1e5b75505Sopenharmony_ciHLR/AuC testing gateway for hostapd EAP-SIM/AKA database/authenticator
2e5b75505Sopenharmony_ci
3e5b75505Sopenharmony_cihlr_auc_gw is an example implementation of the EAP-SIM/AKA/AKA'
4e5b75505Sopenharmony_cidatabase/authentication gateway interface to HLR/AuC. It could be
5e5b75505Sopenharmony_cireplaced with an implementation of SS7 gateway to GSM/UMTS
6e5b75505Sopenharmony_ciauthentication center (HLR/AuC). hostapd will send SIM/AKA
7e5b75505Sopenharmony_ciauthentication queries over a UNIX domain socket to and external
8e5b75505Sopenharmony_ciprogram, e.g., hlr_auc_gw.
9e5b75505Sopenharmony_ci
10e5b75505Sopenharmony_cihlr_auc_gw can be configured with GSM and UMTS authentication data with
11e5b75505Sopenharmony_citext files: GSM triplet file (see hostapd.sim_db) and Milenage file (see
12e5b75505Sopenharmony_cihlr_auc_gw.milenage_db). Milenage parameters can be used to generate
13e5b75505Sopenharmony_cidynamic authentication data for EAP-SIM, EAP-AKA, and EAP-AKA' while the
14e5b75505Sopenharmony_ciGSM triplet data is used for a more static configuration (e.g., triplets
15e5b75505Sopenharmony_ciextracted from a SIM card).
16e5b75505Sopenharmony_ci
17e5b75505Sopenharmony_ciAlternatively, hlr_auc_gw can be built with support for an SQLite
18e5b75505Sopenharmony_cidatabase for more dynamic operations. This is enabled by adding
19e5b75505Sopenharmony_ci"CONFIG_SQLITE=y" into hostapd/.config before building hlr_auc_gw ("make
20e5b75505Sopenharmony_ciclean; make hlr_auc_gw" in this directory).
21e5b75505Sopenharmony_ci
22e5b75505Sopenharmony_cihostapd is configured to use hlr_auc_gw with the eap_sim_db parameter in
23e5b75505Sopenharmony_cihostapd.conf (e.g., "eap_sim_db=unix:/tmp/hlr_auc_gw.sock"). hlr_auc_gw
24e5b75505Sopenharmony_ciis configured with command line parameters:
25e5b75505Sopenharmony_ci
26e5b75505Sopenharmony_cihlr_auc_gw [-hu] [-s<socket path>] [-g<triplet file>] [-m<milenage file>] \
27e5b75505Sopenharmony_ci        [-D<DB file>] [-i<IND len in bits>]
28e5b75505Sopenharmony_ci
29e5b75505Sopenharmony_cioptions:
30e5b75505Sopenharmony_ci  -h = show this usage help
31e5b75505Sopenharmony_ci  -u = update SQN in Milenage file on exit
32e5b75505Sopenharmony_ci  -s<socket path> = path for UNIX domain socket
33e5b75505Sopenharmony_ci                    (default: /tmp/hlr_auc_gw.sock)
34e5b75505Sopenharmony_ci  -g<triplet file> = path for GSM authentication triplets
35e5b75505Sopenharmony_ci  -m<milenage file> = path for Milenage keys
36e5b75505Sopenharmony_ci  -D<DB file> = path to SQLite database
37e5b75505Sopenharmony_ci  -i<IND len in bits> = IND length for SQN (default: 5)
38e5b75505Sopenharmony_ci
39e5b75505Sopenharmony_ci
40e5b75505Sopenharmony_ciThe SQLite database can be initialized with sqlite, e.g., by running
41e5b75505Sopenharmony_cifollowing commands in "sqlite3 /path/to/hlr_auc_gw.db":
42e5b75505Sopenharmony_ci
