esim/http_json_api.py: support text/plain response Content-Type

Allow returning text/plain Content-Types as 'data' output argument. So far, all the esim/http_json_api functions require a JSON response. However, a specific vendor has a list function where the request is JSON but the response is text/plain CSV data. Allow and return in a dict. Change-Id: Iba6e4cef1048b376050a435a900c0f395655a790
Revert "esim/http_json_api: extend JSON API with server functionality"
2026-03-16 18:38:32 +03:00 · 2026-03-04 00:35:54 +01:00 · 2026-03-04 00:35:54 +01:00 · 2026-03-04 00:35:54 +01:00 · 2026-03-04 00:35:54 +01:00 · 2026-03-04 00:35:54 +01:00
17 changed files with 177 additions and 560 deletions
--- a/contrib/smpp-ota-tool.py
+++ b/contrib/smpp-ota-tool.py
@@ -30,48 +30,6 @@ from pathlib import Path

 logger = logging.getLogger(Path(__file__).stem)

-option_parser = argparse.ArgumentParser(description='Tool to send OTA SMS RFM/RAM messages via SMPP',
-                                        formatter_class=argparse.ArgumentDefaultsHelpFormatter)
-option_parser.add_argument("--host", help="Host/IP of the SMPP server", default="localhost")
-option_parser.add_argument("--port", help="TCP port of the SMPP server", default=2775, type=int)
-option_parser.add_argument("--system-id", help="System ID to use to bind to the SMPP server", default="test")
-option_parser.add_argument("--password", help="Password to use to bind to the SMPP server", default="test")
-option_parser.add_argument("--verbose", help="Enable verbose logging", action='store_true', default=False)
-algo_crypt_choices = []
-algo_crypt_classes = OtaAlgoCrypt.__subclasses__()
-for cls in algo_crypt_classes:
-    algo_crypt_choices.append(cls.enum_name)
-option_parser.add_argument("--algo-crypt", choices=algo_crypt_choices, default='triple_des_cbc2',
-                           help="OTA crypt algorithm")
-algo_auth_choices = []
-algo_auth_classes = OtaAlgoAuth.__subclasses__()
-for cls in algo_auth_classes:
-    algo_auth_choices.append(cls.enum_name)
-option_parser.add_argument("--algo-auth", choices=algo_auth_choices, default='triple_des_cbc2',
-                           help="OTA auth algorithm")
-option_parser.add_argument('--kic', required=True, type=is_hexstr, help='OTA key (KIC)')
-option_parser.add_argument('--kic-idx', default=1, type=int, help='OTA key index (KIC)')
-option_parser.add_argument('--kid', required=True, type=is_hexstr, help='OTA key (KID)')
-option_parser.add_argument('--kid-idx', default=1, type=int, help='OTA key index (KID)')
-option_parser.add_argument('--cntr', default=0, type=int, help='replay protection counter')
-option_parser.add_argument('--tar', required=True, type=is_hexstr, help='Toolkit Application Reference')
-option_parser.add_argument("--cntr-req", choices=CNTR_REQ.decmapping.values(), default='no_counter',
-                           help="Counter requirement")
-option_parser.add_argument('--no-ciphering', action='store_true', default=False, help='Disable ciphering')
-option_parser.add_argument("--rc-cc-ds", choices=RC_CC_DS.decmapping.values(), default='cc',
-                           help="message check (rc=redundency check, cc=crypt. checksum, ds=digital signature)")
-option_parser.add_argument('--por-in-submit', action='store_true', default=False,
-                           help='require PoR to be sent via SMS-SUBMIT')
-option_parser.add_argument('--por-no-ciphering', action='store_true', default=False, help='Disable ciphering (PoR)')
-option_parser.add_argument("--por-rc-cc-ds", choices=RC_CC_DS.decmapping.values(), default='cc',
-                           help="PoR check (rc=redundency check, cc=crypt. checksum, ds=digital signature)")
-option_parser.add_argument("--por-req", choices=POR_REQ.decmapping.values(), default='por_required',
-                           help="Proof of Receipt requirements")
-option_parser.add_argument('--src-addr', default='12', type=str, help='SMS source address (MSISDN)')
-option_parser.add_argument('--dest-addr', default='23', type=str, help='SMS destination address (MSISDN)')
-option_parser.add_argument('--timeout', default=10, type=int, help='Maximum response waiting time')
-option_parser.add_argument('-a', '--apdu', action='append', required=True, type=is_hexstr, help='C-APDU to send')
-
 class SmppHandler:
    client = None

@@ -209,6 +167,47 @@ class SmppHandler:
        return h2b(resp), h2b(sw)

 if __name__ == '__main__':
+    option_parser = argparse.ArgumentParser(description='CSV importer for pySim-shell\'s PostgreSQL Card Key Provider',
+                                   formatter_class=argparse.ArgumentDefaultsHelpFormatter)
+    option_parser.add_argument("--host", help="Host/IP of the SMPP server", default="localhost")
+    option_parser.add_argument("--port", help="TCP port of the SMPP server", default=2775, type=int)
+    option_parser.add_argument("--system-id", help="System ID to use to bind to the SMPP server", default="test")
+    option_parser.add_argument("--password", help="Password to use to bind to the SMPP server", default="test")
+    option_parser.add_argument("--verbose", help="Enable verbose logging", action='store_true', default=False)
+    algo_crypt_choices = []
+    algo_crypt_classes = OtaAlgoCrypt.__subclasses__()
+    for cls in algo_crypt_classes:
+        algo_crypt_choices.append(cls.enum_name)
+    option_parser.add_argument("--algo-crypt", choices=algo_crypt_choices, default='triple_des_cbc2',
+                               help="OTA crypt algorithm")
+    algo_auth_choices = []
+    algo_auth_classes = OtaAlgoAuth.__subclasses__()
+    for cls in algo_auth_classes:
+        algo_auth_choices.append(cls.enum_name)
+    option_parser.add_argument("--algo-auth", choices=algo_auth_choices, default='triple_des_cbc2',
+                               help="OTA auth algorithm")
+    option_parser.add_argument('--kic', required=True, type=is_hexstr, help='OTA key (KIC)')
+    option_parser.add_argument('--kic_idx', default=1, type=int, help='OTA key index (KIC)')
+    option_parser.add_argument('--kid', required=True, type=is_hexstr, help='OTA key (KID)')
+    option_parser.add_argument('--kid_idx', default=1, type=int, help='OTA key index (KID)')
+    option_parser.add_argument('--cntr', default=0, type=int, help='replay protection counter')
+    option_parser.add_argument('--tar', required=True, type=is_hexstr, help='Toolkit Application Reference')
+    option_parser.add_argument("--cntr_req", choices=CNTR_REQ.decmapping.values(), default='no_counter',
+                               help="Counter requirement")
+    option_parser.add_argument('--no-ciphering', action='store_true', default=False, help='Disable ciphering')
+    option_parser.add_argument("--rc-cc-ds", choices=RC_CC_DS.decmapping.values(), default='cc',
+                               help="message check (rc=redundency check, cc=crypt. checksum, ds=digital signature)")
+    option_parser.add_argument('--por-in-submit', action='store_true', default=False,
+                               help='require PoR to be sent via SMS-SUBMIT')
+    option_parser.add_argument('--por-no-ciphering', action='store_true', default=False, help='Disable ciphering (PoR)')
+    option_parser.add_argument("--por-rc-cc-ds", choices=RC_CC_DS.decmapping.values(), default='cc',
+                               help="PoR check (rc=redundency check, cc=crypt. checksum, ds=digital signature)")
+    option_parser.add_argument("--por_req", choices=POR_REQ.decmapping.values(), default='por_required',
+                               help="Proof of Receipt requirements")
+    option_parser.add_argument('--src-addr', default='12', type=str, help='SMS source address (MSISDN)')
+    option_parser.add_argument('--dest-addr', default='23', type=str, help='SMS destination address (MSISDN)')
+    option_parser.add_argument('--timeout', default=10, type=int, help='Maximum response waiting time')
+    option_parser.add_argument('-a', '--apdu', action='append', required=True, type=is_hexstr, help='C-APDU to send')
    opts = option_parser.parse_args()

    logging.basicConfig(level=logging.DEBUG if opts.verbose else logging.INFO,
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -48,7 +48,6 @@ pySim consists of several parts:
   sim-rest
   suci-keytool
   saip-tool
-   smpp-ota-tool


