Hi, > If I want to add an abstraction layer between the EAP-AKA protocol and > corresponding parameter calculation, how can I do? And what should be > noticed?
It's probably a good idea to use a similar abstraction as the EAP-SIM plugin. One could extend the existing SIM manager [1], or use the same concept specific for EAP-AKA. The SIM manager allows a plugin to register SIM cards (client side) and triplet providers (server side). The EAP plugin then looks up triplets using these interfaces. Even multiple SIM cards/triplet providers can be registered and used simultaneously. > Besides, as the triplets for EAP-SIM, the following key will be read from > USIM card for EAP-KAK, is it right? On the client, you'll need to pass AUTN/RAND to the USIM to calculate RES and CK/IK. If it is your intention to bring your code upstream, make sure to read our contribution guidelines [2]. Regards Martin [1]http://wiki.strongswan.org/repositories/entry/strongswan/src/charon/sa/authenticators/eap/sim_manager.h [2]http://wiki.strongswan.org/wiki/strongswan/Contributions _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users