fasferraz / SWu-IKEv2

IKEv2/IPSec SWu Client Dialer
GNU General Public License v3.0
43 stars 20 forks source link

hard-coded AID of USIM application #5

Open laf0rge opened 3 years ago

laf0rge commented 3 years ago

Right now the selection of ADF.USIM is done via a hard-coded 00A4040010A0000000871002FFFFFFFF8903050001 which may work on one specific SIM [model/version] but is not generally portable.

The correct procedure is to read EF.DIR, do a prefix match for the intended AID and then select the full AID as per the matching record in EF.DIR

Furthermore, for a IMS capable SIM card that has ADF.ISIM present, the application selected s hould be ADF.ISIM. This is due to the fact that the ISIM application may actually contain different key material from he USIM application.

So the correct procedure would be (using the above prefix AID matching) to

The above is at least true for the authentication towards the P-CSCF. I'm not 100% sure if ePDG should use ADF.USIM or ADF.ISIM.

The actual AUTHENTICATE APDU is then identical for both ISIM and USIM application.

In any case, even ignoring the ISIM/USIM question, the prefix match to EF.DIR must be used as the suffix of the AID is highly dependent on the SIM card / os version or even SIM profile.

laf0rge commented 3 years ago

One option to get all of this required functionality would be to add a dependency to the Osmocom 'pysim' python module. It even already supports [and abstracts] different transports such as PC/SC, serial card reader, AT-command modem and some others.

This would avoid having to re-implement all of this again. But at the cost of an external dependency. What would you prefer?

fasferraz commented 3 years ago

I come across those problems when i started testing free5gc with a blank USIM I bought in aliexpress. In my other tool compatible with N3IWF and also ePDG https://github.com/fasferraz/NWu-Non3GPP-5GC i replaced those problematic functions with this module from https://github.com/mitshell/card:

from card.USIM import *

and these new functions:

reader functions - more generic using card module

def read_imsi_2(reader_index): #prepared for AUTS a = USIM(int(reader_index)) print(a.get_imsi()) return a.get_imsi()

def read_res_ck_ik_2(reader_index,rand,autn): a = USIM(int(reader_index)) x = a.authenticate(RAND=toBytes(rand), AUTN=toBytes(autn)) if len(x) == 1: #AUTS goes in RES position return toHexString(x[0]).replace(" ", ""), None, None elif len(x) > 2: return toHexString(x[0]).replace(" ", ""),toHexString(x[1]).replace(" ", ""),toHexString(x[2]).replace(" ", "") else: return None, None, None

i can import those functions to this repository, but then i will need an extra module.

laf0rge commented 3 years ago

unrelated note: I am happy to send you some free samples of sysmoISIM-SJA2 in case you're interested. Please send your address details by e-mail in that case.

on-topic: for sure mitshell/card also work, it doesn't have to be pysim.

laf0rge commented 3 years ago

I think it may be best to simply always use the http/REST server for USIM access, which cleanly separates the smart card related bits from the core SWu IPsec client.