Gitiles
Code Review Sign In
gerrit.osmocom.org / pysim / 721ba9b31f341c6d9219bc3cfe4de73da63beacd / . / tests / test_ota.py
blob: 7de5cff1ed64b36565125638374af74a4adf8e43 [file] [log] [blame]
Harald Welte75a58d12022-07-31 15:51:19 +0200[diff] [blame]1#!/usr/bin/env python3
2
3import unittest
4from pySim.utils import h2b, b2h
Harald Welte721ba9b2023-06-17 12:50:28 +0200[diff] [blame^]5from pySim.sms import SMS_SUBMIT, SMS_DELIVER, AddressField
Harald Welte75a58d12022-07-31 15:51:19 +0200[diff] [blame]6from pySim.ota import *
7
Harald Welte75e31c52023-06-06 20:49:57 +0200[diff] [blame]8# pre-defined SPI values for use in test cases below
9SPI_CC_POR_CIPHERED_CC = {
10 'counter':'no_counter',
11 'ciphering':True,
12 'rc_cc_ds': 'cc',
13 'por_in_submit':False,
14 'por_shall_be_ciphered':True,
15 'por_rc_cc_ds': 'cc',
16 'por': 'por_required'
17 }
18
19SPI_CC_POR_UNCIPHERED_CC = {
20 'counter':'no_counter',
21 'ciphering':True,
22 'rc_cc_ds': 'cc',
23 'por_in_submit':False,
24 'por_shall_be_ciphered':False,
25 'por_rc_cc_ds': 'cc',
26 'por': 'por_required'
27}
28
29SPI_CC_POR_UNCIPHERED_NOCC = {
30 'counter':'no_counter',
31 'ciphering':True,
32 'rc_cc_ds': 'cc',
33 'por_in_submit':False,
34 'por_shall_be_ciphered':False,
35 'por_rc_cc_ds': 'no_rc_cc_ds',
36 'por': 'por_required'
37}
38
Harald Welte721ba9b2023-06-17 12:50:28 +0200[diff] [blame^]39######################################################################
40# old-style code-driven test (lots of code copy+paste)
41######################################################################
Harald Welte75e31c52023-06-06 20:49:57 +0200[diff] [blame]42
43class Test_SMS_AES128(unittest.TestCase):
44 tar = h2b('B00011')
45 """Test the OtaDialectSms for AES128 algorithms."""
46 def __init__(self, foo, **kwargs):
47 super().__init__(foo, **kwargs)
48 self.od = OtaKeyset(algo_crypt='aes_cbc', kic_idx=2,
49 algo_auth='aes_cmac', kid_idx=2,
50 kic=h2b('200102030405060708090a0b0c0d0e0f'),
51 kid=h2b('201102030405060708090a0b0c0d0e0f'))
52 self.dialect = OtaDialectSms()
53 self.spi_base = SPI_CC_POR_CIPHERED_CC
54
55 def _check_response(self, r, d):
56 self.assertEqual(d['number_of_commands'], 1)
57 self.assertEqual(d['last_status_word'], '6132')
58 self.assertEqual(d['last_response_data'], u'')
59 self.assertEqual(r['response_status'], 'por_ok')
60
61 def test_resp_aes128_ciphered(self):
62 spi = self.spi_base
63 r, d = self.dialect.decode_resp(self.od, spi, '027100002412b00011ebc6b497e2cad7aedf36ace0e3a29b38853f0fe9ccde81913be5702b73abce1f')
64 self._check_response(r, d)
65
66 def test_cmd_aes128_ciphered(self):
67 spi = self.spi_base
68 r = self.dialect.encode_cmd(self.od, self.tar, spi, h2b('00a40004023f00'))
69 self.assertEqual(b2h(r), '00281506192222b00011e87cceebb2d93083011ce294f93fc4d8de80da1abae8c37ca3e72ec4432e5058')
70
71
72
73
Harald Welte75a58d12022-07-31 15:51:19 +0200[diff] [blame]74class Test_SMS_3DES(unittest.TestCase):
75 tar = h2b('b00000')
76 """Test the OtaDialectSms for 3DES algorithms."""
