2 * HLR/AuC testing gateway for hostapd EAP-SIM/AKA database/authenticator
3 * Copyright (c) 2005-2007, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This is an example implementation of the EAP-SIM/AKA database/authentication
9 * gateway interface to HLR/AuC. It is expected to be replaced with an
10 * implementation of SS7 gateway to GSM/UMTS authentication center (HLR/AuC) or
11 * a local implementation of SIM triplet and AKA authentication data generator.
13 * hostapd will send SIM/AKA authentication queries over a UNIX domain socket
14 * to and external program, e.g., this hlr_auc_gw. This interface uses simple
17 * EAP-SIM / GSM triplet query/response:
18 * SIM-REQ-AUTH <IMSI> <max_chal>
19 * SIM-RESP-AUTH <IMSI> Kc1:SRES1:RAND1 Kc2:SRES2:RAND2 [Kc3:SRES3:RAND3]
20 * SIM-RESP-AUTH <IMSI> FAILURE
22 * EAP-AKA / UMTS query/response:
24 * AKA-RESP-AUTH <IMSI> <RAND> <AUTN> <IK> <CK> <RES>
25 * AKA-RESP-AUTH <IMSI> FAILURE
27 * EAP-AKA / UMTS AUTS (re-synchronization):
28 * AKA-AUTS <IMSI> <AUTS> <RAND>
30 * IMSI and max_chal are sent as an ASCII string,
31 * Kc/SRES/RAND/AUTN/IK/CK/RES/AUTS as hex strings.
33 * The example implementation here reads GSM authentication triplets from a
34 * text file in IMSI:Kc:SRES:RAND format, IMSI in ASCII, other fields as hex
35 * strings. This is used to simulate an HLR/AuC. As such, it is not very useful
36 * for real life authentication, but it is useful both as an example
37 * implementation and for EAP-SIM testing.
44 #include "crypto/milenage.h"
45 #include "crypto/random.h"
47 static const char *default_socket_path = "/tmp/hlr_auc_gw.sock";
48 static const char *socket_path;
49 static int serv_sock = -1;
53 struct gsm_triplet *next;
60 static struct gsm_triplet *gsm_db = NULL, *gsm_db_pos = NULL;
62 /* OPc and AMF parameters for Milenage (Example algorithms for AKA). */
63 struct milenage_parameters {
64 struct milenage_parameters *next;
72 static struct milenage_parameters *milenage_db = NULL;
74 #define EAP_SIM_MAX_CHAL 3
76 #define EAP_AKA_RAND_LEN 16
77 #define EAP_AKA_AUTN_LEN 16
78 #define EAP_AKA_AUTS_LEN 14
79 #define EAP_AKA_RES_MAX_LEN 16
80 #define EAP_AKA_IK_LEN 16
81 #define EAP_AKA_CK_LEN 16
84 static int open_socket(const char *path)
86 struct sockaddr_un addr;
89 s = socket(PF_UNIX, SOCK_DGRAM, 0);
91 perror("socket(PF_UNIX)");
95 memset(&addr, 0, sizeof(addr));
96 addr.sun_family = AF_UNIX;
97 os_strlcpy(addr.sun_path, path, sizeof(addr.sun_path));
98 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
99 perror("hlr-auc-gw: bind(PF_UNIX)");
108 static int read_gsm_triplets(const char *fname)
111 char buf[200], *pos, *pos2;
112 struct gsm_triplet *g = NULL;
118 f = fopen(fname, "r");
120 printf("Could not open GSM tripler data file '%s'\n", fname);
125 while (fgets(buf, sizeof(buf), f)) {
128 /* Parse IMSI:Kc:SRES:RAND */
