hlr_auc_gw: Add GSM-AUTH-REQ command

This can be used instead of SIM-REQ-AUTH to derive Kc and SRES values
from a previously assigned set of RAND values.

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2013-10-19 18:35:04 +03:00
parent a5d44ac083
commit 84dc137056

View file

@ -18,6 +18,9 @@
* SIM-REQ-AUTH <IMSI> <max_chal> * SIM-REQ-AUTH <IMSI> <max_chal>
* SIM-RESP-AUTH <IMSI> Kc1:SRES1:RAND1 Kc2:SRES2:RAND2 [Kc3:SRES3:RAND3] * SIM-RESP-AUTH <IMSI> Kc1:SRES1:RAND1 Kc2:SRES2:RAND2 [Kc3:SRES3:RAND3]
* SIM-RESP-AUTH <IMSI> FAILURE * SIM-RESP-AUTH <IMSI> FAILURE
* GSM-AUTH-REQ <IMSI> RAND1:RAND2[:RAND3]
* GSM-AUTH-RESP <IMSI> Kc1:SRES1:Kc2:SRES2[:Kc3:SRES3]
* GSM-AUTH-RESP <IMSI> FAILURE
* *
* EAP-AKA / UMTS query/response: * EAP-AKA / UMTS query/response:
* AKA-REQ-AUTH <IMSI> * AKA-REQ-AUTH <IMSI>
@ -692,6 +695,56 @@ static int sim_req_auth(char *imsi, char *resp, size_t resp_len)
} }
static int gsm_auth_req(char *imsi, char *resp, size_t resp_len)
{
int count, ret;
char *pos, *rpos, *rend;
struct milenage_parameters *m;
resp[0] = '\0';
pos = os_strchr(imsi, ' ');
if (!pos)
return -1;
*pos++ = '\0';
rend = resp + resp_len;
rpos = resp;
ret = os_snprintf(rpos, rend - rpos, "GSM-AUTH-RESP %s", imsi);
if (ret < 0 || ret >= rend - rpos)
return -1;
rpos += ret;
m = get_milenage(imsi);
if (m) {
u8 _rand[16], sres[4], kc[8];
for (count = 0; count < EAP_SIM_MAX_CHAL; count++) {
if (hexstr2bin(pos, _rand, 16) != 0)
return -1;
gsm_milenage(m->opc, m->ki, _rand, sres, kc);
*rpos++ = count == 0 ? ' ' : ':';
rpos += wpa_snprintf_hex(rpos, rend - rpos, kc, 8);
*rpos++ = ':';
rpos += wpa_snprintf_hex(rpos, rend - rpos, sres, 4);
pos += 16 * 2;
if (*pos != ':')
break;
pos++;
}
*rpos = '\0';
return 0;
}
printf("No GSM triplets found for %s\n", imsi);
ret = os_snprintf(rpos, rend - rpos, " FAILURE");
if (ret < 0 || ret >= rend - rpos)
return -1;
rpos += ret;
return 0;
}
static void inc_sqn(u8 *sqn) static void inc_sqn(u8 *sqn)
{ {
u64 val, seq, ind; u64 val, seq, ind;
@ -847,6 +900,9 @@ static int process_cmd(char *cmd, char *resp, size_t resp_len)
if (os_strncmp(cmd, "SIM-REQ-AUTH ", 13) == 0) if (os_strncmp(cmd, "SIM-REQ-AUTH ", 13) == 0)
return sim_req_auth(cmd + 13, resp, resp_len); return sim_req_auth(cmd + 13, resp, resp_len);
if (os_strncmp(cmd, "GSM-AUTH-REQ ", 13) == 0)
return gsm_auth_req(cmd + 13, resp, resp_len);
if (os_strncmp(cmd, "AKA-REQ-AUTH ", 13) == 0) if (os_strncmp(cmd, "AKA-REQ-AUTH ", 13) == 0)
return aka_req_auth(cmd + 13, resp, resp_len); return aka_req_auth(cmd + 13, resp, resp_len);