Reorganize ttcn/LibNGAP ttcn/Lib_NG_NAS; Start reviewing AtsNGAP adding NAS &... (d2c30870) · Commits · INT - Core Network and Interoperability Testing / 5G Core / NAS

NAS_ETSI.code-workspace

+0 −3

Original line number	Diff line number	Diff line
		@@ -3,9 +3,6 @@
		{
		"path": "."
		},
		{
		"path": "../ngap"
		},
		{
		"path": "../../frameworks/titan/titan.core"
		},

UE Registration.plantuml

0 → 100644

+256 −0

Original line number	Diff line number	Diff line
		@startuml
		title 5G UE Registration Procedure for Voice and Data Access (3GPP Release 16)

		skinparam backgroundColor #FEFEFE
		skinparam sequenceArrowThickness 2
		skinparam roundcorner 10
		skinparam maxmessagesize 200
		skinparam sequenceParticipant underline

		actor UE
		participant "gNB/ng-eNB (SUT) 242.39" as RAN
		participant "AMF (IUT) 242.37" as AMF
		participant AUSF
		participant UDM
		participant PCF
		participant SMF
		participant UPF
		participant DN

		== RRC Connection Establishment ==
		UE -> RAN: RRC Setup Request
		activate RAN
		RAN -> UE: RRC Setup
		deactivate RAN
		UE -> RAN: RRC Setup Complete

		== Initial Registration Request ==
		UE -> RAN: NAS: Registration Request\n(Registration Type: Initial,\n5G-GUTI/SUCI, Requested NSSAI,\nUE Security Capability)
		activate RAN
		RAN -> AMF: INITIAL UE MESSAGE\n(Registration Request, User Location Info,\nRRC Establishment Cause, 5G-S-TMSI)
		activate AMF
		deactivate RAN

		== UE Identity Retrieval (if SUCI provided) ==
		AMF -> UDM: Nudm_UECM_Registration (SUCI)
		activate UDM
		UDM -> AMF: SUPI, Subscription Data
		deactivate UDM

		== Authentication ==
		AMF -> AUSF: Nausf_UEAuthentication_Authenticate Request (SUPI)
		activate AUSF
		AUSF -> UDM: Nudm_Authentication_Get Request
		activate UDM
		UDM -> AUSF: Authentication Vector (5G AV)
		deactivate UDM
		AUSF -> AMF: 5G AV (RAND, AUTN, HXRES*)
		deactivate AUSF

		AMF -> RAN: DOWNLINK NAS TRANSPORT\n(Authentication Request: RAND, AUTN)
		activate RAN
		RAN -> UE: NAS: Authentication Request
		deactivate RAN

		UE -> UE: Compute RES*\nDerive KAUSF, KSEAF
		UE -> RAN: NAS: Authentication Response (RES*)
		activate RAN
		RAN -> AMF: UPLINK NAS TRANSPORT\n(Authentication Response: RES*)
		deactivate RAN

		AMF -> AMF: Verify RES* vs HXRES*\nDerive KAMF
		AMF -> AUSF: Nausf_UEAuthentication_Authenticate Response (RES*)
		activate AUSF
		AUSF -> AMF: Authentication Result (Success)
		deactivate AUSF

		== NAS Security Mode Command ==
		AMF -> AMF: Derive NAS Keys\n(KNASenc, KNASint)
		AMF -> RAN: DOWNLINK NAS TRANSPORT\n(Security Mode Command:\nNAS Security Algorithms,\nngKSI, Replayed UE Security Capabilities)
		activate RAN
		RAN -> UE: NAS: Security Mode Command
		deactivate RAN

		UE -> UE: Derive NAS Keys\nVerify Security Algorithms
		UE -> RAN: NAS: Security Mode Complete\n[NAS Protected with Integrity & Ciphering]
		activate RAN
		RAN -> AMF: UPLINK NAS TRANSPORT\n(Security Mode Complete)
		deactivate RAN

		note over UE, AMF: All subsequent NAS messages are integrity protected and ciphered

