Change in osmo-ttcn3-hacks[master]: bsc: split f_verify_encr_info() from f_cipher_mode()

neels gerrit-no-reply at lists.osmocom.org
Mon Jun 21 00:44:45 UTC 2021


neels has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/24727 )


Change subject: bsc: split f_verify_encr_info() from f_cipher_mode()
......................................................................

bsc: split f_verify_encr_info() from f_cipher_mode()

The verification of correct encryption information so far is part of
f_cipher_mode(); put it in a separate new function f_verify_encr_info()
so that it can be re-used for handover channel activation.

Related: SYS#5324
Change-Id: I11602d23670f436a22b891fc744fe07e470f2b79
---
M bsc/MSC_ConnectionHandler.ttcn
1 file changed, 57 insertions(+), 30 deletions(-)



  git pull ssh://gerrit.osmocom.org:29418/osmo-ttcn3-hacks refs/changes/27/24727/1

diff --git a/bsc/MSC_ConnectionHandler.ttcn b/bsc/MSC_ConnectionHandler.ttcn
index 9b6f8b1..0e79420 100644
--- a/bsc/MSC_ConnectionHandler.ttcn
+++ b/bsc/MSC_ConnectionHandler.ttcn
@@ -713,12 +713,63 @@
 	}
 }
 
+function f_verify_encr_info(RSL_Message rsl) runs on MSC_ConnHdlr {
+	var RSL_IE_Body encr_info;
+	var RSL_AlgId alg_rsl;
+	var template octetstring expect_kc;
+
+	/* If no encryption is enabled, then make sure there is no RSL_IE_ENCR_INFO */
+	if (not ispresent(g_pars.encr)) {
+		if (f_rsl_find_ie(rsl, RSL_IE_ENCR_INFO, encr_info)) {
+			Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, "Found Encryption IE, but expected no encryption");
+		}
+		setverdict(pass);
+		return;
+	}
+
+	/* RSL uses a different representation of the encryption algorithm,
+	 * so we need to convert first */
+	alg_rsl := f_chipher_mode_bssmap_to_rsl(g_pars.encr.enc_alg);
+
+	if (alg_rsl == RSL_ALG_ID_A5_4 and ispresent(g_pars.encr.enc_kc128)) {
+		expect_kc := g_pars.encr.enc_kc128;
+	} else if (alg_rsl == RSL_ALG_ID_A5_0) {
+		/* When A5/0 is chosen, no encryption is active, so technically, no key is needed. However, 3GPP TS
+		 * 48.058 9.3.7 Encryption Information stays quite silent about presence or absence of a key for A5/0.
+		 * The only thing specified is how to indicate the length of the key; the possibility that the key may
+		 * be zero length is not explicitly mentioned. So it seems that we should always send the key along,
+		 * even for A5/0. Still, let's also allow a zero length key for A5/0. */
+		expect_kc := (g_pars.encr.enc_key, ''O);
+	} else {
+		expect_kc := g_pars.encr.enc_key;
+	}
+	log("for encryption algo ", alg_rsl, " expect kc = ", expect_kc);
+
+	if (not f_rsl_find_ie(rsl, RSL_IE_ENCR_INFO, encr_info)) {
+		if (alg_rsl == RSL_ALG_ID_A5_0) {
+			/* For A5/0, encryption is not active. It is fine to omit the Encryption Information in this
+			 * case. Note that the first channel may see an RSL Encryption Command with A5/0 indicated, and
+			 * a subsequent handover may activate a new channel without any Encryption Information. */
+			setverdict(pass);
+			return;
+		}
+		Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail,
+					"Missing Encryption Information IE");
+		return;
+	}
+
+	if (not match(encr_info, tr_EncrInfo(alg_rsl, expect_kc))) {
+		Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail,
+					"Unexpected Kc in Encryption Information IE");
+		return;
+	}
+	setverdict(pass);
+}
+
 function f_cipher_mode(TestHdlrEncrParams enc, boolean exp_fail := false)
 runs on MSC_ConnHdlr {
 	var PDU_BSSAP bssap;
 	var RSL_Message rsl;
-	var RSL_AlgId alg_rsl;
-	var template octetstring expect_kc;
 
