This is the only way we can make sure pylint has all required
information about imports from packages we depend upon.
Change-Id: I29582aa3d7f9ace9ce832d5b907420aaf14881fb
When probing for cards, the probing might fail in case the terminal
is empty. This results into lengthy error log output that is not
of interest.
Related: OS#6532
Change-Id: I1d44f9458a05992d79b0152d3affcfeb783cccff
When the test detects a card, but does not find the .data faile for
it, then it fails. This can be a problem in case we want to intentionally
exclude a specific card model.
Related: OS#6532
Change-Id: Iba196ada0076385de7bffcb157a85fda0a6c1852
The test currently expects all reader slots to be populated. This means
the cards may plugged into a random order, but there may not be any empty
slots in the system at all. This requirement is easy to meet when each
card has its own single-slot USB PCSC-reader, but as soon as multislot
readers are used there may be some empty slots.
Related: OS#6532
Change-Id: I7ba1d1350b6998d65e90408184accdb212556a7c
The section Technical References has direct download links for the relevant specs.
Then later in th Key Provisioning section another download link follows and another
one is redundant. Let's put all download links into the Technical References section
and then only use the spec numbers in the following. This way we have all download
links in one location.
Related: OS#6531
Change-Id: Ibcbc6bb5d836d32c381922a35afa3b73b5f90621
We currently have the shell script that performs the test in the
tests directory and the related data in pysim-testdata directory.
This is confusing, let's have evrything in a dedicated sub directory
Change-Id: Ic995a7f600d164fc0be3c2eb8255dbe043429bea
Related: OS#6531
We currently have the test data for pySim-trace in pysim-testdata.
This means we mix the test data with the data from our original
pySim integration tests. This is very confusing. Let's put the
test data and the testcase for pySim-trace into a dedicated
sub directory.
Change-Id: I565b4268a05c1a1334b5e7d3fbcd9ef2ef0f0c4c
Related: OS#6531
We currently mix the unit-tests with the shell script based integration
tests. Let's put them into a dedicated sub directory.
Related: OS#6531
Change-Id: I0978c5353d0d479a050bbb6e7ae5a63db5e08d24
The first hnet_pubkey value with the identifier 27 seems to be incorrect.
It differs from the value suggested in 3GPP TS 31.121, section 4.9.4 and
also does not work with the on card SUCI calculation.
The tutorial also contains a reference to 3GPP TS 33.501, Annex C.4. This
spec specifies an ECIES Profile A and an ECIES Profile B. The tutorial
recommends to use a key from profile B, but it actually uses a key from
profile A.
Related: OS#6531
Change-Id: I6fddf8a6efc28ad0d40b1715973429904e00d2b2
When creating the DES cipher object with DES.new, we use the property
card_keys.dek. This property may hold a 16 byte key, but DES uses
an 8 byte key (56 bit + 8 bit integrity). Pycryptodome does not
automatically ignore excess key bytes. Instead it throws an
exception. This means we need to make sure to supply only the first
8 bytes of card_keys.dek
See also: https://pycryptodome.readthedocs.io/en/latest/src/cipher/des.html
Related: OS#6531
Change-Id: I92e0dc6a6196b532bd8b53fca7b9e78070d6903f
The send_apdu* methods now support lchan patching, so there is no longer
a need for computing the class byte manually (which is prone get forgotten)
before calling a send_apdu*. It is now enough to supply an APDU that has
a class byte with the default channel selected. This also means we do not
need cla4lchan anymore, so let's restruture the code and get rid of it
completely.
Related: OS#6531
Change-Id: Ia795f3c16a8875484fce3b44e61497d5aa52b447
The ara_m commands use APDUs with a fix class byte (0x80). This means
that all ARA-M related features only work in the basic logical channel.
To fix this, let's compute the class byte for the current logical channel
dynamically inside the send_apdu methods of SimCardCommands. This will
fix the problem globally.
Related: OS#6531
Change-Id: Ie3e48678f178a488bfaea6cc2b9a3e18145a8d10
The argument parser object for establish_scp03 (est_scp03_parser) is
copied from est_scp02_parser. This object still has the .description
property set, which is the description for establish_scp02. To get
the description string that is defined in do_establish_scp03, we must
remove the old description string first.
Related: OS#6531
Change-Id: Ibb26bddf88b2e644a7f0c6b2a06bde228aa8afc7
The basic logical channel 0 is always present. It cannot be created or
closed. Let's restrict the value range of chan_nr, so that only valid
lchan numbers can be passed.
Related: OS#6531
Change-Id: I4eebd9f15fadd18e1caeb033fda36c59446fcab8
When we define command arguments using the ArgumentParser, we sometimes
define the positional arguments first. However, since positional arguments
usually follow after the optional (--xyz) arguments, we should define the
positional arguments last.
Related: OS#6531
Change-Id: I2412eb6e7dc32ae95a575f31d4489ce210d85ea0
When working with BER-TLF files, we can only delete one tag at a time.
There is no way to delete all tags at once. This may make working with
BER-TLV files difficult, in particular when scripting is used and the
script needs to start with an empty file. Also export has problems,
since it does not reset the file before setting the new values there
may be unexpected results in case there still tags in the file that
are not set during import. To fill the gap, let's add a commandd that
deletes all tags in a BER-TLV EF at once.