		== Subscription Data Retrieval ==
		AMF -> UDM: Nudm_SDM_Get (Access and Mobility Subscription Data)
		activate UDM
		UDM -> AMF: Subscription Data\n(Subscribed S-NSSAIs, DNN Configuration,\nSubscribed UE-AMBR, RFSP Index)
		deactivate UDM

		AMF -> UDM: Nudm_SDM_Subscribe (SDM Subscription)
		activate UDM
		UDM -> AMF: SDM Subscription Confirmation
		deactivate UDM

		== Policy Association ==
		AMF -> PCF: Npcf_AMPolicyControl_Create\n(SUPI, DNN, S-NSSAI)
		activate PCF
		PCF -> UDM: Nudm_SDM_Get (Policy Data)
		activate UDM
		UDM -> PCF: Policy Data
		deactivate UDM
		PCF -> AMF: AM Policy (Access and Mobility Policy,\nUE-AMBR, RFSP Index)
		deactivate PCF

		== Registration Accept ==
		AMF -> AMF: Allocate 5G-GUTI,\nSelect Allowed NSSAI,\nDetermine Registration Area

		AMF -> RAN: INITIAL CONTEXT SETUP REQUEST\n(5G-GUTI, Allowed NSSAI, UE Security Capability,\nSecurity Key, UE Aggregate Maximum Bit Rate,\nMobility Restrictions, Registration Accept)
		activate RAN

		RAN -> RAN: Generate gNB Security Keys\n(KgNBenc, KgNBint)\nfrom KAMF

		== AS Security Mode Command ==
		RAN -> UE: RRC: Security Mode Command\n(AS Security Algorithms)
		UE -> UE: Derive AS Keys\n(KgNBenc, KgNBint)
		UE -> RAN: RRC: Security Mode Complete

		note over UE, RAN: All subsequent RRC and UP messages are protected

		== Registration Accept Delivery ==
		RAN -> UE: NAS: Registration Accept\n(5G-GUTI, Registration Area,\nAllowed NSSAI, TAI List,\nMobility Restrictions, T3512)

		UE -> UE: Store 5G-GUTI,\nAllowed NSSAI,\nRegistration Area

		UE -> RAN: NAS: Registration Complete
		RAN -> AMF: UPLINK NAS TRANSPORT\n(Registration Complete)

		RAN -> AMF: INITIAL CONTEXT SETUP RESPONSE\n(PDU Session Resource Setup List)
		deactivate RAN
		deactivate AMF

		note over UE, AMF: UE is now registered for mobility management

		== PDU Session Establishment for Data ==
		UE -> RAN: NAS: UL NAS Transport\n(PDU Session Establishment Request:\nPDU Session ID, S-NSSAI, DNN="internet",\nPDU Session Type=IPv4v6)
		activate RAN
		RAN -> AMF: UPLINK NAS TRANSPORT\n(PDU Session Establishment Request)
		activate AMF
		deactivate RAN

		== SMF Selection and Session Creation ==
		AMF -> SMF: Nsmf_PDUSession_CreateSMContext\n(SUPI, DNN, S-NSSAI, PDU Session ID)
		activate SMF

		SMF -> UDM: Nudm_SDM_Get (Session Management Subscription Data)
		activate UDM
		UDM -> SMF: SM Subscription Data\n(Subscribed DNN Configuration,\nSession-AMBR, 5QI, ARP)
		deactivate UDM

		SMF -> PCF: Npcf_SMPolicyControl_Create\n(SUPI, DNN, S-NSSAI, IP Address)
		activate PCF
		PCF -> SMF: SM Policy\n(PCC Rules, QoS, Charging Rules)
		deactivate PCF

		SMF -> SMF: Select UPF,\nAllocate IP Address,\nCreate QoS Rules

		== N2 PDU Session Resource Setup ==
		SMF -> AMF: Namf_Communication_N1N2MessageTransfer\n(N2 SM Information: QoS Flows, UL/DL Tunnels)
		AMF -> RAN: PDU SESSION RESOURCE SETUP REQUEST\n(PDU Session ID, S-NSSAI, QoS Flows,\nUL NG-U TNL Info, NAS: PDU Session Establishment Accept)
		activate RAN

