Harald Welte | 75a58d1 | 2022-07-31 15:51:19 +0200 | [diff] [blame] | 1 | #!/usr/bin/env python3 |
| 2 | |
| 3 | import unittest |
| 4 | from pySim.utils import h2b, b2h |
Harald Welte | 721ba9b | 2023-06-17 12:50:28 +0200 | [diff] [blame] | 5 | from pySim.sms import SMS_SUBMIT, SMS_DELIVER, AddressField |
Harald Welte | 75a58d1 | 2022-07-31 15:51:19 +0200 | [diff] [blame] | 6 | from pySim.ota import * |
| 7 | |
Harald Welte | 75e31c5 | 2023-06-06 20:49:57 +0200 | [diff] [blame] | 8 | # pre-defined SPI values for use in test cases below |
| 9 | SPI_CC_POR_CIPHERED_CC = { |
| 10 | 'counter':'no_counter', |
| 11 | 'ciphering':True, |
| 12 | 'rc_cc_ds': 'cc', |
| 13 | 'por_in_submit':False, |
| 14 | 'por_shall_be_ciphered':True, |
| 15 | 'por_rc_cc_ds': 'cc', |
| 16 | 'por': 'por_required' |
| 17 | } |
| 18 | |
| 19 | SPI_CC_POR_UNCIPHERED_CC = { |
| 20 | 'counter':'no_counter', |
| 21 | 'ciphering':True, |
| 22 | 'rc_cc_ds': 'cc', |
| 23 | 'por_in_submit':False, |
| 24 | 'por_shall_be_ciphered':False, |
| 25 | 'por_rc_cc_ds': 'cc', |
| 26 | 'por': 'por_required' |
| 27 | } |
| 28 | |
| 29 | SPI_CC_POR_UNCIPHERED_NOCC = { |
| 30 | 'counter':'no_counter', |
| 31 | 'ciphering':True, |
| 32 | 'rc_cc_ds': 'cc', |
| 33 | 'por_in_submit':False, |
| 34 | 'por_shall_be_ciphered':False, |
| 35 | 'por_rc_cc_ds': 'no_rc_cc_ds', |
| 36 | 'por': 'por_required' |
| 37 | } |
| 38 | |
Harald Welte | 721ba9b | 2023-06-17 12:50:28 +0200 | [diff] [blame] | 39 | ###################################################################### |
| 40 | # old-style code-driven test (lots of code copy+paste) |
| 41 | ###################################################################### |
Harald Welte | 75e31c5 | 2023-06-06 20:49:57 +0200 | [diff] [blame] | 42 | |
| 43 | class Test_SMS_AES128(unittest.TestCase): |
| 44 | tar = h2b('B00011') |
| 45 | """Test the OtaDialectSms for AES128 algorithms.""" |
| 46 | def __init__(self, foo, **kwargs): |
| 47 | super().__init__(foo, **kwargs) |
| 48 | self.od = OtaKeyset(algo_crypt='aes_cbc', kic_idx=2, |
| 49 | algo_auth='aes_cmac', kid_idx=2, |
| 50 | kic=h2b('200102030405060708090a0b0c0d0e0f'), |
| 51 | kid=h2b('201102030405060708090a0b0c0d0e0f')) |
| 52 | self.dialect = OtaDialectSms() |
| 53 | self.spi_base = SPI_CC_POR_CIPHERED_CC |
| 54 | |
| 55 | def _check_response(self, r, d): |
| 56 | self.assertEqual(d['number_of_commands'], 1) |
| 57 | self.assertEqual(d['last_status_word'], '6132') |
| 58 | self.assertEqual(d['last_response_data'], u'') |
| 59 | self.assertEqual(r['response_status'], 'por_ok') |
| 60 | |
| 61 | def test_resp_aes128_ciphered(self): |
| 62 | spi = self.spi_base |
| 63 | r, d = self.dialect.decode_resp(self.od, spi, '027100002412b00011ebc6b497e2cad7aedf36ace0e3a29b38853f0fe9ccde81913be5702b73abce1f') |
| 64 | self._check_response(r, d) |
| 65 | |
| 66 | def test_cmd_aes128_ciphered(self): |
| 67 | spi = self.spi_base |
| 68 | r = self.dialect.encode_cmd(self.od, self.tar, spi, h2b('00a40004023f00')) |
| 69 | self.assertEqual(b2h(r), '00281506192222b00011e87cceebb2d93083011ce294f93fc4d8de80da1abae8c37ca3e72ec4432e5058') |
| 70 | |
| 71 | |
| 72 | |
| 73 | |
Harald Welte | 75a58d1 | 2022-07-31 15:51:19 +0200 | [diff] [blame] | 74 | class Test_SMS_3DES(unittest.TestCase): |
| 75 | tar = h2b('b00000') |