129 buf[sizeof(buf) - 1] = '\0';
133 while (*pos != '\0' && *pos != '\n')
141 g = os_zalloc(sizeof(*g));
148 pos2 = strchr(pos, ':');
150 printf("%s:%d - Invalid IMSI (%s)\n",
156 if (strlen(pos) >= sizeof(g->imsi)) {
157 printf("%s:%d - Too long IMSI (%s)\n",
162 os_strlcpy(g->imsi, pos, sizeof(g->imsi));
166 pos2 = strchr(pos, ':');
168 printf("%s:%d - Invalid Kc (%s)\n", fname, line, pos);
173 if (strlen(pos) != 16 || hexstr2bin(pos, g->kc, 8)) {
174 printf("%s:%d - Invalid Kc (%s)\n", fname, line, pos);
181 pos2 = strchr(pos, ':');
183 printf("%s:%d - Invalid SRES (%s)\n", fname, line,
189 if (strlen(pos) != 8 || hexstr2bin(pos, g->sres, 4)) {
190 printf("%s:%d - Invalid SRES (%s)\n", fname, line,
198 pos2 = strchr(pos, ':');
201 if (strlen(pos) != 32 || hexstr2bin(pos, g->_rand, 16)) {
202 printf("%s:%d - Invalid RAND (%s)\n", fname, line,
221 static struct gsm_triplet * get_gsm_triplet(const char *imsi)
223 struct gsm_triplet *g = gsm_db_pos;
226 if (strcmp(g->imsi, imsi) == 0) {
227 gsm_db_pos = g->next;
234 while (g && g != gsm_db_pos) {
235 if (strcmp(g->imsi, imsi) == 0) {
236 gsm_db_pos = g->next;
246 static int read_milenage(const char *fname)
249 char buf[200], *pos, *pos2;
250 struct milenage_parameters *m = NULL;
256 f = fopen(fname, "r");
258 printf("Could not open Milenage data file '%s'\n", fname);
263 while (fgets(buf, sizeof(buf), f)) {
266 /* Parse IMSI Ki OPc AMF SQN */
267 buf[sizeof(buf) - 1] = '\0';
271 while (*pos != '\0' && *pos != '\n')
279 m = os_zalloc(sizeof(*m));
286 pos2 = strchr(pos, ' ');
288 printf("%s:%d - Invalid IMSI (%s)\n",
294 if (strlen(pos) >= sizeof(m->imsi)) {
295 printf("%s:%d - Too long IMSI (%s)\n",
300 os_strlcpy(m->imsi, pos, sizeof(m->imsi));
304 pos2 = strchr(pos, ' ');
306 printf("%s:%d - Invalid Ki (%s)\n", fname, line, pos);
311 if (strlen(pos) != 32 || hexstr2bin(pos, m->ki, 16)) {
312 printf("%s:%d - Invalid Ki (%s)\n", fname, line, pos);
319 pos2 = strchr(pos, ' ');
321 printf("%s:%d - Invalid OPc (%s)\n", fname, line, pos);
326 if (strlen(pos) != 32 || hexstr2bin(pos, m->opc, 16)) {
327 printf("%s:%d - Invalid OPc (%s)\n", fname, line, pos);
334 pos2 = strchr(pos, ' ');
336 printf("%s:%d - Invalid AMF (%s)\n", fname, line, pos);
341 if (strlen(pos) != 4 || hexstr2bin(pos, m->amf, 2)) {
342 printf("%s:%d - Invalid AMF (%s)\n", fname, line, pos);
349 pos2 = strchr(pos, ' ');
352 if (strlen(pos) != 12 || hexstr2bin(pos, m->sqn, 6)) {
353 printf("%s:%d - Invalid SEQ (%s)\n", fname, line, pos);
359 m->next = milenage_db;
371 static struct milenage_parameters * get_milenage(const char *imsi)
373 struct milenage_parameters *m = milenage_db;
376 if (strcmp(m->imsi, imsi) == 0)
385 static void sim_req_auth(int s, struct sockaddr_un *from, socklen_t fromlen,
388 int count, max_chal, ret;
390 char reply[1000], *rpos, *rend;
391 struct milenage_parameters *m;