77 def __init__(self, foo, **kwargs):
78 super().__init__(foo, **kwargs)
79 # KIC1 + KID1 of 8988211000000467285
80 KIC1 = h2b('D0FDA31990D8D64178601317191669B4')
81 KID1 = h2b('D24EB461799C5E035C77451FD9404463')
82 KIC3 = h2b('C21DD66ACAC13CB3BC8B331B24AFB57B')
83 KID3 = h2b('12110C78E678C25408233076AA033615')
84 self.od = OtaKeyset(algo_crypt='triple_des_cbc2', kic_idx=3, kic=KIC3,
85 algo_auth='triple_des_cbc2', kid_idx=3, kid=KID3)
86 self.dialect = OtaDialectSms()
87 self.spi_base = {
88 'counter':'no_counter',
89 'ciphering': True,
90 'rc_cc_ds': 'cc',
91 'por_in_submit':False,
92 'por': 'por_required',
93 'por_shall_be_ciphered': True,
94 'por_rc_cc_ds': 'cc',
95 }
96
97 def _check_response(self, r, d):
98 self.assertEqual(d['number_of_commands'], 1)
99 self.assertEqual(d['last_status_word'], '612f')
100 self.assertEqual(d['last_response_data'], u'')
101 self.assertEqual(r['response_status'], 'por_ok')
102
103 def test_resp_3des_ciphered(self):
104 spi = self.spi_base
105 spi['por_shall_be_ciphered'] = True
106 spi['por_rc_cc_ds'] = 'cc'
107 r, d = self.dialect.decode_resp(self.od, spi, '027100001c12b000119660ebdb81be189b5e4389e9e7ab2bc0954f963ad869ed7c')
108 self._check_response(r, d)
109
110 def test_resp_3des_signed(self):
111 spi = self.spi_base
112 spi['por_shall_be_ciphered'] = False
113 spi['por_rc_cc_ds'] = 'cc'
114 r, d = self.dialect.decode_resp(self.od, spi, '027100001612b000110000000000000055f47118381175fb01612f')
115 self._check_response(r, d)
116
117 def test_resp_3des_signed_err(self):
118 """Expect an OtaCheckError exception if the computed CC != received CC"""
119 spi = self.spi_base
120 spi['por_shall_be_ciphered'] = False
121 spi['por_rc_cc_ds'] = 'cc'
122 with self.assertRaises(OtaCheckError) as context:
123 r, d = self.dialect.decode_resp(self.od, spi, '027100001612b000110000000000000055f47118381175fb02612f')
124 self.assertTrue('!= Computed CC' in str(context.exception))
125
126 def test_resp_3des_none(self):
127 spi = self.spi_base
128 spi['por_shall_be_ciphered'] = False
129 spi['por_rc_cc_ds'] = 'no_rc_cc_ds'
130 r, d = self.dialect.decode_resp(self.od, spi, '027100000e0ab000110000000000000001612f')
131 self._check_response(r, d)
132
133 def test_cmd_3des_ciphered(self):
134 spi = self.spi_base
135 spi['ciphering'] = True
136 spi['rc_cc_ds'] = 'no_rc_cc_ds'
137 r = self.dialect.encode_cmd(self.od, self.tar, spi, h2b('00a40000023f00'))
138 self.assertEqual(b2h(r), '00180d04193535b00000e3ec80a849b554421276af3883927c20')
139
140 def test_cmd_3des_signed(self):
141 spi = self.spi_base
142 spi['ciphering'] = False
143 spi['rc_cc_ds'] = 'cc'
144 r = self.dialect.encode_cmd(self.od, self.tar, spi, h2b('00a40000023f00'))
145 self.assertEqual(b2h(r), '1502193535b00000000000000000072ea17bdb72060e00a40000023f00')
146
147 def test_cmd_3des_none(self):
148 spi = self.spi_base