 Indices and tables
--- a/docs/smpp-ota-tool.rst
+++ b/docs/smpp-ota-tool.rst
@@ -1,179 +0,0 @@
-smpp-ota-tool
-=============
-
-The `smpp-ota-tool` allows users to send OTA SMS messages containing APDU scripts (RFM, RAM) via an SMPP server. The
-intended audience are developers who want to test/evaluate the OTA SMS interface of a SIM/UICC/eUICC. `smpp-ota-tool`
-is intended to be used as a companion tool for :ref:`pySim-smpp2sim`, however it should be usable on any other SMPP
-server (such as a production SMSC of a live cellular network) as well.
-
-From the technical perspective `smpp-ota-tool` takes the role of an SMPP ESME. It takes care of the encoding, encryption
-and checksumming (signing) of the RFM/RAM OTA SMS and eventually submits it to the SMPP server. The program then waits
-for a response. The response is automatically parsed and printed on stdout. This makes the program also suitable to be
-called from shell scripts.
-
-.. note:: In the following we will we will refer to `SIM` as one of the following: `SIM`, `USIM`, `ISIM`, `UICC`,
-	  `eUICC`, `eSIM`.
-
-Applying OTA keys
-~~~~~~~~~~~~~~~~~
-
-Depending on the `SIM` type you will receive one or more sets of keys which you can use to communicate with the `SIM`
-through a secure channel protocol. When using the OTA SMS method, the SCP80 protocol is used and it therefore crucial
-to use a keyset that is actually suitable for SCP80.
-
-A keyset usually consists of three keys:
-
-#. KIC: the key used for ciphering (encryption/decryption)
-#. KID: the key used to compute a cryptographic checksum (signing)
-#. KIK: the key used to encrypt/decrypt key material (key rotation, adding of new keys)
-
-From the transport security perspective, only KIC and KID are relevant. The KIK (also referenced as "Data Encryption
-Key", DEK) is only used when keys are rotated or new keys are added (see also ETSI TS 102 226, section 8.2.1.5).
-
-When the keyset is programmed into the security domain of the `SIM`, it is tied to a specific cryptographic algorithm
-(3DES, AES128 or AES256) and a so called Key Version Number (KVN). The term "Key Version Number" is misleading, since
-it is actually not a version number. It is a unique identifier of a certain keyset which also identifies for which
-secure channel protocol the keyset may be used. Keysets with a KVN from 1-15 (``0x01``-``0x0F``) are suitable for SCP80.
-This means that it is not only important to know just the KIC/KID/KIK keys. Also the related algorithms and the KVN
-numbers must be known.
-
-.. note:: SCP80 keysets typically start counting from 1 upwards. Typical configurations use a set of 3 keysets with
-	  KVN numbers 1-3.
-
-Addressing an Application
-~~~~~~~~~~~~~~~~~~~~~~~~~
-
-When communicating with a specific application on a `SIM` via SCP80, it is important to address that application with
-the correct parameters. The following two parameters must be known in advance:
-
-#. TAR: The Toolkit Application Reference (TAR) number is a three byte value that uniquely addresses an application
-   on the `SIM`. The exact values may vary (see also ETSI TS 101 220, Table D.1).
-#. MSL: The Minimum Security Level (MSL) is a bit-field that dictates which of the security measures encoded in the
-   SPI are mandatory (see also ETSI TS 102 225, section 5.1.1).
-
-A practical example
-~~~~~~~~~~~~~~~~~~~
-
-.. note:: This tutorial assumes that pySim-smpp2sim is running on the local machine with its default parameters.
-	  See also :ref:`pySim-smpp2sim`.
-
-Let's assume that an OTA SMS shall be sent to the SIM RFM application of an sysmoISIM-SJA2. What we want to do is to
-select DF.GSM and to get the select response back.
-
-We have received the following key material from the `SIM` vendor:
-
-::
-
-   KIC1: F09C43EE1A0391665CC9F05AF4E0BD10
-   KID1: 01981F4A20999F62AF99988007BAF6CA
-   KIK1: 8F8AEE5CDCC5D361368BC45673D99195
-   KIC2: 01022916E945B656FDE03F806A105FA2
-   KID2: D326CB69F160333CC5BD1495D448EFD6
-   KIK2: 08037E0590DFE049D4975FFB8652F625
-   KIC3: 2B22824D0D27A3A1CEEC512B312082B4
-   KID3: F1697766925A11F4458295590137B672
-   KIK3: C7EE69B2C5A1C8E160DD36A38EB517B3
-
-Those are three keysets. The enumeration is directly equal to the KVN used. All three keysets are 3DES keys, which
-means triple_des_cbc2 is the correct algorithm to use.
-
-.. note:: The key set configuration can be confirmed by retrieving the key configuration using
-	  `get_data key_information` from within an SCP02 session on ADF.ISD.
-
-In this example we intend to address the SIM RFM application on the `SIM`. Which according to the manual has TAR ``B00010``
-and MSL ``0x06``. When we hold ``0x06`` = ``0b00000110`` against the SPI coding chart (see also ETSI TS 102 225,
-section 5.1.1). We can deduct that Ciphering and Cryptographic Checksum are mandatory.
-
-.. note:: The MSL (see also ETSI TS 102 226, section 6.1) is assigned to an application by the `SIM` issuer. It is a
-	  custom decision and may vary with different `SIM` types/profiles. In the case of sysmoISIM-SJS1/SJA2/SJA5 the
-	  counter requirement has been waived to simplify lab/research type use. In productive environments, `SIM`
-	  applications should ideally use an MSL that makes the counter mandatory.
-
-In order to select DF.GSM (``0x7F20``) and to retrieve the select response, two APDUs are needed. The first APDU is the
-select command ``A0A40000027F20`` and the second is the related get-response command ``A0C0000016``. Those APDUs will be
-concatenated and are sent in a single message. The message containing the concatenated APDUs works as a script that
-is received by the SIM RFM application and then executed. This method poses some limitations that have to be taken into
-account when making requests like this (see also ETSI TS 102 226, section 5).
-
-With this information we may now construct a commandline for `smpp-ota-tool.py`. We will pass the KVN as kid_idx and
-kic_idx (see also ETSI TS 102 225, Table 2, fields `KIc` and `KID`). Both index values should refer to the same
-keyset/KVN as keysets should not be mixed. (`smpp-ota-tool` still provides separate parameters anyway to allow testing
-with invalid keyset combinations)
-
-::
-
-   $ PYTHONPATH=./ ./contrib/smpp-ota-tool.py --kic F09C43EE1A0391665CC9F05AF4E0BD10 --kid 01981F4A20999F62AF99988107BAF6CA --kid_idx 1 --kic_idx 1 --algo-crypt triple_des_cbc2 --algo-auth triple_des_cbc2 --tar B00010 --apdu A0A40000027F20 --apdu A0C0000016
-   2026-02-26 17:13:56 INFO Connecting to localhost:2775...
-   2026-02-26 17:13:56 INFO C-APDU sending: a0a40000027f20a0c0000016...
-   2026-02-26 17:13:56 INFO SMS-TPDU sending: 02700000281506191515b00010da1d6cbbd0d11ce4330d844c7408340943e843f67a6d7b0674730881605fd62d...
-   2026-02-26 17:13:56 INFO SMS-TPDU sent, waiting for response...
-   2026-02-26 17:13:56 INFO SMS-TPDU received: 027100002c12b000107ddf58d1780f771638b3975759f4296cf5c31efc87a16a1b61921426baa16da1b5ba1a9951d59a39
-   2026-02-26 17:13:56 INFO SMS-TPDU decoded: (Container(rpl=44, rhl=18, tar=b'\xb0\x00\x10', cntr=b'\x00\x00\x00\x00\x00', pcntr=0, response_status=uEnumIntegerString.new(0, 'por_ok'), cc_rc=b'\x8f\xea\xf5.\xf4\x0e\xc2\x14', secured_data=b'\x02\x90\x00\x00\x00\xff\xff\x7f \x02\x00\x00\x00\x00\x00\t\xb1\x065\x04\x00\x83\x8a\x83\x8a'), Container(number_of_commands=2, last_status_word=u'9000', last_response_data=u'0000ffff7f2002000000000009b106350400838a838a'))
-   2026-02-26 17:13:56 INFO R-APDU received: 0000ffff7f2002000000000009b106350400838a838a 9000
-   0000ffff7f2002000000000009b106350400838a838a 9000
-   2026-02-26 17:13:56 INFO Disconnecting...
-
-The result we see is the select response of DF.GSM and a status word indicating that the last command has been
-processed normally.
-
-As we can see, this mechanism now allows us to perform small administrative tasks remotely. We can read the contents of
-files remotely or make changes to files. Depending on the changes we make, there may be security issues arising from
-replay attacks. With the commandline above, the communication is encrypted and protected by a cryptographic checksum,
-so an adversary can neither read, nor alter the message. However, an adversary could still replay an intercepted
-message and the `SIM` would happily execute the contained APDUs again.
-
-To prevent this, we may include a replay protection counter within the message. In this case, the MSL indicates that a
-replay protection counter is not required. However, to extended the security of our messages, we may chose to use a
-counter anyway. In the following example, we will encode a counter value of 100. We will instruct the `SIM` to make sure
-that the value we send is higher than the counter value that is currently stored in the `SIM`.
-
-To add a replay connection counter we add the commandline arguments `--cntr-req` to set the counter requirement and
-`--cntr` to pass the counter value.
-
-::
-
-   $ PYTHONPATH=./ ./contrib/smpp-ota-tool.py --kic F09C43EE1A0391665CC9F05AF4E0BD10 --kid 01981F4A20999F62AF99988107BAF6CA --kid_idx 1 --kic_idx 1 --algo-crypt triple_des_cbc2 --algo-auth triple_des_cbc2 --tar B00010 --apdu A0A40000027F20 --apdu A0C0000016 --cntr-req counter_must_be_higher --cntr 100
-   2026-02-26 17:16:39 INFO Connecting to localhost:2775...
-   2026-02-26 17:16:39 INFO C-APDU sending: a0a40000027f20a0c0000016...
-   2026-02-26 17:16:39 INFO SMS-TPDU sending: 02700000281516191515b000103a4f599e94f2b5dcfbbda984761b7977df6514c57a580fb4844787c436d2eade...
-   2026-02-26 17:16:39 INFO SMS-TPDU sent, waiting for response...
-   2026-02-26 17:16:39 INFO SMS-TPDU received: 027100002c12b0001049fb0315f6c6401b553867f412cefaf9355b38271178edb342a3bc9cc7e670cdc1f45eea6ffcbb39
-   2026-02-26 17:16:39 INFO SMS-TPDU decoded: (Container(rpl=44, rhl=18, tar=b'\xb0\x00\x10', cntr=b'\x00\x00\x00\x00d', pcntr=0, response_status=uEnumIntegerString.new(0, 'por_ok'), cc_rc=b'\xa9/\xc7\xc9\x00"\xab5', secured_data=b'\x02\x90\x00\x00\x00\xff\xff\x7f \x02\x00\x00\x00\x00\x00\t\xb1\x065\x04\x00\x83\x8a\x83\x8a'), Container(number_of_commands=2, last_status_word=u'9000', last_response_data=u'0000ffff7f2002000000000009b106350400838a838a'))
-   2026-02-26 17:16:39 INFO R-APDU received: 0000ffff7f2002000000000009b106350400838a838a 9000
-   0000ffff7f2002000000000009b106350400838a838a 9000
-   2026-02-26 17:16:39 INFO Disconnecting...
-
-The `SIM` has accepted the message. The message got processed and the `SIM` has set its internal to 100. As an experiment,
-we may try to re-use the counter value:
-
-::
-
-   $ PYTHONPATH=./ ./contrib/smpp-ota-tool.py --kic F09C43EE1A0391665CC9F05AF4E0BD10 --kid 01981F4A20999F62AF99988107BAF6CA --kid_idx 1 --kic_idx 1 --algo-crypt triple_des_cbc2 --algo-auth triple_des_cbc2 --tar B00010 --apdu A0A40000027F20 --apdu A0C0000016 --cntr-req counter_must_be_higher --cntr 100
-   2026-02-26 17:16:43 INFO Connecting to localhost:2775...
-   2026-02-26 17:16:43 INFO C-APDU sending: a0a40000027f20a0c0000016...
-   2026-02-26 17:16:43 INFO SMS-TPDU sending: 02700000281516191515b000103a4f599e94f2b5dcfbbda984761b7977df6514c57a580fb4844787c436d2eade...
-   2026-02-26 17:16:43 INFO SMS-TPDU sent, waiting for response...
-   2026-02-26 17:16:43 INFO SMS-TPDU received: 027100000b0ab0001000000000000006
-   2026-02-26 17:16:43 INFO SMS-TPDU decoded: (Container(rpl=11, rhl=10, tar=b'\xb0\x00\x10', cntr=b'\x00\x00\x00\x00\x00', pcntr=0, response_status=uEnumIntegerString.new(6, 'undefined_security_error'), cc_rc=b'', secured_data=b''), None)
-   Traceback (most recent call last):
-   File "/home/user/work/git_master/pysim/./contrib/smpp-ota-tool.py", line 238, in <module>
-    resp, sw = smpp_handler.transceive_apdu(apdu, opts.src_addr, opts.dest_addr, opts.timeout)
-               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-   File "/home/user/work/git_master/pysim/./contrib/smpp-ota-tool.py", line 162, in transceive_apdu
-     raise ValueError("Response does not contain any last_response_data, no R-APDU received!")
-   ValueError: Response does not contain any last_response_data, no R-APDU received!
-   2026-02-26 17:16:43 INFO Disconnecting...
-
-As we can see, the `SIM` has rejected the message with an `undefined_security_error`. The replay-protection-counter
-ensures that a message can only be sent once.
-
-.. note:: The replay-protection-counter is implemented as a 5 byte integer value (see also ETSI TS 102 225, Table 3).
-	  When the counter has reached its maximum, it will not overflow nor can it be reset.
-
-smpp-ota-tool syntax
-~~~~~~~~~~~~~~~~~~~~
-
-.. argparse::
-   :module: contrib.smpp-ota-tool
-   :func: option_parser
-   :prog: contrib/smpp-ota-tool.py
--- a/docs/smpp2sim.rst
+++ b/docs/smpp2sim.rst
@@ -55,5 +55,3 @@ And once your external program is sending SMS to the simulated SMSC, it will log
  SMSPPDownload(DeviceIdentities({'source_dev_id': 'network', 'dest_dev_id': 'uicc'}),Address({'ton_npi': 0, 'call_number': '0123456'}),SMS_TPDU({'tpdu': '400290217ff6227052000000002d02700000281516191212b0000127fa28a5bac69d3c5e9df2c7155dfdde449c826b236215566530787b30e8be5d'}))
  INFO     root: ENVELOPE: d147820283818604001032548b3b400290217ff6227052000000002d02700000281516191212b0000127fa28a5bac69d3c5e9df2c7155dfdde449c826b236215566530787b30e8be5d
  INFO     root: SW 9000: 027100002412b000019a551bb7c28183652de0ace6170d0e563c5e949a3ba56747fe4c1dbbef16642c
-
-.. note:: for sending OTA SMS messages :ref:`smpp-ota-tool` may be used.
--- a/pySim/cdma_ruim.py
+++ b/pySim/cdma_ruim.py
@@ -128,7 +128,7 @@ class EF_AD(TransparentEF):
        cell_test = 0x04