392 struct gsm_triplet *g;
396 pos = strchr(imsi, ' ');
399 max_chal = atoi(pos);
400 if (max_chal < 1 || max_chal < EAP_SIM_MAX_CHAL)
401 max_chal = EAP_SIM_MAX_CHAL;
403 max_chal = EAP_SIM_MAX_CHAL;
405 rend = &reply[sizeof(reply)];
407 ret = snprintf(rpos, rend - rpos, "SIM-RESP-AUTH %s", imsi);
408 if (ret < 0 || ret >= rend - rpos)
412 m = get_milenage(imsi);
414 u8 _rand[16], sres[4], kc[8];
415 for (count = 0; count < max_chal; count++) {
416 if (random_get_bytes(_rand, 16) < 0)
418 gsm_milenage(m->opc, m->ki, _rand, sres, kc);
420 rpos += wpa_snprintf_hex(rpos, rend - rpos, kc, 8);
422 rpos += wpa_snprintf_hex(rpos, rend - rpos, sres, 4);
424 rpos += wpa_snprintf_hex(rpos, rend - rpos, _rand, 16);
431 while (count < max_chal && (g = get_gsm_triplet(imsi))) {
432 if (strcmp(g->imsi, imsi) != 0)
437 rpos += wpa_snprintf_hex(rpos, rend - rpos, g->kc, 8);
440 rpos += wpa_snprintf_hex(rpos, rend - rpos, g->sres, 4);
443 rpos += wpa_snprintf_hex(rpos, rend - rpos, g->_rand, 16);
448 printf("No GSM triplets found for %s\n", imsi);
449 ret = snprintf(rpos, rend - rpos, " FAILURE");
450 if (ret < 0 || ret >= rend - rpos)
456 printf("Send: %s\n", reply);
457 if (sendto(s, reply, rpos - reply, 0,
458 (struct sockaddr *) from, fromlen) < 0)
463 static void aka_req_auth(int s, struct sockaddr_un *from, socklen_t fromlen,
466 /* AKA-RESP-AUTH <IMSI> <RAND> <AUTN> <IK> <CK> <RES> */
467 char reply[1000], *pos, *end;
468 u8 _rand[EAP_AKA_RAND_LEN];
469 u8 autn[EAP_AKA_AUTN_LEN];
470 u8 ik[EAP_AKA_IK_LEN];
471 u8 ck[EAP_AKA_CK_LEN];
472 u8 res[EAP_AKA_RES_MAX_LEN];
475 struct milenage_parameters *m;
477 m = get_milenage(imsi);
479 if (random_get_bytes(_rand, EAP_AKA_RAND_LEN) < 0)
481 res_len = EAP_AKA_RES_MAX_LEN;
482 inc_byte_array(m->sqn, 6);
483 printf("AKA: Milenage with SQN=%02x%02x%02x%02x%02x%02x\n",
484 m->sqn[0], m->sqn[1], m->sqn[2],
485 m->sqn[3], m->sqn[4], m->sqn[5]);
486 milenage_generate(m->opc, m->amf, m->ki, m->sqn, _rand,
487 autn, ik, ck, res, &res_len);
489 printf("Unknown IMSI: %s\n", imsi);
490 #ifdef AKA_USE_FIXED_TEST_VALUES
491 printf("Using fixed test values for AKA\n");
492 memset(_rand, '0', EAP_AKA_RAND_LEN);
493 memset(autn, '1', EAP_AKA_AUTN_LEN);
494 memset(ik, '3', EAP_AKA_IK_LEN);
495 memset(ck, '4', EAP_AKA_CK_LEN);
496 memset(res, '2', EAP_AKA_RES_MAX_LEN);
497 res_len = EAP_AKA_RES_MAX_LEN;
498 #else /* AKA_USE_FIXED_TEST_VALUES */
500 #endif /* AKA_USE_FIXED_TEST_VALUES */
504 end = &reply[sizeof(reply)];
505 ret = snprintf(pos, end - pos, "AKA-RESP-AUTH %s ", imsi);
506 if (ret < 0 || ret >= end - pos)
509 pos += wpa_snprintf_hex(pos, end - pos, _rand, EAP_AKA_RAND_LEN);
511 pos += wpa_snprintf_hex(pos, end - pos, autn, EAP_AKA_AUTN_LEN);
513 pos += wpa_snprintf_hex(pos, end - pos, ik, EAP_AKA_IK_LEN);
515 pos += wpa_snprintf_hex(pos, end - pos, ck, EAP_AKA_CK_LEN);
