Eric Wild has uploaded this change for review. (
https://gerrit.osmocom.org/14224
Change subject: Extend BTS_Tests.ttcn with test for RSL MODE MODIFY with
encryption IE
......................................................................
Extend BTS_Tests.ttcn with test for RSL MODE MODIFY with encryption IE
This test will currently fail due to a MODE MODIFY NACK, even though the
channel mode is not modified.
Related: OS##3750
Change-Id: I4cbea499bb6a331d314e6573548a4540945208b5
---
M bts/BTS_Tests.ttcn
M library/RSL_Types.ttcn
2 files changed, 89 insertions(+), 1 deletion(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-ttcn3-hacks
refs/changes/24/14224/1
diff --git a/bts/BTS_Tests.ttcn b/bts/BTS_Tests.ttcn
index 968ed6c..429c784 100644
--- a/bts/BTS_Tests.ttcn
+++ b/bts/BTS_Tests.ttcn
@@ -4834,6 +4834,71 @@
f_testmatrix_each_chan(pars, refers(f_TC_chan_act_encr));
}
+/* Test channel activation with A5/n right from the beginning and RSL MODE
MODIFY
+ which should break the en/decryption on purpose by supplying a new key that
is unknown to the MS*/
+function f_TC_rsl_modify_encr(charstring id) runs on ConnHdlr {
+ f_l1_tune(L1CTL);
+ f_est_dchan(true);
+
+ /* now we actually need to transmit some data both ways to check if the
encryption works */
+ var L1ctlDlMessage dl;
+
+ var octetstring l3 := f_rnd_octstring(20);
+ var RslLinkId link_id := valueof(ts_RslLinkID_DCCH(0));
+
+ /* send UNITDATA_REQ from BTS to MS and expect it to arrive */
+ f_unitdata_mt(link_id, l3);
+
+ /* Send UI frame from MS and expect it to arrive as RLL UNITDATA IND on
Abis */
+ f_unitdata_mo(link_id, l3);
+
+ var RSL_Message rsl;
+ rsl := valueof(ts_RSL_MODE_MODIFY_REQ(g_chan_nr,
valueof(ts_RSL_ChanMode_SIGN(false))));
+
+ /* modify key to break proper encryption */
+ g_pars.encr.key := f_rnd_octstring(8);
+ var RSL_IE ei := valueof(t_RSL_IE(RSL_IE_ENCR_INFO,
RSL_IE_Body:{encr_info := g_pars.encr}));
+ rsl.ies := rsl.ies & { ei };
+ RSL.send(rsl);
+
+ timer T0 := 1.0;
+ T0.start;
+ /* Expect RSL MODIFY ACK */
+ alt {
+ [] RSL.receive(tr_RSL_MODE_MODIFY_ACK(g_chan_nr)) {}
+ [] RSL.receive(tr_RSL_MODE_MODIFY_NACK(g_chan_nr, ?)) {
+ Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail,"MODE MODIFY
NACK");
+ }
+ [] T0.timeout {
+ Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, "MODE MODIFY
NACK");
+ }
+ }
+
+ var octetstring l3msg := f_rnd_octstring(15);
+ timer T1 := 3.0;
+ /* Send UI frame from MS, do not expect it to arrive as RLL UNITDATA
IND on Abis
+ due to broken encryption */
+ f_tx_lapdm(ts_LAPDm_UI(link_id.sapi, cr_MO_CMD, l3msg), link_id);
+ T1.start;
+ alt {
+ [] RSL.receive(tr_RSL_UNITDATA_IND(g_chan_nr, link_id, l3msg)) {
+ setverdict(fail);
+ }
+ [] T1.timeout {
+ setverdict(pass);
+ }
+ }
+
+ /* release the channel */
+ f_rsl_chan_deact();
+ f_L1CTL_DM_REL_REQ(L1CTL, g_chan_nr);
+ f_rslem_unregister(0, g_chan_nr);
+}
+testcase TC_rsl_modify_encr() runs on test_CT {
+ var ConnHdlrPars pars := valueof(t_Pars(t_RslChanNr_Bm(1),
ts_RSL_ChanMode_SIGN));
+ pars.encr := valueof(ts_RSL_IE_EncrInfo(RSL_ALG_ID_A5_1,
f_rnd_octstring(8)));
+ f_testmatrix_each_chan(pars, refers(f_TC_rsl_modify_encr));
+}
/* Test unencrypted channel activation followed by explicit ENCR CMD later */
function f_TC_encr_cmd(charstring id) runs on ConnHdlr {
@@ -5201,6 +5266,7 @@
execute( TC_meas_res_sign_tchh_toa256() );
execute( TC_rsl_ms_pwr_ctrl() );
execute( TC_rsl_chan_initial_ta() );
+ execute( TC_rsl_modify_encr() );
execute( TC_conn_fail_crit() );
execute( TC_paging_imsi_80percent() );
execute( TC_paging_tmsi_80percent() );
diff --git a/library/RSL_Types.ttcn b/library/RSL_Types.ttcn
index 4d23c3f..ef3f45b 100644
--- a/library/RSL_Types.ttcn
+++ b/library/RSL_Types.ttcn
@@ -1353,7 +1353,29 @@
}
}
-
+ /* 8.4.9 BSC -> BTS */
+ template (value) RSL_Message ts_RSL_MODE_MODIFY_REQ(template (value)
RslChannelNr chan_nr,
+ template (value)
RSL_IE_ChannelMode mode) := {
+ msg_disc := ts_RSL_MsgDisc(RSL_MDISC_DCHAN, false),
+ msg_type := RSL_MT_MODE_MODIFY_REQ,
+ ies :={
+ t_RSL_IE(RSL_IE_CHAN_NR, RSL_IE_Body:{chan_nr :=
chan_nr}),
+ t_RSL_IE(RSL_IE_CHAN_MODE, RSL_IE_Body:{chan_mode :=
mode})
+ /* lots of optional IEs */
+ }
+ }
+ template RSL_Message tr_RSL_MODE_MODIFY_REQ(template RslChannelNr
chan_nr,
+ template RSL_IE_ChannelMode mode)
:= {
+ msg_disc := tr_RSL_MsgDisc(RSL_MDISC_DCHAN, false),
+ msg_type := RSL_MT_MODE_MODIFY_REQ,
+ ies :={
+ tr_RSL_IE(RSL_IE_Body:{chan_nr := chan_nr}),
+ tr_RSL_IE(RSL_IE_Body:{chan_mode := mode}),
+ /* lots of optional IEs */
+ *
+ }
+ }
+
/* 8.4.10 BTS -> BSC */
template (value) RSL_Message ts_RSL_MODE_MODIFY_ACK(template (value)
RslChannelNr chan_nr) := {
msg_disc := ts_RSL_MsgDisc(RSL_MDISC_DCHAN, false),
--
To view, visit https://gerrit.osmocom.org/14224
To unsubscribe, or for help writing mail filters, visit
https://gerrit.osmocom.org/settings
Gerrit-Project: osmo-ttcn3-hacks
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: I4cbea499bb6a331d314e6573548a4540945208b5
Gerrit-Change-Number: 14224
Gerrit-PatchSet: 1
Gerrit-Owner: Eric Wild <[email protected]>