    def __init__(self, fid='6f43', sfid=None, name='EF.AD',
-                 desc='Administrative Data', size=(3, None), **kwargs):
+                 desc='Service Provider Name', size=(3, None), **kwargs):
        super().__init__(fid, sfid=sfid, name=name, desc=desc, size=size, **kwargs)
        self._construct = Struct(
            # Byte 1: Display Condition
--- a/pySim/esim/saip/init.py
+++ b/pySim/esim/saip/init.py
@@ -151,8 +151,6 @@ class File:
        self.df_name = None
        self.fill_pattern = None
        self.fill_pattern_repeat = False
-        self.pstdo = None # pinStatusTemplateDO, mandatory for DF/ADF
-        self.lcsi = None # optional life cycle status indicator
        # apply some defaults from profile
        if self.template:
            self.from_template(self.template)
@@ -280,8 +278,6 @@ class File:
        elif self.file_type in ['MF', 'DF', 'ADF']:
            fdb_dec['file_type'] = 'df'
            fdb_dec['structure'] = 'no_info_given'
-            # pinStatusTemplateDO is mandatory for DF/ADF
-            fileDescriptor['pinStatusTemplateDO'] = self.pstdo
        # build file descriptor based on above input data
        fd_dict = {}
        if len(fdb_dec):
@@ -308,8 +304,6 @@ class File:
            # desired fill or repeat pattern in the "proprietaryEFInfo" element for the EF in Profiles
            # downloaded to a V2.2 or earlier eUICC.
            fileDescriptor['proprietaryEFInfo'] = pefi
-        if self.lcsi:
-            fileDescriptor['lcsi'] = self.lcsi
        logger.debug("%s: to_fileDescriptor(%s)" % (self, fileDescriptor))
        return fileDescriptor

@@ -329,8 +323,6 @@ class File:
        if efFileSize:
            self._file_size = self._decode_file_size(efFileSize)

-        self.pstdo = fileDescriptor.get('pinStatusTemplateDO', None)
-        self.lcsi = fileDescriptor.get('lcsi', None)
        pefi = fileDescriptor.get('proprietaryEFInfo', {})
        securityAttributesReferenced = fileDescriptor.get('securityAttributesReferenced', None)
        if securityAttributesReferenced:
--- a/pySim/esim/saip/batch.py
+++ b/pySim/esim/saip/batch.py
@@ -57,18 +57,15 @@ class BatchPersonalization:
    """

    class ParamAndSrc:
-        """tie a ConfigurableParameter to a source of actual values"""
+        'tie a ConfigurableParameter to a source of actual values'
        def __init__(self, param: ConfigurableParameter, src: param_source.ParamSource):
-            if isinstance(param, type):
-                self.param_cls = param
-            else:
-                self.param_cls = param.__class__
+            self.param = param
            self.src = src

    def __init__(self,
                 n: int,
                 src_pes: ProfileElementSequence,
-                 params: list[ParamAndSrc]=[],
+                 params: list[ParamAndSrc]=None,
                 csv_rows: Generator=None,
                ):
        """
@@ -77,10 +74,10 @@ class BatchPersonalization:
                 copied.
        params: list of ParamAndSrc instances, defining a ConfigurableParameter and corresponding ParamSource to fill in
                profile values.
-        csv_rows: A generator (e.g. iter(list_of_rows)) producing all CSV rows one at a time, starting with a row
-                  containing the column headers. This is compatible with the python csv.reader. Each row gets passed to
-                  ParamSource.get_next(), such that ParamSource implementations can access the row items. See
-                  param_source.CsvSource.
+        csv_rows: A list or generator producing all CSV rows one at a time, starting with a row containing the column
+                  headers. This is compatible with the python csv.reader. Each row gets passed to
+                  ParamSource.get_next(), such that ParamSource implementations can access the row items.
+                  See param_source.CsvSource.
        """
        self.n = n
        self.params = params or []
@@ -88,7 +85,7 @@ class BatchPersonalization:
        self.csv_rows = csv_rows

    def add_param_and_src(self, param:ConfigurableParameter, src:param_source.ParamSource):
-        self.params.append(BatchPersonalization.ParamAndSrc(param, src))
+        self.params.append(BatchPersonalization.ParamAndSrc(param=param, src=src))

    def generate_profiles(self):
        # get first row of CSV: column names
@@ -115,10 +112,10 @@ class BatchPersonalization:
                try:
                    input_value = p.src.get_next(csv_row=csv_row)
                    assert input_value is not None
-                    value = p.param_cls.validate_val(input_value)
-                    p.param_cls.apply_val(pes, value)
+                    value = p.param.__class__.validate_val(input_value)
+                    p.param.__class__.apply_val(pes, value)
                except Exception as e:
-                    raise ValueError(f'{p.param_cls.get_name()} fed by {p.src.name}: {e}') from e
+                    raise ValueError(f'{p.param.name} fed by {p.src.name}: {e}') from e

            yield pes

@@ -132,7 +129,7 @@ class UppAudit(dict):

    @classmethod
    def from_der(cls, der: bytes, params: List, der_size=False, additional_sd_keys=False):
-        """return a dict of parameter name and set of selected parameter values found in a DER encoded profile. Note:
+        '''return a dict of parameter name and set of selected parameter values found in a DER encoded profile. Note:
        some ConfigurableParameter implementations return more than one key-value pair, for example, Imsi returns
        both 'IMSI' and 'IMSI-ACC' parameters.