Related: OS#6531
Change-Id: I5d6bcfe865df7cb8fa6dd0052cab3b364d929f94
The CardKeyProvider support for the commands enable_chv, disable_chv,
verify_chv, change_chv and unblock_chv is broken. The reason for this
is the annotation "type=is_decimal" in the argument parser. This annotation
prevents the usage of string placeholders ("PIN1", "PUK1", etc).
Let's fix this by finding a better solution. We can also replace any
missing PIN/PUK code by checking if it is supplied or not. If not,
we query the CardKeyProvider. This also makes the usage of the *_chv
commands more uniform with the verify_adm command.
Related: OS#6531
Change-Id: I565b56ac608e801c67ca53d337bdec9efa3f3817
The method get_file_by_name compares the selectable directly with the
given file name. This is not correct. The comparison should be with the
path element from the pathlist.
Related: OS#6092
Change-Id: Id2d0704678935d9b9e2f1aeb6eaccbff6fa9d429
************* Module pySim.esim.es2p
pySim/esim/es2p.py:107:19: E1101: Class 'datetime' has no 'toisoformat' member (no-member)
Change-Id: Ib762792d595048bf6d7d6f5acbe2715f137ae5bb
With this change, the ProfileElementSequence object will maintain a
representation of the filesystem hierarchy of the eSIM profile. Every
file that is added by a ProfileElement will add a FsNode into that tree,
and each FsNode will point to the File object for the respective file.
This allows us to find files by their path, as well as add files by
path.
Change-Id: I2caadc24b1087855f23f3c57cdf8dabbf81757c0
The self.files member is a dict. Hence we should use those dict
keys when [re]building the decoded dict. The previous code ignored
it and re-constructed the key from File.pe_name - but that's not
always identical.
Change-Id: I0e6c97721fb1cfc6b5c21595d85bd374d485b573
Store a back-reference to the PE-Sequence in the PE object; this is
neccessary for some upcoming patches, e.g. to determine the position in
the sequence, access the global filesystem hierarchy, etc.
Change-Id: I24b692e47e4dd0afb5a17b04d5e0251dded3d611
Having AKA specific code in the generic ProfileElement base class dated
back to when we didn't have a ProfileElementAKA subclass.
Change-Id: Icd332183758b8ef20a77507b728f5e455698def0
When populating a File from a FileTemplate, let's make sure we
* correctly treat the maximum file size for BER-TLV files
* respect the default value pattern / repeat pattern
* respect the high_update flag.
Change-Id: I3ba092e0893f53a18264dff5fa37b12ccd9bd47e
So far the prefix_match() required a string argument; let's also
permit another OID object to be passed; we internally convert that
to string.
Change-Id: I0feb7782d1813cc46ec78f170eb0fce804aebe3a
we so far supported construction of the Path object from a string or
a list of strings. Let's also add the option of constructing it from a
path consisting of a list of integer FID values.
Change-Id: Ia7e9375b3258d1fbfdc892cefba3e3bbe841c550
before this change, structure == 'ber_tlv' was missing the
file_type == working_ef attribute. So for linear_fixed, transparent
and cyclic, the file_type attribute was present, but for ber_tlv it was
missing. This is illogical from a user point of vie and makes downstream code
potentially more complex, as it cannot match on working_ef for all EF
types.
Change-Id: If0076cc6dd35a818c08309885f6ef1c1704052c6
The SAIP specification is very weird in a way that it treats the DF and
EF descriptions as some kind of flat structure without describing the
hierarchy. So when creating a DF, sometimes it should be created below
the current DF, and sometimes it should be adjacent next to the current
DF.
Let's introduce
* a 'ppath' property of FileTemplate to indicate if a file is anything
but a direct sibling of the 'base DF' of the PE
* an 'extends' property of ProfileTemplate to indicate that a given
template does not have its own 'base DF', but that its contents merely
extends that of another ProfileTemplate
* a 'parent' property of ProfileTemplate to indicate a parent
ProfileTemplate below whose 'base DF' our files should be placed.
Change-Id: Ieab4835cd21008b289713784c0eb7170af2ccfb9
In the previous patch we have improved the export command. Since
the implementation of the fsdump command is very similar to the
implementation of the export command we can now apply the same
improvements to the fsdump command as well.
Change-Id: I4d2ef7b383025a5bbf122f18ecd51b7d73aaba14
Related: OS#6092
Since we now have the ability to provide export methods for all file
types in the file system (this also includes DF and ADF files), we need
to support this at shell command level as well. Let's also renovate the
walk method and the action method that does the actual exporting.
Related: OS#6092
Change-Id: I3ee661dbae5c11fec23911775f352ac13bc2c6e5
In some cases it might come in handy to be able to lookup a random file
in the file system tree before actually selecting it. This would be
very useful in situations where we need to check the presence of the
file or if we need to check certain file attributes before performing
some task.
Related: OS#6092
Change-Id: I6b6121e749cea843163659e1a26bb3893c032e29
the select_parent method in RuntimeLchan currently implements a way
to escape from an application that has no filesystem support. However,
this escape route can be integrated directly into the select_file
method. This will give us the benefit that it will work transparently
in all code locations.
(This also means we can get rid of the select_parent method again)
Related: OS#6120
Change-Id: Ie6f37d13af880d24a9c7a8a95cef436b603587c7
