]>
Commit | Line | Data |
---|---|---|
597d5d1b JM |
1 | HLR/AuC testing gateway for hostapd EAP-SIM/AKA database/authenticator |
2 | ||
3 | hlr_auc_gw is an example implementation of the EAP-SIM/AKA/AKA' | |
4 | database/authentication gateway interface to HLR/AuC. It could be | |
5 | replaced with an implementation of SS7 gateway to GSM/UMTS | |
6 | authentication center (HLR/AuC). hostapd will send SIM/AKA | |
7 | authentication queries over a UNIX domain socket to and external | |
8 | program, e.g., hlr_auc_gw. | |
9 | ||
10 | hlr_auc_gw can be configured with GSM and UMTS authentication data with | |
11 | text files: GSM triplet file (see hostapd.sim_db) and Milenage file (see | |
12 | hlr_auc_gw.milenage_db). Milenage parameters can be used to generate | |
13 | dynamic authentication data for EAP-SIM, EAP-AKA, and EAP-AKA' while the | |
14 | GSM triplet data is used for a more static configuration (e.g., triplets | |
15 | extracted from a SIM card). | |
16 | ||
17 | Alternatively, hlr_auc_gw can be built with support for an SQLite | |
18 | database for more dynamic operations. This is enabled by adding | |
19 | "CONFIG_SQLITE=y" into hostapd/.config before building hlr_auc_gw ("make | |
20 | clean; make hlr_auc_gw" in this directory). | |
21 | ||
22 | hostapd is configured to use hlr_auc_gw with the eap_sim_db parameter in | |
23 | hostapd.conf (e.g., "eap_sim_db=unix:/tmp/hlr_auc_gw.sock"). hlr_auc_gw | |
24 | is configured with command line parameters: | |
25 | ||
26 | hlr_auc_gw [-hu] [-s<socket path>] [-g<triplet file>] [-m<milenage file>] \ | |
27 | [-D<DB file>] [-i<IND len in bits>] | |
28 | ||
29 | options: | |
30 | -h = show this usage help | |
31 | -u = update SQN in Milenage file on exit | |
32 | -s<socket path> = path for UNIX domain socket | |
33 | (default: /tmp/hlr_auc_gw.sock) | |
34 | -g<triplet file> = path for GSM authentication triplets | |
35 | -m<milenage file> = path for Milenage keys | |
36 | -D<DB file> = path to SQLite database | |
37 | -i<IND len in bits> = IND length for SQN (default: 5) | |
38 | ||
39 | ||
40 | The SQLite database can be initialized with sqlite, e.g., by running | |
41 | following commands in "sqlite3 /path/to/hlr_auc_gw.db": | |
42 | ||
43 | CREATE TABLE milenage( | |
44 | imsi INTEGER PRIMARY KEY NOT NULL, | |
45 | ki CHAR(32) NOT NULL, | |
46 | opc CHAR(32) NOT NULL, | |
47 | amf CHAR(4) NOT NULL, | |
48 | sqn CHAR(12) NOT NULL | |
49 | ); | |
50 | INSERT INTO milenage(imsi,ki,opc,amf,sqn) VALUES( | |
51 | 232010000000000, | |
52 | '90dca4eda45b53cf0f12d7c9c3bc6a89', | |
53 | 'cb9cccc4b9258e6dca4760379fb82581', | |
54 | '61df', | |
55 | '000000000000' | |
56 | ); | |
57 | INSERT INTO milenage(imsi,ki,opc,amf,sqn) VALUES( | |
58 | 555444333222111, | |
59 | '5122250214c33e723a5dd523fc145fc0', | |
60 | '981d464c7c52eb6e5036234984ad0bcf', | |
61 | 'c3ab', | |
62 | '16f3b3f70fc1' | |
63 | ); | |
64 | ||
65 | ||
962ada54 JM |
66 | hostapd (EAP server) can also be configured to store the EAP-SIM/AKA |
67 | pseudonyms and reauth information into a SQLite database. This is | |
68 | configured with the db parameter within the eap_sim_db configuration | |
69 | option. | |
70 | ||
71 | ||
597d5d1b JM |
72 | "hlr_auc_gw -D /path/to/hlr_auc_gw.db" can then be used to fetch |
73 | Milenage parameters based on IMSI from the database. The database can be | |
74 | updated dynamically while hlr_auc_gw is running to add/remove/modify | |
75 | entries. | |
76 | ||
77 | ||
78 | Example configuration files for hostapd to operate as a RADIUS | |
79 | authentication server for EAP-SIM/AKA/AKA': | |
80 | ||
81 | hostapd.conf: | |
82 | ||
83 | driver=none | |
84 | radius_server_clients=hostapd.radius_clients | |
85 | eap_server=1 | |
86 | eap_user_file=hostapd.eap_user | |
962ada54 | 87 | eap_sim_db=unix:/tmp/hlr_auc_gw.sock db=/tmp/eap_sim.db |
597d5d1b JM |
88 | eap_sim_aka_result_ind=1 |
89 | ||
90 | hostapd.radius_clients: | |
91 | ||
92 | 0.0.0.0/0 radius | |
93 | ||
94 | hostapd.eap_user: | |
95 | ||
96 | "0"* AKA | |
97 | "1"* SIM | |
98 | "2"* AKA | |
99 | "3"* SIM | |
100 | "4"* AKA | |
101 | "5"* SIM | |
102 | "6"* AKA' | |
103 | "7"* AKA' | |
104 | "8"* AKA' |