Moving charon to libcharon.

9 files changed, 769 insertions, 0 deletions

diff --git a/src/libcharon/plugins/eap_sim_file/Makefile.am b/src/libcharon/plugins/eap_sim_file/Makefile.am
new file mode 100644
index 000000000..544883003
--- /dev/null
+++ b/src/libcharon/plugins/eap_sim_file/Makefile.am
@@ -0,0 +1,18 @@
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
+
+AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${sysconfdir}\"
+
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-eap-sim-file.la
+else
+plugin_LTLIBRARIES = libstrongswan-eap-sim-file.la
+endif
+
+libstrongswan_eap_sim_file_la_SOURCES = \
+	eap_sim_file_plugin.h eap_sim_file_plugin.c \
+	eap_sim_file_card.h eap_sim_file_card.c \
+	eap_sim_file_provider.h eap_sim_file_provider.c \
+	eap_sim_file_triplets.h eap_sim_file_triplets.c
+
+libstrongswan_eap_sim_file_la_LDFLAGS = -module -avoid-version
diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.c b/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.c
new file mode 100644
index 000000000..d132a38f6
--- /dev/null
+++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.c
@@ -0,0 +1,107 @@
+/*
+ * Copyright (C) 2008-2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "eap_sim_file_card.h"
+
+#include <daemon.h>
+
+typedef struct private_eap_sim_file_card_t private_eap_sim_file_card_t;
+
+/**
+ * Private data of an eap_sim_file_card_t object.
+ */
+struct private_eap_sim_file_card_t {
+
+	/**
+	 * Public eap_sim_file_card_t interface.
+	 */
+	eap_sim_file_card_t public;
+
+	/**
+	 * source of triplets
+	 */
+	eap_sim_file_triplets_t *triplets;
+};
+
+/**
+ * Implementation of sim_card_t.get_triplet
+ */
+static bool get_triplet(private_eap_sim_file_card_t *this,
+						identification_t *id, char *rand, char *sres, char *kc)
+{
+	enumerator_t *enumerator;
+	identification_t *cand;
+	char *c_rand, *c_sres, *c_kc;
+
+	DBG2(DBG_CFG, "looking for triplet: %Y rand %b", id, rand, SIM_RAND_LEN);
+
+	enumerator = this->triplets->create_enumerator(this->triplets);
+	while (enumerator->enumerate(enumerator, &cand, &c_rand, &c_sres, &c_kc))
+	{
+		DBG2(DBG_CFG, "got a triplet: %Y rand %b\nsres %b\n kc %b", cand,
+			 c_rand, SIM_RAND_LEN, c_sres, SIM_SRES_LEN, c_kc, SIM_KC_LEN);
+		if (id->matches(id, cand))
+		{
+			if (memeq(c_rand, rand, SIM_RAND_LEN))
+			{
+				DBG2(DBG_CFG, "  => triplet matches");
+				memcpy(sres, c_sres, SIM_SRES_LEN);
+				memcpy(kc, c_kc, SIM_KC_LEN);
+				enumerator->destroy(enumerator);
+				return TRUE;
+			}
+		}
+	}
+	enumerator->destroy(enumerator);
+	return FALSE;
+}
+
+/**
+ * Implementation of sim_card_t.get_quintuplet
+ */
+static status_t get_quintuplet()
+{
+	return NOT_SUPPORTED;
+}
+
+/**
+ * Implementation of eap_sim_file_card_t.destroy.
+ */
+static void destroy(private_eap_sim_file_card_t *this)
+{
+	free(this);
+}
+
+/**
+ * See header
+ */
+eap_sim_file_card_t *eap_sim_file_card_create(eap_sim_file_triplets_t *triplets)
+{
+	private_eap_sim_file_card_t *this = malloc_thing(private_eap_sim_file_card_t);
+
+	this->public.card.get_triplet = (bool(*)(sim_card_t*, identification_t *id, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))get_triplet;
+	this->public.card.get_quintuplet = (status_t(*)(sim_card_t*, identification_t *id, char rand[AKA_RAND_LEN], char autn[AKA_AUTN_LEN], char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char res[AKA_RES_MAX], int *res_len))get_quintuplet;
+	this->public.card.resync = (bool(*)(sim_card_t*, identification_t *id, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))return_false;
+	this->public.card.get_pseudonym = (identification_t*(*)(sim_card_t*, identification_t *perm))return_null;
+	this->public.card.set_pseudonym = (void(*)(sim_card_t*, identification_t *id, identification_t *pseudonym))nop;
+	this->public.card.get_reauth = (identification_t*(*)(sim_card_t*, identification_t *id, char mk[HASH_SIZE_SHA1], u_int16_t *counter))return_null;
+	this->public.card.set_reauth = (void(*)(sim_card_t*, identification_t *id, identification_t* next, char mk[HASH_SIZE_SHA1], u_int16_t counter))nop;
+	this->public.destroy = (void(*)(eap_sim_file_card_t*))destroy;
+
+	this->triplets = triplets;
+
+	return &this->public;
+}
+
diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.h b/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.h
new file mode 100644
index 000000000..1a5470968
--- /dev/null
+++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.h
@@ -0,0 +1,53 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup eap_sim_file_card eap_sim_file_card
+ * @{ @ingroup eap_sim_file
+ */
+
+#ifndef EAP_SIM_FILE_CARD_H_
+#define EAP_SIM_FILE_CARD_H_
+
+#include "eap_sim_file_triplets.h"
+
+#include <sa/authenticators/eap/sim_manager.h>
+
+typedef struct eap_sim_file_card_t eap_sim_file_card_t;
+
+/**
+ * SIM card implementation on top of a triplet file.
