The ES9+ interface is not only used for downloading eSIM profiles, but
it is also used to report back the installation result as well as
profile management operations like enable/disable/delete.
Change-Id: Iefba7fa0471b34eae30700ed43531a515af0eb93
This new action can be used to dump all java applications as either raw
IJC file or converted to CAP format (the usual format generated by
JavaCard toolchains).
Change-Id: I51cffa5ba3ddbea491341d678ec9249d7cf470a5
This is a tool to work with eSIM profiles in SAIP format. It allows
to dump the contents, run constraint checkers as well as splitting
of the PE-Sequence into the individual PEs.
Change-Id: I396bcd594e0628dfc26bd90233317a77e2f91b20
This tool can be used to test the SM-DP+. It implements the full dance
of all HTTPs API operations to get to the downloadProfile, and will
decrypt the BPP to the UPP, which is then subsequently stored as file on
disk.
Needless to say, this will only work if you have an eUICC certificate +
private key that is compatible with the CI of your SM-DP+.
Change-Id: Idf8881e82f9835f5221c58b78ced9937cf5fb520
It's generally a bad idea to keep [card specific] key material lying
around unencrypted in CSV files. The industry standard solution in the
GSMA is a so-called "transport key", which encrypts the key material.
Let's introduce support for this in the CardKeyProvider (and
specifically, the CardKeyProviderCSV) and allow the user to specify
transport key material as command line options to pySim-shell.
Different transport keys can be used for different key materials, so
allow specification of keys on a CSV-column base.
The higher-level goal is to allow the CSV file not only to store
the ADM keys (like now), but also global platform key material for
establishing SCP towards various security domains in a given card.
Change-Id: I13146a799448d03c681dc868aaa31eb78b7821ff
When running without an argument, let argparse print a nice usage error:
$ ./sim-rest-client.py
usage: sim-rest-client.py [-h] [-H HOST] [-p PORT] [-v] [-n SLOT_NR] {auth,info} ...
sim-rest-client.py: error: the following arguments are required: {auth,info}
Instead of:
$ ./sim-rest-client.py
Traceback (most recent call last):
File "/usr/share/pysim/contrib/./sim-rest-client.py", line 185, in <module>
main(sys.argv)
File "/usr/share/pysim/contrib/./sim-rest-client.py", line 181, in main
args.func(args)
^^^^^^^^^
AttributeError: 'Namespace' object has no attribute 'func'
Change-Id: I92998d9b94dcfb9dcfc3da161fe5d8f45f242b78
The idea of this new job is to catch package integrity problems,
like the missing entries in setup.py/packages[] or missing deps.
Change-Id: Ic72d58494e8fd0cab8d66ce60f7b70593b770872
Related: osmo-ci.git I9d4d9e9de2b16a4b745791f3c9c93507f43bfa6d
This tool is a replacement for asn1c 'unber' program with a much more
useful/readable output:
* contains hexadecimal raw tag values
* contains hexdump of value, rather than HTML entities in pseudo-XML
Change-Id: I22c1a461ccba04c2c8caaab7ca29ea6ae76e2ea3
It's odd that the individual transport driver specifies their argparse
options but then the core transport part evaluates them individually.
This means we cannot add new options within a transport.
Let's pass the Namespace instance into the constructor of the
specific transport to improve this.
Change-Id: Ib977007dd605ec9a9c09a3d143d2c2308991a12c
In the last line of the if,elif,else branch, when we print the ApiError
object, we pass the variable sw to str() instead passing it to
ApiError() like we do it in the lines above. This is not correct and
causes strange exceptions.
Related: OS#67094
Change-Id: I5a1d19abeb00c2c9dc26517abc44a5c916f2d658
The REST megthd info uses deprecated methods to read the ICCID and the
IMSI from the card. However, we can replace those methods by selecting
the files we are interested in manually and then reading them.
Related: RT#67094
Change-Id: Ib0178823abb18187404249cfed71cfb3123d1d74
The class UsimCard is deprecated and only still used in very old
legacy applications. let's use the more modern UiccCardBase class
instead.
Related: RT#67094
Change-Id: I3676f033833665751c0d953176eafe175b20c14a
When the function connect_to_card is done, it selects ADF.USIM. This
might be contraproductive in case someone needs to access files on MF
level in one of the REST methods. Instead fo ADF.USIM, let's use MF as a
common ground to start from.
