From: Marcel Holtmann <marcel@holtmann.org>
To: ofono@ofono.org
Subject: Re: [RFC sim-authenticate PATCH 2/3] Added doc/sim-authentication-api.txt.
Date: Mon, 03 Jan 2011 12:22:23 -0800 [thread overview]
Message-ID: <1294086143.5852.4.camel@aeonflux> (raw)
In-Reply-To: <1294066701-27298-3-git-send-email-Pekka.Pessi@nokia.com>
[-- Attachment #1: Type: text/plain, Size: 1798 bytes --]
Hi Pekka,
> The EAP applications on SIM should be handled separately. The
> EapSimAuthenticate and EapAkaAuthenticate do not require a special EAP
> application on SIM, but they use ordinary cellular authentication.
> ---
> doc/sim-authentication-api.txt | 66 ++++++++++++++++++++++++++++++++++++++++
> 1 files changed, 66 insertions(+), 0 deletions(-)
> create mode 100644 doc/sim-authentication-api.txt
>
> diff --git a/doc/sim-authentication-api.txt b/doc/sim-authentication-api.txt
> new file mode 100644
> index 0000000..9a033bf
> --- /dev/null
> +++ b/doc/sim-authentication-api.txt
> @@ -0,0 +1,66 @@
> +SimAuthentication hierarchy
> +===========================
> +
> +Service org.ofono
> +Interface org.ofono.SimAuthentication
> +Object path [variable prefix]/{modem0,modem1,...}
> +
> +Methods byte{array} EapSimAuthenticate(array{byte} rand)
> +
> + Executes the SIM authentication algorithm for
> + RFC 4186 EAP SIM authentication method.
> +
> + The input parameter is RAND, a 16-byte array.
> + In case of successful authentication operation
> + the SRES parameter is returned as a 4-byte array.
> +
> + Possible Errors: [service].Error.InvalidArguments
> + [service].Error.NotImplemented
> +
> + dict EapAkaAuthenticate(array{byte} rand, array{byte} autn)
so I would rather have an interface where you can discover the supported
authentication applications on the SIM card and then have one interface
to execute them.
The application using this interface needs somehow to know what methods
are available and not do some try and error execution.
The EAP SIM is a subset of any proper AKA mechanism, but that should be
fine as well. Just having an empty AUTN array seems fine to me.
Regards
Marcel
next prev parent reply other threads:[~2011-01-03 20:22 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-03 14:58 [RFC sim-authenticate PATCH 0/3] Pekka.Pessi
2011-01-03 14:58 ` [RFC sim-authenticate PATCH 1/3] TODO: add SIM authentication Pekka.Pessi
2011-01-03 14:58 ` [RFC sim-authenticate PATCH 2/3] Added doc/sim-authentication-api.txt Pekka.Pessi
2011-01-03 14:58 ` [RFC sim-authenticate PATCH 3/3] Include doc/sim-authentication-api.txt in dist Pekka.Pessi
2011-01-03 20:22 ` Marcel Holtmann [this message]
2011-01-03 20:49 ` [RFC sim-authenticate PATCH 2/3] Added doc/sim-authentication-api.txt Pekka Pessi
2011-01-03 20:54 ` Marcel Holtmann
2011-01-04 11:16 ` Pekka Pessi
2011-01-04 17:28 ` Marcel Holtmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1294086143.5852.4.camel@aeonflux \
--to=marcel@holtmann.org \
--cc=ofono@ofono.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox