Gitiles
Code Review Sign In
gerrit.osmocom.org / simtrace2 / 158c1dd448958d3e2f9079094d9cf852e67cd37c / . / usb_application / mitm.py
blob: 0c9efd85d899d26a4587f911c661729ecd8bf16f [file] [log] [blame]
Christina Quast69d1f902015-04-03 11:41:23 +0200[diff] [blame]1import usb.core
2import usb.util
3
Christina Quast88c7fa12015-04-06 00:35:03 +0200[diff] [blame]4from ccid_raw import SmartcardConnection
Christina Quast158c1dd2015-04-17 20:19:29 +0200[diff] [blame^]5from smartcard_emulator import SmartCardEmulator
Christina Quast95270b12015-04-04 19:59:03 +0200[diff] [blame]6
Christina Quast88c7fa12015-04-06 00:35:03 +0200[diff] [blame]7from contextlib import closing
8
Christina Quastf2e53f02015-04-11 08:42:38 +0200[diff] [blame]9from util import HEX
Christina Quast9547e9f2015-04-14 22:18:30 +0200[diff] [blame]10from constants import *
Christina Quast53840612015-04-16 11:10:59 +0200[diff] [blame]11from apdu_split import Apdu_splitter, apdu_states
Christina Quast88c7fa12015-04-06 00:35:03 +0200[diff] [blame]12
Christina Quast69d1f902015-04-03 11:41:23 +0200[diff] [blame]13def find_dev():
14 dev = usb.core.find(idVendor=0x03eb, idProduct=0x6004)
15 if dev is None:
16 raise ValueError("Device not found")
17 else:
18 print("Found device")
19 return dev
20
Christina Quast88c7fa12015-04-06 00:35:03 +0200[diff] [blame]21def pattern_match(inpt):
22 print("Matching inpt", inpt)
Christina Quast94ddb912015-04-11 12:29:41 +0200[diff] [blame]23 if (inpt == ATR_SYSMOCOM1) or (inpt == ATR_STRANGE_SIM):
24 print("ATR: ", inpt)
Christina Quast88c7fa12015-04-06 00:35:03 +0200[diff] [blame]25 return NEW_ATR
26 elif (inpt == CMD_SEL_FILE):
Christina Quast94ddb912015-04-11 12:29:41 +0200[diff] [blame]27 print("CMD_SEL_FILE:", inpt)
28 return CMD_SEL_ROOT
29 elif (inpt == CMD_GET_DATA):
30 print("CMD_DATA:", inpt)
Christina Quast88c7fa12015-04-06 00:35:03 +0200[diff] [blame]31 return CMD_SEL_ROOT
32 else:
33 return inpt
Christina Quast69d1f902015-04-03 11:41:23 +0200[diff] [blame]34
Christina Quast88c7fa12015-04-06 00:35:03 +0200[diff] [blame]35def poll_ep(dev, ep):
36 try:
Christina Quast3a47a4f2015-04-11 18:16:14 +0200[diff] [blame]37 return dev.read(ep, 64, 10)
Christina Quast88c7fa12015-04-06 00:35:03 +0200[diff] [blame]38 except usb.core.USBError as e:
39 if e.errno != ERR_TIMEOUT:
40 raise
41 return None
Christina Quast69d1f902015-04-03 11:41:23 +0200[diff] [blame]42
Christina Quast88c7fa12015-04-06 00:35:03 +0200[diff] [blame]43def write_phone(dev, resp):
Christina Quastf2e53f02015-04-11 08:42:38 +0200[diff] [blame]44 print("WR: ", HEX(resp))
Christina Quast3a47a4f2015-04-11 18:16:14 +0200[diff] [blame]45 dev.write(PHONE_WR, resp, 10)
Christina Quast88c7fa12015-04-06 00:35:03 +0200[diff] [blame]46
Christina Quast158c1dd2015-04-17 20:19:29 +0200[diff] [blame^]47def do_mitm(sim_emul=True):
Christina Quast69d1f902015-04-03 11:41:23 +0200[diff] [blame]48 dev = find_dev()
Christina Quast158c1dd2015-04-17 20:19:29 +0200[diff] [blame^]49 if sim_emul == True:
50 my_class = SmartCardEmulator
51 else:
52 my_class = SmartcardConnection
53 with closing(my_class()) as sm_con:
Christina Quast6f664a32015-04-06 19:08:04 +0200[diff] [blame]54 atr = sm_con.getATR()
Christina Quast53840612015-04-16 11:10:59 +0200[diff] [blame]55
56 apdus = []
57 apdu = Apdu_splitter()
58
Christina Quast88c7fa12015-04-06 00:35:03 +0200[diff] [blame]59 while True:
60 cmd = poll_ep(dev, PHONE_INT)
61 if cmd is not None:
Christina Quastf2e53f02015-04-11 08:42:38 +0200[diff] [blame]62 print("Int line ", HEX(cmd))
Christina Quast88c7fa12015-04-06 00:35:03 +0200[diff] [blame]63 assert cmd[0] == ord('R')
Christina Quast6f664a32015-04-06 19:08:04 +0200[diff] [blame]64# FIXME: restart card anyways?
65# sm_con.reset_card()
Christina Quastf2e53f02015-04-11 08:42:38 +0200[diff] [blame]66 print("Write atr: ", HEX(atr))
Christina Quast6f664a32015-04-06 19:08:04 +0200[diff] [blame]67 write_phone(dev, atr)
Christina Quast69d1f902015-04-03 11:41:23 +0200[diff] [blame]68
Christina Quast88c7fa12015-04-06 00:35:03 +0200[diff] [blame]69 cmd = poll_ep(dev, PHONE_RD)
70 if cmd is not None:
Christina Quastf2e53f02015-04-11 08:42:38 +0200[diff] [blame]71 print("RD: ", HEX(cmd))
Christina Quast53840612015-04-16 11:10:59 +0200[diff] [blame]72 for c in cmd:
73 apdu.split(c)
74 if apdu.state == apdu_states.APDU_S_SW1:
75 if len(apdu.data) == 0:
76 # FIXME: implement other ACK types
77 write_phone(dev, apdu.ins)
78 apdu.split(apdu.ins)
79 else:
80 sim_data = sm_con.send_receive_cmd(apdu.buf)
81 write_phone(dev, sim_data)
82 for c in sim_data:
83 apdu.split(c)
84 elif apdu.state == apdu_states.APDU_S_FIN:
85 apdus.append(apdu)
86 apdu = Apdu_splitter()