43e5b75505Sopenharmony_ciCREATE TABLE milenage(
44e5b75505Sopenharmony_ci	imsi INTEGER PRIMARY KEY NOT NULL,
45e5b75505Sopenharmony_ci	ki CHAR(32) NOT NULL,
46e5b75505Sopenharmony_ci	opc CHAR(32) NOT NULL,
47e5b75505Sopenharmony_ci	amf CHAR(4) NOT NULL,
48e5b75505Sopenharmony_ci	sqn CHAR(12) NOT NULL
49e5b75505Sopenharmony_ci);
50e5b75505Sopenharmony_ciINSERT INTO milenage(imsi,ki,opc,amf,sqn) VALUES(
51e5b75505Sopenharmony_ci	232010000000000,
52e5b75505Sopenharmony_ci	'90dca4eda45b53cf0f12d7c9c3bc6a89',
53e5b75505Sopenharmony_ci	'cb9cccc4b9258e6dca4760379fb82581',
54e5b75505Sopenharmony_ci	'61df',
55e5b75505Sopenharmony_ci	'000000000000'
56e5b75505Sopenharmony_ci);
57e5b75505Sopenharmony_ciINSERT INTO milenage(imsi,ki,opc,amf,sqn) VALUES(
58e5b75505Sopenharmony_ci	555444333222111,
59e5b75505Sopenharmony_ci	'5122250214c33e723a5dd523fc145fc0',
60e5b75505Sopenharmony_ci	'981d464c7c52eb6e5036234984ad0bcf',
61e5b75505Sopenharmony_ci	'c3ab',
62e5b75505Sopenharmony_ci	'16f3b3f70fc1'
63e5b75505Sopenharmony_ci);
64e5b75505Sopenharmony_ci
65e5b75505Sopenharmony_ci
66e5b75505Sopenharmony_cihostapd (EAP server) can also be configured to store the EAP-SIM/AKA
67e5b75505Sopenharmony_cipseudonyms and reauth information into a SQLite database. This is
68e5b75505Sopenharmony_ciconfigured with the db parameter within the eap_sim_db configuration
69e5b75505Sopenharmony_cioption.
70e5b75505Sopenharmony_ci
71e5b75505Sopenharmony_ci
72e5b75505Sopenharmony_ci"hlr_auc_gw -D /path/to/hlr_auc_gw.db" can then be used to fetch
73e5b75505Sopenharmony_ciMilenage parameters based on IMSI from the database. The database can be
74e5b75505Sopenharmony_ciupdated dynamically while hlr_auc_gw is running to add/remove/modify
75e5b75505Sopenharmony_cientries.
76e5b75505Sopenharmony_ci
77e5b75505Sopenharmony_ci
78e5b75505Sopenharmony_ciExample configuration files for hostapd to operate as a RADIUS
79e5b75505Sopenharmony_ciauthentication server for EAP-SIM/AKA/AKA':
80e5b75505Sopenharmony_ci
81e5b75505Sopenharmony_cihostapd.conf:
82e5b75505Sopenharmony_ci
83e5b75505Sopenharmony_cidriver=none
84e5b75505Sopenharmony_ciradius_server_clients=hostapd.radius_clients
85e5b75505Sopenharmony_cieap_server=1
86e5b75505Sopenharmony_cieap_user_file=hostapd.eap_user
87e5b75505Sopenharmony_cieap_sim_db=unix:/tmp/hlr_auc_gw.sock db=/tmp/eap_sim.db
88e5b75505Sopenharmony_cieap_sim_aka_result_ind=1
89e5b75505Sopenharmony_ci
90e5b75505Sopenharmony_cihostapd.radius_clients:
91e5b75505Sopenharmony_ci
92e5b75505Sopenharmony_ci0.0.0.0/0	radius
93e5b75505Sopenharmony_ci
94e5b75505Sopenharmony_cihostapd.eap_user:
95e5b75505Sopenharmony_ci
96e5b75505Sopenharmony_ci"0"*	AKA
97e5b75505Sopenharmony_ci"1"*	SIM
98e5b75505Sopenharmony_ci"2"*	AKA
99e5b75505Sopenharmony_ci"3"*	SIM
100e5b75505Sopenharmony_ci"4"*	AKA
101e5b75505Sopenharmony_ci"5"*	SIM
102e5b75505Sopenharmony_ci"6"*	AKA'
103e5b75505Sopenharmony_ci"7"*	AKA'
104e5b75505Sopenharmony_ci"8"*	AKA'
105