dexter has uploaded this change for review.

View Change

pySim-prog: generate Ki and OPc value using _digits() function

The _digits() function is used in the context of auto generating the
card individual data using a random seed (--secret) and a card number.
(--num). Unfortunately the Ki and the OPc value are not covered by
this mechanism, which means that even when the card number and the
random seed remain static, the Ki and the OPc value are always
changing.

Related: SYS#4120
Change-Id: Ib53d9d04a2073dafcca7cd21b0324bee5a23c540
---
M pySim-prog.py
1 file changed, 12 insertions(+), 4 deletions(-)

git pull ssh://gerrit.osmocom.org:29418/pysim refs/changes/64/38164/1

diff --git a/pySim-prog.py b/pySim-prog.py
index 3470c98..3ab644e 100755
--- a/pySim-prog.py
+++ b/pySim-prog.py
@@ -219,13 +219,21 @@
             parser.error(
                 "Can't give ICCID/IMSI for batch mode, need to use automatic parameters ! see --num and --secret for more information")
 
+    if options.secret is None:
+        options.secret = ''.join(random.choices(string.ascii_letters + string.digits, k=32))
+    if options.num is None:
+        options.num = random.randrange(1000000)
+
     return options
 
 
-def _digits(secret, usage, len, num):
+def _digits(secret, usage, len, num, hex = False):
     seed = secret + usage + '%d' % num
     s = hashlib.sha1(seed.encode())
-    d = ''.join(['%02d' % x for x in s.digest()])
+    if hex:
+        d = ''.join(['%02x' % x for x in s.digest()])
+    else:
+        d = ''.join(['%02d' % x for x in s.digest()])
     return d[0:len]
 
 
@@ -431,7 +439,7 @@
         if not re.match('^[0-9a-fA-F]{32}$', ki):
             raise ValueError('Ki needs to be 128 bits, in hex format')
     else:
-        ki = ''.join(['%02x' % random.randrange(0, 256) for i in range(16)])
+        ki = _digits(opts.secret, 'ki', 32, opts.num, hex = True)
 
     # OPC (random)
     if opts.opc is not None:
@@ -442,7 +450,7 @@
     elif opts.op is not None:
         opc = derive_milenage_opc(ki, opts.op)
     else:
-        opc = ''.join(['%02x' % random.randrange(0, 256) for i in range(16)])
+        opc = _digits(opts.secret, 'opc', 32, opts.num, hex = True)
 
     pin_adm = sanitize_pin_adm(opts.pin_adm, opts.pin_adm_hex)
 

To view, visit change 38164. To unsubscribe, or for help writing mail filters, visit settings.