laforge submitted this change.
ara_m: use class byte of current lchan
The ara_m commands use APDUs with a fix class byte (0x80). This means
that all ARA-M related features only work in the basic logical channel.
To fix this, let's compute the class byte for the current logical channel
dynamically inside the send_apdu methods of SimCardCommands. This will
fix the problem globally.
Related: OS#6531
Change-Id: Ie3e48678f178a488bfaea6cc2b9a3e18145a8d10
---
M pySim-shell.py
M pySim/ara_m.py
M pySim/commands.py
3 files changed, 33 insertions(+), 26 deletions(-)
diff --git a/pySim-shell.py b/pySim-shell.py
index 0ba8a25..43e9dd2 100755
--- a/pySim-shell.py
+++ b/pySim-shell.py
@@ -252,9 +252,9 @@
# can be executed without the presence of a runtime state (self.rs) object. However, this also means that
# self.lchan is also not present (see method equip).
if opts.raw or self.lchan is None:
- data, sw = self.card._scc.send_apdu(opts.APDU)
+ data, sw = self.card._scc.send_apdu(opts.APDU, apply_lchan = False)
else:
- data, sw = self.lchan.scc.send_apdu(opts.APDU)
+ data, sw = self.lchan.scc.send_apdu(opts.APDU, apply_lchan = False)
if data:
self.poutput("SW: %s, RESP: %s" % (sw, data))
else:
diff --git a/pySim/ara_m.py b/pySim/ara_m.py
index cdc934d..e6f0520 100644
--- a/pySim/ara_m.py
+++ b/pySim/ara_m.py
@@ -262,7 +262,7 @@
return pySim.global_platform.decode_select_response(data_hex)
@staticmethod
- def xceive_apdu_tlv(tp, hdr: Hexstr, cmd_do, resp_cls, exp_sw='9000'):
+ def xceive_apdu_tlv(scc, hdr: Hexstr, cmd_do, resp_cls, exp_sw='9000'):
"""Transceive an APDU with the card, transparently encoding the command data from TLV
and decoding the response data tlv."""
if cmd_do:
@@ -274,7 +274,7 @@
cmd_do_enc = b''
cmd_do_len = 0
c_apdu = hdr + ('%02x' % cmd_do_len) + b2h(cmd_do_enc)
- (data, _sw) = tp.send_apdu_checksw(c_apdu, exp_sw)
+ (data, _sw) = scc.send_apdu_checksw(c_apdu, exp_sw)
if data:
if resp_cls:
resp_do = resp_cls()
@@ -285,32 +285,32 @@
return None
@staticmethod
- def store_data(tp, do) -> bytes:
+ def store_data(scc, do) -> bytes:
"""Build the Command APDU for STORE DATA."""
- return ADF_ARAM.xceive_apdu_tlv(tp, '80e29000', do, StoreResponseDoCollection)
+ return ADF_ARAM.xceive_apdu_tlv(scc, '80e29000', do, StoreResponseDoCollection)
@staticmethod
- def get_all(tp):
- return ADF_ARAM.xceive_apdu_tlv(tp, '80caff40', None, GetResponseDoCollection)
+ def get_all(scc):
+ return ADF_ARAM.xceive_apdu_tlv(scc, '80caff40', None, GetResponseDoCollection)
@staticmethod
- def get_config(tp, v_major=0, v_minor=0, v_patch=1):
+ def get_config(scc, v_major=0, v_minor=0, v_patch=1):
cmd_do = DeviceConfigDO()
cmd_do.from_val_dict([{'device_interface_version_do': {
'major': v_major, 'minor': v_minor, 'patch': v_patch}}])
- return ADF_ARAM.xceive_apdu_tlv(tp, '80cadf21', cmd_do, ResponseAramConfigDO)
+ return ADF_ARAM.xceive_apdu_tlv(scc, '80cadf21', cmd_do, ResponseAramConfigDO)
@with_default_category('Application-Specific Commands')
class AddlShellCommands(CommandSet):
def do_aram_get_all(self, _opts):
"""GET DATA [All] on the ARA-M Applet"""
- res_do = ADF_ARAM.get_all(self._cmd.lchan.scc._tp)
+ res_do = ADF_ARAM.get_all(self._cmd.lchan.scc)
if res_do:
self._cmd.poutput_json(res_do.to_dict())
def do_aram_get_config(self, _opts):
"""Perform GET DATA [Config] on the ARA-M Applet: Tell it our version and retrieve its version."""
