I'm trying to add a custom rfcomm service record into the database but it always comes back with error code -2008 ("Invalied service record data into SDP-DB(possibility to be broken").
I haven't had this problem with other API's such as widcomm, bluesoliel, MS-stack. Probably, there is some error in the definition of service attributes.
Code snippet:
http://dl.dropbox.com/u/3973099/code.txt
Any help appreciated,
Nicholas
Change the first line from:
0x36, 0x00, 0x69,
to
0x36, 0x00, 0x66,
The length value there is wrong. :-)
(Or to
0x35, 0x66,
)
Also I would expect that adding the ServiceRecordHandle attribute is wrong as I would presume that the stack has to add that -- the user can't tell what handles are already in use.
Related
What is the preferred way to validate requested DICOM connection against a list of known hosts?
I can connect to the EVT_CONN_OPEN event. But in that, the event.assoc.requestor.info.ae_title element is always empty (b'').
I see from a TCP network analysis, that the name is transmitted. So, where is it?
What is the right way to validate the requesting host?
You could try using EVT_REQUESTED instead, it gets triggered after an association request is received/sent and the AE title information should be available at that point. Unfortunately EVT_CONN_OPEN is triggered on TCP connection which occurs prior to the association request.
If you don't like the host's details you can use the handler to send an association rejection message using event.assoc.acse.send_reject() or abort with event.assoc.abort().
If you're only interested in validating against the AE title you can use the AE.require_calling_aet property to restrict associations to those with matching AE titles.
For the benefit of anyone else looking this up, the correct stage to look this up is in the EVT_REQUESTED event. However you will likely find the details aren't filled in (they are populated AFTER the handler has been called).
So if you want to locate the callers AE in EVT_REQUESTED, you need to locate the A_ASSOCIATE primitive and read them from there. So for example in your handler you can do this to reject remotes:
def handle_request(event):
req_title = event.assoc.requestor.primitive.calling_ae_title.decode('ascii')
if req_title != 'MyAET':
event.assoc.acse.send_reject(0x01, 0x01, 0x03)
return
At least for 1.5.7.
Using sendmsg() it is possible to specify from which interface a datagram will be sent, if a value is set for in_pktinfo.ipi_ifindex.
If the packet is a response to a datagram received with recvmsg() I can get the interface value from there.
If I just know that the interface if 'eth0' or 'eno1', how can I look up the corresponding `in_pktinfo.ipi_ifindex' value?
Use if_nametoindex() to convert the interface name to an index.
if_indextoname() does the reverse.
I have to decrypt frame from ZCL (Zigbee Cluster Library) and to interpretate it. So I found on NPM the "zcl-packet" module, who seems to do it well.
But, i work with sensors who use the "ZCL syntax", but who create their own cluster, so i have things like 0x8002 or 0x8003, who are not defined by ZCl, so the module doesn"t work properly, and i'm not able to decrypt as well my packet.
Example of trame :
110a800200002b00000075
Flag(+en) : 0x11 (don't know if this is generic to ZCL)
CommandID : 0x0A
ClusterID : 0x8002
AttributeID : 0x0000
AttributeType : 0x2b (Int32_type)
Data : 0x00000075
So if i try to parse it using the module, i got error, because i doesn't found the clusterID (that's seems normal)
So do i have to redevelop all (data parsing, etc), or can i just find a way to deal with and create my own cluster_id and deal with this module depending on the command ID, like by inheritance ?
I already thought that changing Historical bytes is limited to Pre-Personalization step. But, I found a method named setATRHistBytes in the GlobalPlatform APIs today.
This is its description(GlobalPlatform 2.2 Page 172) :
setATRHistBytes
public static boolean setATRHistBytes(byte[] baBuffer, short sOffset, bytebLength)
For contact cards according to ISO/IEC 7816-4 and Type A contactless cards according to ISO/IEC 14443-3, this method sets the historical bytes. The sequence of bytes will be visible on a subsequent power-up or reset.
Notes:
• The OPEN locates the entry of the current applet context in the GlobalPlatform Registry and verifies that the Application has the Card Reset privilege for the current card I/O interface;
• The OPEN is responsible for synchronizing the length of historical bytes in Format Character T0 of the ATR.