@@ -154,7 +151,7 @@ class UppAudit(dict):
        Scp80Kvn03. So we would not show kvn 0x04..0x0f in an audit. additional_sd_keys=True includes audits of all SD
        key KVN there may be in the UPP. This helps to spot SD keys that may already be present in a UPP template, with
        unexpected / unusual kvn.
-        """
+        '''

        # make an instance of this class
        upp_audit = cls()
@@ -320,7 +317,7 @@ class BatchAudit(list):
        return batch_audit

    def to_csv_rows(self, headers=True, sort_key=None):
-        """generator that yields all audits' values as rows, useful feed to a csv.writer."""
+        '''generator that yields all audits' values as rows, useful feed to a csv.writer.'''
        columns = set()
        for audit in self:
            columns.update(audit.keys())
--- a/pySim/esim/saip/param_source.py
+++ b/pySim/esim/saip/param_source.py
@@ -37,10 +37,13 @@ class ParamSource:
    name = "none"
    numeric_base = None # or 10 or 16

-    def __init__(self, input_str:str):
-        """Subclasses should call super().__init__(input_str) before evaluating self.input_str. Each subclass __init__()
-        may in turn manipulate self.input_str to apply expansions or decodings."""
-        self.input_str = input_str
+    @classmethod
+    def from_str(cls, s:str):
+        """Subclasses implement this:
+           if a parameter source defines some string input magic, override this function.
+           For example, a RandomDigitSource derives the number of digits from the string length,
+           so the user can enter '0000' to get a four digit random number."""
+        return cls(s)

    def get_next(self, csv_row:dict=None):
        """Subclasses implement this: return the next value from the parameter source.
@@ -48,81 +51,78 @@ class ParamSource:
           This default implementation is an empty source."""
        raise ParamSourceExhaustedExn()

-    @classmethod
-    def from_str(cls, input_str:str):
-        """compatibility with earlier version of ParamSource. Just use the constructor."""
-        return cls(input_str)

 class ConstantSource(ParamSource):
    """one value for all"""
    name = "constant"

+    def __init__(self, val:str):
+        self.val = val
+
    def get_next(self, csv_row:dict=None):
-        return self.input_str
+        return self.val

 class InputExpandingParamSource(ParamSource):

-    def __init__(self, input_str:str):
-        super().__init__(input_str)
-        self.input_str = self.expand_input_str(self.input_str)
-
    @classmethod
-    def expand_input_str(cls, input_str:str):
+    def expand_str(cls, s:str):
        # user convenience syntax '0*32' becomes '00000000000000000000000000000000'
-        if "*" not in input_str:
-            return input_str
-        # re:                "XX            *        123" with optional spaces
-        tokens = re.split(r"([^ \t]+)[ \t]*\*[ \t]*([0-9]+)", input_str)
+        if "*" not in s:
+            return s
+        tokens = re.split(r"([^ \t]+)[ \t]*\*[ \t]*([0-9]+)", s)
        if len(tokens) < 3:
-            return input_str
+            return s
        parts = []
        for unchanged, snippet, repeat_str in zip(tokens[0::3], tokens[1::3], tokens[2::3]):
            parts.append(unchanged)
            repeat = int(repeat_str)
            parts.append(snippet * repeat)
-
        return "".join(parts)

+    @classmethod
+    def from_str(cls, s:str):
+        return cls(cls.expand_str(s))
+
 class DecimalRangeSource(InputExpandingParamSource):
    """abstract: decimal numbers with a value range"""

    numeric_base = 10

-    def __init__(self, input_str:str=None, num_digits:int=None, first_value:int=None, last_value:int=None):
-        """Constructor to set up values from a (user entered) string: DecimalRangeSource(input_str).
-        Constructor to set up values directly: DecimalRangeSource(num_digits=3, first_value=123, last_value=456)
-
-        num_digits produces leading zeros when first_value..last_value are shorter.
+    def __init__(self, num_digits, first_value, last_value):
        """
-        assert ((input_str is not None and (num_digits, first_value, last_value) == (None, None, None))
-                or (input_str is None and None not in (num_digits, first_value, last_value)))
-
-        if input_str is not None:
-            super().__init__(input_str)
-
-            input_str = self.input_str
-
-            if ".." in input_str:
-                first_str, last_str = input_str.split('..')
-                first_str = first_str.strip()
-                last_str = last_str.strip()
-            else:
-                first_str = input_str.strip()
-                last_str = None
-
-            num_digits = len(first_str)
-            first_value = int(first_str)
-            last_value = int(last_str if last_str is not None else "9" * num_digits)
+        See also from_str().

+        All arguments are integer values, and are converted to int if necessary, so a string of an integer is fine.
+        num_digits: fixed number of digits (possibly with leading zeros) to generate.
+        first_value, last_value: the decimal range in which to provide digits.
+        """
+        num_digits = int(num_digits)
+        first_value = int(first_value)
+        last_value = int(last_value)
        assert num_digits > 0
        assert first_value <= last_value
        self.num_digits = num_digits
-        self.first_value = first_value
-        self.last_value = last_value
+        self.val_first_last = (first_value, last_value)

    def val_to_digit(self, val:int):
        return "%0*d" % (self.num_digits, val)  # pylint: disable=consider-using-f-string

+    @classmethod
+    def from_str(cls, s:str):
+        s = cls.expand_str(s)
+
+        if ".." in s:
+            first_str, last_str = s.split('..')
+            first_str = first_str.strip()
+            last_str = last_str.strip()
+        else:
+            first_str = s.strip()
+            last_str = None
+
+        first_value = int(first_str)
+        last_value = int(last_str) if last_str is not None else "9" * len(first_str)
+        return cls(num_digits=len(first_str), first_value=first_value, last_value=last_value)
+
 class RandomSourceMixin:
    random_impl = secrets.SystemRandom()

@@ -135,7 +135,7 @@ class RandomDigitSource(DecimalRangeSource, RandomSourceMixin):
        # try to generate random digits that are always different from previously produced random bytes
        attempts = 10
        while True:
-            val = self.random_impl.randint(self.first_value, self.last_value)
+            val = self.random_impl.randint(*self.val_first_last)
            if val in RandomDigitSource.used_keys:
                attempts -= 1
                if attempts:
@@ -150,11 +150,9 @@ class RandomHexDigitSource(InputExpandingParamSource, RandomSourceMixin):
    numeric_base = 16
    used_keys = set()

-    def __init__(self, input_str:str):
-        super().__init__(input_str)
-        input_str = self.input_str
-
-        num_digits = len(input_str.strip())
+    def __init__(self, num_digits):
+        """see from_str()"""
+        num_digits = int(num_digits)
        if num_digits < 1:
            raise ValueError("zero number of digits")
        # hex digits always come in two
@@ -176,20 +174,23 @@ class RandomHexDigitSource(InputExpandingParamSource, RandomSourceMixin):

        return b2h(val)

+    @classmethod
+    def from_str(cls, s:str):
+        s = cls.expand_str(s)
+        return cls(num_digits=len(s.strip()))
+
 class IncDigitSource(DecimalRangeSource):
    """incrementing sequence of digits"""
    name = "incrementing decimal digits"

-    def __init__(self, input_str:str=None, num_digits:int=None, first_value:int=None, last_value:int=None):
-        """input_str: the first value to return, a string of an integer number with optional leading zero digits. The
-        leading zero digits are preserved."""
-        super().__init__(input_str, num_digits, first_value, last_value)
+    def __init__(self, num_digits, first_value, last_value):
+        super().__init__(num_digits, first_value, last_value)
        self.next_val = None
        self.reset()

    def reset(self):
        """Restart from the first value of the defined range passed to __init__()."""
-        self.next_val = self.first_value
+        self.next_val = self.val_first_last[0]

    def get_next(self, csv_row:dict=None):
        val = self.next_val
@@ -199,7 +200,7 @@ class IncDigitSource(DecimalRangeSource):
        returnval = self.val_to_digit(val)

        val += 1
-        if val > self.last_value:
+        if val > self.val_first_last[1]:
            self.next_val = None
        else:
            self.next_val = val
@@ -210,15 +211,13 @@ class CsvSource(ParamSource):
    """apply a column from a CSV row, as passed in to ParamSource.get_next(csv_row)"""
    name = "from CSV"

