The upstream construct.{Bytes,GreedyBytes} only support bytes/bytearray
input data for the encoder, while the [newly-created]
osmocom.construct.{Bytes,GreedyBytes} support alternatively hex-string input.
This is important in the context of encoding construct-based types from
JSON, where our osmocom.utils.JsonEncoder will automatically convert any
bytes to hex-string, while re-encoding those hex-strings will fail prior
to this patch.
Change-Id: I1c8df6350c68aa408ec96ff6cd1e405ceb1a4fbb
Closes: OS#6774
Recent versions of the ARA-M applet from Bertrand Martel can lock
the write access to ARA-M rules. Let's add a command for that and
some documentation.
Related: SYS#7245
Change-Id: I71581a0c9f146f9a0921093d9b53b053b4a8946c
GPD_SPE_013 Table 6-3 defines two types of AID-REF-DO objects (both
are fully independed TLV IEs with the same name). The version with
tag '4F' identifies an SE application. It may contain an AID prefix
or even be of length 0 in case the rule should apply to all SE
applications. Then there is the version with tag 'C0', which must
always have length 0 and serves a flag to apply the rule to the
implicitly selected SE application. Technically both are completely
different things, so we must also treat them separately in the
pySim-shell code.
Related: OS#6681
Change-Id: I771d5e860b12215280e3d0a8c314ce843fe0d6a2
there are multiple references to a specification "SEID". As it seems this is
a reference to the GlobalPlatform "Secure Element Access Control" spec, which
has the document reference "GPD_SPE_013". Let's use "GPD_SPE_013" to referene
the spec.
Related: SYS#6681
Change-Id: I77895f1b84126563380ce89aa07a3b448d8784a3
We're creating a 'pyosmocom' pypi module which contains a number of core
Osmocom libraries / interfaces that are not specific to SIM card stuff
contained here.
The main modules moved in this initial step are pySim.tlv, pySim.utils
and pySim.construct. utils is split, not all of the contents is
unrelated to SIM Cards. The other two are moved completely.
Change-Id: I4b63e45bcb0c9ba2424dacf85e0222aee735f411
The ara_m commands use APDUs with a fix class byte (0x80). This means
that all ARA-M related features only work in the basic logical channel.
To fix this, let's compute the class byte for the current logical channel
dynamically inside the send_apdu methods of SimCardCommands. This will
fix the problem globally.
Related: OS#6531
Change-Id: Ie3e48678f178a488bfaea6cc2b9a3e18145a8d10
This patch adds an export method to the CardApplicationARAM class.
This method reads the ARA-M configuration and transforms it into
executeable command lines, which can be executed as a script later
to restore an ARA-M configuration.
Related: OS#6092
Change-Id: I811cb9d25cb8ee194b4ead5fb2cabf1fdc0c1c43
The code for the --apdu-filter commandline option is not yet finished.
Let's finish it and make it work.
Related: OS#6092
Change-Id: Ib5fb388972fde0d50c3db0082ebf40bcca404681
Historically, to_dict and from_dict were not symmetric; this has been
fixed in I07e4feb3800b420d8be7aae8911f828f1da9dab8 in December 2023.
This however broke the ara_m legacy use of the from_dict() methods.
We've just introduced a from_val_dict() method in
I81654ea54aed9e598943f41a26a57dcc3a7f10c2, let's make use of it.
Change-Id: I3aaec40eb665d6254be7b103444c04ff48aac36d
PERM-AR-DO actually originates in a different spec than all other parts
of the ara_m.py, so let's explicitly mention that.
Change-Id: I6e0014c323f605860d0f70cd0c04d7e461e8a9de
As the ARA-M applet is a GlobalPlatform applet, its SELECT response
decoding should be used, not the ETSI EUICC TS 102 221 fall-back.
Change-Id: I1a30b88a385f6de663aa837483dd32c0d104856f
Encoding an empty AID-REF-DO (4F) is neccessary to achieve the meaning
described in "Secure Element Access Control - Public Release v1.0"
Table 6-1: "Empty: Indicates that the rules to be stored or retrieved
are associated with all SE applications not covered by a specific rule".
Change-Id: Iac6c3d78bc9ce36bac47589e5f7a0cc78e2efc38
Ever since commit 30de9fd8ab in July
we are (properly) using snake_case names in the from_dict (to become
bijective with to_dict). This code was not updated by accident,
creating an exception when using the `aram_get_config`
Change-Id: If216b56b38ab17d13896074aa726278b9ba16923
Related: OS#6119
This new approach will "fork" separate SimCardCommands instances
for each RuntimeLchan. Higher-layer code should now always use the
RuntimeLchan.scc rather than the RuntimeState.card._scc in order to
make sure commands use the correct logical channel.
Change-Id: I13e2e871f2afc2460d9fd1cd566de42267c7d389
Related: OS#6230
The TLV_IE_Collection, just like the individual TLV classes, do
use their snake-style names when converting from binary to dict
using the to_dict() method. It is inconsistent (and a bug) to
expect the CamelCase names during encoding (from_dict). After all,
we want the output of to_dict() to be used as input to from_dict().
Change-Id: Iabd1ad98c3878659d123eef919c22ca824886f8a
* don't duplicate information between .rst files and docstrings
* if there's more than a trivial single-line documentation, put it as
docstring into the python source and use ".. argparse" to pul it into
the manual
* add documentation for some commands for which it was missing
* show one level deeper in the navigation table, listing the commands
Change-Id: Ib88bb7d12faaac7d149ee1f6379bc128b83bbdd5
We had a mixture of tab and 4space based indenting, which is a bad
idea. 4space is the standard in python, so convert all our code to
that. The result unfortuantely still shoed even more inconsistencies,
so I've decided to run autopep8 on the entire code base.
Change-Id: I4a4b1b444a2f43fab05fc5d2c8a7dd6ddecb5f07
This introduces support for talking to the ARA-M application on a card,
as specified in the GlobalPlatform "Secure Element Access Control"
specification v1.1.
Change-Id: Ia9107a4629c3d68320f32bbd4dd26e1f430717da
