Sylvain Munaut | 76504e0 | 2010-12-07 00:24:32 +0100 | [diff] [blame] | 1 | # -*- coding: utf-8 -*- |
| 2 | |
| 3 | """ pySim: SIM Card commands according to ISO 7816-4 and TS 11.11 |
| 4 | """ |
| 5 | |
| 6 | # |
| 7 | # Copyright (C) 2009-2010 Sylvain Munaut <tnt@246tNt.com> |
Harald Welte | 917d98c | 2021-04-21 11:51:25 +0200 | [diff] [blame] | 8 | # Copyright (C) 2010-2021 Harald Welte <laforge@gnumonks.org> |
Sylvain Munaut | 76504e0 | 2010-12-07 00:24:32 +0100 | [diff] [blame] | 9 | # |
| 10 | # This program is free software: you can redistribute it and/or modify |
| 11 | # it under the terms of the GNU General Public License as published by |
| 12 | # the Free Software Foundation, either version 2 of the License, or |
| 13 | # (at your option) any later version. |
| 14 | # |
| 15 | # This program is distributed in the hope that it will be useful, |
| 16 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 17 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 18 | # GNU General Public License for more details. |
| 19 | # |
| 20 | # You should have received a copy of the GNU General Public License |
| 21 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 22 | # |
| 23 | |
Harald Welte | 15fae98 | 2021-04-10 10:22:27 +0200 | [diff] [blame] | 24 | from construct import * |
| 25 | from pySim.construct import LV |
Philipp Maier | 796ca3d | 2021-11-01 17:13:57 +0100 | [diff] [blame] | 26 | from pySim.utils import rpad, b2h, h2b, sw_match, bertlv_encode_len, Hexstr, h2i, str_sanitize |
Philipp Maier | 46f09af | 2021-03-25 20:24:27 +0100 | [diff] [blame] | 27 | from pySim.exceptions import SwMatchError |
Sylvain Munaut | 76504e0 | 2010-12-07 00:24:32 +0100 | [diff] [blame] | 28 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 29 | |
Sylvain Munaut | 76504e0 | 2010-12-07 00:24:32 +0100 | [diff] [blame] | 30 | class SimCardCommands(object): |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 31 | def __init__(self, transport): |
| 32 | self._tp = transport |
| 33 | self.cla_byte = "a0" |
| 34 | self.sel_ctrl = "0000" |
Jan Balke | 14b350f | 2015-01-26 11:15:25 +0100 | [diff] [blame] | 35 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 36 | # Extract a single FCP item from TLV |
| 37 | def __parse_fcp(self, fcp): |
| 38 | # see also: ETSI TS 102 221, chapter 11.1.1.3.1 Response for MF, |
| 39 | # DF or ADF |
| 40 | from pytlv.TLV import TLV |
| 41 | tlvparser = TLV(['82', '83', '84', 'a5', '8a', '8b', |
| 42 | '8c', '80', 'ab', 'c6', '81', '88']) |
Philipp Maier | 0e3fcaa | 2018-06-13 12:34:03 +0200 | [diff] [blame] | 43 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 44 | # pytlv is case sensitive! |
| 45 | fcp = fcp.lower() |
Philipp Maier | 0e3fcaa | 2018-06-13 12:34:03 +0200 | [diff] [blame] | 46 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 47 | if fcp[0:2] != '62': |
| 48 | raise ValueError( |
| 49 | 'Tag of the FCP template does not match, expected 62 but got %s' % fcp[0:2]) |
Philipp Maier | 0e3fcaa | 2018-06-13 12:34:03 +0200 | [diff] [blame] | 50 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 51 | # Unfortunately the spec is not very clear if the FCP length is |
| 52 | # coded as one or two byte vale, so we have to try it out by |
| 53 | # checking if the length of the remaining TLV string matches |
| 54 | # what we get in the length field. |
| 55 | # See also ETSI TS 102 221, chapter 11.1.1.3.0 Base coding. |
| 56 | exp_tlv_len = int(fcp[2:4], 16) |
| 57 | if len(fcp[4:]) // 2 == exp_tlv_len: |
| 58 | skip = 4 |
| 59 | else: |
| 60 | exp_tlv_len = int(fcp[2:6], 16) |
| 61 | if len(fcp[4:]) // 2 == exp_tlv_len: |
| 62 | skip = 6 |
Philipp Maier | 0e3fcaa | 2018-06-13 12:34:03 +0200 | [diff] [blame] | 63 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 64 | # Skip FCP tag and length |
| 65 | tlv = fcp[skip:] |
| 66 | return tlvparser.parse(tlv) |
Philipp Maier | 0e3fcaa | 2018-06-13 12:34:03 +0200 | [diff] [blame] | 67 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 68 | # Tell the length of a record by the card response |
| 69 | # USIMs respond with an FCP template, which is different |
| 70 | # from what SIMs responds. See also: |
| 71 | # USIM: ETSI TS 102 221, chapter 11.1.1.3 Response Data |
| 72 | # SIM: GSM 11.11, chapter 9.2.1 SELECT |
| 73 | def __record_len(self, r) -> int: |
