Section 3.3. Testing EAP-SIM with an unknown SIM card and canned triplets

3.3. Testing EAP-SIM with an unknown SIM card and canned triplets

About this task

This test scenario tests EAP-SIM functionality when the SIM card's secret keys are not known. This does not work for EAP-AKA or EAP-AKA'. The SIM triplets are generated by the SIM card and added to a triplet file. Radiator SWx/Cx/Wx Diameter server is configured to use the triplet file for authentication.

Before you begin

You need the following accessories and softwares for this test scenario:

PCSC (Personal Computer Smart Card) reader
pcsc-lite, PCSC smart card software
pcsc-perl, Perl wrapper for PCSC
GSM SIM cards for testing

Procedure

To execute the test, set up Radiator EAP-SIM configuration as described in Section 3.2. Testing EAP-SIM, EAP-AKA and EAP-AKA' with a known Milenage SIM/3G/LTE SIM card. Then generate triplets and configure Radiator HSS to use the newly generated triplets.

Generate triplets with the test GSM SIM card and add them to the triplets file. Use the correct PIN.
```
cd /opt/radiator/radiator-sim/
./goodies/gettriplets -pin 1234 >>/path/to/triplets.dat
```
Specify the triplets file path in /etc/radiator/radiator-wxmap.conf file. Ensure that Radiator process can access and read the file. Comment out 3GPPCardDatabaseFile parameter.
```
TripletsFile /path/to/triplets.dat
# 3GPPCardDatabaseFilename %D/simcards/simcards.dat
```
Run the Radiator SWx/Cx/Wx (HSS) Diameter server. Verify from log file in /var/log/radiator/ that the server has started correctly.
```
sudo systemctl restart radiator@wxmap
```
Verify that Radiator EAP-SIM server is runningEAP. Verify from log file in /var/log/radiator/ that the server has started correctly.
```
sudo systemctl restart radiator@eapsim
```
Test with your EAP-SIM Wi-Fi device. Follow the authentication in the Radiator log file.
For TMSI or Fast Re-Authentication support, enable UseTMSI and UseReauthentication flags in the Radiator EAP server configuration file.