wpa_supplicant / hostapd  2.5
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Pages
Data Structures | Macros | Functions
hlr_auc_gw.c File Reference

HLR/AuC testing gateway for hostapd EAP-SIM/AKA database/authenticator. More...

#include "includes.h"
#include <sys/un.h>
#include "common.h"
#include "crypto/milenage.h"
#include "crypto/random.h"

Data Structures

struct  gsm_triplet
 
struct  milenage_parameters
 

Macros

#define EAP_SIM_MAX_CHAL   3
 
#define EAP_AKA_RAND_LEN   16
 
#define EAP_AKA_AUTN_LEN   16
 
#define EAP_AKA_AUTS_LEN   14
 
#define EAP_AKA_RES_MIN_LEN   4
 
#define EAP_AKA_RES_MAX_LEN   16
 
#define EAP_AKA_IK_LEN   16
 
#define EAP_AKA_CK_LEN   16
 

Functions

int main (int argc, char *argv[])
 

Detailed Description

HLR/AuC testing gateway for hostapd EAP-SIM/AKA database/authenticator.

This is an example implementation of the EAP-SIM/AKA database/authentication gateway interface to HLR/AuC. It is expected to be replaced with an implementation of SS7 gateway to GSM/UMTS authentication center (HLR/AuC) or a local implementation of SIM triplet and AKA authentication data generator.

hostapd will send SIM/AKA authentication queries over a UNIX domain socket to and external program, e.g., this hlr_auc_gw. This interface uses simple text-based format:

EAP-SIM / GSM triplet query/response: SIM-REQ-AUTH <IMSI> <max_chal> SIM-RESP-AUTH <IMSI> Kc1:SRES1:RAND1 Kc2:SRES2:RAND2 [Kc3:SRES3:RAND3] SIM-RESP-AUTH <IMSI> FAILURE GSM-AUTH-REQ <IMSI> RAND1:RAND2[:RAND3] GSM-AUTH-RESP <IMSI> Kc1:SRES1:Kc2:SRES2[:Kc3:SRES3] GSM-AUTH-RESP <IMSI> FAILURE

EAP-AKA / UMTS query/response: AKA-REQ-AUTH <IMSI> AKA-RESP-AUTH <IMSI> <RAND> <AUTN> <IK> <CK> <RES> AKA-RESP-AUTH <IMSI> FAILURE

EAP-AKA / UMTS AUTS (re-synchronization): AKA-AUTS <IMSI> <AUTS> <RAND>

IMSI and max_chal are sent as an ASCII string, Kc/SRES/RAND/AUTN/IK/CK/RES/AUTS as hex strings.

An example implementation here reads GSM authentication triplets from a text file in IMSI:Kc:SRES:RAND format, IMSI in ASCII, other fields as hex strings. This is used to simulate an HLR/AuC. As such, it is not very useful for real life authentication, but it is useful both as an example implementation and for EAP-SIM/AKA/AKA' testing.

For a stronger example design, Milenage and GSM-Milenage algorithms can be used to dynamically generate authenticatipn information for EAP-AKA/AKA' and EAP-SIM, respectively, if Ki is known.

SQN generation follows the not time-based Profile 2 described in 3GPP TS 33.102 Annex C.3.2. The length of IND is 5 bits by default, but this can be changed with a command line options if needed.

Generated on Sun Sep 27 2015 22:08:08 for wpa_supplicant / hostapd by   doxygen 1.8.6