in pySim-shell.py we add the commandline options for the card key
provider and do the setup accordingly. Let's put this boilerplate
code into helper functions instead, so that we can re-use it in
other pySim programs as well. Let's use pySim.transport as a
pattern.
Related: SYS#6959
The field 'alpha_id' is technically not an optional field, even though
the specification describes it as optional. Once the card manufacturer
decides that the field should be present, it must be always present and
vice versa.
(see code comment for a more detailed description)
Related: SYS#7765
Change-Id: I0ec99b2648b22c56f9145345e4cd8776f9217701
The legacy code found in legacy/cards.py does not use the modern
construct based encoder (pySim-read uses it). The card classes either
use their own implementation of update_smsp or use the generic method
provided by the SimCard class. The latter one is true for FairwavesSIM
and WavemobileSim.
Unfortunately the implementation found in the SimCard is wrong. It
adds padding at the end of the file instead of the beginning. This
completely messes up the contents of EF.SMSP for the cards using this
method. To fix this, let's use the leftpad feature provided by
the update_record. This will ensure a correct alignment of the file
contents.
Related: SYS#7765
Change-Id: Ie112418f1f1461762d61365d3863181ca6be7245
The current behavior we implement in the method __send_apdu_T0 is
incomplete. Some details discussed in ETSI TS 102 221,
section 7.3.1.1.4, clause 4 seem to be not fully implemented. We
may also end up sending a GET RESPONSE in other APDU cases than
case 4 (the only case that uses the GET RESPONSE command).
Related: OS#6970
Change-Id: I26f0566af0cdd61dcc97f5f502479dc76adc37cc
'securityDomain' elements are decoded to ProfileElementSD instances,
which keep higher level representations of the key data apart from the
decoded[] lists.
So far, apply_val() was dropping binary values in decoded[], which does
not work, because ProfileElementSD._pre_encode() overwrites
self.decoded[] from the higher level representation.
Implement using
- ProfileElementSD.find_key() and SecurityDomainKeyComponent to modify
an exsiting entry, or
- ProfileElementSD.add_key() to create a new entry.
Before this patch, SdKey parameters seemed to patch PES successfully,
but their modifications did not end up in the encoded DER.
(BTW, this does not fix any other errors that may still be present in
the various SdKey subclasses, patches coming up.)
Related: SYS#6768
Change-Id: I07dfc378705eba1318e9e8652796cbde106c6a52
Jenkins: skip-card-test
The aim is to tell a user interface how wide an input text field should
be chosen to be convenient -- ideally showing the entire value in all
cases, but not too huge for fields that have no sane size limit.
Change-Id: I2568a032167a10517d4d75d8076a747be6e21890
Jenkins: skip-card-test
The AlgorithmID has a few preset values, and hardly anyone knows which
is which. So instead of entering '1', '2' or '3', make it work with
prededined values 'Milenage', 'TUAK' and 'usim-test'.
Implement the enum value part abstractly in new EnumParam.
Make AlgorithmID a subclass of EnumParam and define the values as from
pySim/esim/asn1/saip/PE_Definitions-3.3.1.asn
Related: SYS#6768
Change-Id: I71c2ec1b753c66cb577436944634f32792353240
Jenkins: skip-card-test
Add default_source class members pointing to ParamSource classes to all
ConfigurableParameter subclasses.
This is useful to automatically set up a default ParamSource for a given
ConfigurableParameter subclass, during user interaction to produce a
batch personalization.
For example, if the user selects a Pin1 parameter, a calling program can
implicitly set this to a RandomDigitSource, which will magically make it
work the way that most users need.
BTW, default_source and default_value can be combined to configure a
matching ParamSource instance:
my_source = MyParam.default_source.from_str( MyParam.default_value )
Change-Id: Ie58d13bce3fa1aa2547cf3cee918c2f5b30a8b32
Jenkins: skip-card-test
Implement get_values_from_pes(), the reverse direction of apply_val():
read back and return values from a ProfileElementSequence. Implement for
all ConfigurableParameter subclasses.
Future: SdKey.get_values_from_pes() is reading pe.decoded[], which works
fine, but I07dfc378705eba1318e9e8652796cbde106c6a52 will change this
implementation to use the higher level ProfileElementSD members.
Implementation detail:
Implement get_values_from_pes() as classmethod that returns a generator.
Subclasses should yield all occurences of their parameter in a given
PES.
For example, the ICCID can appear in multiple places.
Iccid.get_values_from_pes() yields all of the individual values. A set()
of the results quickly tells whether the PES is consistent.
Rationales for reading back values:
This allows auditing an eSIM profile, particularly for producing an
output.csv from a batch personalization (that generated lots of random
key material which now needs to be fed to an HLR...).
Reading back from a binary result is more reliable than storing the
values that were fed into a personalization.
By auditing final DER results with this code, I discovered:
- "oh, there already was some key material in my UPP template."
- "all IMSIs ended up the same, forgot to set up the parameter."
- the SdKey.apply() implementations currently don't work, see
I07dfc378705eba1318e9e8652796cbde106c6a52 for a fix.
Change-Id: I234fc4317f0bdc1a486f0cee4fa432c1dce9b463
Jenkins: skip-card-test
Implement pySim.esim.saip.batch.BatchPersonalization,
generating N eSIM profiles from a preset configuration.
Batch parameters can be fed by a constant, incrementing, random or from
CSV rows: add pySim.esim.saip.param_source.* classes to feed such input
to each of the BatchPersonalization's ConfigurableParameter instances.
Related: SYS#6768
Change-Id: I01ae40a06605eb205bfb409189fcd2b3a128855a
Jenkins: skip-card-test
A separate job gives us a possibility to skip tests requiring physical
cards for specific commits that do not touch the core logic. See the
related commits in osmo-ci.git.
Change-Id: If76d812ee43b7eb3b57fdc660c60bf31fbff5b16
Related: osmo-ci.git Ia48d1b468f65d7c2e6b4128eeac36d0f3d03c45e
Related: osmo-ci.git I986d88545f64e13cd571ba9ff56bc924822e39a0
PyYAML versions 5.1–5.3.1 are vulnerable to CVE-2020-1747, which allows
arbitrary code execution through yaml.FullLoader. While PyYAML 5.4+
patches this, the dependency specification (pyyaml >= 5.1) doesn't
guarantee a safe version. Let's increase the requirement to version
5.4 to ensure a safe version of is used.
This patch is based on suggestions from:
"YanTong C <chyeyantong03@gmail.com>"
Change-Id: I901c76c59e9c1bab030eab81038e04a475b32510
Root Cause:
pySim-prog.py uses Python's random module (Mersenne Twister MT19937) to
generate Ki and OPC — the root authentication keys for SIM cards. MT19937
is a deterministic PRNG that is not cryptographically secure. Its internal
state (624 × 32-bit words, 19,937 bits) can be fully recovered after
observing 624 consecutive outputs.
Impact:
1. SIM Card Cloning: An attacker who determines the PRNG state can predict
all Ki/OPC values generated before and after. With these keys, SIM cards
can be cloned.
2. Network Authentication Bypass: Ki/OPC are used in the Milenage algorithm
for 3G/4G/5G authentication. Predictable keys mean an attacker can
authenticate as any subscriber whose SIM was provisioned with the weak RNG.
3. Batch Compromise: In bulk provisioning scenarios (pySim-prog's primary
use case), hundreds or thousands of SIMs may be programmed sequentially.
Compromising one batch means recovering the PRNG state to predict all keys.
Fix:
Replace random.randrange() with os.urandom()
Change-Id: Id3e00d3ec5386f17c1525cacfc7d3f5bba43381f
Previously, _test_de_encode vectors for TransRecEF subclasses were tested
via decode_record_hex()/encode_record_hex(), i.e. one record at a time,
with the decoded value being a scalar.
Switch test_de_encode_record() in TransRecEF_Test to use decode_hex() /
encode_hex() instead, so that vectors represent whole-file content
(decoded value is a list of records) -- consistent with how LinFixedEF
handles _test_de_encode. Update all existing vectors accordingly.
Change-Id: I4a9610f9ee39833cd0c90f64f89f5fbdd6f0846d
When json.loads() fails (e.g. the user made a syntax mistake), prompt
the user with "Re-open file for editing? [y]es/[n]o:" and loop back to
the editor if they answer 'y' or 'yes'. If the user declines, return
the original unmodified value so no write is attempted; the temp file
is still cleaned up by __exit__() in that case.
Change-Id: I9161b7becea0d8dfd3f5f740fbb253da2f061a1d
Related: OS#6899
A plain NamedTemporaryFile is sufficient here: we only need a single
file, not a directory to hold it. Using NamedTemporaryFile is simpler
(no subdirectory to manage) and gives us a .json suffix for free,
which editors use for syntax highlighting.
Change-Id: If3b0bd0fcc90732407dbd03b9cc883f7abeb948e
When invoking `edit_binary_decoded` or `edit_record_decoded`, the
temp file opened in the editor now contains the EF's encode/decode
test vectors as //-comment lines below the JSON content, similar to
how 'git commit' appends comments to the commit message template.
The comment block is stripped before JSON parsing on save,
so it has no effect on the written data.
The feature is implemented via a new module-level JsonEditor context
manager class that encapsulates the full edit cycle:
* write JSON + examples to a TemporaryDirectory
* invoke the editor
* read back, strip //-comments, parse and return the result
Change-Id: I5a046a9c7ba7e08a98cf643d5a26bc669539b38f
Related: OS#6900
Add a Sphinx extension (docs/pysim_fs_sphinx.py) that hooks into the
builder-inited event and generates docs/filesystem.rst before Sphinx
reads any source files.
The generated page contains a hierarchical listing of all implemented
EFs and DFs, organised by application/specification (UICC/TS 102 221,
ADF.USIM/TS 31.102, ADF.ISIM/TS 31.103, SIM/TS 51.011). For each file,
the class docstring and any _test_de_encode / _test_decode vectors
are included as an encoding/decoding example table.
docs/filesystem.rst is fully generated at build time and is therefore
added to .gitignore.
Add tests/unittests/test_fs_coverage.py that walks all pySim.* modules
and verifies that every CardProfile, CardApplication, and standalone
CardDF subclass with EF/DF children is either listed in the SECTIONS
(and will appear in the docs) or explicitly EXCLUDED.
Change-Id: I06ddeefc6c11e04d7c24e116f3f39c8a6635856f
Related: OS#6316
The documentation of the getProtocol provided by pyscard says:
"Return bit mask for the protocol of connection, or None if no
protocol set. The return value is a bit mask of
CardConnection.T0_protocol, CardConnection.T1_protocol,
CardConnection.RAW_protocol, CardConnection.T15_protocol"
This suggests that the purpose of getProtocol is not to determine
which protocols are supported. Its purpose is to determine which
protocol is currently selected (either through auto selection or
through the explicit selection made by the API user). This means
we are using getProtocol wrong.
So far this was no problem, since the auto-selected protocol
should be a supported protocol anyway. However, the automatic
protocol selection may not always return a correct result (see
bug report from THD-siegfried [1]).
Let's not trust the automatic protocol selection. Instead let's
parse the ATR and make the decision based on the TD1/TD2 bytes).
[1] https://osmocom.org/issues/6952
Related: OS#6952
Change-Id: Ib119948aa68c430e42ac84daec8b9bd542db7963
The eSIM SM-DP+ server modules (`pySim.esim.es2p`, `pySim.esim.es9p`,
`pySim.esim.http_json_api`) unconditionally import optional server-side
dependencies at module level:
pySim.esim.es2p -- from klein import Klein
pySim.esim.http_json_api -- from twisted.web.server import Request
Both imports fail during a docs build if the packages are absent or
broken, causing three "autodoc: failed to import" warnings and three
missing chapters in the generated manual.
Even when klein and twisted are installed, twisted 23.10.0 (the
version pulled in transitively by smpp.twisted3's `Twisted~=23.10.0`
constraint) is incompatible with Python 3.13+ because twisted.web.http
unconditionally executes `import cgi`, a module that was removed from
the standard library in Python 3.13.
Fix: add `autodoc_mock_imports = ['klein', 'twisted']` to conf.py.
Sphinx inserts mock entries into sys.modules before each autodoc import
attempt, so the modules can be imported and documented without requiring
the real packages to be importable at build time.
Change-Id: I71650466f02a6a6d150650deed167c05d2cb6e64
sphinxarg.ext generates generic sub-headings ("Named arguments",
"Positional arguments", "Sub-commands", "General options", ...) for
every argparse command and tool. These repeat across many files and
trigger large numbers of autosectionlabel duplicate-label warnings.
Two-pronged fix:
* `autosectionlabel_maxdepth = 3` eliminates the depth-4+ warnings
(sub-headings inside each individual command block).
* `suppress_warnings` per file silences the residual depth-3 collisions
("serial reader", "decode_hex", "sub-commands", ...) that still
appear across tool documentation files.
Cross-references into these generic argparse-generated sections are not
a supported use-case, so suppressing the warnings is appropriate.
Change-Id: I9cdf2a4f6cbd435b16b90ab668205600ffd7c3b0
pySim-prog and pySim-read do not integrate the pySimLogger yet. As we
may add more debug output that should not be visible on normal use, we
should ensure that the pySimLogger is correctly set up.
Change-Id: Ia2fa535fd9ce4ffa301c3f5d6f98c1f7a4716c74
When we initialize a new PySimLogger, we always call the setup method
first and then use the set_verbose and set_level method to configure
the initial log level and the initial log verbosity. However, we
initialize the PySimLogger in all our programs the same way and we
end up with the same boilerplate code every time. Let's add a keyword
parameter to the setup method where we can pass our opts.verbose (bool)
parameter so that the setup method can do the work for the main program.
In case the caller wants a different default configuration he still can
call set_verbose and set_level methods as needed.
Change-Id: I4b8ef1e203186878910c9614a1d900d5759236a8
In pySim-read we do not have to compute any random numbers, so
we may remove random from the imports
Change-Id: Iae4ee6aafb339cc682345299b92b4ecd0bbca14e
The "ADM PIN" and "SCP02 / SCP03" sub-sections of "Field naming" used
the '~' heading character, which Sphinx resolved to level 4 - skipping
level 3 and throwing build ERRORs. As a result, both sub-sections
had no heading at all. Change both to '^' (level 3) to match the
other sub-sections in this file.
While at it, fix a typo: "consisting if" -> "consisting of".
Change-Id: Ia56efc7fadcc0fd62e87e63850b929d2f80851ba
Unfortunately we have mixed up the concept of TPDUs and APDUs in
earlier versions of pySim-shell. This lead to problems with
detecteding the APDU case properly (see also ISO/IEC 7816-3) and
also prevented us from adding support for T=1.
This problem has been fixed long time ago and all APDUs sent from
the pySim-shell code should be well formed and valid according to
ISO/IEC 7816-3.
To ensure that we continue to format APDUs correctly as APDUs (and
not TPDUs) we have added a mechanism to the LinkBase class that
would either raise an exception or print a warning if someone
mistakenly tries to send an APDU that is really a TPDU. Whether a
warning is printed or an exception is raised is controlled via the
apdu_strict member in the LinkBase class, which is false (print
warning only) by default.
The reason why we have implemneted the mechanism this way was
because we wanted to ensure that existing APDU scripts (pySim-shell
apdu command) keep working, even though when those scripts uses
APDUs which are formally invalid.
Sending a TPDU instead of an APDU via a T=0 link will still work
in almost all cases. This is also the reason why this problem
slipped through unnoticed for long time. However, there may still
be subtile problems araising from this practice. The root of the
problem is that it is impossible to distinguish between APDU case
3 and 4 when a TPDU instead of an APDU is sent. However in order
to handle a case 4 APDU correctly we must be able to distinguish
the APDU case correctly to handle the case correctly.
ETSI TS 102 221, section 7.3.1.1.4, clause 4 is very clear about
the fact that not (only) the status word (e.g. 61xx) but the
APDU case is what matters.
To complete the logic in LinkBaseTpdu and to maintain compatibility
(older APDU scripts), we must still be able to switch between the
'apdu_strict' mode and the non-strict mode. However, since
pySim-shell, pySim-prog and pySim-read internally use proper APDUs,
we may enable the 'apdu_strict' mode by default.
At the same time we will limit the effect of pySim-shell's
apdu_strict setable to the apdu command only. By doing so, the
bahviour of the apdu command is not altered. Users will still
have to enable the 'strict' mode explicitly. At the same time
all the internal functionality of pySim-shell will always use
the 'strict' mode.
Related: OS#6970
Change-Id: I9a531a825def318b28bf58291d811cf119003fab
With the increased interest in using GlobalPlatform features of
UICC and eUICCs (OTA-SMS, applets, etc.), also comes an increased
interest in how the related GlobalPlatform keys can be managed
(key rotation, adding/removing keysets from/to a Security Domain).
Unfortunately, many aspects of this topic are not immediately
obvious for the average user. Let's add a tutorial that contains
some practical examples to shine some light on the topic.
Related: SYS#7881
Change-Id: I163dfedca3df572cb8442e9a4a280e6c5b00327e
gen_install_parameters() had contradictory logic: the outer guard
required all three arguments to be non-None/non-empty (making them
mutually inclusive), while the inner checks then treated each one
as optional.
Make each parameter independently optional (defaulting to None) and
remove the all-or-nothing check. Simplify the function body to a
straightforward single-pass construction of system_specific_params.
Change-Id: I8756fb38016cdf0527fe2e21edb44381d1dc557f
pySim-shell currently does not work on systems with Python 3.14+:
File ".../pysim/pySim/global_platform/__init__.py", line 868, in AddlShellCommands
install_cap_parser_inst_prm_g_grp = install_cap_parser_inst_prm_g.add_argument_group()
File "/usr/lib/python3.14/argparse.py", line 1794, in add_argument_group
raise ValueError('argument groups cannot be nested')
ValueError('argument groups cannot be nested')
The problem is that install_cap_parser creates a nested group inside
of mutually exclusive group. argparse never supported group nesting
properly, so it has been deprecated since Python 3.11, and eventually
got removed in Python 3.14.
Remove group nesting, adjust the usage string, and implement the
mutual exclusiveness enforcement manually in do_install_cap().
Change-Id: Idddf72d5a745345e134b23f2f01e0257d0667579
The TP-Destination Address in EF.SMSP uses the same encoding as the
TS-Service Centre Address field. However, even though the encoding
of both fields looks almost identical, it actually isn't.
The TS-Service Centre Address field encodes the length field as
octets required for the call_number + one octet for ton_npi.
(see also: 3GPP TS 24.011, section 8.2.5.2)
The TP-Destination Address uses the number of digits of the
call_number directly in the length field.
(see also: 3GPP TS 23.040, section 9.1.2.5)
Related: SYS#7765
Change-Id: I55c123c9e244e5a6e71a0348f5d476ef03e618e8
Let's add another testvector where we test what happens when we populate
none of the fields except for the tp_sc_addr.
Related: SYS#7765
Change-Id: I12b600ab17d1acfdddaffe6006095acf1a4228c9
`members_by_name` is a plain dictionary. Calling it with `()` raises:
TypeError: 'dict' object is not callable
Change-Id: I7e0c09aa7303f1506fe3a025fdc3779919dd0e6c
* OtaAlgoCrypt.from_keyset() searches by `otak.algo_crypt`
but the error message prints `otak.algo_auth`. Should be
`otak.algo_crypt` instead.
* OtaAlgoAuth.__init__() checks `algo_auth` but the error message
prints `algo_crypt`. Should be `otak.algo_auth` instead.
Change-Id: Ia636fffaeadc68e3f6d5b65d477e753834c95895
* field `tp_rp` appears at bit positions 7 and 5
** bit 7 should be `tp_rp` (Reply Path)
** bit 5 should be `tp_sri` (Status Report Indication)
* field `tp_lp` is completely missing
** should be at bit position 3
Change-Id: I0274849f0fa07281b5e050af429ffda7d249f9e8
Both `do_store_data` and `store_data` have identical docstrings that
incorrectly describe the command as GET DATA. Should be "STORE DATA".
Take a chance to fix missing space between `v2.3` and `Section`.
Change-Id: I33fc80ab8ca50fadc38217b0005eec6169c8e34e
The loop builds up `response` across multiple STORE DATA blocks,
but the function returns only `data` - the response from the
*last* block. It should return the accumulated response instead.
Change-Id: I3e15c8004d1e366e8c3896e559656622f48bb1a2
The keyword argument should be `nested=`. As written `ApplicationAID`
is silently ignored - `ApplicationTemplate` will not descend into its
nested TLVs.
Change-Id: If45dbb0c9b09fe53560d109957ce339267a9f2b0
The attribute name is misspelled. The BER-TLV infrastructure looks
for `_construct`; this typo means `SupportedTlsCipherSuitesForScp81`
will never decode its content.
Change-Id: I0f637951b0eeb7eca2a8b543baa737f216a935ed
The URL used when HTTP requests are performed is defined statically
with the url_prefix passed to the constructor of JsonHttpApiClient
together with the path property in JsonHttpApiFunction.
For applications that require dynamic URLs there is no way to rewrite
the URL. Let's add a mechanism that allows API users to apply custom
URL reqriting rules by adding a rewrite_url method to
JsonHttpApiFunction. API users may then overload this method with a
custom implementation as needed.
Related: SYS#7918
Change-Id: Id2713a867079cc140517fe312189e5e2162608a5
The tuples defining a DF or ADF in an eSIM template must contain a
pinStatusTemplateDO. When parsing tuples into a File() instance, we
must save it, and re-create it at the time we re-encode that file.
Same applies to the lcsi (life cycle state indicator), which may
optionally exist for any file.
Change-Id: I073aa4374f2cd664d07fa0224bf0d4c809cdf4aa
Closes: OS#6955
We already have documentation that explains how to run pySim-smpp2sim.
With smpp-ota-tool we now have a counterpart for pySim-smpp2sim, so
let's add documentation for this tool as well.
Related: SYS#7881
Change-Id: If0d18a263f5a6dc035b90f5c5c6a942d46bbba49
The commandline arguments are currently defined under __main__ in a
private scope. From there they are not reachable to the sphinx
argparse module. We have to define the arguments globally at the
top. (like in the other applications)
Related: SYS#7881
Change-Id: I2d9782e3f5b1cac78c22d206fdcac4118c7d5e7c
Some commandline arguments have an underscore in their name. Let's
replace those with dashes.
Change-Id: Icbe9d753d59263997e9ca34d46ed0daca36ca16c
Related: SYS#6868
Extend the existing test script so that it can handle multiple
testcases. Also add support for switching eUICC profiles.
Finally, add a testcases to test OTA-SMS (RFM) with AES128 and
AES256 encryption.
Change-Id: I1f10504f3a29a8c74a17991632d932819fecfa5a
Related: OS#6868
In our test setup we run the card_sanitizer.py script regualary to ensure that
we have consistent start conditions when running our tests. In case a testcase
crashes for some reason and leaves messed up files on a test card. The
card_sanitizer.py script will ensure that any problem like that is cleaned up
over night.
For the testcases we are about to add in the patch following this one, we need
to provision a new test keyset to one of our test cards. This has been already
done manually. However since the card_sanitizer still has the old keys in its
backup we will have to update that as well.
Change-Id: I5aa8a413b19b3e43a79d03e904daab50b4b1e767
Related: OS#6868
The methods dek_encrypt/dek_decrypt use the wrong algorithm and the
wrong key material. The algorithm should be 3DES rather then single
DES and the key must be the DEK session key instead of the static
DEK key from which the DEK session key is derived.
Related: SYS#7902
Change-Id: I3d0cc7378680b346fa39152c8b7074446d2c869d
Cards usually have multiple sets of KIC, KID (and KIK). The keys
are selected through an index. However, mixing keys from different
sets is concidered as a security violation and cards should reject
such configurations.
Let's print a warning to make users aware that something is off.
Change-Id: Ieb4e14145baba1c2cb4a237b612b04694940f402
Related: OS#6868
(normally KID index and KIC index should be the same since mixing keys
is a concidered as a security violation. However, in this tool we
want to allow users to specify different indexes for KIC and KIC so that
they can make tests to make sure their cards correctly reject mixed up
key indexes)
Change-Id: I8847ccc39e4779971187e7877b8902fca7f8bfc1
Related: OS#6868
When testing commands like get_profile_info, enable_profile,
disable_profile or the commands to manage notifications, we
should ensure that the correct profile is enabled before
executing the actual testcase.
Change-Id: Ie57b0305876bc5001ab3a9c3a3b5711408161b74
When I open the .asn file in vim, pySim should not attempt to read the
vim .swp file as asn.1.
File "/home/moi/osmo-dev/src/pysim/pySim/esim/saip/__init__.py", line 45, in <module>
asn1 = compile_asn1_subdir('saip')
[...]
File "<frozen codecs>", line 325, in decode
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xad in position 21: invalid start byte
Related: OS#6937
Change-Id: I37df3fc081e51e2ed2198876c63f6e68ecc8fcd8
The class Iccid uses a BcdAdapter to encoded/decode the ICCID. This
works fine for ICCIDs that have an even (20) number of digits. In case
the digit count is odd (19), the ICCID the last digit requires padding.
Let's switch to PaddedBcdAdapter for encoding/decoding, to ensure that
odd-length ICCIDs are padded automatically.
Change-Id: I527a44ba454656a0d682ceb590eec6d9d0ac883a
Related: OS#6868
This is a follow up patch to change:
I2a5d4b59b12e08d5eae7a1215814d3a69c8921f6
- do not ignore length of kwargs
- fix role parameter (roles other than 'legacy_client' can be used now)
- use startswith instead of match
Related: SYS#7866
Change-Id: Ifae13e82d671ff09bddf771f063a388d2ab283eb
this fixes the following two warnings:
pySim/esim/saip/__init__.py:docstring of pySim.esim.saip.FsNode.walk:1: WARNING: Inline strong start-string without end-string. [docutils]
pySim/esim/saip/__init__.py:docstring of pySim.esim.saip.FsNodeDF.walk:1: WARNING: Inline strong start-string without end-string. [docutils]
Change-Id: Id7debf9296923b735f76623808cee68967a1ece7
While at it, also use tuples (const) instead of lists (var).
Tweaked-by: nhofmeyr@sysmocom.de (docstring, tuples)
Change-Id: Iaa6e710132e3f4c6cecc5ff786922f6c0fcfb54e
unfortunately the API changes introduced in change
I277aa90fddb5171c4bf6c3436259aa371d30d092
broke the API interface of http_json_api.py. This was taken into
account and necessary to introduce add the server functionality next
to the already existing client functionality. The changes to the API
were minimal and all code locations that use http_json_api.py
were re-aligned.
Unfortunately it was not clear at this point in time that there are
out-of-tree projects that could be affected by API changes in
http_json_api.py
To mitigate the problem this patch introduces an alternative API
interface to the JsonHttpApiFunction base class. This alternative
API interface works like the old API interface when the class is
instantiated in the original way. To make use of the revised client
the API use has to pass an additional keyword argument that defines
the role.
Related: SYS#7866
Change-Id: I2a5d4b59b12e08d5eae7a1215814d3a69c8921f6
We have two test_enable_disable_profile method, the second one should
be called test_set_nickname.
Change-Id: I5ff79218fdafc8c42c8b58cc00be3e56e09d808b
At the moment pySim.ota codebase is not covered by any of the
integration tests (we have only normal unittests so far). To
increase the test coverage, let's add an integration test that
sends exchanges an RFM OTA-SMS with a real-world card.
However, there is no tool avaliable that can be used as an SMPP
client for pySim-smpp2sim yet. Let's use smpp_ota_apdu2.py on
laforge/ota to develop a tool that we can use to exchange SMS-TPDUs
that contain remote APDU scripts (RFM/RAM).
Finally let's use the tool we have created as a basis to create
an integration test that exchanges an SMS-TPDU with the RFM
application of a sysmoISIM-SJA5 card. The testcase shall pass
when we get the expected response from the card.
Related: OS#6868
Change-Id: If25e38be004cc1c7aeeb130431831377e78fe28d
If there is an empty body returned, such as in the case of the response
to an es9p notification, then it is of course also legal to not set the
content-type header.
This patch fixes an exception when talking to certain SM-DP+ with
es9p_client.py:
DEBUG:pySim.esim.http_json_api:HTTP RSP-STS: [204] hdr: {'X-Admin-Protocol': 'gsma/rsp/v2.5.0', 'Date': 'Wed, 28 Jan 2026 18:26:39 GMT', 'Server': 'REDACTED'}
DEBUG:pySim.esim.http_json_api:HTTP RSP: b''
{'X-Admin-Protocol': 'gsma/rsp/v2.5.0', 'Date': 'Wed, 28 Jan 2026 18:26:39 GMT', 'Server': 'REDACTED'}
<Response [204]>
Traceback (most recent call last):
File "gprojects/git/pysim/es9p/../contrib/es9p_client.py", line 315, in <module>
c.do_notification()
~~~~~~~~~~~~~~~~~^^
File "projects/git/pysim/es9p/../contrib/es9p_client.py", line 159, in do_notification
res = self.peer.call_handleNotification(data)
File "projects/git/pysim/contrib/pySim/esim/es9p.py", line 174, in call_handleNotification
return self.handleNotification.call(data)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^
File "projects/git/pysim/contrib/pySim/esim/http_json_api.py", line 335, in call
if not response.headers.get('Content-Type').startswith(req_headers['Content-Type']):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
AttributeError: 'NoneType' object has no attribute 'startswith'
Change-Id: I99e8f167b7bb869c5ff6d908ba673dac87fef71a
The asn.1 encoder expects bytes-like objects, we cannot simply pass
hex-strings to it without conversion
Change-Id: I83ad047e043dc6b3462b188ce6dd0b2cc0e52e87
This introduces an "APDU source" for pySim-trace which enables the
decoding of APDUs that are copy+pasted from elsewhere, for example
APDU logs in text form created by proprietary tools, or to decode
personalization scripts or the like.
Change-Id: I5aacf13b7c27cea9efd42f01dacca61068c3aa33
For all ConfigurableParameter subclasses, provide an example_input.
This may be useful for downstream projects' user interaction, to suggest
a value or prefill an input field, as appropriate.
Related: SYS#6768
Change-Id: I2672fedcbc32cb7a6cb0c233a4a22112bd9aae03
These names better match what humans expect to read, for example "PIN1"
instead of "Pin1".
(We still fall back to the __class__.__name__ if a subclass omits a
specific name, see the ConfigurableParameter init.)
Change-Id: I31f390d634e58c384589c50a33ca45d6f86d4e10
Refactor SdKey (and subclasses) to the new ConfigurableParameter
implementation style, keeping the same implementation.
But duly note that this implementation does not work!
It correctly patches pe.decoded[], but that gets overridden by
ProfileElementSD._pre_encode().
For a fix, see I07dfc378705eba1318e9e8652796cbde106c6a52.
Change-Id: I427ea851bfa28b2b045e70a19a9e35d361f0d393
Refactor AlgorithmID, K, Opc to the new ConfigurableParameter
implementation style.
K and Opc use a common abstract BinaryParam.
Note from the future: AlgorithmID so far takes "raw" int values, but
will turn to be an "enum" parameter with predefined meaningful strings
in I71c2ec1b753c66cb577436944634f32792353240
Change-Id: I6296fdcfd5d2ed313c4aade57ff43cc362375848
Implement abstract DecimalHexParam, and use it to refactor Puk1 and Puk2
to the new ConfigurableParameter implementation style.
DecimalHexParam will also be used for Pin and Adm soon.
Change-Id: I271e6c030c890778ab7af9ab3bc7997e22018f6a
Main points/rationales of the refactoring, details below:
1) common validation implementation
2) offer classmethods
The new features are optional, and will be heavily used by batch
personalization patches coming soon.
Implement Iccid and Imsi to use the new way, with a common abstract
DecimalParam implementation.
So far leave the other parameter classes working as they always did, to
follow suit in subsequent commits.
Details:
1) common validation implementation:
There are very common validation steps in the various parameter
implementations. It is more convenient and much more readable to
implement those once and set simple validation parameters per subclass.
So there now is a validate_val() classmethod, which subclasses can use
as-is to apply the validation parameters -- or subclasses can override
their cls.validate_val() for specialized validation.
(Those subclasses that this patch doesn't touch still override the
self.validate() instance method. Hence they still work as before this
patch, but don't use the new common features yet.)
2) offer stateless classmethods:
It is useful for...
- batch processing of multiple profiles (in upcoming patches) and
- user input validation
to be able to have classmethods that do what self.validate() and
self.apply() do, but do not modify any self.* members.
So far the paradigm was to create a class instance to keep state about
the value. This remains available, but in addition we make available the
paradigm of a singleton that is stateless (the classmethods).
Using self.validate() and self.apply() still work the same as before
this patch, i.e. via self.input_value and self.value -- but in addition,
there are now classmethods that don't touch self.* members.
Related: SYS#6768
Change-Id: I6522be4c463e34897ca9bff2309b3706a88b3ce8
The module still uses print to output information. Let's replace
those print calls with the more modern PySimLogger method calls.
Change-Id: I2e2ec2b84f3b84dbd8a029ae9bb64b7a96ddbde3
At the moment we use random identifiers as names when we create a
new logger for pySimLogger. Let's switch to consistently use the
module name here. For the top level modules let's use the program
name so that it will show up in the log instead of __init__.
Change-Id: I49a9beb98845f66247edd42ed548980c97a7151a
Make sure we make use of the fill pattern when encoding file contents:
Only encode the differences to the fill pattern of the file, in order
to reduce the profile download size.
Change-Id: I61e4a5e04beba5c9092979fc546292d5ef3d7aad
The python logger method warn is deprecated since pyton 3.3, let's us
the warning method as suggested.
Change-Id: I3a4c0ca43768198ac6011ebe79050f91c04862e5
We already have a tool to work with the ES2+ API provided by an SMDP+
(es2p_client.py) With this tool we can only make API calls towards
an SMDP+. However, SGP.22 also defines a "reverse direction" ES2+
interface through wich the SMDP+ may make API calls towards the MNO.
At the moment the only possible MNO originated API call is
ES2+handleDownloadProgressInfo. Let's add a simple tool that runs a
HTTP server to receive and log the ES2+handleDownloadProgressInfo
requests.
Related: SYS#7825
Change-Id: I95af30cebae31f7dc682617b1866f4a2dc9b760c
At the moment http_json_api only supports the client role. Let's also add
support for the server role.
This patch refactors the existing client code. This in particular means
that the following preperations have to be made:
- To use the existing JsonHttpApiFunction definitions in the client and
server the scheme has to be symetric. It already is for the most part,
but it treads the header field differently. So let's just treat the
header field like any other mandatory field and add it input_params.
(this does not affect the es9p.py code since in ES9+ the requests have
no header messages, see also SGP.22, section 6.5.1.1)
- The JsonHttpApiFunction class currently also has the code to perform
the client requests. Let's seperate that code in a JsonHttpApiClient
class to which we pass an JsonHttpApiFunction object.
- The code that does the encoding and decoding in the client role has
lots of conditions the treat the header differently. Let's do the
decisions about the header in the JsonHttpApiClient. The encoder
and decoder function should do the generic encoding and decoding
only. (however, some generic header specific conditions will remain).
The code for the server role logically mirrors the code for the client
role. We add a JsonHttpApiServer class that can be used to create
API endpoints. The API user has to pass in a call_handler through which
the application logic is defined. Above that we add an Es2pApiServer
class in es2p. In this class we implement the logic that runs the
HTTP server and receives the requests. The Es2pApiServer supports all
ES2+ functions defined by GSMA SGP.22. The user may use the provided
Es2pApiServerHandler base class to define the application logic for each
ES2+ function.
Related: SYS#7825
Change-Id: I277aa90fddb5171c4bf6c3436259aa371d30d092
The line actual_sec = func_ex_status.get('statusCodeData', None) suggests
that 'statusCodeData' may be None under normal circumstances. So let's guard
sec.update(actual_sec) so that we won't run into an exception in case
'statusCodeData' is not in func_ex_status.
Related: SYS#7825
Change-Id: I8a1a3cd5e029dba4a3aec1a64702e19b0d694ae2
This method did not work at all at the moment, likely due to API churn
over time. This change makes the following exception go away:
Traceback (most recent call last):
File "projects/git/pysim/contrib/saip-tool.py", line 473, in <module>
do_remove_naa(pes, opts)
~~~~~~~~~~~~~^^^^^^^^^^^
File "projects/git/pysim/contrib/saip-tool.py", line 203, in do_remove_naa
pes.remove_naas_of_type(naa)
~~~~~~~~~~~~~~~~~~~~~~~^^^^^
File "projects/git/pysim/contrib/pySim/esim/saip/__init__.py", line 1748, in remove_naas_of_type
if template in hdr.decoded['eUICC-Mandatory-GFSTEList']:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "projects/git/pysim/contrib/pySim/esim/saip/oid.py", line 48, in __eq__
return (self.intlist == other.intlist)
^^^^^^^^^^^^^
AttributeError: 'str' object has no attribute 'intlist'
A subsequent patch should introduce unit tests to avoid such breakage in
the future.
Change-Id: I88d862d751198c3d1648ab7f11d6e6a8fdbc41c9
This adds a new check method to the pySim.esim.saip.validation.CheckBasicStructure
class, which ensures that no unused authentication algorithm related mandatory
services are indicated in the ProfileHeader.
So if a profile e.g. states in the header it requires
usim-test-algorithm, but then the actual akaParameter instances do not
actually use that algorithm, it would raise an exception.
Change-Id: Id0e1988ae1936a321d04bc7c3c3a33262c767d30
Related: SYS#7826
Some templates (e.g. for 5GS) define files which aren't completely defined.
5GS OPL5G: doesn't have a file size defined in the template,
but a record size.
Change-Id: I5ec1757d6852eb24d3662ec1c3fc88365e90a616
Define the file size early if possible.
Some templates (e.g. for 5GS) define files which aren't completely defined.
Fixes the parsing for 5GS SUCI_Calc_Info which doesn't have a file size defined.
The saip-tool will other crash when reading a 5G enabled profile:
```
Traceback (most recent call last):
File "./contrib/saip-tool.py", line 458, in <module>
pes = ProfileElementSequence.from_der(f.read())
File "pySim/esim/saip/__init__.py", line 1679, in from_der
inst.parse_der(der)
~~~~~~~~~~~~~~^^^^^
File "pySim/esim/saip/__init__.py", line 1552, in parse_der
self.pe_list.append(ProfileElement.from_der(first_tlv, pe_sequence=self))
~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "pySim/esim/saip/__init__.py", line 557, in from_der
inst._post_decode()
~~~~~~~~~~~~~~~~~^^
File "pySim/esim/saip/__init__.py", line 668, in _post_decode
self.pe2files()
~~~~~~~~~~~~~^^
File "pySim/esim/saip/__init__.py", line 655, in pe2files
file = File(k, v, template.files_by_pename.get(k, None))
File "pySim/esim/saip/__init__.py", line 133, in __init__
self.from_tuples(l)
~~~~~~~~~~~~~~~~^^^
File "pySim/esim/saip/__init__.py", line 358, in from_tuples
self._body = self.file_content_from_tuples(l)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^
File "pySim/esim/saip/__init__.py", line 393, in file_content_from_tuples
stream.write(self.template.expand_default_value_pattern(self.file_size))
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^
File "pySim/esim/saip/templates.py", line 123, in expand_default_value_pattern
raise ValueError("%s does not have a default length" % self)
ValueError: FileTemplate(EF.SUCI_Calc_Info) does not have a default length
```
Change-Id: I7c4a0914aef1049a416e6b091f23daab39a1dd9c
The Card Key Provider currently only has support for CSV files
as input. Unfortunately using CSV files does not scale very well
when the card inventory is very large and continously updated.
In this case a centralized storage in the form of a database
is the more suitable approach.
This patch adds PostgreSQL support next to the existing CSV
file support. It also adds an importer tool to import existing
CSV files into the database.
Change-Id: Icba625c02a60d7e1f519b506a46bda5ded0537d3
Related: SYS#7725
The other source files have a line break between the character encoding
qualifier line and the python comment. Let's add a line break here
as well to maintain consistency.
Change-Id: Ied6b77eede748f1ddf6fde17c9b434fa4dd1114a
Fixes parsing of a 2.3 UICC profile.
This might be the wrong end as the spec says this is
NSI, but somehow it's working
Change-Id: I3cde1093156db274458d76e2c1c2e304d55a8466
The correct abbreviated version of the company name is
"sysmocom - s.f.m.c. GmbH", i.e. lowercase and with dash.
Change-Id: Id768d2f4b78162ff83320a800e4e66f1bd324d6d
When an eUICC performs a profile installation it returns a (concatenated)
series of ASN.1 encoded strings as "simaResponse". In case the profile
installation fails for some reason the simaResponse contains diagnostic
information to diagnose why the profile installation failed.
Unfortunately there are currently no practical tools available to decode
and display the information in the simaResponse. Let's add a tool for that.
Related SYS#7617
Change-Id: Ida4c3c5446653b283a3869c0c387f328ae51e55e
In case pySim-shell is used directly from the git repository (not
installed via a package manager), the version command fails with an
exception because pkg_resources.get_distribution('pySim') fails.
Let's renovate the version command and migrate from pkg_resources to
importlib.resources. There are many users and developers out there who
retrieve pySim-shell directly from the git repository and not via pip3.
To accommodate for that, let's check if pySim-shell.py is located in a
git repository and if so, let's display the HEAD commit hash instead.
Since the version of the currently installed pyosmocom version also
plays a critical role, let's display the pyosmocom version as well.
Related: OS#6830
Change-Id: I2b9038f88cfcaa07894a2f09c7f5ad8a5474083d
At the moment, the help text for the --csv option shows the path to
the users home. This is due to the default value, which is dynamically
generated. Let's use a static string with "~/" and resolve the full
path later when we need it.
Related: SYS#7725
Change-Id: Ied8b1e553de8f5370369c4485a2360906c874ed2
There are more files where trailing digits are indicated using 'f' and
should be stripped during decode, including EF.MSISDN and EF.VGCS
This is not just a presentation issue, but actually rendered wrong data
before, see the modified test output where our "read_record_uicc.ok"
file contained "bcd_len: 7" but then only 6 BCD digits due to this bug.
Change-Id: I4571482da924a3d645caa297108279d182448d21
It's a not-too-uncommon requirement to modify the SMSC address stored in
EF.SMSP. This adds a ConfigurableParameter for this purpose.
Change-Id: I6b0776c2e753e0a6d158a8cf65cb030977782ec2
We've had files2pe() for re-encoding all of the files, but let's add
a specific one for re-encoding only one of the files (such as commonly
needed during personalization)
Change-Id: I7b7f61aae6b7df6946dadf2f78fddf92995603ec
As the input phone number ("address") might be of an odd length of
digits, let's use PaddedBcdAdapter to fix two problems:
1) strip any potential trailing f in decoding
2) fix truncation of last digit during encoding
Change-Id: I1e9865e172bc29b8a31c281106d903934e81c686
Depends: pyosmocom Ib5afb5ab5c2bc9b519dc92818fc6974f7eecba16 (0.0.12
EF.SMSP contains up to two addresses: Both are stored in a fixed-length
field of 12 octets. However, the actually used size depends on the
number of digits in the respective number. Let's compute that length
field properly
Change-Id: Idef54a3545d1a5367a1efa2f0a6f7f0c1f860105
* add another set of test data (from a real-world SIM card)
* switch from test_decode to test_de_encode as our encoder now works due
to previous commits.
Change-Id: I8d16e195641bb59b2c26072008f88434692c0cab
the PySimLogger class currently only accepts cmd2 color enum values.