Parameters:
baBuffer - the source byte array containing the historical bytes. Must be a global array.
sOffset - offset of the historical bytes within the source byte array.
bLength - the number of historical bytes.
Returns:
true if historical bytes set, false if the Application does not have the required privilege
Now I want to change the Historical Bytes of my card. So I wrote the below program and convert it to its cap file successfully :
... /imports
public class HistoricalBytesChanger extends Applet {
public static byte[] state = { (byte) 0, (byte) 0 };
public static byte[] HistByteArray = { (byte) 0x01, (byte) 0x02,
(byte) 0x03, (byte) 0x04, (byte) 0x05, (byte) 0x06, (byte) 0x07,
(byte) 0x08, (byte) 0x09, (byte) 0x0a };
public static void install(byte[] bArray, short bOffset, byte bLength) {
new HistoricalBytesChanger().register(bArray, (short) (bOffset + 1), bArray[bOffset]);
}
public void process(APDU apdu) {
if (selectingApplet()) {
return;
}
byte[] buf = apdu.getBuffer();
switch (buf[ISO7816.OFFSET_INS]) {
case (byte) 0x00:
GPSystem.setATRHistBytes(HistByteArray, (short) 0, (byte) 10);
HistByteArray[0] = (byte) (HistByteArray[0] + 1);
break;
default:
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
}
}
}
As you see above it is written in way that assign 0102030405060708090A to Historical Bytes on reception of any APDU command with INS=0X00.
The problem is I don't have any idea how to set Card Reset privilege to this applet. I know that I must specify the privilege in the installation step, but I don't know how! Normally I upload my applets using GlobalPlatformPro tool. In the parameters that it support I couldn't see any related parameter :
E:\GP> gp -h
Option Description
------ -----------
-V, --version Show information about the program
-a, --apdu Send raw APDU (hex)
--all Work with multiple readers
--applet <AID> Applet AID
--cap <File> Use a CAP file as source
--create <AID> Create new instance of an applet
-d, --debug Show PC/SC and APDU trace
--default Indicate Default Selected privilege
--delete [AID] Delete something
--deletedeps Also delete dependencies
--dump <File> Dump APDU communication to <File>
--emv Use EMV diversification
--enc <GPKeySet$GPKey> Specify ENC key
-h, --help Shows this help string
-i, --info Show information
--install [File] Install applet(s) from CAP
--instance <AID> Instance AID
--kek <GPKeySet$GPKey> Specify KEK key
--key <GPKeySet$GPKey> Specify master key
--keyid <Integer> Specify key ID
--keyver <Integer> Specify key version
-l, --list List the contents of the card
--load <File> Load a CAP file
--lock <GPKeySet> Set new key
--lock-applet <AID> Lock specified applet
--mac <GPKeySet$GPKey> Specify MAC key
--make-default <AID> Make AID the default
--mode <GlobalPlatform$APDUMode> APDU mode to use (mac/enc/clr)
--new-keyver <Integer> key version for the new key
--nofix Do not try to fix PCSC/Java/OS issues
--package <AID> Package AID
--params Installation parameters
-r, --reader Use specific reader
--reinstall Remove card content during installation
--relax Relaxed error checking
--replay <File> Replay APDU responses from <File>
-s, --secure-apdu Send raw APDU (hex) via SCP
--scp <Integer> Force the use of SCP0X
--sdaid <AID> ISD AID
--sdomain Indicate Security Domain privilege
--terminate Indicate Card Lock+Terminate privilege
--uninstall <File> Uninstall applet/package
--unlock Set default key
--unlock-applet <AID> Lock specified applet
-v, --verbose Be verbose about operations
--virgin Card has virgin keys
--visa2 Use VISA2 diversification
E:\GP>
Note that I installed the applet normally, but while it return 0x9000 in reception of that command, it can't change Historical Bytes and I need to set the Card Reset privilege to my applet :
OpenSC: osc -a
Using reader with a card: ACS CCID USB Reader 0
3b:68:00:00:00:73:c8:40:12:00:90:00
OpenSC: osc -s 00A4040006010203040101 -s 00000000
Using reader with a card: ACS CCID USB Reader 0
Sending: 00 A4 04 00 06 01 02 03 04 01 01
Received (SW1=0x90, SW2=0x00)
Sending: 00 00 00 00
Received (SW1=0x90, SW2=0x00)
OpenSC: osc -a
Using reader with a card: ACS CCID USB Reader 0
3b:68:00:00:00:73:c8:40:12:00:90:00
OpenSC:
Questions:
1- How can I change/set the privilege of my applet?