149 spi['ciphering'] = False
150 spi['rc_cc_ds'] = 'no_rc_cc_ds'
151 r = self.dialect.encode_cmd(self.od, self.tar, spi, h2b('00a40000023f00'))
152 self.assertEqual(b2h(r), '0d00193535b0000000000000000000a40000023f00')
Harald Welte721ba9b2023-06-17 12:50:28 +0200[diff] [blame^]153
154
155
156######################################################################
157# new-style data-driven tests
158######################################################################
159
160# SJA5 SAMPLE cards provisioned by execute_ipr.py
161OTA_KEYSET_SJA5_SAMPLES = OtaKeyset(algo_crypt='triple_des_cbc2', kic_idx=3,
162 algo_auth='triple_des_cbc2', kid_idx=3,
163 kic=h2b('300102030405060708090a0b0c0d0e0f'),
164 kid=h2b('301102030405060708090a0b0c0d0e0f'))
165
166OTA_KEYSET_SJA5_AES128 = OtaKeyset(algo_crypt='aes_cbc', kic_idx=2,
167 algo_auth='aes_cmac', kid_idx=2,
168 kic=h2b('200102030405060708090a0b0c0d0e0f'),
169 kid=h2b('201102030405060708090a0b0c0d0e0f'))
170
171class OtaTestCase(unittest.TestCase):
172 def __init__(self, methodName='runTest', **kwargs):
173 super().__init__(methodName, **kwargs)
174 # RAM: B00000
175 # SIM RFM: B00010
176 # USIM RFM: B00011
177 self.tar = h2b('B00011')
178
179class SmsOtaTestCase(OtaTestCase):
180 # Array describing the input/output data for the tests. We use the
181 # unittest subTests context manager to iterate over the entries of
182 # this testdatasets list. This is much more productive than
183 # manually writing one class per test.
184 testdatasets = [
185 {
186 'name': '3DES-SJA5-CIPHERED-CC',
187 'ota_keyset': OTA_KEYSET_SJA5_SAMPLES,
188 'spi': SPI_CC_POR_CIPHERED_CC,
189 'request': {
190 'apdu': b'\x00\xa4\x00\x04\x02\x3f\x00',
191 'encoded_cmd': '00201506193535b00011ae733256918d050b87c94fbfe12e4dc402f262c41cf67f2f',
192 'encoded_tpdu': '400881214365877ff6227052000000000302700000201506193535b00011ae733256918d050b87c94fbfe12e4dc402f262c41cf67f2f',
193 },
194 'response': {
195 'encoded_resp': '027100001c12b000118bb989492c632529326a2f4681feb37c825bc9021c9f6d0b',
196 'response_status': 'por_ok',
197 'number_of_commands': 1,
198 'last_status_word': '6132',
199 'last_response_data': '',
200 }
201 }, {
202 'name': '3DES-SJA5-UNCIPHERED-CC',
203 'ota_keyset': OTA_KEYSET_SJA5_SAMPLES,
204 'spi': SPI_CC_POR_UNCIPHERED_CC,
205 'request': {
206 'apdu': b'\x00\xa4\x00\x04\x02\x3f\x00',
207 'encoded_cmd': '00201506093535b00011c49ac91ab8159ba5b83a54fb6385e0a5e31694f8b215fafc',
208 'encoded_tpdu': '400881214365877ff6227052000000000302700000201506093535b00011c49ac91ab8159ba5b83a54fb6385e0a5e31694f8b215fafc',
209 },
210 'response': {
211 'encoded_resp': '027100001612b0001100000000000000b5bcd6353a421fae016132',
212 'response_status': 'por_ok',
213 'number_of_commands': 1,
214 'last_status_word': '6132',
215 'last_response_data': '',
216 }
217 }, {
