laforge has uploaded this change for review. ( https://gerrit.osmocom.org/c/pysim/+/41765?usp=email )

Change subject: global_platform: Add KCV computation for TLS-PSK keys ......................................................................

global_platform: Add KCV computation for TLS-PSK keys

This adds support for computing the KCV (key check value) for TLS-PSK keys such as those used in SCP81.

The spec reference is "Remote Application Management over HTTP Card Specification v2.2 - Amendment B Version 1.1.3"

Change-Id: I8c56ba1341fd4615f8a9ed0c13f25790639f9098 --- M pySim/global_platform/__init__.py 1 file changed, 9 insertions(+), 0 deletions(-)

git pull ssh://gerrit.osmocom.org:29418/pysim refs/changes/65/41765/1

diff --git a/pySim/global_platform/__init__.py b/pySim/global_platform/__init__.py index 8a99677..a1f4824 100644 --- a/pySim/global_platform/__init__.py +++ b/pySim/global_platform/__init__.py @@ -18,6 +18,7 @@ """

import io +import hashlib from copy import deepcopy from typing import Optional, List, Dict, Tuple from construct import Optional as COptional @@ -1051,10 +1052,18 @@ cipher = AES.new(key, AES.MODE_ECB) return cipher.encrypt(plaintext)

+def compute_kcv_sha1(key:bytes) -> bytes: + # GPC 2.2 B RAM over HTTP Section 3.8: A key check value shall be computed as the three most + # significant bytes of the SHA-1 digest of the PSK TLS Key + m = hashlib.sha1() + m.update(key) + return m.digest()[:3] + # dict is keyed by the string name of the KeyType enum above in this file KCV_CALCULATOR = { 'aes': compute_kcv_aes, 'des': compute_kcv_des, + 'tls_psk': compute_kcv_sha1, }

def compute_kcv(key_type: str, key: bytes) -> Optional[bytes]: