So far the main use case was to read a ProfileElement-SD from
a DER file. But when we want to construct one from scratch,
we need to have the constructor put some meaningful [default]
values into the class members.
Change-Id: I69e104f1d78165c12291317326dbab05977a1574
This way it's possible to programmatically inspect and modify the
high-level decoded key material inside a securityDomain profile element.
Change-Id: I18b1444303de80eaddd840a7e0061ea0098a8ba1
It's rather useful to have derived classes implementing specific
functions related to that SAIP profile type. Let's introruce that
concept and a first example for securityDomain, where methods allow
checking/adding/removing support for SCPs.
Change-Id: I0929cc704b2aabddbc2ddee79ab8b674b1ed4691
When de-MAC-ing at the recipient side, we must increment the cipher(!)
block number even if no ciphering is done at all.
We did this correctly for MAC (sender) case, but not on the de-MAC
(receiver) case.
Change-Id: I97993f9e8357b36401d435aaa15558d1c7e411eb
In the eSIM RSP univers there are some rather ugly layering violatoins
where ASN.1 cannot be parsed but we have to mess with raw TLVs and the
details of DER encoding. Let's add two funtions that make it more
convenient to work with this: They return the raw tag as integer, or
even the entire encoded TLV rather than the value part only.
Change-Id: I1e68a4003b833e86e9282c77325afa86ce144b98
GlobalPlatform has a [non-public] "UICC Configuration" spec, which
defines some specific aspects of implementing GlobalPlatform in the
context of an UICC. Let's add some python definitions about it.
Change-Id: If4cb110a9bc5f873b0e097c006bef59264ee48fa
Before this patch we had three different error causes that would cause a
"Verification failed" error message. Let's state explicitly which part
of verification did actually fail.
Change-Id: I5030758fe365bb802ae367b494aace5a66bc7a91
We used to re-encode those parts of a decoded ASN.1 struct that is
cryptographically signed in the GSMA SGP.22 specification. However, if
the received data follows a later spec and contains new/unknown records,
then our poor-man's attempt at re-encoding will render a different
binary, which in turn means the signature check will fail.
Let's instead do a manual step-by-step raw decode of the DER TLV
structure to extract the actual binary information of parts of ASN.1
objects.
Change-Id: I4e31fd4b23ec3be15b9d07c2c30a3e31e22bdda1
Closes: OS#6473
... and populate the RuntimeState.identity['EID'] wit it, so other
[future] parts of the system can use it.
Let's also print the EID (if available) from the 'cardinfo' shell
command.
Change-Id: Idc2ea1d9263f39b3dff403e1535a5e6c4e88b26f
In the previous patch, we've introduced a new 'identities' dict as part
of the runtime state. Let's migrate our ICCID storage into it for
consistency.
Change-Id: Ibdcf9a7c4e7e445201640bce33b768bcc4460db1
The get_eid command is actually sending the command apdu twice, as
it contains both an older implementation (result unused) and the newer
one.
Change-Id: Ie82bb09f4fc30bc879029b83147dad5614792b48
Let's have the card tell us what the length is by indicating '00'
instead of stating 'FF'. This is better aligned with general practice
and won't break assumptions in other parts of the code like SCP
transport.
Change-Id: Ied63c6e1970e3dfc675da5e5f94579fbb06fea51
A mix-up betewen underscore and dash resulted in:
Change-Id: I49d12b7c7ae2a343940e87d5069c0ae44a9bc50c
AttributeError: 'Namespace' object has no attribute 'application_aid'
When running without an argument, let argparse print a nice usage error:
$ ./sim-rest-client.py
usage: sim-rest-client.py [-h] [-H HOST] [-p PORT] [-v] [-n SLOT_NR] {auth,info} ...
sim-rest-client.py: error: the following arguments are required: {auth,info}
Instead of:
$ ./sim-rest-client.py
Traceback (most recent call last):
File "/usr/share/pysim/contrib/./sim-rest-client.py", line 185, in <module>
main(sys.argv)
File "/usr/share/pysim/contrib/./sim-rest-client.py", line 181, in main
args.func(args)
^^^^^^^^^
AttributeError: 'Namespace' object has no attribute 'func'
Change-Id: I92998d9b94dcfb9dcfc3da161fe5d8f45f242b78
Something like "this._.total_len-1" only works during decode. Let's
use GreedyBytes instead, working for encode and decode.
