laforge has submitted this change. ( https://gerrit.osmocom.org/c/pysim/+/42186?usp=email )

Change subject: contrib/smpp-ota-tool: warn about mixed up KIC/KIC indexes ......................................................................

contrib/smpp-ota-tool: warn about mixed up KIC/KIC indexes

Cards usually have multiple sets of KIC, KID (and KIK). The keys are selected through an index. However, mixing keys from different sets is concidered as a security violation and cards should reject such configurations.

Let's print a warning to make users aware that something is off.

Change-Id: Ieb4e14145baba1c2cb4a237b612b04694940f402 Related: OS#6868 --- M contrib/smpp-ota-tool.py 1 file changed, 4 insertions(+), 0 deletions(-)

Approvals: laforge: Looks good to me, approved Jenkins Builder: Verified

diff --git a/contrib/smpp-ota-tool.py b/contrib/smpp-ota-tool.py index c2e9562..0903533 100755 --- a/contrib/smpp-ota-tool.py +++ b/contrib/smpp-ota-tool.py @@ -214,6 +214,10 @@ format='%(asctime)s %(levelname)s %(message)s', datefmt='%Y-%m-%d %H:%M:%S')

+ if opts.kic_idx != opts.kid_idx: + logger.warning("KIC index (%s) and KID index (%s) are different (security violation, card should reject message)", + opts.kic_idx, opts.kid_idx) + ota_keyset = OtaKeyset(algo_crypt=opts.algo_crypt, kic_idx=opts.kic_idx, kic=h2b(opts.kic),