-    def __init__(self, input_str:str):
-        """self.csv_column = input_str:
-        column name indicating the column to use for this parameter.
-        This name is used in get_next(): the caller passes the current CSV row to get_next(), from which
-        CsvSource picks the column with the name matching csv_column.
+    def __init__(self, csv_column):
        """
-        """Parse input_str into self.num_digits, self.first_value, self.last_value."""
-        super().__init__(input_str)
-        self.csv_column = self.input_str
+        csv_column: column name indicating the column to use for this parameter.
+                    This name is used in get_next(): the caller passes the current CSV row to get_next(), from which
+                    CsvSource picks the column with the name matching csv_column.
+        """
+        self.csv_column = csv_column

    def get_next(self, csv_row:dict=None):
        val = None
--- a/pySim/esim/saip/personalization.py
+++ b/pySim/esim/saip/personalization.py
@@ -22,11 +22,9 @@ import re
 import pprint
 from typing import List, Tuple, Generator, Optional

-from construct.core import StreamError
 from osmocom.tlv import camel_to_snake
 from osmocom.utils import hexstr
 from pySim.utils import enc_iccid, dec_iccid, enc_imsi, dec_imsi, h2b, b2h, rpad, sanitize_iccid
-from pySim.ts_31_102 import EF_AD
 from pySim.ts_51_011 import EF_SMSP
 from pySim.esim.saip import param_source
 from pySim.esim.saip import ProfileElement, ProfileElementSD, ProfileElementSequence
@@ -330,7 +328,6 @@ class DecimalHexParam(DecimalParam):
    @classmethod
    def validate_val(cls, val):
        val = super().validate_val(val)
-        assert isinstance(val, str)
        val = ''.join('%02x' % ord(x) for x in val)
        if cls.rpad is not None:
            c = cls.rpad_char
@@ -340,7 +337,7 @@ class DecimalHexParam(DecimalParam):

    @classmethod
    def decimal_hex_to_str(cls, val):
-        """useful for get_values_from_pes() implementations of subclasses"""
+        'useful for get_values_from_pes() implementations of subclasses'
        if isinstance(val, bytes):
            val = b2h(val)
        assert isinstance(val, hexstr)
@@ -620,7 +617,7 @@ class SmspTpScAddr(ConfigurableParameter):
            # ensure the parameter_indicators.tp_sc_addr is True
            ef_smsp_dec['parameter_indicators']['tp_sc_addr'] = True
            # re-encode into the File body
-            f_smsp.body = ef_smsp.encode_record_bin(ef_smsp_dec, 1, 52)
+            f_smsp.body = ef_smsp.encode_record_bin(ef_smsp_dec, 1)
            #print("SMSP  (new): %s" % f_smsp.body)
            # re-generate the pe.decoded member from the File instance
            pe.file2pe(f_smsp)
@@ -649,71 +646,6 @@ class SmspTpScAddr(ConfigurableParameter):
            yield { cls.name: cls.tuple_to_str((international, digits)) }


-class MncLen(ConfigurableParameter):
-    """MNC length. Must be either 2 or 3. Sets only the MNC length field in EF-AD (Administrative Data)."""
-    name = 'MNC-LEN'
-    allow_chars = '23'
-    strip_chars = ' \t\r\n'
-    numeric_base = 10
-    max_len = 1
-    min_len = 1
-    example_input = '2'
-    default_source = param_source.ConstantSource
-
-    @classmethod
-    def validate_val(cls, val):
-        val = super().validate_val(val)
-        val = int(val)
-        if val not in (2, 3):
-            raise ValueError(f"MNC-LEN must be either 2 or 3, not {val!r}")
-        return val
-
-    @classmethod
-    def apply_val(cls, pes: ProfileElementSequence, val):
-        """val must be an int: either 2 or 3"""
-        for pe in pes.get_pes_for_type('usim'):
-            if not hasattr(pe, 'files'):
-                continue
-            # decode existing values
-            f_ad = pe.files['ef-ad']
-            if not f_ad.body:
-                continue
-            try:
-                ef_ad = EF_AD()
-                ef_ad_dec = ef_ad.decode_bin(f_ad.body)
-            except StreamError:
-                continue
-            if 'mnc_len' not in ef_ad_dec:
-                continue
-            # change mnc_len
-            ef_ad_dec['mnc_len'] = val
-            # re-encode into the File body
-            f_ad.body = ef_ad.encode_bin(ef_ad_dec)
-            pe.file2pe(f_ad)
-
-    @classmethod
-    def get_values_from_pes(cls, pes: ProfileElementSequence):
-        for naa in ('isim',):# 'isim', 'csim'):
-            for pe in pes.get_pes_for_type(naa):
-                if not hasattr(pe, 'files'):
-                    continue
-                f_ad = pe.files.get('ef-ad', None)
-                if f_ad is None:
-                    continue
-
-                try:
-                    ef_ad = EF_AD()
-                    ef_ad_dec = ef_ad.decode_bin(f_ad.body)
-                except StreamError:
-                    continue
-
-                mnc_len = ef_ad_dec.get('mnc_len', None)
-                if mnc_len is None:
-                    continue
-
-                yield { cls.name: str(mnc_len) }
-
-
 class SdKey(BinaryParam):
    """Configurable Security Domain (SD) Key.  Value is presented as bytes.
       Non-abstract implementations are generated in SdKey.generate_sd_key_classes"""
--- a/pySim/global_platform/scp.py
+++ b/pySim/global_platform/scp.py
@@ -266,13 +266,11 @@ class SCP02(SCP):
        super().__init__(*args, **kwargs)

    def dek_encrypt(self, plaintext:bytes) -> bytes:
-        # See also GPC section B.1.1.2, E.4.7, and E.4.1
-        cipher = DES3.new(self.sk.data_enc, DES.MODE_ECB)
+        cipher = DES.new(self.card_keys.dek[:8], DES.MODE_ECB)
        return cipher.encrypt(plaintext)

    def dek_decrypt(self, ciphertext:bytes) -> bytes:
-        # See also GPC section B.1.1.2, E.4.7, and E.4.1
-        cipher = DES3.new(self.sk.data_enc, DES.MODE_ECB)
+        cipher = DES.new(self.card_keys.dek[:8], DES.MODE_ECB)
        return cipher.decrypt(ciphertext)

    def _compute_cryptograms(self, card_challenge: bytes, host_challenge: bytes):
--- a/tests/card_sanitizer/card_backup_3b9f96801f878031e073fe211b674a357530350265f8_8949440000001155314.script
+++ b/tests/card_sanitizer/card_backup_3b9f96801f878031e073fe211b674a357530350265f8_8949440000001155314.script
@@ -2200,9 +2200,9 @@ update_record 6 fe0112ffb53e96e5ff99731d51ad7beafd0e23ffffffffffffffffffffffffff
 update_record 7 fe02101da012f436d06824ecdd15050419ff9affffffffffffffffffffffffffffffff
 update_record 8 fe02116929a373388ac904aff57ff57f6b3431ffffffffffffffffffffffffffffffff
 update_record 9 fe0212a99245a5dc814e2f4c1aa908e9946e03ffffffffffffffffffffffffffffffff
-update_record 10 fe03601111111111111111111111111111111111111111111111111111111111111111
-update_record 11 fe03612222222222222222222222222222222222222222222222222222222222222222
-update_record 12 fe03623333333333333333333333333333333333333333333333333333333333333333
+update_record 10 fe0310521312c05a9aea93d70d44405172a580ffffffffffffffffffffffffffffffff
+update_record 11 fe0311a9e45c72d45abde7db74261ee0c11b1bffffffffffffffffffffffffffffffff
+update_record 12 fe0312867ba36b5873d60ea8b2cdcf3c0ddddaffffffffffffffffffffffffffffffff
 #
 ################################################################################
 # MF/DF.SYSTEM/EF.SIM_AUTH_COUNTER                                             #
--- a/tests/pySim-smpp2sim_test/pySim-smpp2sim_test.cfg
+++ b/tests/pySim-smpp2sim_test/pySim-smpp2sim_test.cfg
@@ -0,0 +1,9 @@
+# Card parameter:
+ICCID="8949440000001155314"
+KIC='51D4FC44BCBA7C4589DFADA3297720AF'
+KID='0449699C472CE71E2FB7B56245EF7684'
+
+# Testcase: Send OTA-SMS that selects DF.GSM and returns the select response
+TAR='B00010'
+APDU='A0A40000027F20A0C0000016'
+EXPECTED_RESPONSE='0000ffff7f2002000000000009b106350400838a838a 9000'
--- a/tests/pySim-smpp2sim_test/pySim-smpp2sim_test.sh
+++ b/tests/pySim-smpp2sim_test/pySim-smpp2sim_test.sh
@@ -20,14 +20,13 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.

