pespin has submitted this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/37892?usp=email ) Change subject: mme: expect authentication during 2g->4G TAU procedure ...................................................................... mme: expect authentication during 2g->4G TAU procedure If TAU happens without an existing security context, network for sure wants to authenticate the UE. This is the scenario being tested here. If there was a security context (eg. from a previous 4G Attach), then it's up to the network to decide (or be capable) to implicitly authenticate the UE. Change-Id: I5ebcaf23a643b6cb97534328737257d26d3981fe --- M library/NAS_Templates.ttcn M mme/MME_Tests.ttcn 2 files changed, 27 insertions(+), 9 deletions(-) Approvals: Jenkins Builder: Verified laforge: Looks good to me, but someone else must approve pespin: Looks good to me, approved diff --git a/library/NAS_Templates.ttcn b/library/NAS_Templates.ttcn index d45dc7d..a3e01f7 100644 --- a/library/NAS_Templates.ttcn +++ b/library/NAS_Templates.ttcn @@ -211,6 +211,18 @@ valueField := ptmsi_sig } +/* 9.9.3.34 UE network capability */ +template (value) UENetworkCapabilityLV +ts_UENetworkCapabilityLV(template (value) UENetworkCapabilityV ue_net_cap) := { + lengthIndicator := 0, /* overwritten */ + uENetworkCapabilityV := ue_net_cap +} +template (value) UENetworkCapabilityTLV +ts_UENetworkCapabilityTLV(template (value) UENetworkCapabilityV ue_net_cap) := { + elementIdentifier := '58'O, + uENetworkCapabilityLV := ts_UENetworkCapabilityLV(ue_net_cap) +} + /* 9.9.3.45 GUTI Type */ const BIT1 GUTI_TYPE_NATIVE := '0'B; const BIT1 GUTI_TYPE_MAPPED := '1'B; @@ -471,7 +483,8 @@ template (omit) P_TMSISignatureTV old_ptmsi_sig := omit, template (omit) GUTI_TypeTV old_guti_type := omit, template (omit) NonceTV nonce_ue := omit, - template (omit) CipheringKeySequenceNumberTV gprs_cksn := omit) := { + template (omit) CipheringKeySequenceNumberTV gprs_cksn := omit, + template (omit) UENetworkCapabilityTLV ue_net_cap := omit) := { protocolDiscriminator := c_EPS_NAS_PD_EMM, ePS_messages := { ePS_MobilityManagement := { @@ -486,7 +499,7 @@ old_P_TMSISignature := old_ptmsi_sig, additionalGUTI := omit, nonce := nonce_ue, - uENetworkCapability := omit, + uENetworkCapability := ue_net_cap, lastVisitedRegisteredTAI := omit, dRXParameter := omit, uE_RadioCapabilityInfoUpdateNeeded := omit, @@ -1286,8 +1299,4 @@ } } - - - - } diff --git a/mme/MME_Tests.ttcn b/mme/MME_Tests.ttcn index 4edeb99..ca36e24 100644 --- a/mme/MME_Tests.ttcn +++ b/mme/MME_Tests.ttcn @@ -980,7 +980,8 @@ private altstep as_gtp_sgsn_context_2g_to_4g(OCT4 new_sgsn_teid := 'ABABABAB'O, GTPv1C_Templates.GTP_RATType rat_type := GTP_RAT_TYPE_EUTRAN, RoutingAreaIdentity rai, OCT4 ptmsi, - OCT3 ptmsi_sig + OCT3 ptmsi_sig, + boolean exp_auth := false ) runs on ConnHdlr { var Gtp1cUnitdata gtpc_pdu; @@ -1009,6 +1010,12 @@ oct2int(gtpc_pdu.gtpc.opt_part.sequenceNumber), SGSNContextRespPDU)); + if (exp_auth) { + as_DIA_AuthInfo(); + as_s1ap_handle_auth(); + as_s1ap_handle_sec_mode(); + } + GTP[0].receive(tr_GTPC_SGSNContextAck(g_gn_iface_peer, new_sgsn_teid, tr_SGSNContextAckPDU(GTP_CAUSE_REQUEST_ACCEPTED))) -> value gtpc_pdu; setverdict(pass); @@ -1517,6 +1524,7 @@ timer T := 5.0; var bitstring ptmsi_bits := oct2bit(ptmsi); var OCT4 ptmsi_exp := bit2oct('11'B & substr(ptmsi_bits, 2, 30)); + var template (value) UENetworkCapabilityTLV ue_net_cap := ts_UENetworkCapabilityTLV(c_NAS_defaultUeNetCap); rai := valueof(ts_RoutingAreaIdentity(mp_gn_local_mcc, mp_gn_local_mnc, int2oct(mp_gn_local_lac, 2), int2oct(mp_gn_local_rac, 1))); @@ -1527,7 +1535,8 @@ ts_PTMSI_SignatureTV(ptmsi_sig), ts_GUTI_TypeTV(GUTI_TYPE_MAPPED), ts_NonceTV('12345678'O), - ts_CipheringKeySequenceNumberTV('000'B)); + ts_CipheringKeySequenceNumberTV('000'B), + ue_net_cap := ue_net_cap); tx := ts_S1AP_InitialUE(p_eNB_value := 0, p_nasPdu := enc_PDU_NAS_EPS(valueof(nas_tau)), p_tAI := ts_enb_S1AP_TAI(g_pars.enb_pars[g_pars.mme_idx]), p_eUTRAN_CGI := ts_enb_S1AP_CGI(g_pars.enb_pars[g_pars.mme_idx]), @@ -1541,7 +1550,7 @@ }; S1AP.send(cfg); - as_gtp_sgsn_context_2g_to_4g(new_sgsn_teid, GTP_RAT_TYPE_EUTRAN, rai, ptmsi_exp, ptmsi_sig); + as_gtp_sgsn_context_2g_to_4g(new_sgsn_teid, GTP_RAT_TYPE_EUTRAN, rai, ptmsi_exp, ptmsi_sig, exp_auth := true); /* We now expect the MME to send a Create Session Request to the SGW-C */ T.start; -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/37892?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email Gerrit-MessageType: merged Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: I5ebcaf23a643b6cb97534328737257d26d3981fe Gerrit-Change-Number: 37892 Gerrit-PatchSet: 5 Gerrit-Owner: pespin <pespin(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: daniel <dwillmann(a)sysmocom.de> Gerrit-Reviewer: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: lynxis lazus <lynxis(a)fe80.eu> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de>