| 74 | if self.sel_ctrl == "0004": |
| 75 | tlv_parsed = self.__parse_fcp(r[-1]) |
| 76 | file_descriptor = tlv_parsed['82'] |
| 77 | # See also ETSI TS 102 221, chapter 11.1.1.4.3 File Descriptor |
| 78 | return int(file_descriptor[4:8], 16) |
| 79 | else: |
| 80 | return int(r[-1][28:30], 16) |
Philipp Maier | 0e3fcaa | 2018-06-13 12:34:03 +0200 | [diff] [blame] | 81 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 82 | # Tell the length of a binary file. See also comment |
| 83 | # above. |
| 84 | def __len(self, r) -> int: |
| 85 | if self.sel_ctrl == "0004": |
| 86 | tlv_parsed = self.__parse_fcp(r[-1]) |
| 87 | return int(tlv_parsed['80'], 16) |
| 88 | else: |
| 89 | return int(r[-1][4:8], 16) |
Philipp Maier | 0e3fcaa | 2018-06-13 12:34:03 +0200 | [diff] [blame] | 90 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 91 | def get_atr(self) -> str: |
| 92 | """Return the ATR of the currently inserted card.""" |
| 93 | return self._tp.get_atr() |
Alexander Chemeris | d2d660a | 2017-07-18 16:52:25 +0300 | [diff] [blame] | 94 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 95 | def try_select_path(self, dir_list): |
| 96 | """ Try to select a specified path |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 97 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 98 | Args: |
| 99 | dir_list : list of hex-string FIDs |
| 100 | """ |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 101 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 102 | rv = [] |
| 103 | if type(dir_list) is not list: |
| 104 | dir_list = [dir_list] |
| 105 | for i in dir_list: |
| 106 | data, sw = self._tp.send_apdu( |
| 107 | self.cla_byte + "a4" + self.sel_ctrl + "02" + i) |
| 108 | rv.append((data, sw)) |
| 109 | if sw != '9000': |
| 110 | return rv |
| 111 | return rv |
Harald Welte | ca67394 | 2020-06-03 15:19:40 +0200 | [diff] [blame] | 112 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 113 | def select_path(self, dir_list): |
| 114 | """Execute SELECT for an entire list/path of FIDs. |
Harald Welte | ee3501f | 2021-04-02 13:00:18 +0200 | [diff] [blame] | 115 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 116 | Args: |
| 117 | dir_list: list of FIDs representing the path to select |
Harald Welte | ee3501f | 2021-04-02 13:00:18 +0200 | [diff] [blame] | 118 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 119 | Returns: |
| 120 | list of return values (FCP in hex encoding) for each element of the path |
| 121 | """ |
| 122 | rv = [] |
| 123 | if type(dir_list) is not list: |
| 124 | dir_list = [dir_list] |
| 125 | for i in dir_list: |
| 126 | data, sw = self.select_file(i) |
| 127 | rv.append(data) |
| 128 | return rv |
Sylvain Munaut | 76504e0 | 2010-12-07 00:24:32 +0100 | [diff] [blame] | 129 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 130 | def select_file(self, fid: str): |
| 131 | """Execute SELECT a given file by FID. |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 132 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 133 | Args: |
| 134 | fid : file identifier as hex string |
| 135 | """ |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 136 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 137 | return self._tp.send_apdu_checksw(self.cla_byte + "a4" + self.sel_ctrl + "02" + fid) |
Harald Welte | 85484a9 | 2021-01-21 16:08:56 +0100 | [diff] [blame] | 138 | |
Harald Welte | 3729c47 | 2022-02-12 14:36:37 +0100 | [diff] [blame] | 139 | def select_parent_df(self): |
| 140 | """Execute SELECT to switch to the parent DF """ |
| 141 | return self._tp.send_apdu_checksw(self.cla_byte + "a4030400") |
| 142 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 143 | def select_adf(self, aid: str): |
| 144 | """Execute SELECT a given Applicaiton ADF. |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 145 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 146 | Args: |
| 147 | aid : application identifier as hex string |
| 148 | """ |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 149 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 150 | aidlen = ("0" + format(len(aid) // 2, 'x'))[-2:] |
| 151 | return self._tp.send_apdu_checksw(self.cla_byte + "a4" + "0404" + aidlen + aid) |