+ */
+struct eap_sim_file_card_t {
+
+	/**
+	 * Implements sim_card_t interface
+	 */
+	sim_card_t card;
+
+	/**
+	 * Destroy a eap_sim_file_card_t.
+	 */
+	void (*destroy)(eap_sim_file_card_t *this);
+};
+
+/**
+ * Create a eap_sim_file_card instance.
+ *
+ * @param triplets		source of triplets
+ */
+eap_sim_file_card_t *eap_sim_file_card_create(eap_sim_file_triplets_t *triplets);
+
+#endif /** EAP_SIM_FILE_CARD_H_ @}*/
diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.c b/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.c
new file mode 100644
index 000000000..4f25c35ea
--- /dev/null
+++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.c
@@ -0,0 +1,90 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "eap_sim_file_plugin.h"
+#include "eap_sim_file_card.h"
+#include "eap_sim_file_provider.h"
+#include "eap_sim_file_triplets.h"
+
+#include <daemon.h>
+
+#define TRIPLET_FILE IPSEC_CONFDIR "/ipsec.d/triplets.dat"
+
+typedef struct private_eap_sim_file_t private_eap_sim_file_t;
+
+/**
+ * Private data of an eap_sim_file_t object.
+ */
+struct private_eap_sim_file_t {
+
+	/**
+	 * Public eap_sim_file_plugin_t interface.
+	 */
+	eap_sim_file_plugin_t public;
+
+	/**
+	 * SIM card
+	 */
+	eap_sim_file_card_t *card;
+
+	/**
+	 * SIM provider
+	 */
+	eap_sim_file_provider_t *provider;
+
+	/**
+	 * Triplet source
+	 */
+	eap_sim_file_triplets_t *triplets;
+};
+
+/**
+ * Implementation of eap_sim_file_t.destroy.
+ */
+static void destroy(private_eap_sim_file_t *this)
+{
+	charon->sim->remove_card(charon->sim, &this->card->card);
+	charon->sim->remove_provider(charon->sim, &this->provider->provider);
+	this->card->destroy(this->card);
+	this->provider->destroy(this->provider);
+	this->triplets->destroy(this->triplets);
+	free(this);
+}
+
+/**
+ * See header
+ */
+plugin_t *eap_sim_file_plugin_create()
+{
+	private_eap_sim_file_t *this = malloc_thing(private_eap_sim_file_t);
+
+	this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
+
+	this->triplets = eap_sim_file_triplets_create(TRIPLET_FILE);
+	this->provider = eap_sim_file_provider_create(this->triplets);
+	if (!this->provider)
+	{
+		this->triplets->destroy(this->triplets);
+		free(this);
+		return NULL;
+	}
+	this->card = eap_sim_file_card_create(this->triplets);
+
+	charon->sim->add_card(charon->sim, &this->card->card);
+	charon->sim->add_provider(charon->sim, &this->provider->provider);
+
+	return &this->public.plugin;
+}
+
diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.h b/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.h
new file mode 100644
index 000000000..f5083c72f
--- /dev/null
+++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup eap_sim_file eap_sim_file
+ * @ingroup cplugins
+ *
+ * @defgroup eap_sim_file_plugin eap_sim_file_plugin
+ * @{ @ingroup eap_sim_file
+ */
+
+#ifndef EAP_SIM_FILE_PLUGIN_H_
+#define EAP_SIM_FILE_PLUGIN_H_
+
+#include <plugins/plugin.h>
+
+typedef struct eap_sim_file_plugin_t eap_sim_file_plugin_t;
+
+/**
+ * Plugin to provide a SIM card/provider on top of a triplet file.