| 76 | """Test the OtaDialectSms for 3DES algorithms.""" |
| 77 | def __init__(self, foo, **kwargs): |
| 78 | super().__init__(foo, **kwargs) |
| 79 | # KIC1 + KID1 of 8988211000000467285 |
| 80 | KIC1 = h2b('D0FDA31990D8D64178601317191669B4') |
| 81 | KID1 = h2b('D24EB461799C5E035C77451FD9404463') |
| 82 | KIC3 = h2b('C21DD66ACAC13CB3BC8B331B24AFB57B') |
| 83 | KID3 = h2b('12110C78E678C25408233076AA033615') |
| 84 | self.od = OtaKeyset(algo_crypt='triple_des_cbc2', kic_idx=3, kic=KIC3, |
| 85 | algo_auth='triple_des_cbc2', kid_idx=3, kid=KID3) |
| 86 | self.dialect = OtaDialectSms() |
| 87 | self.spi_base = { |
| 88 | 'counter':'no_counter', |
| 89 | 'ciphering': True, |
| 90 | 'rc_cc_ds': 'cc', |
| 91 | 'por_in_submit':False, |
| 92 | 'por': 'por_required', |
| 93 | 'por_shall_be_ciphered': True, |
| 94 | 'por_rc_cc_ds': 'cc', |
| 95 | } |
| 96 | |
| 97 | def _check_response(self, r, d): |
| 98 | self.assertEqual(d['number_of_commands'], 1) |
| 99 | self.assertEqual(d['last_status_word'], '612f') |
| 100 | self.assertEqual(d['last_response_data'], u'') |
| 101 | self.assertEqual(r['response_status'], 'por_ok') |
| 102 | |
| 103 | def test_resp_3des_ciphered(self): |
| 104 | spi = self.spi_base |
| 105 | spi['por_shall_be_ciphered'] = True |
| 106 | spi['por_rc_cc_ds'] = 'cc' |
| 107 | r, d = self.dialect.decode_resp(self.od, spi, '027100001c12b000119660ebdb81be189b5e4389e9e7ab2bc0954f963ad869ed7c') |
| 108 | self._check_response(r, d) |
| 109 | |
| 110 | def test_resp_3des_signed(self): |
| 111 | spi = self.spi_base |
| 112 | spi['por_shall_be_ciphered'] = False |
| 113 | spi['por_rc_cc_ds'] = 'cc' |
| 114 | r, d = self.dialect.decode_resp(self.od, spi, '027100001612b000110000000000000055f47118381175fb01612f') |
| 115 | self._check_response(r, d) |
| 116 | |
| 117 | def test_resp_3des_signed_err(self): |
| 118 | """Expect an OtaCheckError exception if the computed CC != received CC""" |
| 119 | spi = self.spi_base |
| 120 | spi['por_shall_be_ciphered'] = False |
| 121 | spi['por_rc_cc_ds'] = 'cc' |
| 122 | with self.assertRaises(OtaCheckError) as context: |
| 123 | r, d = self.dialect.decode_resp(self.od, spi, '027100001612b000110000000000000055f47118381175fb02612f') |
| 124 | self.assertTrue('!= Computed CC' in str(context.exception)) |
| 125 | |
| 126 | def test_resp_3des_none(self): |
| 127 | spi = self.spi_base |
| 128 | spi['por_shall_be_ciphered'] = False |
| 129 | spi['por_rc_cc_ds'] = 'no_rc_cc_ds' |
| 130 | r, d = self.dialect.decode_resp(self.od, spi, '027100000e0ab000110000000000000001612f') |
| 131 | self._check_response(r, d) |
| 132 | |
| 133 | def test_cmd_3des_ciphered(self): |
| 134 | spi = self.spi_base |
| 135 | spi['ciphering'] = True |
| 136 | spi['rc_cc_ds'] = 'no_rc_cc_ds' |
| 137 | r = self.dialect.encode_cmd(self.od, self.tar, spi, h2b('00a40000023f00')) |
| 138 | self.assertEqual(b2h(r), '00180d04193535b00000e3ec80a849b554421276af3883927c20') |
| 139 | |
| 140 | def test_cmd_3des_signed(self): |
| 141 | spi = self.spi_base |
| 142 | spi['ciphering'] = False |
| 143 | spi['rc_cc_ds'] = 'cc' |
| 144 | r = self.dialect.encode_cmd(self.od, self.tar, spi, h2b('00a40000023f00')) |
| 145 | self.assertEqual(b2h(r), '1502193535b00000000000000000072ea17bdb72060e00a40000023f00') |
| 146 | |