Philipp Maier | 0ad5bcf | 2019-12-31 17:55:47 +0100 | [diff] [blame] | 152 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 153 | def read_binary(self, ef, length: int = None, offset: int = 0): |
| 154 | """Execute READD BINARY. |
Harald Welte | ee3501f | 2021-04-02 13:00:18 +0200 | [diff] [blame] | 155 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 156 | Args: |
| 157 | ef : string or list of strings indicating name or path of transparent EF |
| 158 | length : number of bytes to read |
| 159 | offset : byte offset in file from which to start reading |
| 160 | """ |
| 161 | r = self.select_path(ef) |
| 162 | if len(r[-1]) == 0: |
| 163 | return (None, None) |
| 164 | if length is None: |
| 165 | length = self.__len(r) - offset |
| 166 | if length < 0: |
| 167 | return (None, None) |
Philipp Maier | e087f90 | 2021-11-03 11:46:05 +0100 | [diff] [blame] | 168 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 169 | total_data = '' |
| 170 | chunk_offset = 0 |
| 171 | while chunk_offset < length: |
| 172 | chunk_len = min(255, length-chunk_offset) |
| 173 | pdu = self.cla_byte + \ |
| 174 | 'b0%04x%02x' % (offset + chunk_offset, chunk_len) |
| 175 | try: |
| 176 | data, sw = self._tp.send_apdu_checksw(pdu) |
| 177 | except Exception as e: |
| 178 | raise ValueError('%s, failed to read (offset %d)' % |
| 179 | (str_sanitize(str(e)), offset)) |
| 180 | total_data += data |
| 181 | chunk_offset += chunk_len |
| 182 | return total_data, sw |
Sylvain Munaut | 76504e0 | 2010-12-07 00:24:32 +0100 | [diff] [blame] | 183 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 184 | def update_binary(self, ef, data: str, offset: int = 0, verify: bool = False, conserve: bool = False): |
| 185 | """Execute UPDATE BINARY. |
Harald Welte | ee3501f | 2021-04-02 13:00:18 +0200 | [diff] [blame] | 186 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 187 | Args: |
| 188 | ef : string or list of strings indicating name or path of transparent EF |
| 189 | data : hex string of data to be written |
| 190 | offset : byte offset in file from which to start writing |
| 191 | verify : Whether or not to verify data after write |
| 192 | """ |
| 193 | data_length = len(data) // 2 |
Philipp Maier | 38c74f6 | 2021-03-17 17:19:52 +0100 | [diff] [blame] | 194 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 195 | # Save write cycles by reading+comparing before write |
| 196 | if conserve: |
| 197 | data_current, sw = self.read_binary(ef, data_length, offset) |
| 198 | if data_current == data: |
| 199 | return None, sw |
Philipp Maier | 38c74f6 | 2021-03-17 17:19:52 +0100 | [diff] [blame] | 200 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 201 | self.select_path(ef) |
| 202 | total_data = '' |
| 203 | chunk_offset = 0 |
| 204 | while chunk_offset < data_length: |
| 205 | chunk_len = min(255, data_length - chunk_offset) |
| 206 | # chunk_offset is bytes, but data slicing is hex chars, so we need to multiply by 2 |
| 207 | pdu = self.cla_byte + \ |
| 208 | 'd6%04x%02x' % (offset + chunk_offset, chunk_len) + \ |
| 209 | data[chunk_offset*2: (chunk_offset+chunk_len)*2] |
| 210 | try: |
| 211 | chunk_data, chunk_sw = self._tp.send_apdu_checksw(pdu) |
| 212 | except Exception as e: |
| 213 | raise ValueError('%s, failed to write chunk (chunk_offset %d, chunk_len %d)' % |
| 214 | (str_sanitize(str(e)), chunk_offset, chunk_len)) |
| 215 | total_data += data |
| 216 | chunk_offset += chunk_len |
| 217 | if verify: |
| 218 | self.verify_binary(ef, data, offset) |
| 219 | return total_data, chunk_sw |
Philipp Maier | 30eb8ca | 2020-05-11 22:51:37 +0200 | [diff] [blame] | 220 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 221 | def verify_binary(self, ef, data: str, offset: int = 0): |
| 222 | """Verify contents of transparent EF. |
Harald Welte | ee3501f | 2021-04-02 13:00:18 +0200 | [diff] [blame] | 223 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 224 | Args: |
| 225 | ef : string or list of strings indicating name or path of transparent EF |
| 226 | data : hex string of expected data |
| 227 | offset : byte offset in file from which to start verifying |
| 228 | """ |
| 229 | res = self.read_binary(ef, len(data) // 2, offset) |
| 230 | if res[0].lower() != data.lower(): |
| 231 | raise ValueError('Binary verification failed (expected %s, got %s)' % ( |
| 232 | data.lower(), res[0].lower())) |
