| Dmitry Shmidt | 61d9df3 | 2012-08-29 16:22:06 -0700 | [diff] [blame] | 1 | HLR/AuC testing gateway for hostapd EAP-SIM/AKA database/authenticator |
| 2 | |
| 3 | hlr_auc_gw is an example implementation of the EAP-SIM/AKA/AKA' |
| 4 | database/authentication gateway interface to HLR/AuC. It could be |
| 5 | replaced with an implementation of SS7 gateway to GSM/UMTS |
| 6 | authentication center (HLR/AuC). hostapd will send SIM/AKA |
| 7 | authentication queries over a UNIX domain socket to and external |
| 8 | program, e.g., hlr_auc_gw. |
| 9 | |
| 10 | hlr_auc_gw can be configured with GSM and UMTS authentication data with |
| 11 | text files: GSM triplet file (see hostapd.sim_db) and Milenage file (see |
| 12 | hlr_auc_gw.milenage_db). Milenage parameters can be used to generate |
| 13 | dynamic authentication data for EAP-SIM, EAP-AKA, and EAP-AKA' while the |
| 14 | GSM triplet data is used for a more static configuration (e.g., triplets |
| 15 | extracted from a SIM card). |
| 16 | |
| 17 | Alternatively, hlr_auc_gw can be built with support for an SQLite |
| 18 | database for more dynamic operations. This is enabled by adding |
| 19 | "CONFIG_SQLITE=y" into hostapd/.config before building hlr_auc_gw ("make |
| 20 | clean; make hlr_auc_gw" in this directory). |
| 21 | |
| 22 | hostapd is configured to use hlr_auc_gw with the eap_sim_db parameter in |
| 23 | hostapd.conf (e.g., "eap_sim_db=unix:/tmp/hlr_auc_gw.sock"). hlr_auc_gw |
| 24 | is configured with command line parameters: |
| 25 | |
| 26 | hlr_auc_gw [-hu] [-s<socket path>] [-g<triplet file>] [-m<milenage file>] \ |
| 27 | [-D<DB file>] [-i<IND len in bits>] |
| 28 | |
| 29 | options: |
| 30 | -h = show this usage help |
| 31 | -u = update SQN in Milenage file on exit |
| 32 | -s<socket path> = path for UNIX domain socket |
| 33 | (default: /tmp/hlr_auc_gw.sock) |
| 34 | -g<triplet file> = path for GSM authentication triplets |
| 35 | -m<milenage file> = path for Milenage keys |
| 36 | -D<DB file> = path to SQLite database |
| 37 | -i<IND len in bits> = IND length for SQN (default: 5) |
| 38 | |
| 39 | |
| 40 | The SQLite database can be initialized with sqlite, e.g., by running |
| 41 | following commands in "sqlite3 /path/to/hlr_auc_gw.db": |
| 42 | |
| 43 | CREATE TABLE milenage( |
| 44 | imsi INTEGER PRIMARY KEY NOT NULL, |
| 45 | ki CHAR(32) NOT NULL, |
| 46 | opc CHAR(32) NOT NULL, |
| 47 | amf CHAR(4) NOT NULL, |
| 48 | sqn CHAR(12) NOT NULL |
| 49 | ); |
| 50 | INSERT INTO milenage(imsi,ki,opc,amf,sqn) VALUES( |
| 51 | 232010000000000, |
| 52 | '90dca4eda45b53cf0f12d7c9c3bc6a89', |
| 53 | 'cb9cccc4b9258e6dca4760379fb82581', |
| 54 | '61df', |
| 55 | '000000000000' |
| 56 | ); |
| 57 | INSERT INTO milenage(imsi,ki,opc,amf,sqn) VALUES( |
| 58 | 555444333222111, |
| 59 | '5122250214c33e723a5dd523fc145fc0', |
| 60 | '981d464c7c52eb6e5036234984ad0bcf', |
| 61 | 'c3ab', |
| 62 | '16f3b3f70fc1' |
| 63 | ); |
| 64 | |
| 65 | |
| 66 | "hlr_auc_gw -D /path/to/hlr_auc_gw.db" can then be used to fetch |
| 67 | Milenage parameters based on IMSI from the database. The database can be |
| 68 | updated dynamically while hlr_auc_gw is running to add/remove/modify |
| 69 | entries. |
| 70 | |
| 71 | |
| 72 | Example configuration files for hostapd to operate as a RADIUS |
| 73 | authentication server for EAP-SIM/AKA/AKA': |
| 74 | |
| 75 | hostapd.conf: |
| 76 | |
| 77 | driver=none |
| 78 | radius_server_clients=hostapd.radius_clients |
| 79 | eap_server=1 |
| 80 | eap_user_file=hostapd.eap_user |
| 81 | eap_sim_db=unix:/tmp/hlr_auc_gw.sock |
| 82 | eap_sim_aka_result_ind=1 |
| 83 | |
| 84 | hostapd.radius_clients: |
| 85 | |
| 86 | 0.0.0.0/0 radius |
| 87 | |
| 88 | hostapd.eap_user: |
| 89 | |
| 90 | "0"* AKA |
| 91 | "1"* SIM |
| 92 | "2"* AKA |
| 93 | "3"* SIM |
| 94 | "4"* AKA |
| 95 | "5"* SIM |
| 96 | "6"* AKA' |
| 97 | "7"* AKA' |
| 98 | "8"* AKA' |