This is what we need for pySim-shell.py. However, in case we want to
use the PySimLogger in stand-alone programs that do not use cmd2, this
is a bit bulky. Let's add some flexibility to PySimLogger, so that we
can specify the colors as raw ANSI strings as well.
Change-Id: I93543e19649064043ae8323f82ecd8c423d1d921
Related: SYS#7725
Some of the encoders can only generate valid output if they are told
the expected output size. This is due to variable-length fields that
depend on the size of the total record (or file). Let's always pass
the expected length to the encoder methods.
Change-Id: I88f957e49b0c88a121a266d3582e79822fa0e214
In the test_encode_file() method, we should actually test the encoder,
and not the decoder. I suppose this was a copy+paste mistake at some
point? In the LinearFixedEF_Test.test_encoder_record we were already
testing the encoder. Just TransparentEF_Test got it wrong...
Change-Id: Id23305a78ab9acd2e006f2b26b72408795844d23
There's a 3-bit RFU field that (unlike everything else in USIM/UICC)
considers '1' to be the default. Let's make sure we get that right
during encode.
Change-Id: Ibe24a07f5f73d875d2077fa55471dbfc4e90da23
On my debian unstable system with wireshark 4.6.2-3, the pyshark_gsmtap
APDU source misses to report any ATRs, as those are not part of what's
reported with the 'gsm_sim' display filter. This is due to
wireshark.git commit bcd82e2370d18e20983b378d494964d89c191cef first part
of the 4.6.0 release, which splits the ATR dissection into a separate
sub-dissector.
We cannot use the seemingly logical 'gsmtap.type == 4' instead, as old
wireshark simply bypasses any output for the gsmtap header if the SIM
sub-dissector is used.
Hence, 'gsm_sim || iso7816.atr' is something compatible with older and
newer wireshark versions.
Change-Id: I53c1c8ed58a82c37cd4be4af3890af21da839e86
Milenage offers the capability for operators to modify the r1-r5
rotation constants as well as the c1-c5 xor-ing constants; let's
add ConfigurableParameters for that.
Change-Id: I397df6c0c708a8061e4adc0fde03a3f746bcb5b6
Related: SYS#7787
TS 51.011 Section 10.5.6 refers to clause 10.5.1 (EF.ADN),
and the latter permits UCS2 in addition to 7-bit GSM alphabet.
Change-Id: If10b3d6d8b34ece02dc0350ca9ea9c3f8fbf3c9e
Otherwise we might compute float values and fail encoding like this:
> construct.core.FormatFieldError: Error in path (building) -> tp_vp_minutes
> struct '>B' error during building, given value 169.0
Change-Id: I989669434c7ddee9595ee81a0822f9966907a844
When trying to remove a file (e.g. DF.5G_ProSe, 5FF0),
there seems to be a case sensitive check when checking for the dict:
pySim/runtime.py: get_file_for_filename():
478 def get_file_for_filename(self, name: str):
479 """Get the related CardFile object for a specified filename."""
480 sels = self.selected_file.get_selectables()
481 return sels[name]
The dict sels contains 5ff0, but not 5FF0.
The type of argument name is str. So a case sensitive check will be used.
Change-Id: Idd0db1f4bbd3ee9eec20f5fd0f4371c2882950cd
Closes: OS#6898
cmd2 version 3.0 was released, with significant API changes. Limit the
dependency to below 3.0, as already reflected in requirements.txt.
Seeing but not changing the discrepancy in minimum version:
requirements.txt has >2.6.2 while setup.py has >= 1.5.0.
Related: SYS#7775 SYS#7777
Change-Id: I5186f242dbc1b770e3ab8cdca7f27d2a1029fff6
Let's not reinvent the wheel of printing such data structures and use
the repr method provided by the respective class instead. This also
adds the missing key_usage_qualifier information to the print-out,
as well as the mac_len of the key components.
Change-Id: Iaead4a02f07130fd00bcecc43e1c843f1c221e63
The method get_field in the base class can be optimized out. This
also allows us to remove code dup in the card_key_provider_get_field
function.
Let's also fix the return code behavior. A get method in a
CardKeyProvider implementation should always return None in case
nothing is found. Also it should not crash in that case. This will
allow the card_key_provider_get function to move on to the next
CardKeyProvider. In case no CardKeyProvider yields any results, an
exception is appropriate since it is pointless to continue execution
with "None" as key material.
To make the debugging of problems easier, let's also print some debug
messages that inform the user what key/value pair and which
CardKeyProvider was queried. This will make it easier to investigate
in case an expected result was not found.
Related: SYS#7725
Change-Id: I4d6367b8eb057e7b2c06c8625094d8a1e4c8eef9
The method _verify_get_data was intended to be used to verify the
user input before it further processed but ended up to be a simple
check that only checks the name of the key column very basically.
Unfortunately it is difficult to generalize the check code as the
concrete implementation of those checks is highly format dependent.
With the advent of eUICCs, we now have two data formats with
different lookup keys, so a static list with valid lookup keys is
also no longer up to the task.
After all it makes not much sense to keep this method, so let's
remove it.
(From the technical perspective, the key column is not limitied to
any specif field. In theory it would even be possible to use the KI
as lookup key as well, even though it would not make sense in
practice)
Related: SYS#7725
Change-Id: Ibf5745fb8a4f927397adff33900731524715d6a9
As we plan to support other formats as data source for the Card Key
Provider soon, the more commandline options may be added and it makes
sense to group the Card Key Provider options in a dedicated group.
Let's also rename the option "--csv-column-key" to just "--column-key".
The column encryption is a generic concept and not CSV format specific.
(let's silently keep the "--csv-column-key" argument so maintain backward
compatibility)
Related: SYS#7725
Change-Id: I5093f8383551f8c9b84342ca6674c1ebdbbfc19c
The Card Key Provider is a built in mechanism of pySim-shell which
allows the user to read key material from a CSV file in order to
avoid having to lookup and enter the key material himself. The
lookup normally done by the pySim-shell commands automatically.
However, in some cases it may also be useful to be able to query the
CSV file manually in order to get certain fields displayed. Such a
command is in particular helpful to check and diagnose the CSV data
source.
Related: SYS#7725
Change-Id: I76e0f883572a029bdca65a5a6b3eef306db1c221
The two properties csv_file and csv_filename are defined by the
constructor anyway, let's remove the declaration in the class body
because it is not needed.
Change-Id: Ibbe8e17b03a4ba0041c0e9990a5e9614388d9c03
let's rename the parameter filename to csv_filename to make it
more clear to what kind of file this parameter refers.
Change-Id: Id5b7c61b5e72fb205e30d2787855b2c276840a7b
It is common in CSV files that the columns have uppercase names, so we
have adopted this scheme when we started using the card_key_provider.
This also means that the API of the card_key_provider_get() and
card_key_provider_get_field() function now implicitly requires
uppercase field names like 'ICCID', 'ADM1', etc.
Unfortunately this may be unreliable, so let's convert the field
names to uppercase as soon as we receive them. This makes the API
case-insensitive and gives us the assurance that all field names
we ever work with are in uppercase.
Related: SYS#7725
Change-Id: I9d80752587e2ccff0963c10abd5a2f42f5868d79
The CardKeyProviderCsv class implements a column decryption scheme
where columns are protected using a transport key. The CSV files
are enrcypted using contrib/csv-encrypt-columns.py.
The current implementation has two main problems:
- The decryption code in CardKeyProviderCsv is not specific to CSV files.
It could be re-used in other formats, for example to decrypt columns
(fields) red from a database. So let's split the decryption code in a
separate class.
- The encryption code in csv-encrypt-columns.py accesses methods and
properties in CardKeyProviderCsv. Also having the coresponding
encryption code somewhere out of tree may be confusing. Let's improve
the design and put encryption and decryption functions in a single
class. Let's also make sure the encryption/decryption is covered by
unittests.
Related: SYS#7725
Change-Id: I180457d4938f526d227c81020e4e03c6b3a57dab
The default log level of the PySimLogger is DEBUG by default. This is
to ensure that all messages are printed in an unconfigured setup.
However in pySim-Shell we care about configuring the logger, so let's
set the debug log level to INFO in startup. This will allow us to
turn debug messages on and off using the verbose switch.
Change-Id: I89315f830ce1cc2d573887de4f4cf4e19d17543b
Related: SYS#7725
It's occasionally useful to be able to manually generate a
SGP.22 StoreMetadataRequest (tag BF25), so let's add a small utility
program doing exactly that.
Change-Id: I56ebd040f09dcd167b0b22148c2f1af56240b3b5
If no profileClass is given, ProfileMetadata defaults to operational.
Let's add the capability to also generate metadata for test or provisioning profiles.
Change-Id: Id55537ed03e2690c1fc9545bb3c49cfc76d8e331
There is no unit-test for the CardKeyProviderCsv class yet. Let's add
one to ensure that the CardKeyProviderCsv class keeps working as expected.
Related: SYS#7725
Change-Id: I52519847a4c4a13a7bca49985133872b01c4aaab
The CHV commands (verify_chv, enable_chv, disable_chv, unblock_chv)
provide a --pin-nr parameter.
The --pin-nr is a decimal parameter that specifies the pin type to be
used. The exact pin type numbers are specified in ETSI TS 102.221,
Table 9.3.
Unfortunately the --pin-nr parameter is not very intuitive to use, it
it requires the user to manually lookup the numeric value. The specs
list that value as hexadecimal, so the user also has to convert it
to decimal. To make this less complicated, let's also accept
hexadecimal numbers with the --pin-nr parameter.
However, this alone does not improve the user expierience much. Let's
also add a --pin-type parameter (similar to the --adm-type parameter
of the verify_adm command) to specifiy the pin type in a human
readable form.
Change-Id: I0b58c402d95cbc4fe690e6edb214829d463e9f2c
osmo-smdpp has built-in SSL/TLS support for quite some time now. The manual does not
yet mention this feature yet.
Change-Id: I2db5ae32914386a34eab1ed7d2aff8cae82bfa9b
osmo-smdpp has built-in TLS support for some time now. Let's update
update the commandline help to be more concise.
Since the built-in SSL/TLS support is enabled by default, let's also
update the default port from 8000 to 443.
Change-Id: Ib5a069a8612beb1a9716a7514b498ec70d141178
When writing data to a transparent or linear fixed (record oriented)
and the data to write exceeds the record/file size, then the UICC will
respond with an error "6700: Checking errors - Wrong length"
In particular when the data is supplied as a JSON object and not as a
hex string, it may not be immediately obvious to the average user what
the problem actually is.
Let's check the record/file size before writing the data and raise an
exception in case the data excieeds the record/file size. Let's also
print an informative string message in case the data length is less
than the record/file size to make the user aware of unwritten bytes
at the end of a record/file.
Related: OS#6864
Change-Id: I7fa717d803ae79398d2c5daf92a7336be660c5ad
In many sub modules we still use print() to occassionally print status
messages or warnings. This technically does not hurt, but it is an unclean
solution which we should replace with something more mature.
Let's use python's built in logging framework to create a static logger
class that fits our needs. To maintain compatibility let's also make sure
that the logger class will behave like a normal print() statement when no
configuration parameters are supplied by the API user.
To illustrate how the approach can be used in sub-modules, this patch
replaces the print statements in runtime.py. The other print statements
will the be fixed in follow-up patches.
Related: OS#6864
Change-Id: I187f117e7e1ccdb2a85dfdfb18e84bd7561704eb
The function h2b expects a bytearray and must not be used on a string.
This is also true for nullstrings ('').
Related: OS#6869
Change-Id: I0e28e6ec476901bf19aa0f8640e41c74aa6e3aa2
************* Module osmo-smdpp
osmo-smdpp.py:657:72: E0606: Possibly using variable 'iccid_str' before assignment (possibly-used-before-assignment)
=> False-positive: code paths that don't set iccid_str raise an error, so
this shouldn't be a problem.
************* Module pySim-smpp2sim
pySim-smpp2sim.py:427:4: E1101: Module 'twisted.internet.reactor' has no 'run' member (no-member)
=> False-positive: pylint doesn't recognize dynamically set attributes.
************* Module es9p_client
contrib/es9p_client.py:126:11: E0606: Possibly using variable 'opts' before assignment (possibly-used-before-assignment)
=> Real bug, should be "self.opts".
Related: https://stackoverflow.com/a/18712867
Change-Id: Id042ba0944b58d98d27e1222ac373c7206158a91
It's quite common for a FsNodeADF to not have a df_name, so we need
to guard against that during stringification to avoid an exception.
Change-Id: I919d7c46575e0ebcdf3b979347a5cdd1a9feb294
- try to identify the CardModel by just comparing the Historical Bytes if matching by Whole ATR failed
- add decompose ATR code from pyscard-contrib
Related: OS#6837
Change-Id: Id7555e42290d232a0e0efc47e7d97575007d846f
Remove the previous workaround that set cmd2==2.4.3 in jenkins.sh. The
bug this worked around has been fixed in 2.6.2.
3.0 will break unless we use some new additional decorator.
Related: OS#6776
Change-Id: I4ba65ed486247c5670313b75f43a242d264df14b
While at it make the linter happy.
The feature to ignore blocks is making slow progress:
https://github.com/astral-sh/ruff/issues/3711#
Change-Id: Ic678e6c4a4c1a01de87a8dce26f4a5e452e8562a
If TLS is enabled (default) it will automagically generate missing pem files + dh params.
A faithful reproduction of the certs found in SGP.26_v1.5_Certificates_18_07_2024.zip available at
https://www.gsma.com/solutions-and-impact/technologies/esim/gsma_resources/sgp-26-test-certificate-definition-v1-5/
can be generated by running contrib/generate_certs.py. This allows adjusting the expiry dates, CA flag,
and other parameters FOR TESTING. Certs can be used by the smdpp by running
$ python -u osmo-smdpp.py -c generated
Change-Id: I84b2666422b8ff565620f3827ef4d4d7635a21be
With the introduction of using osmocom.construct.{Bytes,GreedyBytes}
in Change-Id I1c8df6350c68aa408ec96ff6cd1e405ceb1a4fbb we don't have a
need for wrapping each instance of Bytes or GreedyBytes into a
HexAdapter anymore. The osmocom.construct.{Bytes,GreedyBytes} will
automatically perform the related hex-string-to-bytes conversion if
needed - and during printing we have osmocom.utils.JsonEncoder that
makes sure to convert any bytes type to a hex-string.
Change-Id: I9c77e420c314f5e74458628dc4e767eab6d97123
Recent versions of cmd2 have changed how the 'prog' attribute is
automatically set for ArgumentParser instances. As a result, we
are now seeing an unexpected 'build.py' artifact appearing in
the generated documentation.
Let's use an older release of cmd2, which retains the old expected
behavior. Use it specifically for building documentation.
Change-Id: Ifbad35adc5e9d3141acfd024d7dee2a25f1cb62e
Related: https://github.com/python-cmd2/cmd2/issues/1414
Related: OS#6776
The upstream construct.{Bytes,GreedyBytes} only support bytes/bytearray
input data for the encoder, while the [newly-created]
osmocom.construct.{Bytes,GreedyBytes} support alternatively hex-string input.
This is important in the context of encoding construct-based types from
JSON, where our osmocom.utils.JsonEncoder will automatically convert any
bytes to hex-string, while re-encoding those hex-strings will fail prior
to this patch.
Change-Id: I1c8df6350c68aa408ec96ff6cd1e405ceb1a4fbb
Closes: OS#6774
The SGP.26 v3.0 certificate had expired on July 11, 2024. Let's replace
it with a cert of 10 year validity period to facilitate uninterrupted testing
with osmo-smdpp.
@@ -1,12 +1,12 @@
Certificate:
Data:
Version: 3 (0x2)
- Serial Number: 9 (0x9)
+ Serial Number: 10 (0xa)
Signature Algorithm: ecdsa-with-SHA256
Issuer: CN=Test CI, OU=TESTCERT, O=RSPTEST, C=IT
Validity
- Not Before: Jun 9 19:04:42 2023 GMT
- Not After : Jul 11 19:04:42 2024 GMT
+ Not Before: Apr 23 15:23:05 2025 GMT
+ Not After : Apr 21 15:23:05 2035 GMT
Subject: O=ACME, CN=testsmdpplus1.example.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Change-Id: I6f67186b9b1b9cc81bfb0699a9d3984d08be8821
We've created + used osmocom.utils.JsonEncoder as an encoder class
for json.{dump,dumps} for quite some time. However, we missed to
use this decoder class from the edit_{binary,record}_decoded commands
in the pySim-shell VTY.
Change-Id: I158e028f9920d8085cd20ea022be2437c64ad700
Related: OS#6774
According to [1], the literal block must be indented (and, like all
paragraphs, separated from the surrounding ones by blank lines).
[1] https://www.sphinx-doc.org/en/master/usage/restructuredtext/basics.html#literal-blocks
While at it, fix tabs-vs-spaces: use 2 spaces like in other places.
Change-Id: If548bf66339433c1f3f9e2a557821e808c6afa26
Use the 'r' (raw) qualifier to avoid rendering '\n' as the actual
line break in the auto-generated documentation.
Change-Id: Ie7f59685a78534eb2c43ec4bc39685d3fd264778
Recent versions of the ARA-M applet from Bertrand Martel can lock
the write access to ARA-M rules. Let's add a command for that and
some documentation.
Related: SYS#7245
Change-Id: I71581a0c9f146f9a0921093d9b53b053b4a8946c
The PE-Application object is used to provision JAVA-card applications
into an eUICC during profile installation. Let's extend the SAIP-tool
so that we are able to add, remove and inspect applications.
Change-Id: I41db96f2f0ccc29c1725a92215ce6b17d87b76ce
The pySim-smpp2sim.py program exposes two interfaces:
* SMPP server-side port, so external programs can rx/tx SMS
* APDU interface towards the SIM card
It therefore emulates the SMSC, Core Network, RAND and UE parts
that would normally be encountered in an OTA setup.
Change-Id: Ie5bae9d823bca6f6c658bd455303f63bace2258c
The application profile element has no ProfileElement class yet, so
let's create a ProfileElementApplication class and move the existing
extract-apps code into a method of ProfileElementApplication.
Change-Id: Iaa43036d388fbf1714c53cab1fc21092c4667a21
At the moment it is only possible to remove profile elements by their identification
number. However, there may be cases where we want to remove all profile elements of
a certain type at once (e.g. when removing all applications).
Change-Id: I92f9f9d5b4382242963f1b3ded814a0d013c4808
In some cases it may be helpful to extract a single profile element
from the sequence to a dedicated file.
Change-Id: I77a80bfaf8970660a84fa61f7e08f404ffc4c2da
To prevent code duplication and to make the implementation simpler,
let's add a function that takes care of writing the PE sequnece
to an output file.
Change-Id: I38733422270f5b9c18187b7f247b84bf21f9121b
When we merged I8b56d7804a2b4c392f43f8540e0b6e70001a8970 for T=1
support, the ENVELOPE C-APDU was not adjusted to reflect the correct
case. ENVELOPE expects a response and hence needs a Le byte present.
This avoids below related message when performing e.g. OTA via SMS
Warning: received unexpected response data, incorrect APDU-case (3, should be 4, missing Le field?)!
Change-Id: Ice12675e02aa5438cf9f069f8fcc296c64aabc5a
Related: OS#6367
A TransRecEF is based on a TransparentEF. This means that a TransRecEF
is basically normal TransparentEF that holds a record oriented data
structure. This also requires that the total length of the TransRecEF
is a multiple of the record length of the data structure that is stored
in it. When this is not the case, the last record will be cut short and
the decoding will fail. We should guard against this case.
Related: OS#6598
Change-Id: Ib1dc4d7ce306f1f0b080bb4b6abc36e72431d3fa
pre-empt this from coming up in patch
I60ea8fd11fb438ec90ddb08b17b658cbb789c051:
E1135: Value 'self.permitted_len' doesn't support membership test (unsupported-membership-test) pickermitted_len
Change-Id: I0343f8dbbffefb4237a1cb4dd40b576f16111073
Add PEM version of smdpp-data/certs/DPtls/CERT_S_SM_DP_TLS_NIST.der
A CERT_S_SM_DP_TLS_NIST.pem file is referenced in docs/osmo-smdpp.rst --
nginx apparently cannot use DER certs, so it is convenient for beginners
if the example from the docs just works without having to know that:
The added file was produced using
openssl x509 -inform DER -in CERT_S_SM_DP_TLS_NIST.der -outform PEM -out CERT_S_SM_DP_TLS_NIST.pem
Change-Id: I41ba6ebacb71df0eb8a248c0c3c9ccd709718d74
Startup scripts are executed using the cmd2 provided onecmd_plus_hooks
method. This method can run arbitrary commands, which also includes
the command "run_scrit" that we use to execute startup scripts.
When a script executes a quit command, or when someone issues a quit
command using the --execute-command or the command argument, then
this commands is executed. However a quit command won't actually quit
the process. All it does is to change the return code of
app.onecmd_plus_hooks (see [1]). So we must evaluate the return code
and take care of the quitting ourselves.
[1] https://cmd2.readthedocs.io/en/0.9.15/api/cmd.html#cmd2.cmd2.Cmd.onecmd_plus_hooks
Related: OS#6731
Change-Id: Ic6e9c54cdb6955d65011af3eb5a025eee5da4143
These changes are necessary to successfully run
./tests/unittests/test_esim_saip.py with a pySim installed via
'pip install'.
For example:
virtualenv venv
source venv/bin/activate
git clone ssh://gerrit.osmocom.org:29418/pysim
pip install pysim/
cd pysim
./tests/unittests/test_esim_saip.py
Before this patch, that would result first in package pySim.esim.saip
being unknown (not installed at all), and when that is added to
setup.py, in this error:
Traceback (most recent call last):
File "/home/moi/osmo-dev/src/pysim/tests/unittests/./test_esim_saip.py", line 23, in <module>
from pySim.esim.saip import *
File "/home/moi/s/esim/sysmo_esim_mgr/venv/lib/python3.13/site-packages/pySim/esim/saip/__init__.py", line 41, in <module>
asn1 = compile_asn1_subdir('saip')
File "/home/moi/s/esim/sysmo_esim_mgr/venv/lib/python3.13/site-packages/pySim/esim/__init__.py", line 56, in compile_asn1_subdir
for i in resources.files('pySim.esim').joinpath('asn1').joinpath(subdir_name).iterdir():
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^
File "/usr/lib/python3.13/pathlib/_local.py", line 577, in iterdir
with os.scandir(root_dir) as scandir_it:
~~~~~~~~~~^^^^^^^^^^
FileNotFoundError: [Errno 2] No such file or directory: '/home/moi/s/esim/sysmo_esim_mgr/venv/lib/python3.13/site-packages/pySim/esim/asn1/saip'
After this patch, the test completes successfully.
......
----------------------------------------------------------------------
Ran 6 tests in 0.067s
OK
Related: sysmocom's eSIM manager product that is currently in
development needs to fully use pySim.esim.saip, ideally from a regular
'pip install', and not from using the pySim source tree directly.
Related: SYS#6768
Change-Id: I0d7d6962a308eccca589a42c22546d508ff686f5
The implementations that inheret from the LinkBase class are expected to
implement a get_atr method. This method is mandatory, since it is one of
the most basic functionalities of pySim to display an ATR. Also the ATR
is sometimes needed to distinguish between different card models.
The modem_atcmd and calypso implementation completely lack the get_atr
method. Apparantly it is not possible to get an ATR in those
environments, so lets add a dummy method there.
Related: OS#6322
Change-Id: I4fc020ca45658af78e495a5c1b985213f83cbb50
type annotations claimed the return type was Hexstr, but in reality
it was a list of integers. Let's fix that.
Change-Id: I01b247dad40ec986cf199302f8e92d16848bd499
Closes: OS#6322
The ATR constants are the only hex string constants where the hex
bytes digits are separated with spaces. Also the hex digits are in
lowercase. Let's use a lowercase string without spaces here like
we do in many other code locations.
Related: OS#6322
Change-Id: I95118115b02523ed262a2fbe4369ace3996cd8f5
Installing JAVA-card applets from a CAP file is a multi step process, which is
difficult when done manually. Fortunately it is easy to automate the process,
so let's add a dedicated command for that.
Change-Id: I6cbd37f0fad5579b20e83c27349bd5acc129e6d0
Related: OS#6679
In this patch we add the commands "install_for_load" and "load".
Depends: pyosmocom.git I86df064fa41db85923eeb0d83cc399504fdd4488
Change-Id: I924aaeecbb3a72bdb65eefbff6135e4e9570579e
Related: OS#6679
The kvn parameter is used to select a keyset when establishin a secure channel.
At the moment this is a mandatory parameter and it must be within a certain
range.
However GPC_SPE_034 explicitly defines a reserved kvn value 0, that always
refers to the first available key. That effectively makes it an optional
parameter and the commandline interface should have the --key-ver parameter
as an optional parameter.
The ranges also have to be extended to allow 0 as kvn value. We also have to
put a range to support the sysmoUSIM-SJS1, which uses kvn value 1, which is
a non standard value.
Related: OS#6679
Change-Id: I42be2438c7f199b238f2ec7a9434cec5393210a7
Some old cards are classic SIM and not based on UICCs. Such cards
do not offer the capability of selecting applications. Let's avoid
running into an exception by providing dummy methods that simply fail
for each AID selection.
Change-Id: Ib3457496380c0c5096052ad7799970ee620dee33
Closes: OS#6691
To install JAVA-card applets we need to be able to extract the executeable
loadfile and the AIDs of the applet and the loadfile. This patch adds the
parser and related unittests.
Related: OS#6679
Change-Id: I581483ccb9d8a254fcecc995fec3c811c5cf38eb
The line with TAGS is longer than 120 columns and there is some
comment that should be moved to the python docstring.
Related: OS#6679
Change-Id: I1d02098320cfbe17a0eb1bfdcf3bc85034cc8e20
GPD_SPE_013 Table 6-3 defines two types of AID-REF-DO objects (both
are fully independed TLV IEs with the same name). The version with
tag '4F' identifies an SE application. It may contain an AID prefix
or even be of length 0 in case the rule should apply to all SE
applications. Then there is the version with tag 'C0', which must
always have length 0 and serves a flag to apply the rule to the
implicitly selected SE application. Technically both are completely
different things, so we must also treat them separately in the
pySim-shell code.
Related: OS#6681
Change-Id: I771d5e860b12215280e3d0a8c314ce843fe0d6a2
there are multiple references to a specification "SEID". As it seems this is
a reference to the GlobalPlatform "Secure Element Access Control" spec, which
has the document reference "GPD_SPE_013". Let's use "GPD_SPE_013" to referene
the spec.
Related: SYS#6681
Change-Id: I77895f1b84126563380ce89aa07a3b448d8784a3
Let's give a better description of what the project is all about, and
differentiate reading/exploring any SIM from writing/updating a special
programmable one where you know the ADM credentials.
Change-Id: Ied2a9626594e9735d92d4eabe6c6b90f92aa2909
Let's change the prompt from ">" to "#" when the user gains admin
privilegs using verify_adm.
Related: OS#6640
Change-Id: I957b9df7b5069b6fce5bf958c94e8ffda833c77f
When the equip method is running, all kinds of states in pySim-shell are reset.
To be sure that the card state is also reset (normally this is the case because
usually init_card is called before equip), we should send an explicit reset to
the card as well.
Related: OS#6640
Change-Id: I622a2df2c9184841f72abd18483bfbfd00b2f464
the testcase EF_ePDGSelection has a wrong testvector in the plmn field.
This test vector is accepted because there is a complementary error in
pyosmocom. However, the root problem got fixed (see depends), which means
that the test vector of EF_ePDGSelection now needs to be updated.
Depends: pyosmocom.git: I3811b227d629bd4e051a480c9622967e31f8a376
Change-Id: I96fd4c13c8e58ef33ddf9e3124617b1b59b9b2c1
Related: OS#6598
Back in January 2024 in change 7ba09f9392
we migrate dthe commands from 'class ADF_ISDR' to CardApplicationISDR
without updating the sphinx-argparse references in the documentation.
Let's fix that, making the syntax reference for those commands re-appear
in the documentation.
Change-Id: I1d7e2d1a5dfbdcc11b1fdb3e89845787f7cddbfc
This adds a small utility program that can be used for generating
keys used for SUCI in 5G SA networks, as well as for dumping them
in a format that's compatible with what is needed on the USIM.
Change-Id: I9e92bbba7f700e160ea9c58da5f23fa4c31d40c6
Those programs have been around since 2021 but we never had any
documentation here. Let's fix that.
Change-Id: I7c471cac9500db063a0c8f5c5eb7b6861b3234ed
In case the fileDescriptor of EF.IMSI is purely template based and only
the file content is given in the actual profile, we must pass a template
reference to the File() constructor before we can read the IMSI.
This fixes the following exception for some profiles:
ValueError: File(ef-imsi): No fileDescriptor found in tuple, and none set by template before
Change-Id: I14157a7b62ccd9b5b42de9b8060f2ebc5f91ebb3
So far we mainly created File() instances when parsing existing
profiles. However, sometimes we want to programmatically create Files
and we should offer a convenience helper to do so, rather than asking
API users to worry about low-level details.
Change-Id: I0817819af40f3d0dc0c3d2b91039c5748dd31ee2
The point of the SAIP template mechanism is to reduce the size of the
encoded profile. Therefore, our encoder in the to_fileDescriptor()
method should suppress generating attributes if their value is identical
to that of the template (if any).
Change-Id: I337ee6c7e882ec711bece17b7a0def9da36b0ad7
The encoding of the access rule reference is different in FileTemplate
vs File, let's make sure we properly convert it when instantiating a
File from a FileTemplate.
Change-Id: Ibb8afb85cc0006bc5c59230ebf28b2c0c1a8a8ed
If the API user modifies the size of the body, we need to check if we
need to re-compute the file_size attribute which is later encoded into
the fileDescriptor. The size obviously must be large enough to fit the
body. Let's do this implicitly by introducing a setter for File.body
Change-Id: I1a908504b845b7c90f31294faf2a6e988bdd8049
ProfileElements.insert_after_pe() is a convenience method to insert
a new PE after an existing one in the sequence. This is a frequent
task as there are strict ordering requirements in the SAIP format.
Change-Id: I4424926127b4867931c2157e9340bacd2682ff0c
When generating the file content (body), we need to proceed in the
following order:
1a) If FCP contains fillPattern/repeatPattern, compute file content from those
1b) If FCP doesn't contain fillPattern/repeatPattern but template
exists, compute file content from template
2) Apply any fillFileConten / fillFileOffset from the SAIP File on top
of the above
Change-Id: I822bb5fbec11a3be35910a496af7168458fd949c
Closes: OS#6642
If we know the efFileSize and record_len, but Fcp doesn't contain
the number of records, we can simply compute it.
Change-Id: I0cc8e7241e37ee23df00c2622422904e7ccdca77
There's a second flag hidden in the TS 102 222 "Special File
Information"; let's parse + re-encode it properly.
Change-Id: I7644d265f746c662b64f7156b3be08a01e3a97aa
Related: OS#6643
So far we only thought of default filling coming from a template.
However, filling can happen from the Fcp, and we need to properly parse
and [re-]encode that information.
Change-Id: Iff339cbe841112a01c9c617f43b0e69df2521b51
Related: OS#6643
With osmo-remsim and Android APDU proxy we have two powerful solutions to
allow remote acces to UICC/eUICC cards. Let's add a section where we give
a brief overview about those solutions, so that pySim-shell users get
awre of them.
Related: OS#6367
Change-Id: I73de4de2e5d4a01d6d91989ee684cbdb680de8ef
The card initialization normally takes place automatically. Nearly all
testcases implicitly cover this code-path. However, it is also possible
to skip the card initialization and do it at some later point. This is
commonly the case for unprovisioned card that require some custom APDUs
in a basic initialization step. When this step is done one would use
the "equip" command to level up to the full featured mode. This patch
adds a testcase for this scenario
Related: OS#6367
Change-Id: I01a03fa07d8c62164453bd707c5943288ff1a972
ETSI TS 102 221, section 7.3 specifies that UICCs (and eUICCs) may support two
different transport protocols: T=0 or T=1 or both. The spec also says that the
terminal must support both protocols.
This patch adds the necessary functionality to support the T=1 protocol
alongside the T=0 protocol. However, this also means that we have to sharpen
the lines between APDUs and TPDUs.
As this patch also touches the low level interface to readers it was also
manually tested with a classic serial reader. Calypso and AT command readers
were not tested.
Change-Id: I8b56d7804a2b4c392f43f8540e0b6e70001a8970
Related: OS#6367
The _wrap_cmd_apdu methods for SCP02 and SCP03 are a bit hard to read. Let's
refactor them so that it is easier to understand what happens. In particular
that one can not have encryption (cenc) without signing (cmac)
Related: OS#6367
Change-Id: I4c5650337779a4bd1f98673650c6c3cb526d518b
Sphinx is complaining about a duplicate label "osmo-smdpp". Apparantly
because we use this label twices as section headline. The subsection
"osmo-smdpp" in "Running osmo-smdpp" talks about the commandline and the
supplementary files that osmo-smdpp needs to run. Let's split the two
topics into two different sections.
Change-Id: I8bc4979160a00d36a03b9cd10679562a08c2c55c
When a pySim-shell command is not recognized, cmd2 prints "xyz is not a
recognized command, alias, or macro." This string is a normal print out
and not an exception, but during tests, it may point out a severe problem
and therefore it should be tread like an exception.
Related: OS#6367
Change-Id: I17be6af1547b31170622e17b9cfb9c492597670d
by default pySim-shell does all kinds of probing and file selection
on startup. This is to determine the card type and to find a suitable
card profile. However, in case the card is non yet provisioned this
probing may cause a error messages and even might upset the cards
internal state. So let's have a commandline option thrugh which we
can instruct pySim-shell to skip any initialization and to give us
a prompt immediately, so that we can enter custom APDUs
Related: OS#6367
Change-Id: I1d8a57de201fe7ad7cbcbc6f72969ea8521e821d
There are situations where no card profile can be determined. In this case no
RuntimeState will be present. This is in particular the case when pySim-shell
is used on a card that is not provisioned/initialized yet. In those cases we
have to go the direct route and reset the card directly.
Related: OS#6367
Change-Id: I27bf9fdb131d8bdeba07f4dfd2b76b38f9bfdd17
The "apdu" command allows us to send custom APDUs to a card. This command is
often used in low level initialization scripts or tests. To stop the script
execution in case of an error, the command allows us to specify a status word
that must match the status word of the response. But we have no such mechanism
for the response itself. Let's add another parameter where we can pass a regex
that the response must match.
Related: OS#6367
Change-Id: I97bbcdf37bdcf00ad50a875b96940c211de7073d
When pySim-shell has problems starting up, it exits with an error
code. This is detected by the testsuite, but it also causes an
early exit, so that the log file content are not printed.
Change-Id: Ic0f34eda32a7c557810abcb05a84e343741fdb8a
when we sign and encrypt the APDU in _wrap_cmd_apdu (SCP03) we return an "mapdu"
at the end. However, in the (unlikely?) case where self.do_cencand
self.do_cmac are false, mapdu will be undeclared. In _wrap_cmd_apdu for SCP02
we just re-use the apdu variable and return it at the end, so when no
encryption and no signing is applied, the APDU falls just through without any
modifications. We should have the same mechanism for the SCP03 wrapping as
well.
Related: OS#6367
Change-Id: Ic7089a69dffd7313572c5b3e5953200be5925766
The tests that check the establishment of a secure channel currently only test
security level 3. Also the get_data command after it only tests data reception
from the card.
Let's extend the test coverage and test the SCP establishment for security
level 1 as well. Let's also add a get_status command to make sure sending data
to the card also works (without exceptions).
Related: OS#6367
Change-Id: Idff40b414a249e532df1bdce2a8deb9b0cb9718f
When we configure the tests to display file content, we only display files that
we compare, let's also display log file contents from pySim-shell. This will
be useful in situations where we only have log output from the tests, but no
access to the file system of the test host.
Related: OS#6601
Change-Id: Ibf6f78d7e71c213c7ca1caaf21c4c890e892261e
When pySim-shell is called by a testcase, a logfile is createted. The logfile
filename contains the testcase name. However, a testcase may run pySim-shell
multiple times. In this case we overwrite the log from previous run. Let's use a
counter to generate unique file names for each run, so that we won't lose logs
from previous runs.
Related: OS#6601
Change-Id: Ib2195d9b2231f74d0a6c4fb28f4889b6c45efb1e
When we get rid of temporary files, we delete those using a wildcard,
but for the logs from pySim-shell we explicitly memorize the name
of the pySim-shell logfile and delete it later by this explicit
name. This is not necessary, let's just delete all log files present
using a wildcard.
Related: OS#6601
Change-Id: I09dc7e59d1a3dcb68f54e3a8dccb86a1bc6c9ee6
This adds a construct + pyosmocore.tlv based declarative encoder/decoder
for the EF.EARFCNList file used in the context of NB-IoT in later
release USIMs.
Change-Id: I16797ca58c3ad6ebaf588d04fec011a0cbcfcef3
When we use the argument parser with choices, we sometimes use a
list that we derive from a dictionary. However if we do that we
still must ensure that we really put a list and not a dict_values
or dict_keys class as parameter because this won't work any longer
with cmd2 version 2.5.0
Related: OS#6601
Change-Id: I165fefd8feb0d96cedc15d036fb32da381f711b3
The problems with test_list_and_rm_notif (see also change id
I7d0b6a998499d84f0eb4e24592ad43210ac54806) are now resolved, so
we can re-enable the testcase now.
Closes: SYS#7094
Change-Id: I95eb3b9c02a69653797851197e882ea9316805fc
sphinx-build doesn't use the PYTHONPATH from the venv, unless it runs
as python3 -m sphinx.cmd.build. We need it to use the imports from
PYTHONPATH, so we can update the pyosmocom version in requirements.txt
in a patch, and this new version will be used in the jenkins job that
runs during gerrit review. Otherwise the previously installed version
(from the docker image) will be used.
Related: https://github.com/sphinx-doc/sphinx/issues/8910
Change-Id: I487e1af6a3493df5b806cc2d3d2b70bc5233b89f
The build system uses a virtual environment, in which it installs
pysim and its dependencies. This is done for the integration tests,
but not when building the sphinx documentation. However, the
documentation build process also invokes pysim code to generate
documentation from the docstrings. This means we need pysim with
all its dependencies for the doc building as well.
Change-Id: I6381eeef7fa19873ca0cc330a0ab43b7ef5096e4
Related: SYS#7094
Even though our tests are written in a way that they shouldn't interfere
with each other, it may happen that one testrun writes content to a file
that upsets a different testrun. The resulting problems are often
difficult to diagnose.
To minimize the problem, let's add code that can reset the cards to a
defined state. This can be done using pySim-shell's export
feature. We can generate a backup from a known good state and then play
back the backup to reset files that have been changed. Files that didn't
change will not be written thanks to the conserve_write feature of
pySim-shell.
Related: OS#4384
Change-Id: I42eaf61280968518164f2280245136fd30a603ce
We now have a construct based encoder/decoder for the record content
of EF.MSISDN. This means that we do not need the functions enc_msisdn
and dec_msisdn in the non-legacy code anymore. We can now move both
to legacy/utils.py.
Related: OS#5714
Change-Id: I19ec8ba14551ec282fc0cc12ae2f6d528bdfc527
The unittest for EF.DIR only runs with _test_decode, but it also runs with
_test_de_encode without any problems
Related: OS#5714
Change-Id: If459073c6ff927c1cc1790d506e3979243b1fb4c
The unittest for EF.CFIS only runs with _test_decode, but it also runs with
_test_de_encode without any problems
Related: OS#5714
Change-Id: Ib876fd799f871fe64ced2a7b64847ffd09e16ed9
The unittest for EF.ADN can run with _test_de_encode. However, the original
test vectors seem to be from a card with a slightly larger record size, so
they need a bit of re-alignment
Related: OS#5714
Change-Id: I241792e66ee6167be6ddc076453344b6307d6265
The encoding of EF.MSISDN is currently done with enc_msisdn and
dec_msisdn from utils.py. Let's replace this with a construct
based model, similar to the one we already use with EF.ADN
Related: OS#5714
Change-Id: I647f5c63f7f87902a86c0c5d8e92fdc7f4350a5a
Some methods sometimes have a **_kwargs parameter, let's be consistent
and use **kwargs only.
Related: OS#5714
Change-Id: I98857cc774185e55a604eb4fbfbf62ed4bd6ded7
In our construct models we frequently use a context parameter "total_len",
we also pass this parameter to construct when we decode files, but we
do not pass it when we generate files. This is a problem, because when
total_len is used in the construct model, this parameter must be known
also when decoding the file.
Let's make sure that the total_len is properly determined and and passed
to construct (via pyosmocom).
Related: OS#5714
Change-Id: I1b7a51594fbc5d9fe01132c39354a2fa88d53f9b
Using '-e' it is possible to specify *multiple* pySim-shell commands
which shall be executed at startup. This extends the current ability
to execute just a single command.
Example:
./pySim-shell.py -p0 -e 'select ADF.USIM/EF.IMSI' -e 'read_binary_decoded'
Change-Id: I74004f46105553f077c039ca0f86f75afccc7342
The testcase euicc.test_list_and_rm_notif fails due to a problem
with the eUICC. The eUICC reports the following error when a
delete notification attempt is made:
"delete_notification_status": "undefinedError"
Let's temporarily disable this testcase until the problem is resolved.
Change-Id: I7d0b6a998499d84f0eb4e24592ad43210ac54806
In order to run this script from pyosmocom's contrib/jenkins.sh script,
we want to skip the clean workspace step. Add an environment variable to
do that.
Related: OS#6570
Change-Id: Ic8dc9b85da17719195f7374d37eccb4dedba6ce8
This patch adds a comprehensive testsuite for pySim-shell. The testsuite
is based on python's unittest framework in combination with pySim-shell
scripts.
Related: OS#6531
Change-Id: Ieae1330767a6e55e62437f5f988a0d33b727b5de
When a hexadecimal formatted ADM pin is retrieved via the
card_key_provider, it still requires the --pin-is-hex parameter so
that sanitize_pin_adm knows the correct format.
This unfortunately ruins the card_key_provider feature for all cards
that use hexadecimal pins, because the --pin-is-hex would also be
required in scripts, which makes a script either useable for cards
with hexadecimal ADM or for for cards with ASCII ADM.
To minimize the problem, let's recognize all ADM pins longer than 8
digits as hexadecimal in case --pin-is-hex is not set.
Related: OS#4348
Change-Id: Iad9398365d448946c499ce89e3cfb2c3af5d525e
Our test cards need to stay recognizable, so it is important that
each card has a unique ICCID. This means we must write an individual
ICCID, when we test writing the ICCID.
Related: OS#4384
Change-Id: I858a35e526e7b4868e901222d587258412779f41
The sysmoISIM-SJA2 does not support changing of the ICCID.
pySim-prog will also reject this, so let's remove the ICCID
from the parameter list.
Related: OS#4384
Change-Id: I89571f2bf7c4cec4d621c322a58687b7781b0ed2
Older construct versions seem to have problems, in particular with
evaluating COptional() correctly. With 2.10.70 no such problems
were observed.
Related: OS#5714
Change-Id: If59dc708a7194649d1f42c4cf33f6328edcb80d2
The "desc" command displays a string with a file description, let's also
display some size information as part of the description as well.
Related: OS#5714
Change-Id: I98e139ba2bf35df5524245cdd96f5c52cf09b986
We have an API function to get the number of records, let's now also
add API functions to get the record length and the overall size of
the currently selected file.