+ */
+struct eap_sim_file_plugin_t {
+
+	/**
+	 * implements plugin interface
+	 */
+	plugin_t plugin;
+};
+
+#endif /** EAP_SIM_FILE_PLUGIN_H_ @}*/
diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.c b/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.c
new file mode 100644
index 000000000..9bee31fc3
--- /dev/null
+++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.c
@@ -0,0 +1,93 @@
+/*
+ * Copyright (C) 2008-2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "eap_sim_file_provider.h"
+
+#include <daemon.h>
+
+typedef struct private_eap_sim_file_provider_t private_eap_sim_file_provider_t;
+
+/**
+ * Private data of an eap_sim_file_provider_t object.
+ */
+struct private_eap_sim_file_provider_t {
+
+	/**
+	 * Public eap_sim_file_provider_t interface.
+	 */
+	eap_sim_file_provider_t public;
+
+	/**
+	 * source of triplets
+	 */
+	eap_sim_file_triplets_t *triplets;
+};
+
+/**
+ * Implementation of sim_provider_t.get_triplet
+ */
+static bool get_triplet(private_eap_sim_file_provider_t *this,
+						identification_t *id, char *rand, char *sres, char *kc)
+{
+	enumerator_t *enumerator;
+	identification_t *cand;
+	char *c_rand, *c_sres, *c_kc;
+
+	enumerator = this->triplets->create_enumerator(this->triplets);
+	while (enumerator->enumerate(enumerator, &cand, &c_rand, &c_sres, &c_kc))
+	{
+		if (id->matches(id, cand))
+		{
+			memcpy(rand, c_rand, SIM_RAND_LEN);
+			memcpy(sres, c_sres, SIM_SRES_LEN);
+			memcpy(kc, c_kc, SIM_KC_LEN);
+			enumerator->destroy(enumerator);
+			return TRUE;
+		}
+	}
+	enumerator->destroy(enumerator);
+	return FALSE;
+}
+
+/**
+ * Implementation of eap_sim_file_provider_t.destroy.
+ */
+static void destroy(private_eap_sim_file_provider_t *this)
+{
+	free(this);
+}
+
+/**
+ * See header
+ */
+eap_sim_file_provider_t *eap_sim_file_provider_create(
+											eap_sim_file_triplets_t *triplets)
+{
+	private_eap_sim_file_provider_t *this = malloc_thing(private_eap_sim_file_provider_t);
+
+	this->public.provider.get_triplet = (bool(*)(sim_provider_t*, identification_t *id, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))get_triplet;
+	this->public.provider.get_quintuplet = (bool(*)(sim_provider_t*, identification_t *id, char rand[AKA_RAND_LEN], char xres[AKA_RES_MAX], int *xres_len, char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char autn[AKA_AUTN_LEN]))return_false;
+	this->public.provider.resync = (bool(*)(sim_provider_t*, identification_t *id, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))return_false;
+	this->public.provider.is_pseudonym = (identification_t*(*)(sim_provider_t*, identification_t *id))return_null;
+	this->public.provider.gen_pseudonym = (identification_t*(*)(sim_provider_t*, identification_t *id))return_null;
+	this->public.provider.is_reauth = (identification_t*(*)(sim_provider_t*, identification_t *id, char [HASH_SIZE_SHA1], u_int16_t *counter))return_null;
+	this->public.provider.gen_reauth = (identification_t*(*)(sim_provider_t*, identification_t *id, char mk[HASH_SIZE_SHA1]))return_null;
+	this->public.destroy = (void(*)(eap_sim_file_provider_t*))destroy;
+
+	this->triplets = triplets;
+
+	return &this->public;
+}
+
diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.h b/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.h
new file mode 100644
index 000000000..10fda282a
--- /dev/null
+++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup eap_sim_file_provider eap_sim_file_provider
+ * @{ @ingroup eap_sim_file
+ */
+
+#ifndef EAP_SIM_FILE_PROVIDER_H_
+#define EAP_SIM_FILE_PROVIDER_H_
+
+#include "eap_sim_file_triplets.h"
+
+typedef struct eap_sim_file_provider_t eap_sim_file_provider_t;
+
+/**
+ * SIM provider implementation on top of triplets file.
+ */
+struct eap_sim_file_provider_t {
+
+	/**
+	 * Implements sim_provider_t interface.
+	 */
+	sim_provider_t provider;
+
+	/**
+	 * Destroy a eap_sim_file_provider_t.
+	 */
+	void (*destroy)(eap_sim_file_provider_t *this);
+};
+
+/**
+ * Create a eap_sim_file_provider instance.
