osmo-smdpp: Don't re-encode euiccSigned1/euiccSigned2

We used to re-encode those parts of a decoded ASN.1 struct that is cryptographically signed in the GSMA SGP.22 specification. However, if the received data follows a later spec and contains new/unknown records, then our poor-man's attempt at re-encoding will render a different binary, which in turn means the signature check will fail. Let's instead do a manual step-by-step raw decode of the DER TLV structure to extract the actual binary information of parts of ASN.1 objects. Change-Id: I4e31fd4b23ec3be15b9d07c2c30a3e31e22bdda1 Closes: OS#6473
2024-05-30 19:23:15 +02:00
parent 3dabbafdba
commit 56912caac7
2 changed files with 41 additions and 4 deletions
--- a/osmo-smdpp.py
+++ b/osmo-smdpp.py
@@ -292,8 +292,7 @@ class SmDppHttpServer:

        r_ok = authenticateServerResp[1]
        euiccSigned1 = r_ok['euiccSigned1']
-        # TODO: use original data, don't re-encode?
-        euiccSigned1_bin = rsp.asn1.encode('EuiccSigned1', euiccSigned1)
+        euiccSigned1_bin = rsp.extract_euiccSigned1(authenticateServerResp_bin)
        euiccSignature1_bin = r_ok['euiccSignature1']
        euiccCertificate_dec = r_ok['euiccCertificate']
        # TODO: use original data, don't re-encode?
@@ -422,8 +421,7 @@ class SmDppHttpServer:

        # Verify the euiccSignature2 computed over euiccSigned2 and smdpSignature2 using the PK.EUICC.SIG attached to the ongoing RSP session
        euiccSigned2 = r_ok['euiccSigned2']
-        # TODO: use original data, don't re-encode?
-        euiccSigned2_bin = rsp.asn1.encode('EUICCSigned2', euiccSigned2)
+        euiccSigned2_bin = rsp.extract_euiccSigned2(prepDownloadResp_bin)
        if not self._ecdsa_verify(ss.euicc_cert, r_ok['euiccSignature2'], euiccSigned2_bin + ss.smdpSignature2_do):
            raise ApiError('8.1', '6.1', 'eUICC signature is invalid')