Sylvain Munaut | 76504e0 | 2010-12-07 00:24:32 +0100 | [diff] [blame] | 233 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 234 | def read_record(self, ef, rec_no: int): |
| 235 | """Execute READ RECORD. |
Harald Welte | ee3501f | 2021-04-02 13:00:18 +0200 | [diff] [blame] | 236 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 237 | Args: |
| 238 | ef : string or list of strings indicating name or path of linear fixed EF |
| 239 | rec_no : record number to read |
| 240 | """ |
| 241 | r = self.select_path(ef) |
| 242 | rec_length = self.__record_len(r) |
| 243 | pdu = self.cla_byte + 'b2%02x04%02x' % (rec_no, rec_length) |
| 244 | return self._tp.send_apdu_checksw(pdu) |
Sylvain Munaut | 76504e0 | 2010-12-07 00:24:32 +0100 | [diff] [blame] | 245 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 246 | def update_record(self, ef, rec_no: int, data: str, force_len: bool = False, verify: bool = False, |
| 247 | conserve: bool = False): |
| 248 | """Execute UPDATE RECORD. |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 249 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 250 | Args: |
| 251 | ef : string or list of strings indicating name or path of linear fixed EF |
| 252 | rec_no : record number to read |
| 253 | data : hex string of data to be written |
| 254 | force_len : enforce record length by using the actual data length |
| 255 | verify : verify data by re-reading the record |
| 256 | conserve : read record and compare it with data, skip write on match |
| 257 | """ |
| 258 | res = self.select_path(ef) |
Philipp Maier | 42804d7 | 2021-04-30 11:56:23 +0200 | [diff] [blame] | 259 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 260 | if force_len: |
| 261 | # enforce the record length by the actual length of the given data input |
| 262 | rec_length = len(data) // 2 |
| 263 | else: |
| 264 | # determine the record length from the select response of the file and pad |
| 265 | # the input data with 0xFF if necessary. In cases where the input data |
| 266 | # exceed we throw an exception. |
| 267 | rec_length = self.__record_len(res) |
| 268 | if (len(data) // 2 > rec_length): |
| 269 | raise ValueError('Data length exceeds record length (expected max %d, got %d)' % ( |
| 270 | rec_length, len(data) // 2)) |
| 271 | elif (len(data) // 2 < rec_length): |
| 272 | data = rpad(data, rec_length * 2) |
Philipp Maier | 38c74f6 | 2021-03-17 17:19:52 +0100 | [diff] [blame] | 273 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 274 | # Save write cycles by reading+comparing before write |
| 275 | if conserve: |
| 276 | data_current, sw = self.read_record(ef, rec_no) |
| 277 | data_current = data_current[0:rec_length*2] |
| 278 | if data_current == data: |
| 279 | return None, sw |
Philipp Maier | 38c74f6 | 2021-03-17 17:19:52 +0100 | [diff] [blame] | 280 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 281 | pdu = (self.cla_byte + 'dc%02x04%02x' % (rec_no, rec_length)) + data |
| 282 | res = self._tp.send_apdu_checksw(pdu) |
| 283 | if verify: |
| 284 | self.verify_record(ef, rec_no, data) |
| 285 | return res |
Philipp Maier | 30eb8ca | 2020-05-11 22:51:37 +0200 | [diff] [blame] | 286 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 287 | def verify_record(self, ef, rec_no: int, data: str): |
| 288 | """Verify record against given data |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 289 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 290 | Args: |
| 291 | ef : string or list of strings indicating name or path of linear fixed EF |
| 292 | rec_no : record number to read |
| 293 | data : hex string of data to be verified |
| 294 | """ |
| 295 | res = self.read_record(ef, rec_no) |
| 296 | if res[0].lower() != data.lower(): |
| 297 | raise ValueError('Record verification failed (expected %s, got %s)' % ( |
| 298 | data.lower(), res[0].lower())) |
Sylvain Munaut | 76504e0 | 2010-12-07 00:24:32 +0100 | [diff] [blame] | 299 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 300 | def record_size(self, ef): |
| 301 | """Determine the record size of given file. |
Harald Welte | ee3501f | 2021-04-02 13:00:18 +0200 | [diff] [blame] | 302 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 303 | Args: |
| 304 | ef : string or list of strings indicating name or path of linear fixed EF |
