From e1c0b626d81a17b6b1cc8d7e08e97ebe2d70c8a2 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Tue, 6 Feb 2024 20:35:33 +0100 Subject: [PATCH] global_platform: Add --suppress-key-check option to put_key command In some cases we may not want to auto-generate the Key Check Values. Change-Id: I244b717b3e3aae6eb3ad512f9e23ff0b65958bb7 --- pySim/global_platform/__init__.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pySim/global_platform/__init__.py b/pySim/global_platform/__init__.py index ca99f5ff..4d553a7b 100644 --- a/pySim/global_platform/__init__.py +++ b/pySim/global_platform/__init__.py @@ -515,12 +515,17 @@ class ADF_SD(CardADF): put_key_parser.add_argument('--key-type', choices=KeyType.ksymapping.values(), action='append', required=True, help='Key Type') put_key_parser.add_argument('--key-data', type=is_hexstr, action='append', required=True, help='Key Data Block') put_key_parser.add_argument('--key-check', type=is_hexstr, action='append', help='Key Check Value') + put_key_parser.add_argument('--suppress-key-check', action='store_true', help='Suppress generation of Key Check Values') @cmd2.with_argparser(put_key_parser) def do_put_key(self, opts): """Perform the GlobalPlatform PUT KEY command in order to store a new key on the card. See GlobalPlatform CardSpecification v2.3 Section 11.8 for details. + The KCV (Key Check Values) can either be explicitly specified using `--key-check`, or will + otherwise be automatically generated for DES and AES keys. You can suppress the latter using + `--suppress-key-check`. + Example (SCP80 KIC/KID/KIK): put_key --key-version-nr 1 --key-id 0x01 --key-type aes --key-data 000102030405060708090a0b0c0d0e0f --key-type aes --key-data 101112131415161718191a1b1c1d1e1f @@ -537,6 +542,8 @@ class ADF_SD(CardADF): for i in range(0, len(opts.key_type)): if opts.key_check and len(opts.key_check) > i: kcv = opts.key_check[i] + elif opts.suppress_key_check: + kcv = '' else: kcv_bin = compute_kcv(opts.key_type[i], h2b(opts.key_data[i])) or b'' kcv = b2h(kcv_bin)