From Jacob Nordgren and Rishie Sharma:

- FP: added header CRC validation, added crc11.c and crc11.h in wsutil/ for EDCH 11 bit CRC, fixed bug in RRC,
And also smaller bugfixes in umts_fp and rrc.

svn path=/trunk/; revision=44349

4 files changed, 250 insertions, 53 deletions

diff --git a/asn1/nbap/nbap.cnf b/asn1/nbap/nbap.cnf
index e99c4959ed..6f85f6b448 100644
--- a/asn1/nbap/nbap.cnf
+++ b/asn1/nbap/nbap.cnf
@@ -722,7 +722,7 @@ transportFormatSet_type = NBAP_CPCH;
 				umts_fp_conversation_info->rlc_mode          = FP_RLC_MODE_UNKNOWN;
 				
 				/*Save unique UE-identifier */
-				umts_fp_conversation_info->com_context_id = crcn_context_present ? 1337 : 1;
+				umts_fp_conversation_info->com_context_id = crcn_context_present ?  com_context_id : 1;
 
 				/* DCH's in this flow */
 				umts_fp_conversation_info->dch_crc_present = g_nbap_msg_info_for_fp.dch_crc_present;
@@ -1672,6 +1672,7 @@ umts_fp_conversation_info_t *umts_fp_conversation_info = NULL;
 address 	null_addr;
 conversation_t   *conversation = NULL;
 int i;
+
 %(DEFAULT_BODY)s
 
 	/*Find the conversations assoicated with the HS-DSCH flows in this packet and set proper H-RNTI*/
diff --git a/asn1/rrc/packet-rrc-template.c b/asn1/rrc/packet-rrc-template.c
index b38cf115d3..a6d406e9fc 100644
--- a/asn1/rrc/packet-rrc-template.c
+++ b/asn1/rrc/packet-rrc-template.c
@@ -27,6 +27,12 @@
  * Ref: 3GPP TS 25.331 V10.7.0 (2012-03)
  */
 
+/**
+ * 
+ * TODO:
+ * - Fix ciphering information for circuit switched stuff
+ */
+ 
 #ifdef HAVE_CONFIG_H
 # include "config.h"
 #endif
@@ -57,7 +63,8 @@
 extern int proto_fp;	/*Handler to FP*/
 
 GTree * hsdsch_muxed_flows;
-
+GTree * rrc_ciph_inf;
+static int msg_type _U_;
 
 static dissector_handle_t gsm_a_dtap_handle;
 static dissector_handle_t rrc_ue_radio_access_cap_info_handle=NULL;
@@ -129,11 +136,49 @@ static const true_false_string rrc_eutra_feat_group_ind_4_val = {
 static int flowd,type;
 
 static tvbuff_t * hrnti;
+static tvbuff_t * start_val;
+static int cipher_start_val[2] _U_;
+
 /*Stores how many channels we have detected for a HS-DSCH MAC-flow*/
-#define	MAX_NUM_HSDHSCH_MACDFLOW 8
-static guint8 num_chans_per_flow[MAX_NUM_HSDHSCH_MACDFLOW];
+#define	RRC_MAX_NUM_HSDHSCH_MACDFLOW 8
+static guint8 num_chans_per_flow[RRC_MAX_NUM_HSDHSCH_MACDFLOW];
+static int rbid;
+static int activation_frame;
 
 
+/**
+ * Return the maximum conunter, useful for initiating counters 
+ */
+ #if 0
+static int get_max_counter(int com_context){
+	int i;
+	guint32 max = 0;
+	rrc_ciphering_info * c_inf;
+	
+	if( (c_inf = g_tree_lookup(rrc_ciph_inf, GINT_TO_POINTER((gint)com_context))) == NULL ){
+		return 0;
+	}
+	for(i = 0; i<31; i++){
+			max = MAX(c_inf->ps_conf_counters[i][0], max);
+			max = MAX(c_inf->ps_conf_counters[i][1], max);
+		}
+	return max;
+	}
+#endif 
+/** Utility functions used for various comparions/cleanups in tree **/
+gint rrc_key_cmp(gconstpointer b_ptr, gconstpointer a_ptr, gpointer ignore _U_){
+	if( GPOINTER_TO_INT(a_ptr) > GPOINTER_TO_INT(b_ptr) ){
+		return  -1;
+	}
+	return GPOINTER_TO_INT(a_ptr) < GPOINTER_TO_INT(b_ptr);
+}
+void rrc_free_key(gpointer key _U_){
+			/*Key's should be de allocated elsewhere.*/
+
+	}
+void rrc_free_value(gpointer value ){
+			g_free(value);
+	}
 #include "packet-rrc-fn.c"
 