 	if (isvalue(enc.enc_kc128)) {
 		BSSAP.send(ts_BSSMAP_CipherModeCmdKc128(enc.enc_alg, enc.enc_key, valueof(enc.enc_kc128)));
@@ -726,39 +777,14 @@
 		BSSAP.send(ts_BSSMAP_CipherModeCmd(enc.enc_alg, enc.enc_key));
 	}
 
-	/* RSL uses a different representation of the encryption algorithm,
-	 * so we need to convert first */
-	alg_rsl := f_chipher_mode_bssmap_to_rsl(enc.enc_alg);
-
-	if (alg_rsl == RSL_ALG_ID_A5_4 and ispresent(enc.enc_kc128)) {
-		expect_kc := enc.enc_kc128;
-	} else if (alg_rsl == RSL_ALG_ID_A5_0) {
-		/* When A5/0 is chosen, no encryption is active, so technically, no key is needed. However, 3GPP TS
-		 * 48.058 9.3.7 Encryption Information stays quite silent about presence or absence of a key for A5/0.
-		 * The only thing specified is how to indicate the length of the key; the possibility that the key may
-		 * be zero length is not explicitly mentioned. So it seems that we should always send the key along,
-		 * even for A5/0. Still, let's also allow a zero length key for A5/0. */
-		expect_kc := (enc.enc_key, ''O);
-	} else {
-		expect_kc := enc.enc_key;
-	}
-	log("for encryption algo ", alg_rsl, " expect kc = ", expect_kc);
-
 	alt {
 	/* RSL/UE Side */
-	[] RSL.receive(tr_RSL_ENCR_CMD(g_chan_nr, ?, alg_rsl, ?)) -> value rsl {
+	[] RSL.receive(tr_RSL_ENCR_CMD(g_chan_nr)) -> value rsl {
 		var PDU_ML3_NW_MS l3 := dec_PDU_ML3_NW_MS(rsl.ies[3].body.l3_info.payload);
 		log("Rx L3 from net: ", l3);
 
-		var RSL_IE_Body encr_info;
-		if (not f_rsl_find_ie(rsl, RSL_IE_ENCR_INFO, encr_info)) {
-			Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, "Missing Encryption IE in RSL ENCR CMD");
-		} else {
-			if (not match(encr_info, tr_EncrInfo(alg_rsl, expect_kc))) {
-				Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail,
-							"Unexpected Kc in Encryption IE in RSL ENCR CMD");
-			}
-		}
+		f_verify_encr_info(rsl);
+
 		if (ischosen(l3.msgs.rrm.cipheringModeCommand)) {
 			f_rsl_reply(ts_RRM_CiphModeCompl, rsl);
 		}
@@ -769,6 +795,7 @@
 			Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, "Unexpected Cipher Mode Complete");
 		} else {
 			setverdict(pass);
+			var RSL_AlgId alg_rsl := f_chipher_mode_bssmap_to_rsl(g_pars.encr.enc_alg);
 			if (oct2int(bssap.pdu.bssmap.cipherModeComplete.chosenEncryptionAlgorithm.algorithmIdentifier) != enum2int(alg_rsl)) {
 				setverdict(fail, "Unexpected Encryption Algorithm ID in BSSMAP Cipher Mode Complete");
 			}

-- 
To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/24727
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings

Gerrit-Project: osmo-ttcn3-hacks
Gerrit-Branch: master
Gerrit-Change-Id: I11602d23670f436a22b891fc744fe07e470f2b79
Gerrit-Change-Number: 24727
Gerrit-PatchSet: 1
Gerrit-Owner: neels <nhofmeyr at sysmocom.de>
Gerrit-MessageType: newchange
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20210621/6b17cf3d/attachment.htm>


More information about the gerrit-log mailing list