Imported Upstream version 4.6.4

9 files changed, 179 insertions, 127 deletions

diff --git a/src/libcharon/plugins/eap_aka_3gpp2/Makefile.am b/src/libcharon/plugins/eap_aka_3gpp2/Makefile.am
index 598799e2a..b4d6dc1d2 100644
--- a/src/libcharon/plugins/eap_aka_3gpp2/Makefile.am
+++ b/src/libcharon/plugins/eap_aka_3gpp2/Makefile.am
@@ -1,13 +1,17 @@
 
 INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
-	-I$(top_srcdir)/src/libcharon
+	-I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libsimaka
 
 AM_CFLAGS = -rdynamic
 
+libstrongswan_eap_aka_3gpp2_la_LDFLAGS = -module -avoid-version
+libstrongswan_eap_aka_3gpp2_la_LIBADD = -lgmp
+
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-aka-3gpp2.la
 else
 plugin_LTLIBRARIES = libstrongswan-eap-aka-3gpp2.la
+libstrongswan_eap_aka_3gpp2_la_LIBADD += $(top_builddir)/src/libsimaka/libsimaka.la
 endif
 
 libstrongswan_eap_aka_3gpp2_la_SOURCES = \
@@ -15,6 +19,3 @@ libstrongswan_eap_aka_3gpp2_la_SOURCES = \
 	eap_aka_3gpp2_card.h eap_aka_3gpp2_card.c \
 	eap_aka_3gpp2_provider.h eap_aka_3gpp2_provider.c \
 	eap_aka_3gpp2_functions.h eap_aka_3gpp2_functions.c
-
-libstrongswan_eap_aka_3gpp2_la_LDFLAGS = -module -avoid-version
-libstrongswan_eap_aka_3gpp2_la_LIBADD  = -lgmp
diff --git a/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in b/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in
index 1fe86a2bb..b0890fb39 100644
--- a/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in
+++ b/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in
@@ -34,6 +34,7 @@ PRE_UNINSTALL = :
 POST_UNINSTALL = :
 build_triplet = @build@
 host_triplet = @host@
+@MONOLITHIC_FALSE@am__append_1 = $(top_builddir)/src/libsimaka/libsimaka.la
 subdir = src/libcharon/plugins/eap_aka_3gpp2
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
@@ -74,7 +75,7 @@ am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
 am__installdirs = "$(DESTDIR)$(plugindir)"
 LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
-libstrongswan_eap_aka_3gpp2_la_DEPENDENCIES =
+libstrongswan_eap_aka_3gpp2_la_DEPENDENCIES = $(am__append_1)
 am_libstrongswan_eap_aka_3gpp2_la_OBJECTS = eap_aka_3gpp2_plugin.lo \
 	eap_aka_3gpp2_card.lo eap_aka_3gpp2_provider.lo \
 	eap_aka_3gpp2_functions.lo
@@ -196,6 +197,9 @@ am__leading_dot = @am__leading_dot@
 am__quote = @am__quote@
 am__tar = @am__tar@
 am__untar = @am__untar@
+attest_plugins = @attest_plugins@
+axis2c_CFLAGS = @axis2c_CFLAGS@
+axis2c_LIBS = @axis2c_LIBS@
 bindir = @bindir@
 build = @build@
 build_alias = @build_alias@
@@ -204,6 +208,7 @@ build_os = @build_os@
 build_vendor = @build_vendor@
 builddir = @builddir@
 c_plugins = @c_plugins@
+clearsilver_LIBS = @clearsilver_LIBS@
 datadir = @datadir@
 datarootdir = @datarootdir@
 dbusservicedir = @dbusservicedir@
@@ -220,11 +225,13 @@ host_cpu = @host_cpu@
 host_os = @host_os@
 host_vendor = @host_vendor@
 htmldir = @htmldir@
+imcvdir = @imcvdir@
 includedir = @includedir@
 infodir = @infodir@
 install_sh = @install_sh@
 ipsecdir = @ipsecdir@
 ipsecgroup = @ipsecgroup@
+ipseclibdir = @ipseclibdir@
 ipsecuser = @ipsecuser@
 libcharon_plugins = @libcharon_plugins@
 libdir = @libdir@
@@ -268,6 +275,7 @@ sharedstatedir = @sharedstatedir@
 soup_CFLAGS = @soup_CFLAGS@
 soup_LIBS = @soup_LIBS@
 srcdir = @srcdir@
+starter_plugins = @starter_plugins@
 strongswan_conf = @strongswan_conf@
 sysconfdir = @sysconfdir@
 systemdsystemunitdir = @systemdsystemunitdir@
@@ -279,9 +287,11 @@ urandom_device = @urandom_device@
 xml_CFLAGS = @xml_CFLAGS@
 xml_LIBS = @xml_LIBS@
 INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
-	-I$(top_srcdir)/src/libcharon
+	-I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libsimaka
 