| 147 | def test_cmd_3des_none(self): |
| 148 | spi = self.spi_base |
| 149 | spi['ciphering'] = False |
| 150 | spi['rc_cc_ds'] = 'no_rc_cc_ds' |
| 151 | r = self.dialect.encode_cmd(self.od, self.tar, spi, h2b('00a40000023f00')) |
| 152 | self.assertEqual(b2h(r), '0d00193535b0000000000000000000a40000023f00') |
Harald Welte | 721ba9b | 2023-06-17 12:50:28 +0200 | [diff] [blame] | 153 | |
| 154 | |
| 155 | |
| 156 | ###################################################################### |
| 157 | # new-style data-driven tests |
| 158 | ###################################################################### |
| 159 | |
| 160 | # SJA5 SAMPLE cards provisioned by execute_ipr.py |
| 161 | OTA_KEYSET_SJA5_SAMPLES = OtaKeyset(algo_crypt='triple_des_cbc2', kic_idx=3, |
| 162 | algo_auth='triple_des_cbc2', kid_idx=3, |
| 163 | kic=h2b('300102030405060708090a0b0c0d0e0f'), |
| 164 | kid=h2b('301102030405060708090a0b0c0d0e0f')) |
| 165 | |
| 166 | OTA_KEYSET_SJA5_AES128 = OtaKeyset(algo_crypt='aes_cbc', kic_idx=2, |
| 167 | algo_auth='aes_cmac', kid_idx=2, |
| 168 | kic=h2b('200102030405060708090a0b0c0d0e0f'), |
| 169 | kid=h2b('201102030405060708090a0b0c0d0e0f')) |
| 170 | |
| 171 | class OtaTestCase(unittest.TestCase): |
| 172 | def __init__(self, methodName='runTest', **kwargs): |
| 173 | super().__init__(methodName, **kwargs) |
| 174 | # RAM: B00000 |
| 175 | # SIM RFM: B00010 |
| 176 | # USIM RFM: B00011 |
| 177 | self.tar = h2b('B00011') |
| 178 | |
| 179 | class SmsOtaTestCase(OtaTestCase): |
| 180 | # Array describing the input/output data for the tests. We use the |
| 181 | # unittest subTests context manager to iterate over the entries of |
| 182 | # this testdatasets list. This is much more productive than |
| 183 | # manually writing one class per test. |
| 184 | testdatasets = [ |
| 185 | { |
| 186 | 'name': '3DES-SJA5-CIPHERED-CC', |
| 187 | 'ota_keyset': OTA_KEYSET_SJA5_SAMPLES, |
| 188 | 'spi': SPI_CC_POR_CIPHERED_CC, |
| 189 | 'request': { |
| 190 | 'apdu': b'\x00\xa4\x00\x04\x02\x3f\x00', |
| 191 | 'encoded_cmd': '00201506193535b00011ae733256918d050b87c94fbfe12e4dc402f262c41cf67f2f', |
| 192 | 'encoded_tpdu': '400881214365877ff6227052000000000302700000201506193535b00011ae733256918d050b87c94fbfe12e4dc402f262c41cf67f2f', |
| 193 | }, |
| 194 | 'response': { |
| 195 | 'encoded_resp': '027100001c12b000118bb989492c632529326a2f4681feb37c825bc9021c9f6d0b', |
| 196 | 'response_status': 'por_ok', |
| 197 | 'number_of_commands': 1, |
| 198 | 'last_status_word': '6132', |
| 199 | 'last_response_data': '', |
| 200 | } |
| 201 | }, { |
| 202 | 'name': '3DES-SJA5-UNCIPHERED-CC', |
| 203 | 'ota_keyset': OTA_KEYSET_SJA5_SAMPLES, |
| 204 | 'spi': SPI_CC_POR_UNCIPHERED_CC, |
| 205 | 'request': { |
| 206 | 'apdu': b'\x00\xa4\x00\x04\x02\x3f\x00', |
| 207 | 'encoded_cmd': '00201506093535b00011c49ac91ab8159ba5b83a54fb6385e0a5e31694f8b215fafc', |
| 208 | 'encoded_tpdu': '400881214365877ff6227052000000000302700000201506093535b00011c49ac91ab8159ba5b83a54fb6385e0a5e31694f8b215fafc', |
| 209 | }, |
| 210 | 'response': { |
| 211 | 'encoded_resp': '027100001612b0001100000000000000b5bcd6353a421fae016132', |
| 212 | 'response_status': 'por_ok', |
| 213 | 'number_of_commands': 1, |
| 214 | 'last_status_word': '6132', |
| 215 | 'last_response_data': '', |
| 216 | } |
