC */
119};
120
121/* port between individual per-connection components and this translator */
122type port S1AP_NAS_Conn_PT message {
123 inout S1AP_PDU, PDU_NAS_EPS;
124} with { extension "internal" };
125
126/* determine if a received (from the IUT) message is downlink or not */
127private function f_rx_is_downlink(in NAS_UE_State nus) return boolean
128{
129 if (nus.role == NAS_ROLE_UE) {
130 return true;
131 } else {
132 return false;
133 }
134}
135
136/* determine if a message transmitted to the IUT message is downlink or not */
137private function f_tx_is_downlink(in NAS_UE_State nus) return boolean
138{
139 return not f_rx_is_downlink(nus);
140}
141
142private function f_nas_check_ip(inout NAS_UE_State nus,
143 in PDU_NAS_EPS_SecurityProtectedNASMessage secp_nas) return boolean
144{
145 var octetstring data_with_seq := int2oct(secp_nas.sequenceNumber, 1) & secp_nas.nAS_Message;
146 var OCT4 exp_mac := f_nas_mac_calc(nus.alg_int, nus.k_nas_int, nus.rx_count, 0,
147 f_rx_is_downlink(nus), data_with_seq);
Pau Espin Pedrolacb5b8f2023-12-15 19:09:42 +0100[diff] [blame]148
149 if (nus.rx_count != secp_nas.sequenceNumber) {
150 setverdict(fail, "Received NAS SeqNr ", secp_nas.sequenceNumber,
151 " doesn't match expected SeqNr ", nus.rx_count, ": ", secp_nas, " | nus: ", nus);
152 return false;
153 }
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]154 if (exp_mac != secp_nas.messageAuthenticationCode) {
155 setverdict(fail, "Received NAS MAC ", secp_nas.messageAuthenticationCode,
Pau Espin Pedrol9ad19802023-12-14 18:11:31 +0100[diff] [blame]156 " doesn't match expected MAC ", exp_mac, ": ", secp_nas, " | nus: ", nus);
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]157 return false;
158 }
159 return true;
160}
161
162/* try to decapsulate (MAC verify, decrypt) NAS message */
163function f_nas_try_decaps(inout NAS_UE_State nus, PDU_NAS_EPS nas) return PDU_NAS_EPS
164{
165 var PDU_NAS_EPS_SecurityProtectedNASMessage secp_nas;
166
167 /* transparently pass through any non-protected NAS */
168 if (not match(nas, tr_NAS_EMM_SecurityProtected)) {
169 return nas;
170 }
171
172 /* process any security-protected NAS */
173 secp_nas := nas.ePS_messages.ePS_MobilityManagement.pDU_NAS_EPS_SecurityProtectedNASMessage;
174 select (secp_nas.securityHeaderType) {
175 case ('0011'B) { /* IP with new EPS security context */
176 nus.rx_count := 0;
177 nus.alg_int := NAS_ALG_IP_EIA1; /* FIXME: from decoded inner message! */
178 if (not f_nas_check_ip(nus, secp_nas)) {
Pau Espin Pedrol49762172023-12-14 18:03:27 +0100[diff] [blame]179 Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, "f_nas_check_ip() failed");
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]180 }
Pau Espin Pedrol41f4d902024-01-08 19:37:54 +0100[diff] [blame]181 nus.rx_count := nus.rx_count + 1;
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]182 return dec_PDU_NAS_EPS(secp_nas.nAS_Message);
183 }
184 case ('0001'B) { /* IP only */
185 if (not f_nas_check_ip(nus, secp_nas)) {
Pau Espin Pedrol49762172023-12-14 18:03:27 +0100[diff] [blame]186 Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, "f_nas_check_ip() failed");
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]187 }
Pau Espin Pedrol41f4d902024-01-08 19:37:54 +0100[diff] [blame]188 nus.rx_count := nus.rx_count + 1;
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]189 return dec_PDU_NAS_EPS(secp_nas.nAS_Message);
190 }
191 case ('0010'B) { /* IP + ciphered */
192 if (not f_nas_check_ip(nus, secp_nas)) {
Pau Espin Pedrol49762172023-12-14 18:03:27 +0100[diff] [blame]193 Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, "f_nas_check_ip() failed");
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]194 }
Pau Espin Pedrol41f4d902024-01-08 19:37:54 +0100[diff] [blame]195 nus.rx_count := nus.rx_count + 1;
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]196 f_nas_encrypt(nus.alg_enc, nus.k_nas_enc, nus.rx_count, 0,
197 f_rx_is_downlink(nus), secp_nas.nAS_Message);
198 return dec_PDU_NAS_EPS(secp_nas.nAS_Message);
199 }
200 case ('0100'B) { /* IP + ciphered; new EPS security context */
201 nus.rx_count := 0;
202 if (not f_nas_check_ip(nus, secp_nas)) {
Pau Espin Pedrol49762172023-12-14 18:03:27 +0100[diff] [blame]203 Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, "f_nas_check_ip() failed");
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]204 }
205 f_nas_encrypt(nus.alg_enc, nus.k_nas_enc, nus.rx_count, 0,
206 f_rx_is_downlink(nus), secp_nas.nAS_Message);
Pau Espin Pedrol41f4d902024-01-08 19:37:54 +0100[diff] [blame]207 nus.rx_count := nus.rx_count + 1;
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]208 return dec_PDU_NAS_EPS(secp_nas.nAS_Message);
209 }
210 //case ('0101'B) { /* IP + partially ciphered */ }
211 //case ('1100'B) { /* Service Request Message */ }
212 case else {
Pau Espin Pedrol49762172023-12-14 18:03:27 +0100[diff] [blame]213 Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, log2str("Implement SecHdrType for ", secp_nas));
214 mtc.stop; /* make compiler happy about not returning. */
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]215 }
216 }
217}
218
219private function f_nas_determine_sec_hdr_t(boolean encrypt, boolean authenticate, boolean new_ctx)
220return BIT4
221{
222 if (encrypt == false and authenticate == false and new_ctx == false) {
223 return '0000'B;
224 } else if (encrypt == false and authenticate == true and new_ctx == false) {
225 return '0001'B;
226 } else if (encrypt == false and authenticate == true and new_ctx == true) {
227 return '0011'B;
228 } else if (encrypt == true and authenticate == true and new_ctx == true) {
229 return '0100'B;
230 } else if (encrypt == true and authenticate == true and new_ctx == false) {
231 return '0010'B;
232 } else {
Pau Espin Pedrol49762172023-12-14 18:03:27 +0100[diff] [blame]233 Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, "Invalid sec_hdr conditions");
234 return '0000'B; /* never reached, make compiler happy */
Harald Weltec918e4e2019-07-12 18:53:55 +0800[diff] [blame]235 }
236}
237
238/* encapsulate a NAS message (encrypt, MAC) */
239function f_nas_encaps(inout NAS_UE_State nus, PDU_NAS_EPS nas_in, boolean new_ctx := false)
240return PDU_NAS_EPS
241{
242 var boolean encrypt := false;
243 var boolean authenticate := false;
244 if (nus.alg_int != NAS_ALG_IP_EIA0) {
245 authenticate := true;
246 }
247 if (nus.alg_enc != NAS_ALG_ENC_EEA0) {
248 encrypt := true;
249 }
250
251 if (encrypt == false and authenticate == false) {
252 return nas_in;
253 }
254
255 if (new_ctx) {
256 nus.tx_count := 0;
257 }
258
259 var BIT4 sec_hdr_t := f_nas_determine_sec_hdr_t(encrypt, authenticate, new_ctx);
260 var octetstring nas_enc := enc_PDU_NAS_EPS(nas_in);
261 if (encrypt) {
262 f_nas_encrypt(nus.alg_enc, nus.k_nas_enc, nus.tx_count, 0,
263 f_tx_is_downlink(nus), nas_enc);
264 }
265 var PDU_NAS_EPS nas_out;
266 nas_out := valueof(ts_NAS_EMM_SecurityProtected(sec_hdr_t, nus.tx_count, nas_enc));
267 if (authenticate) {
268 var OCT4 mac := f_nas_mac_calc(nus.alg_int, nus.k_nas_int, nus.tx_count, 0,
269 f_tx_is_downlink(nus), '00'O & nas_enc);
270 nas_out.ePS_messages.ePS_MobilityManagement.pDU_NAS_EPS_SecurityProtectedNASMessage.messageAuthenticationCode := mac;
271 }
272 return nas_out;
273}
274
275} // namespace