 AM_CFLAGS = -rdynamic
+libstrongswan_eap_aka_3gpp2_la_LDFLAGS = -module -avoid-version
+libstrongswan_eap_aka_3gpp2_la_LIBADD = -lgmp $(am__append_1)
 @MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-eap-aka-3gpp2.la
 @MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-eap-aka-3gpp2.la
 libstrongswan_eap_aka_3gpp2_la_SOURCES = \
@@ -290,8 +300,6 @@ libstrongswan_eap_aka_3gpp2_la_SOURCES = \
 	eap_aka_3gpp2_provider.h eap_aka_3gpp2_provider.c \
 	eap_aka_3gpp2_functions.h eap_aka_3gpp2_functions.c
 
-libstrongswan_eap_aka_3gpp2_la_LDFLAGS = -module -avoid-version
-libstrongswan_eap_aka_3gpp2_la_LIBADD = -lgmp
 all: all-am
 
 .SUFFIXES:
diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c
index 5c0fe38ad..cec06fbd7 100644
--- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c
+++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c
@@ -51,14 +51,10 @@ struct private_eap_aka_3gpp2_card_t {
 bool eap_aka_3gpp2_get_k(identification_t *id, char k[AKA_K_LEN]);
 void eap_aka_3gpp2_get_sqn(char sqn[AKA_SQN_LEN], int offset);
 
-/**
- * Implementation of sim_card_t.get_quintuplet
- */
-static status_t get_quintuplet(private_eap_aka_3gpp2_card_t *this,
-							   identification_t *id, char rand[AKA_RAND_LEN],
-							   char autn[AKA_AUTN_LEN], char ck[AKA_CK_LEN],
-							   char ik[AKA_IK_LEN], char res[AKA_RES_MAX],
-							   int *res_len)
+METHOD(simaka_card_t, get_quintuplet, status_t,
+	private_eap_aka_3gpp2_card_t *this, identification_t *id,
+	char rand[AKA_RAND_LEN], char autn[AKA_AUTN_LEN], char ck[AKA_CK_LEN],
+	char ik[AKA_IK_LEN], char res[AKA_RES_MAX], int *res_len)
 {
 	char *amf, *mac;
 	char k[AKA_K_LEN], ak[AKA_AK_LEN], sqn[AKA_SQN_LEN], xmac[AKA_MAC_LEN];
@@ -112,11 +108,9 @@ static status_t get_quintuplet(private_eap_aka_3gpp2_card_t *this,
 	return SUCCESS;
 }
 
-/**
- * Implementation of sim_card_t.resync
- */
-static bool resync(private_eap_aka_3gpp2_card_t *this, identification_t *id,
-				   char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN])
+METHOD(simaka_card_t, resync, bool,
+	private_eap_aka_3gpp2_card_t *this, identification_t *id,
+	char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN])
 {
 	char amf[AKA_AMF_LEN], k[AKA_K_LEN], aks[AKA_AK_LEN], macs[AKA_MAC_LEN];
 
@@ -138,10 +132,8 @@ static bool resync(private_eap_aka_3gpp2_card_t *this, identification_t *id,
 	return TRUE;
 }
 
