From fe28a1d87d52920d01168d961009201a2b4647d6 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Sun, 2 Jun 2024 16:24:27 +0200 Subject: [PATCH] esim.bsp: Fix a bug in demac_only_one() When de-MAC-ing at the recipient side, we must increment the cipher(!) block number even if no ciphering is done at all. We did this correctly for MAC (sender) case, but not on the de-MAC (receiver) case. Change-Id: I97993f9e8357b36401d435aaa15558d1c7e411eb --- pySim/esim/bsp.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pySim/esim/bsp.py b/pySim/esim/bsp.py index 2afbd462..81fe0924 100644 --- a/pySim/esim/bsp.py +++ b/pySim/esim/bsp.py @@ -287,6 +287,8 @@ class BspInstance: def demac_only_one(self, ciphertext: bytes) -> bytes: payload = self.m_algo.verify(ciphertext) _tdict, _l, val, _remain = bertlv_parse_one(payload) + # The data block counter for ICV caluclation is incremented also for each segment with C-MAC only. + self.c_algo.block_nr += 1 return val def demac_only(self, ciphertext_list: List[bytes]) -> bytes: