Change in pysim[master]: sim-rest-server: Report meaningful error message if PIN is blocked
laforge has submitted this change. ( https://gerrit.osmocom.org/c/pysim/+/28747 )
Change subject: sim-rest-server: Report meaningful error message if PIN is blocked ......................................................................
sim-rest-server: Report meaningful error message if PIN is blocked
Instead of a cryptic backtrace, we now return a meaningful error like this:
{"error": {"message": "Security Status not satisfied - Card PIN enabled?", "status_word": "6982"}
Change-Id: I6dafd37dfd9fa3d52ca2c2e5ec37a6d274ba651b Closes: OS#5606 --- M contrib/sim-rest-server.py 1 file changed, 15 insertions(+), 5 deletions(-)
Approvals: Jenkins Builder: Verified laforge: Looks good to me, approved; Verified
diff --git a/contrib/sim-rest-server.py b/contrib/sim-rest-server.py index 62498b4..f2ed63e 100755 --- a/contrib/sim-rest-server.py +++ b/contrib/sim-rest-server.py @@ -2,7 +2,7 @@
# RESTful HTTP service for performing authentication against USIM cards # -# (C) 2021 by Harald Welte laforge@osmocom.org +# (C) 2021-2022 by Harald Welte laforge@osmocom.org # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -51,11 +51,15 @@ return tp, scc, card
class ApiError: - def __init__(self, msg:str): + def __init__(self, msg:str, sw=None): self.msg = msg + self.sw = sw
def __str__(self): - return json.dumps({'error': {'message':self.msg}}) + d = {'error': {'message':self.msg}} + if self.sw: + d['error']['status_word'] = self.sw + return json.dumps(d)
def set_headers(request): @@ -80,13 +84,19 @@ def protocol_error(self, request, failure): set_headers(request) request.setResponseCode(500) - return str(ApiError("Protocol Error")) + return str(ApiError("Protocol Error: %s" % failure.value))
@app.handle_errors(SwMatchError) def sw_match_error(self, request, failure): set_headers(request) request.setResponseCode(500) - return str(ApiError("Card Communication Error %s" % failure)) + sw = failure.value.sw_actual + if sw == '9862': + return str(ApiError("Card Authentication Error - Incorrect MAC", sw)) + elif sw == '6982': + return str(ApiError("Security Status not satisfied - Card PIN enabled?", sw)) + else: + return str(ApiError("Card Communication Error %s" % failure.value), sw)
@app.route('/sim-auth-api/v1/slot/int:slot')
-
laforge