def Payload_Challenge_Response(ID,RAND,ETYPE): # Let's build EAP-Payload Challenge-Response AVP # Create EAP-Payload (empty) EAP=eap.EAPItem() # Set command code EAP.cmd=eap.EAP_CODE_RESPONSE # Set id EAP.id=ID # Set type EAP.type=ETYPE # Set sub-type EAP.stype=eap.dictEAPSUBname2type("AKA-Challenge") # RAND is copied from Challenge # These values can be calculated or entered manually #XRES,CK,IK,AK,AKS=eap.aka_calc_milenage(OP,Ki,RAND) # Or copy from MAA # IK=Identity-Key # CK=Confidentiality-Key # XRES=SIP-Authorization IK = "952A44900B7FAFF249763475B3AA77EE"; CK = "F16A4BB5112DBA580132E29882FEC143"; XRES = "E818FBF691AE3B97"; KENCR,KAUT,MSK,EMSK,MK=eap.aka_calc_keys(IDENTITY,CK,IK) # Add AT_RES EAP.avps.append(("AT_RES",XRES)) # Add AT_MAC as last eap.addMAC(EAP,KAUT,"") # Do not add any AVPs after adding MAC Payload=eap.encode_EAP(EAP) # Payload now contains EAP-Payload AVP return Payload
def Payload_Challenge_Response(ID, RAND, ETYPE): # Let's build EAP-Payload Challenge-Response AVP # Create EAP-Payload (empty) EAP = eap.EAPItem() # Set command code EAP.cmd = eap.EAP_CODE_RESPONSE # Set id EAP.id = ID # Set type EAP.type = ETYPE # Set sub-type EAP.stype = eap.dictEAPSUBname2type("AKA-Challenge") # RAND is copied from Challenge # These values can be calculated or entered manually #XRES,CK,IK,AK,AKS=eap.aka_calc_milenage(OP,Ki,RAND) # Or copy from MAA # IK=Identity-Key # CK=Confidentiality-Key # XRES=SIP-Authorization IK = "952A44900B7FAFF249763475B3AA77EE" CK = "F16A4BB5112DBA580132E29882FEC143" XRES = "E818FBF691AE3B97" KENCR, KAUT, MSK, EMSK, MK = eap.aka_calc_keys(IDENTITY, CK, IK) # Add AT_RES EAP.avps.append(("AT_RES", XRES)) # Add AT_MAC as last eap.addMAC(EAP, KAUT, "") # Do not add any AVPs after adding MAC Payload = eap.encode_EAP(EAP) # Payload now contains EAP-Payload AVP return Payload
def Payload_Challenge_Response(ID, RAND, ETYPE): # Let's build EAP-Payload Challenge-Response AVP # Create EAP-Payload (empty) EAP = eap.EAPItem() # Set command code EAP.cmd = eap.EAP_CODE_RESPONSE # Set id EAP.id = ID # Set type EAP.type = ETYPE # Set sub-type EAP.stype = eap.dictEAPSUBname2type("AKA-Challenge") # RAND is copied from Challenge # These values can be calculated or entered manually #XRES,CK,IK,AK,AKS=eap.aka_calc_milenage(OP,Ki,RAND) # Or copy from MAA # IK=Identity-Key # CK=Confidentiality-Key # XRES=SIP-Authorization IK = "2d346b8c456223bc7519823a0abc94fd" CK = "07fc3189172095ddce5b4ba2bfb70f7f" XRES = "e818fbf691ae3b97" if EAP.type == eap.EAP_TYPE_AKAPRIME: # For AKA' KENCR, KAUT, MSK, EMSK, KRE = eap.akap_calc_keys(IDENTITY, CK, IK) else: # For AKA KENCR, KAUT, MSK, EMSK, MK = eap.aka_calc_keys(IDENTITY, CK, IK) # Add AT_RES EAP.avps.append(("AT_RES", XRES)) # Add AT_MAC as last eap.addMAC(EAP, KAUT, '') # Do not add any AVPs after adding MAC Payload = eap.encode_EAP(EAP) # Payload now contains EAP-Payload AVP return Payload
