When loading a ProfileElement from its DER-ecoded format, populate
a dict with a pySim.esim.saip.File object for each file.
Change-Id: Ie2791c10289eb28daed2904467b0c5e5b11c94c2
As SGP.22 states, the handleNotification endpoint uses HTTP status 204,
not 200 (due to its empty body).
Change-Id: I890bdbd3e1c4578d2d5f0367958fdce26e338cac
this way, the eUICC will send us notifications whenever our profiles are
enabled/disabled/deleted.
Change-Id: I2861290864522b691b30b079c7c2e1466904df2d
The ES9+ interface is not only used for downloading eSIM profiles, but
it is also used to report back the installation result as well as
profile management operations like enable/disable/delete.
Change-Id: Iefba7fa0471b34eae30700ed43531a515af0eb93
For example, the ES9+ handleNotification function is defined with an
empty response body, so we cannot unconditionally assume that every HTTP
response will contain a JSON "header" value.
Change-Id: Ia3c5703b746c1eba91f85f8545f849a3f2d56e0b
The ProfileHeader PE contain lists of template-oids and services that
are mandatory in this profile. Let's add methods that can be used to
(re-) compute those lists based on the actual PE contents of the
sequence.
The idea is that during programmatic construction of a profile, those methods
would be called after appending all PEs, just before encoding the
profile as DER.
Change-Id: Ib43db8695c6eb63965756364fda7546d82df0beb
Let's avoid the copy+paste in the subclass constructors and initialize the profile
element header in the base class constructor.
Change-Id: I6e69ae1f0d33d963247fc506db33b3840c10c19a
There are e.g. templates for usim and for opt-usim, and they should not
be confused with each other. Let's reflect that in the naming.
Change-Id: Ic6d04ce3172dc969c6b8c018b8d305eb6fd3f550
Let's make sure the constructor of ProfileElement subclasses set
meaningful defaults to the self.decoded member, so that the to_der()
method can actually encode it. This is required when constructing
a profile from scratch, as opposed to loading an existing one from DER.
Also, add a test to verify that the encoder passes without exception;
doesn't test the generated binary data.
Change-Id: I401bca16e58461333733877ec79102a5ae7fe410
This new action can be used to dump all java applications as either raw
IJC file or converted to CAP format (the usual format generated by
JavaCard toolchains).
Change-Id: I51cffa5ba3ddbea491341d678ec9249d7cf470a5
This method allows the caller to remove all NAAs of a certain type,
for example to remove all CSIM instances from a given profile.
Change-Id: I64438bf0be58bad7a561c3744b7e9b1338a7857c
This tool can be used to test the SM-DP+. It implements the full dance
of all HTTPs API operations to get to the downloadProfile, and will
decrypt the BPP to the UPP, which is then subsequently stored as file on
disk.
Needless to say, this will only work if you have an eUICC certificate +
private key that is compatible with the CI of your SM-DP+.
Change-Id: Idf8881e82f9835f5221c58b78ced9937cf5fb520
Let's use the infrastructure of pySim.esim.http_json_api to define
the ES9+ API Functions. This can in turn be used by clients or even
osmo-smdpp can be ported over to using this infratructure rather than
open-coding a lot of the encoding/decoding of API request/response
parameters.
Change-Id: I194ef1d186391f36245c099cc70a4813185ecf9c
So far the main use case was to read a ProfileElement-SD from
a DER file. But when we want to construct one from scratch,
we need to have the constructor put some meaningful [default]
values into the class members.
Change-Id: I69e104f1d78165c12291317326dbab05977a1574
This way it's possible to programmatically inspect and modify the
high-level decoded key material inside a securityDomain profile element.
Change-Id: I18b1444303de80eaddd840a7e0061ea0098a8ba1
It's rather useful to have derived classes implementing specific
functions related to that SAIP profile type. Let's introruce that
concept and a first example for securityDomain, where methods allow
checking/adding/removing support for SCPs.
Change-Id: I0929cc704b2aabddbc2ddee79ab8b674b1ed4691
When de-MAC-ing at the recipient side, we must increment the cipher(!)
block number even if no ciphering is done at all.
We did this correctly for MAC (sender) case, but not on the de-MAC
(receiver) case.