 #include "packet-rrc.h"
@@ -184,30 +229,30 @@ dissect_rrc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
 		}
 	}
 }
-gint rrc_key_cmp(gconstpointer a_ptr, gconstpointer b_ptr, gpointer ignore _U_){
-	if( GPOINTER_TO_INT(a_ptr) > GPOINTER_TO_INT(b_ptr) ){
-		return  -1;
-	}
-	return GPOINTER_TO_INT(a_ptr) < GPOINTER_TO_INT(b_ptr);
-}
-void rrc_free_key(gpointer key _U_){
-			/*Key's should be de allocated elsewhere.*/
 
-	}
-void rrc_free_value(gpointer value ){
-			g_free(value);
-	}
+
+
 void rrc_init(void){
 	
 	/*Cleanup*/
 	if(hsdsch_muxed_flows){
 		g_tree_destroy(hsdsch_muxed_flows);
 	}
-	/*Initialize*/
+	if(rrc_ciph_inf){
+		g_tree_destroy(rrc_ciph_inf);
+	}
+	/*Initialize structure for muxed flow indication*/
 	hsdsch_muxed_flows = g_tree_new_full(rrc_key_cmp,
                        NULL,      /* data pointer, optional */
                        rrc_free_key,
                        rrc_free_value);
+                       
+     	/*Initialize structure for muxed flow indication*/
+	rrc_ciph_inf = g_tree_new_full(rrc_key_cmp,
+                       NULL,      /* data pointer, optional */
+                       NULL,
+                       rrc_free_value);
+     
 }
 /*--- proto_register_rrc -------------------------------------------*/
 void proto_register_rrc(void) {
diff --git a/asn1/rrc/packet-rrc-template.h b/asn1/rrc/packet-rrc-template.h
index 25ac34f8a2..0b4ce10059 100644
--- a/asn1/rrc/packet-rrc-template.h
+++ b/asn1/rrc/packet-rrc-template.h
@@ -46,6 +46,20 @@ typedef struct rrc_info
 	enum rrc_message_type msgtype[MAX_RRC_FRAMES];
 } rrc_info;
 
+/*Struct for storing ciphering information*/
+typedef struct rrc_ciph_info_
+{
+	int seq_no[31][2];	/*Indicates for each Rbid when ciphering starts*/
+	GTree * /*guint32*/ start_cs;	/*Start value for CS counter*/
+	GTree * /*guint32*/ start_ps;	/*Start value for PS counter*/
+	guint32 conf_algo_indicator;	/*Indicates which type of ciphering algorithm used*/
+	guint32 int_algo_indiccator;	/*Indicates which type of integrity algorithm used*/
+	unsigned int setup_frame;	/*Store which frame contained this information*/	
+	guint32 ps_conf_counters[31][2];	/*This should also be made for CS*/
+	
+} rrc_ciphering_info;
 
 extern GTree * hsdsch_muxed_flows;
+extern GTree * rrc_ciph_inf;
+
 #endif  /* PACKET_RRC_H */
diff --git a/asn1/rrc/rrc.cnf b/asn1/rrc/rrc.cnf
index 579bef2890..4312ce492a 100644
--- a/asn1/rrc/rrc.cnf
+++ b/asn1/rrc/rrc.cnf
@@ -1,6 +1,6 @@
 # rrc.cnf
 # rrc conformation file
-# Copyright 2006 Anders Broman 
+# Copyright 2006 Anders Broman
 # $Id$
 
 #.OPT
@@ -391,9 +391,19 @@ HandoverFromUTRANCommand-GSM-r6-IEs/gsm-message/single-GSM-Message single-GSM-Me
 %(DEFAULT_BODY)s
 
 #.FN_BODY SecurityModeComplete
+rrc_ciphering_info * c_inf ;
+fp_info       *fpinf ;
+
   col_append_str(actx->pinfo->cinfo, COL_INFO, "SecurityModeComplete");
+
 %(DEFAULT_BODY)s
 
+	fpinf = p_get_proto_data(actx->pinfo->fd, proto_fp);
+	if( (c_inf = g_tree_lookup(rrc_ciph_inf, GINT_TO_POINTER((gint)fpinf->com_context_id))) != NULL ){
+		c_inf->setup_frame = actx->pinfo->fd->num;
+	}
+
+
 #.FN_BODY SecurityModeFailure
   col_append_str(actx->pinfo->cinfo, COL_INFO, "SecurityModeFailure");
 %(DEFAULT_BODY)s
@@ -500,7 +510,7 @@ HandoverFromUTRANCommand-GSM-r6-IEs/gsm-message/single-GSM-Message single-GSM-Me
 
