catarrh/pysim
1
0
Fork 0
mirror of https://gitea.osmocom.org/sim-card/pysim.git synced 2026-03-16 18:38:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

global_platform/scp: mapdu may be undeclared

Browse Source 
when we sign and encrypt the APDU in _wrap_cmd_apdu (SCP03) we return an "mapdu"
at the end. However, in the (unlikely?) case where self.do_cencand
self.do_cmac are false, mapdu will be undeclared. In _wrap_cmd_apdu for SCP02
we just re-use the apdu variable and return it at the end, so when no
encryption and no signing is applied, the APDU falls just through without any
modifications. We should have the same mechanism for the SCP03 wrapping as
well.

Related: OS#6367

Change-Id: Ic7089a69dffd7313572c5b3e5953200be5925766
This commit is contained in:
Philipp Maier
2024-11-01 11:28:43 +01:00
parent 59593e0f28
commit f4c156ae57
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
pySim/global_platform/scp.py
View File

@@ -508,11 +508,11 @@ class SCP03(SCP):
# channel number shall be set to zero, bit 4 shall be set to 0 and bit 3 shall be set to 1 to indicate # channel number shall be set to zero, bit 4 shall be set to 0 and bit 3 shall be set to 1 to indicate
# GlobalPlatform proprietary secure messaging. # GlobalPlatform proprietary secure messaging.
mcla = (cla & 0xF0) | CLA_SM mcla = (cla & 0xF0) | CLA_SM
mapdu = bytes([mcla, ins, p1, p2, mlc]) + cmd_data apdu = bytes([mcla, ins, p1, p2, mlc]) + cmd_data
cmac = self.sk.calc_cmac(mapdu) cmac = self.sk.calc_cmac(apdu)
mapdu += cmac[:self.s_mode] apdu += cmac[:self.s_mode]
return mapdu return apdu
def unwrap_rsp_apdu(self, sw: bytes, rsp_apdu: bytes) -> bytes: def unwrap_rsp_apdu(self, sw: bytes, rsp_apdu: bytes) -> bytes:
# No R-MAC shall be generated and no protection shall be applied to a response that includes an error # No R-MAC shall be generated and no protection shall be applied to a response that includes an error