+ */
+eap_sim_file_provider_t *eap_sim_file_provider_create(
+											eap_sim_file_triplets_t *triplets);
+
+#endif /** EAP_SIM_FILE_PROVIDER_H_ @}*/
diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.c b/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.c
new file mode 100644
index 000000000..6b7d99fb7
--- /dev/null
+++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.c
@@ -0,0 +1,260 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "eap_sim_file_triplets.h"
+
+#include <stdio.h>
+#include <errno.h>
+
+#include <daemon.h>
+#include <utils/linked_list.h>
+#include <threading/mutex.h>
+
+typedef struct private_eap_sim_file_triplets_t private_eap_sim_file_triplets_t;
+
+/**
+ * Private data of an eap_sim_file_triplets_t object.
+ */
+struct private_eap_sim_file_triplets_t {
+
+	/**
+	 * Public eap_sim_file_triplets_t interface.
+	 */
+	eap_sim_file_triplets_t public;
+
+	/**
+	 * List of triplets, as triplet_t
+	 */
+	linked_list_t *triplets;
+
+	/**
+	 * mutex to lock triplets list
+	 */
+	mutex_t *mutex;
+};
+
+/**
+ * A single triplet
+ */
+typedef struct  {
+	identification_t *imsi;
+	char rand[SIM_RAND_LEN];
+	char sres[SIM_SRES_LEN];
+	char kc[SIM_KC_LEN];
+} triplet_t;
+
+/**
+ * Destroy a triplet
+ */
+static void triplet_destroy(triplet_t *this)
+{
+	DESTROY_IF(this->imsi);
+	free(this);
+}
+
+/**
+ * triplet enumerator
+ */
+typedef struct {
+	/** implements enumerator */
+	enumerator_t public;
+	/** inner enumerator */
+	enumerator_t *inner;
+	/** current enumerating triplet */
+	triplet_t *current;
+	/** back ptr */
+	private_eap_sim_file_triplets_t *this;
+} triplet_enumerator_t;
+
+/**
+ * destroy a triplet enumerator
+ */
+static void enumerator_destroy(triplet_enumerator_t *e)
+{
+	if (e->current)
+	{
+		/* We assume that the current element is used on invocation if destroy.
+		 * We move that triplet to the end to avoid handout of the same triplet
+		 * next time. */
+		e->this->triplets->remove_at(e->this->triplets, e->inner);
+		e->this->triplets->insert_last(e->this->triplets, e->current);
+	}
+	e->inner->destroy(e->inner);
+	e->this->mutex->unlock(e->this->mutex);
+	free(e);
+}
+
+/**
+ * enumerate through triplets
+ */
+static bool enumerator_enumerate(triplet_enumerator_t *e, identification_t **imsi,
+								 char **rand, char **sres, char **kc)
+{
+	triplet_t *triplet;
+
+	if (e->inner->enumerate(e->inner, &triplet))
+	{
+		e->current = triplet;
+		*imsi = triplet->imsi;
+		*rand = triplet->rand;
+		*sres = triplet->sres;
+		*kc = triplet->kc;
+		return TRUE;
+	}
+	e->current = NULL;
+	return FALSE;
+}
+
+/**
+ * Implementation of eap_sim_file_triplets_t.create_enumerator
+ */
+static enumerator_t* create_enumerator(private_eap_sim_file_triplets_t *this)
+{
+	triplet_enumerator_t *enumerator = malloc_thing(triplet_enumerator_t);
+
+	this->mutex->lock(this->mutex);
+	enumerator->public.enumerate = (void*)enumerator_enumerate;
+	enumerator->public.destroy = (void*)enumerator_destroy;
+	enumerator->inner = this->triplets->create_enumerator(this->triplets);
+	enumerator->current = NULL;
+	enumerator->this = this;
+
+	return &enumerator->public;
+}
+
+/**
+ * convert to token into the array
+ */
+static void parse_token(char *to, char *from, size_t len)
+{
+	chunk_t chunk;
+
+	chunk = chunk_create(from, min(strlen(from), len * 2));
+	chunk = chunk_from_hex(chunk, NULL);
+	memset(to, 0, len);
+	memcpy(to + len - chunk.len, chunk.ptr, chunk.len);
+	free(chunk.ptr);
+}
+
+/**
+ * Read the triplets from the file
+ */
+static void read_triplets(private_eap_sim_file_triplets_t *this, char *path)
+{
+	char line[512];
+	FILE *file;
+	int i, nr = 0;
+
+	file = fopen(path, "r");