| 305 | """ |
| 306 | r = self.select_path(ef) |
| 307 | return self.__record_len(r) |
Sylvain Munaut | 76504e0 | 2010-12-07 00:24:32 +0100 | [diff] [blame] | 308 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 309 | def record_count(self, ef): |
| 310 | """Determine the number of records in given file. |
Harald Welte | ee3501f | 2021-04-02 13:00:18 +0200 | [diff] [blame] | 311 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 312 | Args: |
| 313 | ef : string or list of strings indicating name or path of linear fixed EF |
| 314 | """ |
| 315 | r = self.select_path(ef) |
| 316 | return self.__len(r) // self.__record_len(r) |
Sylvain Munaut | 76504e0 | 2010-12-07 00:24:32 +0100 | [diff] [blame] | 317 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 318 | def binary_size(self, ef): |
| 319 | """Determine the size of given transparent file. |
| 320 | |
| 321 | Args: |
| 322 | ef : string or list of strings indicating name or path of transparent EF |
| 323 | """ |
| 324 | r = self.select_path(ef) |
| 325 | return self.__len(r) |
Harald Welte | ee3501f | 2021-04-02 13:00:18 +0200 | [diff] [blame] | 326 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 327 | # TS 102 221 Section 11.3.1 low-level helper |
| 328 | def _retrieve_data(self, tag: int, first: bool = True): |
| 329 | if first: |
| 330 | pdu = '80cb008001%02x' % (tag) |
| 331 | else: |
| 332 | pdu = '80cb000000' |
| 333 | return self._tp.send_apdu_checksw(pdu) |
Philipp Maier | 32daaf5 | 2020-05-11 21:48:33 +0200 | [diff] [blame] | 334 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 335 | def retrieve_data(self, ef, tag: int): |
| 336 | """Execute RETRIEVE DATA, see also TS 102 221 Section 11.3.1. |
Harald Welte | 917d98c | 2021-04-21 11:51:25 +0200 | [diff] [blame] | 337 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 338 | Args |
| 339 | ef : string or list of strings indicating name or path of transparent EF |
| 340 | tag : BER-TLV Tag of value to be retrieved |
| 341 | """ |
| 342 | r = self.select_path(ef) |
| 343 | if len(r[-1]) == 0: |
| 344 | return (None, None) |
| 345 | total_data = '' |
| 346 | # retrieve first block |
| 347 | data, sw = self._retrieve_data(tag, first=True) |
| 348 | total_data += data |
| 349 | while sw == '62f1' or sw == '62f2': |
| 350 | data, sw = self._retrieve_data(tag, first=False) |
| 351 | total_data += data |
| 352 | return total_data, sw |
Harald Welte | 917d98c | 2021-04-21 11:51:25 +0200 | [diff] [blame] | 353 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 354 | # TS 102 221 Section 11.3.2 low-level helper |
| 355 | def _set_data(self, data: str, first: bool = True): |
| 356 | if first: |
| 357 | p1 = 0x80 |
| 358 | else: |
| 359 | p1 = 0x00 |
| 360 | if isinstance(data, bytes) or isinstance(data, bytearray): |
| 361 | data = b2h(data) |
| 362 | pdu = '80db00%02x%02x%s' % (p1, len(data)//2, data) |
| 363 | return self._tp.send_apdu_checksw(pdu) |
Harald Welte | 917d98c | 2021-04-21 11:51:25 +0200 | [diff] [blame] | 364 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 365 | def set_data(self, ef, tag: int, value: str, verify: bool = False, conserve: bool = False): |
| 366 | """Execute SET DATA. |
Harald Welte | 917d98c | 2021-04-21 11:51:25 +0200 | [diff] [blame] | 367 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 368 | Args |
| 369 | ef : string or list of strings indicating name or path of transparent EF |
| 370 | tag : BER-TLV Tag of value to be stored |
| 371 | value : BER-TLV value to be stored |
| 372 | """ |
| 373 | r = self.select_path(ef) |
| 374 | if len(r[-1]) == 0: |
| 375 | return (None, None) |
Harald Welte | 917d98c | 2021-04-21 11:51:25 +0200 | [diff] [blame] | 376 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 377 | # in case of deleting the data, we only have 'tag' but no 'value' |
| 378 | if not value: |
| 379 | return self._set_data('%02x' % tag, first=True) |
Harald Welte | 917d98c | 2021-04-21 11:51:25 +0200 | [diff] [blame] | 380 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 381 | # FIXME: proper BER-TLV encode |
| 382 | tl = '%02x%s' % (tag, b2h(bertlv_encode_len(len(value)//2))) |
| 383 | tlv = tl + value |
| 384 | tlv_bin = h2b(tlv) |
Harald Welte | 917d98c | 2021-04-21 11:51:25 +0200 | [diff] [blame] | 385 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 386 | first = True |
