November 2024 - gerrit-log - lists.osmocom.org

[S] Change in osmo-ttcn3-hacks[master]: SGSN: BSSGP_ConnHdlr: GMM Service Request: handle PMM IDLE UE correct

by pespin

Attention is currently required from: fixeria, laforge, lynxis lazus. pespin has posted comments on this change by lynxis lazus. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/38397?usp=email ) Change subject: SGSN: BSSGP_ConnHdlr: GMM Service Request: handle PMM IDLE UE correct ...................................................................... Patch Set 5: Code-Review+1 -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/38397?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email Gerrit-MessageType: comment Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: I29237997e414aea80f254247da54f909410a4b36 Gerrit-Change-Number: 38397 Gerrit-PatchSet: 5 Gerrit-Owner: lynxis lazus <lynxis(a)fe80.eu> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-CC: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-Attention: laforge <laforge(a)osmocom.org> Gerrit-Attention: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-Attention: lynxis lazus <lynxis(a)fe80.eu> Gerrit-Comment-Date: Mon, 25 Nov 2024 15:57:59 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes

7 months

1
0
0 0

[M] Change in pysim[master]: docs: Add documentation about contrib/sim-rest-{server,client}

by laforge

Attention is currently required from: jolly. Hello jolly, I'd like you to reexamine a change. Please visit https://gerrit.osmocom.org/c/pysim/+/38939?usp=email to look at the new patch set (#2). Change subject: docs: Add documentation about contrib/sim-rest-{server,client} ...................................................................... docs: Add documentation about contrib/sim-rest-{server,client} Those programs have been around since 2021 but we never had any documentation here. Let's fix that. Change-Id: I7c471cac9500db063a0c8f5c5eb7b6861b3234ed --- M docs/index.rst A docs/sim-rest.rst 2 files changed, 119 insertions(+), 0 deletions(-) git pull ssh://gerrit.osmocom.org:29418/pysim refs/changes/39/38939/2 -- To view, visit https://gerrit.osmocom.org/c/pysim/+/38939?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email Gerrit-MessageType: newpatchset Gerrit-Project: pysim Gerrit-Branch: master Gerrit-Change-Id: I7c471cac9500db063a0c8f5c5eb7b6861b3234ed Gerrit-Change-Number: 38939 Gerrit-PatchSet: 2 Gerrit-Owner: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: jolly <andreas(a)eversberg.eu> Gerrit-CC: Jenkins Builder Gerrit-Attention: jolly <andreas(a)eversberg.eu>

7 months

1
0
0 0

[M] Change in pysim[master]: docs: Add documentation about contrib/sim-reset-{server,client}