-PYSIM_SHELL=./pySim-shell.py
-PYSIM_SHELL_LOG=./pySim-shell.log
 PYSIM_SMPP2SIM=./pySim-smpp2sim.py
 PYSIM_SMPP2SIM_LOG=./pySim-smpp2sim.log
 PYSIM_SMPP2SIM_PORT=2775
 PYSIM_SMPP2SIM_TIMEOUT=10
 PYSIM_SMPPOTATOOL=./contrib/smpp-ota-tool.py
 PYSIM_SMPPOTATOOL_LOG=./smpp-ota-tool.log
+PYSIM_SHELL=./pySim-shell.py

 function dump_logs {
    echo ""
@@ -45,11 +44,12 @@ function dump_logs {
 function send_test_request {
    echo ""
    echo "Sending request to SMPP server:"
-    C_APDU=$1
-    R_APDU_EXPECTED=$2
+    TAR=$1
+    C_APDU=$2
+    R_APDU_EXPECTED=$3

    echo "Sending: $C_APDU"
-    COMMANDLINE="$PYSIM_SMPPOTATOOL --verbose --port $PYSIM_SMPP2SIM_PORT --kic $KIC --kid $KID --kic-idx $KEY_INDEX --kid-idx $KEY_INDEX --algo-crypt $ALGO_CRYPT --algo-auth $ALGO_AUTH --tar $TAR --apdu $C_APDU"
+    COMMANDLINE="$PYSIM_SMPPOTATOOL --verbose --port $PYSIM_SMPP2SIM_PORT --kic $KIC --kid $KID --tar $TAR --apdu $C_APDU"
    echo "Commandline: $COMMANDLINE"
    R_APDU=`$COMMANDLINE 2> $PYSIM_SMPPOTATOOL_LOG`
    if [ $? -ne 0 ]; then
@@ -57,7 +57,7 @@ function send_test_request {
 	dump_logs
 	exit 1
    fi
-    echo ""
+
    echo "Got response from SMPP server:"
    echo "Sent: $C_APDU"
    echo "Received: $R_APDU"
@@ -68,14 +68,16 @@ function send_test_request {
 	exit 1
    fi
    echo "Response matches the expected response -- success!"
+    echo ""
 }

 function start_smpp_server {
    PCSC_READER=$1
+
+    # Start the SMPP server
    echo ""
    echo "Starting SMPP server:"

-    # Start the SMPP server
    COMMANDLINE="$PYSIM_SMPP2SIM -p $PCSC_READER --smpp-bind-port $PYSIM_SMPP2SIM_PORT --apdu-trace"
    echo "Commandline: $COMMANDLINE"
    $COMMANDLINE > $PYSIM_SMPP2SIM_LOG 2>&1 &
@@ -100,117 +102,55 @@ function start_smpp_server {
    echo "SMPP server reachable (port=$PYSIM_SMPP2SIM_PORT)"
 }

-function stop_smpp_server {
-    echo ""
-    echo "Stopping SMPP server:"
-    kill $PYSIM_SMPP2SIM_PID
-    echo "SMPP server stopped (PID=$PYSIM_SMPP2SIM_PID)"
-    trap EXIT
-}
-
-function find_card_by_iccid_or_eid {
+function find_card_by_iccid {
+    # Find reader number of the card
    ICCID=$1
-    EID=$2
+
    echo ""
    echo "Searching for card:"
    echo "ICCID: \"$ICCID\""
-    if [ -n "$EID" ]; then
-	echo "EID: \"$EID\""
-    fi

-    # Determine number of available PCSC readers
-    PCSC_READER_COUNT=`pcsc_scan -rn | wc -l`
-
-    # In case an EID is set, search for a card with that EID first
-    if [ -n "$EID" ]; then
-	for PCSC_READER in $(seq 0 $(($PCSC_READER_COUNT-1))); do
-	    echo "probing card (eID) in reader $PCSC_READER ..."
-	    RESULT_JSON=`$PYSIM_SHELL -p $PCSC_READER --noprompt -e "select ADF.ISD-R" -e "get_eid" 2> /dev/null | tail -3`
-	    echo $RESULT_JSON | grep $EID > /dev/null
-	    if [ $? -eq 0 ]; then
-		echo "Found card (eID) in reader $PCSC_READER"
-		return $PCSC_READER
-	    fi
-	done
-    fi
-
-    # Search for card with the given ICCID
    if [ -z "$ICCID" ]; then
 	echo "invalid ICCID, zero length ICCID is not allowed! -- abort"
 	exit 1
    fi
+
+    PCSC_READER_COUNT=`pcsc_scan -rn | wc -l`
    for PCSC_READER in $(seq 0 $(($PCSC_READER_COUNT-1))); do
-	echo "probing card (ICCID) in reader $PCSC_READER ..."
-	RESULT_JSON=`$PYSIM_SHELL -p $PCSC_READER --noprompt -e "select EF.ICCID" -e "read_binary_decoded" 2> /dev/null | tail -3`
-	echo $RESULT_JSON | grep $ICCID > /dev/null
+	echo "probing card in reader $PCSC_READER ..."
+	EF_ICCID_DECODED=`$PYSIM_SHELL -p $PCSC_READER --noprompt -e 'select EF.ICCID' -e 'read_binary_decoded --oneline' 2> /dev/null | tail -1`
+	echo $EF_ICCID_DECODED | grep $ICCID > /dev/null
 	if [ $? -eq 0 ]; then
-	    echo "Found card (by ICCID) in reader $PCSC_READER"
+	    echo "Found card in reader $PCSC_READER"
 	    return $PCSC_READER
 	fi
    done

-    echo "Card not found -- abort"
+    echo "Card with ICCID \"$ICCID\" not found -- abort"
    exit 1
 }

-function enable_profile {
-    PCSC_READER=$1
-    ICCID=$2
-    EID=$3
-    if [ -z "$EID" ]; then
-	# This is no eUICC, nothing to enable
-	return 0
-    fi
-
-    # Check if the profile is already enabled
-    RESULT_JSON=`$PYSIM_SHELL -p $PCSC_READER --noprompt -e "select EF.ICCID" -e "read_binary_decoded" 2> /dev/null | tail -3`
-    ICCID_ENABLED=`echo $RESULT_JSON | jq -r '.iccid'`
-    if [ $ICCID != $ICCID_ENABLED ]; then
-	# Disable the currentle enabled profile
-	echo ""
-	echo "Disabeling currently enabled profile:"
-	echo "ICCID: \"$ICCID\""
-	RESULT_JSON=`$PYSIM_SHELL -p $PCSC_READER --noprompt -e "select ADF.ISD-R" -e "disable_profile --iccid $ICCID_ENABLED" 2> /dev/null | tail -3`
-	echo $RESULT_JSON | grep "ok" > /dev/null
-	if [ $? -ne 0 ]; then
-	    echo "unable to disable profile with \"$ICCID_ENABLED\""
-	    exit 1
-	fi
-	echo "profile disabled"
-
-	# Enable the profile we intend to test with
-	echo ""
-	echo "Enabeling profile:"
-	echo "ICCID: \"$ICCID\""
-	RESULT_JSON=`$PYSIM_SHELL -p $PCSC_READER --noprompt -e "select ADF.ISD-R" -e "enable_profile --iccid $ICCID" 2> /dev/null | tail -3`
-	echo $RESULT_JSON | grep "ok\|profileNotInDisabledState" > /dev/null
-	if [ $? -ne 0 ]; then
-	    echo "unable to enable profile with \"$ICCID\""
-	    exit 1
-	fi
-	echo "profile enabled"
-    fi
-}
-
 export PYTHONPATH=./

 echo "pySim-smpp2sim_test - a test program to test pySim-smpp2sim.py"
 echo "=============================================================="

-TESTCASE_DIR=`dirname $0`
-for TEST_CONFIG_FILE in $TESTCASE_DIR/testcase_*.cfg ; do
-    echo ""
-    echo "running testcase: $TEST_CONFIG_FILE"
-    . $TEST_CONFIG_FILE
-    find_card_by_iccid_or_eid $ICCID $EID
-    PCSC_READER=$?
-    enable_profile $PCSC_READER $ICCID $EID
-    start_smpp_server $PCSC_READER
-    send_test_request $APDU "$EXPECTED_RESPONSE"
-    stop_smpp_server
-    echo ""
-    echo "testcase ok"
-    echo "--------------------------------------------------------------"
-done
+# TODO: At the moment we can only have one card and one testcase. This is
+# sufficient for now. We can extend this later as needed.
+
+# Read test parameters from config from file
+TEST_CONFIG_FILE=${0%.*}.cfg
+echo "using config file: $TEST_CONFIG_FILE"
+if ! [ -e "$TEST_CONFIG_FILE" ]; then
+   echo "test configuration file does not exist! -- abort"
+   exit 1
+fi
+. $TEST_CONFIG_FILE
+
+# Execute testcase
+find_card_by_iccid $ICCID
+start_smpp_server $?
+send_test_request $TAR $APDU "$EXPECTED_RESPONSE"
+
+