| 387 | total_len = len(tlv_bin) |
| 388 | remaining = tlv_bin |
| 389 | while len(remaining) > 0: |
| 390 | fragment = remaining[:255] |
| 391 | rdata, sw = self._set_data(fragment, first=first) |
| 392 | first = False |
| 393 | remaining = remaining[255:] |
| 394 | return rdata, sw |
Harald Welte | 917d98c | 2021-04-21 11:51:25 +0200 | [diff] [blame] | 395 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 396 | def run_gsm(self, rand: str): |
| 397 | """Execute RUN GSM ALGORITHM. |
Harald Welte | 917d98c | 2021-04-21 11:51:25 +0200 | [diff] [blame] | 398 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 399 | Args: |
| 400 | rand : 16 byte random data as hex string (RAND) |
| 401 | """ |
| 402 | if len(rand) != 32: |
| 403 | raise ValueError('Invalid rand') |
| 404 | self.select_path(['3f00', '7f20']) |
| 405 | return self._tp.send_apdu(self.cla_byte + '88000010' + rand) |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 406 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 407 | def authenticate(self, rand: str, autn: str, context='3g'): |
| 408 | """Execute AUTHENTICATE (USIM/ISIM). |
Sylvain Munaut | 76504e0 | 2010-12-07 00:24:32 +0100 | [diff] [blame] | 409 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 410 | Args: |
| 411 | rand : 16 byte random data as hex string (RAND) |
| 412 | autn : 8 byte Autentication Token (AUTN) |
| 413 | context : 16 byte random data ('3g' or 'gsm') |
| 414 | """ |
| 415 | # 3GPP TS 31.102 Section 7.1.2.1 |
| 416 | AuthCmd3G = Struct('rand'/LV, 'autn'/Optional(LV)) |
| 417 | AuthResp3GSyncFail = Struct(Const(b'\xDC'), 'auts'/LV) |
| 418 | AuthResp3GSuccess = Struct( |
| 419 | Const(b'\xDB'), 'res'/LV, 'ck'/LV, 'ik'/LV, 'kc'/Optional(LV)) |
| 420 | AuthResp3G = Select(AuthResp3GSyncFail, AuthResp3GSuccess) |
| 421 | # build parameters |
| 422 | cmd_data = {'rand': rand, 'autn': autn} |
| 423 | if context == '3g': |
| 424 | p2 = '81' |
| 425 | elif context == 'gsm': |
| 426 | p2 = '80' |
| 427 | (data, sw) = self._tp.send_apdu_constr_checksw( |
| 428 | self.cla_byte, '88', '00', p2, AuthCmd3G, cmd_data, AuthResp3G) |
| 429 | if 'auts' in data: |
| 430 | ret = {'synchronisation_failure': data} |
| 431 | else: |
| 432 | ret = {'successful_3g_authentication': data} |
| 433 | return (ret, sw) |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 434 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 435 | def status(self): |
| 436 | """Execute a STATUS command as per TS 102 221 Section 11.1.2.""" |
| 437 | return self._tp.send_apdu_checksw('80F20000ff') |
Harald Welte | 15fae98 | 2021-04-10 10:22:27 +0200 | [diff] [blame] | 438 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 439 | def deactivate_file(self): |
| 440 | """Execute DECATIVATE FILE command as per TS 102 221 Section 11.1.14.""" |
| 441 | return self._tp.send_apdu_constr_checksw(self.cla_byte, '04', '00', '00', None, None, None) |
Harald Welte | 34b05d3 | 2021-05-25 22:03:13 +0200 | [diff] [blame] | 442 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 443 | def activate_file(self, fid): |
| 444 | """Execute ACTIVATE FILE command as per TS 102 221 Section 11.1.15. |
Harald Welte | a463161 | 2021-04-10 18:17:55 +0200 | [diff] [blame] | 445 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 446 | Args: |
| 447 | fid : file identifier as hex string |
| 448 | """ |
| 449 | return self._tp.send_apdu_checksw(self.cla_byte + '44000002' + fid) |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 450 | |
Harald Welte | 3c9b784 | 2021-10-19 21:44:24 +0200 | [diff] [blame] | 451 | def create_file(self, payload: Hexstr): |
| 452 | """Execute CREEATE FILE command as per TS 102 222 Section 6.3""" |
| 453 | return self._tp.send_apdu_checksw(self.cla_byte + 'e00000%02x%s' % (len(payload)//2, payload)) |
| 454 | |
| 455 | def delete_file(self, fid): |
| 456 | """Execute DELETE FILE command as per TS 102 222 Section 6.4""" |
| 457 | return self._tp.send_apdu_checksw(self.cla_byte + 'e4000002' + fid) |
| 458 | |
| 459 | def terminate_df(self, fid): |
| 460 | """Execute TERMINATE DF command as per TS 102 222 Section 6.7""" |
| 461 | return self._tp.send_apdu_checksw(self.cla_byte + 'e6000002' + fid) |
| 462 | |
| 463 | def terminate_ef(self, fid): |