-/**
- * Implementation of eap_aka_3gpp2_card_t.destroy.
- */
-static void destroy(private_eap_aka_3gpp2_card_t *this)
+METHOD(eap_aka_3gpp2_card_t, destroy, void,
+	private_eap_aka_3gpp2_card_t *this)
 {
 	free(this);
 }
@@ -151,25 +143,30 @@ static void destroy(private_eap_aka_3gpp2_card_t *this)
  */
 eap_aka_3gpp2_card_t *eap_aka_3gpp2_card_create(eap_aka_3gpp2_functions_t *f)
 {
-	private_eap_aka_3gpp2_card_t *this = malloc_thing(private_eap_aka_3gpp2_card_t);
-
-	this->public.card.get_triplet = (bool(*)(sim_card_t*, identification_t *id, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))return_false;
-	this->public.card.get_quintuplet = (status_t(*)(sim_card_t*, identification_t *id, char rand[AKA_RAND_LEN], char autn[AKA_AUTN_LEN], char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char res[AKA_RES_MAX], int *res_len))get_quintuplet;
-	this->public.card.resync = (bool(*)(sim_card_t*, identification_t *id, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))resync;
-	this->public.card.get_pseudonym = (identification_t*(*)(sim_card_t*, identification_t *id))return_null;
-	this->public.card.set_pseudonym = (void(*)(sim_card_t*, identification_t *id, identification_t *pseudonym))nop;
-	this->public.card.get_reauth = (identification_t*(*)(sim_card_t*, identification_t *id, char mk[HASH_SIZE_SHA1], u_int16_t *counter))return_null;
-	this->public.card.set_reauth = (void(*)(sim_card_t*, identification_t *id, identification_t* next, char mk[HASH_SIZE_SHA1], u_int16_t counter))nop;
-	this->public.destroy = (void(*)(eap_aka_3gpp2_card_t*))destroy;
-
-	this->f = f;
-	this->seq_check = lib->settings->get_bool(lib->settings,
+	private_eap_aka_3gpp2_card_t *this;
+
+	INIT(this,
+		.public = {
+			.card = {
+				.get_triplet = (void*)return_false,
+				.get_quintuplet = _get_quintuplet,
+				.resync = _resync,
+				.get_pseudonym = (void*)return_null,
+				.set_pseudonym = (void*)nop,
+				.get_reauth = (void*)return_null,
+				.set_reauth = (void*)nop,
+			},
+			.destroy = _destroy,
+		},
+		.f = f,
+		.seq_check = lib->settings->get_bool(lib->settings,
 									"charon.plugins.eap-aka-3gpp2.seq_check",
 #ifdef SEQ_CHECK /* handle legacy compile time configuration as default */
-									TRUE);
+									TRUE),
 #else /* !SEQ_CHECK */
-									FALSE);
+									FALSE),
 #endif /* SEQ_CHECK */
+	);
 
 	eap_aka_3gpp2_get_sqn(this->sqn, 0);
 
diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h
index b95bc52af..eb6b1f75f 100644
--- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h
+++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h
@@ -23,7 +23,7 @@
 
 #include "eap_aka_3gpp2_functions.h"
 
-#include <sa/authenticators/eap/sim_manager.h>
+#include <simaka_card.h>
 
 typedef struct eap_aka_3gpp2_card_t eap_aka_3gpp2_card_t;
 
@@ -33,9 +33,9 @@ typedef struct eap_aka_3gpp2_card_t eap_aka_3gpp2_card_t;
 struct eap_aka_3gpp2_card_t {
 
 	/**
-	 * Implements sim_card_t interface
+	 * Implements simaka_card_t interface
 	 */
-	sim_card_t card;
+	simaka_card_t card;
 
