Attention is currently required from: dexter, laforge.
fixeria has posted comments on this change. ( https://gerrit.osmocom.org/c/pysim/+/36930?usp=email )
Change subject: CardKeyProvider: Implement support for column-based transport key encryption
......................................................................
Patch Set 3: Code-Review+1
(1 comment)
File contrib/csv-encrypt-columns.py:
https://gerrit.osmocom.org/c/pysim/+/36930/comment/e35b5418_d3178900
PS1, Line 60: parser.add_argument('CSVFILE', help="CSV file name")
> I really don't see many stdin/stdout use cases for CSV files [with mandatory header, like here], sor […]
No problem, it was just a random idea :)
--
To view, visit https://gerrit.osmocom.org/c/pysim/+/36930?usp=email
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings
Gerrit-Project: pysim
Gerrit-Branch: master
Gerrit-Change-Id: I13146a799448d03c681dc868aaa31eb78b7821ff
Gerrit-Change-Number: 36930
Gerrit-PatchSet: 3
Gerrit-Owner: laforge <laforge(a)osmocom.org>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: dexter <pmaier(a)sysmocom.de>
Gerrit-Reviewer: fixeria <vyanitskiy(a)sysmocom.de>
Gerrit-Attention: laforge <laforge(a)osmocom.org>
Gerrit-Attention: dexter <pmaier(a)sysmocom.de>
Gerrit-Comment-Date: Fri, 31 May 2024 08:13:46 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes
Comment-In-Reply-To: laforge <laforge(a)osmocom.org>
Comment-In-Reply-To: fixeria <vyanitskiy(a)sysmocom.de>
Gerrit-MessageType: comment
Attention is currently required from: pespin.
osmith has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36948?usp=email )
Change subject: asterisk: AMI_Functions: Fix decoding of empty AccountID field
......................................................................
Patch Set 1: Code-Review+1
(1 comment)
Patchset:
PS1:
(maybe replace it with a small regex, that catches all empty fields?)
--
To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36948?usp=email
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings
Gerrit-Project: osmo-ttcn3-hacks
Gerrit-Branch: master
Gerrit-Change-Id: Ifc0e84a81b24d8ce8194b769a8ff9a0d4f3e85ff
Gerrit-Change-Number: 36948
Gerrit-PatchSet: 1
Gerrit-Owner: pespin <pespin(a)sysmocom.de>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: osmith <osmith(a)sysmocom.de>
Gerrit-Attention: pespin <pespin(a)sysmocom.de>
Gerrit-Comment-Date: Fri, 31 May 2024 06:44:35 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes
Gerrit-MessageType: comment
Attention is currently required from: dexter, fixeria.
Hello Jenkins Builder, dexter, fixeria,
I'd like you to reexamine a change. Please visit
https://gerrit.osmocom.org/c/pysim/+/36930?usp=email
to look at the new patch set (#3).
Change subject: CardKeyProvider: Implement support for column-based transport key encryption
......................................................................
CardKeyProvider: Implement support for column-based transport key encryption
It's generally a bad idea to keep [card specific] key material lying
around unencrypted in CSV files. The industry standard solution in the
GSMA is a so-called "transport key", which encrypts the key material.
Let's introduce support for this in the CardKeyProvider (and
specifically, the CardKeyProviderCSV) and allow the user to specify
transport key material as command line options to pySim-shell.
Different transport keys can be used for different key materials, so
allow specification of keys on a CSV-column base.
The higher-level goal is to allow the CSV file not only to store
the ADM keys (like now), but also global platform key material for
establishing SCP towards various security domains in a given card.
Change-Id: I13146a799448d03c681dc868aaa31eb78b7821ff
---
A contrib/csv-encrypt-columns.py
M docs/card-key-provider.rst
M pySim-shell.py
M pySim/card_key_provider.py
4 files changed, 189 insertions(+), 15 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/pysim refs/changes/30/36930/3
--
To view, visit https://gerrit.osmocom.org/c/pysim/+/36930?usp=email
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings
Gerrit-Project: pysim
Gerrit-Branch: master
Gerrit-Change-Id: I13146a799448d03c681dc868aaa31eb78b7821ff
Gerrit-Change-Number: 36930
Gerrit-PatchSet: 3
Gerrit-Owner: laforge <laforge(a)osmocom.org>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: dexter <pmaier(a)sysmocom.de>
Gerrit-Reviewer: fixeria <vyanitskiy(a)sysmocom.de>
Gerrit-Attention: fixeria <vyanitskiy(a)sysmocom.de>
Gerrit-Attention: dexter <pmaier(a)sysmocom.de>
Gerrit-MessageType: newpatchset
Attention is currently required from: dexter, fixeria.
laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/pysim/+/36930?usp=email )
Change subject: CardKeyProvider: Implement support for column-based transport key encryption
......................................................................