by laforge

laforge has uploaded this change for review. ( https://gerrit.osmocom.org/c/pysim/+/38939?usp=email ) Change subject: docs: Add documentation about contrib/sim-reset-{server,client} ...................................................................... docs: Add documentation about contrib/sim-reset-{server,client} Those programs have been around since 2021 but we never had any documentation here. Let's fix that. Change-Id: I7c471cac9500db063a0c8f5c5eb7b6861b3234ed --- M docs/index.rst A docs/sim-rest.rst 2 files changed, 119 insertions(+), 0 deletions(-) git pull ssh://gerrit.osmocom.org:29418/pysim refs/changes/39/38939/1 diff --git a/docs/index.rst b/docs/index.rst index bcbc7f0..228fb79 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -43,6 +43,7 @@ legacy library osmo-smdpp + sim-rest Indices and tables diff --git a/docs/sim-rest.rst b/docs/sim-rest.rst new file mode 100644 index 0000000..41a6d1d --- /dev/null +++ b/docs/sim-rest.rst @@ -0,0 +1,118 @@ +sim-rest-server +=============== + +Sometimes there are use cases where a [remote] application will need +access to a USIM for authentication purposes. This is, for example, in +case an IMS test client needs to perform USIM based authentication +against an IMS core. + +The pysim repository contains two programs: `sim-rest-server.py` and +`sim-rest-client.py` that implement a simple approach to achieve the +above: + +`sim-rest-server.py` speaks to a [usually local] USIM via the PC/SC +API and provides a high-level REST API towards [local or remote] +applications that wish to perform UMTS AKA using the USIM. + +`sim-rest-client.py` implements a small example client program to +illustrate how the REST API provided by `sim-rest-server.py` can be +used. + +REST API Calls +-------------- + +POST /sim-auth-api/v1/slot/SLOT_NR +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +where SLOT_NR is the integer-encoded slot number (corresponds to PC/SC +reader number). When using a single sysmoOCTSIM board, this is in the range of 0..7 + +Example: `/sim-auth-api/v1/slot/0` for the first slot. + +Request Body +############ + +The request body is a JSON document, comprising of + 1. the RAND and AUTN parameters as hex-encoded string + 2. the application against which to authenticate (USIM, ISIM) + +Example: +:: + + { + "rand": "bb685a4b2fc4d697b9d6a129dd09a091", + "autn": "eea7906f8210000004faf4a7df279b56" + } + +HTTP Status Codes +################# + +HTTP status codes are used to represent errors within the REST server +and the SIM reader hardware. They are not used to communicate protocol +level errors reported by the SIM Card. An unsuccessful authentication +will hence have a `200 OK` HTTP Status code and then encode the SIM +specific error information in the Response Body. + +====== =========== ================================ +Status Code Description +------ ----------- -------------------------------- +200 OK Successful execution +400 Bad Request Request body is malformed +404 Not Found Specified SIM Slot doesn't exist +410 Gone No SIM card inserted in slot +====== =========== ================================ + +Response Body +############# + +The response body is a JSON document, either + +#. a successful outcome; encoding RES, CK, IK as hex-encoded string +#. a sync failure; encoding AUTS as hex-encoded string +#. errors + #. authentication error (incorrect MAC) + #. authentication error (security context not supported) + #. key freshness failure + #. unspecified card error + +Example (succcess): +:: + + { + "successful_3g_authentication": { + "res": "b15379540ec93985", + "ck": "713fde72c28cbd282a4cd4565f3d6381", + "ik": "2e641727c95781f1020d319a0594f31a", + "kc": "771a2c995172ac42" + } + } + +Example (re-sync case): +:: + + { + "synchronisation_failure": { + "auts": "dc2a591fe072c92d7c46ecfe97e5" + } + } + +Concrete example using the included sysmoISIM-SJA2 +-------------------------------------------------- + +This was tested using SIMs ending in IMSI numbers 45890...45899 + +The following command were executed successfully: + +Slot 0 +:: + + $ /usr/local/src/pysim/contrib/sim-rest-client.py -c 1 -n 0 -k 841EAD87BC9D974ECA1C167409357601 -o 3211CACDD64F51C3FD3013ECD9A582A0 + -> {'rand': 'fb195c7873b20affa278887920b9dd57', 'autn': 'd420895a6aa2000089cd016f8d8ae67c'} + <- {'successful_3g_authentication': {'res': '131004db2ff1ce8e', 'ck': 'd42eb5aa085307903271b2422b698bad', 'ik': '485f81e6fd957fe3cad374adf12fe1ca', 'kc': '64d3f2a32f801214'}} + +Slot 1 +:: + + $ /usr/local/src/pysim/contrib/sim-rest-client.py -c 1 -n 1 -k 5C2CE9633FF9B502B519A4EACD16D9DF -o 9834D619E71A02CD76F00CC7AA34FB32 + -> {'rand': '433dc5553db95588f1d8b93870930b66', 'autn': '126bafdcbe9e00000026a208da61075d'} + <- {'successful_3g_authentication': {'res': '026d7ac42d379207', 'ck': '83a90ba331f47a95c27a550b174c4a1f', 'ik': '31e1d10329ffaf0ca1684a1bf0b0a14a', 'kc': 'd15ac5b0fff73ecc'}} -- To view, visit https://gerrit.osmocom.org/c/pysim/+/38939?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email Gerrit-MessageType: newchange Gerrit-Project: pysim Gerrit-Branch: master Gerrit-Change-Id: I7c471cac9500db063a0c8f5c5eb7b6861b3234ed Gerrit-Change-Number: 38939 Gerrit-PatchSet: 1 Gerrit-Owner: laforge <laforge(a)osmocom.org>