| 464 | """Execute TERMINATE EF command as per TS 102 222 Section 6.8""" |
| 465 | return self._tp.send_apdu_checksw(self.cla_byte + 'e8000002' + fid) |
| 466 | |
| 467 | def terminate_card_usage(self): |
| 468 | """Execute TERMINATE CARD USAGE command as per TS 102 222 Section 6.9""" |
| 469 | return self._tp.send_apdu_checksw(self.cla_byte + 'fe000000') |
| 470 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 471 | def manage_channel(self, mode='open', lchan_nr=0): |
| 472 | """Execute MANAGE CHANNEL command as per TS 102 221 Section 11.1.17. |
Harald Welte | a463161 | 2021-04-10 18:17:55 +0200 | [diff] [blame] | 473 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 474 | Args: |
| 475 | mode : logical channel operation code ('open' or 'close') |
| 476 | lchan_nr : logical channel number (1-19, 0=assigned by UICC) |
| 477 | """ |
| 478 | if mode == 'close': |
| 479 | p1 = 0x80 |
| 480 | else: |
| 481 | p1 = 0x00 |
| 482 | pdu = self.cla_byte + '70%02x%02x00' % (p1, lchan_nr) |
| 483 | return self._tp.send_apdu_checksw(pdu) |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 484 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 485 | def reset_card(self): |
| 486 | """Physically reset the card""" |
| 487 | return self._tp.reset_card() |
Harald Welte | 703f933 | 2021-04-10 18:39:32 +0200 | [diff] [blame] | 488 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 489 | def _chv_process_sw(self, op_name, chv_no, pin_code, sw): |
| 490 | if sw_match(sw, '63cx'): |
| 491 | raise RuntimeError('Failed to %s chv_no 0x%02X with code 0x%s, %i tries left.' % |
| 492 | (op_name, chv_no, b2h(pin_code).upper(), int(sw[3]))) |
| 493 | elif (sw != '9000'): |
| 494 | raise SwMatchError(sw, '9000') |
Sylvain Munaut | 76504e0 | 2010-12-07 00:24:32 +0100 | [diff] [blame] | 495 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 496 | def verify_chv(self, chv_no: int, code: str): |
| 497 | """Verify a given CHV (Card Holder Verification == PIN) |
Philipp Maier | 46f09af | 2021-03-25 20:24:27 +0100 | [diff] [blame] | 498 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 499 | Args: |
| 500 | chv_no : chv number (1=CHV1, 2=CHV2, ...) |
| 501 | code : chv code as hex string |
| 502 | """ |
| 503 | fc = rpad(b2h(code), 16) |
| 504 | data, sw = self._tp.send_apdu( |
| 505 | self.cla_byte + '2000' + ('%02X' % chv_no) + '08' + fc) |
| 506 | self._chv_process_sw('verify', chv_no, code, sw) |
| 507 | return (data, sw) |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 508 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 509 | def unblock_chv(self, chv_no: int, puk_code: str, pin_code: str): |
| 510 | """Unblock a given CHV (Card Holder Verification == PIN) |
Philipp Maier | 46f09af | 2021-03-25 20:24:27 +0100 | [diff] [blame] | 511 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 512 | Args: |
| 513 | chv_no : chv number (1=CHV1, 2=CHV2, ...) |
| 514 | puk_code : puk code as hex string |
| 515 | pin_code : new chv code as hex string |
| 516 | """ |
| 517 | fc = rpad(b2h(puk_code), 16) + rpad(b2h(pin_code), 16) |
| 518 | data, sw = self._tp.send_apdu( |
| 519 | self.cla_byte + '2C00' + ('%02X' % chv_no) + '10' + fc) |
| 520 | self._chv_process_sw('unblock', chv_no, pin_code, sw) |
| 521 | return (data, sw) |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 522 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 523 | def change_chv(self, chv_no: int, pin_code: str, new_pin_code: str): |
| 524 | """Change a given CHV (Card Holder Verification == PIN) |
Philipp Maier | 46f09af | 2021-03-25 20:24:27 +0100 | [diff] [blame] | 525 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 526 | Args: |
| 527 | chv_no : chv number (1=CHV1, 2=CHV2, ...) |
| 528 | pin_code : current chv code as hex string |
| 529 | new_pin_code : new chv code as hex string |
| 530 | """ |
| 531 | fc = rpad(b2h(pin_code), 16) + rpad(b2h(new_pin_code), 16) |
| 532 | data, sw = self._tp.send_apdu( |
| 533 | self.cla_byte + '2400' + ('%02X' % chv_no) + '10' + fc) |
| 534 | self._chv_process_sw('change', chv_no, pin_code, sw) |
| 535 | return (data, sw) |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 536 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 537 | def disable_chv(self, chv_no: int, pin_code: str): |
| 538 | """Disable a given CHV (Card Holder Verification == PIN) |