+	if (file == NULL)
+	{
+		DBG1(DBG_CFG, "opening triplet file %s failed: %s",
+			 path, strerror(errno));
+		return;
+	}
+
+	/* read line by line */
+	while (fgets(line, sizeof(line), file))
+	{
+		triplet_t *triplet;
+		enumerator_t *enumerator;
+		char *token;
+
+		nr++;
+		/* skip comments, empty lines */
+		switch (line[0])
+		{
+			case '\n':
+			case '\r':
+			case '#':
+			case '\0':
+				continue;
+			default:
+				break;
+		}
+		triplet = malloc_thing(triplet_t);
+		memset(triplet, 0, sizeof(triplet_t));
+
+		i = 0;
+		enumerator = enumerator_create_token(line, ",", " \n\r#");
+		while (enumerator->enumerate(enumerator, &token))
+		{
+			switch (i++)
+			{
+				case 0: /* IMSI */
+					triplet->imsi = identification_create_from_string(token);
+					continue;
+				case 1: /* rand */
+					parse_token(triplet->rand, token, SIM_RAND_LEN);
+					continue;
+				case 2: /* sres */
+					parse_token(triplet->sres, token, SIM_SRES_LEN);
+					continue;
+				case 3: /* kc */
+					parse_token(triplet->kc, token, SIM_KC_LEN);
+					continue;
+				default:
+					break;;
+			}
+			break;
+		}
+		enumerator->destroy(enumerator);
+		if (i < 4)
+		{
+			DBG1(DBG_CFG, "error in triplet file, line %d", nr);
+			triplet_destroy(triplet);
+			continue;
+		}
+
+		DBG2(DBG_CFG, "triplet: imsi %Y\nrand %b\nsres %b\nkc %b",
+			 triplet->imsi, triplet->rand, SIM_RAND_LEN,
+			 triplet->sres, SIM_SRES_LEN, triplet->kc, SIM_KC_LEN);
+
+		this->triplets->insert_last(this->triplets, triplet);
+	}
+	fclose(file);
+
+	DBG1(DBG_CFG, "read %d triplets from %s",
+		 this->triplets->get_count(this->triplets), path);
+}
+
+/**
+ * Implementation of eap_sim_file_triplets_t.destroy.
+ */
+static void destroy(private_eap_sim_file_triplets_t *this)
+{
+	this->triplets->destroy_function(this->triplets, (void*)triplet_destroy);
+	this->mutex->destroy(this->mutex);
+	free(this);
+}
+
+/**
+ * See header
+ */
+eap_sim_file_triplets_t *eap_sim_file_triplets_create(char *file)
+{
+	private_eap_sim_file_triplets_t *this = malloc_thing(private_eap_sim_file_triplets_t);
+
+	this->public.create_enumerator = (enumerator_t*(*)(eap_sim_file_triplets_t*))create_enumerator;
+	this->public.destroy = (void(*)(eap_sim_file_triplets_t*))destroy;
+
+	this->triplets = linked_list_create();
+	this->mutex = mutex_create(MUTEX_TYPE_DEFAULT);
+
+	read_triplets(this, file);
+
+	return &this->public;
+}
+
diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.h b/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.h
new file mode 100644
index 000000000..8f8130810
--- /dev/null
+++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.h
@@ -0,0 +1,56 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup eap_sim_file_triplets eap_sim_file_triplets
+ * @{ @ingroup eap_sim_file
+ */
+
+#ifndef EAP_SIM_FILE_TRIPLETS_H_
+#define EAP_SIM_FILE_TRIPLETS_H_
+
+#include <sa/authenticators/eap/sim_manager.h>
+
+typedef struct eap_sim_file_triplets_t eap_sim_file_triplets_t;
+
+/**
+ * Reads triplets from a triplets.dat file.
+ *
+ * The file is in freeradius triplet file syntax:
+ * http://www.freeradius.org/radiusd/doc/rlm_sim_triplets
+ */
+struct eap_sim_file_triplets_t {
+
+	/**
+	 * Create an enumerator over the file's triplets.
+	 *
+	 * @return			enumerator over (identity, rand, sres, kc)
+	 */
+	enumerator_t* (*create_enumerator)(eap_sim_file_triplets_t *this);
+
+	/**
+	 * Destroy a eap_sim_file_triplets_t.
+	 */
+	void (*destroy)(eap_sim_file_triplets_t *this);
+};
+
+/**
+ * Create a eap_sim_file_triplets instance.
+ *
+ * @param file		triplet file to read from
+ */
+eap_sim_file_triplets_t *eap_sim_file_triplets_create(char *file);
+
+#endif /** EAP_SIM_FILE_TRIPLETS_H_ @}*/