[XS] Change in pysim[master]: global_platform: Add KCV computation for TLS-PSK keys

Thu, 25 Dec 2025 23:39:28 -0800 

laforge has uploaded this change for review. ( 
https://gerrit.osmocom.org/c/pysim/+/41765?usp=email )


Change subject: global_platform: Add KCV computation for TLS-PSK keys
......................................................................

global_platform: Add KCV computation for TLS-PSK keys

This adds support for computing the KCV (key check value) for TLS-PSK
keys such as those used in SCP81.

The spec reference is "Remote Application Management over HTTP
Card Specification v2.2 - Amendment B Version 1.1.3"

Change-Id: I8c56ba1341fd4615f8a9ed0c13f25790639f9098
---
M pySim/global_platform/__init__.py
1 file changed, 9 insertions(+), 0 deletions(-)



  git pull ssh://gerrit.osmocom.org:29418/pysim refs/changes/65/41765/1

diff --git a/pySim/global_platform/__init__.py 
b/pySim/global_platform/__init__.py
index 8a99677..a1f4824 100644
--- a/pySim/global_platform/__init__.py
+++ b/pySim/global_platform/__init__.py
@@ -18,6 +18,7 @@
 """

 import io
+import hashlib
 from copy import deepcopy
 from typing import Optional, List, Dict, Tuple
 from construct import Optional as COptional
@@ -1051,10 +1052,18 @@
     cipher = AES.new(key, AES.MODE_ECB)
     return cipher.encrypt(plaintext)

+def compute_kcv_sha1(key:bytes) -> bytes:
+    # GPC 2.2 B RAM over HTTP Section 3.8: A key check value shall be computed 
as the three most
+    # significant bytes of the SHA-1 digest of the PSK TLS Key
+    m = hashlib.sha1()
+    m.update(key)
+    return m.digest()[:3]
+
 # dict is keyed by the string name of the KeyType enum above in this file
 KCV_CALCULATOR = {
         'aes': compute_kcv_aes,
         'des': compute_kcv_des,
+        'tls_psk': compute_kcv_sha1,
     }

 def compute_kcv(key_type: str, key: bytes) -> Optional[bytes]:

--
To view, visit https://gerrit.osmocom.org/c/pysim/+/41765?usp=email
To unsubscribe, or for help writing mail filters, visit 
https://gerrit.osmocom.org/settings?usp=email

Gerrit-MessageType: newchange
Gerrit-Project: pysim
Gerrit-Branch: master
Gerrit-Change-Id: I8c56ba1341fd4615f8a9ed0c13f25790639f9098
Gerrit-Change-Number: 41765
Gerrit-PatchSet: 1
Gerrit-Owner: laforge <[email protected]>

Reply via email to