 	/**
 	 * Destroy a eap_aka_3gpp2_card_t.
diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.c b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.c
index 1d3d246d1..d000bebbb 100644
--- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.c
+++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.c
@@ -284,9 +284,10 @@ static void f5x(prf_t *prf, u_char f, u_char k[AKA_K_LEN],
 /**
  * Calculate MAC from RAND, SQN, AMF using K
  */
-static void f1(private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
-			   u_char rand[AKA_RAND_LEN], u_char sqn[AKA_SQN_LEN],
-			   u_char amf[AKA_AMF_LEN], u_char mac[AKA_MAC_LEN])
+METHOD(eap_aka_3gpp2_functions_t, f1, void,
+	private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
+	u_char rand[AKA_RAND_LEN], u_char sqn[AKA_SQN_LEN],
+	u_char amf[AKA_AMF_LEN], u_char mac[AKA_MAC_LEN])
 {
 	f1x(this->prf, F1, k, rand, sqn, amf, mac);
 	DBG3(DBG_IKE, "MAC %b", mac, AKA_MAC_LEN);
@@ -295,9 +296,10 @@ static void f1(private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
 /**
  * Calculate MACS from RAND, SQN, AMF using K
  */
-static void f1star(private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
-				   u_char rand[AKA_RAND_LEN], u_char sqn[AKA_SQN_LEN],
-				   u_char amf[AKA_AMF_LEN], u_char macs[AKA_MAC_LEN])
+METHOD(eap_aka_3gpp2_functions_t, f1star, void,
+	private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
+	u_char rand[AKA_RAND_LEN], u_char sqn[AKA_SQN_LEN],
+	u_char amf[AKA_AMF_LEN], u_char macs[AKA_MAC_LEN])
 {
 	f1x(this->prf, F1STAR, k, rand, sqn, amf, macs);
 	DBG3(DBG_IKE, "MACS %b", macs, AKA_MAC_LEN);
@@ -306,8 +308,9 @@ static void f1star(private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
 /**
  * Calculate RES from RAND using K
  */
-static void f2(private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
-			   u_char rand[AKA_RAND_LEN], u_char res[AKA_RES_MAX])
+METHOD(eap_aka_3gpp2_functions_t, f2, void,
+	private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
+	u_char rand[AKA_RAND_LEN], u_char res[AKA_RES_MAX])
 {
 	fx(this->prf, F2, k, rand, res);
 	DBG3(DBG_IKE, "RES %b", res, AKA_RES_MAX);
@@ -316,8 +319,9 @@ static void f2(private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
 /**
  * Calculate CK from RAND using K
  */
-static void f3(private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
-			   u_char rand[AKA_RAND_LEN], u_char ck[AKA_CK_LEN])
+METHOD(eap_aka_3gpp2_functions_t, f3, void,
+	private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
+	u_char rand[AKA_RAND_LEN], u_char ck[AKA_CK_LEN])
 {
 	fx(this->prf, F3, k, rand, ck);
 	DBG3(DBG_IKE, "CK %b", ck, AKA_CK_LEN);
@@ -326,8 +330,9 @@ static void f3(private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
 /**
  * Calculate IK from RAND using K
  */
-static void f4(private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
-			   u_char rand[AKA_RAND_LEN], u_char ik[AKA_IK_LEN])
+METHOD(eap_aka_3gpp2_functions_t, f4, void,
+	private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
+	u_char rand[AKA_RAND_LEN], u_char ik[AKA_IK_LEN])
 {
 	fx(this->prf, F4, k, rand, ik);
 	DBG3(DBG_IKE, "IK %b", ik, AKA_IK_LEN);
@@ -336,8 +341,9 @@ static void f4(private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
 /**
  * Calculate AK from a RAND using K
  */
-static void f5(private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
-			   u_char rand[AKA_RAND_LEN], u_char ak[AKA_AK_LEN])
+METHOD(eap_aka_3gpp2_functions_t, f5, void,
+	private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
+	u_char rand[AKA_RAND_LEN], u_char ak[AKA_AK_LEN])
 {
 	f5x(this->prf, F5, k, rand, ak);
 	DBG3(DBG_IKE, "AK %b", ak, AKA_AK_LEN);
@@ -346,18 +352,16 @@ static void f5(private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
 /**
  * Calculate AKS from a RAND using K
  */
-static void f5star(private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
-			   u_char rand[AKA_RAND_LEN], u_char aks[AKA_AK_LEN])
+METHOD(eap_aka_3gpp2_functions_t, f5star, void,
+	private_eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN],
+	u_char rand[AKA_RAND_LEN], u_char aks[AKA_AK_LEN])
 {
 	f5x(this->prf, F5STAR, k, rand, aks);
 	DBG3(DBG_IKE, "AKS %b", aks, AKA_AK_LEN);
 }
 