At the moment the only existing REST (info, auth) immediately select
ADF.USIM after calling connect_to_card already, so there are no further
modifications necessary.
Related: RT#67094
Change-Id: I16e7f3c991c83f81989ecc4e4764bb6cc799c01d
We now have pySim-shell and pySim-trace. Let's give pysim-test.sh a more
distinctive name so that it is clear to which program it refers.
Related: OS#6094
Change-Id: I438f63f9580ebd3c7cc78cc5dab13c9937ac6e3a
pySim-trace has no test coverage yet. Let's use a script to run a
GSAMTAP pcacp through it and check that no exceptions are raised.
Related: OS#6094
Change-Id: Icfabfa7c59968021eef0399991bd05b92467d8d2
Split the jenkins job up in three parts, so each of them can run in
parallel, and the test part that has to run on a specific node (and
blocks it while running), finishes faster.
Don't install depends of pylint/docs jobs as they will run in docker
and the depends get installed once in the container.
Related: OS#5497
Depends: docker-playground Id5c75725d2fab46b29773fa4f637fa2d73fa7291
Depends: osmo-ci Iea4f15fd9c9f8f36cb8d638c48da000eafe746a4
Change-Id: I5245c529db729e209d78a02ab9c917a90d0e0206
-x Print commands and their arguments as they are executed
-e Exit immediately if a command exits with a non-zero status
Change-Id: I13af70ef770936bec00b050b6c4f988e53ee2833
Use multiple processes to speed up pylint. Specifying -j0 will
auto-detect the number of processors available to use.
On AMD Ryzen 7 3700X this significantly reduces the exec time:
$ time python -m pylint -j1 ... pySim *.py
real 0m12.409s
user 0m12.149s
sys 0m0.136s
$ time python -m pylint -j0 ... pySim *.py
real 0m5.541s
user 0m58.496s
sys 0m1.213s
Change-Id: I76d1696c27ddcab358526f807c4a0a7f0d4c85d4
pylint v2.15 is crashing, let's fall-back to a known to work v2.14.5.
Change-Id: Ie29be6ec6631ff2b3d8cd6b2dd9ac0ed8f505e4f
Related: https://github.com/PyCQA/pylint/issues/7375
Related: OS#5668
Instead of a cryptic backtrace, we now return a meaningful error like this:
{"error": {"message": "Security Status not satisfied - Card PIN enabled?", "status_word": "6982"}
Change-Id: I6dafd37dfd9fa3d52ca2c2e5ec37a6d274ba651b
Closes: OS#5606
Let's make sure even error messages are returned in JSON format.
While at it, also reduce some code duplication between the 'auth'
and 'info' route handlers by using the klein handle_errors decorator
instead of manual exception catching.
Change-Id: I1e0364e28ba7ce7451993f57c8228f9a7ade6b0e
Closes: OS#5607
This introduces a new pySim.apdu module hierarchy, which contains
classes that represent TPDU/APDUs as exchanged between
SIM/UICC/USIM/ISIM card and UE.
It contains instruction level decoders for SELECT, READ BINARY and
friends, and then uses the pySim.filesystem.Runtime{Lchan,State} classes
to keep track of the currently selected EF/DF/ADF for each logical
channel, and uses the file-specific decoder classes of pySim to decode
the actual file content that is being read or written.
This provides a much more meaningful decode of protocol traces than
wireshark will ever be able to give us.
Furthermore, there's the new pySim.apdu_source set of classes which
provides "input plugins" for obtaining APDU traces in a variety of
formats. So far, GSMTAP UDP live capture and pyshark based RSPRO
live and pcap file reading are imlpemented.
Change-Id: I862d93163d495a294364168f7818641e47b18c0a
Closes: OS#5126
There is no $base in this script, and the current form renders:
make: *** /docs: No such file or directory. Stop.
Build step 'Execute shell' marked build as failure
Change-Id: Ifcf27f7497daeb285dfb364bff20d0c861c77dcb
Related: OS#5271
5.1 was the version introducing pyyaml.FullLoader which we're using,
see https://pyyaml.org/wiki/PyYAML#history
Change-Id: I0f2fa08ceeac2759218e85ad5bdce3ef951d0b74
the sim-rest-server is a minimal HTTP/RESTful API for performing
UMTS-AKA against a SIM card inserted in a locally reachable PC/SC
reader. Let's add s systemd service/unit file for people wanting to
run this service from systemd.
Change-Id: I84b390af09d33de2c740898ff3d7d5a90a300588