Related: OS#5714
Change-Id: Ica7811c04161d8098b40c7219ed6b939df716cfd
The documentation for the classic pySim-prog application is a bit
sparse. Let's rework it so that it includes the most important
information that is required to operate pySim-prog. Let's also add
a section about how the batch mode and CSV files are used.
Related: SYS#4120
Change-Id: I1d1a65154cea7fa77428b412fcf8c7b4cba629b1
The CSV mode needs one of the four additional parameters: --imsi
--iccid, --read-iccid or --read-imsi. Also this check is unrelated
to the batch mode. The CSV file parameter reading works independently
from the batch mode.
Related: SYS#4120
Change-Id: I1292afb85122ed2b7944d02ede69c928a453866f
When using a CSV file, we can either read the IMSI or ICCID from the
CSV file before programming. However, should also be possible to
supply both manually to identify the CSV file entry using the --imsi
or --iccid option. This currently only works for the IMSI, but not
for the ICCID.
Related: SYS#4120
Change-Id: Id3083c7794a7bd59501997f22afdc23bad3069e6
The writing to osmo-hlr SQLITE files is broken since the SQLITE format
has evolved over time. Let's add a FIXME note to tell that this needs
fixing.
Related: SYS#4120
Change-Id: I2b23f8bb9f3c2adeb48b010834057f5b4fb1e626
0.0.3 fixes an important problem related to enabling callers of build_construct()
to pass in a total_len value in order to specify the target output size.
Change-Id: I01687bb54e65bf5cc318745df588c3d6ea14eb83
The new architecture avoids sim/ruim/uicc specific methods in
pySim.profile and instead moves the profile-specific code into the
profile; it also solves everything within the class hierarchy, no need
for global methods.
Change-Id: I3b6c44d2f5cce2513c3ec8a3ce939a242f3e4901
This was suggested by vyanitskiy during gerrit patch review in
https://gerrit.osmocom.org/c/pysim/+/38049 in order to make the
upcoming eUICC CardProfiles simpler.
Change-Id: Ia7c049b31cb1c5c5bb682406d9dd7a73bcd43185
The M2M eUICC are completely different from the consumer/IoT eUICC.
Obtaining the EID works via GET DATA in the ECASD. Let's add support
for that.
Change-Id: I6cca6f75d268229244c90b3f1f88e26c89a2b4e0
Any program using argparse_add_reader_args() will get a new
long-opt '--apdu-trace' which enables a raw APDU trace to the console.
Change-Id: I4bc3d2e023ba360f07f024d7b661a93322f87530
The code had two problems:
* the RESET was only performed in the successful case, but not if
some exceptio was raised
* the RESET was a low-level reset bypassing the RuntimeState,
so the lchan.selected_file was stale afterwards
Fixes: Change-Id Idc2ea1d9263f39b3dff403e1535a5e6c4e88b26f
Change-Id: Ib23d3d5b58b456a25157a622c1010c81cd8b2213
So far the core proactive handling code would always generate a positive
response, with no way for the ProactiveHandler call-back to influence
that or to include additional IEs/TLVs.
Let's change that.
Change-Id: Ic772b3383533f845689ac97ad03fcf67cf59c208
When we define positional arguments for the argument parser, we usually
use upper case letters only. However, there are some code locations that
use lower case letters. Let's translate those to capital letters to
have a consistent appeariance.
Related: OS#6531
Change-Id: Iec1ff8262bc6e9cf87c3cbf7b32fa5f753b7e574
The command cardinfo also displays the AIDs of the card applications.
However, on classic GSM sim cards there are no applications. In this
case cardinfo will still display the string 'AIDs:', but it will of
course not list any AIDs under this string.
Related: OS#6531
Change-Id: Ifb111ce43fdebe85d30857dfc61ab570380b68d1
The tutorial describes how SUCI calculation in the UE is configured,
let's now add a section about SUCI calculation by the USIM.
Related: OS#6531
Change-Id: I45d47f9278b30d99ebde6891de0ba8cc74b1a0a0
When pySim-shell is used in a scripted environment, we may easily get trapped in
the pySim-shell prompt. This may happen in particular in case the script file
is not executed due to problem with the reader initialization. In such a case
pySim-shell will not exit automatically and the shellscript that was calling
pySim-shell will stall indefinetly.
To make the use of pySim-shell more reliable in scripted environments, let's
add a --noprompt option that ensures the interactive mode is never entered.
Let's also exit with an appropriate return code in case of initialization
errors, so that the calling script can know that something went wrong.
Related: OS#6531
Change-Id: I07ecb27b37e2573629981a0d032cc95cd156be7e
The SimCardCommands has a cla_byte @property method, which automatically
returns the lchan patched CLA byte. We use cla_byte property to build
the UICC command APDUs inside SimCardCommands and then we hand the APDU
over to the send_apdu* methods. The cla_byte @property method as well
as the send_apdu* methods perform the lchan patching. This means the CLA
byte gets patched twice, which is technically not an issue, but can be
confusing when trying to understand the code.
To fix this, let's remove the @property methods and turn cla_byte into
a normal property again. This is also more accurate since the cla_byte
property originally was introduced to switch between UICC and classic
SIM APDU commands, which have almost identcal APDUs.
Related: OS#6531
Change-Id: I420f8a5f7ff8d9e5ef94d6519fb3716d6c7caf64
When constructing a ProfileElmentGFM from scratch, initialize the
decoded['fileManagementCMD'], as it is a mandatory member during
ASN.1 encode.
Change-Id: Iaae99348d36b7f0c739daf039d6ea2305b7ca9db
The choice member is called df-5gprose but the header is called
'df-5g-prose-header' (note the '-' between '5g' and 'prose'). WTF.
Change-Id: I86004ac2e18a187c26c5e470344908512d21fb9e
Sometimes the struct member is called like df-telecom, but in other
cases it's called df-df-saip with a double 'df' in front. That makes
no sense, but we have to deal with it from our constructors...
Change-Id: If5e670441f03a47fa34e97a326909b24927c12f7
We're creating a 'pyosmocom' pypi module which contains a number of core
Osmocom libraries / interfaces that are not specific to SIM card stuff
contained here.
The main modules moved in this initial step are pySim.tlv, pySim.utils
and pySim.construct. utils is split, not all of the contents is
unrelated to SIM Cards. The other two are moved completely.
Change-Id: I4b63e45bcb0c9ba2424dacf85e0222aee735f411
This is the only way we can make sure pylint has all required
information about imports from packages we depend upon.
Change-Id: I29582aa3d7f9ace9ce832d5b907420aaf14881fb
When probing for cards, the probing might fail in case the terminal
is empty. This results into lengthy error log output that is not
of interest.
Related: OS#6532
Change-Id: I1d44f9458a05992d79b0152d3affcfeb783cccff
When the test detects a card, but does not find the .data faile for
it, then it fails. This can be a problem in case we want to intentionally
exclude a specific card model.
Related: OS#6532
Change-Id: Iba196ada0076385de7bffcb157a85fda0a6c1852
The test currently expects all reader slots to be populated. This means
the cards may plugged into a random order, but there may not be any empty
slots in the system at all. This requirement is easy to meet when each
card has its own single-slot USB PCSC-reader, but as soon as multislot
readers are used there may be some empty slots.
Related: OS#6532
Change-Id: I7ba1d1350b6998d65e90408184accdb212556a7c
The section Technical References has direct download links for the relevant specs.
Then later in th Key Provisioning section another download link follows and another
one is redundant. Let's put all download links into the Technical References section
and then only use the spec numbers in the following. This way we have all download
links in one location.
Related: OS#6531
Change-Id: Ibcbc6bb5d836d32c381922a35afa3b73b5f90621
We currently have the shell script that performs the test in the
tests directory and the related data in pysim-testdata directory.
This is confusing, let's have evrything in a dedicated sub directory
Change-Id: Ic995a7f600d164fc0be3c2eb8255dbe043429bea
Related: OS#6531
We currently have the test data for pySim-trace in pysim-testdata.
This means we mix the test data with the data from our original
pySim integration tests. This is very confusing. Let's put the
test data and the testcase for pySim-trace into a dedicated
sub directory.
Change-Id: I565b4268a05c1a1334b5e7d3fbcd9ef2ef0f0c4c
Related: OS#6531
We currently mix the unit-tests with the shell script based integration
tests. Let's put them into a dedicated sub directory.
Related: OS#6531
Change-Id: I0978c5353d0d479a050bbb6e7ae5a63db5e08d24
The first hnet_pubkey value with the identifier 27 seems to be incorrect.
It differs from the value suggested in 3GPP TS 31.121, section 4.9.4 and
also does not work with the on card SUCI calculation.
The tutorial also contains a reference to 3GPP TS 33.501, Annex C.4. This
spec specifies an ECIES Profile A and an ECIES Profile B. The tutorial
recommends to use a key from profile B, but it actually uses a key from
profile A.
Related: OS#6531
Change-Id: I6fddf8a6efc28ad0d40b1715973429904e00d2b2
When creating the DES cipher object with DES.new, we use the property
card_keys.dek. This property may hold a 16 byte key, but DES uses
an 8 byte key (56 bit + 8 bit integrity). Pycryptodome does not
automatically ignore excess key bytes. Instead it throws an
exception. This means we need to make sure to supply only the first
8 bytes of card_keys.dek
See also: https://pycryptodome.readthedocs.io/en/latest/src/cipher/des.html
Related: OS#6531
Change-Id: I92e0dc6a6196b532bd8b53fca7b9e78070d6903f
The send_apdu* methods now support lchan patching, so there is no longer
a need for computing the class byte manually (which is prone get forgotten)
before calling a send_apdu*. It is now enough to supply an APDU that has
a class byte with the default channel selected. This also means we do not
need cla4lchan anymore, so let's restruture the code and get rid of it
completely.
Related: OS#6531
Change-Id: Ia795f3c16a8875484fce3b44e61497d5aa52b447
The ara_m commands use APDUs with a fix class byte (0x80). This means
that all ARA-M related features only work in the basic logical channel.
To fix this, let's compute the class byte for the current logical channel
dynamically inside the send_apdu methods of SimCardCommands. This will
fix the problem globally.
Related: OS#6531
Change-Id: Ie3e48678f178a488bfaea6cc2b9a3e18145a8d10
The argument parser object for establish_scp03 (est_scp03_parser) is
copied from est_scp02_parser. This object still has the .description
property set, which is the description for establish_scp02. To get
the description string that is defined in do_establish_scp03, we must
remove the old description string first.
Related: OS#6531
Change-Id: Ibb26bddf88b2e644a7f0c6b2a06bde228aa8afc7
The basic logical channel 0 is always present. It cannot be created or
closed. Let's restrict the value range of chan_nr, so that only valid
lchan numbers can be passed.
Related: OS#6531
Change-Id: I4eebd9f15fadd18e1caeb033fda36c59446fcab8
When we define command arguments using the ArgumentParser, we sometimes
define the positional arguments first. However, since positional arguments
usually follow after the optional (--xyz) arguments, we should define the
positional arguments last.
Related: OS#6531
Change-Id: I2412eb6e7dc32ae95a575f31d4489ce210d85ea0
When working with BER-TLF files, we can only delete one tag at a time.
There is no way to delete all tags at once. This may make working with
BER-TLV files difficult, in particular when scripting is used and the
script needs to start with an empty file. Also export has problems,
since it does not reset the file before setting the new values there
may be unexpected results in case there still tags in the file that
are not set during import. To fill the gap, let's add a commandd that
deletes all tags in a BER-TLV EF at once.
Related: OS#6531
Change-Id: I5d6bcfe865df7cb8fa6dd0052cab3b364d929f94
The CardKeyProvider support for the commands enable_chv, disable_chv,
verify_chv, change_chv and unblock_chv is broken. The reason for this
is the annotation "type=is_decimal" in the argument parser. This annotation
prevents the usage of string placeholders ("PIN1", "PUK1", etc).
Let's fix this by finding a better solution. We can also replace any
missing PIN/PUK code by checking if it is supplied or not. If not,
we query the CardKeyProvider. This also makes the usage of the *_chv
commands more uniform with the verify_adm command.
Related: OS#6531
Change-Id: I565b56ac608e801c67ca53d337bdec9efa3f3817
The method get_file_by_name compares the selectable directly with the
given file name. This is not correct. The comparison should be with the
path element from the pathlist.
Related: OS#6092
Change-Id: Id2d0704678935d9b9e2f1aeb6eaccbff6fa9d429
************* Module pySim.esim.es2p
pySim/esim/es2p.py:107:19: E1101: Class 'datetime' has no 'toisoformat' member (no-member)
Change-Id: Ib762792d595048bf6d7d6f5acbe2715f137ae5bb
With this change, the ProfileElementSequence object will maintain a
representation of the filesystem hierarchy of the eSIM profile. Every
file that is added by a ProfileElement will add a FsNode into that tree,
and each FsNode will point to the File object for the respective file.
This allows us to find files by their path, as well as add files by
path.
Change-Id: I2caadc24b1087855f23f3c57cdf8dabbf81757c0
The self.files member is a dict. Hence we should use those dict
keys when [re]building the decoded dict. The previous code ignored
it and re-constructed the key from File.pe_name - but that's not
always identical.
Change-Id: I0e6c97721fb1cfc6b5c21595d85bd374d485b573
Store a back-reference to the PE-Sequence in the PE object; this is
neccessary for some upcoming patches, e.g. to determine the position in
the sequence, access the global filesystem hierarchy, etc.
Change-Id: I24b692e47e4dd0afb5a17b04d5e0251dded3d611
Having AKA specific code in the generic ProfileElement base class dated
back to when we didn't have a ProfileElementAKA subclass.
Change-Id: Icd332183758b8ef20a77507b728f5e455698def0
When populating a File from a FileTemplate, let's make sure we
* correctly treat the maximum file size for BER-TLV files
* respect the default value pattern / repeat pattern
* respect the high_update flag.
Change-Id: I3ba092e0893f53a18264dff5fa37b12ccd9bd47e
So far the prefix_match() required a string argument; let's also
permit another OID object to be passed; we internally convert that
to string.
Change-Id: I0feb7782d1813cc46ec78f170eb0fce804aebe3a
we so far supported construction of the Path object from a string or
a list of strings. Let's also add the option of constructing it from a
path consisting of a list of integer FID values.
Change-Id: Ia7e9375b3258d1fbfdc892cefba3e3bbe841c550
before this change, structure == 'ber_tlv' was missing the
file_type == working_ef attribute. So for linear_fixed, transparent
and cyclic, the file_type attribute was present, but for ber_tlv it was
missing. This is illogical from a user point of vie and makes downstream code
potentially more complex, as it cannot match on working_ef for all EF
types.
Change-Id: If0076cc6dd35a818c08309885f6ef1c1704052c6
The SAIP specification is very weird in a way that it treats the DF and
EF descriptions as some kind of flat structure without describing the
hierarchy. So when creating a DF, sometimes it should be created below
the current DF, and sometimes it should be adjacent next to the current
DF.
Let's introduce
* a 'ppath' property of FileTemplate to indicate if a file is anything
but a direct sibling of the 'base DF' of the PE
* an 'extends' property of ProfileTemplate to indicate that a given
template does not have its own 'base DF', but that its contents merely
extends that of another ProfileTemplate
* a 'parent' property of ProfileTemplate to indicate a parent
ProfileTemplate below whose 'base DF' our files should be placed.
Change-Id: Ieab4835cd21008b289713784c0eb7170af2ccfb9
In the previous patch we have improved the export command. Since
the implementation of the fsdump command is very similar to the
implementation of the export command we can now apply the same
improvements to the fsdump command as well.
Change-Id: I4d2ef7b383025a5bbf122f18ecd51b7d73aaba14
Related: OS#6092
Since we now have the ability to provide export methods for all file
types in the file system (this also includes DF and ADF files), we need
to support this at shell command level as well. Let's also renovate the
walk method and the action method that does the actual exporting.
Related: OS#6092
Change-Id: I3ee661dbae5c11fec23911775f352ac13bc2c6e5
In some cases it might come in handy to be able to lookup a random file
in the file system tree before actually selecting it. This would be
very useful in situations where we need to check the presence of the
file or if we need to check certain file attributes before performing
some task.
Related: OS#6092
Change-Id: I6b6121e749cea843163659e1a26bb3893c032e29
the select_parent method in RuntimeLchan currently implements a way
to escape from an application that has no filesystem support. However,
this escape route can be integrated directly into the select_file
method. This will give us the benefit that it will work transparently
in all code locations.
(This also means we can get rid of the select_parent method again)
Related: OS#6120
Change-Id: Ie6f37d13af880d24a9c7a8a95cef436b603587c7
This patch adds an export method to the CardApplicationARAM class.
This method reads the ARA-M configuration and transforms it into
executeable command lines, which can be executed as a script later
to restore an ARA-M configuration.
Related: OS#6092
Change-Id: I811cb9d25cb8ee194b4ead5fb2cabf1fdc0c1c43
This patch adds an export method to CardADF, which calls the application
specific export method in CardApplication class
Related: OS#6092
Change-Id: I8129656096ecaf41b36e5f2afbbfbebcd0587886
We add export methods in subclasses of CardFile but the base class
itself lacks an export method. To make the code more readable and
to avoid unnecessary exceptions, les's add a default export method
that just returns a comment.
Related: OS#6092
Change-Id: Ife2a9bad14750db84a87fab907297028c33f1f7d
The Card.file_exists() method is only called by legacy pySim-{read,prog}
when it wants to determine if it can read/write a file. Therefore
it actually doesn't only want to know if the file exists, but also
if it's not deactivated.
Change-Id: I73bd1ab3780e475c96a10cd5dbdd45b829c67335
Closes: OS#6530
The code for the --apdu-filter commandline option is not yet finished.
Let's finish it and make it work.
Related: OS#6092
Change-Id: Ib5fb388972fde0d50c3db0082ebf40bcca404681
This method can be used to expand the default value pattern of the
file system template for the file to the specified (record, file) length.
Change-Id: Id3eb16910c0bdfa572294e14ca1cd44ca95ca69f
The default value must contain '...' to indicate a variable-length
default value section, not '..'
Change-Id: I8d78278065c145b86460acf8eb723babe777c4f6
The SAIP specification version implicitly determines which filesystem
templates (or versions thereof) are supported. So if a given eUICC
states it implements SAIP version 2.3.0, then we have to translate
this into which template versions that means. The new SaipSpecVersion
and its derived classes do exactly that.
Change-Id: I3a894c72c22e42bd2067e067be80a67197ad1bf2
The SAIP data format is inherently flat and doesn't intrinsically
have an idea of the tree-like structure of a filesystem. However,
if we want to (for example) convert a physical USIM into an eSIM
profile, we need to find the template for a given file, where the file
is identified by its path.
Let's expose a path property of the FileTemplate object, and populate
that when creating the FileTemplate as part of a ProfileTemplate.
Change-Id: Ie145ba159081daf8fbfa544f6d4248f05b7eea96
We previously only permitted this for transparent files (TR), but
file size can of course also be specified for BER-TLV files.
Change-Id: Ie007cf2ccde0a17d0fb853a96b833f064ae52c59
So far we only had the EF.ICCID and EF.PL within our UICC card profile.
However, a classic GSM SIM card is not an UICC, so the CardProfileSIM
also needs those files.
To avoid circular dependencies, move the definitions from ts_102_221.py
to ts_51_011.py
Change-Id: I6eaa5b579f02c7d75f443ee2b2cc8ae0ba13f2fe
Closes: OS#6485
The existing logic is wrong. How we call from_dict() doesn't differ if
a member IE itself contains a nested collection: We always must pass a
single-entry dict with the snak-case name of the class to from_dict().
Change-Id: Ic1f9db45db75b887227c2e20785198814cbab0f5
Fixes: OS#6453
Historically, to_dict and from_dict were not symmetric; this has been
fixed in I07e4feb3800b420d8be7aae8911f828f1da9dab8 in December 2023.
This however broke the ara_m legacy use of the from_dict() methods.
We've just introduced a from_val_dict() method in
I81654ea54aed9e598943f41a26a57dcc3a7f10c2, let's make use of it.
Change-Id: I3aaec40eb665d6254be7b103444c04ff48aac36d
We put those in ts_102_221 because that's where ProprietaryInformation
is defined, and we don't want to risk circular dependencies.
Change-Id: I526acfeacee9e4f7118f280b3549fd04fdb74336
This fixes a long-standing bug in the FileDescriptor IE class which so
far only supported decoding, but not encoding of BER-TLV file
descriptors.
Change-Id: I598b0e1709ee004bcf01a53beb91f68470e1f3da
This command exports the entire filesystem state as one JSON document,
which can be useful for storing it in a noSQL database, or for doing a
structured diff between different such dumps.
It's similar to "export", but then reasonably different to rectify a
separate command.
Change-Id: Ib179f57bc04d394efe11003ba191dca6098192d3
There are some situations where we want to work with a type-name-wrapped
dict that includes the type information, and others where we don't want
that. The main reason is that nested IEs can only be reconstructed if
we can determine the type/class of the nested IE from the dict data.
Let's explicitly offer {to,from}_val_dict() methods that work with
the value-part only
Related: OS#6453
Change-Id: I81654ea54aed9e598943f41a26a57dcc3a7f10c2
In the read and write command implementations, we used to catch
lower-layer exceptions (usually SwMatchError) and "translate" that into
a value error, only to add more information to the exception. This
meant that higher-layer code could no longer detect this was actually
a SwMatchError exception type.
Let's instead use the add_note() method to amend the existing exception,
rather than raising a new one of different type.
Change-Id: Ic94d0fe60a8a5e15aade56ec418192ecf31ac5e7
The new methods allow programmatic resolution of nested IEs from
a parent, assuming there's only one child of a given type (which is
often but not always the case).
Change-Id: Ic95b74437647ae8d4bf3cdc481832afb622e3cf0
When loading a ProfileElement from its DER-ecoded format, populate
a dict with a pySim.esim.saip.File object for each file.
Change-Id: Ie2791c10289eb28daed2904467b0c5e5b11c94c2
The function do_switch_channel method calls methods in RuntimeLchan
that should be private. There is also a code duplication in
RuntimeLchan that should be cleaned up.
Related: OS#6092
Change-Id: Ie5e5f45787abaaf032e1b49f51d447653cf2c996
The reset command resets the card using the card object. This unfortunately
leaves the RuntimeState uninformed about the event. However, the RuntimeState
class also has a reset method that resets the card and the RuntimeState. Let's
use this reset method. Also fix this method so that it ensures that the SCP is
also no longer present.
Related: OS#6092
Change-Id: I1ad29c9e7ce7d80bebc92fa173ed7a44ee4c2998
When we traverse the file system using the command "export" we will
also select all ADFs but not all ADFs may have UICC file system support.
This makes it impossible to exit those ADFs again. To exit anyway we
select an application with filesystem support first and then the parent
EF we wanted to select originally. This method may not only be useful
when traversing the filesystem, so let's put it into the RuntimeLchan
class and change it a little so that it would also work if the ADF in
question is an a sub DF.
Related: OS#6092
Change-Id: I72de51bc7519fafbcc71d829719a8af35d774342
The code that generates the filesystem export lines for the various
different file structures can be moved into the filesystem class model.
This simplifies the code since we do not need any extra logic to
distinguish between the different file structures.
Related: OS#6092
Change-Id: Icc2ee60cfc4379411744ca1033d79a1ee9cff5a6
Until Change-Id Ifba1048e3000829d54769b0420f5134e2f9b04e1 the TAR
output was working for implicit tar. With said commit we fixed it
for explicit tar but broke implicit tar.
With this commit it works for both implicit and explicit TAR.
Change-Id: I76133b0e02996a138257f3fba5ceb0d2fc6fad80
EF_WebRTCURI should inherit from LinFixedEF intead of TransparentEF.
(See also 3gpp TS 31.103, section 4.2.20)
Related: OS#6092
Change-Id: I903c483a8553fbe599fa7b5a2aefb28bc85b5078
Let's rename get_file_for_selectable to get_file_for_filename so that it
is immediately clear what the method does.
Related: OS#6092
Change-Id: Ifed860814229857ad8b969e50849debbf5d8918f
In the past, we always wrapped a HexAdapter around bytes-like data in
order to make sure it's printed as hex-digits. However, now that we are
doing JSON output it's much easier to let the pySim.utils.JsonEncoder
take care of this in a generic way.
We should do a similar migration all over pySim (pySim-shell,
filesystem, etc.) - but for now only do it in the low-hanging fruit of
pySim-trace aka pySim.apdu
Change-Id: I0cde40b2db08b4db9c10c1ece9ca6fdd42aa9154
Let's factor out the "automatic processing using _tlv / _construct" as a
separate method. This way we enable a derived class to first call that
automatic processing method, and then amend its output in a second step.
Change-Id: I1f066c0f1502020c88d99026c25bf2e283c3b4f5
This is requird to make some definitions available to USIM / ts_31_102
without introducing circular dependencies.
Change-Id: I32e29f400d2da047e821bf732316b21805b5a1e2
As SGP.22 states, the handleNotification endpoint uses HTTP status 204,
not 200 (due to its empty body).
Change-Id: I890bdbd3e1c4578d2d5f0367958fdce26e338cac
This implements the first parts of the "GlobalPlatform Remote
Application Management over HTTP Card Specification v2.3 - Amendment B,
Versoin 1.2". Specifically, this patch covers the TLV definitions for
the OTA message used for HTTPS session triggering.
This also adds some more unit test coverage to pySim.cat, based on
real-world data that was captured nested inside the HTTPS Administration
session triggering parameters.
Change-Id: Ia7d7bd6df41bdf1249011bad9a9a38b7669edc54
this way, the eUICC will send us notifications whenever our profiles are
enabled/disabled/deleted.
Change-Id: I2861290864522b691b30b079c7c2e1466904df2d
"other" notifications (enable, disable, delete) contain ECDSA
signatures that also need verification.
Change-Id: If610058b7af6f9fc7822576c93f9970e2ce9aba9
The ES9+ interface is not only used for downloading eSIM profiles, but
it is also used to report back the installation result as well as
profile management operations like enable/disable/delete.
Change-Id: Iefba7fa0471b34eae30700ed43531a515af0eb93
SGP.22 is quite clear in that handleNotification shall return an empty
HTTP response body. Let's make sure we comply to that and don't report
a JSON response.
Change-Id: I1cad539accbc3e7222bfd4780955b3b1ff694c5b
For example, the ES9+ handleNotification function is defined with an
empty response body, so we cannot unconditionally assume that every HTTP
response will contain a JSON "header" value.
Change-Id: Ia3c5703b746c1eba91f85f8545f849a3f2d56e0b
TS 102 221 specifies that (in case of a class 4 command) and as SW
62xx or 63xx, we should send a GET RESPONSE just like in the 61xx
case in order to get the respective response.
As we don't really know if it's a case1/2/3/4 command in the
pySim.transport, let's always send the GET RESPONSE in case SW 62xx or
63xx are received. It shouldn't hurt - in the worst case there's no
response available...
Change-Id: Ibb1398194a16fc1f1f9bc46af6c66fb6575240cd
SMS cannot exceed 140 bytes, and TS 31.115 explicitly states that larger
messages must use multi-part SMS, which we don't yet implement here.
Change-Id: I8a1543838be2add1c3cfdf7155676cf2b9827e6e
while it's true that in situations where response_status == 'por_ok'
we are guaranteed to have a 'secured_data' key in the dict, its value
could well be b'', which in turn causes us to run into an exception,
calling a decoder on an empty byte value; let's avoid that.
Change-Id: I7c919f9987585d3b42347c54bd3082a54b8c2a0a
the COMPACT-TLV variant is a TLV variant that ISO7816 uses for encoding
tag and length into a single octet. This is used (for example) in ATR
historical bytes.
Let's add support for this to our pySim TLV encoder/decoder.
Change-Id: I9e98d150b97317ae0c6be2366bdaaeaeddf8031c
The ProfileHeader PE contain lists of template-oids and services that
are mandatory in this profile. Let's add methods that can be used to
(re-) compute those lists based on the actual PE contents of the
sequence.
The idea is that during programmatic construction of a profile, those methods
would be called after appending all PEs, just before encoding the
profile as DER.
Change-Id: Ib43db8695c6eb63965756364fda7546d82df0beb
Let's avoid the copy+paste in the subclass constructors and initialize the profile
element header in the base class constructor.
Change-Id: I6e69ae1f0d33d963247fc506db33b3840c10c19a
There are e.g. templates for usim and for opt-usim, and they should not
be confused with each other. Let's reflect that in the naming.
Change-Id: Ic6d04ce3172dc969c6b8c018b8d305eb6fd3f550
Let's make sure the constructor of ProfileElement subclasses set
meaningful defaults to the self.decoded member, so that the to_der()
method can actually encode it. This is required when constructing
a profile from scratch, as opposed to loading an existing one from DER.
Also, add a test to verify that the encoder passes without exception;
doesn't test the generated binary data.
Change-Id: I401bca16e58461333733877ec79102a5ae7fe410
This fixes commit cdf661b24c
"pySim.tlv.COMPR_TLV_IE: Patch comprehension bit if derived class misses it"
where we introduce a comprehension-TLV specific derived metaclass, which forgets
to pass the kwargs through to the parent metaclass.
Change-Id: If65a8169bcf91bb2f943d0316f1140e07f0b8b8e
This new action can be used to dump all java applications as either raw
IJC file or converted to CAP format (the usual format generated by
JavaCard toolchains).
Change-Id: I51cffa5ba3ddbea491341d678ec9249d7cf470a5
The eSIM specs allow for both brainpool and nist; in reality the
deployments use the NIST P256 curve.
osmo-smdpp currently only supports a single certificate; let's use the
NIST one by default.
Change-Id: Idc7809f320505279c8a75e9b667be0a2af802f6b
So far we only implemented command encoding and response decoding.
Let's also add command decoding, which is useful for example when
decoding protocol traces.
Change-Id: Id666cea8a91a854209f3c19c1f09b512bb493c85
This is a tool to work with eSIM profiles in SAIP format. It allows
to dump the contents, run constraint checkers as well as splitting
of the PE-Sequence into the individual PEs.
Change-Id: I396bcd594e0628dfc26bd90233317a77e2f91b20
Our current implementation assumes that all COMPR_TLV_IE are created
with a raw tag value that has the comprehension bit set. Check for this
during the class __new__ method and print a warning if we have to fix it up
Change-Id: I299cd65f32dffda9040d18c17a374e8dc9ebe7da
our implementation currently assumes that all derived classes are
created with a tag value that has the comprehension bit set.
Change-Id: I6e5f2a69c960c03015c3f233f8fbc2a7a802f07e
The uppermost bit of COMPREHENSION-TLV tags indicates whether the
recipient is required to "comprehend" that IE or not. So every IE
actually has two tag values: one with and one without that bit set.
As all our existing TLV definitions of COMPR_TLV_IE have that bit set,
let's assume this is the default, but use the same definition also for
the situation where that bit is not set.
Change-Id: I58d04ec13be0c12d9fb8cb3d5a0480d0defb6c95
This method allows the caller to remove all NAAs of a certain type,
for example to remove all CSIM instances from a given profile.
Change-Id: I64438bf0be58bad7a561c3744b7e9b1338a7857c
This tool can be used to test the SM-DP+. It implements the full dance
of all HTTPs API operations to get to the downloadProfile, and will
decrypt the BPP to the UPP, which is then subsequently stored as file on
disk.
Needless to say, this will only work if you have an eUICC certificate +
private key that is compatible with the CI of your SM-DP+.
Change-Id: Idf8881e82f9835f5221c58b78ced9937cf5fb520
Let's use the infrastructure of pySim.esim.http_json_api to define
the ES9+ API Functions. This can in turn be used by clients or even
osmo-smdpp can be ported over to using this infratructure rather than
open-coding a lot of the encoding/decoding of API request/response
parameters.
Change-Id: I194ef1d186391f36245c099cc70a4813185ecf9c
The "TCA Loader" is a freeware utility program published by the
Trusted Connectivity Alliance for testing SCP80, SCP81, SCP02 and SCP03
in UICCs. It can generate text log files of the APDUs it exchanges;
let's add this file format to pySim-trace
Change-Id: Ie76d36bb18c6bd8968d2a5b74ec1b8c5ccaaa409
Now that CardKeyProvider is capable of storing key materials
transport-key-encrypted, we can use this functionality to look up the
SCP02 / SCP03 key material for a given security domain.
This patch implements this for the ISD-R and ECASD using a look-up by
EID inside the CSV.
Change-Id: I2a21f031ab8af88019af1b8390612678b9b35880
It's generally a bad idea to keep [card specific] key material lying
around unencrypted in CSV files. The industry standard solution in the
GSMA is a so-called "transport key", which encrypts the key material.
Let's introduce support for this in the CardKeyProvider (and
specifically, the CardKeyProviderCSV) and allow the user to specify
transport key material as command line options to pySim-shell.
Different transport keys can be used for different key materials, so
allow specification of keys on a CSV-column base.
The higher-level goal is to allow the CSV file not only to store
the ADM keys (like now), but also global platform key material for
establishing SCP towards various security domains in a given card.
Change-Id: I13146a799448d03c681dc868aaa31eb78b7821ff
So far the main use case was to read a ProfileElement-SD from
a DER file. But when we want to construct one from scratch,
we need to have the constructor put some meaningful [default]
values into the class members.
Change-Id: I69e104f1d78165c12291317326dbab05977a1574
This way it's possible to programmatically inspect and modify the
high-level decoded key material inside a securityDomain profile element.
Change-Id: I18b1444303de80eaddd840a7e0061ea0098a8ba1
It's rather useful to have derived classes implementing specific
functions related to that SAIP profile type. Let's introruce that
concept and a first example for securityDomain, where methods allow
checking/adding/removing support for SCPs.
Change-Id: I0929cc704b2aabddbc2ddee79ab8b674b1ed4691
When de-MAC-ing at the recipient side, we must increment the cipher(!)
block number even if no ciphering is done at all.
We did this correctly for MAC (sender) case, but not on the de-MAC
(receiver) case.
Change-Id: I97993f9e8357b36401d435aaa15558d1c7e411eb
In the eSIM RSP univers there are some rather ugly layering violatoins
where ASN.1 cannot be parsed but we have to mess with raw TLVs and the
details of DER encoding. Let's add two funtions that make it more
convenient to work with this: They return the raw tag as integer, or
even the entire encoded TLV rather than the value part only.
Change-Id: I1e68a4003b833e86e9282c77325afa86ce144b98
GlobalPlatform has a [non-public] "UICC Configuration" spec, which
defines some specific aspects of implementing GlobalPlatform in the
context of an UICC. Let's add some python definitions about it.
Change-Id: If4cb110a9bc5f873b0e097c006bef59264ee48fa
Before this patch we had three different error causes that would cause a
"Verification failed" error message. Let's state explicitly which part
of verification did actually fail.
Change-Id: I5030758fe365bb802ae367b494aace5a66bc7a91
We used to re-encode those parts of a decoded ASN.1 struct that is
cryptographically signed in the GSMA SGP.22 specification. However, if
the received data follows a later spec and contains new/unknown records,
then our poor-man's attempt at re-encoding will render a different
binary, which in turn means the signature check will fail.
Let's instead do a manual step-by-step raw decode of the DER TLV
structure to extract the actual binary information of parts of ASN.1
objects.
Change-Id: I4e31fd4b23ec3be15b9d07c2c30a3e31e22bdda1
Closes: OS#6473
... and populate the RuntimeState.identity['EID'] wit it, so other
[future] parts of the system can use it.
Let's also print the EID (if available) from the 'cardinfo' shell
command.
Change-Id: Idc2ea1d9263f39b3dff403e1535a5e6c4e88b26f
In the previous patch, we've introduced a new 'identities' dict as part
of the runtime state. Let's migrate our ICCID storage into it for
consistency.
Change-Id: Ibdcf9a7c4e7e445201640bce33b768bcc4460db1
The get_eid command is actually sending the command apdu twice, as
it contains both an older implementation (result unused) and the newer
one.
Change-Id: Ie82bb09f4fc30bc879029b83147dad5614792b48
Let's have the card tell us what the length is by indicating '00'
instead of stating 'FF'. This is better aligned with general practice
and won't break assumptions in other parts of the code like SCP
transport.
Change-Id: Ied63c6e1970e3dfc675da5e5f94579fbb06fea51
A mix-up betewen underscore and dash resulted in:
Change-Id: I49d12b7c7ae2a343940e87d5069c0ae44a9bc50c
AttributeError: 'Namespace' object has no attribute 'application_aid'
When running without an argument, let argparse print a nice usage error:
$ ./sim-rest-client.py
usage: sim-rest-client.py [-h] [-H HOST] [-p PORT] [-v] [-n SLOT_NR] {auth,info} ...
sim-rest-client.py: error: the following arguments are required: {auth,info}
Instead of:
$ ./sim-rest-client.py
Traceback (most recent call last):
File "/usr/share/pysim/contrib/./sim-rest-client.py", line 185, in <module>
main(sys.argv)
File "/usr/share/pysim/contrib/./sim-rest-client.py", line 181, in main
args.func(args)
^^^^^^^^^
AttributeError: 'Namespace' object has no attribute 'func'
Change-Id: I92998d9b94dcfb9dcfc3da161fe5d8f45f242b78
Something like "this._.total_len-1" only works during decode. Let's
use GreedyBytes instead, working for encode and decode.
Change-Id: Idf8326298cab7ebc68b09c7e829bfc2061222f51
File "/crypt/space/home/laforge/projects/git/pysim/pySim/sysmocom_sja2.py", line 180, in __init__
self._construct = Struct(Const(b'\x82'), 'time_unit'/self.TimeUnit, 'value'/Int8ub,
^^^^^
NameError: name 'Const' is not defined
Change-Id: If34a48e349680ef84e68a4a1a19dde536ecda0e6
osmo-smdpp.py:374:72: E0601: Using variable 'iccid_str' before assignment (used-before-assignment)
Let's raise an exception in the erroneous case.
Change-Id: I01b308226e12f91699b1b5c6bb06f853be47e185
pySim/euicc.py:436:31: E0606: Possibly using variable 'p_id' before assignment (possibly-used-before-assignment)
pySim/euicc.py:455:31: E0606: Possibly using variable 'p_id' before assignment (possibly-used-before-assignment)
pySim/euicc.py:473:31: E0606: Possibly using variable 'p_id' before assignment (possibly-used-before-assignment)
Let's raise an exception in the erroneous case.
Change-Id: Ifdf4651e503bae6ea3e91c89c2121b416a12fb1a
pySim/commands.py:608:39: E0606: Possibly using variable 'p2' before assignment (possibly-used-before-assignment)
Let's raise an exception in the erroneous case.
Change-Id: I23adf2e89aa8a13246cc20ef022c84f0113eb2cd
pySim/commands.py:223:18: E0606: Possibly using variable 'skip' before assignment (possibly-used-before-assignment)
Let's raise an exception in the erroneous case.
Change-Id: Id1a892c3446e472699e77f076c2414277e92c98d
Let's register the ISD-R and ECASD applications so we avoid the warnings
printed when processing an eUICC protocol trace:
WARNING pySim.apdu.ts_102_221: SELECT UNKNOWN AID a0000005591010ffffffff8900000100
Change-Id: I362a1a7f12d979ff0b7971d5300db9ed56bb1ee5
When a SCP is active, the DEK is used to encrypt any key material
that's installed using PUT KEY. The code prior to this patch fails
to handle this case as it calls the encrypt_key() method on the wrong
object.
Change-Id: I6e10fb9c7881ba74ad2986c36bba95b336470838
our utils.b2h() returns values in lower-case hex string notation,
so let's make sure the CardADF and CardApplication AID values are also
stored in lower case notation, othewise the matching baesd on AIDs
returned from the card will not work, specifically as we use uppercase
AIDs in pySim.euicc for CardApplicationECASD and CardApplicationISDR.
Rather than change those two instances, let's solve it in a generic way.
We already do the same for the CardFile.fid member.
Change-Id: Ie42392412d9eb817fbc563d9165faab198ffa7a9
While all official/standardized ES2+ API functions use POST, there
are some vendor-specific extensions using different HTTP methods. Be
flexible enough to allow derived classes to easily specify other methods.
Change-Id: I4b1a0dc7e6662485397c7708933bf16e5ed56e10
Usually, the specifications say that the integer type is actually
transmitted as a JSON string type. However, it seems some
implementations do return a native JSON integer type. Let's be
tolerant in that regard.
Change-Id: I5b47f8bba01225d53eff2ca086e53a2133abed7f
The idea of this new job is to catch package integrity problems,
like the missing entries in setup.py/packages[] or missing deps.
Change-Id: Ic72d58494e8fd0cab8d66ce60f7b70593b770872
Related: osmo-ci.git I9d4d9e9de2b16a4b745791f3c9c93507f43bfa6d
There was a support request hinting that other applications
concurrently accessed the SIM and were messing up the card state while
pySim-shell was running.
Let's avoid such situations by opening the card/reader in EXCLUSIVE mode
by default. If somebody really has a special use case, they can now add
the --pcsc-shared flag to restore the legacy behavior (SHARED mode).
Change-Id: I90d887714b559a4604708d3c6dd23b5e05f40576
We already use argparse everywhere else, and we have moved reader-driver
argument parsing into the library expecting argparse.
Change-Id: I7407496643247c754d002656688e9fdcbcf644a8
The hex string of the generated transactionId contains lowercase hex
digits. However SGP.22 explicitly spcifies to use uppercase hex digits
when using JSON fromatted messages. See section 6.5.2.6 for example.
Related: SYS#6720
Change-Id: I8439aa9d70f6fe798fa88b623bac13debdc19ca1
To make things exciting, they decided that the ICCID in the profile
header is encoded different from the ICCID contained in EF.ICCID...
Change-Id: I5eacdcdc6bd0ada431eb047bfae930d79d6e3af8
When personalizing e.g. the ICCID, the input_value is the raw
incrementing counter. From that, we calculate the Luhn check digit,
and that "output" value is what we'll put in to the EF.ICCID specific
encoder.
However, we also store that output value in the instance in order
to generate the output CSV file containig the card-specific
personalization data.
Change-Id: Idfcd26c8ca9d73a9c2955f7c97e711dd59a27c4e
Those keys are normally per-card unique, and hence the personalization
must be able to modify them in the profile.
Change-Id: Ibe4806366f1cce8edb09d52613b1dd56250fa5ae
The original TS.48 profiles have shared/overlapping ICCIDs meaning you
can always install one of them on a given eUICC. Let's add a set of
modified TS.48 profiles so you can install any number of them in
parallel on a single eUICC, switching between them via your LPA.
Change-Id: Id5019b290db1ee90ae1c72b312f08bf3184908ea
Read the ICCID from the header of the UPP when building the
ProfileMetdata. This allows the download of profiles with arbitrary ICCID.
Change-Id: I1b9e17f757f9935436828e6dc1ab75ff17d1d1a4
pySim/esim/saip/validation.py:95:42: C0117: Consider changing "not not ('usim' in m_svcs or 'isim' in m_svcs)" to "'usim' in m_svcs or 'isim' in m_svcs" (unnecessary-negation)
pySim/esim/saip/validation.py:129:0: C0305: Trailing newlines (trailing-newlines)
Change-Id: Idcc9871d6a7068e8aedbd8cd81f4156918af5e50
pySim/esim/saip/__init__.py:28:0: R0402: Use 'from pySim.esim.saip import templates' instead (consider-using-from-import)
pySim/esim/saip/__init__.py:166:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/esim/saip/__init__.py:206:4: W0612: Unused variable 'tagdict' (unused-variable)
pySim/esim/saip/__init__.py:273:23: C1802: Do not use `len(SEQUENCE)` without comparison to determine if a sequence is empty (use-implicit-booleaness-not-len)
Change-Id: I12ef46c847d197fb0c01e624818aeac14eb99e31
Introduce code that makes use of the information from
pySim.esim.saip.templates to build a complete representation of a file
by merging the template with the ProfileElement decribing the file.
