In smart cards, we every so often encounter data types that contain a
bit-mask whose length depends on whether or not there are any of the
least-significant bits are set. So far we worked around this with
some kind of Struct('byte1', 'byte2'/COptional, 'byte3'/COptional)
approach.
Let's do thisin a generic way using the new StripTrailerAdapter.
Change-Id: I659aa7247c57c680895b0bf8412f9e477fc3587d
GlobalPlatform requires the use of the KCV for DES + AES keys. Let's
implement that.
(11.8.2.3.3: "For all key types described in section B.6, the Key Check
Value shall be present.")
Change-Id: Ief168a66dee58b56f4126db12829b3a98906c8db
This adds an implementation of the GlobalPlatform SCP03 protocol. It has
been tested in S8 mode for C-MAC, C-ENC, R-MAC and R-ENC with AES using
128, 192 and 256 bit key lengh. Test vectors generated while talking to
a sysmoEUICC1-C2T are included as unit tests.
Change-Id: Ibc35af5474923aed2e3bcb29c8d713b4127a160d
In many casese we used type=int permitting any integer value, positive
or negative without a constratint in size. However, in reality often
we're constrained to unsigned 8 or 16 bit ranges. Let's use the
auto_uint{8,16} functions to enforce this within argparse before
we even try to encode something that won't work.
Change-Id: I35c81230bc18e2174ec1930aa81463f03bcd69c8
The key-id is actually a 7-bit integer and on the wire the 8th bit
has a special meaning which can be derived automatically.
Let's unburden the user from explicitly encoding that 8th bit and
instead set it automatically.
Change-Id: I8da37aa8fd064e6d35ed29a70f5d7a0e9060be3a
Using this command, one can change the life cycle status of on-card
applications, specifically one can LOCK (disable) them and re-enable
them as needed.
Change-Id: Ie14297a119d01cad1284f315a2508aa92cb4633b
This allows us to perform STORE DATA on applications like ARA-M/ARA-D
after establishing SCP02 to the related security domain.
Change-Id: I2ce766b97bba42c64c4d4492b505be66c24f471e
The 'apdu' command so far bypassed the logical channel and also
the recently-introduced support for secure channels. Let's change
that, at least by default. If somebody wants a raw APDU without
secure / logical channel processing, they may use the --raw option.
Change-Id: Id0c364f772c31e11e8dfa21624d8685d253220d0
This implementation of GlobalPlatform SCP02 currently only supports
C-MAC and C-ENC, but no R-MAC or R-ENC yet.
The patch also introduces the notion of having a SCP instance associated
with a SimCardCommands instance. It also adds the establish_scp0w and
release_scp shell commands to all GlobalPlatform Security Domains.
Change-Id: I56020382b9dfe8ba0f7c1c9f71eb1a9746bc5a27
Let's not have higher level code directly call the transports send_apdu*
methods. We do this as a precursor to introducing secure channel
support, where the secure channel driver would add MAC and/or encrypt
APDUs before they are sent to the transport.
Change-Id: I1b870140959aa8241cda2246e74576390123cb2d
The GlobalPlatform GET STATUS command is used to display information
about ISD / Applications / ExecutabLoad Files / Modules on the card.
Change-Id: Ic92f96c1c6a569aebc93a906c62a43b86fe3b811
Let's simply use the matchingId for filesystem lookup of the UPP file.
This way we can have any number of profiles by simply creating the
respeective files.
Change-Id: I0bc3a14b9fdfcc6322917dd0c69d8295de486950
This adds classes for describing profile templates as well
as derived classes defining the profile templates of the
"Profile Interoperability Technical Specification", specifically
it's "ANNEX A (Normative): File Structure Templates Definition"
We need a machine-readable definition of those templates, so
we can fully interpret an unprotected profile package (UPP),
as the UPP usually only contains the increment/difference to
a given teplate.
Change-Id: I79bc0a480450ca2de4b687ba6f11d0a4ea4f14c8
This is sadly required as the Interoperable Profile format must process
elements of an ASN.1 sequence in order, which doesn't work if the parser
puts the elements in a python dict.
The osmocom fork of asn1tools hence uses OrderedDict to work around
this problem.
Change-Id: Id28fcf060f491bb3d76aa6d8026aa76058edb675
When replacing a file's contents, we must not just remove any
fillFileContent tuples, but also the fillFileOffset.