2- Why the card return 0x9000 on reception of 0x00 0x00 x00 0x00? (I expect it to return an exception, because it is mentioned in description of setATRHistBytes that this method returns false in cases that applet privilege is not Card Reset)
The reset privilege was known before as the default selected privilege. This means you can just use the --default switch for your card - the same bit it flipped in the INSTALL for INSTALL privilege bytes if you do that.
Sometimes a card expects a cold reset (i.e. removing the card from the field or terminal) before the change in ATR bytes is communicated. This can also be a reader problem - not all readers perform a reset when reconnected, or they may cache the ATR bytes.
To set card reset privilege to an applet you need to set bit3 of first privilege byte in Install and make selectable command of the applet. If the applet is only being installed and not made selectable with the same INSTALL command the Card Reset privilege cannot be set
Actually if the card is GP201/GP211 compliance then we refer Card Reset privilege as Default Selected privilege.
If Default Selected privilege is set in GP201/GP211 compliance card then it provides two functionalities to the applet as:
The applet can modify the historical bytes
The applet will be default selected applet on basic logical channel after cold reset.
If Card Reset privilege is set in GP22 or above version of compliance card then it provides following functionalities to the applet as:
The applet can modify the historical bytes
The applet can be implicit selectability on basic logical channel if it has not been awarded to another Application by setting implicit selectable parameters to tat applet.
I would like to detect if a botton is pushed on my SensorTag using the gatttool, but I'm not able to do that.
In http://processors.wiki.ti.com/index.php/SensorTag_User_Guide TI reports that in order to read the pressed buttons, you should:
1) Enable test mode by writing the value 0x80 to the AA62 (CONFIGURATION) attribute.
I did that with the command:
[CON][BC:6A:29:AE:CD:E5][LE]> char-write-req 0x67 80
[CON][BC:6A:29:AE:CD:E5][LE]> Characteristic value was written successfully
Now I should be in test mode, and:
2) Enable Simple keys notification
Looking at the http://processors.wiki.ti.com/index.php/File:BLE_SensorTag_GATT_Server.pdf
and at the bluepy lib it seems I've to write 0100 in 0x60 for doing that. But
[CON][BC:6A:29:AE:CD:E5][LE]> char-write-req 0x60 0100
[CON][BC:6A:29:AE:CD:E5][LE]> Characteristic Write Request failed: Attribute can't be written
I observed that 0x61 is writtable and accept the value 0100, but I'm still not able to
detect if a key is pressed.
Any suggestion?
That PDF document may be out of date... I just tried using gatttool on my SensorTag and got button notifications with the following command: char-write-req 0x6c 0100
I'd stick with just the TI wiki for the SensorTag as it's probably more likely to be kept up-to-date. The wiki says you only need to do that "test mode" step if you want to get notifications when the side button is pressed (because normally it just activates the advertising).
Also, you probably have to figure out what handle to use on your specific device as every firmware will cause the handles to move around. What shouldn't change between firmwares is the UUID. Try the primary and characteristics commands in gatttool to get the details of the services on the device.
My primary showed this:
attr handle: 0x005e, end grp handle: 0x0068 uuid: f000aa50-0451-4000-b000-000000000000
attr handle: 0x0069, end grp handle: 0x006d uuid: 0000ffe0-0000-1000-8000-00805f9b34fb
attr handle: 0x006e, end grp handle: 0x0074 uuid: f000aa60-0451-4000-b000-000000000000
ffe0 is the UUID of the simple key service (though the wiki says it's f000ffe0, it's not on mine). So, all the handles you want to look at are from 0x69 to 0x6d
char-read-uuid 0x2902 0x69 0x6d will show all CCC (Client Characteristic Configuration) in that range:
handle: 0x006c value: 01 00
Setting that handle to 0100 will turn on notifications for that service.