Questions on using EAP-AKA
Mon Dec 30 11:04:13 PST 2013
On 12/24/2013 01:34 PM, Jouni Malinen wrote:
> On Tue, Dec 24, 2013 at 12:01:26PM -0800, Ben Greear wrote:
>> It seems that the SQN is expected to start at some known value, and increment
>> for each connection attempt (from brief reading of RFC 4187).
>> There is a protocol (AUTS) to re-sync if UE is out of sync.
>> Do you know if this is properly handled in wpa_supplicant?
>> If so, does it really matter much what the SQN is initially configured to be?
> For many testing cases, this does not really matter much unless you are
> looking into testing EAP-AKA replay protection itself.
Ok, I am not sure the SQN handling is working properly or not, but
it appears the main failure at this point is that I am using gnutls
and it does not support a method called by eap_sim_derive_keys:
int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
/* FIX: how to do this with libgcrypt? */
I see another note in the supplicant config file that openssl does
not support all of EAP-FAST unless patched.
So, question is, what SSL should I use for fullest functionality?
I will add some extra logging to print big errors if eap_sim_derive_keys
fails, as it appears that can only happen when the SSL implementation
Maybe it should even be a build error to compile in AKA while using gnutls?
Ben Greear <greearb at candelatech.com>
Candela Technologies Inc http://www.candelatech.com
More information about the Hostap