-
-/**
- * Implementation of eap_aka_3gpp2_functions_t.destroy.
- */
-static void destroy(private_eap_aka_3gpp2_functions_t *this)
+METHOD(eap_aka_3gpp2_functions_t, destroy, void,
+	private_eap_aka_3gpp2_functions_t *this)
 {
 	this->prf->destroy(this->prf);
 	free(this);
@@ -370,18 +374,19 @@ eap_aka_3gpp2_functions_t *eap_aka_3gpp2_functions_create()
 {
 	private_eap_aka_3gpp2_functions_t *this;
 
-	this = malloc_thing(private_eap_aka_3gpp2_functions_t);
-
-	this->public.f1 = (void(*)(eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN], u_char rand[AKA_RAND_LEN], u_char sqn[AKA_SQN_LEN], u_char amf[AKA_AMF_LEN], u_char mac[AKA_MAC_LEN]))f1;
-	this->public.f1star = (void(*)(eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN], u_char rand[AKA_RAND_LEN], u_char sqn[AKA_SQN_LEN], u_char amf[AKA_AMF_LEN], u_char macs[AKA_MAC_LEN]))f1star;
-	this->public.f2 = (void(*)(eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN], u_char rand[AKA_RAND_LEN], u_char res[AKA_RES_MAX]))f2;
-	this->public.f3 = (void(*)(eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN], u_char rand[AKA_RAND_LEN], u_char ck[AKA_CK_LEN]))f3;
-	this->public.f4 = (void(*)(eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN], u_char rand[AKA_RAND_LEN], u_char ik[AKA_IK_LEN]))f4;
-	this->public.f5 = (void(*)(eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN], u_char rand[AKA_RAND_LEN], u_char ak[AKA_AK_LEN]))f5;
-	this->public.f5star = (void(*)(eap_aka_3gpp2_functions_t *this, u_char k[AKA_K_LEN], u_char rand[AKA_RAND_LEN], u_char aks[AKA_AK_LEN]))f5star;
-	this->public.destroy = (void(*)(eap_aka_3gpp2_functions_t*))destroy;
-
-	this->prf = lib->crypto->create_prf(lib->crypto, PRF_KEYED_SHA1);
+	INIT(this,
+		.public = {
+			.f1 = _f1,
+			.f1star = _f1star,
+			.f2 = _f2,
+			.f3 = _f3,
+			.f4 = _f4,
+			.f5 = _f5,
+			.f5star = _f5star,
+			.destroy = _destroy,
+		},
+		.prf = lib->crypto->create_prf(lib->crypto, PRF_KEYED_SHA1),
+	);
 	if (!this->prf)
 	{
 		DBG1(DBG_CFG, "%N not supported, unable to use 3GPP2 algorithm",
diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.h b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.h
index 95c6da6a9..855efec3e 100644
--- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.h
+++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.h
@@ -21,7 +21,7 @@
 #ifndef EAP_AKA_3GPP2_FUNCTIONS_H_
 #define EAP_AKA_3GPP2_FUNCTIONS_H_
 
-#include <sa/authenticators/eap/sim_manager.h>
+#include <simaka_manager.h>
 
 #define AKA_SQN_LEN		 6
 #define AKA_K_LEN		16
diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c
index ef5f62e34..d7d0d0507 100644
--- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c
+++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c
@@ -54,14 +54,71 @@ METHOD(plugin_t, get_name, char*,
 	return "eap-aka-3gpp2";
 }
 
