2 * HLR/AuC testing gateway for hostapd EAP-SIM/AKA database/authenticator
3 * Copyright (c) 2005-2007, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
14 * This is an example implementation of the EAP-SIM/AKA database/authentication
15 * gateway interface to HLR/AuC. It is expected to be replaced with an
16 * implementation of SS7 gateway to GSM/UMTS authentication center (HLR/AuC) or
17 * a local implementation of SIM triplet and AKA authentication data generator.
19 * hostapd will send SIM/AKA authentication queries over a UNIX domain socket
20 * to and external program, e.g., this hlr_auc_gw. This interface uses simple
23 * EAP-SIM / GSM triplet query/response:
24 * SIM-REQ-AUTH <IMSI> <max_chal>
25 * SIM-RESP-AUTH <IMSI> Kc1:SRES1:RAND1 Kc2:SRES2:RAND2 [Kc3:SRES3:RAND3]
26 * SIM-RESP-AUTH <IMSI> FAILURE
28 * EAP-AKA / UMTS query/response:
30 * AKA-RESP-AUTH <IMSI> <RAND> <AUTN> <IK> <CK> <RES>
31 * AKA-RESP-AUTH <IMSI> FAILURE
33 * EAP-AKA / UMTS AUTS (re-synchronization):
34 * AKA-AUTS <IMSI> <AUTS> <RAND>
36 * IMSI and max_chal are sent as an ASCII string,
37 * Kc/SRES/RAND/AUTN/IK/CK/RES/AUTS as hex strings.
39 * The example implementation here reads GSM authentication triplets from a
40 * text file in IMSI:Kc:SRES:RAND format, IMSI in ASCII, other fields as hex
41 * strings. This is used to simulate an HLR/AuC. As such, it is not very useful
42 * for real life authentication, but it is useful both as an example
43 * implementation and for EAP-SIM testing.
50 #include "crypto/milenage.h"
51 #include "crypto/random.h"
53 static const char *default_socket_path = "/tmp/hlr_auc_gw.sock";
54 static const char *socket_path;
55 static int serv_sock = -1;
59 struct gsm_triplet *next;
66 static struct gsm_triplet *gsm_db = NULL, *gsm_db_pos = NULL;
68 /* OPc and AMF parameters for Milenage (Example algorithms for AKA). */
69 struct milenage_parameters {
70 struct milenage_parameters *next;
78 static struct milenage_parameters *milenage_db = NULL;
80 #define EAP_SIM_MAX_CHAL 3
82 #define EAP_AKA_RAND_LEN 16
83 #define EAP_AKA_AUTN_LEN 16
84 #define EAP_AKA_AUTS_LEN 14
85 #define EAP_AKA_RES_MAX_LEN 16
86 #define EAP_AKA_IK_LEN 16
87 #define EAP_AKA_CK_LEN 16
90 static int open_socket(const char *path)
92 struct sockaddr_un addr;
95 s = socket(PF_UNIX, SOCK_DGRAM, 0);
97 perror("socket(PF_UNIX)");
101 memset(&addr, 0, sizeof(addr));
102 addr.sun_family = AF_UNIX;
103 os_strlcpy(addr.sun_path, path, sizeof(addr.sun_path));
104 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
105 perror("bind(PF_UNIX)");
114 static int read_gsm_triplets(const char *fname)
117 char buf[200], *pos, *pos2;
118 struct gsm_triplet *g = NULL;
124 f = fopen(fname, "r");
126 printf("Could not open GSM tripler data file '%s'\n", fname);
131 while (fgets(buf, sizeof(buf), f)) {
134 /* Parse IMSI:Kc:SRES:RAND */