Change-Id: Idf8326298cab7ebc68b09c7e829bfc2061222f51
File "/crypt/space/home/laforge/projects/git/pysim/pySim/sysmocom_sja2.py", line 180, in __init__
self._construct = Struct(Const(b'\x82'), 'time_unit'/self.TimeUnit, 'value'/Int8ub,
^^^^^
NameError: name 'Const' is not defined
Change-Id: If34a48e349680ef84e68a4a1a19dde536ecda0e6
osmo-smdpp.py:374:72: E0601: Using variable 'iccid_str' before assignment (used-before-assignment)
Let's raise an exception in the erroneous case.
Change-Id: I01b308226e12f91699b1b5c6bb06f853be47e185
pySim/euicc.py:436:31: E0606: Possibly using variable 'p_id' before assignment (possibly-used-before-assignment)
pySim/euicc.py:455:31: E0606: Possibly using variable 'p_id' before assignment (possibly-used-before-assignment)
pySim/euicc.py:473:31: E0606: Possibly using variable 'p_id' before assignment (possibly-used-before-assignment)
Let's raise an exception in the erroneous case.
Change-Id: Ifdf4651e503bae6ea3e91c89c2121b416a12fb1a
pySim/commands.py:608:39: E0606: Possibly using variable 'p2' before assignment (possibly-used-before-assignment)
Let's raise an exception in the erroneous case.
Change-Id: I23adf2e89aa8a13246cc20ef022c84f0113eb2cd
pySim/commands.py:223:18: E0606: Possibly using variable 'skip' before assignment (possibly-used-before-assignment)
Let's raise an exception in the erroneous case.
Change-Id: Id1a892c3446e472699e77f076c2414277e92c98d
Let's register the ISD-R and ECASD applications so we avoid the warnings
printed when processing an eUICC protocol trace:
WARNING pySim.apdu.ts_102_221: SELECT UNKNOWN AID a0000005591010ffffffff8900000100
Change-Id: I362a1a7f12d979ff0b7971d5300db9ed56bb1ee5
When a SCP is active, the DEK is used to encrypt any key material
that's installed using PUT KEY. The code prior to this patch fails
to handle this case as it calls the encrypt_key() method on the wrong
object.
Change-Id: I6e10fb9c7881ba74ad2986c36bba95b336470838
our utils.b2h() returns values in lower-case hex string notation,
so let's make sure the CardADF and CardApplication AID values are also
stored in lower case notation, othewise the matching baesd on AIDs
returned from the card will not work, specifically as we use uppercase
AIDs in pySim.euicc for CardApplicationECASD and CardApplicationISDR.
Rather than change those two instances, let's solve it in a generic way.
We already do the same for the CardFile.fid member.
Change-Id: Ie42392412d9eb817fbc563d9165faab198ffa7a9
While all official/standardized ES2+ API functions use POST, there
are some vendor-specific extensions using different HTTP methods. Be
flexible enough to allow derived classes to easily specify other methods.
Change-Id: I4b1a0dc7e6662485397c7708933bf16e5ed56e10
Usually, the specifications say that the integer type is actually
transmitted as a JSON string type. However, it seems some
implementations do return a native JSON integer type. Let's be
tolerant in that regard.
Change-Id: I5b47f8bba01225d53eff2ca086e53a2133abed7f
The idea of this new job is to catch package integrity problems,
like the missing entries in setup.py/packages[] or missing deps.
Change-Id: Ic72d58494e8fd0cab8d66ce60f7b70593b770872
Related: osmo-ci.git I9d4d9e9de2b16a4b745791f3c9c93507f43bfa6d
There was a support request hinting that other applications
concurrently accessed the SIM and were messing up the card state while
pySim-shell was running.
Let's avoid such situations by opening the card/reader in EXCLUSIVE mode
by default. If somebody really has a special use case, they can now add
the --pcsc-shared flag to restore the legacy behavior (SHARED mode).
Change-Id: I90d887714b559a4604708d3c6dd23b5e05f40576
We already use argparse everywhere else, and we have moved reader-driver
argument parsing into the library expecting argparse.
Change-Id: I7407496643247c754d002656688e9fdcbcf644a8
The hex string of the generated transactionId contains lowercase hex
digits. However SGP.22 explicitly spcifies to use uppercase hex digits
when using JSON fromatted messages. See section 6.5.2.6 for example.
Related: SYS#6720
Change-Id: I8439aa9d70f6fe798fa88b623bac13debdc19ca1
To make things exciting, they decided that the ICCID in the profile
header is encoded different from the ICCID contained in EF.ICCID...
Change-Id: I5eacdcdc6bd0ada431eb047bfae930d79d6e3af8