7 months

1
0
0 0

[S] Change in pysim[master]: [cosmetic] esim.saip: Fix various typos in comments/docs/messages

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/pysim/+/38899?usp=email ) Change subject: [cosmetic] esim.saip: Fix various typos in comments/docs/messages ...................................................................... [cosmetic] esim.saip: Fix various typos in comments/docs/messages Change-Id: I4fc603634a0f2b53e432a77f05e811a38ba065c2 --- M pySim/esim/saip/__init__.py 1 file changed, 6 insertions(+), 6 deletions(-) Approvals: Jenkins Builder: Verified pespin: Looks good to me, approved diff --git a/pySim/esim/saip/__init__.py b/pySim/esim/saip/__init__.py index 355e6b9..1fcf61f 100644 --- a/pySim/esim/saip/__init__.py +++ b/pySim/esim/saip/__init__.py @@ -450,7 +450,7 @@ @property def header_name(self) -> str: """Return the name of the header field within the profile element.""" - # unneccessarry compliaction by inconsistent naming :( + # unnecessary complication by inconsistent naming :( if self.type.startswith('opt-'): return self.type.replace('-','') + '-header' if self.type in self.header_name_translation_dict: @@ -933,7 +933,7 @@ 'macLength': self.mac_length} class SecurityDomainKey: - """Represenation of a key used for SCP access to a security domain.""" + """Representation of a key used for SCP access to a security domain.""" def __init__(self, key_version_number: int, key_id: int, key_usage_qualifier: dict, key_components: List[SecurityDomainKeyComponent]): self.key_usage_qualifier = key_usage_qualifier @@ -1276,7 +1276,7 @@ sequence.""" def __init__(self): """After calling the constructor, you have to further initialize the instance by either - calling the parse_der() method, or by manually adding individual PEs, including the hedaer and + calling the parse_der() method, or by manually adding individual PEs, including the header and end PEs.""" self.pe_list: List[ProfileElement] = [] self.pe_by_type: Dict = {} @@ -1298,7 +1298,7 @@ def add_hdr_and_end(self): """Initialize the PE Sequence with a header and end PE.""" if len(self.pe_list): - raise ValueError("Cannot add header + end PE to a non-enmpty PE-Sequence") + raise ValueError("Cannot add header + end PE to a non-empty PE-Sequence") # start with a minimal/empty sequence of header + end self.append(ProfileElementHeader()) self.append(ProfileElementEnd()) @@ -1315,7 +1315,7 @@ def get_pe_for_type(self, tname: str) -> Optional[ProfileElement]: """Return a single profile element for given profile element type. Works only for - types of which there is only a signle instance in the PE Sequence!""" + types of which there is only a single instance in the PE Sequence!""" l = self.get_pes_for_type(tname) if len(l) == 0: return None @@ -1323,7 +1323,7 @@ return l[0] def get_pes_for_templateID(self, tid: oid.OID) -> List[ProfileElement]: - """Return list of profile elements present for given profile eleemnt type.""" + """Return list of profile elements present for given profile element type.""" res = [] for pe in self.pe_list: if not pe.templateID: -- To view, visit https://gerrit.osmocom.org/c/pysim/+/38899?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email Gerrit-MessageType: merged Gerrit-Project: pysim Gerrit-Branch: master Gerrit-Change-Id: I4fc603634a0f2b53e432a77f05e811a38ba065c2 Gerrit-Change-Number: 38899 Gerrit-PatchSet: 1 Gerrit-Owner: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de>