-echo "done."
--- a/tests/pySim-smpp2sim_test/testcase_3des_cbc2_rfm.cfg
+++ b/tests/pySim-smpp2sim_test/testcase_3des_cbc2_rfm.cfg
@@ -1,17 +0,0 @@
-# Preparation:
-# This testcase executes against a sysmoISIM-SJA5 card. For the testcase, the
-# key configuration on the card may be used as it is.
-
-# Card parameter:
-ICCID="8949440000001155314" # <-- change to the ICCID of your card!
-EID=""
-KIC='51D4FC44BCBA7C4589DFADA3297720AF' # <-- change to the KIC1 of your card!
-KID='0449699C472CE71E2FB7B56245EF7684' # <-- change to the KID1 of your card!
-KEY_INDEX=1
-ALGO_CRYPT=triple_des_cbc2
-ALGO_AUTH=triple_des_cbc2
-TAR='B00010'
-
-# Testcase: Send OTA-SMS that selects DF.GSM and returns the select response
-APDU='A0A40000027F20A0C0000016'
-EXPECTED_RESPONSE='0000ffff7f2002000000000009b106350400838a838a 9000'
--- a/tests/pySim-smpp2sim_test/testcase_aes128_cbc_cmac_rfm.cfg
+++ b/tests/pySim-smpp2sim_test/testcase_aes128_cbc_cmac_rfm.cfg
@@ -1,19 +0,0 @@
-# Preparation:
-# This testcase executes against a sysmoEUICC1-C2T, which is equipped with the
-# TS48V1-B-UNIQUE test profile from https://test.rsp.sysmocom.de/ (Activation
-# code: 1$smdpp.test.rsp.sysmocom.de$TS48V1-B-UNIQUE). This testprofile must be
-# present on the eUICC before this testcase can be executed.
-
-# Card parameter:
-ICCID="8949449999999990031"
-EID="89049044900000000000000000102355" # <-- change to the EID of your card!
-KIC='66778899aabbccdd1122334455eeff10'
-KID='112233445566778899aabbccddeeff10'
-KEY_INDEX=2
-ALGO_CRYPT=aes_cbc
-ALGO_AUTH=aes_cmac
-TAR='b00120'
-
-# Testcase: Send OTA-SMS that selects DF.ICCID and returns the select response
-APDU='00a40004022fe200C000001d'
-EXPECTED_RESPONSE='621b8202412183022fe2a503d001408a01058b032f06038002000a8800 9000'
--- a/tests/pySim-smpp2sim_test/testcase_aes256_cbc_cmac_rfm.cfg
+++ b/tests/pySim-smpp2sim_test/testcase_aes256_cbc_cmac_rfm.cfg
@@ -1,28 +0,0 @@
-# Preparation:
-# This testcase executes against a sysmoISIM-SJA5 card. Since this card model is
-# shipped with a classic DES key configuration, it is necessary to provision
-# AES128 test keys before this testcase may be executed. The the following
-# pySim-shell command sequence may be used:
-#
-# verify_adm 34173960 # <-- change to the ADM key of your card!
-# select /DF.SYSTEM/EF.0348_KEY
-# update_record 10 fe03601111111111111111111111111111111111111111111111111111111111111111
-# update_record 11 fe03612222222222222222222222222222222222222222222222222222222222222222
-# update_record 12 fe03623333333333333333333333333333333333333333333333333333333333333333
-#
-# This overwrites one of the already existing 3DES SCP02 key (KVN 47) and replaces it
-# with an AES256 SCP80 key (KVN 3).
-
-# Card parameter:
-ICCID="8949440000001155314" # <-- change to the ICCID of your card!
-EID=""
-KIC='1111111111111111111111111111111111111111111111111111111111111111'
-KID='2222222222222222222222222222222222222222222222222222222222222222'
-KEY_INDEX=3
-ALGO_CRYPT=aes_cbc
-ALGO_AUTH=aes_cmac
-TAR='B00010'
-
-# Testcase: Send OTA-SMS that selects DF.GSM and returns the select response
-APDU='A0A40000027F20A0C0000016'
-EXPECTED_RESPONSE='0000ffff7f2002000000000009b106350400838a838a 9000'
--- a/tests/unittests/test_configurable_parameters.py
+++ b/tests/unittests/test_configurable_parameters.py
@@ -310,14 +310,11 @@ class ConfigurableParameterTest(unittest.TestCase):
            p13n.SdKeyScp80Kvn03DesDek,
           #p13n.SdKeyScp80Kvn03DesEnc,
           #p13n.SdKeyScp80Kvn03DesMac,
-           #p13n.SdKeyScp81Kvn40AesDek,
-            p13n.SdKeyScp81Kvn40DesDek,
+            p13n.SdKeyScp81Kvn40Dek   ,
           #p13n.SdKeyScp81Kvn40Tlspsk,
-           #p13n.SdKeyScp81Kvn41AesDek,
-           #p13n.SdKeyScp81Kvn41DesDek,
+           #p13n.SdKeyScp81Kvn41Dek   ,
            p13n.SdKeyScp81Kvn41Tlspsk,
-           #p13n.SdKeyScp81Kvn42AesDek,
-           #p13n.SdKeyScp81Kvn42DesDek,
+           #p13n.SdKeyScp81Kvn42Dek   ,
           #p13n.SdKeyScp81Kvn42Tlspsk,
            ):
Author	SHA1	Message	Date
Neels Hofmeyr	a4b5841f78	esim/http_json_api.py: support text/plain response Content-Type Allow returning text/plain Content-Types as 'data' output argument. So far, all the esim/http_json_api functions require a JSON response. However, a specific vendor has a list function where the request is JSON but the response is text/plain CSV data. Allow and return in a dict. Change-Id: Iba6e4cef1048b376050a435a900c0f395655a790	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	efc3f06f38	Revert "esim/http_json_api: extend JSON API with server functionality" This reverts commit `e00c0becca`.	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	7d73ebf641	Revert "esim/http_json_api: add missing apidoc" This reverts commit `0a1c5a27d7`.	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	462346bb71	Revert "http_json_api: Only require Content-Type if response body is non-empty" This reverts commit `e0a9e73267`.	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	0c33330056	Revert "esim/http_json_api: add alternative API interface" This reverts commit `f9d7c82b4d`.	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	aa2eaee266	Revert "esim/http_json_api: add alternative API interface (follow up)" This reverts commit `8b2a49aa8e`.	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	03e17a7366	saip: add numeric_base indicator to ConfigurableParameter and ParamSource By default, numeric_base = None, to indicate that there are no explicit limitations on the number space. For parameters that are definitely decimal, set numeric_base = 10. For definitely hexadecimal, set numeric_base = 16. Do the same for ConfigurableParameter as well as ParamSource, so callers can match them up: if a parameter is numeric_base = 10, then omit sources that are numeric_base = 16, and vice versa. Change-Id: Ib0977bbdd9a85167be7eb46dd331fedd529dae01	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	59bec08eae	saip SmspTpScAddr.get_values_from_pes: allow empty values Change-Id: Ibbdd08f96160579238b50699091826883f2e9f5a	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	5c34d36b48	SdKey KVN4X ID02: set key_usage_qual=0x48 Related: SYS#7865 Change-Id: Idc5d33a4a003801f60c95fff6931706a9aeb6692	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	5c74d5b4b3	saip: SdKey.__doc__: update SdKey listing Change-Id: Ib5011b0c7d76b082231744cf09077628dc4e69b7	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	6b2e5645b3	esim.saip.personalization: fix TLSPSK keys Add AES variant of TLSPSK DEK (SCP81 KVN40 key_id=0x02). Change-Id: I713a008fd26bbfcf437e0f29717b753f058ce76a	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	f9b581a985	add comment about not updating existing key_usage_qualifier Change-Id: Ie23ae5fde17be6b37746784bf1601b4d0874397a	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	789734d8a5	test_configurable_parameters.py: add tests for new parameters For: SmspTpScAddr MilenageRotation MilenageXoringConstants TuakNrOfKeccak Change-Id: Iecbea14fe31a9ee08d871dcde7f295d26d7bd001	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	d364174ca0	saip: SmspTpScAddr: fix get_values_from_pes Change-Id: I2010305340499c907bb7618c04c61e194db34814	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	b52d3ab9ed	ConfigurableParameter: safer val length check Change-Id: Ibe91722ed1477b00d20ef5e4e7abd9068ff2f3e4	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	49d4ba38e0	UppAudit: better indicate exception cause Change-Id: I4d986b89a473a5b12ed56b4710263b034876a33e	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	8cc7421faa	remove transitional name mapping This reverts commit I974cb6c393a2ed2248a6240c2722d157e9235c33 Now, finally, all SdKey classes have a unified logical naming scheme. Change-Id: Ic185af4a903c2211a5361d023af9e7c6fc57ae78	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	44dbbe5509	transitional name mapping To help existing applications transition to a common naming scheme for the SdKey classes, offer this intermediate result, where the SdKey classes' .name are still unchanged as before generating them. Change-Id: I974cb6c393a2ed2248a6240c2722d157e9235c33	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	8b1db4f0d2	generate sdkey classes from a list Change-Id: Ic92ddea6e1fad8167ea75baf78ffc3eb419838c4	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	ae8465532c	saip SmspTpScAddr: safeguard against decoding error Reading the TS48 V6.0 eSIM_GTP_SAIP2.1A_NoBERTLV profile results in an exception [1] in SmspTpScAddr. I have a caller that needs to skip erratic values instead of raising. The underlying issue, I presume, is that either the data needs validation before decode_record_bin(), or decode_record_bin() needs well-defined error handling. So far I know only of this IndexError, so, as a workaround, catch that. [1] File "/pysim/pySim/esim/saip/personalization.py", line 617, in get_values_from_pes ef_smsp_dec = ef_smsp.decode_record_bin(f_smsp.body, 1) File "/pysim/pySim/filesystem.py", line 1047, in decode_record_bin return parse_construct(self._construct, raw_bin_data) File "/application/venv/lib/python3.13/site-packages/osmocom/construct.py", line 550, in parse_construct parsed = c.parse(raw_bin_data, total_len=length, context) File "/application/venv/lib/python3.13/site-packages/construct/core.py", line 404, in parse return self.parse_stream(io.BytesIO(data), contextkw) ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/application/venv/lib/python3.13/site-packages/construct/core.py", line 416, in parse_stream return self._parsereport(stream, context, "(parsing)") ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/application/venv/lib/python3.13/site-packages/construct/core.py", line 428, in _parsereport obj = self._parse(stream, context, path) File "/application/venv/lib/python3.13/site-packages/construct/core.py", line 2236, in _parse subobj = sc._parsereport(stream, context, path) File "/application/venv/lib/python3.13/site-packages/construct/core.py", line 428, in _parsereport obj = self._parse(stream, context, path) File "/application/venv/lib/python3.13/site-packages/construct/core.py", line 2770, in _parse return self.subcon._parsereport(stream, context, path) ~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^ File "/application/venv/lib/python3.13/site-packages/construct/core.py", line 428, in _parsereport obj = self._parse(stream, context, path) File "/application/venv/lib/python3.13/site-packages/construct/core.py", line 2236, in _parse subobj = sc._parsereport(stream, context, path) File "/application/venv/lib/python3.13/site-packages/construct/core.py", line 428, in _parsereport obj = self._parse(stream, context, path) File "/application/venv/lib/python3.13/site-packages/construct/core.py", line 2770, in _parse return self.subcon._parsereport(stream, context, path) ~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^ File "/application/venv/lib/python3.13/site-packages/construct/core.py", line 428, in _parsereport obj = self._parse(stream, context, path) File "/application/venv/lib/python3.13/site-packages/construct/core.py", line 820, in _parse return self._decode(obj, context, path) ~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^ File "/application/venv/lib/python3.13/site-packages/osmocom/construct.py", line 268, in _decode if r[-1] == 'f': ~^^^^ File "/application/venv/lib/python3.13/site-packages/osmocom/utils.py", line 50, in __getitem__ return hexstr(super().