- res_do = ADF_ARAM.get_config(self._cmd.lchan.scc._tp)
+ res_do = ADF_ARAM.get_config(self._cmd.lchan.scc)
if res_do:
self._cmd.poutput_json(res_do.to_dict())
@@ -378,14 +378,14 @@
d = [{'ref_ar_do': [{'ref_do': ref_do_content}, {'ar_do': ar_do_content}]}]
csrado = CommandStoreRefArDO()
csrado.from_val_dict(d)
- res_do = ADF_ARAM.store_data(self._cmd.lchan.scc._tp, csrado)
+ res_do = ADF_ARAM.store_data(self._cmd.lchan.scc, csrado)
if res_do:
self._cmd.poutput_json(res_do.to_dict())
def do_aram_delete_all(self, _opts):
"""Perform STORE DATA [Command-Delete[all]] to delete all access rules."""
deldo = CommandDelete()
- res_do = ADF_ARAM.store_data(self._cmd.lchan.scc._tp, deldo)
+ res_do = ADF_ARAM.store_data(self._cmd.lchan.scc, deldo)
if res_do:
self._cmd.poutput_json(res_do.to_dict())
@@ -479,7 +479,7 @@
export_str = ""
export_str += "aram_delete_all\n"
- res_do = ADF_ARAM.get_all(lchan.scc._tp)
+ res_do = ADF_ARAM.get_all(lchan.scc)
if not res_do:
return export_str.strip()
diff --git a/pySim/commands.py b/pySim/commands.py
index 43fc705..3a7fe47 100644
--- a/pySim/commands.py
+++ b/pySim/commands.py
@@ -110,26 +110,30 @@
else:
return cla_with_lchan(cla, self.lchan_nr)
- def send_apdu(self, pdu: Hexstr) -> ResTuple:
+ def send_apdu(self, pdu: Hexstr, apply_lchan:bool = True) -> ResTuple:
"""Sends an APDU and auto fetch response data
Args:
pdu : string of hexadecimal characters (ex. "A0A40000023F00")
+ apply_lchan : apply the currently selected lchan to the CLA byte before sending
Returns:
tuple(data, sw), where
data : string (in hex) of returned data (ex. "074F4EFFFF")
sw : string (in hex) of status word (ex. "9000")
"""
+ if apply_lchan:
+ pdu = self.cla4lchan(pdu[0:2]) + pdu[2:]
if self.scp:
return self.scp.send_apdu_wrapper(self._tp.send_apdu, pdu)
else:
return self._tp.send_apdu(pdu)
- def send_apdu_checksw(self, pdu: Hexstr, sw: SwMatchstr = "9000") -> ResTuple:
+ def send_apdu_checksw(self, pdu: Hexstr, sw: SwMatchstr = "9000", apply_lchan:bool = True) -> ResTuple:
"""Sends an APDU and check returned SW
Args:
pdu : string of hexadecimal characters (ex. "A0A40000023F00")
+ apply_lchan : apply the currently selected lchan to the CLA byte before sending
sw : string of 4 hexadecimal characters (ex. "9000"). The user may mask out certain
digits using a '?' to add some ambiguity if needed.
Returns:
@@ -137,13 +141,15 @@
data : string (in hex) of returned data (ex. "074F4EFFFF")
sw : string (in hex) of status word (ex. "9000")
"""
+ if apply_lchan:
+ pdu = self.cla4lchan(pdu[0:2]) + pdu[2:]
if self.scp:
return self.scp.send_apdu_wrapper(self._tp.send_apdu_checksw, pdu, sw)
else:
return self._tp.send_apdu_checksw(pdu, sw)
def send_apdu_constr(self, cla: Hexstr, ins: Hexstr, p1: Hexstr, p2: Hexstr, cmd_constr: Construct,
- cmd_data: Hexstr, resp_constr: Construct) -> Tuple[dict, SwHexstr]:
+ cmd_data: Hexstr, resp_constr: Construct, apply_lchan:bool = True) -> Tuple[dict, SwHexstr]:
"""Build and sends an APDU using a 'construct' definition; parses response.