7 months

1
0
0 0

[S] Change in pysim[master]: esim.saip: Fix computation of file content

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/pysim/+/38898?usp=email ) Change subject: esim.saip: Fix computation of file content ...................................................................... esim.saip: Fix computation of file content When generating the file content (body), we need to proceed in the following order: 1a) If FCP contains fillPattern/repeatPattern, compute file content from those 1b) If FCP doesn't contain fillPattern/repeatPattern but template exists, compute file content from template 2) Apply any fillFileConten / fillFileOffset from the SAIP File on top of the above Change-Id: I822bb5fbec11a3be35910a496af7168458fd949c Closes: OS#6642 --- M pySim/esim/saip/__init__.py M pySim/ts_102_222.py 2 files changed, 27 insertions(+), 4 deletions(-) Approvals: Jenkins Builder: Verified laforge: Looks good to me, approved diff --git a/pySim/esim/saip/__init__.py b/pySim/esim/saip/__init__.py index 3490f64..355e6b9 100644 --- a/pySim/esim/saip/__init__.py +++ b/pySim/esim/saip/__init__.py @@ -18,6 +18,7 @@ import logging import abc import io +import os from typing import Tuple, List, Optional, Dict, Union from collections import OrderedDict import asn1tools @@ -25,6 +26,7 @@ from osmocom.tlv import BER_TLV_IE, bertlv_parse_tag, bertlv_parse_len from osmocom.construct import build_construct, parse_construct, GreedyInteger +from pySim import ts_102_222 from pySim.utils import dec_imsi from pySim.ts_102_221 import FileDescriptor from pySim.filesystem import CardADF, Path @@ -352,18 +354,29 @@ ret += self.file_content_to_tuples() return ret - @staticmethod - def file_content_from_tuples(l: List[Tuple]) -> Optional[bytes]: + def expand_fill_pattern(self) -> bytes: + """Expand the fill/repeat pattern as per TS 102 222 Section 6.3.2.2.2""" + return ts_102_222.expand_pattern(self.fill_pattern, self.fill_pattern_repeat, self.file_size) + + def file_content_from_tuples(self, l: List[Tuple]) -> Optional[bytes]: """linearize a list of fillFileContent / fillFileOffset tuples into a stream of bytes.""" stream = io.BytesIO() + # Providing file content within "fillFileContent" / "fillFileOffset" shall have the same effect as + # creating a file with a fill/repeat pattern and thereafter updating the content via Update. + # Step 1: Fill with pattern from Fcp or Template + if self.fill_pattern: + stream.write(self.expand_fill_pattern()) + elif self.template and self.template.default_val: + stream.write(self.template.expand_default_value_pattern(self.file_size)) + stream.seek(0) + # then process the fillFileContent/fillFileOffset for k, v in l: if k == 'doNotCreate': return None if k == 'fileDescriptor': pass elif k == 'fillFileOffset': - # FIXME: respect the fillPattern! - stream.write(b'\xff' * v) + stream.seek(v, os.SEEK_CUR) elif k == 'fillFileContent': stream.write(v) else: diff --git a/pySim/ts_102_222.py b/pySim/ts_102_222.py index e54c196..74eb2c3 100644 --- a/pySim/ts_102_222.py +++ b/pySim/ts_102_222.py @@ -25,6 +25,16 @@ from pySim.ts_102_221 import * +def expand_pattern(pattern: bytes, repeat: bool, size: int) -> bytes: + """Expand the fill/repeat pattern as per TS 102 222 Section 6.3.2.2.2 Tags C1/C2.""" + if not repeat: + pad_len = size - len(pattern) + return pattern + pattern[-1:] * pad_len + else: + count = size // len(pattern) + part_len = size - count * len(pattern) + return pattern * count + pattern[:part_len] + @with_default_category('TS 102 222 Administrative Commands') class Ts102222Commands(CommandSet): """Administrative commands for telecommunication applications.""" -- To view, visit https://gerrit.osmocom.org/c/pysim/+/38898?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email Gerrit-MessageType: merged Gerrit-Project: pysim Gerrit-Branch: master Gerrit-Change-Id: I822bb5fbec11a3be35910a496af7168458fd949c Gerrit-Change-Number: 38898 Gerrit-PatchSet: 2 Gerrit-Owner: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-Reviewer: laforge <laforge(a)osmocom.org>

