Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge from GPContributors/master #5

Merged
merged 4 commits into from
Jul 13, 2017
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion pygp/connection/connection.py
Original file line number Diff line number Diff line change
Expand Up @@ -200,7 +200,8 @@ def send_apdu(bytelist_capdu):


# manage card response
if len(bytelist_rapdu) < capdu_Le:
# We have to check the length of data (ie without status)
if (len(bytelist_rapdu) - 2) < capdu_Le:
# return all the card response
return error_status, toHexString(bytelist_rapdu)
else:
Expand Down
37 changes: 18 additions & 19 deletions pygp/constants.py
Original file line number Diff line number Diff line change
Expand Up @@ -107,88 +107,87 @@
LIFE_CYCLE_SECURITY_DOMAIN_LOCKED = 'FF' #!< Application is locked.


# disposition parameter to terminate PCSC connection
SCARD_LEAVE_CARD = 0x00
SCARD_RESET_CARD = 0x01
SCARD_UNPOWER_CARD = 0x02


# Secure Channel Protocol '02': "i" = '44': Initiation mode explicit, C-MAC on modified APDU,
# ICV set to zero, no ICV encryption, 1 Secure Channel base key,
# well-known pseudo-random algorithm (card challenge),

SCP02_IMPL_i44 = '44'

# Secure Channel Protocol '02': "i" = '45': Initiation mode explicit, C-MAC on modified APDU,
# ICV set to zero, no ICV encryption, 3 Secure Channel Keys,
# well-known pseudo-random algorithm (card challenge),


SCP02_IMPL_i45 = '45'

# Secure Channel Protocol '02': "i" = '54': Initiation mode explicit, C-MAC on modified APDU,
# ICV set to zero, ICV encryption for C-MAC session, 1 Secure Channel base key,
# well-known pseudo-random algorithm (card challenge),

SCP02_IMPL_i54 = '54'

# Secure Channel Protocol '02': "i" = '55': Initiation mode explicit, C-MAC on modified APDU,
# ICV set to zero, ICV encryption for C-MAC session, 3 Secure Channel Keys,
# well-known pseudo-random algorithm (card challenge).

SCP02_IMPL_i55 = '55'

# Secure Channel Protocol '02': "i" '04': Initiation mode explicit, C-MAC on modified APDU,
# ICV set to zero, no ICV encryption, 1 Secure Channel base key, unspecified card challenge generation method

SCP02_IMPL_i04 = '04'

# Secure Channel Protocol '02': "i" '05': Initiation mode explicit, C-MAC on modified APDU,
# ICV set to zero, no ICV encryption, 3 Secure Channel Keys, unspecified card challenge generation method

SCP02_IMPL_i05 = '05'

# Secure Channel Protocol '02': "i" '0A': Initiation mode implicit, C-MAC on unmodified APDU,
# ICV set to MAC over AID, no ICV encryption, 1 Secure Channel base key

SCP02_IMPL_i0A = '0A'

# Secure Channel Protocol '02': "i" '0B': Initiation mode implicit, C-MAC on unmodified APDU,
# ICV set to MAC over AID, no ICV encryption, 3 Secure Channel Keys

SCP02_IMPL_i0B = '0B'

# Secure Channel Protocol '02': "i" '14': Initiation mode explicit, C-MAC on modified APDU,
# ICV set to zero, ICV encryption for CMAC session, 1 Secure Channel base key,
# unspecified card challenge generation method

SCP02_IMPL_i14 = '14'

# Secure Channel Protocol '02': "i" '15': Initiation mode explicit, C-MAC on modified APDU,
# ICV set to zero, ICV encryption for CMAC session, 3 Secure Channel Keys,
# unspecified card challenge generation method

SCP02_IMPL_i15 = '15'

# Secure Channel Protocol '02': "i" '1A': Initiation mode implicit, C-MAC on unmodified APDU,
# ICV set to MAC over AID, ICV encryption for C-MAC session, 1 Secure Channel base key

SCP02_IMPL_i1A = '1A'

# Secure Channel Protocol '02': "i" '1B': Initiation mode implicit, C-MAC on unmodified APDU,
# ICV set to MAC over AID, ICV encryption for C-MAC session, 3 Secure Channel Keys

SCP02_IMPL_i1B = '1B'

# Secure Channel Protocol '03': "i" '00': No R-MAC, no R-ENCRYPTION, no Pseudo-random cryptogram

SCP03_IMPL_i00 = '00'

#
# Secure Channel Protocol '03': "i" '10': Pseudo-random card challenge, no R-MAC support, no R-ENCRYPTION support.

SCP03_IMPL_i10 = '10'

#
# Secure Channel Protocol '03': "i" '30': Pseudo-random card challenge, R-MAC support, no R-ENCRYPTION support.

SCP03_IMPL_i30 = '30'

#
# Secure Channel Protocol '03': "i" '20': Random card challenge, R-MAC support, no R-ENCRYPTION support.

SCP03_IMPL_i20 = '20'

#
# Secure Channel Protocol '03': "i" '60': Random card challenge, R-MAC support, R-ENCRYPTION support.

SCP03_IMPL_i60 = '60'

#
# Secure Channel Protocol '03': "i" '70': Pseudo-random card challenge, R_MAC, support, R-ENCRYPTION support.

SCP03_IMPL_i70 = '70'


Expand Down
32 changes: 29 additions & 3 deletions pygp/pygp.py
Original file line number Diff line number Diff line change
Expand Up @@ -401,11 +401,14 @@ def close():
error_status['errorMessage'] = "A APDU command can't be recognized as a valid T=0 protocol Case 1-4 ISO7816-4 APDU"
}
'''

# do cold reset first
reset_card(SCARD_UNPOWER_CARD)

try:
gp.clear_securityInfo()
# first establish context
error_status = conn.release_context()

# release context
error_status = conn.release_context()
__handle_error_status__(error_status)

return error_status
Expand Down Expand Up @@ -501,6 +504,29 @@ def atr():
raise


def reset_card(disposition):
"""
terminates a connection.
:param int disposition: The parameter to determine warm(0x01) or cold(0x02) reset.
"""
try:
global readername

# perform a card disconnect
error_status = conn.card_disconnect(disposition)
__handle_error_status__(error_status)

if disposition == SCARD_RESET_CARD:
logger.log_error("Connection Closed (Warm reset)")
elif disposition == SCARD_UNPOWER_CARD:
logger.log_error("Connection Closed (Cold reset)")

return error_status
except BaseException as e:
logger.log_error(str(e))
raise


def select_isd(channel = 0):
"""
Select the Issuer Security Domain using select by default APDU command.
Expand Down