Patch Set 2:
(7 comments)
Patchset:
PS1:
> this still needs documentation
Done
File contrib/csv-encrypt-columns.py:
https://gerrit.osmocom.org/c/pysim/+/36930/comment/ad55b606_e45cdf37
PS1, Line 29: def dict_keys_to_upper(d: dict):
> typing hint: `-> dict:`
Done
https://gerrit.osmocom.org/c/pysim/+/36930/comment/5005ea52_4227e858
PS1, Line 37: def encrypt_col(self, colname:str, value: str):
> typing hint: `-> Hexstr:`?
Done
https://gerrit.osmocom.org/c/pysim/+/36930/comment/9c9d92c2_a1ca3a78
PS1, Line 43: def encrypt(self):
> type hint: `-> None:`
Done
https://gerrit.osmocom.org/c/pysim/+/36930/comment/3304b1c3_4b782e61
PS1, Line 60: parser.add_argument('CSVFILE', help="CSV file name")
> Idea: you can do `type=argparse. […]
I really don't see many stdin/stdout use cases for CSV files [with mandatory header, like here], sorry.
https://gerrit.osmocom.org/c/pysim/+/36930/comment/7b48851c_cc608623
PS1, Line 61: default=[],
> I would remove `default` and put `required=True`, since you require at least one argument.
Done
File pySim/card_key_provider.py:
https://gerrit.osmocom.org/c/pysim/+/36930/comment/0660366f_f8e1c4d1
PS1, Line 129: str) -> str
> `Hexstr`?
No, cannot do here as there are other values passing through [if no transport key, it could be anything non-hex]
--
To view, visit https://gerrit.osmocom.org/c/pysim/+/36930?usp=email
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings
Gerrit-Project: pysim
Gerrit-Branch: master
Gerrit-Change-Id: I13146a799448d03c681dc868aaa31eb78b7821ff
Gerrit-Change-Number: 36930
Gerrit-PatchSet: 2
Gerrit-Owner: laforge <laforge(a)osmocom.org>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: dexter <pmaier(a)sysmocom.de>
Gerrit-Reviewer: fixeria <vyanitskiy(a)sysmocom.de>
Gerrit-Attention: fixeria <vyanitskiy(a)sysmocom.de>
Gerrit-Attention: dexter <pmaier(a)sysmocom.de>
Gerrit-Comment-Date: Thu, 30 May 2024 21:35:59 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: laforge <laforge(a)osmocom.org>
Comment-In-Reply-To: fixeria <vyanitskiy(a)sysmocom.de>
Gerrit-MessageType: comment
Attention is currently required from: dexter, fixeria, laforge.
Hello Jenkins Builder, dexter, fixeria,
I'd like you to reexamine a change. Please visit
https://gerrit.osmocom.org/c/pysim/+/36930?usp=email
to look at the new patch set (#2).
The following approvals got outdated and were removed:
Code-Review+1 by fixeria, Verified+1 by Jenkins Builder
Change subject: CardKeyProvider: Implement support for column-based transport key encryption
......................................................................
CardKeyProvider: Implement support for column-based transport key encryption
It's generally a bad idea to keep [card specific] key material lying
around unencrypted in CSV files. The industry standard solution in the
GSMA is a so-called "transport key", which encrypts the key material.
Let's introduce support for this in the CardKeyProvider (and
specifically, the CardKeyProviderCSV) and allow the user to specify
transport key material as command line options to pySim-shell.
Different transport keys can be used for different key materials, so
allow specification of keys on a CSV-column base.
The higher-level goal is to allow the CSV file not only to store
the ADM keys (like now), but also global platform key material for
establishing SCP towards various security domains in a given card.
Change-Id: I13146a799448d03c681dc868aaa31eb78b7821ff
---
A contrib/csv-encrypt-columns.py
M docs/card-key-provider.rst
M pySim-shell.py
M pySim/card_key_provider.py
4 files changed, 189 insertions(+), 15 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/pysim refs/changes/30/36930/2
--
To view, visit https://gerrit.osmocom.org/c/pysim/+/36930?usp=email
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings
Gerrit-Project: pysim
Gerrit-Branch: master
Gerrit-Change-Id: I13146a799448d03c681dc868aaa31eb78b7821ff
Gerrit-Change-Number: 36930
Gerrit-PatchSet: 2
Gerrit-Owner: laforge <laforge(a)osmocom.org>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: dexter <pmaier(a)sysmocom.de>
Gerrit-Reviewer: fixeria <vyanitskiy(a)sysmocom.de>
Gerrit-Attention: laforge <laforge(a)osmocom.org>
Gerrit-Attention: fixeria <vyanitskiy(a)sysmocom.de>
Gerrit-Attention: dexter <pmaier(a)sysmocom.de>
Gerrit-MessageType: newpatchset