7 months

1
0
0 0

[S] Change in pysim[master]: esim.saip: New methods for inserting ProfileElement into sequence

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/pysim/+/38905?usp=email ) Change subject: esim.saip: New methods for inserting ProfileElement into sequence ...................................................................... esim.saip: New methods for inserting ProfileElement into sequence ProfileElements.insert_after_pe() is a convenience method to insert a new PE after an existing one in the sequence. This is a frequent task as there are strict ordering requirements in the SAIP format. Change-Id: I4424926127b4867931c2157e9340bacd2682ff0c --- M pySim/esim/saip/__init__.py 1 file changed, 22 insertions(+), 3 deletions(-) Approvals: Jenkins Builder: Verified laforge: Looks good to me, approved diff --git a/pySim/esim/saip/__init__.py b/pySim/esim/saip/__init__.py index 1fcf61f..b83367e 100644 --- a/pySim/esim/saip/__init__.py +++ b/pySim/esim/saip/__init__.py @@ -1500,6 +1500,27 @@ pe.header['identification'] = i i += 1 + def get_index_by_pe(self, pe: ProfileElement) -> int: + """Return a list with the indicies of all instances of PEs of petype.""" + ret = [] + i = 0 + for cur in self.pe_list: + if cur == pe: + return i + i += 1 + raise ValueError('PE %s is not part of PE Sequence' % (pe)) + + def insert_at_index(self, idx: int, pe: ProfileElement) -> None: + """Insert a given [new] ProfileElement at given index into the PE Sequence.""" + self.pe_list.insert(idx, pe) + self._process_pelist() + self.renumber_identification() + + def insert_after_pe(self, pe_before: ProfileElement, pe_new: ProfileElement) -> None: + """Insert a given [new] ProfileElement after a given [existing] PE in the PE Sequence.""" + idx = self.get_index_by_pe(pe_before) + self.insert_at_index(idx+1, pe_new) + def get_index_by_type(self, petype: str) -> List[int]: """Return a list with the indicies of all instances of PEs of petype.""" ret = [] @@ -1515,9 +1536,7 @@ # find MNO-SD index idx = self.get_index_by_type('securityDomain')[0] # insert _after_ MNO-SD - self.pe_list.insert(idx+1, ssd) - self._process_pelist() - self.renumber_identification() + self.insert_at_index(idx+1, ssd) def remove_naas_of_type(self, naa: Naa) -> None: """Remove all instances of NAAs of given type. This can be used, for example, -- To view, visit https://gerrit.osmocom.org/c/pysim/+/38905?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email Gerrit-MessageType: merged Gerrit-Project: pysim Gerrit-Branch: master Gerrit-Change-Id: I4424926127b4867931c2157e9340bacd2682ff0c Gerrit-Change-Number: 38905 Gerrit-PatchSet: 1 Gerrit-Owner: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org>

7 months

1
0
0 0

[S] Change in pysim[master]: [cosmetic] esim: Fix various typos in comments/messages/docs