This happens within the class pySim.esim.saip.File, whose instances are
created from ProfileElement + Template.
Change-Id: Ib1674920e488ade9597cb039e4e2047dcbc7864e
If we're using a Secure Channel Protocol, this will add overhead
in terms of the C-MAC appended to the C-APDU. This means in turn that
the useable length of the data field shrinks by a certain number of
bytes.
Let's make sure the SCP instances expose an 'overhead' property
of how much overhead they add - and that other commands use this to
determine the maximum command data field length.
Change-Id: I0a081a23efe20c77557600e62b52ba90a401058d
TS 102 221 specifies a TERMINAL CAPABILITY command using which the
terminal (Software + hardware talking to the card) can expose their
capabilities. This is also used in the eUICC universe to let the eUICC
know which features are supported.
Change-Id: Iaeb8b4c34524edbb93217bf401e466399626e9b0
This type of USIM was introduced in Release 16.4. It is basically
a copy of ADF.USIM without the EF.IMSI file and a dedicated AID.
Change-Id: Ifcde27873a398273a89889bb38537f79859383e9
Cards where no profile was detected don't have a logical channel, and
hence must use the raw APDU at all times.
Change-Id: I08e5d190bdb4e62ee808bfd77584cb3e0b85a8ae
Fixes: Change-Id Id0c364f772c31e11e8dfa21624d8685d253220d0
pySim/global_platform/__init__.py:468:4: W0221: Number of parameters was 2 in 'CardFile.decode_select_response' and is now 1 in overriding 'ADF_SD.decode_select_response' method (arguments-differ)
pySim/global_platform/__init__.py:473:8: W0246: Useless parent or super() delegation in method '__init__' (useless-parent-delegation)
pySim/global_platform/__init__.py:491:19: W0612: Unused variable 'sw' (unused-variable)
pySim/global_platform/__init__.py:528:22: W0612: Unused variable 'sw' (unused-variable)
pySim/global_platform/__init__.py:559:12: C0200: Consider using enumerate instead of iterating with range and len (consider-using-enumerate)
pySim/global_platform/__init__.py:587:18: W0612: Unused variable 'sw' (unused-variable)
pySim/global_platform/__init__.py:617:20: W0612: Unused variable 'dec' (unused-variable)
pySim/global_platform/__init__.py:645:12: W0612: Unused variable 'data' (unused-variable)
pySim/global_platform/__init__.py:645:18: W0612: Unused variable 'sw' (unused-variable)
pySim/global_platform/__init__.py:746:15: C0121: Comparison 'opts.key_id == None' should be 'opts.key_id is None' (singleton-comparison)
pySim/global_platform/__init__.py:746:39: C0121: Comparison 'opts.key_ver == None' should be 'opts.key_ver is None' (singleton-comparison)
pySim/global_platform/__init__.py:750:15: C0121: Comparison 'opts.key_id != None' should be 'opts.key_id is not None' (singleton-comparison)
pySim/global_platform/__init__.py:752:15: C0121: Comparison 'opts.key_ver != None' should be 'opts.key_ver is not None' (singleton-comparison)
pySim/global_platform/__init__.py:787:16: W0612: Unused variable 'rsp_hex' (unused-variable)
pySim/global_platform/__init__.py:787:25: W0612: Unused variable 'sw' (unused-variable)
pySim/global_platform/__init__.py:836:30: W0612: Unused variable 'sw' (unused-variable)
pySim/global_platform/__init__.py:839:12: W0612: Unused variable 'ext_auth_resp' (unused-variable)
pySim/global_platform/__init__.py:846:33: W0613: Unused argument 'opts' (unused-argument)
pySim/global_platform/__init__.py:878:15: R1716: Simplify chained comparison between the operands (chained-comparison)
pySim/global_platform/__init__.py:886:29: W0613: Unused argument 'kvn' (unused-argument)
pySim/global_platform/__init__.py:893:0: C0413: Import "from Cryptodome.Cipher import DES, DES3, AES" should be placed at the top of the module (wrong-import-position)
pySim/global_platform/__init__.py:23:0: C0411: standard import "from typing import Optional, List, Dict, Tuple" should be placed before "from construct import Optional as COptional" (wrong-import-order)
pySim/global_platform/__init__.py:24:0: C0411: standard import "from copy import deepcopy" should be placed before "from construct import Optional as COptional" (wrong-import-order)
pySim/global_platform/__init__.py:893:0: C0411: third party import "from Cryptodome.Cipher import DES, DES3, AES" should be placed before "from pySim.global_platform.scp import SCP02, SCP03" (wrong-import-order)
pySim/global_platform/__init__.py:893:0: C0412: Imports from package Cryptodome are not grouped (ungrouped-imports)
Change-Id: Iea6afb5e72e035637e761bb25535f48fd4bc99f4
pySim/construct.py:47:0: W0311: Bad indentation. Found 16 spaces, expected 12 (bad-indentation)
pySim/construct.py:59:0: W0311: Bad indentation. Found 16 spaces, expected 12 (bad-indentation)
pySim/construct.py:82:0: W0311: Bad indentation. Found 16 spaces, expected 12 (bad-indentation)
pySim/construct.py:1:0: C0114: Missing module docstring (missing-module-docstring)
pySim/construct.py:14:0: W0105: String statement has no effect (pointless-string-statement)
pySim/construct.py:178:29: W0613: Unused argument 'instr' (unused-argument)
pySim/construct.py:199:15: C0121: Comparison 'codepoint_prefix == None' should be 'codepoint_prefix is None' (singleton-comparison)
pySim/construct.py:269:15: C0121: Comparison 'v == False' should be 'v is False' if checking for the singleton value False, or 'not v' if testing for falsiness (singleton-comparison)
pySim/construct.py:271:17: C0121: Comparison 'v == True' should be 'v is True' if checking for the singleton value True, or 'v' if testing for truthiness (singleton-comparison)
pySim/construct.py:385:15: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
pySim/construct.py:392:15: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
pySim/construct.py:408:11: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
pySim/construct.py:421:7: R1701: Consider merging these isinstance calls to isinstance(c, (Container, dict)) (consider-merging-isinstance)
pySim/construct.py:444:11: R1729: Use a generator instead 'all(v == 255 for v in raw_bin_data)' (use-a-generator)
pySim/construct.py:434:81: W0613: Unused argument 'exclude_prefix' (unused-argument)
pySim/construct.py:544:12: W0707: Consider explicitly re-raising using 'raise IntegerError(str(e), path=path) from e' (raise-missing-from)
pySim/construct.py:561:8: R1731: Consider using 'nbytes = max(nbytes, minlen)' instead of unnecessary if block (consider-using-max-builtin)
pySim/construct.py:573:12: W0707: Consider explicitly re-raising using 'raise IntegerError(str(e), path=path) from e' (raise-missing-from)
pySim/construct.py:3:0: C0411: standard import "import typing" should be placed before "from construct.lib.containers import Container, ListContainer" (wrong-import-order)
pySim/construct.py:10:0: C0411: third party import "import gsm0338" should be placed before "from pySim.utils import b2h, h2b, swap_nibbles" (wrong-import-order)
pySim/construct.py:11:0: C0411: standard import "import codecs" should be placed before "from construct.lib.containers import Container, ListContainer" (wrong-import-order)
pySim/construct.py:12:0: C0411: standard import "import ipaddress" should be placed before "from construct.lib.containers import Container, ListContainer" (wrong-import-order)
pySim/construct.py:7:0: W0611: Unused BitwisableString imported from construct.core (unused-import)
Change-Id: Ic8a06d65a7bcff9ef399fe4e7e5d82f271c946bb
pySim/tlv.py:29:0: W0401: Wildcard import pySim.exceptions (wildcard-import)
pySim/tlv.py:43:4: C0204: Metaclass class method __new__ should have 'mcs' as first argument (bad-mcs-classmethod-argument)
pySim/tlv.py:66:4: C0204: Metaclass class method __new__ should have 'mcs' as first argument (bad-mcs-classmethod-argument)
pySim/tlv.py:89:11: C0121: Comparison 'self.decoded == None' should be 'self.decoded is None' (singleton-comparison)
pySim/tlv.py:170:8: R1703: The if statement can be replaced with 'return bool(test)' (simplifiable-if-statement)
pySim/tlv.py:202:4: W0246: Useless parent or super() delegation in method '__init__' (useless-parent-delegation)
pySim/tlv.py:257:4: W0246: Useless parent or super() delegation in method '__init__' (useless-parent-delegation)
pySim/tlv.py:308:4: W0246: Useless parent or super() delegation in method '__init__' (useless-parent-delegation)
pySim/tlv.py:383:15: C0121: Comparison 'tag == None' should be 'tag is None' (singleton-comparison)
pySim/tlv.py:382:17: W0612: Unused variable 'r' (unused-variable)
pySim/tlv.py:389:16: W0612: Unused variable 'dec' (unused-variable)
pySim/tlv.py:461:22: R1718: Consider using a set comprehension (consider-using-set-comprehension)
pySim/tlv.py:473:0: C0206: Consider iterating with .items() (consider-using-dict-items)
pySim/tlv.py:473:58: C0201: Consider iterating the dictionary directly instead of calling .keys() (consider-iterating-dictionary)
pySim/tlv.py:20:0: W0611: Unused Optional imported from typing (unused-import)
pySim/tlv.py:20:0: W0611: Unused Dict imported from typing (unused-import)
pySim/tlv.py:20:0: W0611: Unused Any imported from typing (unused-import)
pySim/tlv.py:21:0: W0611: Unused bidict imported from bidict (unused-import)
pySim/tlv.py:28:0: W0611: Unused LV imported from pySim.construct (unused-import)
pySim/tlv.py:28:0: W0611: Unused HexAdapter imported from pySim.construct (unused-import)
pySim/tlv.py:28:0: W0611: Unused BcdAdapter imported from pySim.construct (unused-import)
pySim/tlv.py:28:0: W0611: Unused BitsRFU imported from pySim.construct (unused-import)
pySim/tlv.py:28:0: W0611: Unused GsmStringAdapter imported from pySim.construct (unused-import)
pySim/tlv.py:29:0: W0614: Unused import(s) NoCardError, ProtocolError, ReaderError and SwMatchError from wildcard import of pySim.exceptions (unused-wildcard-import)
Change-Id: Ic22d00d3ae73ad81167276d9482b7b86a04476ba
pySim/utils.py:903:0: C0325: Unnecessary parens after 'if' keyword (superfluous-parens)
pySim/utils.py:153:16: R1719: The if expression can be replaced with 'bool(test)' (simplifiable-if-expression)
pySim/utils.py:158:16: R1719: The if expression can be replaced with 'bool(test)' (simplifiable-if-expression)
pySim/utils.py:166:16: R1719: The if expression can be replaced with 'bool(test)' (simplifiable-if-expression)
pySim/utils.py:222:19: R1719: The if expression can be replaced with 'not test' (simplifiable-if-expression)
pySim/utils.py:237:18: R1719: The if expression can be replaced with 'bool(test)' (simplifiable-if-expression)
pySim/utils.py:246:19: R1719: The if expression can be replaced with 'not test' (simplifiable-if-expression)
pySim/utils.py:279:11: W0612: Unused variable 'remainder' (unused-variable)
pySim/utils.py:541:7: R1714: Consider merging these comparisons with 'in' by using 'eutran_bits in (16384, 28672)'. Use a set instead if elements are hashable. (consider-using-in)
pySim/utils.py:550:7: R1714: Consider merging these comparisons with 'in' by using 'gsm_bits in (128, 140)'. Use a set instead if elements are hashable. (consider-using-in)
pySim/utils.py:614:7: C0121: Comparison 'imsi == None' should be 'imsi is None' (singleton-comparison)
pySim/utils.py:627:7: C0121: Comparison 'imsi == None' should be 'imsi is None' (singleton-comparison)
pySim/utils.py:733:7: R1714: Consider merging these comparisons with 'in' by using 'msisdn in ('', '+')'. Use a set instead if elements are hashable. (consider-using-in)
pySim/utils.py:774:8: W0612: Unused variable 'try_encode' (unused-variable)
pySim/utils.py:803:16: W0707: Consider explicitly re-raising using 'except ValueError as exc' and 'raise ValueError('PIN-ADM needs to be hex encoded using this option') from exc' (raise-missing-from)
pySim/utils.py:801:16: W0612: Unused variable 'try_encode' (unused-variable)
pySim/utils.py:821:7: C1802: Do not use `len(SEQUENCE)` without comparison to determine if a sequence is empty (use-implicit-booleaness-not-len)
pySim/utils.py:836:4: W0612: Unused variable 'e' (unused-variable)
pySim/utils.py:892:7: C0121: Comparison 'str_list == None' should be 'str_list is None' (singleton-comparison)
pySim/utils.py:991:11: R1701: Consider merging these isinstance calls to isinstance(o, (BytesIO, bytearray, bytes)) (consider-merging-isinstance)
Change-Id: I190ae75964ef6e0ed43fae994693a8bccd21c7f7
pySim/filesystem.py:823:0: C0325: Unnecessary parens after 'if' keyword (superfluous-parens)
pySim/filesystem.py:849:0: C0325: Unnecessary parens after 'if' keyword (superfluous-parens)
pySim/filesystem.py:43:0: W0401: Wildcard import pySim.exceptions (wildcard-import)
pySim/filesystem.py:74:45: C0121: Comparison 'fid == None' should be 'fid is None' (singleton-comparison)
pySim/filesystem.py:94:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/filesystem.py:100:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/filesystem.py:149:8: W0105: String statement has no effect (pointless-string-statement)
pySim/filesystem.py:170:11: C0121: Comparison 'self.parent == None' should be 'self.parent is None' (singleton-comparison)
pySim/filesystem.py:283:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/filesystem.py:309:8: W0246: Useless parent or super() delegation in method '__init__' (useless-parent-delegation)
pySim/filesystem.py:314:15: C0117: Consider changing "not 'fid' in kwargs" to "'fid' not in kwargs" (unnecessary-negation)
pySim/filesystem.py:317:24: R1735: Consider using '{}' instead of a call to 'dict'. (use-dict-literal)
pySim/filesystem.py:418:11: C0121: Comparison 'name == None' should be 'name is None' (singleton-comparison)
pySim/filesystem.py:427:11: C0121: Comparison 'sfid == None' should be 'sfid is None' (singleton-comparison)
pySim/filesystem.py:452:28: R1735: Consider using '{}' instead of a call to 'dict'. (use-dict-literal)
pySim/filesystem.py:508:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/filesystem.py:531:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/filesystem.py:576:8: W0246: Useless parent or super() delegation in method '__init__' (useless-parent-delegation)
pySim/filesystem.py:599:19: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:609:19: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:620:19: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:633:28: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:642:41: W0613: Unused argument 'opts' (unused-argument)
pySim/filesystem.py:644:24: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:696:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/filesystem.py:723:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/filesystem.py:749:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/filesystem.py:777:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/filesystem.py:797:8: W0246: Useless parent or super() delegation in method '__init__' (useless-parent-delegation)
pySim/filesystem.py:822:23: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:838:19: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:844:34: W0613: Unused argument 'opts' (unused-argument)
pySim/filesystem.py:848:23: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:866:23: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:878:19: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:893:28: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:910:24: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:967:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/filesystem.py:995:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/filesystem.py:1023:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/filesystem.py:1051:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/filesystem.py:1114:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/filesystem.py:1141:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/filesystem.py:1167:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/filesystem.py:1194:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/filesystem.py:1226:8: W0246: Useless parent or super() delegation in method '__init__' (useless-parent-delegation)
pySim/filesystem.py:1236:19: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:1239:35: W0613: Unused argument 'opts' (unused-argument)
pySim/filesystem.py:1252:19: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:1263:19: W0612: Unused variable 'sw' (unused-variable)
pySim/filesystem.py:1315:24: R1735: Consider using '{}' instead of a call to 'dict'. (use-dict-literal)
pySim/filesystem.py:35:0: C0411: standard import "import argparse" should be placed before "import cmd2" (wrong-import-order)
pySim/filesystem.py:37:0: C0411: standard import "from typing import cast, Optional, Iterable, List, Dict, Tuple, Union" should be placed before "import cmd2" (wrong-import-order)
pySim/filesystem.py:27:0: W0611: Unused import code (unused-import)
pySim/filesystem.py:34:0: W0611: Unused with_argparser imported from cmd2 (unused-import)
pySim/filesystem.py:41:0: W0611: Unused i2h imported from pySim.utils (unused-import)
pySim/filesystem.py:41:0: W0611: Unused Hexstr imported from pySim.utils (unused-import)
pySim/filesystem.py:44:0: W0611: Unused js_path_find imported from pySim.jsonpath (unused-import)
pySim/filesystem.py:43:0: W0614: Unused import(s) NoCardError, ProtocolError, ReaderError and SwMatchError from wildcard import of pySim.exceptions (unused-wildcard-import)
Change-Id: I94e1f5791e9fc34a60d0254978a35fd6ab2ff8d7
pySim/commands.py:443:0: C0325: Unnecessary parens after 'if' keyword (superfluous-parens)
pySim/commands.py:446:0: C0325: Unnecessary parens after 'elif' keyword (superfluous-parens)
pySim/commands.py:669:0: C0325: Unnecessary parens after 'elif' keyword (superfluous-parens)
pySim/commands.py:27:0: W0622: Redefining built-in 'BlockingIOError' (redefined-builtin)
pySim/commands.py:27:0: W0401: Wildcard import construct (wildcard-import)
pySim/commands.py:30:0: W0404: Reimport 'Hexstr' (imported line 29) (reimported)
pySim/commands.py:42:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/commands.py:48:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/commands.py:98:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/commands.py:114:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/commands.py:131:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/commands.py:223:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/commands.py:234:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/commands.py:252:11: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
pySim/commands.py:271:11: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
pySim/commands.py:274:18: W0612: Unused variable 'sw' (unused-variable)
pySim/commands.py:326:16: W0707: Consider explicitly re-raising using 'raise ValueError('%s, failed to read (offset %d)' % (str_sanitize(str(e)), offset)) from e' (raise-missing-from)
pySim/commands.py:386:16: W0707: Consider explicitly re-raising using 'raise ValueError('%s, failed to write chunk (chunk_offset %d, chunk_len %d)' % (str_sanitize(str(e)), chunk_offset, chunk_len)) from e' (raise-missing-from)
pySim/commands.py:443:12: R1720: Unnecessary "elif" after "raise", remove the leading "el" from "elif" (no-else-raise)
pySim/commands.py:521:14: R1714: Consider merging these comparisons with 'in' by using 'sw in ('62f1', '62f2')'. Use a set instead if elements are hashable. (consider-using-in)
pySim/commands.py:532:11: R1701: Consider merging these isinstance calls to isinstance(data, (bytearray, bytes)) (consider-merging-isinstance)
pySim/commands.py:666:8: R1720: Unnecessary "elif" after "raise", remove the leading "el" from "elif" (no-else-raise)
pySim/commands.py:762:12: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/commands.py:776:12: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
Change-Id: Idfcd6f799d5de9ecacd2c3d1e0d1f7d932f2b8db
pySim/ts_102_221.py:20:0: W0622: Redefining built-in 'BlockingIOError' (redefined-builtin)
pySim/ts_102_221.py:30:0: R0402: Use 'from pySim import iso7816_4' instead (consider-using-from-import)
pySim/ts_102_221.py:20:0: W0401: Wildcard import construct (wildcard-import)
pySim/ts_102_221.py:235:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/ts_102_221.py:272:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/ts_102_221.py:281:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/ts_102_221.py:484:12: W0715: Exception arguments suggest string formatting might be intended (raising-format-tuple)
pySim/ts_102_221.py:486:12: W0715: Exception arguments suggest string formatting might be intended (raising-format-tuple)
pySim/ts_102_221.py:488:12: W0715: Exception arguments suggest string formatting might be intended (raising-format-tuple)
pySim/ts_102_221.py:523:11: C1802: Do not use `len(SEQUENCE)` without comparison to determine if a sequence is empty (use-implicit-booleaness-not-len)
pySim/ts_102_221.py:647:0: W0613: Unused argument 'kwargs' (unused-argument)
pySim/ts_102_221.py:747:19: W0612: Unused variable 'sw' (unused-variable)
pySim/ts_102_221.py:26:0: C0411: third party import "from bidict import bidict" should be placed before "from pySim.construct import *" (wrong-import-order)
pySim/ts_102_221.py:27:0: C0412: Imports from package pySim are not grouped (ungrouped-imports)
pySim/ts_102_221.py:29:0: W0611: Unused match_sim imported from pySim.profile (unused-import)
pySim/ts_102_221.py:34:0: W0611: Unused DF_GSM imported from pySim.ts_51_011 (unused-import)
pySim/ts_102_221.py:34:0: W0611: Unused DF_TELECOM imported from pySim.ts_51_011 (unused-import)
Change-Id: I99d408bdf2551527f097a04240e857728b738621
pySim/apdu/ts_102_221.py:60:16: R1724: Unnecessary "else" after "continue", remove the "else" and de-indent the code inside it (no-else-continue)
pySim/apdu/ts_102_221.py:107:16: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/apdu/ts_102_221.py:294:8: R1703: The if statement can be replaced with 'return bool(test)' (simplifiable-if-statement)
pySim/apdu/ts_102_221.py:294:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/apdu/ts_102_221.py:299:31: W0613: Unused argument 'lchan' (unused-argument)
...
pySim/apdu/ts_102_221.py:389:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/apdu/ts_102_221.py:421:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/apdu/ts_102_221.py:425:12: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/apdu/ts_102_221.py:438:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/apdu/ts_102_221.py:26:0: C0411: standard import "from typing import Optional, Dict, Tuple" should be placed before "from construct import GreedyRange, Struct" (wrong-import-order)
Change-Id: Id5caac8da4c965dbaf88d624cdc9dcc8fc168b8c
pySim/cdma_ruim.py:30:0: W0401: Wildcard import construct (wildcard-import)
pySim/cdma_ruim.py:188:4: W0237: Parameter 'data_hex' has been renamed to 'resp_hex' in overriding 'CardProfileRUIM.decode_select_response' method (arguments-renamed)
pySim/cdma_ruim.py:30:0: C0411: third party import "from construct import *" should be placed before "from pySim.utils import *" (wrong-import-order)
Change-Id: I4c384f37a6a317c6eddef8742572fcfa76a5fc20
pySim/global_platform/scp.py:27:0: W0404: Reimport 'Optional' (imported line 20) (reimported)
pySim/global_platform/scp.py:157:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/global_platform/scp.py:165:8: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/global_platform/scp.py:182:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/global_platform/scp.py:189:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/global_platform/scp.py:266:4: W0221: Variadics removed in overriding 'SCP02._wrap_cmd_apdu' method (arguments-differ)
pySim/global_platform/scp.py:298:4: W0237: Parameter 'rsp_apdu' has been renamed to 'apdu' in overriding 'SCP02.unwrap_rsp_apdu' method (arguments-renamed)
pySim/global_platform/scp.py:314:7: C0121: Comparison 'l == None' should be 'l is None' (singleton-comparison)
pySim/global_platform/scp.py:436:11: C0121: Comparison 'host_challenge == None' should be 'host_challenge is None' (singleton-comparison)
pySim/global_platform/scp.py:506:4: W0237: Parameter 'rsp_apdu' has been renamed to 'apdu' in overriding 'SCP03.unwrap_rsp_apdu' method (arguments-renamed)
pySim/global_platform/scp.py:27:0: C0411: standard import "from typing import Optional" should be placed before "from Cryptodome.Cipher import DES3, DES" (wrong-import-order)
Change-Id: Idd2b779a6628c88d9a48c94b8581525209824426
pySim/esim/saip/oid.py:30:11: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
pySim/esim/saip/oid.py:46:11: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
Change-Id: I65c9cd1bb2b6a1747a7fbb25052adc75605bc870
pySim/esim/saip/templates.py:106:0: R1707: Disallow trailing comma tuple (trailing-comma-tuple)
pySim/esim/saip/templates.py:56:37: C0121: Comparison 'self.fid != None' should be 'self.fid is not None' (singleton-comparison)
pySim/esim/saip/templates.py:57:28: C0121: Comparison 'self.arr != None' should be 'self.arr is not None' (singleton-comparison)
pySim/esim/saip/templates.py:58:37: C0121: Comparison 'self.sfi != None' should be 'self.sfi is not None' (singleton-comparison)
pySim/esim/saip/templates.py:96:11: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
pySim/esim/saip/templates.py:591:0: W1404: Implicit string concatenation found in list (implicit-str-concat)
Change-Id: I181578ba630c8bdb558297e990411b59593652a0
pySim/esim/saip/personalization.py:104:0: W0311: Bad indentation. Found 17 spaces, expected 16 (bad-indentation)
pySim/esim/saip/personalization.py:105:0: W0311: Bad indentation. Found 17 spaces, expected 16 (bad-indentation)
pySim/esim/saip/personalization.py:151:0: C0305: Trailing newlines (trailing-newlines)
pySim/esim/saip/personalization.py:36:4: C0204: Metaclass class method __new__ should have 'mcs' as first argument (bad-mcs-classmethod-argument)
pySim/esim/saip/personalization.py:56:4: W0237: Parameter 'pe_seq' has been renamed to 'pes' in overriding 'Iccid.apply' method (arguments-renamed)
pySim/esim/saip/personalization.py:19:0: W0611: Unused Optional imported from typing (unused-import)
Change-Id: I70b3e266bbafabbfcec3d48027d50b45c2c17809
pySim/esim/x509_cert.py:70:4: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/esim/x509_cert.py:91:20: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
pySim/esim/x509_cert.py:105:28: W3101: Missing timeout argument for method 'requests.get' can cause your program to hang indefinitely (missing-timeout)
pySim/esim/x509_cert.py:163:0: C0413: Import "from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature" should be placed at the top of the module (wrong-import-position)
pySim/esim/x509_cert.py:20:0: C0411: standard import "from typing import Optional, List" should be placed before "import requests" (wrong-import-order)
pySim/esim/x509_cert.py:163:0: C0411: third party import "from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature" should be placed before "from pySim.utils import b2h" (wrong-import-order)
pySim/esim/x509_cert.py:163:0: C0412: Imports from package cryptography are not grouped (ungrouped-imports)
pySim/esim/x509_cert.py:22:0: W0611: Unused padding imported from cryptography.hazmat.primitives.asymmetric (unused-import)
pySim/esim/x509_cert.py:24:0: W0611: Unused InvalidSignature imported from cryptography.exceptions (unused-import)
Change-Id: Ic435c9a7cfcc18cacec3a3d872925bd737fb5cd9
pySim/esim/bsp.py:1:0: C0114: Missing module docstring (missing-module-docstring)
pySim/esim/bsp.py:28:0: C0413: Import "import abc" should be placed at the top of the module (wrong-import-position)
pySim/esim/bsp.py:29:0: C0413: Import "from typing import List" should be placed at the top of the module (wrong-import-position)
pySim/esim/bsp.py:30:0: C0413: Import "import logging" should be placed at the top of the module (wrong-import-position)
pySim/esim/bsp.py:33:0: C0413: Import "from cryptography.hazmat.primitives import hashes" should be placed at the top of the module (wrong-import-position)
pySim/esim/bsp.py:34:0: C0413: Import "from cryptography.hazmat.primitives.kdf.x963kdf import X963KDF" should be placed at the top of the module (wrong-import-position)
pySim/esim/bsp.py:36:0: C0413: Import "from Cryptodome.Cipher import AES" should be placed at the top of the module (wrong-import-position)
pySim/esim/bsp.py:37:0: C0413: Import "from Cryptodome.Hash import CMAC" should be placed at the top of the module (wrong-import-position)
pySim/esim/bsp.py:39:0: C0413: Import "from pySim.utils import bertlv_encode_len, bertlv_parse_one, b2h" should be placed at the top of the module (wrong-import-position)
pySim/esim/bsp.py:48:55: W0613: Unused argument 'padding' (unused-argument)
pySim/esim/bsp.py:55:45: W0613: Unused argument 'multiple' (unused-argument)
pySim/esim/bsp.py:84:8: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/esim/bsp.py:89:8: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/esim/bsp.py:94:8: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/esim/bsp.py:169:8: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/esim/bsp.py:292:8: W0612: Unused variable 'tdict' (unused-variable)
pySim/esim/bsp.py:292:15: W0612: Unused variable 'l' (unused-variable)
pySim/esim/bsp.py:292:23: W0612: Unused variable 'remain' (unused-variable)
Change-Id: I64bd634606c375e767676a4b5ba7c2cc042350c2
pySim/apdu/__init__.py:41:0: W0105: String statement has no effect (pointless-string-statement)
pySim/apdu/__init__.py:55:4: C0204: Metaclass class method __new__ should have 'mcs' as first argument (bad-mcs-classmethod-argument)
pySim/apdu/__init__.py:187:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/apdu/__init__.py:200:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/apdu/__init__.py:208:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/apdu/__init__.py:216:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/apdu/__init__.py:224:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/apdu/__init__.py:239:11: C0117: Consider changing "not 'p1' in self.cmd_dict" to "'p1' not in self.cmd_dict" (unnecessary-negation)
pySim/apdu/__init__.py:295:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/apdu/__init__.py:313:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/apdu/__init__.py:416:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/apdu/__init__.py:429:12: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/apdu/__init__.py:455:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/apdu/__init__.py:31:0: C0411: standard import "import typing" should be placed before "from termcolor import colored" (wrong-import-order)
pySim/apdu/__init__.py:32:0: C0411: standard import "from typing import List, Dict, Optional" should be placed before "from termcolor import colored" (wrong-import-order)
Change-Id: I5657912df474f3ed0e277458a8eb33e28aeb2927
pySim/apdu_source/pyshark_gsmtap.py:90:0: C0305: Trailing newlines (trailing-newlines)
pySim/apdu_source/pyshark_gsmtap.py:68:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/apdu_source/pyshark_gsmtap.py:30:0: C0411: first party import "from pySim.apdu.ts_102_221 import ApduCommands as UiccApduCommands" should be placed before "from . import ApduSource, PacketType, CardReset" (wrong-import-order)
pySim/apdu_source/pyshark_gsmtap.py:31:0: C0411: first party import "from pySim.apdu.ts_31_102 import ApduCommands as UsimApduCommands" should be placed before "from . import ApduSource, PacketType, CardReset" (wrong-import-order)
pySim/apdu_source/pyshark_gsmtap.py:32:0: C0411: first party import "from pySim.apdu.global_platform import ApduCommands as GpApduCommands" should be placed before "from . import ApduSource, PacketType, CardReset" (wrong-import-order)
pySim/apdu_source/pyshark_gsmtap.py:19:0: W0611: Unused import sys (unused-import)
pySim/apdu_source/pyshark_gsmtap.py:21:0: W0611: Unused pprint imported from pprint as pp (unused-import)
pySim/apdu_source/pyshark_gsmtap.py:25:0: W0611: Unused b2h imported from pySim.utils (unused-import)
pySim/apdu_source/pyshark_gsmtap.py:26:0: W0611: Unused Tpdu imported from pySim.apdu (unused-import)
Change-Id: I0f2bfed2f671e02fc48bcc2a03c785edc691584f
pySim/apdu_source/gsmtap.py:48:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/apdu_source/gsmtap.py:44:20: W0612: Unused variable 'addr' (unused-variable)
pySim/apdu_source/gsmtap.py:22:0: C0411: first party import "from pySim.apdu.ts_102_221 import ApduCommands as UiccApduCommands" should be placed before "from . import ApduSource, PacketType, CardReset" (wrong-import-order)
pySim/apdu_source/gsmtap.py:23:0: C0411: first party import "from pySim.apdu.ts_31_102 import ApduCommands as UsimApduCommands" should be placed before "from . import ApduSource, PacketType, CardReset" (wrong-import-order)
pySim/apdu_source/gsmtap.py:24:0: C0411: first party import "from pySim.apdu.global_platform import ApduCommands as GpApduCommands" should be placed before "from . import ApduSource, PacketType, CardReset" (wrong-import-order)
pySim/apdu_source/gsmtap.py:19:0: W0611: Unused GsmtapMessage imported from pySim.gsmtap (unused-import)
Change-Id: I672e8838ebe11015863fd4fd6047181a3f184658
pySim/transport/serial.py:54:0: C0325: Unnecessary parens after 'if' keyword (superfluous-parens)
pySim/transport/serial.py:89:0: C0325: Unnecessary parens after 'if' keyword (superfluous-parens)
pySim/transport/serial.py:225:0: C0325: Unnecessary parens after 'while' keyword (superfluous-parens)
pySim/transport/serial.py:63:12: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/transport/serial.py:106:8: R1720: Unnecessary "elif" after "raise", remove the leading "el" from "elif" (no-else-raise)
pySim/transport/serial.py:124:12: W0707: Consider explicitly re-raising using 'except Exception as exc' and 'raise ValueError('Invalid reset pin %s' % self._rst_pin) from exc' (raise-missing-from)
pySim/transport/serial.py:204:12: R1723: Unnecessary "elif" after "break", remove the leading "el" from "elif" (no-else-break)
pySim/transport/serial.py:20:0: C0411: standard import "import time" should be placed before "import serial" (wrong-import-order)
pySim/transport/serial.py:21:0: C0411: standard import "import os" should be placed before "import serial" (wrong-import-order)
pySim/transport/serial.py:22:0: C0411: standard import "import argparse" should be placed before "import serial" (wrong-import-order)
pySim/transport/serial.py:23:0: C0411: standard import "from typing import Optional" should be placed before "import serial" (wrong-import-order)
Change-Id: I82ef12492615a18a13cbdecf0371b3a5d02bbd5c
pySim/transport/pcsc.py:26:0: W0404: Reimport 'CardConnectionException' (imported line 26) (reimported)
pySim/transport/pcsc.py:60:4: R1711: Useless return at end of function or method (useless-return)
pySim/transport/pcsc.py:74:12: W0707: Consider explicitly re-raising using 'except CardRequestTimeoutException as exc' and 'raise NoCardError() from exc' (raise-missing-from)
pySim/transport/pcsc.py:86:12: W0707: Consider explicitly re-raising using 'except CardConnectionException as exc' and 'raise ProtocolError() from exc' (raise-missing-from)
pySim/transport/pcsc.py:88:12: W0707: Consider explicitly re-raising using 'except NoCardException as exc' and 'raise NoCardError() from exc' (raise-missing-from)
pySim/transport/pcsc.py:22:0: W0611: Unused Union imported from typing (unused-import)
Change-Id: I0ef440d8825300d6efb8959a67da095ab5623f9c
pySim/transport/modem_atcmd.py:70:0: C0325: Unnecessary parens after 'assert' keyword (superfluous-parens)
pySim/transport/modem_atcmd.py:28:0: W0401: Wildcard import pySim.exceptions (wildcard-import)
pySim/transport/modem_atcmd.py:60:22: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
pySim/transport/modem_atcmd.py:72:12: W0707: Consider explicitly re-raising using 'except Exception as exc' and 'raise ReaderError('Failed to send AT command: %s' % cmd) from exc' (raise-missing-from)
pySim/transport/modem_atcmd.py:120:12: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/transport/modem_atcmd.py:138:8: W1201: Use lazy % formatting in logging functions (logging-not-lazy)
pySim/transport/modem_atcmd.py:170:12: W0707: Consider explicitly re-raising using 'except Exception as exc' and 'raise ReaderError('Failed to parse response from modem: %s' % rsp) from exc' (raise-missing-from)
pySim/transport/modem_atcmd.py:168:13: W0612: Unused variable 'rsp_pdu_len' (unused-variable)
pySim/transport/modem_atcmd.py:21:0: C0411: standard import "import time" should be placed before "import serial" (wrong-import-order)
pySim/transport/modem_atcmd.py:22:0: C0411: standard import "import re" should be placed before "import serial" (wrong-import-order)
pySim/transport/modem_atcmd.py:23:0: C0411: standard import "import argparse" should be placed before "import serial" (wrong-import-order)
pySim/transport/modem_atcmd.py:24:0: C0411: standard import "from typing import Optional" should be placed before "import serial" (wrong-import-order)
pySim/transport/modem_atcmd.py:28:0: W0614: Unused import(s) NoCardError and SwMatchError from wildcard import of pySim.exceptions (unused-wildcard-import)
Change-Id: I2c8994eabd973b65132af1030429b1021d0c20df
pySim/cat.py:586:4: W0237: Parameter 'do' has been renamed to 'x' in overriding 'PlmnWactList._from_bytes' method (arguments-renamed)
pySim/cat.py:981:8: W0120: Else clause on loop without a break statement, remove the else and de-indent all the code inside it (useless-else-on-loop)
pySim/cat.py:1000:4: W0221: Number of parameters was 3 in 'TLV_IE_Collection.from_bytes' and is now 2 in overriding 'ProactiveCommand.from_bytes' method (arguments-differ)
pySim/cat.py:1010:12: W0612: Unused variable 'dec' (unused-variable)
pySim/cat.py:1010:17: W0612: Unused variable 'remainder' (unused-variable)
pySim/cat.py:1022:4: W0221: Number of parameters was 2 in 'TLV_IE_Collection.to_bytes' and is now 1 in overriding 'ProactiveCommand.to_bytes' method (arguments-differ)
pySim/cat.py:22:0: C0411: standard import "from typing import List" should be placed before "from bidict import bidict" (wrong-import-order)
pySim/cat.py:26:0: C0411: third party import "from construct import Int8ub, Int16ub, Byte, Bytes, Bit, Flag, BitsInteger" should be placed before "from pySim.utils import b2h, h2b, dec_xplmn_w_act" (wrong-import-order)
pySim/cat.py:27:0: C0411: third party import "from construct import Struct, Enum, Tell, BitStruct, this, Padding, RepeatUntil" should be placed before "from pySim.utils import b2h, h2b, dec_xplmn_w_act" (wrong-import-order)
pySim/cat.py:28:0: C0411: third party import "from construct import GreedyBytes, Switch, GreedyRange, FlagsEnum" should be placed before "from pySim.utils import b2h, h2b, dec_xplmn_w_act" (wrong-import-order)
pySim/cat.py:23:0: W0611: Unused h2b imported from pySim.utils (unused-import)
pySim/cat.py:26:0: W0611: Unused Bit imported from construct (unused-import)
pySim/cat.py:26:0: W0611: Unused Flag imported from construct (unused-import)
pySim/cat.py:27:0: W0611: Unused Tell imported from construct (unused-import)
pySim/cat.py:27:0: W0611: Unused Padding imported from construct (unused-import)
pySim/cat.py:27:0: W0611: Unused RepeatUntil imported from construct (unused-import)
Change-Id: I0c6327a7a8045736e8678b7286a7ed685c96fb71
pySim/ts_31_102_telecom.py:45:0: C0325: Unnecessary parens after '=' keyword (superfluous-parens)
pySim/ts_31_102_telecom.py:33:0: W0401: Wildcard import construct (wildcard-import)
pySim/ts_31_102_telecom.py:76:15: C0121: Comparison 'in_json[srv]['activated'] == True' should be 'in_json[srv]['activated'] is True' if checking for the singleton value True, or 'in_json[srv]['activated']' if testing for truthiness (singleton-comparison)
pySim/ts_31_102_telecom.py:85:23: W0612: Unused variable 'sw' (unused-variable)
pySim/ts_31_102_telecom.py:124:22: W0612: Unused variable 'sw' (unused-variable)
pySim/ts_31_102_telecom.py:32:0: C0411: third party import "from construct import Optional as COptional" should be placed before "from pySim.tlv import *" (wrong-import-order)
pySim/ts_31_102_telecom.py:33:0: C0411: third party import "from construct import *" should be placed before "from pySim.tlv import *" (wrong-import-order)
Change-Id: I4ee0d0e1b5b418b8527b4674141cbaef896a64a2
pySim/sms.py:23:0: W0404: Reimport 'Flag' (imported line 23) (reimported)
pySim/sms.py:54:4: C0103: Method name "fromBytes" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:60:4: C0103: Method name "toBytes" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:120:4: C0103: Method name "fromBytes" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:132:4: C0103: Method name "fromSmpp" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:137:4: C0103: Method name "toSmpp" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:141:4: C0103: Method name "toBytes" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:188:4: C0103: Method name "fromBytes" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:192:8: W0612: Unused variable 'flags' (unused-variable)
pySim/sms.py:209:4: C0103: Method name "toBytes" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:228:4: C0103: Method name "fromSmpp" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:236:4: C0103: Method name "fromSmppSubmit" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:279:4: C0103: Method name "fromBytes" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:306:12: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/sms.py:311:12: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/sms.py:319:4: C0103: Method name "toBytes" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:339:4: C0103: Method name "fromSmpp" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:347:4: C0103: Method name "fromSmppSubmit" doesn't conform to snake_case naming style (invalid-name)
pySim/sms.py:373:4: C0103: Method name "toSmpp" doesn't conform to snake_case naming style (invalid-nam
Change-Id: I8082a01443ef568eebda696239572f0af7b56f1b
pySim/ota.py:21:0: W0401: Wildcard import construct (wildcard-import)
pySim/ota.py:129:8: R1705: Unnecessary "elif" after "return", remove the leading "el" from "elif" (no-else-return)
pySim/ota.py:150:8: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/ota.py:192:8: W0612: Unused variable 'padded_data' (unused-variable)
pySim/ota.py:202:8: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/ota.py:207:8: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/ota.py:210:4: C0103: Method name "fromKeyset" doesn't conform to snake_case naming style (invalid-name)
pySim/ota.py:239:8: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/ota.py:242:4: C0103: Method name "fromKeyset" doesn't conform to snake_case naming style (invalid-name)
pySim/ota.py:328:4: W0221: Number of parameters was 4 in 'OtaDialect.encode_cmd' and is now 5 in overriding 'OtaDialectSms.encode_cmd' method (arguments-differ)
pySim/ota.py:392:4: W0221: Number of parameters was 3 in 'OtaDialect.decode_resp' and is now 4 in overriding 'OtaDialectSms.decode_resp' method (arguments-differ)
Change-Id: Icb8d690e541dbaf1406085a8446a0c67641fefff
pySim/cards.py:30:0: W0401: Wildcard import pySim.utils (wildcard-import)
pySim/cards.py:41:8: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/cards.py:55:4: R1711: Useless return at end of function or method (useless-return)
pySim/cards.py:78:8: R1725: Consider using Python 3 style super() without arguments (super-with-arguments)
pySim/cards.py:91:8: R1725: Consider using Python 3 style super() without arguments (super-with-arguments)
pySim/cards.py:159:12: R1705: Unnecessary "else" after "return", remove the "else" and de-indent the code inside it (no-else-return)
pySim/cards.py:28:0: C0411: standard import "import abc" should be placed before "from pySim.ts_102_221 import EF_DIR" (wrong-import-order)
pySim/cards.py:25:0: W0611: Unused Dict imported from typing (unused-import)
pySim/cards.py:28:0: W0611: Unused import abc (unused-import)
Change-Id: I708da28caffb417ed2f8413f9611526b18b29cd4
pySim/card_key_provider.py:57:0: C0325: Unnecessary parens after 'if' keyword (superfluous-parens)
pySim/card_key_provider.py:61:0: C0325: Unnecessary parens after 'if' keyword (superfluous-parens)
pySim/card_handler.py:100:0: C0325: Unnecessary parens after '=' keyword (superfluous-parens)
pySim/card_handler.py:100:24: C0121: Comparison 'self.cmds.get('verbose') == True' should be 'self.cmds.get('verbose') is True' if checking for the singleton value True, or 'bool(self.cmds.get('verbose'))' if testing for truthiness (singleton-comparison)
pySim/card_handler.py:29:0: C0411: standard import "import subprocess" should be placed before "from pySim.transport import LinkBase" (wrong-import-order)
pySim/card_handler.py:30:0: C0411: standard import "import sys" should be placed before "from pySim.transport import LinkBase" (wrong-import-order)
pySim/card_handler.py:31:0: C0411: third party import "import yaml" should be placed before "from pySim.transport import LinkBase" (wrong-import-order)
pySim/iso7816_4.py:20:0: W0401: Wildcard import construct (wildcard-import)
pySim/jsonpath.py:1:0: C0114: Missing module docstring (missing-module-docstring)
pySim/jsonpath.py:6:0: W0105: String statement has no effect (pointless-string-statement)
pySim/jsonpath.py:2:0: W0611: Unused import json (unused-import)
pySim/jsonpath.py:3:0: W0611: Unused import pprint (unused-import)
Change-Id: I780595d69000f727ad0fbaff4b89918b91b3122e
In smart cards, we every so often encounter data types that contain a
bit-mask whose length depends on whether or not there are any of the
least-significant bits are set. So far we worked around this with
some kind of Struct('byte1', 'byte2'/COptional, 'byte3'/COptional)
approach.