| 217 | }, { |
| 218 | 'name': '3DES-SJA5-UNCIPHERED-NOCC', |
| 219 | 'ota_keyset': OTA_KEYSET_SJA5_SAMPLES, |
| 220 | 'spi': SPI_CC_POR_UNCIPHERED_NOCC, |
| 221 | 'request': { |
| 222 | 'apdu': b'\x00\xa4\x00\x04\x02\x3f\x00', |
| 223 | 'encoded_cmd': '00201506013535b000113190be334900f52b025f3f7eddfe868e96ebf310023b7769', |
| 224 | 'encoded_tpdu': '400881214365877ff6227052000000000302700000201506013535b000113190be334900f52b025f3f7eddfe868e96ebf310023b7769', |
| 225 | }, |
| 226 | 'response': { |
| 227 | 'encoded_resp': '027100000e0ab0001100000000000000016132', |
| 228 | 'response_status': 'por_ok', |
| 229 | 'number_of_commands': 1, |
| 230 | 'last_status_word': '6132', |
| 231 | 'last_response_data': '', |
| 232 | } |
| 233 | }, { |
| 234 | 'name': 'AES128-SJA5-CIPHERED-CC', |
| 235 | 'ota_keyset': OTA_KEYSET_SJA5_AES128, |
| 236 | 'spi': SPI_CC_POR_CIPHERED_CC, |
| 237 | 'request': { |
| 238 | 'apdu': b'\x00\xa4\x00\x04\x02\x3f\x00', |
| 239 | 'encoded_cmd': '00281506192222b00011e87cceebb2d93083011ce294f93fc4d8de80da1abae8c37ca3e72ec4432e5058', |
| 240 | 'encoded_tpdu': '400881214365877ff6227052000000000302700000281506192222b00011e87cceebb2d93083011ce294f93fc4d8de80da1abae8c37ca3e72ec4432e5058', |
| 241 | }, |
| 242 | 'response': { |
| 243 | 'encoded_resp': '027100002412b00011ebc6b497e2cad7aedf36ace0e3a29b38853f0fe9ccde81913be5702b73abce1f', |
| 244 | 'response_status': 'por_ok', |
| 245 | 'number_of_commands': 1, |
| 246 | 'last_status_word': '6132', |
| 247 | 'last_response_data': '', |
| 248 | } |
| 249 | }, |
| 250 | # TODO: AES192 |
| 251 | # TODO: AES256 |
| 252 | ] |
| 253 | |
| 254 | def __init__(self, methodName='runTest', **kwargs): |
| 255 | super().__init__(methodName, **kwargs) |
| 256 | self.dialect = OtaDialectSms() |
| 257 | self.da = AddressField('12345678', 'unknown', 'isdn_e164') |
| 258 | |
| 259 | def test_encode_cmd(self): |
| 260 | for t in SmsOtaTestCase.testdatasets: |
| 261 | with self.subTest(name=t['name']): |
| 262 | kset = t['ota_keyset'] |
| 263 | outp = self.dialect.encode_cmd(kset, self.tar, t['spi'], apdu=t['request']['apdu']) |
| 264 | #print("result: %s" % b2h(outp)) |
| 265 | self.assertEqual(b2h(outp), t['request']['encoded_cmd']) |
| 266 | |
| 267 | with_udh = b'\x02\x70\x00' + outp |
| 268 | #print("with_udh: %s" % b2h(with_udh)) |
| 269 | |
| 270 | tpdu = SMS_DELIVER(tp_udhi=True, tp_oa=self.da, tp_pid=0x7F, tp_dcs=0xF6, |
| 271 | tp_scts=h2b('22705200000000'), tp_udl=3, tp_ud=with_udh) |
| 272 | #print("TPDU: %s" % tpdu) |
| 273 | #print("tpdu: %s" % b2h(tpdu.toBytes())) |
| 274 | self.assertEqual(b2h(tpdu.toBytes()), t['request']['encoded_tpdu']) |
| 275 | |
| 276 | def test_decode_resp(self): |
| 277 | for t in SmsOtaTestCase.testdatasets: |
| 278 | with self.subTest(name=t['name']): |
| 279 | kset = t['ota_keyset'] |
| 280 | r, d = self.dialect.decode_resp(kset, t['spi'], t['response']['encoded_resp']) |
| 281 | #print("RESP: %s / %s" % (r, d)) |
| 282 | self.assertEqual(r.response_status, t['response']['response_status']) |
| 283 | self.assertEqual(d.number_of_commands, t['response']['number_of_commands']) |
| 284 | self.assertEqual(d.last_status_word, t['response']['last_status_word']) |
| 285 | self.assertEqual(d.last_response_data, t['response']['last_response_data']) |