def decipher(self, key=16*'\0', dir=0):
# key: K_NAS_enc
# cnt: NAS uplink or downlink counter
# dir: direction (uplink / downlink)
# using self.EEA
#
# if no deciphering to apply
if self.SH() not in (2, 3) \
or self.EEA not in (None, EEA1, EEA2, EEA3):
return
if not hasattr(self, '_pay') \
or (not isinstance(self[-1], Str) and self[-1].CallName != '_enc'):
log(ERR, 'Layer3NAS - decipher: not ready for deciphering')
return
#
if self.EEA is None:
# null ciphering EEA0
dec = str(self[-1])
else:
dec = self.EEA(key, self.SN(), 0, dir, str(self[-1]))
#
# get the complete packet buffer
buf = str(self[:4]) + dec
# reinsert NAS payload IEs
self.remove(self[-1])
self.extend(self._pay)
# remap the complete deciphered buffer to the NAS layer
Layer3.map(self, buf)
self._map_eps_id()
def map(self, s=''):
if not s:
return
# check the security header
s0 = ord(s[0])
sh, pd = s0>>4, s0&0xF
# ESM, or EMM with no security header
if pd == 2 or sh in (0, 12):
self.__init__(with_security=False)
Layer3.map(self, s)
self._map_eps_id()
# EMM with security header
elif pd == 7 and sh in (1, 2, 3, 4):
self.ins_sec_hdr()
# if no ciphering applied
if sh in (1, 3):
#if sh in (1, 3) or self.EEA not in (EEA1, EEA2, EEA3):
# if no payload is already there, just add a ciphered-like one
if len(self.elementList) == 4:
self << Str('_enc')
# map directly the buffer onto the NAS payload
Layer3.map(self, s)
self._map_eps_id()
else:
# keep track of all IE of the original packet
self._pay = self[4:]
# replace them with a dummy string
for ie in self._pay:
self.remove(ie)
self << Str('_enc')
Layer3.map(self, s)
else:
log(ERR, '[ERR] invalid Security Header value %i' % sh)
def __init__(self, with_options=False, with_security=False, **kwargs):
Layer3.__init__(self, **kwargs)
self.RES.V.Repr = 'hex'
def __init__(self, with_security=False, **kwargs):
Layer3.__init__(self, **kwargs)
if with_security:
self.ins_sec_hdr()
def __init__(self, with_options=False, with_security=False, **kwargs):
Layer3.__init__(self, **kwargs)
self.RES.V.Repr = 'hex'