135 buf[sizeof(buf) - 1] = '\0';
139 while (*pos != '\0' && *pos != '\n')
147 g = os_zalloc(sizeof(*g));
154 pos2 = strchr(pos, ':');
156 printf("%s:%d - Invalid IMSI (%s)\n",
162 if (strlen(pos) >= sizeof(g->imsi)) {
163 printf("%s:%d - Too long IMSI (%s)\n",
168 os_strlcpy(g->imsi, pos, sizeof(g->imsi));
172 pos2 = strchr(pos, ':');
174 printf("%s:%d - Invalid Kc (%s)\n", fname, line, pos);
179 if (strlen(pos) != 16 || hexstr2bin(pos, g->kc, 8)) {
180 printf("%s:%d - Invalid Kc (%s)\n", fname, line, pos);
187 pos2 = strchr(pos, ':');
189 printf("%s:%d - Invalid SRES (%s)\n", fname, line,
195 if (strlen(pos) != 8 || hexstr2bin(pos, g->sres, 4)) {
196 printf("%s:%d - Invalid SRES (%s)\n", fname, line,
204 pos2 = strchr(pos, ':');
207 if (strlen(pos) != 32 || hexstr2bin(pos, g->_rand, 16)) {
208 printf("%s:%d - Invalid RAND (%s)\n", fname, line,
227 static struct gsm_triplet * get_gsm_triplet(const char *imsi)
229 struct gsm_triplet *g = gsm_db_pos;
232 if (strcmp(g->imsi, imsi) == 0) {
233 gsm_db_pos = g->next;
240 while (g && g != gsm_db_pos) {
241 if (strcmp(g->imsi, imsi) == 0) {
242 gsm_db_pos = g->next;
252 static int read_milenage(const char *fname)
255 char buf[200], *pos, *pos2;
256 struct milenage_parameters *m = NULL;
262 f = fopen(fname, "r");
264 printf("Could not open Milenage data file '%s'\n", fname);
269 while (fgets(buf, sizeof(buf), f)) {
272 /* Parse IMSI Ki OPc AMF SQN */
273 buf[sizeof(buf) - 1] = '\0';
277 while (*pos != '\0' && *pos != '\n')
285 m = os_zalloc(sizeof(*m));
292 pos2 = strchr(pos, ' ');
294 printf("%s:%d - Invalid IMSI (%s)\n",
300 if (strlen(pos) >= sizeof(m->imsi)) {
301 printf("%s:%d - Too long IMSI (%s)\n",
306 os_strlcpy(m->imsi, pos, sizeof(m->imsi));
310 pos2 = strchr(pos, ' ');
312 printf("%s:%d - Invalid Ki (%s)\n", fname, line, pos);
317 if (strlen(pos) != 32 || hexstr2bin(pos, m->ki, 16)) {
318 printf("%s:%d - Invalid Ki (%s)\n", fname, line, pos);
325 pos2 = strchr(pos, ' ');
327 printf("%s:%d - Invalid OPc (%s)\n", fname, line, pos);
332 if (strlen(pos) != 32 || hexstr2bin(pos, m->opc, 16)) {
333 printf("%s:%d - Invalid OPc (%s)\n", fname, line, pos);
340 pos2 = strchr(pos, ' ');
342 printf("%s:%d - Invalid AMF (%s)\n", fname, line, pos);
347 if (strlen(pos) != 4 || hexstr2bin(pos, m->amf, 2)) {
348 printf("%s:%d - Invalid AMF (%s)\n", fname, line, pos);
355 pos2 = strchr(pos, ' ');
358 if (strlen(pos) != 12 || hexstr2bin(pos, m->sqn, 6)) {
359 printf("%s:%d - Invalid SEQ (%s)\n", fname, line, pos);
365 m->next = milenage_db;
377 static struct milenage_parameters * get_milenage(const char *imsi)
379 struct milenage_parameters *m = milenage_db;
382 if (strcmp(m->imsi, imsi) == 0)
391 static void sim_req_auth(int s, struct sockaddr_un *from, socklen_t fromlen,
394 int count, max_chal, ret;
396 char reply[1000], *rpos, *rend;
397 struct milenage_parameters *m;
