Bug fixed in security function to compute XRES* (a9a206eb) · Commits · INT - Core Network and Interoperability Testing / 5G Core / NAS

etc/Ats_NG_NAS/AtsNGAP_AMF.cfg_

+3 −3

Original line number	Diff line number	Diff line
		@@ -24,7 +24,6 @@ Lib_NG_NAS_Pixits.PX_FORCE_USING_OPERATOR_SECRET_KEY := true
		Lib_NG_NAS_Pixits.PX_SUBSCRIPTION_KEY := '00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'B
		Lib_NG_NAS_Pixits.PX_PLMN := '00f110'O;


		NAS_5GC_Parameters.px_NAS_5GC_XRES_Length := 8 # In ETSI TS 135 206 V16.0.0 (2020-08) Table Table 5. f2 output, RES length is 8 octets (64 bits)

		[LOGGING]
		@@ -75,7 +74,7 @@ system.N2_gNBaMF_P.params := "NGAP/SCTP_FILE/IP_OFFLINE/ETH(mac_src=8c554ac1eee0
		# Verify that the IUT sends an AUTHENTICATION REQUEST message correctly upon receipt of a NAS Registration without an active security context
		#NG_NAS_TestCases.TC_5GNAS_AMF_AUT_REQ_01
		# Verify that the IUT sends an AUTHENTICATION REJECT message correctly upon receipt of an AUTHENTICATION RESPONSE message indicating a wrong ARP IEI
		#NG_NAS_TestCases.TC_5GNAS_AMF_AUT_REQ_02
		NG_NAS_TestCases.TC_5GNAS_AMF_AUT_REQ_02
		# Verify that the IUT sends an IDENTITY REQUEST message correctly upon receipt of an AUTHENTICATION FAILURE message indicating a 5GMM cause value #20 - MAC failure
		#NG_NAS_TestCases.TC_5GNAS_AMF_AUT_REQ_03
		# Verify that the IUT sends an IDENTITY REQUEST message correctly upon receipt of an AUTHENTICATION FAILURE message indicating a 5GMM cause value #20 - MAC failure
		@@ -87,7 +86,7 @@ system.N2_gNBaMF_P.params := "NGAP/SCTP_FILE/IP_OFFLINE/ETH(mac_src=8c554ac1eee0
		# Verify that the IUT sends a SECURITY MODE COMMAND message correctly to indicate NAS security mode procedure upon receipt of a NAS AUTHENTICATION RESPONSE
		#NG_NAS_TestCases.TC_NGNAS_AMF_AUT_SEQ_01
		# Verify that the IUT, upon receiving the NAS SECURITY MODE COMPLETE message after completing the NAS Authentication and Security procedure, successfully completes the registration process by accepting the registration
		NG_NAS_TestCases.TC_5GNAS_AMF_SEC_ACC_01
		#NG_NAS_TestCases.TC_5GNAS_AMF_SEC_ACC_01
		# Verify that the IUT, upon receiving the NAS SECURITY MODE REJECT Message after a failed NAS Authentication and security procedure, successfully aborts the registration process by rejecting the registration
		#NG_NAS_TestCases.TC_5GNAS_AMF_SEC_REJ_01
		#NG_NAS_TestCases.TC_5GNAS_AMF_DLN_ACC_01
		@@ -144,6 +143,7 @@ NG_NAS_TestCases.TC_5GNAS_AMF_SEC_ACC_01
		#NG_NAS_TestCases.TC_5G_AKA_CRYPTO_FUNCTIONS_TEST_17_01
		#NG_NAS_TestCases.TC_5G_AKA_CRYPTO_FUNCTIONS_TEST_17_02
		#NG_NAS_TestCases.TC_5G_AKA_CRYPTO_FUNCTIONS_TEST_17_03
		NG_NAS_TestCases.TC_5G_AKA_CRYPTO_FUNCTIONS_TEST_17_04
		#NG_NAS_TestCases.TC_5G_AKA_CRYPTO_FUNCTIONS_TEST_18_01
		#NG_NAS_TestCases.TC_5G_AKA_CRYPTO_FUNCTIONS_TEST_19_01
		#NG_NAS_TestCases.TC_5G_AKA_CRYPTO_FUNCTIONS_TEST_20_01

ttcn/Ats_NG_NAS/NG_NAS_TestCases.ttcn

+82 −1

Original line number	Diff line number	Diff line
		@@ -2126,7 +2126,7 @@ module NG_NAS_TestCases {
		var B48_Type v_sqn := v_sqn_ak xor4b v_ak; // SQN = SQN_AK ⊕ AK
		log("v_sqn =", bit2oct(v_sqn));
		var B64_Type v_mac_a_computed;
		v_result := f_f1(oct2bit(v_K), v_rand, /v_ak/v_sqn, v_amf, v_mac_a_computed);
		v_result := f_f1(oct2bit(v_K), v_rand, v_sqn, v_amf, v_mac_a_computed);
		if (v_result != 0) {
		log("* " & __SCOPE__ & ": ERROR: 'fx_f1' returned an error code: " & int2str(v_result) & ". *");
		setverdict(fail);
		@@ -2162,6 +2162,87 @@ module NG_NAS_TestCases {