218 'name': '3DES-SJA5-UNCIPHERED-NOCC',
219 'ota_keyset': OTA_KEYSET_SJA5_SAMPLES,
220 'spi': SPI_CC_POR_UNCIPHERED_NOCC,
221 'request': {
222 'apdu': b'\x00\xa4\x00\x04\x02\x3f\x00',
223 'encoded_cmd': '00201506013535b000113190be334900f52b025f3f7eddfe868e96ebf310023b7769',
224 'encoded_tpdu': '400881214365877ff6227052000000000302700000201506013535b000113190be334900f52b025f3f7eddfe868e96ebf310023b7769',
225 },
226 'response': {
227 'encoded_resp': '027100000e0ab0001100000000000000016132',
228 'response_status': 'por_ok',
229 'number_of_commands': 1,
230 'last_status_word': '6132',
231 'last_response_data': '',
232 }
233 }, {
234 'name': 'AES128-SJA5-CIPHERED-CC',
235 'ota_keyset': OTA_KEYSET_SJA5_AES128,
236 'spi': SPI_CC_POR_CIPHERED_CC,
237 'request': {
238 'apdu': b'\x00\xa4\x00\x04\x02\x3f\x00',
239 'encoded_cmd': '00281506192222b00011e87cceebb2d93083011ce294f93fc4d8de80da1abae8c37ca3e72ec4432e5058',
240 'encoded_tpdu': '400881214365877ff6227052000000000302700000281506192222b00011e87cceebb2d93083011ce294f93fc4d8de80da1abae8c37ca3e72ec4432e5058',
241 },
242 'response': {
243 'encoded_resp': '027100002412b00011ebc6b497e2cad7aedf36ace0e3a29b38853f0fe9ccde81913be5702b73abce1f',
244 'response_status': 'por_ok',
245 'number_of_commands': 1,
246 'last_status_word': '6132',
247 'last_response_data': '',
248 }
249 },
250 # TODO: AES192
251 # TODO: AES256
252 ]
253
254 def __init__(self, methodName='runTest', **kwargs):
255 super().__init__(methodName, **kwargs)
256 self.dialect = OtaDialectSms()
257 self.da = AddressField('12345678', 'unknown', 'isdn_e164')
258
259 def test_encode_cmd(self):
260 for t in SmsOtaTestCase.testdatasets:
261 with self.subTest(name=t['name']):
262 kset = t['ota_keyset']
263 outp = self.dialect.encode_cmd(kset, self.tar, t['spi'], apdu=t['request']['apdu'])
264 #print("result: %s" % b2h(outp))
265 self.assertEqual(b2h(outp), t['request']['encoded_cmd'])
266
267 with_udh = b'\x02\x70\x00' + outp
268 #print("with_udh: %s" % b2h(with_udh))
269
270 tpdu = SMS_DELIVER(tp_udhi=True, tp_oa=self.da, tp_pid=0x7F, tp_dcs=0xF6,
271 tp_scts=h2b('22705200000000'), tp_udl=3, tp_ud=with_udh)
272 #print("TPDU: %s" % tpdu)
273 #print("tpdu: %s" % b2h(tpdu.toBytes()))
274 self.assertEqual(b2h(tpdu.toBytes()), t['request']['encoded_tpdu'])
275
276 def test_decode_resp(self):
277 for t in SmsOtaTestCase.testdatasets:
278 with self.subTest(name=t['name']):
279 kset = t['ota_keyset']
280 r, d = self.dialect.decode_resp(kset, t['spi'], t['response']['encoded_resp'])
281 #print("RESP: %s / %s" % (r, d))
282 self.assertEqual(r.response_status, t['response']['response_status'])
283 self.assertEqual(d.number_of_commands, t['response']['number_of_commands'])
284 self.assertEqual(d.last_status_word, t['response']['last_status_word'])
285 self.assertEqual(d.last_response_data, t['response']['last_response_data'])