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/pysim/+/38900?usp=email ) Change subject: [cosmetic] esim: Fix various typos in comments/messages/docs ...................................................................... [cosmetic] esim: Fix various typos in comments/messages/docs Change-Id: I806c7a37951e72027ab9346169a3f8fe241f2c46 --- M pySim/esim/bsp.py M pySim/esim/http_json_api.py M pySim/esim/saip/personalization.py M pySim/esim/x509_cert.py 4 files changed, 12 insertions(+), 12 deletions(-) Approvals: Jenkins Builder: Verified laforge: Looks good to me, approved diff --git a/pySim/esim/bsp.py b/pySim/esim/bsp.py index 24634a7..862502f 100644 --- a/pySim/esim/bsp.py +++ b/pySim/esim/bsp.py @@ -225,7 +225,7 @@ return cls(s_enc, s_mac, initial_mcv) def encrypt_and_mac_one(self, tag: int, plaintext:bytes) -> bytes: - """Encrypt + MAC a single plaintext TLV. Returns the protected ciphertex.""" + """Encrypt + MAC a single plaintext TLV. Returns the protected ciphertext.""" assert tag <= 255 assert len(plaintext) <= self.max_payload_size logger.debug("encrypt_and_mac_one(tag=0x%x, plaintext=%s)", tag, b2h(plaintext)) @@ -250,11 +250,11 @@ return result def mac_only_one(self, tag: int, plaintext: bytes) -> bytes: - """MAC a single plaintext TLV. Returns the protected ciphertex.""" + """MAC a single plaintext TLV. Returns the protected ciphertext.""" assert tag <= 255 assert len(plaintext) < self.max_payload_size maced = self.m_algo.auth(tag, plaintext) - # The data block counter for ICV caluclation is incremented also for each segment with C-MAC only. + # The data block counter for ICV calculation is incremented also for each segment with C-MAC only. self.c_algo.block_nr += 1 return maced @@ -288,7 +288,7 @@ def demac_only_one(self, ciphertext: bytes) -> bytes: payload = self.m_algo.verify(ciphertext) _tdict, _l, val, _remain = bertlv_parse_one(payload) - # The data block counter for ICV caluclation is incremented also for each segment with C-MAC only. + # The data block counter for ICV calculation is incremented also for each segment with C-MAC only. self.c_algo.block_nr += 1 return val diff --git a/pySim/esim/http_json_api.py b/pySim/esim/http_json_api.py index 6a803f2..ae32ba1 100644 --- a/pySim/esim/http_json_api.py +++ b/pySim/esim/http_json_api.py @@ -26,15 +26,15 @@ logger.setLevel(logging.DEBUG) class ApiParam(abc.ABC): - """A class reprsenting a single parameter in the API.""" + """A class representing a single parameter in the API.""" @classmethod def verify_decoded(cls, data): - """Verify the decoded reprsentation of a value. Should raise an exception if somthing is odd.""" + """Verify the decoded representation of a value. Should raise an exception if something is odd.""" pass @classmethod def verify_encoded(cls, data): - """Verify the encoded reprsentation of a value. Should raise an exception if somthing is odd.""" + """Verify the encoded representation of a value. Should raise an exception if something is odd.""" pass @classmethod diff --git a/pySim/esim/saip/personalization.py b/pySim/esim/saip/personalization.py index f9451d1..61973e7 100644 --- a/pySim/esim/saip/personalization.py +++ b/pySim/esim/saip/personalization.py @@ -67,7 +67,7 @@ If the string of digits is only 18 digits long, a Luhn check digit will be added.""" def validate(self): - # convert to string as it migt be an integer + # convert to string as it might be an integer iccid_str = str(self.input_value) if len(iccid_str) < 18 or len(iccid_str) > 20: raise ValueError('ICCID must be 18, 19 or 20 digits long') @@ -86,7 +86,7 @@ the last digit of the IMSI.""" def validate(self): - # convert to string as it migt be an integer + # convert to string as it might be an integer imsi_str = str(self.input_value) if len(imsi_str) < 6 or len(imsi_str) > 15: raise ValueError('IMSI must be 6..15 digits long') @@ -300,7 +300,7 @@ class AlgoConfig(ConfigurableParameter, metaclass=ClassVarMeta): - """Configurable Algorithm parameter. bytes.""" + """Configurable Algorithm parameter.""" key = None def validate(self): if not isinstance(self.input_value, (io.BytesIO, bytes, bytearray)): diff --git a/pySim/esim/x509_cert.py b/pySim/esim/x509_cert.py index 3bcf8a2..e951de7 100644 --- a/pySim/esim/x509_cert.py +++ b/pySim/esim/x509_cert.py @@ -31,7 +31,7 @@ """Verify if 'signed' certificate was signed using 'signer'.""" # this code only works for ECDSA, but this is all we need for GSMA eSIM pkey = signer.public_key() - # this 'signed.signature_algorithm_parameters' below requires cryptopgraphy 41.0.0 :( + # this 'signed.signature_algorithm_parameters' below requires cryptography 41.0.0 :( pkey.verify(signed.signature, signed.tbs_certificate_bytes, signed.signature_algorithm_parameters) def cert_get_subject_key_id(cert: x509.Certificate) -> bytes: @@ -189,7 +189,7 @@ def ecdsa_sign(self, plaintext: bytes) -> bytes: """Sign some input-data using an ECDSA signature compliant with SGP.22, which internally refers to Global Platform 2.2 Annex E, which in turn points - to BSI TS-03111 which states "concatengated raw R + S values". """ + to BSI TS-03111 which states "concatenated raw R + S values". """ sig = self.priv_key.sign(plaintext, ec.ECDSA(hashes.SHA256())) # convert from DER format to BSI TR-03111; first get long integers; then convert those to bytes return ecdsa_dss_to_tr03111(sig) -- To view, visit https://gerrit.osmocom.org/c/pysim/+/38900?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email Gerrit-MessageType: merged Gerrit-Project: pysim Gerrit-Branch: master Gerrit-Change-Id: I806c7a37951e72027ab9346169a3f8fe241f2c46 Gerrit-Change-Number: 38900 Gerrit-PatchSet: 1 Gerrit-Owner: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org>