		} // End of testcase TC_5G_AKA_CRYPTO_FUNCTIONS_TEST_17_03

		/**
		* @desc Verify that the RES* and XRES* derivation functions are working correctly with Kontron Wireshark captures
		* @see ETSI TS 133 501 V16.18.0 (2024-04) Annex A.4 RES* and XRES* derivation function
		* @see ETSI TS 133 501 V16.18.0 (2024-04) Figure 6.2.2-2: Key distribution and key derivation scheme for 5G for the UE
		* @see https://cryptii.com/pipes/hmac
		*/
		testcase TC_5G_AKA_CRYPTO_FUNCTIONS_TEST_17_04() runs on gNB_NGNAS_NGAPComponent system TestAdapter {

		// From Kontron Wireshark captures: UI=001014444333000
		var O16_Type v_K := '00000000000000000000000000000000'O; // The long-term key: Subscriber key
		var O16_Type v_opc := '00000000000000000000000000000000'O; // Operator Variant Algorithm Configuration Field
		var B128_Type v_rand := oct2bit('a218b7e415a50b63b4f5afd7db2c9529'O);
		var B48_Type v_sqn_ak := oct2bit('e4ca34194b42'O);
		var B16_Type v_amf := oct2bit('8000'O); // AMF: Authentication Management Field
		var B64_Type v_mac_a := oct2bit('f058119c1778db23'O);
		var NAS_PlmnId v_PLMN := '00f110'O; // PLMN ID: 001-01

		f_force_opc(v_opc);

		var B64_Type v_xres;
		var B128_Type v_ck;
		var B128_Type v_ik;
		var B48_Type v_ak;
		var integer v_result := f_f2345(oct2bit(v_K), v_rand, v_xres, v_ck, v_ik, v_ak);
		if (v_result != 0) {
		log("* " & __SCOPE__ & ": ERROR: 'f_f2345' returned an error code: " & int2str(v_result) & ". *");
		setverdict(fail);
		stop;
		}
		log("v_xres =", bit2oct(v_xres));
		log("v_ck =", bit2oct(v_ck));
		log("v_ik =", bit2oct(v_ik));
		log("v_ak =", bit2oct(v_ak));

		var B256_Type v_Ks := v_ck & v_ik; // ETSI TS 133 501 V16.18.0 (2024-04) Annex A.2 KAUSF derivation function: Ks = CK \|\| IK
		var Common_AuthenticationParams_Type v_auth_params := valueof(cs_CommonAuthParams_Init(v_rand));
		v_auth_params.AUTN := v_sqn_ak & v_amf & v_mac_a; // ETSI TS 135 205 V16.0.0 (2020-08) 7.2 Use of the algorithms on the AuC side
		v_auth_params.CK := v_ck;
		v_auth_params.IK := v_ik;
		v_auth_params.XRES := v_xres;
		v_auth_params.XRESLength := lengthof(v_xres);

		var B48_Type v_sqn := v_sqn_ak xor4b v_ak; // SQN = SQN_AK ⊕ AK
		log("v_sqn =", bit2oct(v_sqn));
		var B64_Type v_mac_a_computed;
		v_result := f_f1(oct2bit(v_K), v_rand, v_sqn, v_amf, v_mac_a_computed);
		if (v_result != 0) {
		log("* " & __SCOPE__ & ": ERROR: 'fx_f1' returned an error code: " & int2str(v_result) & ". *");
		setverdict(fail);
		stop;
		}
		if (not(match(v_mac_a_computed, v_mac_a))) {
		log("* " & __SCOPE__ & ": ERROR: 'v_mac_a_computed' did not return the expected value. *");
		setverdict(fail);
		stop;
		}

