def testcase_ISO7816_4ErrorChecker(self):
"""Test ISO7816_4ErrorChecker."""
ecs = ISO7816_4ErrorChecker()
tiso7816_4SW = {
0x62: (smartcard.sw.SWExceptions.WarningProcessingException,
[0x00, 0x81, 0x82, 0x83, 0x84, 0xff]),
0x63: (smartcard.sw.SWExceptions.WarningProcessingException,
[0x00, 0x81] + range(0xc0, 0xcf + 1)),
0x64: (smartcard.sw.SWExceptions.ExecutionErrorException, [0x00]),
0x67: (smartcard.sw.SWExceptions.CheckingErrorException, [0x00]),
0x68:
(smartcard.sw.SWExceptions.CheckingErrorException, [0x81, 0x82]),
0x69: (smartcard.sw.SWExceptions.CheckingErrorException,
range(0x81, 0x88 + 1)),
0x6A: (smartcard.sw.SWExceptions.CheckingErrorException,
range(0x80, 0x88 + 1)),
0x6B: (smartcard.sw.SWExceptions.CheckingErrorException, [0x00]),
0x6D: (smartcard.sw.SWExceptions.CheckingErrorException, [0x00]),
0x6E: (smartcard.sw.SWExceptions.CheckingErrorException, [0x00]),
0x6F: (smartcard.sw.SWExceptions.CheckingErrorException, [0x00]),
}
for sw1 in range(0x00, 0xff + 1):
sw2range = []
if tiso7816_4SW.has_key(sw1):
exception, sw2range = tiso7816_4SW[sw1]
for sw2 in range(0x00, 0xff + 1):
if sw2 in sw2range:
self.assertRaises(exception, ecs, [], sw1, sw2)
else:
ecs([], sw1, sw2)
def __init__(self, transmitter='pcscd', timeout=0):
self.errorchecker = ISO7816_4ErrorChecker()
self.transmitter = transmitter
self.timeout = timeout
if transmitter == 'pcscd':
self.pcscd_prepare()
self.get_aid()
def __init__(self, reader=None):
self.version = None
self.serial = None
self.errorchecker = ISO7816_4ErrorChecker()
self.connect(reader)
self.get_aid()
self.user_unlocked = False
self.admin_unlocked = False
def testcase_Test_ISO78164_ErrorCheckingChain(self):
"""Test error chain with Test checker followed by ISO7816-4 checker."""
errorchain = []
errorchain = [ErrorCheckingChain(errorchain, TestErrorChecker()),
ErrorCheckingChain(errorchain, ISO7816_4ErrorChecker())]
# TestErrorChecker is answering first, i.e. CustomSWException
for sw2 in [0x00, 0x81] + list(range(0xc0, 0xcf + 1)):
self.assertRaises(CustomSWException, errorchain[0], [], 0x63, sw2)
def __init__(self,
clientkey_enc,
clientcert_enc,
clientkey_sig,
clientcert_sig,
tp_key,
tp_cert,
key_transport=False,
mutual_auth=True,
cert_verif=True,
debug=False,
chan=0,
vuln=True):
self.vuln = vuln
if chan > 3 or chan < 0:
raise ValueError("Logical channel number must be in [0, 3]")
self.cla = self.DEFAULT_CLA + chan
self.security_lvl = 0x42 # ANY_AUTHENTICATED + C_DECRYPTION
self.clientKey_enc = RsaKeyHolder(clientkey_enc)
self.clientCert_enc = CVCertificate(clientcert_enc)
self.clientKey_sig = RsaKeyHolder(clientkey_sig)
self.clientCert_sig = CVCertificate(clientcert_sig)
self.tp_key = RsaKeyHolder(tp_key)
self.tp_cert = CVCertificate(tp_cert)
self.cardKey_enc = None
self.cardCert_enc = None
self.cardKey_sig = None
self.cardCert_sig = None
self.key_transport = key_transport
self.mutual_auth = mutual_auth
self.cert_verif = cert_verif
self.session_keys = []
self.session_ivs = []
self.client_secret = []
self.card_secret = []
# Wait for any card to be put on a reader, and initiate a connection
card_type = AnyCardType()
card_request = CardRequest(timeout=None, cardType=card_type)
self.card = card_request.waitforcard()
self.card.connection.connect()
error_chain = []
error_chain = [
