From d7b90f8db769a8ffd13b42d60f2d3d3aefe175c6 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Thu, 17 Aug 2017 14:36:19 +0200 Subject: [PATCH] implement resetting of SQN parameters --- sysmo-usim-tool.sjs1.py | 14 ++++++++-- sysmo_usimsjs1.py | 58 +++++++++++++++++++++++++++++++++++++++-- utils.py | 7 +++++ 3 files changed, 75 insertions(+), 4 deletions(-) diff --git a/sysmo-usim-tool.sjs1.py b/sysmo-usim-tool.sjs1.py index 5e81264..8bdce9a 100755 --- a/sysmo-usim-tool.sjs1.py +++ b/sysmo-usim-tool.sjs1.py @@ -52,6 +52,7 @@ def helptext(): print " -k, --ki ....................... Show KI value" print " -K, --set-ki ................... Set KI value" print " -s --seq-parameters ........... Show MILENAGE SEQ/SQN parameters" + print " -S --reset-seq-parameters...... Reset MILENAGE SEQ/SQN parameters to default" print "" @@ -74,16 +75,17 @@ def main(argv): getopt_force = False getopt_write_iccid = None getopt_seq_par = False + getopt_reset_seq_par = False # Analyze commandline options try: opts, args = getopt.getopt(argv, - "hva:ucmtT:lL:oO:C:kK:fiI:s", + "hva:ucmtT:lL:oO:C:kK:fiI:sS", ["help","verbose","adm1=","usim","classic", "mode","auth","set-auth=","milenage", "set-milenage","opc","set-op=","set-opc=", "ki","set-ki=","force","iccid","set-iccid=", - "seq-parameters"]) + "seq-parameters", "reset-seq-parameters"]) except getopt.GetoptError: print " * Error: Invalid commandline options" sys.exit(2) @@ -126,6 +128,8 @@ def main(argv): getopt_write_iccid = asciihex_to_list(pad_asciihex(arg)) elif opt in ("-s", "--sqe-parameters"): getopt_seq_par = True + elif opt in ("-S", "--reset-sqe-parameters"): + getopt_reset_seq_par = True if not getopt_adm1: @@ -222,6 +226,12 @@ def main(argv): sysmo_usim_write_iccid(sim, getopt_write_iccid) print("") + if getopt_reset_seq_par: + print "Resetting MILENAGE Sequence Parameters..." + sysmo_usim_reset_milenage_sqn_params(sim) + print("") + + print "Done!" diff --git a/sysmo_usimsjs1.py b/sysmo_usimsjs1.py index 23c3824..1d2a737 100644 --- a/sysmo_usimsjs1.py +++ b/sysmo_usimsjs1.py @@ -139,10 +139,10 @@ class SYSMO_USIMSJS1_FILE_EF_SQNC: # Default parameters ind_size_bits = 5 sqn_check_enabled = True - sqn_age_limit_enabled = True + sqn_age_limit_enabled = False sqn_max_delta_enabled = True sqnms_offset = 0 - max_delta = 0; + max_delta = 2**28 << ind_size_bits age_limit = 2**28 << ind_size_bits def __init__(self, content = None): @@ -171,11 +171,28 @@ class SYSMO_USIMSJS1_FILE_EF_SQNC: dump += "%sAge Limit: %u\n" % (pfx, self.age_limit) return dump + def encode(self): + out = list(range(0, 3)) + out[0] = self.ind_size_bits & 0x0f + if self.sqn_check_enabled: + out[0] |= 0x10 + if self.sqn_age_limit_enabled: + out[0] |= 0x20 + if self.sqn_max_delta_enabled: + out[0] |= 0x40 + out[1] = (self.sqnms_offset*6) & 0xff + out[2] = (self.sqnms_offset*6) >> 8 + out += int_to_list(self.max_delta, 6) + out += int_to_list(self.age_limit, 6) + return out + class SYSMO_USIMSJS1_FILE_EF_SQNA: seq_array = [] def __init__(self, content, ind = 5): if content == None: + for i in range(0, 2**ind): + self.seq_array.append(0) return if len(content) != 6*(2**ind): raise ValueError("unexpected length of %u bytes", len(content)) @@ -191,6 +208,12 @@ class SYSMO_USIMSJS1_FILE_EF_SQNA: dump += "%sSEQ[%03d]: %u\n" % (pfx, i, self.seq_array[i]) return dump + def encode(self): + out = [] + for i in self.seq_array: + out += int_to_list(i, 6) + return out + # Initalize card (select master file) def sysmo_usim_init(sim): @@ -309,6 +332,21 @@ def sysmo_usim_get_auth_counter(sim): else: return ctr +def sysmo_usim_set_auth_counter(sim, ctr): + if ctr == "LOCKED": + ctr = 0 + elif ctr == "DISABLED": + ctr = 0xFFFFFFFF + data = int_to_list(ctr, 4) + sim.select(SYSMO_USIMSJS1_EF_AC) + res = sim.update_binary(data, offset=0) + if ctr == 0: + return "LOCKED" + elif ctr == 0xFFFFFFFF: + return "DISABLED" + else: + return ctr + def sysmo_usim_read_milenage_sqn_params(sim): sysmo_usim_init(sim) @@ -331,6 +369,22 @@ def sysmo_usim_read_milenage_sqn_params(sim): auth_ctr = sysmo_usim_get_auth_counter(sim) print "* Authentication Counter: %s\n" % auth_ctr +def sysmo_usim_reset_milenage_sqn_params(sim): + sysmo_usim_init(sim) + + print "* Resetting SQN Configuration to defaults..." + + sim.card.SELECT_ADF_USIM() + ef_sqnc = SYSMO_USIMSJS1_FILE_EF_SQNC(None) + sim.select(SYSMO_USIMSJS1_EF_SQNC) + res = sim.update_binary(ef_sqnc.encode()) + + ef_sqna = SYSMO_USIMSJS1_FILE_EF_SQNA(None, ef_sqnc.ind_size_bits) + sim.select(SYSMO_USIMSJS1_EF_SQNA) + res = sim.update_binary(ef_sqna.encode()) + + sysmo_usim_set_auth_counter(sim, "DISABLED") + # Show current milenage parameters def sysmo_usim_show_milenage_params(sim): sysmo_usim_init(sim) diff --git a/utils.py b/utils.py index c2d76f1..b7777e0 100644 --- a/utils.py +++ b/utils.py @@ -69,3 +69,10 @@ def swap_nibbles(array): # Convert from list of bytes to big-endian integer def list_to_int(arr): return int(hexdump(arr), 16) + +def int_to_list(inp, num_bytes): + out = [] + for i in range(0, num_bytes): + shift_bits = ((num_bytes-1-i) * 8) + out.append((inp >> shift_bits) & 0xFF) + return out