		var B64_Type v_RESstar := oct2bit('a7c39d021cc80709'O);
		var B64_Type v_XRESstar := oct2bit('60775ce133f05be3'O);
		var B128_Type v_res := f_NG_Authentication_A4(v_PLMN, v_auth_params, tsc_KDF_HMAC_SHA_256, v_Ks);
		var B64_Type v_RESstar_computed := substr(v_res, 0, 64);
		var B64_Type v_XRESstar_computed := substr(v_res, 64, 64);
		log("v_RESstar_computed =", bit2oct(v_RESstar_computed));
		log("v_XRESstar_computed =", bit2oct(v_XRESstar_computed));
		if (not(match(v_RESstar_computed, v_RESstar))) {
		log("* " & __SCOPE__ & ": ERROR: 'v_RESstar_computed' did not return the expected value. *");
		setverdict(fail);
		} else {
		log("* " & __SCOPE__ & ": 'v_RESstar_computed' returned the expected value *");
		}
		if (not(match(v_XRESstar_computed, v_XRESstar))) {
		log("* " & __SCOPE__ & ": ERROR: 'v_XRESstar_computed' did not return the expected value. *");
		setverdict(fail);
		} else {
		log("* " & __SCOPE__ & ": 'v_XRESstar_computed' returned the expected value *");
		}

		setverdict(pass)

		} // End of testcase TC_5G_AKA_CRYPTO_FUNCTIONS_TEST_17_04

		/**
		* @desc Verify that the HRES* and HXRES* derivation function is working correctly
		* @see ETSI TS 133 501 V16.18.0 (2024-04) Annex A.6 KSEAF derivation function

ttcn/LibNGAP/lib_system/LibNGAP_Functions.ttcn

+2 −2

Original line number	Diff line number	Diff line
		@@ -362,8 +362,8 @@ module LibNGAP_Functions {
		mw_NG_AUTHENTICATION_RESPONSE(
		{ iei := '2d'O, iel := '10'O, res := vc_ng_nas_security_params_type.AuthParams.XRES }
		)) == false) {
		log("* " & __SCOPE__ & ": FAIL: Unexpected NG_AUTHENTICATION_REQUEST *");
		setverdict(fail, "* " & __SCOPE__ & ": FAIL: Unexpected NG_AUTHENTICATION_REQUEST *");
		log("* " & __SCOPE__ & ": FAIL: Unexpected NG_AUTHENTICATION_RESPONSE *");
		setverdict(fail, "* " & __SCOPE__ & ": FAIL: Unexpected NG_AUTHENTICATION_RESPONSE *");
		}

		setverdict(pass);

ttcn/Lib_NG_NAS/lib/Lib_NG_NAS_Security_Functions.ttcn

+8 −4

Original line number	Diff line number	Diff line
		@@ -228,11 +228,15 @@ module Lib_NG_NAS_Security_Functions {
		var B128_Type v_ck;
		var B128_Type v_ik;
		var B48_Type v_ak;
		var B64_Type v_res;
		if (f_f2345(PX_SUBSCRIPTION_KEY, p_rand, v_res, v_ck, v_ik, v_ak) == -1) {
		var B64_Type v_xres;
		if (f_f2345(PX_SUBSCRIPTION_KEY, p_rand, v_xres, v_ck, v_ik, v_ak) == -1) {
		log("f_f2345 failed");
		return false;
		}
		log("f_5g_aka_compute_res_xres: v_xres=", bit2oct(v_xres));
		log("f_5g_aka_compute_res_xres: v_xres lenght=", lengthof(bit2oct(v_xres)));
		p_ng_nas_security_params_type.AuthParams.XRES := v_xres;
		p_ng_nas_security_params_type.AuthParams.XRESLength := lengthof(bit2oct(v_xres));
		p_ng_nas_security_params_type.AuthParams.CK := v_ck;
		log("f_5g_aka_compute_res_xres: CK=", bit2oct(p_ng_nas_security_params_type.AuthParams.CK));
		p_ng_nas_security_params_type.AuthParams.IK := v_ik;
		@@ -261,8 +265,8 @@ module Lib_NG_NAS_Security_Functions {
		p_ng_nas_security_params_type.Ks,
		p_NID);
		p_ng_nas_security_params_type.AuthParams.XRESLength := lengthof(bit2oct(p_ng_nas_security_params_type.AuthParams.XRES));
		log("f_5g_aka_compute_res_xres: XRES=", bit2oct(p_ng_nas_security_params_type.AuthParams.XRES));
		log("f_5g_aka_compute_res_xres: XRESLength=", p_ng_nas_security_params_type.AuthParams.XRESLength);
		log("f_5g_aka_compute_res_xres: XRESstar=", bit2oct(p_ng_nas_security_params_type.AuthParams.XRES));
		log("f_5g_aka_compute_res_xres: XRESstarLength=", p_ng_nas_security_params_type.AuthParams.XRESLength);

		// Generate KAUSF
		p_ng_nas_security_params_type.KAUSF := f_NG_Authentication_A2(p_ng_nas_security_params_type.AuthParams,