def Payload_Challenge_Response(ID, RAND, ETYPE): # Let's build EAP-Payload Challenge-Response AVP # Create EAP-Payload (empty) EAP = eap.EAPItem() # Set command code EAP.cmd = eap.EAP_CODE_RESPONSE # Set id EAP.id = ID # Set type EAP.type = ETYPE # Set sub-type EAP.stype = eap.dictEAPSUBname2type("AKA-Challenge") # RAND is copied from Challenge # These values can be calculated or entered manually # XRES,CK,IK,AK,AKS=eap.aka_calc_milenage(OP,Ki,RAND) # Or copy from MAA # IK=Identity-Key # CK=Confidentiality-Key # XRES=SIP-Authorization IK = "2d346b8c456223bc7519823a0abc94fd" CK = "07fc3189172095ddce5b4ba2bfb70f7f" XRES = "e818fbf691ae3b97" if EAP.type == eap.EAP_TYPE_AKAPRIME: # For AKA' KENCR, KAUT, MSK, EMSK, KRE = eap.akap_calc_keys(IDENTITY, CK, IK) else: # For AKA KENCR, KAUT, MSK, EMSK, MK = eap.aka_calc_keys(IDENTITY, CK, IK) # Add AT_RES EAP.avps.append(("AT_RES", XRES)) # Add AT_MAC as last eap.addMAC(EAP, KAUT, "") # Do not add any AVPs after adding MAC Payload = eap.encode_EAP(EAP) # Payload now contains EAP-Payload AVP return Payload
ENCR_DATA = "C977562B704A8FF57782FBA5DC039BA12D6E34AA7DA5E9ABCE0E07FA3C5FC85F3487747063442D859C3A9F8351D34138FEA922B88FE785EE94C4C42DAC796FF7" # ============================= # Procedure # 1) From OP,K,RAND calculate XRES,Ck,Ik (milenage-f2345) # This is enough to build response, but let's calculate a bit further # 2) From Identity,Ck,Ik calculate keys (aka) # If AT_ENCR_DATA AVP exist # 3) Using those keys to decode AT_ENCR_DATA # 4) Using OP,K,RAND,SQN,AMF calculate XMAC, MAC_S (milenage-f1) to verify AUTN # ============================================================ # Step 1 XRES, CK, IK, AK, AKS = eap.aka_calc_milenage(OP, K, RAND) print XRES, CK, IK, AK, AKS print "=" * 30 # Step 2 KENCR, KAUT, MSK, EMSK, MK = eap.aka_calc_keys(Identity, CK, IK) print KENCR print "+" * 30 # Step 3 # Example how to decode Reauth-Id DATA = eap.decrypt_data(IV, KENCR, ENCR_DATA) print DATA print "-" * 30 avps = eap.splitEAPAVPs(DATA) for avp in avps: (Name, Value) = avp print Name, "=", Value REAUTH = findAVP("AT_NEXT_REAUTH_ID", avps) if REAUTH <> -1: print REAUTH.decode("hex") print "=" * 30
ENCR_DATA = "C977562B704A8FF57782FBA5DC039BA12D6E34AA7DA5E9ABCE0E07FA3C5FC85F3487747063442D859C3A9F8351D34138FEA922B88FE785EE94C4C42DAC796FF7" #============================= # Procedure # 1) From OP,K,RAND calculate XRES,Ck,Ik (milenage-f2345) # This is enough to build response, but let's calculate a bit further # 2) From Identity,Ck,Ik calculate keys (aka) # If AT_ENCR_DATA AVP exist # 3) Using those keys to decode AT_ENCR_DATA # 4) Using OP,K,RAND,SQN,AMF calculate XMAC, MAC_S (milenage-f1) to verify AUTN # ============================================================ # Step 1 XRES, CK, IK, AK, AKS = eap.aka_calc_milenage(OP, K, RAND) print XRES, CK, IK, AK, AKS print "=" * 30 # Step 2 KENCR, KAUT, MSK, EMSK, MK = eap.aka_calc_keys(Identity, CK, IK) print KENCR print "+" * 30 # Step 3 # Example how to decode Reauth-Id DATA = eap.decrypt_data(IV, KENCR, ENCR_DATA) print DATA print "-" * 30 avps = eap.splitEAPAVPs(DATA) for avp in avps: (Name, Value) = avp print Name, "=", Value REAUTH = findAVP("AT_NEXT_REAUTH_ID", avps) if REAUTH <> -1: print REAUTH.decode("hex") print "=" * 30