Let's do thisin a generic way using the new StripTrailerAdapter.
Change-Id: I659aa7247c57c680895b0bf8412f9e477fc3587d
GlobalPlatform requires the use of the KCV for DES + AES keys. Let's
implement that.
(11.8.2.3.3: "For all key types described in section B.6, the Key Check
Value shall be present.")
Change-Id: Ief168a66dee58b56f4126db12829b3a98906c8db
This adds an implementation of the GlobalPlatform SCP03 protocol. It has
been tested in S8 mode for C-MAC, C-ENC, R-MAC and R-ENC with AES using
128, 192 and 256 bit key lengh. Test vectors generated while talking to
a sysmoEUICC1-C2T are included as unit tests.
Change-Id: Ibc35af5474923aed2e3bcb29c8d713b4127a160d
In many casese we used type=int permitting any integer value, positive
or negative without a constratint in size. However, in reality often
we're constrained to unsigned 8 or 16 bit ranges. Let's use the
auto_uint{8,16} functions to enforce this within argparse before
we even try to encode something that won't work.
Change-Id: I35c81230bc18e2174ec1930aa81463f03bcd69c8
The key-id is actually a 7-bit integer and on the wire the 8th bit
has a special meaning which can be derived automatically.
Let's unburden the user from explicitly encoding that 8th bit and
instead set it automatically.
Change-Id: I8da37aa8fd064e6d35ed29a70f5d7a0e9060be3a
Using this command, one can change the life cycle status of on-card
applications, specifically one can LOCK (disable) them and re-enable
them as needed.
Change-Id: Ie14297a119d01cad1284f315a2508aa92cb4633b
This allows us to perform STORE DATA on applications like ARA-M/ARA-D
after establishing SCP02 to the related security domain.
Change-Id: I2ce766b97bba42c64c4d4492b505be66c24f471e
The 'apdu' command so far bypassed the logical channel and also
the recently-introduced support for secure channels. Let's change
that, at least by default. If somebody wants a raw APDU without
secure / logical channel processing, they may use the --raw option.
Change-Id: Id0c364f772c31e11e8dfa21624d8685d253220d0
This implementation of GlobalPlatform SCP02 currently only supports
C-MAC and C-ENC, but no R-MAC or R-ENC yet.
The patch also introduces the notion of having a SCP instance associated
with a SimCardCommands instance. It also adds the establish_scp0w and
release_scp shell commands to all GlobalPlatform Security Domains.
Change-Id: I56020382b9dfe8ba0f7c1c9f71eb1a9746bc5a27
Let's not have higher level code directly call the transports send_apdu*
methods. We do this as a precursor to introducing secure channel
support, where the secure channel driver would add MAC and/or encrypt
APDUs before they are sent to the transport.
Change-Id: I1b870140959aa8241cda2246e74576390123cb2d
The GlobalPlatform GET STATUS command is used to display information
about ISD / Applications / ExecutabLoad Files / Modules on the card.
Change-Id: Ic92f96c1c6a569aebc93a906c62a43b86fe3b811
Let's simply use the matchingId for filesystem lookup of the UPP file.
This way we can have any number of profiles by simply creating the
respeective files.
Change-Id: I0bc3a14b9fdfcc6322917dd0c69d8295de486950
This adds classes for describing profile templates as well
as derived classes defining the profile templates of the
"Profile Interoperability Technical Specification", specifically
it's "ANNEX A (Normative): File Structure Templates Definition"
We need a machine-readable definition of those templates, so
we can fully interpret an unprotected profile package (UPP),
as the UPP usually only contains the increment/difference to
a given teplate.
Change-Id: I79bc0a480450ca2de4b687ba6f11d0a4ea4f14c8
This is sadly required as the Interoperable Profile format must process
elements of an ASN.1 sequence in order, which doesn't work if the parser
puts the elements in a python dict.
The osmocom fork of asn1tools hence uses OrderedDict to work around
this problem.
Change-Id: Id28fcf060f491bb3d76aa6d8026aa76058edb675
When replacing a file's contents, we must not just remove any
fillFileContent tuples, but also the fillFileOffset.
Change-Id: I3e4d97ae9de8a78f7bc0165ece5954481568b800
PERM-AR-DO actually originates in a different spec than all other parts
of the ara_m.py, so let's explicitly mention that.
Change-Id: I6e0014c323f605860d0f70cd0c04d7e461e8a9de
In case SELECT doesn't return any response data, we must reset
the lchan.selected_file_fcp* members to None to prevent pySim-shell
preventing stale data from the previously selected file.
Change-Id: Ia04b8634e328e604e8df7e8d59b7fd532242d2ca
As the ARA-M applet is a GlobalPlatform applet, its SELECT response
decoding should be used, not the ETSI EUICC TS 102 221 fall-back.
Change-Id: I1a30b88a385f6de663aa837483dd32c0d104856f
Encoding an empty AID-REF-DO (4F) is neccessary to achieve the meaning
described in "Secure Element Access Control - Public Release v1.0"
Table 6-1: "Empty: Indicates that the rules to be stored or retrieved
are associated with all SE applications not covered by a specific rule".
Change-Id: Iac6c3d78bc9ce36bac47589e5f7a0cc78e2efc38
We can only choose a CI certificate which is supported both by the eUICC
as well as which has signed our own SM-DP+ certificates.
Change-Id: I0b9130f06d501ca7d484063d56d606cfdd2544f4
This command is used for installation of GlobalPlatform keys. We only
implement the command without secure messaging at this point, as it is
used during card personalization. Authentication will later be handled
by generic implementations of SCP02 and/or SCP03.
Change-Id: Icffe9e7743266d7262fbf440dd361b21eed7c5cf
In If30c5d31b4e7dd60d3a5cfb1d1cbdcf61741a50e we introduced a store_data
comamnd, but forgot to add it to the pySim-shell manual.
Change-Id: I6039818c2c0c5373b4a4ef1e33e152de7fbbd01a
The patch introducing the is_hexstr type into the argparser was
accidentially also introduce in two locations where we actually don't
expect a hex-string.
This is a partial revert of I6426ea864bec82be60554dd125961a48d7751904
Change-Id: I3c3d2a2753aa7a2566a3b1add7ba70c86499d293
Closes: #6331
If we are not 'equipped' as we could not detect any known applications
on the card, we used to only permit the 'apdu' command. However, we
should also permit the 'reset' command, as it also is something that's
possible with ever card, even of unknown types.
Change-Id: I23199da727973d7095ac18031f49e1e8423aa287
Some specs call it 'invalidated', others call it 'deactivated'. If the
user is unfamiliar with this, the error message about "invalidated"
might not be obvious enough; let's also mention 'deactivated' in the
message and explicitly mention that it needs to be activated before use.
Change-Id: I91488b0e7dc25a8970022b09e575485a4165eefa
With the definitions from this commit, we can build key loading
TLVs, which is used to load ECC keys into eUICCs.
Change-Id: I853c94d37939ef3dd795f893232b0276a5a4af81
The DGI encoding is specified in Annex B of the
"GlobalPlatform Systems Scripting Language Specification v1.1.0"
which is an "archived" specification that is no longer published
by GlobalPlatform, despite it being referenced from the GlobalPlatform
Card Specification v2.3, which is the basis of the GSMA eSIM
specifications.
For some reason it was the belief of the specification authors that
yet another format of TLV encoding is needed, in addition to the BER-TLV
and COMPREHENSION-TLV used by the very same specifications.
The encoding of the tag is not really specified anywhere, but I've only
seen 16-bit examples. The encoding of the length is specified and
implemented here accordingly.
Change-Id: Ie29ab7eb39f3165f3d695fcc1f02051338095697
Actually, the GSMA eUICC is a kind of derivative of a GlobalPlatform
card, and the ECASD and ISD-R are security domains. As such, we
should make them derived classes of global_platform.CardApplicationSD
which means they inherit some of the shared shell_commands etc.
Change-Id: I660e874d9bcbb8c28a64e4ef82dc53bee97aacfc
We do have an is_hexstr function which we should use anywhere
where we expect the user to input a string of hex digits. This way
we validate the input before running in some random exception.
Change-Id: I6426ea864bec82be60554dd125961a48d7751904
This commit introduces the capability to parse and encode
SimAlliance/TCA "Interoperable Profiles" and apply personalization
operations on them.
Change-Id: I71c252a214a634e1bd6f73472107efe2688ee6d2
This commit introduces
* the osmo-smdpp.py program implementing the main procedures and the
HTTP/REST based ES9+
* python modules for ES8+ and non-volatile RSP Session State storage
* the ASN.1 source files required to parse/encode RSP
* 3GPP test certificates from SGP.26
* an unsigned profile package (UPP) of a SAIP v2.3 TS48 test profile
As I couldn't get the 'Klein' tls support to work, the SM-DP+ code
currently does not support HTTPS/TLS but plan HTTP, so you either have
to modify your LPA to use HTTP instead of HTTPS, or put a TLS proxy in
front.
I have successfully installed an eSIM profile on a test eUICC that
contains certificate/key data within the test CI defined in GSMA SGP.26
Change-Id: I6232847432dc6920cd2bd08c84d7099c29ca1c11
Contrary to {enable,disable}_profile, the delete_profile does not use
the ProfileIdentifier TLV, but directly the Iccid / IsdpAid.
Change-Id: I43e298524048703264e16cbdd0b76d82ba976985
This tool is a replacement for asn1c 'unber' program with a much more
useful/readable output:
* contains hexadecimal raw tag values
* contains hexdump of value, rather than HTML entities in pseudo-XML
Change-Id: I22c1a461ccba04c2c8caaab7ca29ea6ae76e2ea3
This is the protocol used for the ES8+ interface between SM-DP+ and the
eUICC in the GSMA eSIM system.
Change-Id: Ic461936f2e68e1e6f7faab33d06acf3063e261e7
The definitions are not used yet, as one would have to add that
dynamically based on which EF.DIR entries contain the 0x73 discretionary
template. As I don't have any cards implementing this so far, I'll skip
that part.
Change-Id: I532ff2c94021ab1b4520fe2b6988c8960319d208
In smart cards, files/records containing all-ff means they are simply
not used/initialized. Let's avoid raising exceptions when interpreting
0xff as length value and reading less bytes as value.
Change-Id: I09c3cb82063fc094eb047749996a6eceff757ea2
We cannot fully switch to construct for all of it easily due to
the priority value and the ordering/sorting by priority implemented
in the hand-coded version. But we can at least migrate the
encode/decode of the hnet_pubkey_list via construct.
Change-Id: I4ad5ea57bab37c2dc218e7752d538aa4cdc36ee3
If we are reading a file to check if we can skip the write to conserve
writes, don't treat exceptions as fatal. The file may well have the
access mode in a way that permits us to UPDATE but not to READ. Simply
fall-back to unconditional UPDATE in this case.
Change-Id: I7bffdaa7596e63c8f0ab04a3cb3ebe12f137d3a8
this has the advantage of getting the encoder for free (so far we only
had the decoder). While at it, also add some tests data for the unit
tests.
Change-Id: Ifb8caf5cd96706d7fb6b452d6552b115c0828797
It's customary in the SIM card universe to right-pad data with ff bytes.
So far we only test decoders without such padding, which is unrealistic.
Let's also tests the decoders with extra 'ff' padding present.
For some files this doesn't make sense, so we add a _test_no_pad class
attribute that can be spcified to prevent this new "test with ff-padding"
from being executed for the test data of the class.
Change-Id: I7f5cbb4a6f91040fe9adef9da0a1f30f9f156dae
The existing code used to produce an empty output in situations where a
TLV_IE_Collection would be parsed from a single TLV only with some
additional trailing padding:
>>> from pySim.utils import h2b
>>> from pySim.ts_31_102 import EF_CSGT
>>> t = EF_CSGT.Csgt_TLV_Collection()
>>> t.from_tlv(h2b('8906810300666f6fff'))
[TextCsgType(foo)]
>>> t.to_dict()
[]
This was caused by an early return (actually returning the decoded
result) but *without updating self.children*.
Change-Id: I1c84ccf698c6ff7e7f14242f9aaf7d15ac2239f4
These files are mostly related to CSG (Closed Subscriber Group)
in the context of HomeNodeB (HNB), aka femtocells.
Change-Id: Ie57963381e928e2c1da408ad46549a780056242a
Now that we have support for the UCS-2 encoding as per TS 102 221 Annex A,
we can start to make use of it from various file constructs.
As some specs say "Either 7-bit GSM or UCS-2" we also introduce
a related automatic GsmOrUcs2Adapter and GsmOrUcs2String class.
Change-Id: I4eb8aea0a13260a143e2c60fca73c3c4312fd3b2
TS 102 221 Annex A defines three variants of encoding UCS-2 characters
into byte streams in files on UICC cards: One rather simplistic one, and
two variants for optimizing memory utilization on the card.
Let's impelement a construct "Ucs2Adapter" class for this.
Change-Id: Ic8bc8f71079faec1bf0e538dc0dfa21403869c6d
The human representation of a PLMN is usually MCC-MNC like 262-01
or 262-001. Let's add a PlmnAdapter for use within construct, so we
can properly decode that.
Change-Id: I96f276e6dcdb54a5a3d2bcde5ee6dbaf981ed789
We used __subclasses__(), but this only returns the immediate
subclasses and not all further/nested subclasses. Instead, we must
use the pySim.utils.all_subclasses() function to really get all of them.
The hack to use the method signature of the constructor to determine if
it's an intermediate class didn't work, as even GlobbalPlatformISDR
has a optional argument for non-default AIDs. So let's introduce an
explicit class attribute for that purpose.
Change-Id: I7fb1637f8f7a149b536c4d77dac92736c526aa6c
This adds some first test data for the new unitdata driven test cases
for the TLV encoder/decoder.
It also fixes a bug in the ts_102_221.FileDescriptor decoder for BER-TLV
structured files which was found and fixed while introducing the test
data.
Related: OS#6317
Change-Id: Ief156b7e466a772c78fb632b2fa00cba2eb1eba5
While we do have the _test_de_encode data driven tests for file
definitions, we don't yet have something similar for derived classes of
BER_TLV_IE. This means that TLVs used outside of the filesystem context
(for example, decoding the SELECT/STATUS response, but also eUICC and
other stuff) do not yet have test coverage.
This commit just adds the related test code, but no test data yet.
Related: OS#6317
Change-Id: Ied85f292bb57fde11dc188be84e3384dc3ff1601
the to_dict() method generates a {class_name: value} dictionary,
for both the nested and non-nested case. However, before this patch,
the from_dict() method expects a plain list of child IE dicts
in the nested case. This is illogical.
Let's make sure from_dict always expectes a {class_name: value} dict
for both nested and non-nested situations.
Change-Id: I07e4feb3800b420d8be7aae8911f828f1da9dab8
We recently introduced a pySim.utils.build_construct() wrapper around
the raw call of the construct.build() method. So far, this wrapper
was only used from pySim.tlv, but let's also use it from
pySim.filesystem.
Basically, whenever we use parse_construct(), we should use
build_construct() as the inverse operation.
Change-Id: Ibfd61cd87edc72882aa66d6ff17861a3e918affb
on some systems, the output would otherwise contain colored status
words, which in turn mean the test otuput no longer matches the expected
output.
Change-Id: Icb700f6e85a285748e00367a398975aa5e75dec5
The context is some opaque dictionary that can be used by the
constructs; let's allow the caller of parse_construct, from_bytes,
from_tlv to specify it.
Also, when decoding a TLV_IE_Collection, pass the decode results of
existing siblings via the construct.
Change-Id: I021016aaa09cddf9d36521c1a54b468ec49ff54d
The EF.CFIS definition is not identical to EF.ADN, so we cannot recycle
the EF.ADN class to decode EF.CFIS.
Change-Id: Idcab35cbe28332e3c8612bcb90226335b48ea973
There are some pretty intricate rules about how GSM and E-UTRAN are
encoded, let's make sure we fully support both as per 3GPP TS 31.102
Release 17. As part of this, switch to a sorted list of access technologies,
in order to have a defined order. This makes comparing in unit tests
much easier. However, it also means that we need to sort the set
when printing the list of AcT in pySim-read to generate deterministic
output.
Change-Id: I398ac2a2527bd11e9c652e49fa46d6ca8d334b88
Without this the diff between expected and actual output is truncated
and one instead reads the following output:
Diff is 844 characters long. Set self.maxDiff to None to see it.
We actually want to see the full diff to see what's not matching.
Change-Id: I6e89705061454191b6db1255de7fe549ad720800
This driver description we add to the code is automatically added to the
respective user manual sections.
Change-Id: I8807bfb11f43b167f1321d556e09ec5234fff629
Let's avoid copy+pasting print statements everywhere. The instances
do already have a __str__ method for the purpose of printing their name in a
generic way.
Change-Id: I663a9ea69bf7e7aaa6502896b6a71ef692f8d844
Opening PC/SC readers by index/number is very error-prone as the order
is never deterministic in any system with multiple (hot-plugged, USB)
readers. Instead, let's offer the alternative of specifying a regular
expression to match the reader name (similar to remsim-bankd).
Change-Id: I983f19c6741904c1adf27749c9801b44a03a5d78
It's odd that the individual transport driver specifies their argparse
options but then the core transport part evaluates them individually.
This means we cannot add new options within a transport.
Let's pass the Namespace instance into the constructor of the
specific transport to improve this.
Change-Id: Ib977007dd605ec9a9c09a3d143d2c2308991a12c
In the previous commit we've stopped using those functions from modern
pySim-shell code. Hence, the only remaining user is the legacy tools,
so we can move the code to the legacy module.
Change-Id: I6f18ccb36fc33bc204c01f9ece135676510e67ec
We've recently introduced IPv{4,6}Adapter construct classes and can
switch to this instead of using the old imperative encoder/decoder
functions {enc,dec}_addr_tlv().
Aside from code cleanup, this also means we now support the IPv6 address
type in EF.PCSCF.
Change-Id: I4d01ccfe473a8a80fbee33fdcbd8a19b39da85ac
This can happen if there's a file with invalid encoding on the card,
such as a tag followed by all-ff. Let's gracefully ignore it and
return zero bytes as response.
Change-Id: Ic44557368a6034dbf4bb021ab23a57927c22def0
The implementation of the methods select and select_file of class
RuntimeLchan is a bit complex. We access the card directly in several
places which makes it difficult to track the state changes. We should
clean this up so that we call self.rs.card.select_adf_by_aid/
self.scc.select_file from a single place only.
This means that the method select uses the method select_file. This
results in a much cleaner implementation. We also should take care
that the important states that we track (selected_file, selected_adf,
etc.) are updated by a single private method. Since the update always
must happen after a select _select_post is a good place to do this.
Related: OS#5418
Change-Id: I9ae213f3b078983f3e6d4c11db38fdbe504c84f2
The method build_select_path_to uses the internal file system tree model
to find the path to a given file. This works the same for applications
(ADF) as it works for normal files (EF/DF). However, an application can
be selected anytime from any location in the filesystem tree. There is
no need to select a specific path leading to that application first.
This means that if there is an ADF somewhere in the resulting
inter_path, we may clip everything before that ADF.
Related: OS#5418
Change-Id: I838a99bb47afc73b4274baecb04fff31abf7b2e2
We use a trick to probe a file (that does not exist in the local file
model yet). Let's explain further how that works, in particular why we
do not have to upate any state if probing fails.
Change-Id: I2a8af73654251d105af8de1c17da53dfa10dc669
Related: OS#5418
The metaclass uese the 'nested' attribute, while the existing code
accidentially used the 'children' attribute. The latter is used
by instances for actual child classes, while the Class/nested
attribute is for the list of classes whose instancse could be potential
children.
Change-Id: I968bd84d074dcdcec37d99be5d3d4edac9c35a0c
The length value "of course" is a hex value, don't use %02u but %02x
This fixes any eUICC command with a Lc > 10 bytes.
Change-Id: I1e1efbfb9916fc43699602cc889cf4b3d42736f2
When we traverse the file system, we may also end up selecting
applications (ADF), which do not support an USIM/ISIM like file system.
This will leave us without the ability to select the MF (or any other
file) again. The only way out is to select the ISIM or USIM application
again to get the access to the file system again.
Change-Id: Ia2fdd65f430c07acb1afdaf265d24c6928b654e0
Related: OS#5418
The encoding was missing a "CHOICE" container and missed the
fact that the refreshFlag presence is mandatory for enable+disable.
Change-Id: I12e2b16b2c1b4b01dfad0d1fb485399827f25ddc
If a TLV was elementary (no nested IEs), and it had only a single
integer content whose value is 0, we erroneously encoded that as
zero-length TLV (len=0, no value part):
>>> rf = pySim.euicc.RefreshFlag(decoded=0);
>>> rf.to_bytes()
b''
>>> rf.to_tlv()
b'\x81\x00'
After this change it is correct:
>>> rf = pySim.euicc.RefreshFlag(decoded=0);
>>> rf.to_bytes()
b'\x00'
>>> rf.to_tlv()
b'\x81\x01\x00'
Change-Id: I5f4c0555cff7df9ccfc4a56da12766d1bf89122f
One of the most important properties of the RuntimeLchan are the
selected_file/adf properties. Let's reformat the code so that those
properties are more pronounced.
Change-Id: I4aa028f66879b7d6c2a1cd102cda8d8ca5ff48b1
Related: OS#5418
When we are in the constructor of RuntimeState, we may/must access the
card object directly. Let's explain why, since it may not be immediately
obvious.
Change-Id: I01f74d5f021d46679d1c9fa83fb8753382b0f88f
Related: OS#5418
The constructor of the RuntimeState object selects the MF befor it does
some other steps. However it does this through the _scc object of the
card object. This method is before we had lchan abstraction, so we
should now use the lchan object like in all other places.
Related: OS#5418
Change-Id: I9a751c0228c77077e3fabb50a9a68e4489e7151c
If we have a list of dicts, and we flatten that into a dict: Only
do that if there are no dicts with duplocate key values in the list,
as otherwise we will loose information during the transformation.
Change-Id: I7f6d03bf323a153f3172853a3ef171cbec8aece7
Closes: OS#6288
Ever since commit 30de9fd8ab in July
we are (properly) using snake_case names in the from_dict (to become
bijective with to_dict). This code was not updated by accident,
creating an exception when using the `aram_get_config`
Change-Id: If216b56b38ab17d13896074aa726278b9ba16923
Related: OS#6119
An ADF may or may not support a file system. For example ADF.ARA-M does
not have any filesystem support, which means the SELECT we may use from
this ADF is limited and an can only select a different application. To
know about this in advance let's add a flag that we set when we
instantiate an ADF.
Change-Id: Ifd0f7c34164685ea18d8a746394e55416fa0aa66
Related: OS#5418
So far we implemented only one round of "Send the APDU, get SW=61xx,
call GET RESPONSE". This permitted us to receive only data up to 256
bytes.
Let's extend that to doing multiple rounds, concatenating the result.
This allows us to obtain arbitrary-length data from the card.
See Annex C.1 of ETSI TS 102 221 for examples showing multiple 61xx
iterations.
Change-Id: Ib17da655aa0b0eb203c29dc92690c81bd1300778
Closes: OS#6287
When sending raw APDUs, we access the scc (SimCardCommands) object via
the scc member in the lchan object. Unfortunately self.lchan will not be
populated when the rs (RuntimeState) object is missing. This is in
particular the case when no profile could be detected for the card,
which is a common situation when we boostrap an unprovisioned card.
So let's access the scc object through the card object. This is also
more logical since when we send raw APDUs we work below the level of
logical channels.
Change-Id: I6bbaebe7d7a2013f0ce558ca2da7d58f5e6d991a
Related: OS#6278
When there is an error on initialization (e.g. card not present), we
should not continue to execute a startup script that was passed with the
pySim-shell commandline. Instead we should print a message that the
startup script was ignored due to errors.
Related: OS#6271
Change-Id: I61329988e0e9021b5b0ef8e0819fb8e23cabf38b
The function init_card catches all exceptions and then returns None
objects for card or rs in case of an error. This does not fit in the
style we pursue in pySim. This is in particular true for library
functions. We want those functions to raise exceptions when something is
wrong, so that we can catch the exception at top level. Let's fix this
for init_card now.
Related: OS#6271
Change-Id: I581125d8273ef024f6dbf3a5db6116be15c5c95d
The class property selected_adf is not updated in all locations where an
ADF is selected, this means that we may loose track of the currently
selected ADF in some locations
Change-Id: I4cc0c58ff887422b4f3954d35c8380ddc00baa1d
Related: OS#5418
The point of this is to move generic code out of pySim-shell.py,
paving the way for more/other executables using the full power of
our class model without having to reinvent the wheel.
Change-Id: Icf557ed3064ef613ed693ce28bd3514a97a938bd
It's better for the human reader (and more obvious that it's a boolean
value) if we decode single Bits as True/False instead of 1/0.
Change-Id: Ib025f9c4551af7cf57090a0678ab0f66a6684fa4
This increases test coverage and also shows where we so far only
have decoders but no encoders yet
Change-Id: I7932bab7c81a2314c1b9477f50b82a46f24d074e
Don't even send any non-decimal PIN values to the card, but reject
them when parsing the command arguments.
Change-Id: Icec1698851471af7f76f20201dcdcfcd48ddf365
before this patch:
pySIM-shell (00:MF)> echo foo bar baz
usage: echo [-h] string
echo: error: unrecognized arguments: bar baz
after this patch:
pySIM-shell (00:MF)> echo foo bar baz
foo bar baz
Change-Id: I1369bc3aa975865e3a8a574c132e469813a9f6b9
Let's make sure we don't even bother to ask the card to verify
anything as ADM1 pin which is not either a sequence of decimal digits
or an even number of hex digits (even number of bytes).
Change-Id: I4a193a3cf63462fad73d145ab1481070ddf767ca
Let's add a proper argparser instance for the 'verify_adm' command,
avoiding situations where the user types 'verif_adm --help' and then
--help is interpreted as the PIN value, removing one more attempt from
the failed ADM1 counter.
Let's use that opportunity to improve the documentation of the command.
Change-Id: I3321fae66a11efd00c53b66c7890fce84796e658
pySim-shell output has changed over time, so some examples were
showing outdated content. Let's update those.
Change-Id: I4058719c32b61689522e90eba37253e8accb8ba5
The method build_select_path_to chops off the first element of the
current path. This is done to prevent re-selection of the first file in
the current path.
Unfortunately chopping off the first element in the current path does
not work properly in a situation when the current path points to the MF.
This would chop off the first and last element in the list and the for
loop below would run 0 times.
To fix this, let's keep the first element and chop it off from the
resulting path.
Related: OS#5418
Change-Id: Ia521a7ac4c25fd3a2bc8edffdc45ec89ba4b16eb
When we initialize the reader, we currently tell only which type of
interface we are using, but we do not print the reader number or the
device path.
Let's extend the messages so that the path is printed. To prevent
problems with integration-tests, let's also add an environment variable
that we can use to detect when pySim runs inside a integration-test.
Related: OS#6210
Change-Id: Ibe296d51885b1ef5f9c9ecaf1d28da52014dcc4b
this is far from being complete, just some basic first commands
to get the certificates and eIM configuration.
Change-Id: Ie05108e635ed9c6de10f0ba431cb1b13893f6be8
This just adds basic support for the ISD-R application and its
associated STORE DATA command which is used for the ES10x interfaces
between off-card entities and the on-card ISD-R.
Change-Id: Ieab37b083e25d3f36c20f6e9ed3e4bdfdd14a42a
Closes: OS#5637
The argument parser is set up globally for all LinkBase objects in
__init__.py. Since we tend to have only platform independed code in
__init__.py, we should move the argument parser setup into the
specific LinkBase classes.
Related: OS#6210
Change-Id: I22c32aa81ca0588e3314c3ff4546f6e5092c11df
In in the module __init__.py we print an init message (which type of
LinkBase class is providing the SimLink). However in __init__.py we tend
to have only platform independed code but the message string can already
be categorized as platform depened. Let's put the init message into the
constructor of the concrete classes of LinkBase.
Related: OS#6210
Change-Id: I0a6dd7deb79a5f3e42b29094a1cf2535075fa430
We used to support only single-byte tags in bertlv_encode_tag,
let's fix that. The easy option is to simply call bertlv_parse_tag,
as that already supported multi-byte tags.
Change-Id: If0bd9137883c4c8b01c4dfcbb53cabeee5c1ce2b
Now that pySim-shell can switch between logical channels, let's state
the currently used logical channel in the prompt.
Change-Id: I45781a6fba205eeb4ac7f58d5cb642b7131bdd88
Related: OS#6230
We've already had the 'open_channel' and 'close_channel' commands,
which were sent to (and acknowledged by) the card. However,
those commands didn't affect the pySim-shell state, i.e. all
communication would still happen through the default channel '0'.
With this patch we introduce a 'switch_channel' command, using which
the user can determine which of the (previously opened) logical channels
shall be used by pySim-shell.
Change-Id: Ia76eb45c4925882ae6866e50b64d9610bd4d546d
Closes: OS#6230
Now that pySim-shell is aware of logical channels and issues almost
all of its APDUs on the currently selected channel, we must also make
sure that ADF selection by AID (implemented by the CardBase class)
issues the SELECT on the respective logical channel.
Before this patch, SELECT ADF by AID would always be issued on the
primary logical channel (0), irrespective of the currently active
RuntimeLchan.
Change-Id: Idf05c297e6a2e24ca539408b8912e348c0782bb4
Related: OS#6230
This new approach will "fork" separate SimCardCommands instances
for each RuntimeLchan. Higher-layer code should now always use the
RuntimeLchan.scc rather than the RuntimeState.card._scc in order to
make sure commands use the correct logical channel.
Change-Id: I13e2e871f2afc2460d9fd1cd566de42267c7d389
Related: OS#6230
Historically we always only had one instance of SimCardCommands, but
with this patch we can now have multiple instances, one for each lchan.
The SimCardCommands class is aware of the logical channel it runs on
and will patch the CLA byte accordingly.
Change-Id: Ibe5650dedc0f7681acf82018a86f83377ba81d30
Related: OS#6230
This fixes the below error during build of the documentation:
pysim/docs/shell.rst:349: ERROR: "<class 'pySim-shell.PySimCommands'>" has no attribute "apdu_cmd_parser"
Change-Id: If89b66a45ea18b5a3fc56bf77b05e679463da5a8
We already have the open channel and close_channel commands in
pySim-shell. They are sent to the card and acknowledged, respectively.
We also already do have code that can track multiple different logical
channels (the rs.lchan array). However, this is currently only used by
pySim-trace, and not by pySim-shell. Let's change that.
Change-Id: Idacee2dc57e8afe85c79bc85b259064e7f5b83a2
Related: OS#6230
An eUICC that has no active eSIM profile does not have an ICCID. (The
reason for this is that EF.ICCID is part of the eSIM profile).
Unfortunately pySim-shell insists on reading the ICCID from EF.ICCID on
startup in order to use it as a lookup key for verify_adm later.
To solve the problem, let's add a try/except block around the section
where EF.ICCID is read. In case of failure we set the ICCID to None,
Related: OS#5636
Change-Id: I8d18c5073946c5a6bb1f93be0ce692a599f46f8c
While our base classes (TransparentEF / LinFixedEF) always have the
dsecription as 4th argument after "fid, sfid, name", most of the derived
file-specific classes do not share that same argument order.
As seen in the bug fixed by previous Change-Id I7f32c9fd01094620b68b0e54536ecc6cdbe67903
this can have serious consequences. Let's avoid using unnamed
(positional) arguments for the description text altogether.
Change-Id: Icfb3fd1bae038c54fa14a91aa9f75219d839968c
We were using positional arguments when instantiating instances
of classes like EF_5GS3GPPLOCI with non-default names/fids/...
However, we got the argument order wrong and were passing the
description string in the position of the file size, which causes
exceptions like the following from pySim-trace:
Traceback (most recent call last):
File "/home/laforge/projects/git/pysim/./pySim-trace.py", line 198, in <module>
tracer.main()
File "/home/laforge/projects/git/pysim/./pySim-trace.py", line 125, in main
inst.process(self.rs)
File "/home/laforge/projects/git/pysim/pySim/apdu/__init__.py", line 259, in process
self.processed = method(self.lchan)
File "/home/laforge/projects/git/pysim/pySim/apdu/ts_102_221.py", line 152, in process_on_lchan
if self.cmd_dict['offset'] != 0 or self.lr < self.file.size[0]:
TypeError: '<' not supported between instances of 'int' and 'str'
Let's use named initializers for any arguments after the usual "fid, sfid, name"
initial arguments.
Change-Id: I7f32c9fd01094620b68b0e54536ecc6cdbe67903
We currently catch any exceptions that may occur when the card reader is
initialized. Then we print the exception string or the exception type
when no string is available. However, a failure during the reader
initialization is usually a severe problem, so a traceback would provde
a lot of helpful information to debug the issue. So lets not catch any
exceptions at this level so that we get the full backtrace.
Related: OS#6210
Change-Id: I4c4807576fe63cf71a7d33b243a3f8fea0b7ff23
When an exception occurs while initializing or handling the card we
print a traceback, but we do not print any info that allows us to
identify the device that was involved when the exception occurred. Let's
include the device path or number in the error message before we print
the traceback.
In order to make it easier to print the device information, let's add a
__str__() method to all of our devices. This method shall return the
device number or path.
Related: OS#6210
Change-Id: I200463e692245da40ea6d5b609bfc0ca02d15bdb
When the try block in which we also call init_card() fails, there may be
no card object, so we must not pass the card object to PysimApp in the
except block. This is also no problem, PysimApp will run without the
card object until the user executes do_equip for a second attempt.
Related: OS#6210
Change-Id: I28195f442ce007f05f7610c882bbc4a6520a8ce6
When __main__ runs different variables get assigned. In particular opts,
scc, sl and ch. Those variables are available in any scope and
technically it is possible to access them. However, lets not do this
since it leads to confusion. Also, pylint will complain about those code
locations.
In pySim-shell.py
- Let's use the proper locations (sl and ch are stored in PysimApp.
- Scc can be assigned in init_card.
- In method walk, the use of the variable opts to call ection_df is wrong,
lets use **kwargs (see also usage of action_ef).
- The constructor of Cmd2ApduTracer has a parameter cmd2_app, but usese
the global variable app. Let's use cmd2_app instead.
In pySim-prog.py
- Do not use opts.num in find_row_in_csv_file, use num instead.
- Pass scc to process_card as parameter so that it won't access scc
in the global scope.
Change-Id: I7f09e9a6a6bfc658de75e86f7383ce73726f6666
Related: OS#6210
In some cases, the specs do not specify an absolute record length.
Instead there may be only a minimum record length specified. The card
vendor may then chose to use larger record length at will. This usually
is no problem since the data is usually written from the left and the
remaining bytes are padded at the end (right side) of the data. However
in some rare cases (EF.MSISDN, see also 3GPP TS 51.011, section 10.5.5)
the data must be written right-aligned towards the physical record
length. This means that the data is padded from the left in this case.
To fix this: Let's add a "leftpad" flag to LinFixedEF, which we set to
true in those corner cases. The code that updates the record in
commands.py must then check this flag and padd the data accordingly.
Change-Id: I241d9fd656f9064a3ebb4e8e01a52b6b030f9923
Related: OS#5714
The methods verify_binary and verify_record are only used internally
in class SimCardCommands, they can be both private methods. Also lets
move them above the method that uses them.
Related: OS#5714
Change-Id: I57c9af3d6ff45caa4378c400643b4ae1fa42ecac
The commandline option -a, which does an ADM verification on startup,
does no longer work since the verify_adm method is no longer available
in the card base classes (cards.py). Let's use the verify_chv method
from SimCardCommands instead.
Related: RT#68294
Change-Id: Ic1e54d0e9e722d64b3fbeb044134044d47946f7c
In the last line of the if,elif,else branch, when we print the ApiError
object, we pass the variable sw to str() instead passing it to
ApiError() like we do it in the lines above. This is not correct and
causes strange exceptions.
Related: OS#67094
Change-Id: I5a1d19abeb00c2c9dc26517abc44a5c916f2d658
The REST megthd info uses deprecated methods to read the ICCID and the
IMSI from the card. However, we can replace those methods by selecting
the files we are interested in manually and then reading them.
Related: RT#67094
Change-Id: Ib0178823abb18187404249cfed71cfb3123d1d74
The class UsimCard is deprecated and only still used in very old
legacy applications. let's use the more modern UiccCardBase class
instead.
Related: RT#67094
Change-Id: I3676f033833665751c0d953176eafe175b20c14a
When the function connect_to_card is done, it selects ADF.USIM. This
might be contraproductive in case someone needs to access files on MF
level in one of the REST methods. Instead fo ADF.USIM, let's use MF as a
common ground to start from.
At the moment the only existing REST (info, auth) immediately select
ADF.USIM after calling connect_to_card already, so there are no further
modifications necessary.
Related: RT#67094
Change-Id: I16e7f3c991c83f81989ecc4e4764bb6cc799c01d
The method read_iccid in class CardBase should be put back to
legacy/cards.py. The reason for this is that it falls in the same
category like read_imsi, read_ki, etc. We should not use those old
methods in future programs since we have a more modern infrastructure
(lchan) now.
Also pySim-shell.py is the only caller of this method now. It is not
used in any other place.
Related: RT#67094
Change-Id: Ied3ae6fd107992abcc1b5ea3edb0eb4bdcd2f892
This dependency is currently only mentioned in requirements.txt, it
makes sense to also document it here.
Change-Id: I89760dd4008829c91fafbd442483d076c92a7ed4
The package providing the serial python module seems to be called
pyserial, which also matches what's written in requirements.txt.
Change-Id: I71ef6a19a487101e552219f10f2fa6215b966abd
When the command equip (do_equip) is executed, it accesses
self.rs.profile to see if there are any commands that need to be
unregistered before moving on with the card initialization.
However, it may be the case that no runtime state exists at this point.
This is in particular the case when the card is completely empty and
hence no profile is picked and no runtime state exists.
Change-Id: I0a8be66a69b630f1f2898b62dc752a8eb5275301
At the moment we only verify that no exceptions occurred but the output
is not yet verfied.
Related: OS#6094
Change-Id: I3aaa779b5bd8f30936c284a80dbdcb2b0e06985c
When we print the profile applications. which are not registered in
EF.DIR, we use python sets to subtract the applications which were part
of EF.DIR and hence already listed. Since we use sets the order may be
arbitrary. This is so far not a problem, since the output is meant to be
read by humans, but as soon as we try to use the output for unit-test
verifications we need a consistent order (sorted)
Related: OS#6094
Change-Id: Ie75613910aaba14c27420c52b6596ab080588273
We now have pySim-shell and pySim-trace. Let's give pysim-test.sh a more
distinctive name so that it is clear to which program it refers.
Related: OS#6094
Change-Id: I438f63f9580ebd3c7cc78cc5dab13c9937ac6e3a
pySim-trace has no test coverage yet. Let's use a script to run a
GSAMTAP pcacp through it and check that no exceptions are raised.
Related: OS#6094
Change-Id: Icfabfa7c59968021eef0399991bd05b92467d8d2
Card.update_ust() got replaced by the file operation ust_update().
In addition to Change-Id I7a6a77b872a6f5d8c478ca75dcff8ea067b8203e
Fixes: f8d2e2ba08 ("split pySim/legacy/{cards,utils} from pySim/{cards,utils}")
Change-Id: Ie6405cae37493a2101e5089a8d11766fbfed4518
When the trace file end is reaced, pyShark raises a StopIteration
exception. Let's catch this exception and exit gracefully.
Related: OS#6094
Change-Id: I6ab5689b909333531d08bf46e5dfea59b161a79e
The trace log currently does not contain any information about card
resets. This makes the trace difficult to follow. Let's use the
CardReset object to display the ATR in the trace.
Related: OS#6094
Change-Id: Ia550a8bd2f45d2ad622cb2ac2a2905397db76bce
TLV fields holding an address may still be uninitialized and hence
filled with 0xff bytes. Lets interpret those fields in the same way as
we interpret empty fields.
Related: OS#6094
Change-Id: Idc0a92ea88756266381c8da2ad62de061a8ea7a1
The trace log currently only shows the parsed APDU. However, depending
on the problem to investigate it may be required to see the raw APDU
string as well. Let's add an option for this.
Related: OS#6094
Change-Id: I1a3bc54c459e45ed3154479759ceecdc26db9d37
Uninitialized Files, File records or fields in a File record or File
usually contain a string of 0xff bytes. This becomes a problem when the
content is normally encoded/decoded as utf8 since by the construct
parser. The parser will throw an expection when it tries to decode the
0xff string as utf8. This is especially a serious problem in pySim-trace
where an execption stops the parser.
Let's fix this by interpreting a string of 0xff as an empty string.
Related: OS#6094
Change-Id: Id114096ccb8b7ff8fcc91e1ef3002526afa09cb7
When we perform a reset while multiple channels are open (this is in
particular the case when parsing real world traces with pySim-trace). To
delete those channels during the reset we iterate over the dictionary
using the keys and delete the channels one by one. However, this must
not be done using the keys as index directly. Python will then throw an
exception: "RuntimeError: dictionary changed size during iteration".
Instead using the keys directly we should cast them into a list and then
using that list for the iteration.
Related: OS#6094
Change-Id: I430ef216cf847ffbde2809f492ee9ed9030343b6
When the method del_lchan is called, closed_channel_nr still contains a dict
that contains the channel number under the key 'logical_channel_number'.
This will lead to an exception. We must extact the channel number from
the dict before we can use it with del_lchan. (See also
created_channel_nr)
Related: OS#6094
Change-Id: I399856bc227f17b66cdb4158a69a35d50ba222a7
The comman verify_adm does no longer work since the verify_adm method is
no longer available in the card base classes (cards.py). Let's use the
verify_chv method from SimCardCommands instead.
Change-Id: Ic87e1bff221b10d33d36da32b589e2737f6ca9cd
This adds a new operation mode for pySim-shell, where a single command
can be passed to pySim-shell, which then is executed before pySim-shell
terminates.