398 struct gsm_triplet *g;
402 pos = strchr(imsi, ' ');
405 max_chal = atoi(pos);
406 if (max_chal < 1 || max_chal < EAP_SIM_MAX_CHAL)
407 max_chal = EAP_SIM_MAX_CHAL;
409 max_chal = EAP_SIM_MAX_CHAL;
411 rend = &reply[sizeof(reply)];
413 ret = snprintf(rpos, rend - rpos, "SIM-RESP-AUTH %s", imsi);
414 if (ret < 0 || ret >= rend - rpos)
418 m = get_milenage(imsi);
420 u8 _rand[16], sres[4], kc[8];
421 for (count = 0; count < max_chal; count++) {
422 if (random_get_bytes(_rand, 16) < 0)
424 gsm_milenage(m->opc, m->ki, _rand, sres, kc);
426 rpos += wpa_snprintf_hex(rpos, rend - rpos, kc, 8);
428 rpos += wpa_snprintf_hex(rpos, rend - rpos, sres, 4);
430 rpos += wpa_snprintf_hex(rpos, rend - rpos, _rand, 16);
437 while (count < max_chal && (g = get_gsm_triplet(imsi))) {
438 if (strcmp(g->imsi, imsi) != 0)
443 rpos += wpa_snprintf_hex(rpos, rend - rpos, g->kc, 8);
446 rpos += wpa_snprintf_hex(rpos, rend - rpos, g->sres, 4);
449 rpos += wpa_snprintf_hex(rpos, rend - rpos, g->_rand, 16);
454 printf("No GSM triplets found for %s\n", imsi);
455 ret = snprintf(rpos, rend - rpos, " FAILURE");
456 if (ret < 0 || ret >= rend - rpos)
462 printf("Send: %s\n", reply);
463 if (sendto(s, reply, rpos - reply, 0,
464 (struct sockaddr *) from, fromlen) < 0)
469 static void aka_req_auth(int s, struct sockaddr_un *from, socklen_t fromlen,
472 /* AKA-RESP-AUTH <IMSI> <RAND> <AUTN> <IK> <CK> <RES> */
473 char reply[1000], *pos, *end;
474 u8 _rand[EAP_AKA_RAND_LEN];
475 u8 autn[EAP_AKA_AUTN_LEN];
476 u8 ik[EAP_AKA_IK_LEN];
477 u8 ck[EAP_AKA_CK_LEN];
478 u8 res[EAP_AKA_RES_MAX_LEN];
481 struct milenage_parameters *m;
483 m = get_milenage(imsi);
485 if (random_get_bytes(_rand, EAP_AKA_RAND_LEN) < 0)
487 res_len = EAP_AKA_RES_MAX_LEN;
488 inc_byte_array(m->sqn, 6);
489 printf("AKA: Milenage with SQN=%02x%02x%02x%02x%02x%02x\n",
490 m->sqn[0], m->sqn[1], m->sqn[2],
491 m->sqn[3], m->sqn[4], m->sqn[5]);
492 milenage_generate(m->opc, m->amf, m->ki, m->sqn, _rand,
493 autn, ik, ck, res, &res_len);
495 printf("Unknown IMSI: %s\n", imsi);
496 #ifdef AKA_USE_FIXED_TEST_VALUES
497 printf("Using fixed test values for AKA\n");
498 memset(_rand, '0', EAP_AKA_RAND_LEN);
499 memset(autn, '1', EAP_AKA_AUTN_LEN);
500 memset(ik, '3', EAP_AKA_IK_LEN);
501 memset(ck, '4', EAP_AKA_CK_LEN);
502 memset(res, '2', EAP_AKA_RES_MAX_LEN);
503 res_len = EAP_AKA_RES_MAX_LEN;
504 #else /* AKA_USE_FIXED_TEST_VALUES */
506 #endif /* AKA_USE_FIXED_TEST_VALUES */
510 end = &reply[sizeof(reply)];
511 ret = snprintf(pos, end - pos, "AKA-RESP-AUTH %s ", imsi);
512 if (ret < 0 || ret >= end - pos)
515 pos += wpa_snprintf_hex(pos, end - pos, _rand, EAP_AKA_RAND_LEN);
517 pos += wpa_snprintf_hex(pos, end - pos, autn, EAP_AKA_AUTN_LEN);
519 pos += wpa_snprintf_hex(pos, end - pos, ik, EAP_AKA_IK_LEN);
521 pos += wpa_snprintf_hex(pos, end - pos, ck, EAP_AKA_CK_LEN);