 #.FN_BODY GSM-MessageList/_item VAL_PTR = &gsm_messagelist_tvb
   tvbuff_t *gsm_messagelist_tvb=NULL;
-  
+
 %(DEFAULT_BODY)s
 
   if (gsm_messagelist_tvb)
@@ -514,7 +524,7 @@ HandoverFromUTRANCommand-GSM-r6-IEs/gsm-message/single-GSM-Message single-GSM-Me
 
   bits_remaining = 8*tvb_length(tvb) - offset;
   whole_octets_remaining = bits_remaining / 8;
-  
+
   gsm_message_tvb = tvb_new_octet_aligned(tvb, offset, 8*whole_octets_remaining);
 
   if (gsm_message_tvb) {
@@ -529,7 +539,7 @@ HandoverFromUTRANCommand-GSM-r6-IEs/gsm-message/single-GSM-Message single-GSM-Me
 
   bits_remaining = 8*tvb_length(tvb) - offset;
   whole_octets_remaining = bits_remaining / 8;
-  
+
   gsm_message_tvb = tvb_new_octet_aligned(tvb, offset, 8*whole_octets_remaining);
 
   if (gsm_message_tvb) {
@@ -657,69 +667,196 @@ HNBName TYPE=FT_STRING DISPLAY=BASE_NONE
   rrc_nas_sys_info_gsm_map_type = RRC_NAS_SYS_INFO_CN_COMMON;
 
 /*Here we try to figure out which HS-DSCH channels are multiplexed*/
-/*TODO: Should this also be made under r7?*/
 #.FN_BODY DL-TransportChannelType-r5 VAL_PTR = &type
 
     gint *flowd_p;
     gint *cur_val=NULL;
     guint16 hr=0;
-	
+
 	%(DEFAULT_BODY)s
-	
+
 	/*TODO: This should probably be done better*/
 	if(type == 4){	/*If this is type HS-DSCH*/
 		num_chans_per_flow[flowd]++;
-		
 
+		/*TODO: This configuration should proably be unique for each UE*/
 		if(num_chans_per_flow[flowd] > 1 ){
-			
+
 			if(hrnti == NULL){
 				expert_add_info_format(actx->pinfo, NULL, PI_MALFORMED, PI_WARN, "Did not detect any H-RNTI ");
-			}	
+			}
 			else{
 				/*Read the H-RNTI value*/
-				hr = tvb_get_bits16(hrnti,0,16,FALSE);
+				hr = tvb_get_bits16(hrnti,0,16,TRUE);
+
+				/*If it doesnt exists, insert it*/
+				if( (cur_val=g_tree_lookup(hsdsch_muxed_flows, GINT_TO_POINTER((gint)hr))) == NULL ){
+
+					flowd_p = (guint*)g_malloc0(sizeof(gint));
+					*flowd_p = (1<<flowd);	/*Set the bit to mark it as true*/
+					g_tree_insert(hsdsch_muxed_flows, GINT_TO_POINTER((gint)hr), flowd_p);
+
+				}else{
+					*cur_val = (1<<flowd) | *cur_val;
+
+				}
 			}
-			/*If it doesnt exists, insert it*/
-			if( (cur_val=g_tree_lookup(hsdsch_muxed_flows, GINT_TO_POINTER((gint)hr))) == NULL ){
-				
-				flowd_p = (guint*)g_malloc0(sizeof(gint));  
-				*flowd_p = (1<<flowd);	/*Set the bit to mark it as true*/
-				g_tree_insert(hsdsch_muxed_flows, GINT_TO_POINTER((gint)hr), flowd_p);
-			
-			}else{
-				*cur_val = (1<<flowd) | *cur_val; 
-					
+
+		}
+
+	}
+/*Here we try to figure out which HS-DSCH channels are multiplexed*/
+#.FN_BODY DL-TransportChannelType-r7 VAL_PTR = &type
+
+    gint *flowd_p;
+    gint *cur_val=NULL;
+    guint16 hr=0;
+
+	%(DEFAULT_BODY)s
+
+	/*TODO: This should probably be done better*/
+	if(type == 4){	/*If this is type HS-DSCH*/
+		num_chans_per_flow[flowd]++;
+
+
+		if(num_chans_per_flow[flowd] > 1 ){
+
+			if(hrnti == NULL){
+				expert_add_info_format(actx->pinfo, NULL, PI_MALFORMED, PI_WARN, "Did not detect any H-RNTI ");
+			}
+			else{
+				/*Read the H-RNTI value*/
+				hr = tvb_get_bits16(hrnti,0,16,TRUE);
+
+				/*If it doesnt exists, insert it*/
+				if( (cur_val=g_tree_lookup(hsdsch_muxed_flows, GINT_TO_POINTER((gint)hr))) == NULL ){
+
+					flowd_p = (guint*)g_malloc0(sizeof(gint));
+					*flowd_p = (1<<flowd);	/* Set the bit to mark it as true*/
+					g_tree_insert(hsdsch_muxed_flows, GINT_TO_POINTER((gint)hr), flowd_p);
+
+				}else{
+					*cur_val = (1<<flowd) | *cur_val;
+
+				}
 			}
-		
+
 		}
 