-METHOD(plugin_t, destroy, void,
-	private_eap_aka_3gpp2_t *this)
+/**
+ * Try to instanciate 3gpp2 functions and card/provider backends
+ */
+static bool register_functions(private_eap_aka_3gpp2_t *this,
+							   plugin_feature_t *feature, bool reg, void *data)
 {
-	charon->sim->remove_card(charon->sim, &this->card->card);
-	charon->sim->remove_provider(charon->sim, &this->provider->provider);
+	if (reg)
+	{
+		this->functions = eap_aka_3gpp2_functions_create();
+		if (!this->functions)
+		{
+			return FALSE;
+		}
+		this->card = eap_aka_3gpp2_card_create(this->functions);
+		this->provider = eap_aka_3gpp2_provider_create(this->functions);
+		return TRUE;
+	}
 	this->card->destroy(this->card);
 	this->provider->destroy(this->provider);
 	this->functions->destroy(this->functions);
+	this->card = NULL;
+	this->provider = NULL;
+	this->functions = NULL;
+	return TRUE;
+}
+
+/**
+ * Callback providing our card to register
+ */
+static simaka_card_t* get_card(private_eap_aka_3gpp2_t *this)
+{
+	return &this->card->card;
+}
+
+/**
+ * Callback providing our provider to register
+ */
+static simaka_provider_t* get_provider(private_eap_aka_3gpp2_t *this)
+{
+	return &this->provider->provider;
+}
+
+METHOD(plugin_t, get_features, int,
+	private_eap_aka_3gpp2_t *this, plugin_feature_t *features[])
+{
+	static plugin_feature_t f[] = {
+		PLUGIN_CALLBACK((void*)register_functions, NULL),
+			PLUGIN_PROVIDE(CUSTOM, "eap-aka-3gpp2-functions"),
+				PLUGIN_DEPENDS(PRF, PRF_KEYED_SHA1),
+		PLUGIN_CALLBACK(simaka_manager_register, get_card),
+			PLUGIN_PROVIDE(CUSTOM, "aka-card"),
+				PLUGIN_DEPENDS(CUSTOM, "aka-manager"),
+				PLUGIN_DEPENDS(CUSTOM, "eap-aka-3gpp2-functions"),
+		PLUGIN_CALLBACK(simaka_manager_register, get_provider),
+			PLUGIN_PROVIDE(CUSTOM, "aka-provider"),
+				PLUGIN_DEPENDS(CUSTOM, "aka-manager"),
+				PLUGIN_DEPENDS(CUSTOM, "eap-aka-3gpp2-functions"),
+	};
+	*features = f;
+	return countof(f);
+}
+
+METHOD(plugin_t, destroy, void,
+	private_eap_aka_3gpp2_t *this)
+{
 	free(this);
 }
 
@@ -76,24 +133,12 @@ plugin_t *eap_aka_3gpp2_plugin_create()
 		.public = {
 			.plugin = {
 				.get_name = _get_name,
-				.reload = (void*)return_false,
+				.get_features = _get_features,
 				.destroy = _destroy,
 			},
 		},
-		.functions = eap_aka_3gpp2_functions_create(),
 	);
 
-	if (!this->functions)
-	{
-		free(this);
-		return NULL;
-	}
-	this->card = eap_aka_3gpp2_card_create(this->functions);
-	this->provider = eap_aka_3gpp2_provider_create(this->functions);
-
-	charon->sim->add_card(charon->sim, &this->card->card);
-	charon->sim->add_provider(charon->sim, &this->provider->provider);
-
 	return &this->public.plugin;
 }
 
diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c
index a9767ad91..b2b43da2a 100644
--- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c
+++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c
@@ -80,14 +80,10 @@ void eap_aka_3gpp2_get_sqn(char sqn[AKA_SQN_LEN], int offset)
 	memcpy(sqn + 4, &time.tv_usec, 2);
 }
 
-/**
- * Implementation of usim_provider_t.get_quintuplet
- */
-static bool get_quintuplet(private_eap_aka_3gpp2_provider_t *this,
-						   identification_t *id, char rand[AKA_RAND_LEN],
-						   char xres[AKA_RES_MAX], int *xres_len,
-						   char ck[AKA_CK_LEN], char ik[AKA_IK_LEN],
-						   char autn[AKA_AUTN_LEN])
+METHOD(simaka_provider_t, get_quintuplet, bool,
+	private_eap_aka_3gpp2_provider_t *this, identification_t *id,
+	char rand[AKA_RAND_LEN], char xres[AKA_RES_MAX], int *xres_len,
+	char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char autn[AKA_AUTN_LEN])
 {
 	rng_t *rng;
 	char mac[AKA_MAC_LEN], ak[AKA_AK_LEN], k[AKA_K_LEN];
@@ -131,12 +127,9 @@ static bool get_quintuplet(private_eap_aka_3gpp2_provider_t *this,
 	return TRUE;
 }
 