		RAN -> RAN: Establish DRBs,\nMap QoS Flows to DRBs

		== PDU Session Accept Delivery ==
		RAN -> UE: RRC: RRC Reconfiguration\n(DRB Configuration, QoS Flow Mapping)
		RAN -> UE: NAS: DL NAS Transport\n(PDU Session Establishment Accept:\nPDU Session ID, PDU Session Type,\nSSC Mode, QoS Rules, QoS Flow Descriptions,\nAllocated IPv4/IPv6 Address)

		UE -> UE: Configure DRBs,\nConfigure IP Address,\nStore QoS Rules

		UE -> RAN: RRC: RRC Reconfiguration Complete
		UE -> RAN: NAS: UL NAS Transport\n(PDU Session Establishment Accept Ack)

		== N3 Tunnel Setup ==
		RAN -> AMF: PDU SESSION RESOURCE SETUP RESPONSE\n(DL NG-U TNL Info, QoS Flows Setup List)
		deactivate RAN

		AMF -> SMF: Nsmf_PDUSession_UpdateSMContext\n(N2 SM Information: DL Tunnel Info)

		SMF -> UPF: N4 Session Establishment Request\n(PDR, FAR, QER, URR for UL/DL)
		activate UPF
		UPF -> SMF: N4 Session Establishment Response
		deactivate UPF

		SMF -> AMF: Nsmf_PDUSession_UpdateSMContext Response
		deactivate SMF
		deactivate AMF

		note over UE, UPF: User Plane is established for data services

		== PDU Session Establishment for IMS (Voice) ==
		UE -> RAN: NAS: UL NAS Transport\n(PDU Session Establishment Request:\nPDU Session ID, S-NSSAI, DNN="ims",\nPDU Session Type=IPv4v6, Request Type=Initial)
		activate RAN
		RAN -> AMF: UPLINK NAS TRANSPORT\n(PDU Session Establishment Request)
		activate AMF
		deactivate RAN

		AMF -> SMF: Nsmf_PDUSession_CreateSMContext\n(SUPI, DNN="ims", S-NSSAI, PDU Session ID)
		activate SMF

		SMF -> UDM: Nudm_SDM_Get (IMS Session Management Data)
		activate UDM
		UDM -> SMF: IMS SM Subscription Data
		deactivate UDM

		SMF -> PCF: Npcf_SMPolicyControl_Create\n(SUPI, DNN="ims", S-NSSAI)
		activate PCF
		PCF -> SMF: IMS SM Policy\n(QoS for IMS Signaling and Media)
		deactivate PCF

		SMF -> SMF: Select UPF for IMS,\nAllocate IP Address for IMS,\nCreate QoS Rules for VoNR

		SMF -> AMF: Namf_Communication_N1N2MessageTransfer\n(N2 SM Information for IMS Session)
		AMF -> RAN: PDU SESSION RESOURCE SETUP REQUEST\n(PDU Session ID, QoS Flows for IMS,\nUL NG-U TNL Info, PDU Session Establishment Accept)
		activate RAN

		RAN -> UE: NAS: DL NAS Transport\n(PDU Session Establishment Accept for IMS:\nAllocated IP Address, QoS Rules for Voice)

		UE -> UE: Configure IMS PDU Session,\nStore P-CSCF Address

		UE -> RAN: NAS: UL NAS Transport\n(PDU Session Establishment Accept Ack)

		RAN -> AMF: PDU SESSION RESOURCE SETUP RESPONSE\n(DL NG-U TNL Info for IMS)
		deactivate RAN

		AMF -> SMF: Nsmf_PDUSession_UpdateSMContext\n(N2 SM Information for IMS)
		SMF -> UPF: N4 Session Establishment Request (IMS PDR/FAR/QER)
		activate UPF
		UPF -> SMF: N4 Session Establishment Response
		deactivate UPF

		SMF -> AMF: Nsmf_PDUSession_UpdateSMContext Response
		deactivate SMF
		deactivate AMF

		note over UE, UPF: IMS PDU Session established for Voice over NR (VoNR)