Example: ./pySim-shell.py -p0 export --json
Change-Id: I0ed379b23a4b1126006fd8f9e7ba2ba07fb01ada
Closes: OS#6088
Rather than having to know and explicitly list every CardApplication,
let's iterate over the __subclasses__ of the CardApplication base class.
Change-Id: Ia6918e49d73d80acfaf09506e604d4929d37f1b6
This profile has always been a hack/work-around for the situation that
a classic GSM SIM is not a UICC, and we didn't yet have the concept of
CardProfileAddons yet, so there was no way to probe and add something
to an UICC which was not an application with its own AID/ADF.
Since now we have CardProfileAddons (including one for GSM SIM),
and pySim-trace (the other user of CardProfileUICCSIM) has also switched
over to using CardProfileUICC + addons, we can remove this work-around.
Change-Id: I45cec68d72f2003123da4c3f86ed6a5a90988bd8
We have a strict "one CardProfile per card" rule. For a modern UICC
without legacy SIM support, that works great, as all applications
have AID and ADF and can hence be enumerated/detected that way.
However, in reality there are mostly UICC that have legacy SIM, GSM-R
or even CDMA support, all of which are not proper UICC applications
for historical reasons.
So instead of having hard-coded hacks in various places, let's introduce
the new concept of a CardProfileAddon. Every profile can have any
number of those. When building up the RuntimeState, we iterate over the
CardProfile addons, and probe which of those are actually on the card.
For those discovered, we add their files to the filesystem hierarchy.
Change-Id: I5866590b6d48f85eb889c9b1b8ab27936d2378b9
As pySim.cdma_ruim was not imported by test_files.py, the unit tests
were apparently never executed and hence didn't pass. Let's fix both
of those problems.
Change-Id: Icdf4621eb68d05a4948ae9efeb81a007d48e1bb7
Hence move this from the derived classes into the respective base
classes SimCardBase and UiccCardBase
Change-Id: Iad197c2b560c5ea05c54a122144361de5742aafd
Those old flat dicts indicating FID to string-name mapping have long
been obsoleted by the pySim.filsystem based classes.
Change-Id: I20ceea3fdb02ee70d8c8889c078b2e5a0f17c83b
There are some functions / classes which are only needed by the legacy
tools pySim-{read,prog}, bypassing our modern per-file transcoder
classes. Let's move this code to the pySim/legacy sub-directory,
rendering pySim.legacy.* module names.
The long-term goal is to get rid of those and have all code use the
modern pySim/filesystem classes for reading/decoding/encoding/writing
any kind of data on cards.
Change-Id: Ia8cf831929730c48f90679a83d69049475cc5077
This introduces an internal split between
* the code that is shared between pySim-shell and legacy tools, which is
now in the new class hierarchy {Card,SimCard,UiccCard}Base
* the code that is only used by legacy tools,
which is using the old class names inherited from the *Base above
All users still go through the legacy {Sim,Usim,Isim}Card classes, they
will be adjusted in subsequent patches.
Change-Id: Id36140675def5fc44eedce81fc7b09e0adc527e1
This was currently not handled in build_select_path_to(), resulting in
weird exceptions like 'Cannot determine path from MF(3f00) to MF(3f00)'
Change-Id: I41b9f047ee5dc6b91b487f370f011af994aaca04
The get_data shell command didn't have any interactive help / syntax,
and no meaningful error message in case an unknown data object name
was specified by the user. Let's fix that.
Change-Id: I09faaf5d45118635cf832c8c513033aede1427e5
This is all quite complicated. In general, the TLV_IE.to_dict() method
obviously is expected to return a dict (with key equal to the snake-case
name of the class, value to the decode IE value). This single-entry
dict can then be passed back to the from_dict() method to build the
binary representation.
However, with a TLV_IE_Collection, any TLV_IE can occur any number of
times, so we need an array to represent it (dict would need unique key,
which doesn't exist in multiple instances of same TLV IE). Hence, the
TLV_IE_Collection.to_dict() method actually returns a list of dicts,
rather than a dict itself. Each dict in the list represents one TLV_IE.
When encoding such a TLV_IE_Collection back from the list-of-dicts, we
so far didn't handle this special case and tried to de-serialize with
a class-name-keyed dict, which doesn't work.
This patch fixes a regression in the aram_store_ref_ar_do pySim-shell
command which got introduced in Change-Id I3dd5204510e5c32ef1c4a999258d87cb3f1df8c8
While we're fixing it, add some additional comments to why things are
how they are.
Change-Id: Ibdd30cf1652c864f167b1b655b49a87941e15fd5
An invalid variable used in a raise ValueError() would cause a further
exception, depriving the user of a meaningful error message.
Change-Id: I6eb31b91bd69c311f07ff259a424edc58b57529a
The TLV_IE_Collection, just like the individual TLV classes, do
use their snake-style names when converting from binary to dict
using the to_dict() method. It is inconsistent (and a bug) to
expect the CamelCase names during encoding (from_dict). After all,
we want the output of to_dict() to be used as input to from_dict().
Change-Id: Iabd1ad98c3878659d123eef919c22ca824886f8a
This avoids error messages about re-registering 'AddlShellCommands' commandsets during 'equip()' in the bulk_script command.
Change-Id: I893bb5ae95f5c6e4c2be2d133754e427bc92a33d
So far, if no known programmable card (like sysmoISIM) has been found,
we were using the SimCard base class. However, once we detect an UICC,
we should have switched to the UsimCard class, as otherwise the various
methods called by USIM/ISIM specific commands don't exist and we get
weird 'SimCard' object has no attribute 'update_ust' execptions.
The entire auto-detection and the legacy SimCard / UsimCard classes
are showing the legacy of the code base and should probably be
re-architected. However, let's fix the apparent bug for now.
Change-Id: I5a863198084250458693f060ca10b268a58550a1
Closes: OS#6055
Now that we have fixed OS#6073 in the previous commit, we can enable
the so-far disabled encoder tests for EF.{DOMAIN,IMPU,IMPI} and
remove associated FIXMEs.
Change-Id: I79bfc5b77122907d6cc2f75605f9331b5e650286
The existing IE.from_dict() method *supposedly* accepts a dict as
input value, but it actually expects the raw decoded value, unless it is
a nested IE. This is inconsistent in various ways, and results in a bug
visible at a higher layer, such as files like EF.{DOMAIN,IMPI,IMPU},
which are transparent files containing a single BER-TLV IE.
Decoding such files worked, but re-encoding them did not, due to the
fact that we'd pass a dict to the from_dict method, which then gets
assigned to self.decoded and further passed along to any later actual
encoder function like to_bytes or to_tlv. In that instance, the dict
might be handed to a self._construct which has no idea how to process
the dict, as it expects the raw decoded value.
Change-Id: I3dd5204510e5c32ef1c4a999258d87cb3f1df8c8
Closes: OS#6073
Related: OS#6072
smpp.pdu.pdu_types.DataCodingScheme.GSM_MESSAGE_CLASS very much exists,
and I can prove that manually in the python shell. So let's assume this
is a pylint bug and work around it
pySim/sms.py:72:21: E1101: Instance of 'DataCodingScheme' has no 'GSM_MESSAGE_CLASS' member (no-member)
Change-Id: Iab34bae06940fecf681af9f45b8657e9be8cbc7b
In cmd2, the upstream authors decided to rename a method in 2.0.0
without providing a backwards compatibility wrapper. Let's add that
locally.
Change-Id: Iaa17b93db13ba330551799cce5f0388c78217224
Closes: OS#6071
Rather than writing one test class with associated method for each
OTA algorithm / test, let's do this in a data-driven way, where new
test cases just have to provide test data, while the code iterates over
it.
Change-Id: I8789a21fa5a4793bdabd468adc9fee3b6e633c25
The API of the lchan object has changed. It no longer features the reset
method used by the pySim-shell reset command. Let's fix this by using
the reset method of the card object.
Change-Id: I55511d1edb97e8fa014724598ec173dd47fe25c1
This is important to produce the right command syntax when generating
command line reference in the user manual. However, we shouldn't add
this kludge to the individual programs, but only to the documentation
using the :prog: syntax.
Change-Id: I2ec7ab00c63d5d386f187e54755c71ffc2dce429
The routing indicator is BCD-encoded but has an arbitrary length of
1, 2, 3 or 4 digits.
In order to support the odd lengths of 1 or 3, we must not pad on the
byte level, but on the nibble level. This requires a slight extension of
the Rpad() Adapter.
Change-Id: I6c26dccdd570de7b7a4cd48338068e230340ec7c
Fixes: OS#6054
The K value in case of TUAK can be 16 or 32 bytes long. We used to
permit/parse/display 32 bytes even if only 16 bytes was configured.
Let's enforce the correct length of "K".
Fixes: OS#6053
Change-Id: Ia0f9a2138f16dce72f3118001e95baa1c80f23ce
The method reset_card does not return a return code, while the
coresponding pcsc implementation does return 1 on success.
Change-Id: I658dd6857580652696b4a77e7d6cfe5778f09eff
We've had a "suspend_uicc" command since commit
ec95053249 in 2021, but didn't yet
have the corresponding "resume" pair.
Note that you cannot really execute this in a reasonable way from
within pySim, as it is required to power-cycle the card
between SUSPEND and RESUME, see TS 102 221 Section 11.1.22.3.2
Change-Id: I3322fde74f680e77954e1d3e18a32ef5662759f2
The SUSPEND UICC command is a TS 102 221 (UICC) command, so move
it to the UICC Card Profile.
Also, make sure that any shell command sets specified in the
CardProfile are actually installed during equip().
Change-Id: I574348951f06b749aeff986589186110580328bc
prior to this patch, the suspend_uicc command would always cause a
python exception as a list of integers was returned by decode_duration rather than a single integer (that can be used with %u format string).
Change-Id: I981e9d46607193176b28cb574564e6da546501ba
This avoids error messages about re-registering the same TS 102 222
commands during executing the 'equip' command.
Change-Id: I3567247fe84e928e3ef404c07eff8250ef04dfe9
So for some weird historical reasons, the same python module is
available as pycryptodome (Crypto.* namespace) and pycryptodomex
(Cryptodome.* namespace). See the following information on the project
homepage: https://www.pycryptodome.org/src/installation
To make things extra-weird, Debian choose to package pycryptodomex as
python3-pycryptodome
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886291).
So in order to support both Debian-packaged and differently-installed
packages, let's switch to pycryotodomex on all platforms/installers.
Change-Id: I04daed01f51f9702595ef9f9e0d7fcdf1e4adb62
When using AES CMAC for authentication of OTA messages, we must not pad
the user data before calling the CMAC function. This is unlike the DES
MAC, where padding to the DES block size is mandatory.
This bug was discovered when trying to talk OTA with AES to a
sysmoISIM-SJA5. This patch makes the OTA AES interoperate with the
card. Also, with this patch the cryptographic results of pySim/ota.py
are identical to those of the java code
org.opentelecoms.gsm0348.impl.crypto.CipheringManager
Change-Id: I4b40b5857f95ccb21c35795abe7a1995e368bac3
Unfortunately, TUAK requires a number of additional (and
differently-sized) parameters, so the format of EF.USIM_AUTH_KEY
differs significantly depending on TUAK or non-TUAK case.
Change-Id: I0dcfe05777510fb34973dc2259b137133d8e199d
This implicitly adds support for JSON->binary encoding, not just
decoding (previous code predating construct support).
Change-Id: I0994d9f66a504dd3c60b43ed5cf6645515dcbc6a
According to TS 23.003 Section 28.15 and 28.16 both GLI and GCI
are NAI as defined in IETF RFC 7542, which in turn specifies they
are encoded in UTF-8.
Change-Id: I0a82bd0d0a2badd7bc4a1f8de2c3e3c144ee5b12
This file is rather important for 5G SA operation, so we should have
a proper encoder/decoder in place.
Change-Id: I1b37fdfc2807976880b2cafb61951f08eebeb344
Also accept ProtocolError in addition to SwMatchError in filesystem.py
when probing for applications
Change-Id: I82b50408328f8eaaee5c9e311c4620d20f930642
The cards are 99% software-compatible to the SJA2, so let's just
derive the SJA5 class from the SJA2
Change-Id: I706631baaf447c49904277886bc9a3f6ba3f5532
DF.SAIP (SIMalliance Interoperable Profile) is not part of 31.102,
but something from the eSIM/eUICC universe of TCA (formerly known as
SIMalliance). However, as 3GPP does not specify how/where the card
stores the information required for SUCI calculation, the
TCA/SIMalliance standard is the only standard there is. Some CardOS
start to use this standard even for non-eSIM/eUICC use cases.
Change-Id: Iffb65af335dfdbd7791fca9a0a6ad4b79814a57c
The FID in ADF.USIM is different from the FID in DF.GSM. So while
we can re-use the ts_51_011 EF_NIA class definition, we must pass in
a different fid to the constructor.
Change-Id: Ib414d5b476666e276824266e33b341175a2ee05a
Just like the existing commands for UST/IST: Allow the user to
activate/deactivate individual services. As EF.SST also contains
information about "allocation" of a service, let's have commands for
allocation and activation.
Change-Id: If959d06248cb1a9d2c0a21cdd40d438726cbc5f0
pySim-trace.py is broken if pySim is installed using setup.py:
fixeria@DELL:~$ pySim-trace.py
Traceback (most recent call last):
File "/usr/bin/pySim-trace.py", line 8, in <module>
from pySim.apdu import *
ModuleNotFoundError: No module named 'pySim.apdu'
Change-Id: I371143cb4009db46275ec7a020497b909dcc3b4e
In a previous patch the dependency on cmd2 was changed from cmd2==1.5 to
cmd2>=1.5. After this was merged, this lead to the docker images getting
rebuilt and now having a higher cmd2 version that gets used in the CI
checks. So while the patch was in review, pylint was actually running
with a lower cmd2 version and was taking different code paths.
Fix for:
pySim-shell.py:30:4: E0611: No name 'fg' in module 'cmd2' (no-name-in-module)
pySim-shell.py:30:4: E0611: No name 'bg' in module 'cmd2' (no-name-in-module)
pySim-shell.py:154:8: E1123: Unexpected keyword argument 'use_ipython' in method call (unexpected-keyword-arg)
pySim-shell.py:171:30: E1120: No value for argument 'settable_object' in constructor call (no-value-for-parameter)
pySim-shell.py:173:30: E1120: No value for argument 'settable_object' in constructor call (no-value-for-parameter)
pySim-shell.py:175:30: E1120: No value for argument 'settable_object' in constructor call (no-value-for-parameter)
pySim-shell.py:176:30: E1120: No value for argument 'settable_object' in constructor call (no-value-for-parameter)
Fixes: f8a3d2b3 ("requirements.txt: allow cmd2 versions greater than 1.5")
Fixes: OS#6034
Change-Id: I182d3a2b87e70ed551a70c88d3d531a36bf53f53
Since we now have fixed the compatibility issues with recent cmd2
versions, we may allow also versions greater than 1.5 in the
requirements.txt
Change-Id: I87702c5250a3660c84458939167bffdca9c06059
cmd2.fg and cmd2.bg have been deprecated in cmd2 2.3.0 and removed
in cmd2 2.4.0. Let's work around this by a version check.
Related upstream commits:
(See also: https://github.com/python-cmd2/cmd2)
Commit f57b08672af97f9d973148b6c30d74fe4e712d14
Author: Kevin Van Brunt <kmvanbrunt@gmail.com>
Date: Mon Oct 11 15:20:46 2021 -0400
and
Commit f217861feae45a0a1abb56436e68c5dd859d64c0
Author: Kevin Van Brunt <kmvanbrunt@gmail.com>
Date: Wed Feb 16 13:34:13 2022 -0500
Change-Id: I9fd32c0fd8f6d40e00a318602af97c288605e8e5
In version 2.0.0, the use_ipython parameter in the Cmd constructor is
renamed to include_ipy. There are still plenty of older cmd2
installations around, so let's work around this using a version check.
See also: https://github.com/python-cmd2/cmd2
Commit: 2397280cad072a27a51f5ec1cc64908039d14bd1
Author: Kevin Van Brunt <kmvanbrunt@gmail.com>
Date: 2021-03-26 18:56:33
This commit is based on pySim gerrit changes:
Ifce40410587c85ae932774144b9548b154ee8ad0
I19d28276e73e7024f64ed693c3b5e37c1344c687
Change-Id: Ibc0e18b002a03ed17933be4d0b4f4e86ad99c26e
In cmd2 relase 2.0.0 the constructor of Settable adds a settable_object
parameter, which apparantly was optional at first, but then became
mandatory. Older versions must not have the settable_object parameter
but versions from 2.0.0 on require it. Let's add a version check so that
we stay compatible to cmd2 versions below and above 2.0.0.
See also: https://github.com/python-cmd2/cmd2
Commit 486734e85988d0d0160147b0b44a37759c833e8a
Author: Eric Lin <anselor@gmail.com>
Date: 2020-08-19 20:01:50
and
Commit 8f981f37eddcccc919329245b85fd44d5975a6a7
Author: Eric Lin <anselor@gmail.com>
Date: 2021-03-16 17:25:34
This commit is based on pySim gerrit change:
Ifce40410587c85ae932774144b9548b154ee8ad0
Change-Id: I38efe4702277ee092a5542d7d659df08cb0adeff
R-UIM (CDMA) cards are pretty much like the normal GSM SIM cards and
"speak" the same 2G APDU protocol, except that they have their own file
hierarchy under MF(3f00)/DF.CDMA(7f25). They also have DF.TELECOM(7f10)
and even DF.GSM(7f20) with a limited subset of active EFs. The content
of DF.CDMA is specified in 3GPP2 C.S0023-D.
This patch adds a very limited card profile for R-UIM, including auto-
detecion and a few EF definitions under DF.CDMA. This may be useful
for people willing to explore or backup their R-UIMs. To me this was
useful for playing with an R-UIM card from Skylink [1] - a Russian
MNO, which provided 450 MHz CDMA coverage until 2016.
[1] https://en.wikipedia.org/wiki/Sky_Link_(Russia)
Change-Id: Iacdebdbc514d1cd1910d173d81edd28578ec436a
Even though _bit_byte_offset_for_service() is a @staticmethod, it's
still available via self, just like any non-static method.
Change-Id: I3590dda341d534deb1b7f4743ea31ab16dbd6912
It may sometimes be helpful to get a bit of general information about
the card. To sort out problems it sometimes helps to get an idea what
card type and ICCID pySim-shell has in memory.
Change-Id: If31ed17102dc0108e27a5eb0344aabaaf19b19f9
Depending on the card type (SIM or USIM/ISUM), self.cla_byte may
be either 0xa0 or 0x00. Sending RUN GSM ALGORITHM with CLA=0x00
fails with SW=6985 (Command not allowed), so let's make sure
that we always use CLA=0xa0 regardless of the card type.
Change-Id: Ia0abba136dbd4cdea8dbbc3c4d6abe12c2863680
Adjust the catch-all target at the end of the Makefile that is supposed
to route all unknown targets to sphinx, so it doesn't do this for the
shrink target. The shrink target has recently been added to
Makefile.common.inc in osmo-gsm-manuals, which gets included right above
the catch-all target. So it isn't an unknown target, but for some reason
the sphinx catch-all runs in addition to the shrink target (runs
shrink-pdfs.sh, see output below) and fails. As I did not add the
catch-all logic, preserve it but add an exception for the shrink rule.
Fix for:
+ make -C docs publish publish-html
make: Entering directory '/build/docs'
/opt/osmo-gsm-manuals/build/shrink-pdfs.sh _build/latex/osmopysim-usermanual.pdf
* _build/latex/osmopysim-usermanual.pdf: 272K (shrunk from 336K)
Running Sphinx v5.3.0
Sphinx error:
Builder name shrink not registered or available through entry point
Related: SYS#6380
Change-Id: If2802bb93909aba90debe5e03f3047cec73e2f54
This adds pySim-shell support for the RESIZE FILE command in order
to change the size of linear fixed or transparent EF.
Change-Id: I03fbb683e26231c75f345330ac5f914ac88bbe7a
EF.EST is the *enabled* services table. Let's call the shell commands
enable and disable, rather than activate/deactivate.
Change-Id: Iacbdab42bc08e2be38ad7233d903fa7cda0d95b6
sysmo-isim-sja2 may come in different configurations, so some may
intentionally lack ADF.USIM or ADF.ISIM. Since select_adf_by_aid() may
raise an exception when selecting a non existent file we should make
sure that the ADF we intend to select is indeed present. A reliable way
to do this is to check if the application is registered in EF.DIR.
Change-Id: Icf6f6b36f246398af408ec432d493fe3f22963dd
Lets add test vectors for the per-record/per-file encode/decode of
our various classes for the Elementary Files.
We keep the test vectors as class variables of the respective EF-classes
to ensure implementation and test vectors are next to each other.
The test classes then iterate over all EF subclasses and execute the
decode/encode functions using the test vectors from the class variables.
Change-Id: I02d884547f4982e0b8ed7ef21b8cda75237942e2
Related: OS#4963
This fixes a regression introduced in Change-Id
I02d6942016dd0631b21d1fd301711c13cb27962b which added support for
different encoding/decoding of records by their record number.
Change-Id: I0c5fd21a96d2344bfd9551f31030eba0769636bf
The encoder function apparently was never tested, it didn't match at all
the output of the decoder, not even in terms of the string keys of the
dict.
Change-Id: Id67bc39d52c4dfb39dc7756d8041cbd552ccbbc4
ValidityPeriodAdapter() must return integer values when encoding a
value, as only integer values can be expressed in the binary format.
Change-Id: I0b431a591ac1761d875b5697a71b6d59241db87d
As per EIRENE GSM-R SIM-Card FFFIS, EF_IC conatains records of 1+2+2+2
bytes, the network string table index is 16bit and not 8bit as we
implemented so far.
Change-Id: I9e3d4a48b3cb6fb0ecf887b04c308e903a99f547
When decoding the SELECT response of a clasic GSM SIM without
UICC functionality, we
* did not decode the record length or number of records
* accidentially reported the EF file_size as available_memory (like DF)
Let's fix those two, and also add a comment on how the output dict
of decode_select_response() should look like.
As a result, code like 'read_records' now knows the number of records
and can iterate over them rather than raising exceptions.
Change-Id: Ia8e890bda74e3b4dacca0673d6e5ed8692dabd87
Closes: OS#5874
This file is a optional file specified by TS 51.011, storing the last
numbers dialled. As the EIRENE FFFIS for GSM-R SIM refers to this,
we must implement it to have full GSM-R support in pySim.
Change-Id: I3b7d6c7e7504b7cc8a1b62f13e8c0ae83a91d0f0
Related: OS#5784
We're using a shared class to implement the identical file encoding
for EF.{ADN,SDN,MBDN,BDN,FDN,CFIS}. However, they all point to
different extension files.
Previosly for EF.SDN:
"ext1_record_id": 255
Now for EF.SDN:
"ext3_record_id": 255
Change-Id: I5301d41225266d35c05e41588811502e5595520d
Related: OS#5784
TS 51.011 specifies an "Extended BCD Coding" in Table 12 of Section
10.5.1. It allows to express the '*' and '#' symbols used in GSM
SS and/or USSD codes.
This improves decoding from
"dialing_nr": "a753b1200f",
to
"dialing_nr": "*753#1200f",
Change-Id: Ifcec13e9b296dba7bec34b7872192b7ce185c23c
Related: OS#5784
DF.TELECOM/EF.SDN (Service Dialling Numbers) is specified in section
10.5.9 of TS 51.011 and required by EIRENE for GSM-R.
Let's use the pre-existing EF.ADN decoder to decode this file.
Change-Id: If91332b10138096d465a9dccf90744de2c14b2be
Related: OS#5784
Those files contain a bit-mask of active group IDs stored at the
respective positions in EV.VGCS and EF.VBS. However, the bit-order
of each byte is reversed.
Change-Id: I77674c23823aae71c9504b1a85cd75266edadc6f
Related: OS#5784
In their infinite wisdom, the authors of the EIRENE FFFIS for GSM-R SIM
cards invented yet a new way of encoding data in SIM card files: The
first record of a file may be encoded differently than further records
of files.
This patch implements the feature based on the newly-introduced way by
which we pass the record number to the encoder and decoder methods.
Change-Id: Ib526f6c3c2ac9a945b8242e2e54536628376efc0
Related: OS#5784
In their infinite wisdom, the authors of the EIRENE FFFIS for GSM-R SIM
cards invented yet a new way of encoding data in SIM card files: The
first record of a file may be encoded differently than further records
of files.
Let's add the required infrastructure to pySim so that the encode and
decode methods for record-oriented files get passed in the current
record number.
Change-Id: I02d6942016dd0631b21d1fd301711c13cb27962b
Related: OS#5784
This fixes the below exception when trying to decode records of EF.FN:
EXCEPTION of type 'TypeError' occurred with message: 'unsupported operand type(s) for &: 'str' and 'int''
Change-Id: I3723a0d59f862fa818bea1622fe43a7b56c92847
Related: OS#5784
So far we supported
* GSMTAP live traces via a UDP socket
* RSPRO traces from pcap files (or live)
We were lacking support for reading GSMTAP stored in pcap, which
is what this patch implements.
Change-Id: I46d42774b39a2735500ff5804206ddcfa545568c
DF.GSM and ADF.USIM have an EF.AD with nearly the same contents. Usually
there is one file physically present and the other is just a link.
Apparantly this is not always the case for sysmo-ismi-sja2 cards, so
lets program EF.AD in both locations.
Change-Id: Ic9dd4acc8d9a72acbb7376ddf3e2128125d4a8f5
Related: OS#5830
The function name "write_parameters" is very generic and since it is
called during the programming cycle it should be made clear that it is
not about writing parameters to the card.
Change-Id: Idaba672987230d7d0dd500409f9fe0b94ba39370
The process_card function has a dry-run mode where one can test
parameters without actually writing to the card. However, the dry-run
feature also does not perform read operations and connects to the card
reader at a different point in time. Lets be more accurate here and
perform all operations a normal programming cycle would perform but
without calling the card.program() method.
Change-Id: I3653bada1ad26bcf75109a935105273ee9d1525c
Since we now ensure that mnc always has a valid length lets make the
check in cards.py more strict.
Related: OS#5830
Change-Id: Iee8f25416e0cc3be96dff025affb1dc11d919fcd
The handling of the mnclen parameter does not work. Lets fix it so that
it can be used again with CSV and normal card programming. Lets ensure
that depending on the parameter and the defaults it is always ensured
that the mnc string has the correct length so that lower layers can
deduct the length of the mnc properly by the string length of the mnc.
Change-Id: I48a109296efcd7a3f37c183ff53c5fc9544e3cfc
Related: OS#5830
The function that goes through the CSV file and searches for either IMSI
or ICCID or picks a specific line by number is very hard to read and
understand. Lets clean it up and add useful error messages
Change-Id: I7ae995aa3297e77b983e59c75e1c3ef17e1d7cd4
Related: OS#5830
The decoder/encoder of that decodes the EF.xSIM_AUTH_KEY files has an
overcomplicated handling for op/and opc. There is a condition that
checks if milenage is configured and another one that checks if the
string is recognized as OP or OPc. Both is not correct and seems not to
work (op and opc is always displayed as "null")
The encoder/decoder should focus on the physical file layout and
regardless of any other conriguration the OP/OPc field is physically
present and should be displayd and presented for editing.
Change-Id: I6fa3a07e5e473273498d3f13d4cfa33743b787e1
Split the jenkins job up in three parts, so each of them can run in
parallel, and the test part that has to run on a specific node (and
blocks it while running), finishes faster.
Don't install depends of pylint/docs jobs as they will run in docker
and the depends get installed once in the container.
Related: OS#5497
Depends: docker-playground Id5c75725d2fab46b29773fa4f637fa2d73fa7291
Depends: osmo-ci Iea4f15fd9c9f8f36cb8d638c48da000eafe746a4
Change-Id: I5245c529db729e209d78a02ab9c917a90d0e0206
This introduces a hierarchy of classes implementing
* ETS TS 102 225 (general command structure)
* 3GPP TS 31.115 (dialects for SMS-PP)
In this initial patch only the SMS "dialect" is supported,
but it is foreseen that USSD/SMSCB/HTTPS dialects can be
added at a later point.
Change-Id: I193ff4712c8503279c017b4b1324f0c3d38b9f84
With this version I can get all unittests passing:
python -m unittest discover tests/
We're passing argument 'path' to stream_read_entire(), which was
added in [1] and become available since v2.9.51.
Change-Id: I4223c83570d333ad8d79bc2aa2d8bcc580156cff
Related: [1] bfe71315b027e18e62f00ec4de75043992fd2316 construct.git
Related: OS#5666
Argument 'signed' was added in [1] and become available since v2.10.63.
Therefore using bytes2integer() and integer2bytes() from construct.core
bumps the minimum required version of construct to v2.10.63. For
instance, debian:bullseye currently ships v2.10.58.
There is no strict requirement to use construct's API, so let's use
Python's API instead. This allows using older construct versions
from the v2.9.xx family.
Change-Id: I613dbfebe993f9c19003635371941710fc1b1236
Related: [1] 660ddbe2d9a351731ad7976351adbf413809a715 construct.git
Related: OS#5666
-x Print commands and their arguments as they are executed
-e Exit immediately if a command exits with a non-zero status
Change-Id: I13af70ef770936bec00b050b6c4f988e53ee2833
Use multiple processes to speed up pylint. Specifying -j0 will
auto-detect the number of processors available to use.
On AMD Ryzen 7 3700X this significantly reduces the exec time:
$ time python -m pylint -j1 ... pySim *.py
real 0m12.409s
user 0m12.149s
sys 0m0.136s
$ time python -m pylint -j0 ... pySim *.py
real 0m5.541s
user 0m58.496s
sys 0m1.213s
Change-Id: I76d1696c27ddcab358526f807c4a0a7f0d4c85d4
pylint v2.15 is crashing, let's fall-back to a known to work v2.14.5.
Change-Id: Ie29be6ec6631ff2b3d8cd6b2dd9ac0ed8f505e4f
Related: https://github.com/PyCQA/pylint/issues/7375
Related: OS#5668
Register a ProactiveHandler with pySim.transport and call the decoder
from pySim.cat to print a decoded version:
Example usage (exact data only works on my specific card due to the
encrpyted payload):
pySIM-shell (MF/ADF.USIM)> envelope_sms 400881214365877ff6227052000000000302700000201506393535b000118dd46f4ad6b015922f62292350d60af4af191adcbbc35cf4
FETCH: d0378103011300820281838b2c410008812143658700f621027100001c12b000119660ebdb81be189b5e4389e9e7ab2bc0954f963ad869ed7c
SendShortMessage(CommandDetails({'command_number': 1, 'type_of_command': 19, 'command_qualifier': 0}),DeviceIdentities({'source_dev_id': 'uicc', 'dest_dev_id': 'network'}),SMS_TPDU({'tpdu': '410008812143658700f621027100001c12b000119660ebdb81be189b5e4389e9e7ab2bc0954f963ad869ed7c'}))
SW: 9000, data: d0378103011300820281838b2c410008812143658700f621027100001c12b000119660ebdb81be189b5e4389e9e7ab2bc0954f963ad869ed7c
Change-Id: Ia4cdf06a44f46184d0da318bdf67077bc8ac9a1a
This introduces an optional argument to the LinkBase class constructor,
where the application can pass an instance of a ProactiveHandler derived
class in order to handle the proactive commands that the LinkBase is
automatically fetching whenever the card indicates so.
Change-Id: I844504e2fc1b27ce4fc7ede20b2307e698baa0f6
This adds deciding for the bulk of the TLV objects used in the
ETSI CAT (Card Application Toolkit) and 3GPP USAT (USIM Application
Toolkit) systems.
This patch just adds the definitions, but doesn't use them anywhere yet.
Change-Id: I0c66912dbc10164e040e2fec358cef13c45a66ec
The TLV_IE.from_tlv() method is part of a base class that is inherited
by more specific classes. The official way to obtain the tag is the
inherited-class-provided self._compute_tag() method, and *not* a direct
reference to the self.tag member.
This allows for some more obscure TLV parsers, such as the upcoming one
for Proactive Commands in the CAT/OTA context.
Change-Id: I0cd70e31567edc5a0584336efcb5e4282734f6dd
In commit Ib88bb7d12faaac7d149ee1f6379bc128b83bbdd5 I accidentially
broke those commands by adding argparse definitions for better
documentation. When adding the @cmd2.with_argparser decorator,
the method argument changes from the raw string to an argparse.Namespace
object.
This patch fixes the below exception:
pySIM-shell (MF/ADF.USIM)> terminal_profile ffffffff
Traceback (most recent call last):
File "/usr/local/lib/python3.10/dist-packages/cmd2/cmd2.py", line 2129, in onecmd_plus_hooks
stop = self.onecmd(statement, add_to_history=add_to_history)
File "/usr/local/lib/python3.10/dist-packages/cmd2/cmd2.py", line 2559, in onecmd
stop = func(statement)
File "/usr/local/lib/python3.10/dist-packages/cmd2/decorators.py", line 336, in cmd_wrapper
return func(*args_list, **kwargs)
File "/space/home/laforge/projects/git/pysim/pySim/ts_31_102.py", line 1274, in do_terminal_profile
(data, sw) = self._cmd.card._scc.terminal_profile(arg)
File "/space/home/laforge/projects/git/pysim/pySim/commands.py", line 583, in terminal_profile
data_length = len(payload) // 2
TypeError: object of type 'Namespace' has no len()
Change-Id: Ia861eeb2970627d3ecfd0ca73f75ca571c6885b2
Fixes: Ib88bb7d12faaac7d149ee1f6379bc128b83bbdd5
the interpret_sw() method was moved from RuntimeState to RuntimeLchan
in Change-Id I7aa994b625467d4e46a2edd8123240b930305360 - but the code
in pySim/exceptions.py was not adjusted accordingly.
Change-Id: I0614436c99c6a6ebc22c4dc14fb361c5f5f16686
While in the pySim-shell, it's useful to filter the currently selected
file from the choice of available files for select, this doesn't apply
for the tracing case: It's perfectly valid for the UE to SELECT the
file that's already selected right now. The operation basically
becomes equivalent to a STATUS.
Change-Id: I1a20fb3ba70426333ac34448c6cb782c51363965
We need to pass the 'PARENT' flag to get_selectables() to be able
to track SELECT on any of the parent/ancestor DF FID.
Change-Id: Ia7ac627d5edccb97160c90688d720d887fad6ec7
I didn't check the specs, but at least experience with real-world cards
(and modems) shows that it's not just permitted to select the immediate
parent DF, but all ancestors of the currently selected file.
So adjust the get_selectables() method to not just return the immediate
parent, but to recurse all the way up and report the FID of any ancestor
DF.
Change-Id: Ic9037aa9a13af6fb0c2c22b673aa4afa78575b49
In order to be able to explicitly select the MF via 3f00,
we need to pass the 'MF' to get_selectables(), so the record
is included in the list of selectable files from the current
working directory.
Change-Id: I27085896142fe547a6e93e01e63e59bbc65c8b8a
All other get_selectables() understand a flag like 'FIDS' to request
only the hexadecimal FIDs and not the file names. However, the
CardEF.get_selectables() ignored those flags and unconditionally
returned the names.
Change-Id: Icdc37cae3eecd36d167da76c30224b9d48c844fd
The Tracer implemented those options and the argparser handled it,
but we didn't ever connect the two.
Change-Id: I7d7d5fc475a8d09efdb63d3d6f1cc1de1996687b
If the modem/UE doesn't ask for the FCP to be returned, a SELECT
can exit with 9000 and no response body. Don't crash in that case.
Change-Id: I66788717bec921bc54575e60f3f81adc80584dbc
Instead of a cryptic backtrace, we now return a meaningful error like this:
{"error": {"message": "Security Status not satisfied - Card PIN enabled?", "status_word": "6982"}
Change-Id: I6dafd37dfd9fa3d52ca2c2e5ec37a6d274ba651b
Closes: OS#5606
Let's make sure even error messages are returned in JSON format.
While at it, also reduce some code duplication between the 'auth'
and 'info' route handlers by using the klein handle_errors decorator
instead of manual exception catching.
Change-Id: I1e0364e28ba7ce7451993f57c8228f9a7ade6b0e
Closes: OS#5607
This introduces a new pySim.apdu module hierarchy, which contains
classes that represent TPDU/APDUs as exchanged between
SIM/UICC/USIM/ISIM card and UE.
It contains instruction level decoders for SELECT, READ BINARY and
friends, and then uses the pySim.filesystem.Runtime{Lchan,State} classes
to keep track of the currently selected EF/DF/ADF for each logical
channel, and uses the file-specific decoder classes of pySim to decode
the actual file content that is being read or written.
This provides a much more meaningful decode of protocol traces than
wireshark will ever be able to give us.
Furthermore, there's the new pySim.apdu_source set of classes which
provides "input plugins" for obtaining APDU traces in a variety of
formats. So far, GSMTAP UDP live capture and pyshark based RSPRO
live and pcap file reading are imlpemented.
Change-Id: I862d93163d495a294364168f7818641e47b18c0a
Closes: OS#5126
Fix a bug in the pySim.sysmocom_sja2 module, where we defined unnamed
bits in BitStruct without a default value causing exceptions like this:
EXCEPTION of type 'KeyError' occurred with message: 'None'
Change-Id: Ib2da5adda4fae374ab14bb8100f338691aef719a
Closes: OS#5575
We were invoking the constructor with the description as 4th positional
argument, but that was actually the 'size' argument in this case.
Let's swap the order to be aligned with other file constructors.
Change-Id: I9acee757f096fef0d8bacbec3b52f56267cd52f6
The size should be a *tuple*. In reality we so far passed a set. The
problem with the set is that ordering is not guaranteed, and hence we
cannot assume the first and second item have meaning (minimum vs.
default record length).
Change-Id: I470f4e69c83cb2761861b3350bf8d49e31f4d957
As the documentation strings say: The size should be a *tuple*. In
reality we so far passed a set. The problem with the set is that
ordering is not guaranteed, and hence we cannot assume the first and
second item have meaning (minimum vs. default size).
While at it, use a type annotation to catch such bugs easily.
Change-Id: I553616f8c6c4aaa8f635b3d7d94e8e8f49ed5a56
Reduce all the copy+pasted '/'.join(path_list) constructs with
a method returning the formatted path string.
Change-Id: I5e9bfb425c3a3fade13ca4ccd2b891a0c21ed56d
Otherwise we have binary/bytes as values inside the dict, rather than a
hexadecimal string. That's ugly when printing without json formatting.
Change-Id: Ia3e7c4791d11bd4e3719a43d58e11e05ec986d1f
Even while we don't yet have a proper decoder, let's at least represent
the network name as hex-string
Change-Id: I4ed626699d1e4e484d4ffd04349676dadff626a0
This file existed in earlier specs like Release 3.8.0, but was removed
in later revisions. Still, there are cards around implementing that
older spec, so let's add a decoder.
Change-Id: Ic7163b2a01f64ef1223cf15b8d0813d3edf5b61a
We want to use this class in an upcoming patch for DF_MCS support,
and in order to avoid cyclic imports, EF_UServiceTable must be moved.
Change-Id: I9cd6ab795bfd92f845eb943679a3d6302f1003ce
cards can have multiple logical channels; each logical channel
has its own state of what is the current selected file + application.
Let's split the RuntimeState class into the global RuntimeState and the
per-lchan-specific RuntimeLchan class.
This code doesn't actually introduce any code that uses lchans other
than the basic logical channel (0), but just modifies the data model
to accomodate those in the future.
Change-Id: I7aa994b625467d4e46a2edd8123240b930305360
When using __str__ for a CardDF we would get "DF(DF.TELECOM)"
but when using it on CardADF we would get ADF(a0000000871002)"
instead of "ADF(ADF.USIM)". Let's fix that.
Change-Id: I5801a08bcc28cb222734af6d9ee835227f4fee69
As it is possible to select files relative to the currently selected
ADF, we should keep track of that.
Change-Id: I83c93fdcd23b1d3877644ef0bf72d330343fbbc7
We should first see if any of the files in the tree actually
require a service mapping before raising
ValueError('TODO: implement recursive service -> file mapping')
Change-Id: I9c339f0cac020e7eec7f4f840748040e5f77923d
Service 126 relates to DF.5GS/EF.UAC_AIC. As we are deactivating that
file in the script, we should also disable the related EF.UST service.
Change-Id: Id35035aaf23b2163caed3197786288c87be03cfa
In class SimCard, we specify the key reference for ADM1 as 0x04. in the
UsimCard class, which inherits from SimCard nothing is specified, even
though ETSI TS 102 221 specifies 0x0A as key reference. Lets set the
member in UsimCard accordingly to be closer to the spec.
Note: For the moment this is a cosmetic fix, it does not change the
behaviour since all card classes derived from UsimCard set the key
reference properly.
Change-Id: I96af395b1832f4462a6043cca3bb3812fddac612
ETSI TS 102 221, Table 9.3 specifies 0x0A as default key reference for
ADM1. Lets make sure pySim-shell uses this key-reference if the card is
a generic UICC.
Change-Id: I8a96244269dc6619f39a5369502b15b83740ee45
The TLV IEs FILE SIZE and TOTAL FILE SIZE have a minimum length of 2
byte. Even when the length is in the single digit range two bytes must
be used. See also: ETSI TS 102 221, section 11.1.1.4.1 and 11.1.1.4.2
Change-Id: Ief113ce8fe3bcae2c9fb2ff4138df9ccf98d26ff
When updating files and records there are sometimes huge portions that
are just 0xff. Mostly this is at the end of a file or record that is not
completely used. Lets add a notation to tell PySim-shell how to fill
those sections.
Change-Id: Iedd7887bf7d706878f4a3beca8dbea456404610b
When we run the exporter we also get an error summary at the end.
However, if walk() throws an eception this stops the exporter
immediately and we won't get the summpary. Lets catch exceptions from
walk as well so that we are able to end gracefully.
Change-Id: I3edc250ef2a84550c5b821a72e207e4d685790a5
The walk() method that we use to traverse the whole file system tree is
currently only able to execute action callbacks on EFs. Lets add a
mechanism that allows us to have a second callback that is executed when
we hit a DF or ADF.
Change-Id: Iabcd78552a14a2d3f8f31273dda7731e1f640cdb
The apdu command is used to communicate with the card on the lowest
possible level. Lets make it available even before a card profile (rs)
is avalable. This is especially useful when the card has no files on it,
in this situation pySim-shell will not be able to assign a profile to
the card at all. We can then use the apdu command to equip the card with
the most basic files and start over.
Change-Id: I601b8f17bd6af41dcbf7bbb53c75903dd46beee7
he method probe_file returns the decoded FCP after it managed to
successfully probe the file. Lets also return the encoded FCP string, as
it is needed by the caller.
Change-Id: Ia5659e106fb0d6fb8b77506a10eba309e764723e
The as_json parameter has been added as an additional parameter to the
export function. Lets use a dictionary here and put the parameter in it.
This makes it easier to add more options in the future
Change-Id: Ie860eec918e7cdb01651642f4bc2474c9fb1924f
This information is mandatory for linear files as per TS 102 221 V15
section 11.1.1.4.3. This might not have been spotted earlier because
cards of type sysmoISIM-SJA2 accept creation without it as well.