523 pos += wpa_snprintf_hex(pos, end - pos, res, res_len);
525 printf("Send: %s\n", reply);
527 if (sendto(s, reply, pos - reply, 0, (struct sockaddr *) from,
533 static void aka_auts(int s, struct sockaddr_un *from, socklen_t fromlen,
537 u8 _auts[EAP_AKA_AUTS_LEN], _rand[EAP_AKA_RAND_LEN], sqn[6];
538 struct milenage_parameters *m;
540 /* AKA-AUTS <IMSI> <AUTS> <RAND> */
542 auts = strchr(imsi, ' ');
547 __rand = strchr(auts, ' ');
552 printf("AKA-AUTS: IMSI=%s AUTS=%s RAND=%s\n", imsi, auts, __rand);
553 if (hexstr2bin(auts, _auts, EAP_AKA_AUTS_LEN) ||
554 hexstr2bin(__rand, _rand, EAP_AKA_RAND_LEN)) {
555 printf("Could not parse AUTS/RAND\n");
559 m = get_milenage(imsi);
561 printf("Unknown IMSI: %s\n", imsi);
565 if (milenage_auts(m->opc, m->ki, _rand, _auts, sqn)) {
566 printf("AKA-AUTS: Incorrect MAC-S\n");
568 memcpy(m->sqn, sqn, 6);
569 printf("AKA-AUTS: Re-synchronized: "
570 "SQN=%02x%02x%02x%02x%02x%02x\n",
571 sqn[0], sqn[1], sqn[2], sqn[3], sqn[4], sqn[5]);
576 static int process(int s)
579 struct sockaddr_un from;
583 fromlen = sizeof(from);
584 res = recvfrom(s, buf, sizeof(buf), 0, (struct sockaddr *) &from,
594 if ((size_t) res >= sizeof(buf))
595 res = sizeof(buf) - 1;
598 printf("Received: %s\n", buf);
600 if (strncmp(buf, "SIM-REQ-AUTH ", 13) == 0)
601 sim_req_auth(s, &from, fromlen, buf + 13);
602 else if (strncmp(buf, "AKA-REQ-AUTH ", 13) == 0)
603 aka_req_auth(s, &from, fromlen, buf + 13);
604 else if (strncmp(buf, "AKA-AUTS ", 9) == 0)
605 aka_auts(s, &from, fromlen, buf + 9);
607 printf("Unknown request: %s\n", buf);
613 static void cleanup(void)
615 struct gsm_triplet *g, *gprev;
616 struct milenage_parameters *m, *prev;
637 static void handle_term(int sig)
639 printf("Signal %d - terminate\n", sig);
644 static void usage(void)
646 printf("HLR/AuC testing gateway for hostapd EAP-SIM/AKA "
647 "database/authenticator\n"
648 "Copyright (c) 2005-2007, Jouni Malinen <j@w1.fi>\n"
651 "hlr_auc_gw [-h] [-s<socket path>] [-g<triplet file>] "
652 "[-m<milenage file>]\n"
655 " -h = show this usage help\n"
656 " -s<socket path> = path for UNIX domain socket\n"
658 " -g<triplet file> = path for GSM authentication triplets\n"
659 " -m<milenage file> = path for Milenage keys\n",
660 default_socket_path);
664 int main(int argc, char *argv[])
667 char *milenage_file = NULL;
668 char *gsm_triplet_file = NULL;
670 socket_path = default_socket_path;
673 c = getopt(argc, argv, "g:hm:s:");
678 gsm_triplet_file = optarg;
684 milenage_file = optarg;
687 socket_path = optarg;
695 if (gsm_triplet_file && read_gsm_triplets(gsm_triplet_file) < 0)
698 if (milenage_file && read_milenage(milenage_file) < 0)
701 serv_sock = open_socket(socket_path);
705 printf("Listening for requests on %s\n", socket_path);
708 signal(SIGTERM, handle_term);
709 signal(SIGINT, handle_term);