ErrorCheckingChain(error_chain, ISO7816_4ErrorChecker())
]
self.card.connection.setErrorCheckingChain(error_chain)
# Set an observer for debugging
if debug:
observer = SCP10Observer()
self.card.connection.addObserver(observer)
def connectReaderFromCardFun(envi, cardIndex=None):
"establish a link between the shell and a card"
if "connection" in envi and envi["connection"] != None:
print "there is already a connection to reader " + envi[
"connectedReader"]
return
if cardIndex == None:
indice = 0
if len(cardobserver.cardList) > 1:
Executer.printOnShell(
"Warning : the information comes from the first card available in the list, there are others cards"
)
else:
indice = cardIndex
if len(cardobserver.cardList) == 0:
Executer.printOnShell("there is no card available")
return
try:
card = cardobserver.cardList[indice]
except IndexError:
Executer.printOnShell("invalid indice")
return False
try:
envi["connection"] = card.createConnection(
) #create a connection on the reader
except Exception as e:
Executer.printOnShell(str(e))
return False
try:
envi["connection"].connect() #create a connection on the card
except Exception as e:
del envi["connection"]
Executer.printOnShell(str(e))
return False
card.connection = envi["connection"]
card.connection.card = card
envi["connectedReader"] = card.connection.getReader()
errorchain = []
errorchain = [
ErrorCheckingChain(errorchain, ISO7816_8ErrorChecker()),
ErrorCheckingChain(errorchain, ISO7816_9ErrorChecker()),
ErrorCheckingChain(errorchain, ISO7816_4ErrorChecker())
]
envi["connection"].setErrorCheckingChain(errorchain)
return True
def testcase_ISO78164_Test_ErrorCheckingChain(self):
"""Test error chain with ISO7816-4 checker followed by Test checker."""
errorchain = []
errorchain = [ErrorCheckingChain(errorchain, ISO7816_4ErrorChecker()),
ErrorCheckingChain(errorchain, TestErrorChecker())]
# ISO7816-4 is answering first on the next, i.e
# WarningProcessingException
for sw2 in [0x00, 0x81] + list(range(0xc0, 0xcf + 1)):
self.assertRaises(
smartcard.sw.SWExceptions.WarningProcessingException,
errorchain[0], [], 0x63, sw2)
def testcase_ErrorMessage(self):
"""Test correct exception error message."""
ecs = ISO7816_4ErrorChecker()
e = self.failUnlessRaises(
smartcard.sw.SWExceptions.CheckingErrorException, ecs, [], 0x69,
0x85)
self.assertEquals(
str(e),
"'Status word exception: checking error - " + \
"Conditions of use not satisfied!'")
e = self.failUnlessRaises(
smartcard.sw.SWExceptions.CheckingErrorException, ecs, [], 0x6b,
0x00)
self.assertEquals(
str(e), "'Status word exception: checking error - " + \
"Incorrect parameters P1-P2!'")
def __init__(self):
self.curreader = None
self.s = None
self.reset()
self.command_acc = "" # empty unterminated command
# error detection
errorchain = []
errorchain = [ErrorCheckingChain(errorchain, ISO7816_9ErrorChecker())]
errorchain = [ErrorCheckingChain(errorchain, ISO7816_8ErrorChecker())]
errorchain = [ErrorCheckingChain(errorchain, ISO7816_4ErrorChecker())]
self.errorchain = errorchain
# readline history
histfile = os.path.expanduser('~/.scriptim_history')
try:
init_history(histfile)
except NameError:
pass
def testcase_ISO78164_Test_ErrorCheckingChain_filtering(self):
"""Test error chain with ISO7816-4 checker followed by Test checker."""