Philipp Maier | 46f09af | 2021-03-25 20:24:27 +0100 | [diff] [blame] | 539 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 540 | Args: |
| 541 | chv_no : chv number (1=CHV1, 2=CHV2, ...) |
| 542 | pin_code : current chv code as hex string |
| 543 | new_pin_code : new chv code as hex string |
| 544 | """ |
| 545 | fc = rpad(b2h(pin_code), 16) |
| 546 | data, sw = self._tp.send_apdu( |
| 547 | self.cla_byte + '2600' + ('%02X' % chv_no) + '08' + fc) |
| 548 | self._chv_process_sw('disable', chv_no, pin_code, sw) |
| 549 | return (data, sw) |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 550 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 551 | def enable_chv(self, chv_no: int, pin_code: str): |
| 552 | """Enable a given CHV (Card Holder Verification == PIN) |
Philipp Maier | 46f09af | 2021-03-25 20:24:27 +0100 | [diff] [blame] | 553 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 554 | Args: |
| 555 | chv_no : chv number (1=CHV1, 2=CHV2, ...) |
| 556 | pin_code : chv code as hex string |
| 557 | """ |
| 558 | fc = rpad(b2h(pin_code), 16) |
| 559 | data, sw = self._tp.send_apdu( |
| 560 | self.cla_byte + '2800' + ('%02X' % chv_no) + '08' + fc) |
| 561 | self._chv_process_sw('enable', chv_no, pin_code, sw) |
| 562 | return (data, sw) |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 563 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 564 | def envelope(self, payload: str): |
| 565 | """Send one ENVELOPE command to the SIM |
Harald Welte | f201166 | 2021-05-24 23:19:30 +0200 | [diff] [blame] | 566 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 567 | Args: |
| 568 | payload : payload as hex string |
| 569 | """ |
| 570 | return self._tp.send_apdu_checksw('80c20000%02x%s' % (len(payload)//2, payload)) |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 571 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 572 | def terminal_profile(self, payload: str): |
| 573 | """Send TERMINAL PROFILE to card |
Harald Welte | 846a898 | 2021-10-08 15:47:16 +0200 | [diff] [blame] | 574 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 575 | Args: |
| 576 | payload : payload as hex string |
| 577 | """ |
| 578 | data_length = len(payload) // 2 |
| 579 | data, sw = self._tp.send_apdu(('80100000%02x' % data_length) + payload) |
| 580 | return (data, sw) |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 581 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 582 | # ETSI TS 102 221 11.1.22 |
| 583 | def suspend_uicc(self, min_len_secs: int = 60, max_len_secs: int = 43200): |
| 584 | """Send SUSPEND UICC to the card. |
Harald Welte | ec95053 | 2021-10-20 13:09:00 +0200 | [diff] [blame] | 585 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 586 | Args: |
| 587 | min_len_secs : mimumum suspend time seconds |
| 588 | max_len_secs : maximum suspend time seconds |
| 589 | """ |
| 590 | def encode_duration(secs: int) -> Hexstr: |
| 591 | if secs >= 10*24*60*60: |
| 592 | return '04%02x' % (secs // (10*24*60*60)) |
| 593 | elif secs >= 24*60*60: |
| 594 | return '03%02x' % (secs // (24*60*60)) |
| 595 | elif secs >= 60*60: |
| 596 | return '02%02x' % (secs // (60*60)) |
| 597 | elif secs >= 60: |
| 598 | return '01%02x' % (secs // 60) |
| 599 | else: |
| 600 | return '00%02x' % secs |
Philipp Maier | 712251a | 2021-11-04 17:09:37 +0100 | [diff] [blame] | 601 | |
Harald Welte | c91085e | 2022-02-10 18:05:45 +0100 | [diff] [blame] | 602 | def decode_duration(enc: Hexstr) -> int: |
| 603 | time_unit = enc[:2] |
| 604 | length = h2i(enc[2:4]) |
| 605 | if time_unit == '04': |
| 606 | return length * 10*24*60*60 |
| 607 | elif time_unit == '03': |
| 608 | return length * 24*60*60 |
| 609 | elif time_unit == '02': |
| 610 | return length * 60*60 |
| 611 | elif time_unit == '01': |
| 612 | return length * 60 |
| 613 | elif time_unit == '00': |
| 614 | return length |
| 615 | else: |
| 616 | raise ValueError('Time unit must be 0x00..0x04') |
| 617 | min_dur_enc = encode_duration(min_len_secs) |
| 618 | max_dur_enc = encode_duration(max_len_secs) |
| 619 | data, sw = self._tp.send_apdu_checksw( |
| 620 | '8076000004' + min_dur_enc + max_dur_enc) |
| 621 | negotiated_duration_secs = decode_duration(data[:4]) |
| 622 | resume_token = data[4:] |
| 623 | return (negotiated_duration_secs, resume_token, sw) |