		== IMS Registration (for Voice Services) ==
		UE -> UPF: SIP REGISTER (via IMS PDU Session)
		activate UPF
		UPF -> DN: Forward to IMS (P-CSCF)
		activate DN
		DN -> DN: IMS Authentication\nand Registration
		DN -> UPF: SIP 200 OK (Registration Successful)
		deactivate DN
		UPF -> UE: SIP 200 OK
		deactivate UPF

		note over UE, DN: UE is now registered for IMS Voice Services\nand Data Services are active

		== Data Flow ==
		UE <-> UPF: User Plane Data Traffic\n(N3 Tunnel via gNB)
		activate UPF
		UPF <-> DN: N6 Interface (Internet)
		activate DN
		deactivate DN
		deactivate UPF

		@enduml

ccsrc/Externals/LIB_NG_NAS_Functions_ext.cc→ccsrc/Externals/Lib_NG_NAS_Functions_ext.cc

+4 −3

Original line number	Diff line number	Diff line
		#include "LIB_NG_NAS_Functions.hh"
		#include "Lib_NG_NAS_Functions.hh"

		#include "loggers.hh"

		#include "rijndael.hh"
		#include "opc.hh"

		namespace LIB__NG__NAS__Functions {
		namespace Lib__NG__NAS__Security__Functions {

		static uint8_t OP[16] = {0}; // FIXME FSCOM To be refined. This is a Q&D implementation
		static uint8_t OPc[16] = {0}; // FIXME FSCOM To be refined. This is a Q&D implementation
		@@ -352,4 +352,5 @@ namespace LIB__NG__NAS__Functions {
		return 0;
		}

		} // End of namespace LIB__NG__NAS__Functions
		} // End of namespace namespace Lib__NG__NAS__Security__Functions {

ccsrc/Externals/module.mk

+3 −4

Original line number	Diff line number	Diff line
		sources := \
		common_ext.cc \
		NG_security_ext.cc \
		LIB_NG_NAS_Functions_ext.cc

		Lib_NG_NAS_Functions_ext.cc

		includes := .

etc/Ats_NG_NAS/AtsNGAP_AMF.cfg_

+2 −2

Original line number	Diff line number	Diff line
		@@ -73,7 +73,7 @@ system.N2_gNBaMF_P.params := "NGAP/SCTP_FILE/IP_OFFLINE/ETH(mac_src=8c554ac1eee0
		#AtsImsIot_TestControl.control

		# Verify that the IUT sends an AUTHENTICATION REQUEST message correctly upon receipt of a NAS Registration without an active security context
		#NG_NAS_TestCases.TC_5GNAS_AMF_AUT_REQ_01
		NG_NAS_TestCases.TC_5GNAS_AMF_AUT_REQ_01
		# Verify that the IUT sends an AUTHENTICATION REJECT message correctly upon receipt of an AUTHENTICATION RESPONSE message indicating a wrong ARP IEI
		#NG_NAS_TestCases.TC_5GNAS_AMF_AUT_REQ_02
		# Verify that the IUT sends an IDENTITY REQUEST message correctly upon receipt of an AUTHENTICATION FAILURE message indicating a 5GMM cause value #20 - MAC failure
		@@ -87,7 +87,7 @@ system.N2_gNBaMF_P.params := "NGAP/SCTP_FILE/IP_OFFLINE/ETH(mac_src=8c554ac1eee0
		# Verify that the IUT sends a SECURITY MODE COMMAND message correctly to indicate NAS security mode procedure upon receipt of a NAS AUTHENTICATION RESPONSE
		#NG_NAS_TestCases.TC_NGNAS_AMF_AUT_SEQ_01
		# Verify that the IUT, upon receiving the NAS SECURITY MODE COMPLETE message after completing the NAS Authentication and Security procedure, successfully completes the registration process by accepting the registration
		NG_NAS_TestCases.TC_5GNAS_AMF_SEC_ACC_01
		#NG_NAS_TestCases.TC_5GNAS_AMF_SEC_ACC_01
		# Verify that the IUT, upon receiving the NAS SECURITY MODE REJECT Message after a failed NAS Authentication and security procedure, successfully aborts the registration process by rejecting the registration
		#NG_NAS_TestCases.TC_5GNAS_AMF_SEC_REJ_01
		#NG_NAS_TestCases.TC_5GNAS_AMF_DLN_ACC_01