errorchain = []
errorchain = [
ErrorCheckingChain(errorchain, ISO7816_8ErrorChecker()),
ErrorCheckingChain(errorchain, ISO7816_4ErrorChecker()),
ErrorCheckingChain(errorchain, ISO7816_4_SW1ErrorChecker())
]
# don't care about Warning Exceptions
errorchain[0].addFilterException(
smartcard.sw.SWExceptions.WarningProcessingException)
for sw2 in range(0x00, 0xff):
# should not raise
errorchain[0]([], 0x62, sw2)
errorchain[0]([], 0x63, sw2)
# should raise
self.assertRaises(
smartcard.sw.SWExceptions.ExecutionErrorException,
errorchain[0], [], 0x64, sw2)
def __init__(self, connection=None):
self.connection = connection
self.ef = None
self.ef_size = None
self.cached_efs = {}
self.start_time = time()
self.part_start_time = {}
if not self.connection:
r = get_first_reader()
self.connection = r.createConnection()
errorchain = []
errorchain = [ErrorCheckingChain(errorchain, ISO7816_9ErrorChecker())]
errorchain = [ErrorCheckingChain(errorchain, ISO7816_8ErrorChecker())]
errorchain = [ErrorCheckingChain(errorchain, ISO7816_4ErrorChecker())]
self.connection.setErrorCheckingChain(errorchain)
self.connection.addSWExceptionToFilter(WarningProcessingException)
# observer = ConsoleCardConnectionObserver()
# self.connection.addObserver(observer)
self.connection.connect()
from smartcard.sw.ISO7816_4ErrorChecker import ISO7816_4ErrorChecker
from smartcard.sw.ISO7816_8ErrorChecker import ISO7816_8ErrorChecker
from smartcard.sw.SWExceptions import SWException, WarningProcessingException
import hashlib
# request any card
cardtype = AnyCardType()
cardrequest = CardRequest(timeout=10, cardType=cardtype)
cardservice = cardrequest.waitforcard()
# our error checking chain
errorchain = []
errorchain = [
ErrorCheckingChain(errorchain, ISO7816_8ErrorChecker()),
ErrorCheckingChain(errorchain, ISO7816_4ErrorChecker())
]
cardservice.connection.setErrorCheckingChain(errorchain)
# a console tracer
observer = ConsoleCardConnectionObserver()
cardservice.connection.addObserver(observer)
# send a few apdus; exceptions will occur upon errors
cardservice.connection.connect()
def as_list(ba):
return [x for x in ba]
# this module is provided by the pyscard package
from smartcard.sw.ISO7816_4ErrorChecker import ISO7816_4ErrorChecker
from smartcard.System import readers
from binascii import hexlify
import math
errorchecker = ISO7816_4ErrorChecker()
def construct_APDU(cla, ins, p1, p2, data, le):
""" Constructs an APDU according to ISO 7816.
note that CLA is defined for 0x0X,
reserved for 0x10 to 0x7F
"""
lc = len(data)
if lc == 0:
lc_bytes = []
elif lc < 2**8:
lc_bytes = [lc]
else:
raise Exception("Nc cannot exceed 255 bytes.")
if le == 0:
le_bytes = []
elif le <= 2 ** 8:
le_bytes = [le % 2 ** 8] # mod such that le = 256 implies 0x00
else:
raise Exception("Ne cannot exceed 256 bytes.")
if type(data) is bytes:
data = list(data)
from smartcard.CardConnectionObserver import ConsoleCardConnectionObserver
from smartcard.sw.ISO7816_4ErrorChecker import ISO7816_4ErrorChecker
from Crypto.Hash import SHA256
from Crypto.PublicKey import RSA
from Crypto.Signature import pss
from Crypto.Math.Numbers import Integer
from Crypto.Util.number import bytes_to_long
JEDI_CA_PUBKEY_FINGERPRINT = b'\xe5\xe0\x95\xe6C\xb5h\x8b@\x0cu{LD\xef\xac\xc2\x93aH\xe5\xce\xbdlmA\x0fT\xf1H\x7fI'
AID = bytes.fromhex('f50111e9a15ec400')
ISC_MAGIC = bytes.fromhex('111e9a15ec')
_check_error = ISO7816_4ErrorChecker()
ISOCLA = 0x00
ISOINS_SELECT = 0xa4
ISOP1_SELECT_BY_DF_NAME = 0x04
ISOP2_FIRST_RECORD = 0x04
class ISCAuthProtocol(enum.IntEnum):
ps4 = 0x4
class ISCCLA(enum.IntEnum):
auth = 0x80
config = 0x90
# coding=utf-8
from smartcard.sw.ErrorCheckingChain import ErrorCheckingChain
from smartcard.sw.ISO7816_4ErrorChecker import ISO7816_4ErrorChecker
from smartcard.sw.ISO7816_8ErrorChecker import ISO7816_8ErrorChecker
from smartcard.sw.ISO7816_9ErrorChecker import ISO7816_9ErrorChecker
ErrorChainWrapper = []
ErrorChainWrapper = [
ErrorCheckingChain(ErrorChainWrapper, ISO7816_9ErrorChecker())
]
ErrorChainWrapper = [
ErrorCheckingChain(ErrorChainWrapper, ISO7816_8ErrorChecker())
]
ErrorChainWrapper = [
ErrorCheckingChain(ErrorChainWrapper, ISO7816_4ErrorChecker())
]