Change-Id: I97993f9e8357b36401d435aaa15558d1c7e411eb
In the eSIM RSP univers there are some rather ugly layering violatoins
where ASN.1 cannot be parsed but we have to mess with raw TLVs and the
details of DER encoding. Let's add two funtions that make it more
convenient to work with this: They return the raw tag as integer, or
even the entire encoded TLV rather than the value part only.
Change-Id: I1e68a4003b833e86e9282c77325afa86ce144b98
We used to re-encode those parts of a decoded ASN.1 struct that is
cryptographically signed in the GSMA SGP.22 specification. However, if
the received data follows a later spec and contains new/unknown records,
then our poor-man's attempt at re-encoding will render a different
binary, which in turn means the signature check will fail.
Let's instead do a manual step-by-step raw decode of the DER TLV
structure to extract the actual binary information of parts of ASN.1
objects.
Change-Id: I4e31fd4b23ec3be15b9d07c2c30a3e31e22bdda1
Closes: OS#6473
While all official/standardized ES2+ API functions use POST, there
are some vendor-specific extensions using different HTTP methods. Be
flexible enough to allow derived classes to easily specify other methods.
Change-Id: I4b1a0dc7e6662485397c7708933bf16e5ed56e10
Usually, the specifications say that the integer type is actually
transmitted as a JSON string type. However, it seems some
implementations do return a native JSON integer type. Let's be
tolerant in that regard.
Change-Id: I5b47f8bba01225d53eff2ca086e53a2133abed7f
To make things exciting, they decided that the ICCID in the profile
header is encoded different from the ICCID contained in EF.ICCID...
Change-Id: I5eacdcdc6bd0ada431eb047bfae930d79d6e3af8
When personalizing e.g. the ICCID, the input_value is the raw
incrementing counter. From that, we calculate the Luhn check digit,
and that "output" value is what we'll put in to the EF.ICCID specific
encoder.
However, we also store that output value in the instance in order
to generate the output CSV file containig the card-specific
personalization data.
Change-Id: Idfcd26c8ca9d73a9c2955f7c97e711dd59a27c4e
Those keys are normally per-card unique, and hence the personalization
must be able to modify them in the profile.
Change-Id: Ibe4806366f1cce8edb09d52613b1dd56250fa5ae
pySim/esim/saip/validation.py:95:42: C0117: Consider changing "not not ('usim' in m_svcs or 'isim' in m_svcs)" to "'usim' in m_svcs or 'isim' in m_svcs" (unnecessary-negation)
pySim/esim/saip/validation.py:129:0: C0305: Trailing newlines (trailing-newlines)
Change-Id: Idcc9871d6a7068e8aedbd8cd81f4156918af5e50
pySim/esim/saip/__init__.py:28:0: R0402: Use 'from pySim.esim.saip import templates' instead (consider-using-from-import)
pySim/esim/saip/__init__.py:166:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/esim/saip/__init__.py:206:4: W0612: Unused variable 'tagdict' (unused-variable)
pySim/esim/saip/__init__.py:273:23: C1802: Do not use `len(SEQUENCE)` without comparison to determine if a sequence is empty (use-implicit-booleaness-not-len)
Change-Id: I12ef46c847d197fb0c01e624818aeac14eb99e31
Introduce code that makes use of the information from
pySim.esim.saip.templates to build a complete representation of a file
by merging the template with the ProfileElement decribing the file.
This happens within the class pySim.esim.saip.File, whose instances are
created from ProfileElement + Template.
Change-Id: Ib1674920e488ade9597cb039e4e2047dcbc7864e
pySim/esim/saip/oid.py:30:11: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
pySim/esim/saip/oid.py:46:11: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
Change-Id: I65c9cd1bb2b6a1747a7fbb25052adc75605bc870
pySim/esim/saip/templates.py:106:0: R1707: Disallow trailing comma tuple (trailing-comma-tuple)
pySim/esim/saip/templates.py:56:37: C0121: Comparison 'self.fid != None' should be 'self.fid is not None' (singleton-comparison)
pySim/esim/saip/templates.py:57:28: C0121: Comparison 'self.arr != None' should be 'self.arr is not None' (singleton-comparison)
pySim/esim/saip/templates.py:58:37: C0121: Comparison 'self.sfi != None' should be 'self.sfi is not None' (singleton-comparison)
pySim/esim/saip/templates.py:96:11: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
pySim/esim/saip/templates.py:591:0: W1404: Implicit string concatenation found in list (implicit-str-concat)
Change-Id: I181578ba630c8bdb558297e990411b59593652a0