Change-Id: I8aeb869c601ee5d1c8b02da6d72eb3c50e347982
Before this patch:
$ ./pySim-shell.py -p 0
Card reader initialization failed with an exception of type:
<class 'pySim.exceptions.ReaderError'>
after:
$ ./pySim-shell.py -p 0
Card reader initialization failed with exception:
No reader found for number 0
Change-Id: Id08c4990857f7083a8d1cefc90ff85fc20ab6fef
The DataObject is some weird / rarely used different code than the
normal TLV encoder/decoder. It has apparently so far only been used
for decoding, without testing the encoding side, resulting in related
bugs.
Let's fix those that I encountered today, and add a test case.
Change-Id: I31370066f43c22fc3ce9e2b9ee75986a652f6fc4
While the short ID of this file is 05, the actual file-id is 6f03.
Reference to TS 31.103 section 4.2.3.
Change-Id: Idd572ab064ea38e74dffd583c27ea505b23214a2
This should avoid the following pylint error:
************* Module pySim.ts_31_102
pySim/ts_31_102.py:621:100: E0601: Using variable 'sw' before assignment (used-before-assignment)
Change-Id: I0bb9607cdab0e6e3cd17b4d27129a51a607bc0f2
These commands can be used to decode a user-provided hex-string,
instead of decoding the data read from the file. This is useful
for quickly manually decoding some values read from other locations,
such as e.g. copy+pasted from a eSIM profile in ASN.1 value notation.
Change-Id: I81f73bce2c26e3e5dfc7538d223bb2d2483c7fa0
The OPL has 7 bytes "LAI" as the LAI actually contains a LAC
range (so two more bytes for the end of the 16bit range).
Change-Id: I74bcf10b0a8977af0f2844044a812c5780af1706
range(0,7) in python is 0..6, and not 0..7, so we need range(0.8)
to produce the desired range covering all bits of a byte.
This resulted in services 8,16,24,... not being displayed in
the decoded output of EF.UST / EF.IST.
Change-Id: I22bbc481de342685352bf5b13d54931d3f37f9b7
The SFI TLV contanins not the raw SFI, but it contains the SFI
shifted to left by 3 bits (for some strange reason). So let's
un-shift it.
Change-Id: Ibc69b99010d2a25cbb69b6a3d1585d0cb63f1345
* don't duplicate information between .rst files and docstrings
* if there's more than a trivial single-line documentation, put it as
docstring into the python source and use ".. argparse" to pul it into
the manual
* add documentation for some commands for which it was missing
* show one level deeper in the navigation table, listing the commands
Change-Id: Ib88bb7d12faaac7d149ee1f6379bc128b83bbdd5
The FCP template provides us a lot of context, like the permissions of
a given file. Let's make it part of the 'export' output, both in raw
and in decoded form.
Change-Id: I05f17bbebd7a9b3535204b821900851a5f66e88f
Closes: OS#5457
This adds support for creating/deleting and terminating files,
as well as support for permanent card termination.
Change-Id: I5b1ffb1334afa18d62beb642268066a30deb7ea6
With this patch applied, users can directly enter commands like
select DF.GSM/EF.IMSI or
select ADF.USIM/DF.5GS/EF.5GAUTHKEYS
This feature doesn't have tabl completion, so it's mostly useful
for when you know what to select, or for use within scripts.
Change-Id: I681a132eb2df4b2aba4c2ccbdd21c6d5b88443e3
We must not only consider files in the current directory (ADF.USIM)
but also in its sub-directories. This requires us to be able to
determine the path we need to traverse between the currently selected
file (EF.UST) and the respective file in some other directory,
which is implemented via CardFile.build_select_path_to().
Change-Id: I61797fefa9dafa36a8a62c11aa2cfaeecb015740
We had service annotations only for ADF.USIM so far, but not for
the related sub-directories.
Change-Id: Iaa56a26ba53eaf18fce14845ae07a27c52a2c58a
Note: The code doesn't make use of them in any reasonable way yet!
The existing code had the following serious problems:
* when trying to update EF.SST or EF.IST, it would write to EF.UST !
* shell commands were called ust_* even for the EST/IST files
Let's introduce the proper separation between what is shared and what
is file-specific.
Change-Id: Ie55669ca37a4762fac9f71b1db528ca67056e8dd
This command performs a consistency check between the services activated
in EF.UST/EF.IST and the files that should (or should not) be
active/selectable for the given service.
Produces output like:
Checking service No 48 (inactive)
ERROR: File EF(EF.MWIS) is selectable but should not!
Checking service No 49 (active)
ERROR: File EF(EF.CFIS) is not selectable (SW=6a82) but should!
Change-Id: Iea7166959e2015eb8fa34d86036560c9e42ce4d3
We want people to use pySim-shell and should not mislead them by
having usage examples of old tools in README.md. Also, all
documentation should be in the manuals, let's try to have bits
and pieces in various places.
Change-Id: I8c07a2e0778ab95fb42be6074acb80874e681d20
This allows us [in a future patch] to perform consistency checking,
whether files exist for services not activated in EF.{UST,IST} or
vice-versa: Services are activated by files are not present or
deactivated.
Change-Id: I94bd1c3f9e977767553000077dd003423ed6dbd1
This can be populated by card profiles with the SST/IST/UST service
that is associated with the file.
Change-Id: I3b3f74b691368fa09967ecb377a9f7a6d8af7869
This can be useful when playing around with cards, for example
sending commands for which pySim-shell doesn't yet have proper support.
Change-Id: Ib504431d26ed2b6f71f77a143ff0a7fb4f5ea02e
The primary use case of the --json option is to systematically execute
all of our decoder classes in order to find bugs. As we don't have
encoders for all files yet, the output generated by 'export --json'
will in many cases not be executable as script again, unlike the normal
'export' output.
Change-Id: Idd820f8e3af70ebcbf82037b56fd2ae9655afbc5
pytlv is a nightmare of shortcomings, let's abandon it in favor of
our own meanwhile-created pySim.tlv. This has the added benefit
that unknown tags finally no longer raise exceptions.
Change-Id: Ic8e0e0ddf915949670d620630d4ceb02a9116471
Closes: OS#5414
This happens e.g. when selecting the ARA-M applet on sysmoISIM-SJA2:
pySIM-shell (MF)> select ADF.ARA-M
-> 00a4040409 a00000015141434c00
<- 9000:
Traceback (most recent call last):
File "/space/home/laforge/.local/lib/python3.9/site-packages/cmd2/cmd2.py", line 2064, in onecmd_plus_hooks
stop = self.onecmd(statement, add_to_history=add_to_history)
File "/space/home/laforge/.local/lib/python3.9/site-packages/cmd2/cmd2.py", line 2494, in onecmd
stop = func(statement)
File "/space/home/laforge/projects/git/pysim/./pySim-shell.py", line 750, in do_select
fcp_dec = self._cmd.rs.select(path, self._cmd)
File "/space/home/laforge/projects/git/pysim/pySim/filesystem.py", line 1314, in select
select_resp = f.decode_select_response(data)
File "/space/home/laforge/projects/git/pysim/pySim/filesystem.py", line 193, in decode_select_response
return self.parent.decode_select_response(data_hex)
File "/space/home/laforge/projects/git/pysim/pySim/filesystem.py", line 378, in decode_select_response
return profile.decode_select_response(data_hex)
File "/space/home/laforge/projects/git/pysim/pySim/ts_102_221.py", line 796, in decode_select_response
t.from_tlv(h2b(resp_hex))
File "/space/home/laforge/projects/git/pysim/pySim/tlv.py", line 231, in from_tlv
(rawtag, remainder) = self.__class__._parse_tag_raw(do)
File "/space/home/laforge/projects/git/pysim/pySim/tlv.py", line 258, in _parse_tag_raw
return bertlv_parse_tag_raw(do)
File "/space/home/laforge/projects/git/pysim/pySim/utils.py", line 208, in bertlv_parse_tag_raw
if binary[0] == 0xff and len(binary) == 1 or binary[0] == 0xff and binary[1] == 0xff:
IndexError: bytearray index out of range
EXCEPTION of type 'IndexError' occurred with message: 'bytearray index out of range'
Change-Id: I910e6deba27d1483dff1e986c89f1a1b2165f49b
We have a number of integers with variable-length encoding, so
add a Construct for this. Naming inspired by GreedyBytes.
Related to https://github.com/construct/construct/issues/962
Change-Id: Ic6049b74ea3705fda24855f34b4a1d5f2c9327f7
Our hand-written JSON so far is using snake_case identifiers,
while the JSON generated by the pySim.tlv classes use the class
names as keys, which LooksQuiteDifferent.
So let's auto-convert the CamelCase into something that reflects
our existing notion.
Change-Id: Id55929ef03dc48cb668e6ba7e99b6b291680a42f
We had a mixture of tab and 4space based indenting, which is a bad
idea. 4space is the standard in python, so convert all our code to
that. The result unfortuantely still shoed even more inconsistencies,
so I've decided to run autopep8 on the entire code base.
Change-Id: I4a4b1b444a2f43fab05fc5d2c8a7dd6ddecb5f07
EF.DIR can not only contain the AID + Label of TS 102 221, but can
also contain any of the DOs specified in ISO7816-4. Let's imoplement
this based on the modern pySim.tlv parser
Change-Id: I875eb49e1f0370428c2eae69af84f5483bd5b1fc
Closes: OS#5410
As we've seen in recent patches, this has been a source of bugs, so
let's be tolerant and deal with both.
Change-Id: I0a5ec2a860104ffe4524c647105a42505ac394d6
In Change-Id I6d7c1bf49a8eaf3d8e50fb12888bf3d5b46b6c55 we fixed the
filesystem code to assume the self._tlv memper is a reference to a
class, and not an instance (as this is what the majority of the code
did).
However, it seems thre wer two instances where we actually had _tlv
reference an instance. Change that to class so it's the same all over
the code base.
Change-Id: Ie4878ad6a92feafe47e375c4f5f3f198921e1e95
So far, we only returned an array of service numbers like
[ 2, 4, 5, 9 ] which is not very friendly to the human reader.
In EF.SST we already had more verbose decoding including a description
of each service. Let's add the same principle to EF.UST, EST and IST
The same output above now looks like this:
{
"1": {
"description": "Local Phone Book",
"activated": false
},
"2": {
"description": "Fixed Dialling Numbers (FDN)",
"activated": true
},
"3": {
"description": "Extension 2",
"activated": false
},
"4": {
"description": "Service Dialling Numbers (SDN)",
"activated": true
},
"5": {
"description": "Extension3",
"activated": true
},
"6": {
"description": "Barred Dialling Numbers (BDN)",
"activated": false
},
"7": {
"description": "Extension4",
"activated": false
},
"9": {
"description": "Incoming Call Information (ICI and ICT)",
"activated": true
}
}
Change-Id: I34f64d1043698dc385619b2fdda23cb541675f76
There is no $base in this script, and the current form renders:
make: *** /docs: No such file or directory. Stop.
Build step 'Execute shell' marked build as failure
Change-Id: Ifcf27f7497daeb285dfb364bff20d0c861c77dcb
Related: OS#5271
At least on Debian 10 and unstable, I'm getting this error for pylint:
************* Module pySim.utils
pySim/utils.py:570:1: E0611: No name 'strxor' in module 'Crypto.Util.strxor' (no-name-in-module)
despite it clearly existing:
>>> import Crypto.Util.strxor
>>> Crypto.Util.strxor.strxor
<built-in function strxor>
So let's suppress the related pylint error.
Change-Id: Iea89e758782a569be953d19892028f083a92c2f1
5.1 was the version introducing pyyaml.FullLoader which we're using,
see https://pyyaml.org/wiki/PyYAML#history
Change-Id: I0f2fa08ceeac2759218e85ad5bdce3ef951d0b74
Add file specific command `update_imsi_plmn` to EF_IMSI to replace
the mcc and mnc part of the imsi for use in bulk_script(s)
Change-Id: I9662ff074acf9dc974ae4c78edac44db286e98fc
when encoding the AcT value bit 11 is correctly set
when NG-RAN is present in the string representation,
however the decoding of bit 11 was missing.
Adds tests for the decoder as well.
Change-Id: I910df28c4c59ec94cce9603377786325f6d8c1a3
When probing applications on a card by running select_adf_by_aid()
SwMatchError exceptions indicating the non exsistance of that
application on the card should be ignored.
Change-Id: I3aa7deaf46bdf352a201c3089b3714405a06f281
When printing applications found by probing for a specific AID, then the
wrong variable is used to print the AID.
Change-Id: I3d5ec28e46fe00c0d793a1d9ef0a0e0900649a4d
A profile can cover lots of different applications. Those applications
may not exist on all card models. To exclude applications that are not
installed on the particular card EF.DIR is evaluated. However, there may
be applications that are not registered in EF.DIR but supported by the
profile. To cover those as well, lets try to select the applications we
do not see in EF.DIR. If selecting works we know that the application
exists on the card and we can include them in the RuntimeState.
Change-Id: I3fa77a68664fe50d690a18adfb1ae1a88a189827
* serial is according to pypi: "A framework for serializing/deserializing
JSON/YAML/XML into python class instances and vice versa"
Change-Id: I154276fbadd70f6be94ba7d99e61f7e9eedbeb33
There is no need for us to expand a partial AID to the full AID before
selecting that ADF. The UICC specifications permit AID selection by
prefix only. So we could pass the prefix to the card, and the card would
do the prefix matching. In order to avoid problems with cards that fail
to do the prefix matching themselves we will still do the AID
completion, but in case we cannot complete the AID (AID not listed in
EF.DIR), we will try with the AID prefix anyway.
From the API user point of view, this allows us to select applications
not listed in EF.DIR
Change-Id: I0747b4e46ca7e30bd96d76053765080367ac1317
The method decode_select_response does not access any property of the
object. This means the method can be static.
Change-Id: Idd7aaebcf1ab0099cd40a88b8938604e84d8a88b
The select response of an UICC will always return the number of records
of a file. However, older SIM will not include the number of records in
the select response. In those cases, simply guess the number of records
by reading until the first invalid record is hit.
Change-Id: Ib480797d881b9ec607ec6a86b73d452449f8cf87
Related: OS#5274
At the moment the non checking send_apdu() method is used when records
are read. Lets use read_record_checksw so that we get an exception in
case there is a problem to read the specified record.
Change-Id: I9fc411e1b12e8d9fd89b9964209808c0706011bd
The method decode_select_response just calls the function
_decode_select_response. But the function _decode_select_response
is not called from any other location, so we can move it into the
profile class.
Change-Id: Icf0143f64ca7d1c1ebf60ba06585f7afc1ac0d11
UICC and old SIM cards can be difficult to tell apart without prior
knowledge of the card. The ATR won't tell if the card is UICC or not.
The only remaining option is to try out if the card is able to handle
UICC APDUs. The same is true for 2G SIM cards. It is not guranteed that
every UICC card will have 2G functionality.
Lets add functionality to match a profile to the currently plugged card
by actively probing it.
Lets also add another profile to distinguish between UICC-only cards and
UICC cards that include SIM functionality.
Change-Id: If090d32551145f75c644657b90085a3ef5bfa691
Related: OS#5274
Before reading EF.IST ADF.ISIM is selected again even though it was
selected before. Lets skip this step since it is unnecessary.
Change-Id: I75be18e3476cb1d093bc99775eeddd0c08b81d78
The function select_adf_by_aid first searches for the complete AID in
the set of AIDs that were read from EF.DIR. Lets put this task into a
separate helper method
Change-Id: I88447d47bc96d0d4ff5cea694b46e854232cdf86
This introduces support for talking to the ARA-M application on a card,
as specified in the GlobalPlatform "Secure Element Access Control"
specification v1.1.
Change-Id: Ia9107a4629c3d68320f32bbd4dd26e1f430717da
The table that holds the status word descriptions is initialized as an
empty list '[]'. This is not correct since the interpret_sw method
processes this data as dictionary, so lets initialize the sw member with
an empty dict '{}' when not status word description is given.
Change-Id: I3cae83f0f6ab274546991ecd14425f094b2816b2
Related: OS#5274
The class byte and the select control bytes are different for SIM cards
and UICC cards. Lets define those parameters in the card profile, so
that we always get the correct parameters depending on which profile we
use.
Change-Id: I2d175e28bd748a4871b1373273b3a9be9ae8c4d0
Related: OS#5274
When the runtime state is created there is already some interaction with
the card. Lets make sure that the card is in a defined state when we
leave the constructor of the RuntimeState.
Change-Id: I986204964903069bcce781afdbf3c5d26682b749
Related: OS#5274
When the profile does not define any ADFs, then do not try to read any
AIDs. This is the case for old non UICC SIMs for example.
Change-Id: I8cfbee1d23e9f99461fa5f4fbf92c1a0929c50bf
Related: OS#5274
There are some problems with the usage of decode_select_response. At the
moment the ADF files overload the related method to provide decoding of
the select responses as per 3gpp TS 102 221. However, this also means
that the decoder is only available under ADF.USIM and ADF.ISIM. DF.GSM
and DF.TELECOM also overload the decoder method, just like an ADF would
do. This decoding method is then implemented as per 3gpp TS 51 011.
Since this a a problem on UICCs, the method detects the magic byte 0x62
that can be found at the beginning on every select response of an UICC
to defer to the TS 102 221 decoding method. TS 51 011 defines the first
two bytes of the select response as RFU. This at least problematic.
To solve this there should be a default method for
decode_select_response in the profile, which can be used if no file
overloads it with a specific decoder. ADFs use specific decoders, but
everything else should use the default decoder. When we deal with an
UICC, we expect the select response to be consistantly conform to TS
102 221, if we deal with a clasic sim we expect responses as per TS 51
011 only.
Since it is still possible to replace the select response decoder we
still have the opportunity to have custom select response in cartain
DFs and ADFs should we need them.
Change-Id: I95e33ec1755727dc9bbbc6016ce2d99a9e66f214
Related: OS#5274
When pySim-shell is exited using CTRL+D it does not print a newline.
This means that the prompt of the OS shell shows up after the
pySim-shell prompt. This is irretating. Lets print a new line on exit
with CTRL+D so that everything looks straight.
Change-Id: I88e58094b9badeaabd8502006e5e16f35eaa683e
The computed length of the file may be negative, when the offset exceeds
the file length. When this is the case, return none
Change-Id: I2c017c620254fae188022851ef3b670730aab503
The transport layer provides a method send_apdu_checksw to send APDUs
and to be sure the SW is the expected one. Given that, there is no need
to verify the SW manually. The exception of send_apdu_checksw will catch
the problem and also display the SW in a human readable form.
Change-Id: I9ce556ac0b7bb21c5c5a27170c32af0152255b79
Related: OS#5275
the sim-rest-server is a minimal HTTP/RESTful API for performing
UMTS-AKA against a SIM card inserted in a locally reachable PC/SC
reader. Let's add s systemd service/unit file for people wanting to
run this service from systemd.
Change-Id: I84b390af09d33de2c740898ff3d7d5a90a300588
CardProfileSIM is currenty instantiated directly. However, it should be
implemented as class and then instaniated later like CardProfileUICC
Change-Id: I37d49b11a07ce5a80d1a703fab4620b7d1ecb25b
Currently we call the reset_card and get_atr methods directly at the
transport layer via the private _scc and _tp object of the card. This is
a violation. Fix and use the reset methods that are already in the
SimCard object.
Change-Id: I0e9d2a62a42a7387e7ca69d2ae830782a61aed89
There are situations where it is necessary to modify the class byte and
the selection control bytes of a card at runtime. This should not be
done by accessing the properties of the _scc object directly. The
modification of those properties should be done via a set method
instead.
Change-Id: Ifd8aa2660e44a18d28945d070419612eff443e78
A number of new commands were recently introduced without proper
coverage in the documentation (user manual). This includes equip,
bulk_script and others.
Change-Id: Ide7ba68ad90f6e5c2a41a2e3de22534258ebb7fd
We cannot simply skip anything that has 0xFF as first byte to detect
the padding after the end of a TLV object:
0xFF may very well be a valid first octet of a multi-octet TAG:
Tags of private class (11) with constructed (1) payload will have 0xFF
as first octet.
So let's expand the check to only detect padding in case of either only
a single byte FF being left, or two FF following each other [with
whatever suffix].
Change-Id: I5d64ce9ef1d973804daabae0b15c2e2349e6fab9
When calling from_dict() on a hierarchy of nested BER_TLV_IE,
only the first/outer layer of TLV_IE_Collection would get its
'decoded' initialized correctly from the dict. Subsequent layers
were not, as the 'decoded=' was passed as parameter during instance
initialization. If we first instantiate the class and then call the
from_dict() method, the recursive initialization down the full hierarchy
works as expected.
Change-Id: I795a33ed8dfa8454dc9079c189ab7b2ba64a3b72
There are instances where a TLV IE is used as just a flag, i.e.
length zero and no value part. In those situations, it would require
a lot of boilerplate code to require the TLV_IE class definitions to
have _to_bytes/_from_bytes methods that do nothing.
So instead, add a shortcut: If we want to encode 'None', then return
b'', and if we want to decode b'' return None.
Change-Id: Ie8eb2830e8eefa81e94b8b8b157062c085aeb777
GSM-R SIM cards have an additional directory (DF.EIRENE) with a number
of files. This is all specified in the following document:
UIC Reference P38 T 9001 5.0 "FFFIS for GSM-R SIM Cards"
Change-Id: I4034d09292a08d277d4abcbed9a0ec2808daaacb
There are scenarios where multiple cards need to get the same change.
Lets add a new command that takes a script as parameter and executes the
secript in a loop on multiple cards while prompting the user to change
the card before starting the next cycle.
Change-Id: I9e4926675c5a497a22fc6a4fefdd388fe18a2b2d
Related: SYS#5617
In change Id410489841bb9020ddbf74de9114d808b1d5adb6, the RuntimeState
class automatically adds additional files to the CardApplications for
ISIM and USIM. This works only once. The second time an exception will
be thrown because the added files are already in the CardApplication.
Currently there is no way generate new card applications during
initialization because the card applications are just objects that are
created once in ts_31_10x.py. Lets turn them into classes and create the
objects during initialization. This way we get fresh objects when we
re-initialize.
Change-Id: Ibb4f6242e7a92af84a905daa727b1b87016e7819
you can use this like that:
./pySim-shell.py -p0 --script ./scripts/sysmoISIM-SJA2/dump-auth-cfg.pysim
Change-Id: I5eac1af63d586f2371f519a160e1005fcbb27bfb
Similar to the fix in Ie1aeaab29701946233ed73db3331039690d695da
for update_binary(), read_binary() also contained a bug when treating
non-zero offsets.
Change-Id: Ic5c2f0ad1c1ec9c4e9c97e72895382f7b6fa9470
Related: OS#5254
Currently a card must be present in the reader until the user can enter
pySim-shell. Removing and plugging another card is in theory already
possible, but then the new card will operate on the old card and runtime
state object. It might also be useful to enter pySim-shell before the
card is plugged to execute some other commands for preperation before.
So lets allow to "equip" pySim-shell with a card and rs object at
runtime.
Related: SYS#5617
Change-Id: I9cf532d9da8203065463c7201e7064de6c7ab1b5
The select response decoder is using b2h() wrongly. b2h expects
a bytearray but we call it with an integer. In the following two
lines we try to convert an integer to an integer.
Change-Id: Ib6448d3bd7a0dc7f25e5ee82a42266b3313e2a95
In Icc240d5c8c04198640eb118565ea99f10ba27466 we introduced support for
writing files > 255 bytes by splitting the write into multiple chunks.
However, at the same time, that commit broke support for writing data at
non-zero offsets. Unfortunately, this is used extensively within
pySim-prog e.g. for writing K + OP/OPc data to sysmoISIM-SJA2 and sysmoUSIM-SJS1
cards.
This commit fixes the related problem.
Change-Id: Ie1aeaab29701946233ed73db3331039690d695da
Fixes: Icc240d5c8c04198640eb118565ea99f10ba27466
Closes: OS#5254
Before:
EXCEPTION of type 'NotImplementedError' occurred with message: ''
After:
EXCEPTION of type 'NotImplementedError' occurred with message: 'EF(EF.SST) encoder not yet implemented. Patches welcome.'
Change-Id: Ie8a10a8847f7c7c6a3332fb9f78de18c9f7f41d0
The card_detect function in cards.py allows to specify the card type or
use the hints "auto" and "auto_once" to trigger autodetection of the
card. However, "auto_once" has no effect and is not used by any caller,
so lets remove it.
Change-Id: Iea726f51e5ddb43d8a4da2672552fff38e29b006
* introduce type annotations
* introduce + derive implementations from base class
* move shared code to base class
Change-Id: I7168506cbebb1ebb67f47453419b860824912051
The code in __main__ which initalizes the reader and the card and
runtime state is not so well structured. Lets put the generation of the
card and rs (RuntimeState) object into a separate function. Also do not
wait indefinetly for a card. 3 seconds should be enough. If the card or
reader did not respond until then, then there will be a problem in any
case.
Change-Id: Id2a0f2012b84ce61f5c0c14404df559fca4ddfcd
Related: SYS#5617
The FairwavesSIM programming fails when the card is accessed with USIM
APDUs. To keep it working temporarly switch to SIM APDUs during
programming.
Change-Id: I8f02625d2b620ecdf4b2afc27a8750119b707152
When verify_adm is used with scripts, especially bulk provisioning, then
an exception is far more visible and allows us to spot problems with ADM
verification quicker.
Change-Id: I4162b43754efd061b6b9058b7ff8e1fc985e3538
Related: SYS#5617
The constructor gets an sl object on initalization. The card handler
will then carry out the reader operation wait_for_card().
In cases where an mechanically automated card reader is used it may
be useful to go without those operations and let the caller carry out
the appropriate reader operations. So Lets make the sl object
optional for the CardHandlerAuto class. If it is not present, simply
do not carry out the pre programmed reader operation.
Change-Id: I0f793aec51751b7c7b87d55b66326cce9970274e
Related: SYS#5617
Make sure that a reader is disconnected before connecting it. This will
efectively prevent resource leakage in the lower PCSC layers when the
reader is connected multiple times during bulk provisioning
Change-Id: I266e56f2330da25c680a76f4c0ca630a38e1f61b
There may be corner cases where an execption contains no error message.
In this case it might still be helpful to display the type of the
exeption calss to get at least an idea of what kind of error we are
dealing with.
Change-Id: I6e6b3acd17e40934050b9b088960a2f851120b26
The option and also the dest variable in the code are currently named
card_handler. This might be confusing since the variable actually refers
to a config file and therefore should be called "card_handler_config"
Change-Id: If93751e815cb46f9ff3f56b54e612d77fe1a6dfd
Almost all pySim-shell related commands are agrgated in PySimCommands.
There are a few exceptions, so there are some commands in PysimApp.
However, it makes sense to reserve PysimApp exclusively for very basic
commands that do not directly relate to card operations. So lets move
the command verify_adm and desc to PySimCommands.
Change-Id: I4a215c8a3907d69f702a70df9b85988be1ce3dbf
In OOP, we usually use capital letters for class names. The card handler
class should be no execption.
Change-Id: I4b2c06b1c607c993c9aaf0d57ad2352bb6b36e74
The variable card_handler is assigned in the following way:
card_handler = card_handler(sl)
This may cause problems since the class name and the variable name are
the same. Lets rename card_handler to avoid problems here.
Change-Id: I84dafc49862e373ae9f6a56bd2e8d1a02c27430a
The normal description can be accessed with `python3 setup.py --description`. The long description can be accessed with `python3 setup.py --long-description`.
Change-Id: I1581a2b9ad7c2b5ed64b77e5e277df792b37990d
The T0 protocol (selected in transport/pcsc.py) does not support extended APDU, so 255 bytes is the maximum number of bytes that can be transmitted at a time. We can divide large data into 255 byte chunks. The read_binary function already has code to read more than 255 bytes, so we can just adapt it to the update_binary function.
Change-Id: Icc240d5c8c04198640eb118565ea99f10ba27466
There are the classes IsimCard and UsimCard, which inheret from Card,
which is the base class for a normal non ISIM/USIM simcard. Card also
has methods in it that are related to simcards, so it is not just any
"Card", it is a SimCard and should be called that way.
Change-Id: I2077ded44bc2297b8d478c5bd1895951b494efcc
The USIM EF.AD has quite some more bits, it should have a separate
implementation and not reuse te DF.GSM/EF.AD implementation.
Change-Id: Iaf195cb63d5d12fc906a7e7cd85e3fd44589a41e
This adds an easy way for files to make use of the pySim.tlv parser.
All a file has to do is to specify a _tlv member which points to
either a TLV_IE or a TLV_IE_Collection instance.
Change-Id: I59f456b4223ec88081e91cee168b654c69bcb5f4
This introduces a new TLV library that heavily builds upon python object
oriented concepts. Contrary to classic TLV parsers it doesn't focus on
the structure of Tag, Length and binary Value only, but it supports
actual decoding/interpretation of the value part into some kind of JSON
serializable dict. The latter can be achieved by imperative
encode/decode methods, or by using our existing declarative 'construct'
based approach.
The TLV library supports both BER-TLV and COMPREHENSION-TLV for both
nested and non-nested TLV definitions.
As an example we include TLV definitions for a number of CAT (Card
Application Toolkit) IEs.
Change-Id: I7fc1699443bc9d8a4e7cdd2687af9af7cc03c30e
If we want to use construct parse results to generate JSON serializable
dicts, we need to
* apply the filter_dict() operation recursively, and
* simplify the construct Container and ListContainer classes to
a simple dict and/or list.
We introduce a pySim.construct.parse_construct() helper which is
subsequently used from all pySim.filesystem caller sites.
Change-Id: I319414eb69808ef65895293832bb30519f45949d
The existing {comprehension,ber}tlv_parse_tag() functions are
decoding the tag to a high level of detail. However, all the 3GPP
specs seem to deal with the 'raw' version, i.e something like
0xD1 as a single-byte tag with the class + constructed fields already
shifted next to the actual tag value.
Let's accommodate that with new *_parse_tag_raw() functions.
Change-Id: Ib50946bfb3b3ecd7942c423ac0f98b6c07649224
We cannot re-activate a deactivated file after we have selected somethng
else, as SELECT will fail on the deactivated file. Hence, the
deactivate_file command needs to be used with a file name as argument.
Change-Id: Ief4d2bf8ea90497a8f25d1986aeea935c615f9bb
According to ETSI TS 102 221 Section 7.2.2.3.1 Table 7.1 the UICC
may respond with SW 6Cxx to tell us to re-issue the command with
a modified P3/Le.
Change-Id: Ia7e6202bbd0f61034a985ecf76d0542d959922ce
sim-rest-server.py can be used to provide a RESTful API to allow remote
clients to perform the authentication command against a SIM card in a
PC/SC reader.
sim-rest-client.py is an example client against sim-rest-server.py
which can be used to test the functionality of sim-rest-server.py.
Change-Id: I738ca3109ab038d4f5595cc1dab6a49087df5886
There's little point in having a getter+setter for a property if
all it does is assigning a value to an attribute of self. That
works without any property methods
Change-Id: Id214cc83a29e8aa88f4e1413e07b419285c1b7ff
The code uses self.sel_ctrl everywhere except in the two @property
methods, where the _sel_ctrl variable is used. Let's just abandon
those property methods and make sure all users directly use the
[public] sel_ctrl member variable.
Change-Id: I10362300c1cf7b493d89bf71bbd3a10c80ef9a49
The updated wording better reflects the actual meaning
of a set or unset flag, especially as OPLMN is inverted.
Change-Id: I65c6f0e9bc1a12a4a74c4274eebb8e612296888f
The encoder/decoder functions in class EF_PCSCF look rather unfinshed
because of problems with dec_addr_tlv(), since those problems are fixed
by a previous patch we can now finish the decoder function and fix the
decoder as well.
Change-Id: I7613b8b71624dc5802aca93163788a2a2d4ca345
Related: OS#4963
The function dec_addr_tlv() takes an encoded FQDN or IPv4 address and
fromats it into a human readable string that contains the human readable
form and the encoded hex form. Unfortunately this limits the usecase of
dec_addr_tlv. Lets split the string generation into a separate function
so that we can use dec_addr_tlv universally
Change-Id: Id017b0786089adac4d6c5be688742eaa9699e529
Related: OS#4963
The method update_record as a "force_len" parameter, which is somewhat
irretatating. Some explainatory comments and a reformat of the if
statement will help to make it more understandable to the api user.
In the non force_len case the method determines the record length from
the select response and throws an exception if the data input does not
match that length. This makes sense if the data input exceeds the
record length of the file but if the data input is less then the record
length the situation is fixable by padding the input with 0xff. This
also a quite common case because in some situation it is not guaranteed
that the data will fill the entire record.
Change-Id: I9a5df0e46c3dd2e87d447c5c01cf15844b0eed07
Related: OS#4963
Even though Card, UsimCard and IsimCard are abstract classes which are
normally only used to inherit from mit may make sense to pre-populate
the name property with some meaningful value.
Change-Id: Id643e1f83718aea073e7200aecbf2db2def8652f
This will replace the hand-crafted codec for EF_SPN
by a struct definition using the construct library.
Old encoders are updated and kept for API compatibility
but are not used internally anymore.
New data structures:
* Rpad(Adapter): Right-padded bytestring (0xff, adjustable)
* GsmStringAdapter(Adapter): Codec for "SMS default 7-bit
coded alphabet as defined int TS 23.038" using
the gsm0338 library.
* GsmString(n): Convenient wrapper of both above
Adjustments:
* utils: update+deprecate old dec_spn(), enc_spn()
* remove refs to deprecated functions
Change-Id: Ia1d3a3835933bac0002b7c52511481dd8094b994
The encoder for EF_SPN is passing the 'spn' parameter (which is a list)
directly to enc_spn without taking it apart first.
Change-Id: I0a405793c8909d4279e634b93dcb76e5cb2963f3
Related: OS#4963
This adds support for a new EF file type: BER-TLV files. They are
different from transparent and linear fixed EFs in that they neither
operate on a byte stream nor fixed-sized records, but on BER-TLV encoded
objects. One can specify a tag value, and the card will return the
entire TLV for that tag.
As indicated in the spec, the magic tag value 0x5C (92) will return a
list of tags existing in the file.
Change-Id: Ibfcce757dcd477fd0d6857f64fbb4346d6d62e63
The Access Mode (AM) and Security Condition (SC) DOs are incredibly
convoluted, so we need a lot of code to properly decode them.
Change-Id: If4f0725a849d41fd93de327ed00996d8179f2b0e
This will allow us to match INS -> name and add more related
bits in the future (e.g. for decoding APDU traces)
Change-Id: I314ff15186dc05778ea12363cac0a310b6c7713c
Represents DataObject (DO) in the sense of ISO 7816-4. Contrary to
'normal' TLVs where one simply has any number of different TLVs that may
occur in any order at any point, ISO 7816 has the habit of specifying
TLV data but with very specific ordering, or specific choices of tags at
specific points in a stream. This is represented by DataObjectChoice,
DataObjectCollection and DataObjectSequence classes.
Change-Id: Iac18e7665481c9323cc7d22a3cd93e3da7869deb
When the Access Technology Identifier encoder sets the bits for E-UTRAN
it does not respect that bit "100" is also a valid bit combination that
encodes E-UTRAN WB-S1 and E-UTRAN NB-S1. Lets encode this bit
combination if the user is just specifying "E-UTRAN" without further
spefication of WB or NB.
The decoder only looks at bit 14 and decodes "1xx" always to "E-UTRAN".
This is not specific enough. Lets make sure that the decoder is
complementary to the encoder.
Change-Id: Ibfe8883a05f9ad6988d8e212cb9a598229954296
Related: OS#4963
The function dec_xplmn_w_act(), which is also used by
format_xplmn_w_act() is using integer numbers as MCC/MNC representation.
This causes various problems since the information about leading zeros
gets lost.
Change-Id: I57f7dff80f48071ef9a3732ae1088882b127a6d4
The dec_plmn function takes an hexstring and returns the decoded MCC and
MNC as integer values. The result is then used by the json encoder in
EF_PLMNsel, which means the json output will contrary to the input, use
integer values instead of strings.
This is not correct since there may be leading zeros (e.g. mnc 01 and
001 both exist are different) which must be retained in order to know
the correct length of the MNC.
Related: OS#4963
Change-Id: I393e04836814d992d2a6d0a4e4e01850976d6e81
To prevent missunderstandings when using enc_plmn(), specify the input
and return parameters as Hexstr.
Change-Id: I57cf8e2de357650aef2a06fbffc7615ccb2a45b4
Related: OS#4963
Previous implementation waits 300ms for response after
each command issued. But many commands finish earlier.
This patch improves the command execution time by frequently
checking for the response to complete (i.e. ends with
OK or ERROR), or the occurence of a timeout (default 200ms).
Timeout can be adapted per command to support long response
times of certain commands like AT+COPS=? (network search)
Execution time benchmark (20 AT commands/responses):
Previous: 6.010s (100.0%)
New code: 0.045s ( 0.7%)
Change-Id: I69b1cbc0a20d54791e5800bf27ebafc2c8606d93
Let's just use the scope limited TemporaryDirectory() instead, so
the temporary directory will be removed by Python automatically.
pySim/filesystem.py:679:16: E0602: Undefined variable 'shutil' (undefined-variable)
Change-Id: I4ea833fd79f4342c33899124379be509ba1e35ed
pySim/transport/__init__.py:86:15: E1101:
Instance of 'LinkBase' has no '_send_apdu_raw' member;
maybe 'send_apdu_raw'? (no-member)
Change-Id: I14fcdceca5d1e35491b6ad98f96b4276b69b2fc1
This method has been removed [1] in Python 3.0:
pySim/cards.py:581:14: E1101: Instance of 'dict' has no 'iteritems' member (no-member)
pySim/cards.py:591:24: E1101: Instance of 'dict' has no 'iteritems' member (no-member)
[1] https://wiki.python.org/moin/Python3.0#Built-In_Changes
Change-Id: Iba7ad9ed2a9b197ecedaaed1c6744fe1c721515a
Fixes the following pylint's warnings:
pySim/cards.py:494:18: E1101: Class '_MagicSimBase' has no '_files' member (no-member)
pySim/cards.py:509:6: E1101: Instance of '_MagicSimBase' has no '_files' member (no-member)
pySim/cards.py:529:26: E1101: Instance of '_MagicSimBase' has no '_files' member (no-member)
pySim/cards.py:537:5: E1101: Instance of '_MagicSimBase' has no '_ki_file' member (no-member)
pySim/cards.py:547:5: E1101: Instance of '_MagicSimBase' has no '_ki_file' member (no-member)
pySim/cards.py:548:8: E1101: Instance of '_MagicSimBase' has no '_ki_file' member (no-member)
pySim/cards.py:559:26: E1101: Instance of '_MagicSimBase' has no '_files' member (no-member)
pySim/cards.py:560:11: E1101: Instance of '_MagicSimBase' has no '_files' member (no-member)
pySim/cards.py:576:14: E1101: Instance of '_MagicSimBase' has no '_files' member (no-member)
Change-Id: I4db9d21258d6e04140962134c540e36631466322
pySim/card_key_provider.py:67:2: E1111:
Assigning result of a function call, where the function
has no return (assignment-from-no-return)
Change-Id: I43bab69f53300fbe837944735cd999fab5405d7a
Some modems may reject AT+CSIM if PDU contains lower
case hex digits [a-f]. Modem response is "ERROR"
without any error code.
This patch converts each PDU to upper case.
Tested with Sierra Wireless EM7565.
Example:
AT+CSIM=14,"00a40004023F00"
ERROR
AT+CSIM=14,"00A40004023F00"
+CSIM: 4,"612F"
OK
Change-Id: I318e36abc7ae975c62d32b7fe0ec949bf5997d13
The json input that is used with EF.MSISDN seems to be somewhat
ambigious. The original code accepts {"msisdn": "+4916012345678"}
only while the output is {"msisdn": [1, 1, "+4916012345678"]}. Lets
add a check and also accept the latter version.
Change-Id: I8f8dd68aac25d3fa3bc1aab06b855f8ec6640258
Related: OS#4963
* 'String' class renamed to 'PaddedString' in construct v2.9
* 'CommandSet' was introduced with with cmd2 v1.3.0
Change-Id: I170a9e896612086c4b0535cd6d950346897abc3b
I always assumed BER-TLV files are transparent EF with BER-TLV contents.
However, this is wrong. ETS TS 102 221 Section 8.2.2.4 specifies them.
TS 102 221 Section 11.3 describes the specific RETRIEVE DATA, SET DATA
commands, which are not yet implemented in pySim.
Change-Id: Ie4701d9f72b05c8a5810e287e55a20f6ea86a574
The encoding of EF.MSISDN is a bit unstrutured. The encoder function
does not return a valid result since it lacks the parameters
Capability/Configuration2 Record Identifier and Extension5 Record
Identifier, which are mandatory but can be set to 0xFF. Also the
encoder gets its input from pySim-shell, so it should have some
more input validation, especially when the user encodes an empty
string. The encoder and decoder function also do not have unit-tests.
Since the encoder now adds the missing two bytes by isself this does
not have to be done manually anymore, so cards.py needs to be
re-aligned.
For pySim-shell.py the encoder is used from ts_51_011.py. Unfortunately
it is used wrongly there. The optional Alpha Identifier is required
here as well.
Related: OS#4963
Change-Id: Iee5369b3e3ba7fa1155facc8fa824bc60e33b55b
Now that we have a shared argparse definition for all reader related
options in the transport module, use that.
Change-Id: I12ca1a484a5d6e84820d9761c9701f8a94381f66
Ideally that shared definition would be used by all programs,
rather than copy+pasting it. Unfortunately pySim-{read,prog}
are still using optparse and first need to be converted to
argparse.
Change-Id: If77f53850e1ca65f42cf1dca3e0f460dac1b0d1a
the helpstring of update_record_decoded mentions hex bytes for the data
parameter, but it should be mentioned as abstract json data like in
update_binary_decoded
Change-Id: Ibae2ab49054ac5dd6fcccddd28c98d886403dac9
Related: OS#4963
the export summary is printed after the log entry for the last file
without separation. This is confusing because it looks like if the
summary would refer to the last file only. Lets add a headline to make
clear that the last few lines are the "Export summary"
Change-Id: I90771e525b2b114bdb41a8e90d298ca991c09c3d
Related: OS#4963
The sysmo-usim-sja2 which is currently used for testing somewhat old. In
order to have a defined state here lets exchange it with a new card.
This will also ensure that we have a card with the most recent card
profile in the tester.
Change-Id: Ife13823d0b0a16b1f327dd882f91d0c95af65e43
Also serves as example for RFU (reserved for future use) fields
which should not always be reset to zero in case they have been
set on the uSIM for some reason.
See pySim/ts_51_011.py, class EF_AD.
* Add definitions for RFU {Flag, Bits, Byte, Bytes}
* Use IntEnum for OP_MODE (convenient auto completion)
* Remove obsolete definitions and imports
* Update test results for all SIMs (opmode strings are shortened)
Change-Id: I65e0a426f80a619fec38856a30e590f0e726b554
We're using argparse internally for all shell commands, and can
use that to auto-generate command reference in the manual.
Let's switch to argparse for the main program, too - and generate
the related reference in the manual.
Change-Id: I77c946dbeb9f746fe3d8051173e59462dc2fb5e2
This adds support for AUTHENTICATE to the USIM and ISIM application,
based on the newly-introduced 'construct' encoder/decoder support.
Change-Id: Id5697463e29c3dceff98bcf80f5400f7f2bcaa6c
'construct' is a declarative symmetric encoder/decoder for user
specified binary formats. It should come in extremely handy in
tools like pySim.
We start the integration by adding transport methods for transceiving
APDUs with built-in encoding of the command data and decoding of the
response data.
