Feature/parse nas lte plain ciphered

[mitshell]

Thanks for the submission. I fail to understand however what you try to resolve here, and the "plain ciphered" from the commit message sounds strange to me and does not explain much. Are you sure moreover that it stays backward compatible in terms of returned data ?

[matan1008]

From what I understand, when a ciphered EMM security protected NAS message contains a NAS message container with security type of Plain NAS message, not security protected, the inner message is plain text, and can be parsed exactly like in the case of a non ciphered outer message. I have a PCAP for example but github won't except it so if I didn't explain myself well I will just upload the binary message and the parsing results of wireshark

[mitshell]

I am not sure about your conclusion. If the EMM security header says the PDU is ciphered, then the rest of the message needs to be decrypted before being decoded. It could happen that the PDU is ciphered with the null-algorithm, staying therefore in the clear; but this is a particular case, which is contextual and cannot be infered from the PDU itself. In case you have a pcap illustrating your case, you may be able to zip or tar it before uploading it.

[matan1008]

sms_utf16.zip

[mitshell]

This is it : the NAS security header says "ciphered", but I suppose you have configured the null cipher to be used. Hence, the payload can be decoded by chance. Wireshark NAS LTE decoder has an option for this, where it tries to always decode a NAS payload, even if the header says it is encrypted. In case of the null cipher being used, it works, otherwise, it fails.

[matan1008]

Thanks for the clarification, any chance for adding something similar to pycrate? For example, if I change the PR to add force_inner or something

[mitshell]

Sorry for taking a long time, and thanks for the proposal. Looking at the patch: force_inner=True will return an error and no structure at all, even in the case the PDU is valid but the payload is encrypted. I believe the force_inner case should better be processed individually (not together with the standard inner part), and with an explicit try / except pattern to ensure it returns the PDU in case it's valid but encrypted. Therefore, I am still not a big fan of the current implementation. If you can handle this, then I would merge the patch; we could then extend it to the 5G NAS parser functions.

[mitshell]

My last comment was not correct as it is not needed to have a try / select... Sorry, long time not working on this. After checking more carefully, I pushed this branch: https://github.com/pycrate-org/pycrate/compare/master...nas_null_cipher, which adds support for null_cipher in NASLTE and NAS5G. Tell me if it fits with your intention.

[matan1008]

It fits perfectly, thanks a lot!