__getitem__(val)) ~~~~~~~~~~~~~~~~~~~^^^^^ IndexError: string index out of range Change-Id: Ic436e206776b81f24de126e8ee0ae8bf5f3e8d7a	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	0f00bd14d8	saip/param_source: try to not repeat random values Change-Id: I4fa743ef5677580f94b9df16a5051d1d178edeb0	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	ff7c252d63	use secrets.SystemRandom as secure random nr source secrets.SystemRandom is defined as the most secure random source available on the given operating system. Change-Id: I8049cd1292674b3ced82b0926569128535af6efe	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	f8aa78d370	use random.SystemRandom as random nr source (/dev/urandom) /dev/urandom is somewhat better than python's PRNG Change-Id: I6de38c14ac6dd55bc84d53974192509c18d02bfa	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	ef995383a6	add test_param_src.py Change-Id: I03087b84030fddae98b965e0075d44e04ec6ba5c	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	b39f69ba89	param_source: allow plugging a random implementation (for testing) Change-Id: Idce2b18af70c17844d6f09f7704efc869456ac39	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	3bee435c2a	RandomHexDigitSource: rather return in string format, not bytes Change-Id: I4e86289f6fb72cbd4cf0c90b8b49538cfab69a7f	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	9e33ae0486	personalization: add int as input type for BinaryParameter Change-Id: I31d8142cb0847a8b291f8dc614d57cb4734f0190	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	913e8d12d4	personalization.ConfigurableParameter: fix BytesIO() input Change-Id: I0ad160eef9015e76eef10baee7c6b606fe249123	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	346e2aeb01	add test_configurable_parameters.py Change-Id: Ia55f0d11f8197ca15a948a83a34b3488acf1a0b4	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	b71fa5307e	ConfigurableParameter: do not magically overwrite the 'name' attribute Change-Id: I6f631444c6addeb7ccc5f6c55b9be3dc83409169	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	e065cd50ed	personalization audit: optionally audit all (unknown) SD keys By a flag, allow to audit also all Security Domain KVN that we have not created ConfigurableParameter subclasses for. For example, SCP80 has reserved kvn 0x01..0x0f, but we offer only Scp80Kvn01, Scp80Kvn02, Scp80Kvn03. So we would not show kvn 0x03..0x0f in an audit. This patch includes audits of all SD key kvn there may be in the UPP. This will help to spot SD keys that may already be present in a UPP template, with unexpected / unusual kvn. Change-Id: Icaf6f7b589f117868633c0968a99f2f0252cf612	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	5eec7b7478	personalization: implement UppAudit and BatchAudit Change-Id: Iaab336ca91b483ecdddd5c6c8e08dc475dc6bd0a	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	9bdf1e3dee	param_source: allow input val expansion like '0 * 32' Working with keys, we often generate 4, 8, 16, 32 digit wide random values. Those then typically have default input values like 00000000000000000000000000000000 it is hard for humans to count the number of digits. Much easier: 00*16 Teach the ParamSource subclasses dealing with random values to understand an expansion like this. Any expansion is carried out before all other input value handling. Use this expansion also in the default_value of ConfigurableParameter subclasses that have a default_source pointing at a ParamSource that now understand this expansion. Related: SYS#6768 Change-Id: Ie7171c152a7b478736f8825050305606b5af5735	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	d5e550dcc4	comment in uicc.py on Security Domain Keys: add SCP81 Change-Id: Ib0205880f58e78c07688b4637abd5f67ea0570d1	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	8fb451b732	personalization: fix SdKey.apply_val() implementation 'securityDomain' elements are decoded to ProfileElementSD instances, which keep higher level representations of the key data apart from the decoded[] lists. So far, apply_val() was dropping binary values in decoded[], which does not work, because ProfileElementSD._pre_encode() overwrites self.decoded[] from the higher level representation. Implement using - ProfileElementSD.find_key() and SecurityDomainKeyComponent to modify an exsiting entry, or - ProfileElementSD.add_key() to create a new entry. Before this patch, SdKey parameters seemed to patch PES successfully, but their modifications did not end up in the encoded DER. (BTW, this does not fix any other errors that may still be present in the various SdKey subclasses, patches coming up.) Related: SYS#6768 Change-Id: I07dfc378705eba1318e9e8652796cbde106c6a52	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	eca2fd39c0	personalization: add get_typical_input_len() to ConfigurableParameter The aim is to tell a user interface how wide an input text field should be chosen to be convenient -- ideally showing the entire value in all cases, but not too huge for fields that have no sane size limit. Change-Id: I2568a032167a10517d4d75d8076a747be6e21890	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	2c9374ac53	personalization: make AlgorithmID a new EnumParam The AlgorithmID has a few preset values, and hardly anyone knows which is which. So instead of entering '1', '2' or '3', make it work with prededined values 'Milenage', 'TUAK' and 'usim-test'. Implement the enum value part abstractly in new EnumParam. Make AlgorithmID a subclass of EnumParam and define the values as from pySim/esim/asn1/saip/PE_Definitions-3.3.1.asn Related: SYS#6768 Change-Id: I71c2ec1b753c66cb577436944634f32792353240	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	c9c5bd2470	personalization: indicate default ParamSource per ConfigurableParameter Add default_source class members pointing to ParamSource classes to all ConfigurableParameter subclasses. This is useful to automatically set up a default ParamSource for a given ConfigurableParameter subclass, during user interaction to produce a batch personalization. For example, if the user selects a Pin1 parameter, a calling program can implicitly set this to a RandomDigitSource, which will magically make it work the way that most users need. BTW, default_source and default_value can be combined to configure a matching ParamSource instance: my_source = MyParam.default_source.from_str( MyParam.default_value ) Change-Id: Ie58d13bce3fa1aa2547cf3cee918c2f5b30a8b32	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	9bc795e7a1	personalization: allow reading back multiple values from PES Change-Id: Iecb68af7c216c6b9dc3add469564416b6f37f7b2	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	7886e59f82	personalization: implement reading back values from a PES Implement get_values_from_pes(), the reverse direction of apply_val(): read back and return values from a ProfileElementSequence. Implement for all ConfigurableParameter subclasses. Future: SdKey.get_values_from_pes() is reading pe.decoded[], which works fine, but I07dfc378705eba1318e9e8652796cbde106c6a52 will change this implementation to use the higher level ProfileElementSD members. Implementation detail: Implement get_values_from_pes() as classmethod that returns a generator. Subclasses should yield all occurences of their parameter in a given PES. For example, the ICCID can appear in multiple places. Iccid.get_values_from_pes() yields all of the individual values. A set() of the results quickly tells whether the PES is consistent. Rationales for reading back values: This allows auditing an eSIM profile, particularly for producing an output.csv from a batch personalization (that generated lots of random key material which now needs to be fed to an HLR...). Reading back from a binary result is more reliable than storing the values that were fed into a personalization. By auditing final DER results with this code, I discovered: - "oh, there already was some key material in my UPP template." - "all IMSIs ended up the same, forgot to set up the parameter." - the SdKey.apply() implementations currently don't work, see I07dfc378705eba1318e9e8652796cbde106c6a52 for a fix. Change-Id: I234fc4317f0bdc1a486f0cee4fa432c1dce9b463	2026-03-04 00:35:54 +01:00
Neels Hofmeyr	a65886ca3f	personalization: add param_source.py, add batch.py Implement pySim.esim.saip.batch.BatchPersonalization, generating N eSIM profiles from a preset configuration. Batch parameters can be fed by a constant, incrementing, random or from CSV rows: add pySim.esim.saip.param_source.* classes to feed such input to each of the BatchPersonalization's ConfigurableParameter instances. Related: SYS#6768 Change-Id: I01ae40a06605eb205bfb409189fcd2b3a128855a	2026-03-04 00:35:44 +01:00