def __init__(self, card):
TCOS_Security_Environment.__init__(self, card)
self.last_vanilla_c_apdu = None
# Set up a fake SE config to be able to reuse the TCOS code
self.set_key( 1, self.card.KSenc)
enc_config = "\x80\x01\x0d\x83\x01\x01\x85\x00"
self.set_key( 2, self.card.KSmac)
mac_config = "\x80\x01\x0d\x83\x01\x02\x85\x00"
self.set_config( tcos_card.SE_APDU, tcos_card.TEMPLATE_CCT, SE_Config(mac_config) )
self.set_config( tcos_card.SE_RAPDU, tcos_card.TEMPLATE_CCT, SE_Config(mac_config) )
self.set_config( tcos_card.SE_APDU, tcos_card.TEMPLATE_CT, SE_Config(enc_config) )
self.set_config( tcos_card.SE_RAPDU, tcos_card.TEMPLATE_CT, SE_Config(enc_config) )
def before_send(self, apdu):
self.last_vanilla_c_apdu = C_APDU(apdu)
if (apdu.cla & 0x80 != 0x80) and (apdu.CLA & 0x0C != 0x0C):
# Transform for SM
apdu.CLA = apdu.CLA | 0x0C
apdu_string = binascii.b2a_hex(apdu.render())
new_apdu = [apdu_string[:8]]
new_apdu.append("YY")
if apdu.case() in (3,4):
new_apdu.append("87[01")
new_apdu.append(binascii.b2a_hex(apdu.data))
new_apdu.append("]")
if apdu.case() in (2,4):
if apdu.Le == 0:
apdu.Le = 0xe7 # FIXME: Probably not the right way
new_apdu.append("97(%02x)" % apdu.Le)
new_apdu.append("8E()00")
new_apdu_string = "".join(new_apdu)
apdu = C_APDU.parse_fancy(new_apdu_string)
return TCOS_Security_Environment.before_send(self, apdu)
def before_send(self, apdu):
self.last_vanilla_c_apdu = C_APDU(apdu)
if (apdu.cla & 0x80 != 0x80) and (apdu.CLA & 0x0C != 0x0C):
# Transform for SM
apdu.CLA = apdu.CLA | 0x0C
apdu_string = binascii.b2a_hex(apdu.render())
new_apdu = [apdu_string[:8]]
new_apdu.append("YY")
if apdu.case() in (3, 4):
new_apdu.append("87[01")
new_apdu.append(binascii.b2a_hex(apdu.data))
new_apdu.append("]")
if apdu.case() in (2, 4):
if apdu.Le == 0:
apdu.Le = 0xdf # FIXME: Probably not the right way
new_apdu.append("97(%02x)" % apdu.Le)
new_apdu.append("8E()00")
new_apdu_string = "".join(new_apdu)
apdu = C_APDU.parse_fancy(new_apdu_string)
return TCOS_Security_Environment.before_send(self, apdu)
def __init__(self, card):
TCOS_Security_Environment.__init__(self, card)
self.last_vanilla_c_apdu = None
# Set up a fake SE config to be able to reuse the TCOS code
self.set_key(1, self.card.KSenc)
enc_config = "\x80\x01\x0d\x83\x01\x01\x85\x00"
self.set_key(2, self.card.KSmac)
mac_config = "\x80\x01\x0d\x83\x01\x02\x85\x00"
self.set_config(tcos_card.SE_APDU, tcos_card.TEMPLATE_CCT,
SE_Config(mac_config))
self.set_config(tcos_card.SE_RAPDU, tcos_card.TEMPLATE_CCT,
SE_Config(mac_config))
self.set_config(tcos_card.SE_APDU, tcos_card.TEMPLATE_CT,
SE_Config(enc_config))
self.set_config(tcos_card.SE_RAPDU, tcos_card.TEMPLATE_CT,
SE_Config(enc_config))
def after_send(self, result):
if (self.last_vanilla_c_apdu.cla & 0x80 != 0x80) and (self.last_vanilla_c_apdu.CLA & 0x0C != 0x0C):
# Inject fake response descriptor so that TCOS_Security_Environment.after_send sees the need to authenticate/decrypt
response_descriptor = "\x99\x00\x8e\x00"
if self.last_vanilla_c_apdu.case() in (2,4):
response_descriptor = "\x87\x00" + response_descriptor
response_descriptor = "\xba" + chr(len(response_descriptor)) + response_descriptor
self.last_c_apdu.data = self.last_c_apdu.data + response_descriptor
return TCOS_Security_Environment.after_send(self, result)
def after_send(self, result):
if (self.last_vanilla_c_apdu.cla & 0x80 !=
0x80) and (self.last_vanilla_c_apdu.CLA & 0x0C != 0x0C):
# Inject fake response descriptor so that TCOS_Security_Environment.after_send sees the need to authenticate/decrypt
response_descriptor = "\x99\x00\x8e\x00"
if self.last_vanilla_c_apdu.case() in (2, 4):
response_descriptor = "\x87\x00" + response_descriptor
response_descriptor = "\xba" + chr(
len(response_descriptor)) + response_descriptor
self.last_c_apdu.data = self.last_c_apdu.data + response_descriptor
return TCOS_Security_Environment.after_send(self, result)