7 months

1
0
0 0

[S] Change in pysim[master]: esim.saip.File: Re-compute file_size when changing body

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/pysim/+/38906?usp=email ) Change subject: esim.saip.File: Re-compute file_size when changing body ...................................................................... esim.saip.File: Re-compute file_size when changing body If the API user modifies the size of the body, we need to check if we need to re-compute the file_size attribute which is later encoded into the fileDescriptor. The size obviously must be large enough to fit the body. Let's do this implicitly by introducing a setter for File.body Change-Id: I1a908504b845b7c90f31294faf2a6e988bdd8049 --- M pySim/esim/saip/__init__.py 1 file changed, 20 insertions(+), 2 deletions(-) Approvals: laforge: Looks good to me, approved Jenkins Builder: Verified diff --git a/pySim/esim/saip/__init__.py b/pySim/esim/saip/__init__.py index b83367e..163c91b 100644 --- a/pySim/esim/saip/__init__.py +++ b/pySim/esim/saip/__init__.py @@ -106,7 +106,7 @@ self.pe_name = pename self._name = name self.template = template - self.body: Optional[bytes] = None + self._body: Optional[bytes] = None self.node: Optional['FsNode'] = None self.file_type = None self.fid: Optional[int] = None @@ -191,6 +191,24 @@ # All the files defined in the templates shall have, by default, shareable/not-shareable bit in the file descriptor set to "shareable". self.shareable = True self._template_derived = True + if hasattr(template, 'file_size'): + self._file_size = template.file_size + + def _recompute_size(self): + """recompute the file size, if needed (body larger than current size)""" + body_size = len(self.body) + if self.file_size == None or self.file_size < body_size: + self._file_size = body_size + + @property + def body(self): + return self._body + + @body.setter + def body(self, value: bytes): + self._body = value + # we need to potentially update the file size after changing the body [size] + self._recompute_size() def to_fileDescriptor(self) -> dict: """Convert from internal representation to 'fileDescriptor' as used by asn1tools for SAIP""" @@ -332,7 +350,7 @@ if fd: self.from_fileDescriptor(dict(fd)) # BODY - self.body = self.file_content_from_tuples(l) + self._body = self.file_content_from_tuples(l) @staticmethod def path_from_gfm(bin_path: bytes): -- To view, visit https://gerrit.osmocom.org/c/pysim/+/38906?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email Gerrit-MessageType: merged Gerrit-Project: pysim Gerrit-Branch: master Gerrit-Change-Id: I1a908504b845b7c90f31294faf2a6e988bdd8049 Gerrit-Change-Number: 38906 Gerrit-PatchSet: 1 Gerrit-Owner: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org>

7 months

1
0
0 0

[XS] Change in pysim[master]: esim.saip.File: Proper ARR conversion of template (into) to file (bytes)

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/pysim/+/38907?usp=email ) Change subject: esim.saip.File: Proper ARR conversion of template (into) to file (bytes) ...................................................................... esim.saip.File: Proper ARR conversion of template (into) to file (bytes) The encoding of the access rule reference is different in FileTemplate vs File, let's make sure we properly convert it when instantiating a File from a FileTemplate. Change-Id: Ibb8afb85cc0006bc5c59230ebf28b2c0c1a8a8ed --- M pySim/esim/saip/__init__.py 1 file changed, 1 insertion(+), 1 deletion(-) Approvals: laforge: Looks good to me, approved Jenkins Builder: Verified diff --git a/pySim/esim/saip/__init__.py b/pySim/esim/saip/__init__.py index 163c91b..40ef4ce 100644 --- a/pySim/esim/saip/__init__.py +++ b/pySim/esim/saip/__init__.py @@ -178,7 +178,7 @@ self.file_type = template.file_type self.fid = template.fid self.sfi = template.sfi - self.arr = template.arr + self.arr = template.arr.to_bytes(1) if hasattr(template, 'rec_len'): self.rec_len = template.rec_len else: -- To view, visit https://gerrit.osmocom.org/c/pysim/+/38907?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email Gerrit-MessageType: merged Gerrit-Project: pysim Gerrit-Branch: master Gerrit-Change-Id: Ibb8afb85cc0006bc5c59230ebf28b2c0c1a8a8ed Gerrit-Change-Number: 38907 Gerrit-PatchSet: 1 Gerrit-Owner: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org>

7 months

1
0
0 0

[XS] Change in pysim[master]: esim.saip.File: Suppress encoding attributes that are like template

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/pysim/+/38908?usp=email ) Change subject: esim.saip.File: Suppress encoding attributes that are like template ...................................................................... esim.saip.File: Suppress encoding attributes that are like template The point of the SAIP template mechanism is to reduce the size of the encoded profile. Therefore, our encoder in the to_fileDescriptor() method should suppress generating attributes if their value is identical to that of the template (if any). Change-Id: I337ee6c7e882ec711bece17b7a0def9da36b0ad7 --- M pySim/esim/saip/__init__.py 1 file changed, 3 insertions(+), 3 deletions(-) Approvals: Jenkins Builder: Verified laforge: Looks good to me, approved diff --git a/pySim/esim/saip/__init__.py b/pySim/esim/saip/__init__.py index 40ef4ce..94df453 100644 --- a/pySim/esim/saip/__init__.py +++ b/pySim/esim/saip/__init__.py @@ -216,13 +216,13 @@ fdb_dec = {} pefi = {} spfi = 0 - if self.fid: + if self.fid and self.fid != self.template.fid: fileDescriptor['fileID'] = self.fid.to_bytes(2, 'big') - if self.sfi: + if self.sfi and self.sfi != self.template.sfi: fileDescriptor['shortEFID'] = bytes([self.sfi]) if self.df_name: fileDescriptor['dfName'] = self.df_name - if self.arr: + if self.arr and self.arr != self.template.arr.to_bytes(1): fileDescriptor['securityAttributesReferenced'] = self.arr if self.file_type in ['LF', 'CY']: fdb_dec['file_type'] = 'working_ef' -- To view, visit https://gerrit.osmocom.org/c/pysim/+/38908?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email Gerrit-MessageType: merged Gerrit-Project: pysim Gerrit-Branch: master Gerrit-Change-Id: I337ee6c7e882ec711bece17b7a0def9da36b0ad7 Gerrit-Change-Number: 38908 Gerrit-PatchSet: 1 Gerrit-Owner: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org>

7 months

1
0
0 0

2025

2024

2023

2022

gerrit-log November 2024