517 pos += wpa_snprintf_hex(pos, end - pos, res, res_len);
519 printf("Send: %s\n", reply);
521 if (sendto(s, reply, pos - reply, 0, (struct sockaddr *) from,
527 static void aka_auts(int s, struct sockaddr_un *from, socklen_t fromlen,
531 u8 _auts[EAP_AKA_AUTS_LEN], _rand[EAP_AKA_RAND_LEN], sqn[6];
532 struct milenage_parameters *m;
534 /* AKA-AUTS <IMSI> <AUTS> <RAND> */
536 auts = strchr(imsi, ' ');
541 __rand = strchr(auts, ' ');
546 printf("AKA-AUTS: IMSI=%s AUTS=%s RAND=%s\n", imsi, auts, __rand);
547 if (hexstr2bin(auts, _auts, EAP_AKA_AUTS_LEN) ||
548 hexstr2bin(__rand, _rand, EAP_AKA_RAND_LEN)) {
549 printf("Could not parse AUTS/RAND\n");
553 m = get_milenage(imsi);
555 printf("Unknown IMSI: %s\n", imsi);
559 if (milenage_auts(m->opc, m->ki, _rand, _auts, sqn)) {
560 printf("AKA-AUTS: Incorrect MAC-S\n");
562 memcpy(m->sqn, sqn, 6);
563 printf("AKA-AUTS: Re-synchronized: "
564 "SQN=%02x%02x%02x%02x%02x%02x\n",
565 sqn[0], sqn[1], sqn[2], sqn[3], sqn[4], sqn[5]);
570 static int process(int s)
573 struct sockaddr_un from;
577 fromlen = sizeof(from);
578 res = recvfrom(s, buf, sizeof(buf), 0, (struct sockaddr *) &from,
588 if ((size_t) res >= sizeof(buf))
589 res = sizeof(buf) - 1;
592 printf("Received: %s\n", buf);
594 if (strncmp(buf, "SIM-REQ-AUTH ", 13) == 0)
595 sim_req_auth(s, &from, fromlen, buf + 13);
596 else if (strncmp(buf, "AKA-REQ-AUTH ", 13) == 0)
597 aka_req_auth(s, &from, fromlen, buf + 13);
598 else if (strncmp(buf, "AKA-AUTS ", 9) == 0)
599 aka_auts(s, &from, fromlen, buf + 9);
601 printf("Unknown request: %s\n", buf);
607 static void cleanup(void)
609 struct gsm_triplet *g, *gprev;
610 struct milenage_parameters *m, *prev;
631 static void handle_term(int sig)
633 printf("Signal %d - terminate\n", sig);
638 static void usage(void)
640 printf("HLR/AuC testing gateway for hostapd EAP-SIM/AKA "
641 "database/authenticator\n"
642 "Copyright (c) 2005-2007, Jouni Malinen <j@w1.fi>\n"
645 "hlr_auc_gw [-h] [-s<socket path>] [-g<triplet file>] "
646 "[-m<milenage file>]\n"
649 " -h = show this usage help\n"
650 " -s<socket path> = path for UNIX domain socket\n"
652 " -g<triplet file> = path for GSM authentication triplets\n"
653 " -m<milenage file> = path for Milenage keys\n",
654 default_socket_path);
658 int main(int argc, char *argv[])
661 char *milenage_file = NULL;
662 char *gsm_triplet_file = NULL;
664 socket_path = default_socket_path;
667 c = getopt(argc, argv, "g:hm:s:");
672 gsm_triplet_file = optarg;
678 milenage_file = optarg;
681 socket_path = optarg;
689 if (gsm_triplet_file && read_gsm_triplets(gsm_triplet_file) < 0)
692 if (milenage_file && read_milenage(milenage_file) < 0)
695 serv_sock = open_socket(socket_path);
699 printf("Listening for requests on %s\n", socket_path);
702 signal(SIGTERM, handle_term);
703 signal(SIGINT, handle_term);