Comp128-1,2,3 support in EAP-SIM

[Arran Cudbard-Bell]

Looking for someone to test some new code (in master branch).

Someone [1] has claimed to of decompiled a SIM validation program to
figure out the algorithms for Comp128-2 and Comp128-3.

The reason why this is particularly useful, is because Comp128-1 is 
horribly broken, and versions 2 and 3 which are meant to be more secure 
were not released to the public domain.

The only way you could properly (with a randomly generated challenge) 
authenticate SIMs using Comp128-2 and Comp128-3 was with a commercial 
AuC (Authentication centre) which cost $$$$$/$$$$$$.

To try out the code, you need to know the Ki of a SIM. You can then set
attributes:
control:EAP-Sim-Ki to the 64bit Ki value and 
control:EAP-Sim-Algo-Version (to 1, 2 or 3).

which rlm_eap_sim will then use in preference to the normal triplets.

As part of these changes, the other SIM triplets will now be looked for in
the control list, whereas they were previously looked for in the reply list.

update control {
	EAP-Sim-RAND1 := &reply:EAP-Sim-RAND1
	EAP-Sim-RAND2 := &reply:EAP-Sim-RAND2
	EAP-Sim-RAND3 := &reply:EAP-Sim-RAND3
	EAP-Sim-SRES1 := &reply:EAP-Sim-SRES1
	EAP-Sim-SRES2 := &reply:EAP-Sim-SRES2
	EAP-Sim-SRES3 := &reply:EAP-Sim-SRES3
	EAP-Sim-Kc1 := &reply:EAP-Sim-Kc1
	EAP-Sim-Kc2 := &reply:EAP-Sim-Kc2
	EAP-Sim-Kc3 := &reply:EAP-Sim-Kc3
}

Will fix up any existing configurations if you want to use the code from the
master branch (which will become 3.1).

If no one comes forward for testing, then i'll buy the hardware and do it myself,
just if someone works at a telecoms provider, id imagine it'd be pretty easy to
get hold of a test SIM, and Ki.

Note: Comp128-4 (milenage) is still unknown (please contact one of the developers 
if you have access to it's specification), but just algorithms 1-3 are still useful.

[1] http://www.hackingprojects.net/2013/04/secrets-of-sim.html

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team