Change-Id: I3e4d97ae9de8a78f7bc0165ece5954481568b800
PERM-AR-DO actually originates in a different spec than all other parts
of the ara_m.py, so let's explicitly mention that.
Change-Id: I6e0014c323f605860d0f70cd0c04d7e461e8a9de
In case SELECT doesn't return any response data, we must reset
the lchan.selected_file_fcp* members to None to prevent pySim-shell
preventing stale data from the previously selected file.
Change-Id: Ia04b8634e328e604e8df7e8d59b7fd532242d2ca
As the ARA-M applet is a GlobalPlatform applet, its SELECT response
decoding should be used, not the ETSI EUICC TS 102 221 fall-back.
Change-Id: I1a30b88a385f6de663aa837483dd32c0d104856f
Encoding an empty AID-REF-DO (4F) is neccessary to achieve the meaning
described in "Secure Element Access Control - Public Release v1.0"
Table 6-1: "Empty: Indicates that the rules to be stored or retrieved
are associated with all SE applications not covered by a specific rule".
Change-Id: Iac6c3d78bc9ce36bac47589e5f7a0cc78e2efc38
We can only choose a CI certificate which is supported both by the eUICC
as well as which has signed our own SM-DP+ certificates.
Change-Id: I0b9130f06d501ca7d484063d56d606cfdd2544f4
This command is used for installation of GlobalPlatform keys. We only
implement the command without secure messaging at this point, as it is
used during card personalization. Authentication will later be handled
by generic implementations of SCP02 and/or SCP03.
Change-Id: Icffe9e7743266d7262fbf440dd361b21eed7c5cf
In If30c5d31b4e7dd60d3a5cfb1d1cbdcf61741a50e we introduced a store_data
comamnd, but forgot to add it to the pySim-shell manual.
Change-Id: I6039818c2c0c5373b4a4ef1e33e152de7fbbd01a
The patch introducing the is_hexstr type into the argparser was
accidentially also introduce in two locations where we actually don't
expect a hex-string.
This is a partial revert of I6426ea864bec82be60554dd125961a48d7751904
Change-Id: I3c3d2a2753aa7a2566a3b1add7ba70c86499d293
Closes: #6331
If we are not 'equipped' as we could not detect any known applications
on the card, we used to only permit the 'apdu' command. However, we
should also permit the 'reset' command, as it also is something that's
possible with ever card, even of unknown types.
Change-Id: I23199da727973d7095ac18031f49e1e8423aa287
Some specs call it 'invalidated', others call it 'deactivated'. If the
user is unfamiliar with this, the error message about "invalidated"
might not be obvious enough; let's also mention 'deactivated' in the
message and explicitly mention that it needs to be activated before use.
Change-Id: I91488b0e7dc25a8970022b09e575485a4165eefa
With the definitions from this commit, we can build key loading
TLVs, which is used to load ECC keys into eUICCs.
Change-Id: I853c94d37939ef3dd795f893232b0276a5a4af81
The DGI encoding is specified in Annex B of the
"GlobalPlatform Systems Scripting Language Specification v1.1.0"
which is an "archived" specification that is no longer published
by GlobalPlatform, despite it being referenced from the GlobalPlatform
Card Specification v2.3, which is the basis of the GSMA eSIM
specifications.
For some reason it was the belief of the specification authors that
yet another format of TLV encoding is needed, in addition to the BER-TLV
and COMPREHENSION-TLV used by the very same specifications.
The encoding of the tag is not really specified anywhere, but I've only
seen 16-bit examples. The encoding of the length is specified and
implemented here accordingly.
Change-Id: Ie29ab7eb39f3165f3d695fcc1f02051338095697
Actually, the GSMA eUICC is a kind of derivative of a GlobalPlatform
card, and the ECASD and ISD-R are security domains. As such, we
should make them derived classes of global_platform.CardApplicationSD
which means they inherit some of the shared shell_commands etc.
Change-Id: I660e874d9bcbb8c28a64e4ef82dc53bee97aacfc
We do have an is_hexstr function which we should use anywhere
where we expect the user to input a string of hex digits. This way
we validate the input before running in some random exception.
Change-Id: I6426ea864bec82be60554dd125961a48d7751904
Harald Welte