def load_aids(self):
with cd(self.workdir):
read = self.aids.read("aids.ini")
if not read:
self.set_default_aids()
self.save_aids()
def _install(self, path: str, sdk_version: SDKVersion, *args, **kwargs):
# value is a path/string, that can include {version} for differentiating between
# different versions
if sdk_version is None:
self.sdk_version = self._determine_version()
else:
self.sdk_version = sdk_version
path = path.format(version=self.sdk_version.raw)
log.info("Attempt to install applet: %s", path)
with cd(self.workdir):
result = self.gp.install(path)
if result["returncode"] == 0:
uninstall_stage = {
"name": "uninstall",
"path": path,
"installed": True
}
else:
# when the installation is not successful we still want to add uninstall stage
# and mark it as skipped
uninstall_stage = {
"name": "uninstall",
"path": path,
"installed": False,
}
self.uninstall_stages.append(uninstall_stage)
return result
def _validate_workdir(self):
# TODO add to call pipeline
with cd(self.workdir):
if not os.path.exists("build.xml"):
log.error(
"Cannot find 'build.xml'. Have you set working directory correctly?"
)
def _generate_version(self, version=None):
r"""Generate the vulns.new.cap file for the given version"""
vulns_dir = os.path.realpath(
os.path.join(
self.workdir,
"build",
version.raw,
"com",
"se",
"vulns",
"javacard",
))
cap_file = os.path.realpath(os.path.join(vulns_dir, "vulns.cap"))
exp_file = os.path.realpath(os.path.join(vulns_dir, "vulns.exp"))
new_cap_file = os.path.realpath(
os.path.join(vulns_dir, "vulns.new.cap"))
# TODO this is probably not cross-platform, and other subprocess calls as well :/
with cd(ATTACKS / "_gen"):
cmd = [
"java",
"Gen",
cap_file,
exp_file,
new_cap_file,
# GENIDX,
self.config["BUILD"]["genidx"],
# GENARG,
self.config["BUILD"]["genarg"],
]
output = subprocess.check_output(cmd).decode("utf8")
def _uninstall(self, path: str, sdk_version: SDKVersion, *args, **kwargs):
# result = []
# setting SDKVersion is done in _install, that is kinda weird
path = path.format(version=self.sdk_version.raw)
# if self.installed_applets is not None:
# # attemp to uninstall the installed applets in reversed order
# while self.installed_applets:
# path = self.installed_applets.pop()
with cd(self.workdir):
result = self.gp.uninstall(path)
return result
def fuzz_version(self, version):
with cd(self.workdir):
# open the original non-malicious CAP file and fuzz it
orig_file = pathlib.Path(self.workdir / "build" / version.raw /
"orig.cap")
with open(orig_file, "rb") as f:
fuzzed = self.rad.fuzz(f.read(), seed=self.seed)
# save the fuzzed CAP to a new file
fuzzed_file = pathlib.Path(self.workdir / "build" / version.raw /
"fuzzed.cap")
with open(fuzzed_file, "wb") as f:
f.write(fuzzed)
def _ant(self, options=None):
# TODO add logging
# env_copy = os.environ.copy()
cmd = ["ant"]
if options is not None:
cmd.extend(options)
with cd(self.workdir):
proc = subprocess.run(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE,)
try:
proc.check_returncode()
# TODO should not print in case this is not called as
# command line application
log.info("The command '%s' was successful.", self.cmd.name)
except subprocess.CalledProcessError:
log.error("Command ended with non-zero error")
return proc
def get_jcversion(self) -> "JCVersion":
# TODO add better splitter, that handles spaces etc.
self.config = configparser.ConfigParser()
self.config.read(self.workdir / "config.ini")
with cd(self.workdir):
versions = self.config["BUILD"]["versions"].split(",")
versions = load_versions(versions)
for version in versions:
# FIXME setting versions like so is quite a weird thing
version = SDKVersion.from_str(version)
report = self.execute(sdk_version=version)
# FIXME after changing gppw the version cannot be read like this probably
if report[1]["success"]:
# TODO this is quite cumbersome
version_str = report[1]["communication"]["8004000002"][
"payload"]
return JCVersion.from_str(version_str)
return JCVersion.from_str("")
def save_aids(self):
with cd(self.workdir):
with open("aids.ini", "w") as aids_file:
self.aids.write(aids_file)
def _load_config(self):
config = AttackConfigParser(strict=False)
with cd(self.workdir):
config.read("config.ini")
self.config = config