-/**
- * Implementation of usim_provider_t.resync
- */
-static bool resync(private_eap_aka_3gpp2_provider_t *this,
-				   identification_t *id, char rand[AKA_RAND_LEN],
-				   char auts[AKA_AUTS_LEN])
+METHOD(simaka_provider_t, resync, bool,
+	private_eap_aka_3gpp2_provider_t *this, identification_t *id,
+	char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN])
 {
 	char *sqn, *macs;
 	char aks[AKA_AK_LEN], k[AKA_K_LEN], amf[AKA_AMF_LEN], xmacs[AKA_MAC_LEN];
@@ -169,10 +162,8 @@ static bool resync(private_eap_aka_3gpp2_provider_t *this,
 	return TRUE;
 }
 
-/**
- * Implementation of eap_aka_3gpp2_provider_t.destroy.
- */
-static void destroy(private_eap_aka_3gpp2_provider_t *this)
+METHOD(eap_aka_3gpp2_provider_t, destroy, void,
+	private_eap_aka_3gpp2_provider_t *this)
 {
 	free(this);
 }
@@ -183,18 +174,23 @@ static void destroy(private_eap_aka_3gpp2_provider_t *this)
 eap_aka_3gpp2_provider_t *eap_aka_3gpp2_provider_create(
 												eap_aka_3gpp2_functions_t *f)
 {
-	private_eap_aka_3gpp2_provider_t *this = malloc_thing(private_eap_aka_3gpp2_provider_t);
-
-	this->public.provider.get_triplet = (bool(*)(sim_provider_t*, identification_t *id, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))return_false;
-	this->public.provider.get_quintuplet = (bool(*)(sim_provider_t*, identification_t *id, char rand[AKA_RAND_LEN], char xres[AKA_RES_MAX], int *xres_len, char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char autn[AKA_AUTN_LEN]))get_quintuplet;
-	this->public.provider.resync = (bool(*)(sim_provider_t*, identification_t *id, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))resync;
-	this->public.provider.is_pseudonym = (identification_t*(*)(sim_provider_t*, identification_t *id))return_null;
-	this->public.provider.gen_pseudonym = (identification_t*(*)(sim_provider_t*, identification_t *id))return_null;
-	this->public.provider.is_reauth = (identification_t*(*)(sim_provider_t*, identification_t *id, char [HASH_SIZE_SHA1], u_int16_t *counter))return_null;
-	this->public.provider.gen_reauth = (identification_t*(*)(sim_provider_t*, identification_t *id, char mk[HASH_SIZE_SHA1]))return_null;
-	this->public.destroy = (void(*)(eap_aka_3gpp2_provider_t*))destroy;
-
-	this->f = f;
+	private_eap_aka_3gpp2_provider_t *this;
+
+	INIT(this,
+		.public = {
+			.provider = {
+				.get_triplet = (void*)return_false,
+				.get_quintuplet = _get_quintuplet,
+				.resync = _resync,
+				.is_pseudonym = (void*)return_null,
+				.gen_pseudonym = (void*)return_null,
+				.is_reauth = (void*)return_null,
+				.gen_reauth = (void*)return_null,
+			},
+			.destroy = _destroy,
+		},
+		.f = f,
+	);
 	/* use an offset to accept clock skew between client/server without resync */
 	eap_aka_3gpp2_get_sqn(this->sqn, 180);
 
diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h
index 22ac0a96e..0e1af8554 100644
--- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h
+++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h
@@ -23,7 +23,7 @@
 
 #include "eap_aka_3gpp2_functions.h"
 
-#include <sa/authenticators/eap/sim_manager.h>
+#include <simaka_provider.h>
 
 typedef struct eap_aka_3gpp2_provider_t eap_aka_3gpp2_provider_t;
 
@@ -33,9 +33,9 @@ typedef struct eap_aka_3gpp2_provider_t eap_aka_3gpp2_provider_t;
 struct eap_aka_3gpp2_provider_t {
 
 	/**
-	 * Implements sim_provider_t interface.
+	 * Implements simaka_provider_t interface.
 	 */
-	sim_provider_t provider;
+	simaka_provider_t provider;
 
 	/**
 	 * Destroy a eap_aka_3gpp2_provider_t.