wpa_supplicant EAP-SIM and EAP-AKA auth methods

Jouni Malinen j at w1.fi
Mon Aug 30 05:29:42 EDT 2010


On Mon, Aug 30, 2010 at 11:18:56AM +0800, BaoZhong ZHENG wrote:

> I am working on Android platform, due to there is no library which
> encapsulates SIM card operations such as GSM auth and AKA auth interface, so
> I want to change the SIM operations from sync API call to Async message
> flow, I means when need to do GSM auth, wpa_supplicant sends one message to
> some component which can trigger GSM auth operation, and it will response
> the result to wpa_supplicant.

There seems to be some work going on in getting pcsc-lite working fine
with Android. I don't no how far that is, but just to point out that
there may be other alternatives for this..

> The current point is when I try to break eap_sim_process_challenge func
> after send GSM Auth request and return, when results come, I do not find the
> way into eap_sim_process_challenge func with GSM Auth results.

wpa_supplicant does not support this in the current EAP peer state
machine design. There is somewhat similar functionality in hostapd for
EAP server where EAP-SIM or EAP-AKA authentication data is fetched
asynchronously. That is somewhat of a hack, but something similar could
work with the EAP peer side, too. Alternatively, the EAP peer method API
would need to be extended to allow asynchronous operations (with
potentially changing all existing EAP peer method implementations or
probably preferably, by adding an optional callback function that avoids
this).

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list