 	}
-	
-	
-#.FN_BODY DL-LogicalChannelMapping-r5 
-	
+
+
+#.FN_BODY DL-LogicalChannelMapping-r5
+
 	%(DEFAULT_BODY)s
-	
+
 #.FN_BODY DL-LogicalChannelMapping-r7
-	
+
 	%(DEFAULT_BODY)s
-#.FN_BODY LogicalChannelIdentity 
-	
+#.FN_BODY LogicalChannelIdentity
+
 		%(DEFAULT_BODY)s
-		
+
 #.FN_BODY MAC-d-FlowIdentity VAL_PTR = &flowd
 	%(DEFAULT_BODY)s
-	
+
 #.FN_BODY SRB-InformationSetupList2-r6
-	
+
 	%(DEFAULT_BODY)s
 	/*Clear memory*/
 	memset(num_chans_per_flow,0,sizeof(guint8));
-	
+
 #.FN_BODY H-RNTI VAL_PTR = &hrnti
+	%(DEFAULT_BODY)s
+
+#.FN_BODY START-Value VAL_PTR = &start_val
+	fp_info       *fpinf;
+	rrc_ciphering_info * c_inf;
+	int i;
+	guint32 * start;
+
+	%(DEFAULT_BODY)s
+
+	/*We base this map on comuncation context from fp*/
+	fpinf = p_get_proto_data(actx->pinfo->fd, proto_fp);
+
+	/*If no info found, skip all this*/
+	if(fpinf == NULL){
+		return offset;
+	}
+	/*Retrieves the start value for the two ciphering domains*/
+	switch(rrc_nas_sys_info_gsm_map_type){
+			case RRC_NAS_SYS_INFO_CS:
+			/*
+				g_warning("Not implemented");
+			*/
+			break;
+			case RRC_NAS_SYS_INFO_PS:
+
+				/*Find the entry for the comucnation context (taken from FP)*/
+				if( (c_inf = g_tree_lookup(rrc_ciph_inf, GINT_TO_POINTER((gint)fpinf->com_context_id))) == NULL ){
+					c_inf = g_malloc0(sizeof(rrc_ciphering_info));
+
+					/*Initaite tree with START_PS values.*/
+					if(!c_inf->start_ps)
+						c_inf->start_ps = g_tree_new_full(rrc_key_cmp,
+						NULL,rrc_free_key,rrc_free_value);
+
+					/*Clear and intiliaze seq_no matrix*/
+					for(i = 0; i< 31; i++){
+						c_inf->seq_no[i][0] = -1;
+						c_inf->seq_no[i][1] = -1;
+					}
+					g_tree_insert(rrc_ciph_inf, GINT_TO_POINTER((gint)fpinf->com_context_id), c_inf);
+				}
+
+				/*Retrive and store the value*/
+				start = g_malloc(sizeof(guint32));
+				*start = tvb_get_bits32(start_val,0,20,ENC_BIG_ENDIAN);
+				if(c_inf && c_inf->start_ps)
+				/*Insert the value based on current frame num since this might vary over time*/
+				g_tree_insert(c_inf->start_ps, GINT_TO_POINTER((gint)actx->pinfo->fd->num), start);
+
+			break;
+			default:
+			break;
+		}
+		/*is this dangerous?*/
+		rrc_nas_sys_info_gsm_map_type = 0;
+
+#.FN_BODY RB-ActivationTimeInfo
+	fp_info       *fpinf;
+	rrc_ciphering_info * c_inf;
+
+
+	fpinf = p_get_proto_data(actx->pinfo->fd, proto_fp);
+
+%(DEFAULT_BODY)s
+
+	/*If no info found, skip all this*/
+	if(fpinf == NULL){
+		return offset;
+	}
+	/*This should not happen*/
+	if( (c_inf = g_tree_lookup(rrc_ciph_inf, GINT_TO_POINTER((gint)fpinf->com_context_id))) == NULL ){
+		return offset;
+	}
+	/*Set the ciphering activation frame information*/
+	c_inf->seq_no[rbid][fpinf->is_uplink] = activation_frame;
+
+
+#.FN_BODY RB-Identity VAL_PTR = &rbid
+
+%(DEFAULT_BODY)s
+
+
+
+#.FN_BODY RLC-SequenceNumber VAL_PTR = &activation_frame
+
+%(DEFAULT_BODY)s
+
+#.FN_BODY DL-DCCH-MessageType VAL_PTR = &msg_type
+%(DEFAULT_BODY)s
 
-	
-	
 #.END