EAP-AKA testing without HLR/HSS

Brian Candler B.Candler at pobox.com
Thu Apr 25 11:17:36 CEST 2013


On Wed, Apr 24, 2013 at 08:11:11AM -0700, antoni milton wrote:
>          Please let me know , if its possible to test EAP-AKA
>    authentication without HLR/HSS using freeradius.

Please don't cross-post.

There is code in hostapd which you may be able to modify to do what you
want:

$ grep -R USIM_SIM .
./src/eap_peer/eap_aka.c:#ifdef CONFIG_USIM_SIMULATOR
./src/eap_peer/eap_aka.c:#endif /* CONFIG_USIM_SIMULATOR */
./wpa_supplicant/android.config:#CONFIG_USIM_SIMULATOR=y
./wpa_supplicant/Android.mk:ifdef CONFIG_USIM_SIMULATOR
./wpa_supplicant/Android.mk:L_CFLAGS += -DCONFIG_USIM_SIMULATOR
./wpa_supplicant/ChangeLog:	  enable with CONFIG_SIM_SIMULATOR=y/CONFIG_USIM_SIMULATOR=y in .config
./wpa_supplicant/defconfig:#CONFIG_USIM_SIMULATOR=y
./wpa_supplicant/Makefile:ifdef CONFIG_USIM_SIMULATOR
./wpa_supplicant/Makefile:CFLAGS += -DCONFIG_USIM_SIMULATOR

2008-11-23 - v0.6.6
        * added Milenage SIM/USIM emulator for EAP-SIM/EAP-AKA
          (can be used to simulate test SIM/USIM card with a known private key;
          enable with CONFIG_SIM_SIMULATOR=y/CONFIG_USIM_SIMULATOR=y in .config
          and password="Ki:OPc"/password="Ki:OPc:SQN" in network configuration)

It looks like src/crypto/milenage.c does the actual checking, and that's
what you'd have to move into radius.

Any questions about that code need to go to the hostapd list of course.

HTH,

Brian.


More information about the Freeradius-Users mailing list