Args:
@@ -154,13 +160,14 @@
cmd_cosntr : defining how to generate binary APDU command data
cmd_data : command data passed to cmd_constr
resp_cosntr : defining how to decode binary APDU response data
+ apply_lchan : apply the currently selected lchan to the CLA byte before sending
Returns:
Tuple of (decoded_data, sw)
"""
cmd = cmd_constr.build(cmd_data) if cmd_data else ''
p3 = i2h([len(cmd)])
pdu = ''.join([cla, ins, p1, p2, p3, b2h(cmd)])
- (data, sw) = self.send_apdu(pdu)
+ (data, sw) = self.send_apdu(pdu, apply_lchan = apply_lchan)
if data:
# filter the resulting dict to avoid '_io' members inside
rsp = filter_dict(resp_constr.parse(h2b(data)))
@@ -170,7 +177,7 @@
def send_apdu_constr_checksw(self, cla: Hexstr, ins: Hexstr, p1: Hexstr, p2: Hexstr,
cmd_constr: Construct, cmd_data: Hexstr, resp_constr: Construct,
- sw_exp: SwMatchstr="9000") -> Tuple[dict, SwHexstr]:
+ sw_exp: SwMatchstr="9000", apply_lchan:bool = True) -> Tuple[dict, SwHexstr]:
"""Build and sends an APDU using a 'construct' definition; parses response.
Args:
@@ -185,8 +192,8 @@
Returns:
Tuple of (decoded_data, sw)
"""
- (rsp, sw) = self.send_apdu_constr(cla, ins,
- p1, p2, cmd_constr, cmd_data, resp_constr)
+ (rsp, sw) = self.send_apdu_constr(cla, ins, p1, p2, cmd_constr, cmd_data, resp_constr,
+ apply_lchan = apply_lchan)
if not sw_match(sw, sw_exp):
raise SwMatchError(sw, sw_exp.lower(), self._tp.sw_interpreter)
return (rsp, sw)
@@ -750,7 +757,7 @@
Args:
payload : payload as hex string
"""
- return self.send_apdu_checksw('80c20000%02x%s' % (len(payload)//2, payload))
+ return self.send_apdu_checksw('80c20000%02x%s' % (len(payload)//2, payload), apply_lchan = False)
def terminal_profile(self, payload: Hexstr) -> ResTuple:
"""Send TERMINAL PROFILE to card
@@ -759,7 +766,7 @@
payload : payload as hex string
"""
data_length = len(payload) // 2
- data, sw = self.send_apdu_checksw(('80100000%02x' % data_length) + payload)
+ data, sw = self.send_apdu_checksw(('80100000%02x' % data_length) + payload, apply_lchan = False)
return (data, sw)
# ETSI TS 102 221 11.1.22
@@ -797,7 +804,7 @@
raise ValueError('Time unit must be 0x00..0x04')
min_dur_enc = encode_duration(min_len_secs)
max_dur_enc = encode_duration(max_len_secs)
- data, sw = self.send_apdu_checksw('8076000004' + min_dur_enc + max_dur_enc)
+ data, sw = self.send_apdu_checksw('8076000004' + min_dur_enc + max_dur_enc, apply_lchan = False)
negotiated_duration_secs = decode_duration(data[:4])
resume_token = data[4:]
return (negotiated_duration_secs, resume_token, sw)
@@ -807,7 +814,7 @@
"""Send SUSPEND UICC (resume) to the card."""
if len(h2b(token)) != 8:
raise ValueError("Token must be 8 bytes long")
- data, sw = self.send_apdu_checksw('8076010008' + token)
+ data, sw = self.send_apdu_checksw('8076010008' + token, apply_lchan = False)
return (data, sw)
def get_data(self, tag: int, cla: int = 0x00):
To view, visit change 37840. To unsubscribe, or for help writing mail filters, visit settings.