Project

General

Profile

Actions

Bug #4741

closed

TPDU failure when reading a single byte

Added by laforge over 3 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Urgent
Assignee:
Target version:
-
Start date:
09/02/2020
Due date:
% Done:

80%

Spec Reference:

Description

I'm observing the following odd behavior when using osmo-ccid-firmware on a sysmoOCTSIM:

  • reading two bytes from a (>=2 byte large) transparent file works
  • reading a single byte from a (>=1 byte large) transparent file fails

see the successful case:

(ISO 7816-4) > 00a4000c027f20
--------------------------------------------------------------------------------
Beginning transaction 0
>> 0000:  00 a4 00 0c 02 7f 20                              ......          
<< 0000:  90 00                                             ..              
Ending transaction 0
--------------------------------------------------------------------------------

Normal execution (SW 9000), 0.163s
(ISO 7816-4) > 00a40004026f07
--------------------------------------------------------------------------------
Beginning transaction 1
>> 0000:  00 a4 00 04 02 6f 07                              .....o.         
<< 0000:  61 24                                             a$              
>> 0000:  00 c0 00 00 24                                    ....$           
<< 0000:  62 22 82 02 41 21 83 02 6f 07 a5 0a c0 01 00 cd   b"..A!..o.......
   0010:  02 ff 01 ca 01 84 8a 01 05 8b 03 6f 06 03 80 02   ...........o....
   0020:  00 09 88 00 90 00                                 ......          
Ending transaction 1
--------------------------------------------------------------------------------

0000:  62 22 82 02 41 21 83 02 6f 07 a5 0a c0 01 00 cd   b"..A!..o.......
0010:  02 ff 01 ca 01 84 8a 01 05 8b 03 6f 06 03 80 02   ...........o....
0020:  00 09 88 00                                       ....            
Normal execution (SW 9000), 0.0475s
(ISO 7816-4) > 00b0000002
--------------------------------------------------------------------------------
Beginning transaction 2
>> 0000:  00 b0 00 00 02                                    .....           
<< 0000:  08 99 90 00                                       ....            
Ending transaction 2
--------------------------------------------------------------------------------

0000:  08 99                                             ..              
Normal execution (SW 9000), 0.0297s

failing case:

(ISO 7816-4) > 00b0000001
--------------------------------------------------------------------------------
Beginning transaction 3
>> 0000:  00 b0 00 00 01                                    .....           
<class 'smartcard.Exceptions.CardConnectionException'>: Failed to transmit with protocol T0. Transaction failed.

If I look at the USB (pcap attached), we see
  • PC_to_Reader_XferBlock (00b0000001)
  • Reader_to_PC_DataBlock (Status=Failed, Error=254)
Actions #1

Updated by laforge over 3 years ago

  • Status changed from New to In Progress
  • % Done changed from 0 to 10

the problem has originally been observed within a osmo-remsim setup, but it can be reproduced manually very easily (see the above example using cyberflex-shell)

After some debugging, I think I found the cause in the TPDU FSM.

  • tpdu_s_procedure_action()
    • sets the Rx Threshold to the number of pending bytes (1)
    • changes to TPDU_S_RX_REMAINING state
  • tpdu_s_rx_remaining_action()
    • expects only ISO7816_E_RX_COMPL
    • but actually receives ISO7816_E_RX_SINGLE if there was just a single byte expected

This is a result of the way how the CUART driver works.

  • if the threshold is > 1, it collects the number of required characters and then issues ISO7816_E_RX_COMPL
  • if the threshold is == 1, it issues ISO7816_E_RX_SINGLE for every character, and no ISO7816_E_RX_COMPL
Actions #2

Updated by laforge over 3 years ago

  • % Done changed from 10 to 80

Fix is in https://gerrit.osmocom.org/c/osmo-ccid-firmware/+/19947 - it works at least in my manual tests. End-to-end test with osmo-remsim still pending.

Actions #3

Updated by laforge over 3 years ago

  • Status changed from In Progress to Resolved

fix merged

Actions

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)