Change-Id: Ibf457aa8b9480a8db5979defcfafd67674303f6c
Use ``--opmode=OPMODE`` in cmdline mode or column ``OPMODE`` in csv mode
to specify OPMODE as listed below.
Details:
The ``EF_AD`` field contains administrative data (AD).
It consists of four bytes ``B1``, ``B2``, ``B3``, ``B4``,
and optionally further bytes for future use.
Previous implementation only sets the MNC field appropriately
(located in `B4`) and sets all other bits/bytes to 0.
However, `B1` also defines the *UE operation mode* (see below).
For type approval operations, such as testing with a test uSIM,
this value could be set to `0x80` rather than `0x00`(= normal operation).
This may unlock some UE capabilities that are restricted in
normal operation mode.
Excerpt from [ETSI TS 131 102, 4.2.18](https://www.etsi.org/deliver/etsi_ts/131100_131199/131102/04.15.00_60/ts_131102v041500p.pdf):
```
B1 - UE operation mode:
Coding:
Initial value
- '00' normal operation.
- '80' type approval operations.
- '01' normal operation + specific facilities.
- '81' type approval operations + specific facilities.
- '02' maintenance (off line).
- '04' cell test operation.
B2 - Additional information:
Coding:
Reserved for future use
B3 - Additional information:
Coding:
- B3.b1: OFM setting (Ciphering Indicator)
- B3.others: Reserved for future use
B4 - Length of MNC in the IMSI:
Coding:
- B4.b4..B4.b1: length: '0010' (= 2) or '0011' (=3)
- B4.others: Reserved for future use
```
**Legend:** Byte X, bit Y: BX.bY
Further reading: https://nickvsnetworking.com/usim-basics/
Change-Id: Ie9040c6b127c268878a0845ed73d0918ec6bbb08
This means we can skip a lot of code that manually converts from
bytes to hex before JSON serialization.
Change-Id: I9c9eff0556d9d196e64553b5276e162f69d0c18f
This allows the user to edit the file/record contents in its
JSON representation inside the standard system text editor.
Change-Id: Icf6a6e8529e7664c5645519fb4bdd55b35f34664
When a DF is selected, then the method walk() does not catch the
related execption, which causes the command to stop immediately. Lets
also catch those exceptions and generate appropriate error messages
during export.
Change-Id: I24ccf64965e7b0756c3db77eb2084b22c357a570
Related: OS#4963
When a startup script file is specified that does not exists pySim-shell
skips the script and starts normally. This is dangerous because if
pySim-shell is called by a shellscript with a nonexisting script file
the shellscript may hang forever because there is no script that exists
pySim-shell again
Change-Id: I4ff2226c8852727aa23357aa54d1e2d480bfaf2d
Related: OS#4963
The folder pysim-testdata already contains testdata that can also be
used as examples. The .example files are from a time where the testdata
was not kept inside the repository. Since we decided to keep the test
data in the repository as well those file are redundant.
Change-Id: Iee34cad74b50755e1007506f909da9766fa8412e
The ``EF_ACC`` field defines the access control class (ACC)
for a subscriber.
Without this patch, the implementation adds padding 1 towards
the most significant bits if the input is shorter than 2 bytes.
However, it should be padded with 0, otherwise additional ACCs
are allocated to the subscriber. (Probably only a single bit
shall be set to 1)
Excerpt from [ETSI TS 131 102, 4.2.15](https://www.etsi.org/deliver/etsi_ts/131100_131199/131102/04.15.00_60/ts_131102v041500p.pdf):
```
EF_ACC: Two bytes: B1, B2
B1.b8...B1.b4: high priority users (class 15...11)
B1.b3: always 0
B1.b2...B1.b2 and B2.b7...B2.b0: normal priority users (class 9...0) - to be evenly distributed across subscribers
```
**Legend:** Byte X, bit Y: BX.bY
Change-Id: I1b8dc01a6c48adad1ed8158de59b12519ed688e9
The function fixup_fcp_proprietary_tlv_map() addes propritary TLV
tags in the range of d0 to ff to the TLV map. However, the spec defines
this range as b7 and b8 of the first tag byte set to 1. This results
in a range from c0 to ff. See also ETSI TS 102 221, section 11.1.1.4.6.0
Change-Id: I8359527c9ff303b257b181b87dc440f27735ece9
Related: OS#4963
This function is being used e.g. for ADF.USIM/EF.FPLMN entries.
The EF_PLMNsel class also already uses a function by this name, we just
haven't had any actual implementation around.
Change-Id: Iacb45c90bb6491ebb89a477a85ef1f3129b38788
the print statements in read_binary_decoded and update_binary_decoded
should have been removed a long time ago.
Change-Id: I9ccc61c426a755fae9008d0717d579fa2da0ef7c
We use a slightly modified version of sphinx-argparse
(with patch https://github.com/alex-rudakov/sphinx-argparse/pull/136 applied)
in order to generate the command reference for each shell command in the
manual.
As the upstream repository seems unmaintained for ~2 years, let's use
the osmocom 'fork' with that above-mentioned patch applied.
Change-Id: I134f267cf53c7ecbc8cbfb33a8766d63bf4a8582
The EF.AD class only had a partial decoder and no encoder before this
patch.
You can now do things like
pySIM-shell (MF/ADF.USIM/EF.AD)> read_binary_decoded
{
"ms_operation_mode": "normal_and_specific_facilities",
"specific_facilities": {
"ofm": false
},
"len_of_mnc_in_imsi": 2
}
pySIM-shell (MF/ADF.USIM/EF.AD)> update_binary_decoded '{"ms_operation_mode": "normal_and_specific_facilities", "specific_facilities": {"ofm": false}, "len_of_mnc_in_imsi": 3}'
not quite all that elegant yet, but working at all.
Change-Id: Id2cb66cb26b6bd08befe9f8468b0b0773da842b1
Add a pyproject.toml and setup.py for using setuptools to install
pySim and its upstream dependencies.
Change-Id: I5698f3b29184340db69a156f985aa3c78d9b5674
Prior to this patch, any SwMatchError raised within the 'transport'
would not be interpreted.
EXCEPTION of type 'SwMatchError' occurred with message: 'SW match failed! Expected 9000 and got 6982.'
vs (now)
EXCEPTION of type 'SwMatchError' occurred with message: 'SW match failed! Expected 9000 and got 6982: Command not allowed - Security status not satisfied'
Change-Id: I08b7f2b6bd422f7f2f36094bc8a29b187ff882a6
pySim has the notion of command categories. The ISO7816 category
should only contain commands such as SELECT or CHV management
which really is ISO7816. Custom commands like 'tree' or 'export'
are pySim specific and hence go into a different category.
Change-Id: Id38c8190c6279d037fe266c586065f1507a02932
* move existing docs to sphinx / autodoc
* add more api documentation
* improve wording on some exception strings
Change-Id: Ia41e14d643d452d92fc8d3c2fb9c4ac9021402e9
"data" is an awfully generic term. Anything stored on a card is data.
This specific code deals with resolving key/pin material from an
external source.
Change-Id: I4c8e1be3e766f7c0565c07b39d48abf8adc375af
As we can notice during 'export': Some files had been defined
as LinFixed but are Transparent - and vice versa. Let's fix those
an bring our definitions in sync with the specs.
Change-Id: I365ece7b82a1c79b3af87a79ff964d7989362789
Those are a leftover of a very early attempt at pySim-shell, it has
long been superseded by all of the filesystem.py infrastructure.
Change-Id: I6b84ce205f46a1efd19087d332920982f17ca9cc
When the CardFile hierarchy talks about 'application' it means CardADF.
When the RuntimeState and CardProfile talk about 'application' they mean
a CardApplication.
Let's clarify this in the file names, and make CardADF have an optional
reference to the CardApplication, so that application specific status
word interpretation really works.
Change-Id: Ibc80a41d79dca547f14d5d84f447742e6b46d7ca
This adds sphinx based documentation generation. For now,
this manily renders some introduction and the autodoc-genreated
class/method reference from the source code for our libraries.
Actual user-level documentation for pySim-{prog,shell,read} remains
to be added separately
Change-Id: I52603e93c2c129a9e79687da6c534fa56a40a649
* add type annotations in-line with PEP484
* convert existing documentation to follow the
"Google Python Style Guide" format understood by
the sphinx.ext.napoleon' extension
* add much more documentation all over the code base
Change-Id: I6ac88e0662cf3c56ae32d86d50b18a8b4150571a
In Change-Id I848a766e6d00be497c7db905475e0681cce197ac we added a CardDF
instance for DF_5GS. That DF should not have provided a
decode_select_response() method, and instead fall back to that of the
base class, which calls the method of the parent directory (ADF_USIM).
The difference is illustrated below
pySIM-shell (MF/ADF.USIM/EF.IMSI)> select DF.5GS
"622e8202782183025fc0a509800171830400018d088a01058c056611111111c60f90017083010183018183010a83010b"
vs. (with this patch):
pySIM-shell (MF/ADF.USIM)> select DF.5GS
{
"file_descriptor": {
"shareable": true,
"file_type": "df",
"structure": "no_info_given"
},
"file_identifier": "5FC0",
"proprietary_info": {
"uicc_characteristics": "71",
"available_memory": 101640
},
"life_cycle_status_int": "operational_activated",
"security_attrib_compact": "6611111111",
"pin_status_template_do": "90017083010183018183010A83010B"
}
Change-Id: I80612711bbc8c47285a828a0759b20beea6619f1
The file system exporter function export() selects the exported EF from
inside a try block. It also selects the parent DF again when leaving the
try block. If an exception ocurrs during select this is fine, but if it
happens during read it leaves the EF selected which makes messes up the
recursive filesystem walk.
There are also minor inconsistancies with the exception strings and the
path displayed in the execption strings
Related: OS#4963
Change-Id: Ie9b1712b37e5b39e9016497185510a2a45c4ca6c
When using the method walk() to walk through the filesystem tree, then
the action() callback must not change the currently selected file.
Unfortunately this can easily happen and result in unpredictable
behavior. Lets add a check + an exeception for this to make debugging
easier.
Change-Id: I6778faa87bdf5552da74659206bf7a6fc0348d0c
Related: OS#4963
At the moment we only have a basic version of a verify_chv commnad, but
in order to handle any CHV/PIN related situation we also need commands
to enable, disable, change and unblock CHV.
- fix verify_chv commnad: more distinct parameter names, better help
strings, correct pin code encoding and add external source lookup
- Add unblock_chv, change_chv, enable_chv and disable_chv commands
- add/fix related functions in commands.py
Change-Id: Ic89446e6bd2021095e579fb6b20458df48ba6413
Related: OS#4963
When no ADM pin is found in the external data source, then print an
error message that tells the user that this is the case.
Change-Id: If8f88b43f283fbe459be1b30db35d984022840ac
Related: OS#4963
When a record or a binary file is written the card goes throth a full
flash/eeprom write cycle at this location, even when the data does not
change. This can be optimized by reading before writing in order to
compere if the data we are about to write is actually different.
Change-Id: Ifd1b80d3ede15a7caa29077a37ac7cf58c9053f1
Related: OS#4963
It can be hard to manage ADM pins when working with different cards at
the same time. To make this easier, add an automatic way to determine
the ADM pin for each card from a CSV file.
- add a CardData clas model that can be extended to to get the data from
various different sources. For now use CSV-Files. Also add a way how
multiple CardData classes can be registered so that one global get
function can query all registered CardData classes at once.
- automatically check for CSV-File in home directory and use it as
default CardData source unless the user specifies a CSV file via
commandline argument.
- extend the verify_adm command so that it automatically queries the
ADM pin if no argument is given. Also do not try to authenticate if
no ADM pin could be determined.
Change-Id: I51835ccb16bcbce35e7f3765e8927a4451509e77
Related: OS#4963
When the ADF is selected, then this is done by the AID. At the moment
only the first 7 bytes of the AID are used to select the ADF.
sysmo-isim-sja2 tolerates this, but sysmo-usim-sjs1 does not. The Cards
class already has methods to deal with this problem. The method
select_adf_by_aid takes an ADF name and completes the AID from an
internal list. This can be extended to support partial hexadecimal AIDs
as well.
Change-Id: If99b143ae5ff42a889c52e8023084692e709e1b1
Related: OS#4963
The class ShellCommands defined in ADF_USIM overloads useful CommandSet
classes defined in the superclass, making their commands inaccessible.
Also ts_31_102 does not have such a class definition in the ADF_ISIM
class, so lets remove this class.
Change-Id: I0e67c570fc4f17641d990a9cd239632ecf622de3
Related: OS#4963
Some cards may have additional propritary EF files which pySim-shell
does not support. If the user knows the exact FID the file can still be
selected and it is possible to read the file type and memory model from
the select response. This info can be used to create a new file object
at runtime that will work like any other EF/DF.
Change-Id: Iafff97443130f8bb8c5bc68f51d2fe1d93fff07c
Related: OS#4963
The Change I83d718ff9c3ff6aef47930f38d7f50424f9b880f removes the
keyword arguments from the CardProfile class constructor. This requires
us to use the keywords during instantiation since we can not rely on
the position anymore.
Change-Id: Ia62597c59287848662dbbedcc38ba90f183c4aca
pySim-shell defines, just like the other pySim programs commandline
arguments that take an ADM pin to authenticate at the card as admin. The
arguments are defined, but not used. Add the missing authentication
part.
Change-Id: I6bed14eb8f4124e28d593cf0816dbe58e7271322
Related: OS#4963
The do_update_... functions do always print the returned data. However,
there may be no data. If this is the case than an empty line is printed.
This may cause ugly log output, especially when working with scripts.
Change-Id: Ia9715d46ec957544cfbeea98d2fe15eb74f5b884
Related: OS#4963
All all files (CardFile) have a human readable description but there is
no command to display that description yet
Change-Id: If716cf3c6b09d53dca652b588671487d5343cf58
Related: OS#4963
Having lists and dictionaries as default argument values is a bad
idea, because the same instance of list/dict will be used by all
objects instantiated using such constructor:
def appendItem(itemName, itemList=[]):
itemList.append(itemName)
return itemList
print(appendItem('notebook'))
print(appendItem('pencil'))
print(appendItem('eraser'))
Output:
['notebook']
['notebook', 'pencil']
['notebook', 'pencil', 'eraser']
Change-Id: I83d718ff9c3ff6aef47930f38d7f50424f9b880f
add a new command "export" that can either export indidividual files or
a whole directory tree. The command will generate a script that contains
update_binary and update_record commands along with the file contents.
This script can later be used to restore multiple files at once.
Change-Id: I82f3ce92cd91a5ed3c4884d62f6b22e9589c8a49
Related: OS#4963
When the select command is entered with no parameters it fails with an
exception. Lets just output the currently selected file and exit
instead.
Change-Id: I541bd5ed14f240cd1c2bd63647c830f669d26130
Related: OS#4963
Add a commondline option so that the user can supply pySim-shell with a
script file name. This script then runs automatically on startup. (to
avoid ending up at the shell prompt a quit command at the end can be
used to exit after script execution)
Change-Id: I69f5224087023650340fbfee74668e1850345f54
Related: OS#4963
currently ADF.ISIM and ADF.USIM are always added regardless if there is
a matching application on the card or not. Lets check what applications
are actually installed and add ADF.ISIM and ADF.USIM dynamically.
Change-Id: I42ee23375f98e6322708c1c4db6d65e1425feecd
Related: OS#4963
In the method add_application() the method name should be append()
instead of add().
Change-Id: Ic8ad62567968e09786eac86f219b56a3d3200511
Related: OS#4963
On the cration of the PysimApp object only the basic commands in
pySim-shell.py are registered, since the MF is only created but not
selected, the file specific commands of the MF are not available. To
make them available, select the MF once on startup before entering the
cmdloop.
Change-Id: Ib63191f44e7c8ae07b0128a9affba40b44957adc
Related: OS#4963
The SW_match function takes a given status word and compares it against
a pattern that may contain wildcards (x or ?). This works by creating a
masked version of the SW using a pattern first (each hex digit is
replaced by a wildcard charafter if the pattern has a wildcard in the
same position). Once this is done, the resulting masked version is
compared at the pattern. However, the current implementation can not
work, since it compares the input SW against the pattern to decide
wihich chrafters should be masked. The input SW never contains wildcard
charafters.
Change-Id: I805ad32160fcfcb8628bf919b64f7eee0fe03c7e
Related: OS#4963
The _scc.veryif_adm() method already does status word checking
internally and also raises an execption should the authentication be
unsuccessful, so we do not have to put an additional status word check +
execition when we use the method from cards.
Change-Id: I785d27e4d49a9cda1a771b56ce5ac9c1f1d1e79a
Related: OS#4963
At the moment we use the send_apdu_checksw() method to send the APDU for
ADM authentication. This method only checks if the command returns with
sw = 9000. If not it raises an exception that the sw is not as expected.
The user may think that this is a problem with thr reader, pcscd or
pySim in the first place and may try multiple times until the card is
permanently locked. A better execption string that also displays the
tries which are left may be helpful.
Change-Id: Icf428831094f8c1045eefaa8cb2b92e6a36b0c13
Related: OS#4963
The file identifier of a file is strictly defined as a two digit
hexadecimal number. Do not allow adding child files that violate this
constraint.
Change-Id: I096907285b742e611d221b03ba067ea2522e7e52
Related: OS#4963
The __main__ function in filesystem.py seems to be some experimental
testcode from the very beginning of pySim-shell. Lets drop it.
Change-Id: I34f459469dfc45711ad0928c83184d7f99e0f5e3
Related: OS#4963
The method add_file of class CardDF does some constraint checking
to the basic file parameters (e.g. fid). Since one might also expect
those checks in the superclass CardFile lets leave a comment to make
the code better understandable.
Change-Id: Iebae28909fe6aade3bd4024112a222819572d735
Related: OS#4963
It is better to use the term "fid" instead of "name" when a reserved FID
is detected.
Change-Id: I054f3b3a156f0164c62610cfde1aec2145c20925
Related: OS#4963
We might add functionality that may require to walk through the entire
filesystem tree to perform an action to all files at once. Lets add a
generic walker that gets a function pointer that can carray out a file
specific action then. Also add another command that just displays the
whole filesystem tree.
Change-Id: If93d24dfb80c83eda39303c936910fa1fa7f48f8
Related: OS#4963
pysim-shell does not have a convinient way to list the files available
in one directory. Tab completion currently is the only way to obtain a
list of the available files. Lets add a dir command to print a file
list.
Change-Id: Ic06a60e0a0ec54d9bb26e151453ceb49d69e3df7
Related: OS#4963
The flags NAMES, FIDS and APPS do not properly distinguish between
applications and normal files. With APPS it is only possible to exclude
or include the selectable applications in a list with NAMES or FIDS, but
it is not possible to get only the application names or identifiers.
- remove the APPS flag
- rename NAMES to FNAMES and make it only normal file related
- add ANAMES and relate it only to application (ADF) names
- add AIDS and relate it only to application identifiers
Change-Id: Id07e0dcbab10cd78c1b78d37319b7b0e5e83b64d
Related: OS#4963
At the moment we can only request pySim-shell to dump a specific record
of a file. However, it may be useful to dump multiple records of a
record oriented file at once.
Change-Id: Id62db2cba4e3dfb6a7b3e6be8b892c16d11a8e3e
Related: OS#4963
The file identifier (and allso application ids for ADFs), are
hexadecimal. We should be case insensitive when accepting hex
identifiers but file names should still be full matched.
Change-Id: Ibe283a108ddc9058af77c823b7222db555e1e0f6
Related: OS#4963
since we have added pySim-shell.py that has a lot of locations where the
user can enter hexadecimal data there is an increased need for input
validation. Lets add a central is_hex function that verifies hex
strings.
Change-Id: Ia29a13c9215357dd2adf141f2ef222c823f8456d
Related: OS#4963
When requesting what DF/EF/ADF are selectable it is useful to have some
control of what we do not want in the resulting list.
Change-Id: Idb50a512bfdbfdf2e98f2ce0e89928cb0ff19f5e
Related: OS#4963
The bug that was attempted to be fixed in [1] actually was in the
encoding API - pySim.utils.enc_plmn(). According to 3GPP TS 31.102,
which points to TS 24.008, the three-digit (E)HPLMN shall be encoded
as shown below (ASCII-art interpretation):
0 1 2 3 4 5 6 7
+---+---+---+---+---+---+---+---+
| MCC Digit 2 | MCC Digit 1 |
+---+---+---+---+---+---+---+---+
| MNC Digit 3 | MCC Digit 3 |
+---+---+---+---+---+---+---+---+
| MNC Digit 2 | MNC Digit 1 |
+---+---+---+---+---+---+---+---+
while pySim.utils.enc_plmn() would produce the following:
0 1 2 3 4 5 6 7
+---+---+---+---+---+---+---+---+
| MCC Digit 2 | MCC Digit 1 |
+---+---+---+---+---+---+---+---+
| MNC Digit 1 | MCC Digit 3 |
+---+---+---+---+---+---+---+---+
| MNC Digit 3 | MNC Digit 2 |
+---+---+---+---+---+---+---+---+
Initially the _decoding_ API was correct, but then got changed in
[1] to follow buggy pySim's encoding API. As a result, a (E)HPLMN
programmed with pySim-prog.py would look correct if verified by
pySim-read.py, but the actual file content would be wrong.
This situation shows that our 'program-read-match' build verification
approach alone is insignificant. The lack of unit test coverage,
at least for the core parts of the project, makes it possible to have
symmetrical bugs in both encoding and decoding API parts unnoticed.
This problem was found while trying to enable dead unit tests in [3].
Change [1] that introduced a symmetrical bug is reverted in [2].
Change-Id: Ic7612502e1bb0d280133dabbcb5cb146fc6997e5
Related: [1] I799469206f87e930d8888367890babcb8ebe23a9
Related: [2] If6bf5383988ad442e275efc7c5a159327d104879
Related: [3] I4d4facfabc75187acd5238ff4d0f26022bd58f82
This reverts commit bdf3d3597b, which
broke pySim.utils.dec_mnc_from_plmn(). According to 3GPP TS 31.102,
which points to TS 24.008, the three-digit EHPLMN shall be encoded
as shown below (ASCII-art interpretation):
0 1 2 3 4 5 6 7
+---+---+---+---+---+---+---+---+
| MCC Digit 2 | MCC Digit 1 |
+---+---+---+---+---+---+---+---+
| MNC Digit 3 | MCC Digit 3 |
+---+---+---+---+---+---+---+---+
| MNC Digit 2 | MNC Digit 1 |
+---+---+---+---+---+---+---+---+
So the original implementation was correct, and we even had a unit
test for it. Most likely, the SIM card itself was programmed
incorrectly?
Makes 'testDecMNCfromPLMN_threeDigitMNC' pass again.
Change-Id: If6bf5383988ad442e275efc7c5a159327d104879
As it turns out, we had this set of unit tests since 2018, but
so far they were not executed during the build verification.
Let's fix this:
* run unittest in discovery mode for all files in 'tests/' (commented out);
* rename this file, so it can be automatically detected and executed;
* properly import the API to be tested.
Currently 2 out of 16 unit tests are failing, so we need to get
them passing first and then uncomment the unittest execution.
Change-Id: I4d4facfabc75187acd5238ff4d0f26022bd58f82
This commit fixes two problems (found by semgrep):
* "'foo' and 'bar' in list" is incorrect, because it's interpreted
as "'foo' and ('bar' in list)". Strings with a non-zero length
evaluate to True, thus it's True if at least 'bar' is present.
* Copy-pasted 'E-UTRAN NB-S1' checked two times.
The first condition is redundant, and the whole block can be
re-implemented using two independent 'if' statements.
Change-Id: Iceb66160cfb571db8879d3810c55d252c763d320
pySim has already been migrated to Python 3 in another change [1],
and the build verification has been migrated to Debian 10 with
Python 3.7. However, there is still some backwards compatibility
code left. Let's get rid of it.
[1] Ic78da9c03e99f59d142c93394051bbc2751f0205
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Tweaked-by: Vadim Yanitskiy <vyanitskiy@sysmocom.de>
Change-Id: I430d173535e0cd5bb895b9dfc9070cbc40cfc8ff
Unfortunately, Debian ships old Python (3.5 vs 3.8) and old pyscard
(1.9.4 vs 1.9.9). Calling PCSCCardConnection.disconnect() from a
destructor causes warnings about ignored exceptions:
AttributeError: 'NoneType' object has no attribute 'disconnect'
AttributeError: 'NoneType' object has no attribute 'setChanged'
AttributeError: 'NoneType' object has no attribute 'SCardDisconnect'
TypeError: 'NoneType' object is not callable
All these exceptions happen in pyscard's own destructors.
Change-Id: I9c644bc5fe9791b141a30bfc13647d77937a82ee
This should resolve the following error when using with pycryptodome
instead of pycrypto:
TypeError: new() missing 1 required positional argument: 'mode'
Change-Id: Ibd3ca00d62b864909f5e89e0feb350268157a4ca
Related: OS#5060
In 4f6ca43e1f we started to use
the bytearray type as 'b' type, but PyCrypto insists on getting
a bytes type.
This fixes the following Exception:
TypeError: argument 1 must be read-only bytes-like object, not bytearray
Change-Id: If2a727ed417ffd56c0f7d7b4e9f633d67fde5ced
Closes: OS#5060
pySim-prog was nice when there were only 5 parameters on a SIM that we
could program, and where the use case was pretty limited. Today, we
have SIM/USIM/ISIM cards with hundreds of files and even more parameters
to program. We cannot add a command line argument for each file to
pySim-prog.
Instead, this introduces an interactive command-line shell / REPL,
in which one can navigate the file system of the card, read and update
files both in raw format and in decoded/parsed format.
The idea is primarily inspired by Henryk Ploatz' venerable
cyberflex-shell, but implemented on a more modern basis using
the cmd2 python module.
See https://lists.osmocom.org/pipermail/simtrace/2021-January/000860.html
and https://lists.osmocom.org/pipermail/simtrace/2021-February/000864.html
for some related background.
Most code by Harald Welte. Some bug fixes by Philipp Maier
have been squashed.
Change-Id: Iad117596e922223bdc1e5b956f84844b7c577e02
Related: OS#4963
The code was written long ago, when the python3 bytearray type
probably didn't exist yet, or was at least not known. Let's stop
using string types with binary bytes inside, and instead standardize
on two types:
* bytearray for binary data
* string for hexadecimal nibbles representing that binary data
Change-Id: I8aca84b6280f9702b0e2aba2c9759b4f312ab6a9
This method, like select_adf(), only selects a single file ID
and unlike select_path() returns the actual status words returned by the
card.
Change-Id: I8bc86654c6d79f2428e196cc8a401e12d93a676b
In reality, the function is not a simple avstraction around the SELECT
command, but it iterates over a list/path and selects at each element.
Change-Id: I63e01155de4ae47aeed8500708c0eb6580c7b8d1
This allows callers further up the stack to catch the exception and
interpret it in some way (like decoding the number of remaining tries
in case of authentication errors)
Change-Id: Ia59962978745aef7038f750fa23f8dfc820645f4
SJS1 and SJA2 card types don't use the generic verify_adm()
method of the Card base class, so they must override it with their
own methods. Only this way application code can call card.verify_adm()
irrespective of the card type.
Change-Id: I05f7f3280873f006310266867f04a9ce1b0a63af
The SerialSimLink only has an _sl member if serial initalization was
successfull. If we close a serial connection, check if we even have the
_sl member. Otherwise move on silently.
Change-Id: Ic3f3f5e50d780f424da7d0be5733d7167bb7159c
The most common reason for pySim to crash is when it is executed without
commandline parameters. Then pySim will expect a serial reader on
/dev/ttyUSB0 since this is the default. Lets check if /dev/ttyUSB0 even
exists before trying to open it.
Change-Id: I7545c728b531e9a796eee8f80f0b08d4097f8399
Failed reader initializations happen frome time to time, mostly because
of messed up commandline arguments. This results in ugly crashes very
often. Lets control this a bit by catching the exception string and
print it.
Change-Id: I313017355da01bbef7c3d3f1899555aadb509319
This commit fixes the incorrect parsing of MNC from PLMN.
Previously its was parsing PLMN string 130062 as MCC 310 MNC 260,
whereas it should be MCC 310 MNC 026.
(The SIM was programmed with MCC 310 and MNC 026)
Change-Id: I799469206f87e930d8888367890babcb8ebe23a9
This EF contains one or more records, with each record able
to hold a public SIP Identity (SIP URI) of the user. EF.IMPU consist of URI TLV data
object values see IETF RFC 3261. The URI shall be encoded to an octet string according
to UTF-8 encoding rules as specified in IETF RFC 3629
./pySim-prog.py -p 0 -x 001 -y 01 -s 8988211900000000004 -i 001011234567895 -k 8baf473f2f8fd09487cccbd7097c6862 --op 11111111111111111111111111111111 -o 8E27B6AF0E692E750F32667A3B14605D -a 85524953 -n isim.test --msisdn 0598765432100 --epdgid epdg.epc.mnc001.mcc001.pub.3gppnetwork.org --pcscf pcscf.ims.testop.org --ims-hdomain ims.testop.org --impi 1234567895@ims.testop.org --impu sip:5987654321@ims.testop.org
Change-Id: If10bc2e50eca390b81755b5cc7211e695233612d
This EF contains the private user identity of the user. EF.IMPI consist of
NAI TLV data object values see IETF RFC 2486. The NAI shall be encoded to
an octet string according to UTF-8 encoding rules as specified in IETF RFC 3629
./pySim-prog.py -p 0 -x 001 -y 01 -s 8988211900000000004 -i 001011234567895 -k 8baf473f2f8fd09487cccbd7097c6862 --op 11111111111111111111111111111111 -o 8E27B6AF0E692E750F32667A3B14605D -a 85524953 -n isim.test --msisdn 0598765432100 --epdgid epdg.epc.mnc001.mcc001.pub.3gppnetwork.org --pcscf pcscf.ims.testop.org --ims-hdomain ims.testop.org --impi 1234567895@ims.testop.org
Change-Id: Ic1ccf99b5aa45297ef1e43a43373df603f756379
IMS public user identity (IMPU)
As per TS1.103, this EF contains one or more records, with each record able
to hold a public SIP Identity (SIP URI) of the user. EF.IMPI consist of URI TLV data
object values see IETF RFC 3261. The URI shall be encoded to an octet string according
to UTF-8 encoding rules as specified in IETF RFC 3629
Reading of EF.IMPU is achieved by first selecting the ISIM application using its AID.
This is followed by selecting EF.IMPU with File ID - 6f04 in ADF.ISIM
Change-Id: Icf78a564aeaf4254658d3b018ff57dfc4b987e6f
IMS private user identity (IMPI)
As per TS1.103 version 14.2.0, this EF contains the private user identity of the user.
EF.IMPI consist of NAI TLV Data object.The NAI shall be encoded to an octet string
according to UTF-8 encoding rules as specified in IETF RFC 3629.
Reading of EF.IMPI is achieved by first selecting the ISIM application using its AID.
This is followed by selecting EF.IMPI with File ID - 6f02 in ADF.ISIM
Change-Id: I8d8e76e3f6b9ca7a0be262fee99cd5a397edbefa
As per 3GPP TS 31.103, this EF (DOMAIN) can found under ADF.ISIM at File Id 6f03.
The Home Network Domain Name, i.e. FQDN shall be encoded to an octet string
according to UTF-8 encoding rules as specified in IETF RFC 3629 [27].
The tag value of the Home Network Domain Name TLV data object shall be '80'.
Example:
./pySim-prog.py -p 0 -x 001 -y 01 -s 8988211900000000004 -i 001011234567895 -k 8baf473f2f8fd09487cccbd7097c6862 --op 11111111111111111111111111111111 -o 8E27B6AF0E692E750F32667A3B14605D -a 85524953 -n isim.test --msisdn 0598765432100 --epdgid epdg.epc.mnc001.mcc001.pub.3gppnetwork.org --pcscf pcscf.testims.org --ims-hdomain testims.org
Change-Id: I3c823203aee88734ae423e4ad73da1027a4eaeed
The function takes address string as input, then validates it and returns the type.
Return: 0x00 (FQDN), 0x01 (IPv4), 0x02 (IPv6), None (Bad address format)
Change-Id: I0fabd4f17bbb11f6bb191c1a9e6276427f9d001f
As per TS 31.102 version 15.2.0 Release 15, section 4.2.8, EFUST (USIM Service Table),
Service n°95, n°99 and n°115 shall not be declared available if an ISIM application is present on the UICC.
Change-Id: Id9709746de99585ad31c4e9659323484fda87b14
As per TS1.103 version 14.2.0, this EF contains the home operator's network domain name.
The Home Network Domain Name, i.e. FQDN shall be encoded to an octet string
according to UTF-8 encoding rules as specified in IETF RFC 3629
Change-Id: Ia3c68c717d105e10d52a8e9d170480da2ad7d65a
As per 3GPP TS 31.103 version 14.2.0 Release 14, this EF can found under ADF.ISIM at File Id 6f09.
This EF contains one or more Proxy Call Session Control Function addresses.
The first record in the EF shall be considered to be of the highest priority
If ISIM service n°1 and/or service n°5 is available, this file shall be present.
Change-Id: I7a701212c84d3dc5d4c8ccbcf638c97ceda33654
EF_ISIM_ADF_map introduced in this commit maps EF file names in ISIM ADF
to its repective Identifier and serves as a lookup table
Change-Id: I95c8691d9112541c2c0e01857b19681c00f322f2
This commit introduces a ISIM generic Card class which can hold
parameters/functions specific to ISIM application on UICC
Change-Id: I242e679ff2f8831175e76d2fcc5fb285d28bd890
The Address TLV object is used in EF.P-CSCF Address, EF.ePDGId and EF.ePDGIdEm.
See 3GPP TS 31.102 version 13.4.0 Release 13, section 4.2.8, 4.2.102 and 4.2.104.
Address TLV Object format
Tag (1 Byte) - '80'
Length (1 Byte)
Address Type (1 Byte) - '00' (FQDN), '01' (IPv4), '02' (IPv6)
Address (Address Length Bytes)
Change-Id: Ifd8a240f6b5c7736e58a8151295c30ec5b32ed5f
Service 106 and 107 must be set available in order to ME to consider as supported in USIM:
1. ePDG configuration Information support
2. ePDG configuration Information configured
Change-Id: Ica067915b9d06ba67f53da7d628f8bacde1ab80e
If the EF.ePDGSelection is present, it is populated with a single entry with PLMN 1 set
to Home PLMN of USIM, ePDG FQDN format set to Operator Identifier FQDN and ePDG Priority value
set to 1.
Change-Id: I92f3f813afa41ae497ebc0dc2ca73da810f82364
Encodes ePDGSelection info TLV so it can be stored at EF.ePDGSelection or EF.ePDGSelectionEm.
See 3GPP TS 31.102 version 15.2.0 Release 15, section 4.2.104 and 4.2.106.
Take original hex string of EF.ePDGSelection or EF.ePDGSelectionEm, MCC,
MNC, ePDG priority for PLMN and ePDG FQDN Format to use for PLMNas input
and outputs the encoded hex string.
Change-Id: Ia7292d33783c770a3bb91b081c671af36bbb907f
As per TS 31.102, this EF can found under ADF.USIM at File Id 6ff4.
Also, if service n°106 and service n°107 are available, this file shall be present.
Change-Id: I98916e6f5c9791aff63c18a3b16bdfb8ae9b2d36
ePDG selection information TLV data object is made of following elements:
ePDG Selection Information Tag '80' (1 Byte)
Length 5n Note
PLMN 1 (3 Bytes)
ePDG Priority (2 Bytes)
ePDG FQDN format '00' or '01' (1 Byte)
...
PLMN n
...
Note: The length is coded according to ISO/IEC 8825-1 [35]
Note 2: Inconsistency in spec: 3GPP TS 31.102 version 15.2.0 Release 15, 4.2.104
As per spec, Length field value is 5n, where n is number of PLMNs
But, each PLMN entry is made of PLMN (3 Bytes) + ePDG Priority (2 Bytes) + ePDG FQDN format (1 Byte)
Totalling to 6 Bytes, maybe Length should be 6n and not 5n
Change-Id: I0f9f38961a589e3f9a53d2288a3dc6fa71a4b1b0
These functions are replaced by a more generic function hexstr_to_Nbytearr().
And, all occurances of redundant functions are replaced by generic functions
so its safe to remove them.
Change-Id: I7848451b90b35dca29d29f630cdc5405b5e9c19b
This method helps in encoding of Service Tables in EF.SST, EF.UST, EF.EST, EF.IST.
Takes original hex string of EF.SST, EF.UST, EF.EST, EF.IST, Service number,
Service to be enabled or disable flag as input and outputs the modified Service Table.
Change-Id: I0c97317d5a17aa0df720659d021b5cbf7d30edcc
Example:
./pySim-prog.py -p 0 -x 001 -y 01 -s 8988211900000000004 -i 001011234567895 \
-k 8baf473f2f8fd09487cccbd7097c6862 --op 11111111111111111111111111111111 \
-o 8E27B6AF0E692E750F32667A3B14605D -a 85524953 -n isim.test \
--msisdn 0598765432100 --epdgid epdg.epc.mnc001.mcc001.pub.3gppnetwork.org
Note:
1. For Operator Identifier based ePDG FQDN must be in the format
epdg.epc.mnc<MNC>.mcc<MCC>.pub.3gppnetwork.org
2. For Tracking/Location Area Identity based ePDG FQDN must be in format
lac<LAC>.epdg.epc.mnc<MNC>.mcc<MCC>.pub.3gppnetwork.org
and
tac-lb<TAC-low-byte>.tac-hb<TAC-high-byte>.tac.epdg.epc.mnc<MNC>.mcc<MCC>.pub.3gppnetwork.org
and
3. For 5GS Tracking Area Identity based ePDG FQDN using a 3 octet TAC
tac-lb<TAC-low-byte>.tac-mb<TAC-middle-byte>.tac-hb<TAC-high-byte>.5gstac. epdg.epc.mnc<MNC>.mcc<MCC>.pub.3gppnetwork.org
Change-Id: Ia00bfea36c50b6a38a5387d2f8147f25c81b1de4
Basically, the idea is to read all the AIDs on the UICC once
rather than reading each time we want to select an ADF.
The function select_adf_by_aid select the ADF by its AID which
is already populated by read_aids() function
Change-Id: I5e0e87e9cf238922d60fda7a7836e65f91f2c233
The card in the automatic test setup had been replaced, change the ADM
pin and the ICCID so that it matches the new card. Also the new card
does not feature an MSISDN file and the formatting of the EHPLMN file
changed in the output of pySim-Read.py
Change-Id: I413f4b8267e01727c59ad135881b3a2ed723ff5f
If the EF.EHPLMN exists, it contains the "Equivalent Home PLMN List".
The odd part of that list is that it is not just a list of additional
PLMN identities, but if the first digits of the IMSI are *not* listed
in EF.EHPLMN, then the MCC/MNC of the IMSI prefix is suddently no
longer considered the home network, but the subscriber is roaming.
See TS 23.122: "If the HPLMN code derived from the IMSI is not present
in the EHPLMN list, then it shall be treated as a Visited PLMN for PLMN
selection purposes."
Change-Id: I22d96ab4a424ec5bc1fb02f5e80165c646a748d3
This method encodes ePDG Id so it can be stored to EF.ePDGId or EF.ePDGIdEm.
See 3GPP TS 31.102 version 13.4.0 Release 13, section 4.2.102 and 4.2.104.
Resulting hex string is made of tag value + length + address type + address.
tag value for home ePDG identifier is 80
address type: 0x00 (FQDN), 0x01 (IPv4), 0x02 (IPv6), other (Reserved)
ePDG FQDN example: epdg.mnc001.mcc001.3gppnetwork.org
Note: Only FQDN format is supported for now
Change-Id: I864bda5505e9061391a727add294a6e90c50f9ef
As per TS 31.102, version 13.4.0 Release 13, this EF can found under ADF.USIM at File Id 6ff3.
Also, if service n°106 and service n°107 are available, this file shall be present.
Change-Id: I68114d328d1af5682a5bc1fa7642882e80b5de4d
The LOCI, PSLOCI and EPSLOCI contain some info,
including the PLMN, added helper functions to
decode it
Change-Id: Ibb513ff7d1dc6d33b354ae26cbd9c390ea3c8efc
the EF files in the USIM ADF are different to the ones int the GSM dir
so added the dictionary to avoid conflicts and hardcoded values
the 'DIR' one was added in ts_51_011.py, not sure if it should be there
as it's not in that standard, but did it for simplicity
Change-Id: I458380bf46b2986662ecdede2551c22cd9be92ba
According to 3GPP TS 27.007, sections 8.17 and 8.18, the modem
may *optionally* provide Generic and/or Restricted SIM Access
to the TE (Terminal Equipment) by means of the AT commands.
This basically means that a modem can act as a card reader.
Generic SIM Access allows the TE to send raw PDUs in the format
as described in 3GPP TS 51.011 directly to the SIM card, while
Restricted SIM Access is more limited, and thus is not really
interesting to us.
This change implements a new transport called ModemATCommandLink,
so using it a SIM card can be read and/or programmed without the
need to remove it from the modem's socket. A downside of this
approach is relatively slow I/O speed compared to PC/SC readers.
Tested with Quectel EC20:
$ ./pySim-read.py --modem-dev /dev/ttyUSB2
Change-Id: I20bc00315e2c7c298f46283852865c1416047bc6
Signed-off-by: Vadim Yanitskiy <axilirator@gmail.com>
By definition, h2s() is supposed to skip padding in the given
hexstring, so it was working fine for 'ff', but not for 'FF'.
Change-Id: I2c5d72a0f7f2796115116737f9f7b5299021f6a3
Signed-off-by: Vadim Yanitskiy <axilirator@gmail.com>
Some of the cards do not implement the erase method that each card
should have. However, having an empty method in each of those classes
does not make too much sense. Lets rather have an erase method in the
superclass (Card) that prints a warning to inform the user that erasing
the spcified card is not supported.
Change-Id: If5add960ec0cab58a01d8f83e6af8cb86ec70a8d
Resetting the contents of a file before re-writing it with parameters
might be helpful when implementing the currently empty erase() methods
of the various card implementations. Lets add two methods, one for
resetting a binary file and one for resetting a specific record in a
record oriented file
Change-Id: I3c3a4ef3d3f358404af307a68a20b7059f1a9e8d
In case try to decode the contents of an uninitalized EF.IMSI, the
function dec_imsi() would crash because it truncates all 0xFF from the
swapped version of the EF.IMSI contents and then accesses the first
element of the buffer. This always works for EF.IMSI contents that
contain valid IMSI data, but if all bytes are set to 0xFF, then no data
is left in the buffer after truncating, so lets check if we even have
bytes left before we move on with the decoding.
Change-Id: I93874a1d7e0b87d39e4b06a5c504643cfabb451c
When writing to files we often just write without making sure that the
actual file contents actually written. Lets add features to do a
read-after-write verification when writing to files.
Change-Id: I7be842004102f4998af376790c97647c107be3d5
For record oriented files we have the methods record_size() and
record_count() to determine the dimensions of a record oriented file,
however, we miss a similar function for regular binary files. Lets add a
method binary_size() to quickly determine the size of a non record
oriented file
Change-Id: I0593f2de7f34d5654a19e949dc567a236e44e20c
The lower part of gen_parameters() in pySim-prog.py contains some code
that checks whether the ADM pin supplied in its hexadecimal or in its
string form and generates a sanitised pin_adm from that. Lets separate
this part as it may become useful elsewhere too.
Change-Id: Ifead29724cc13a91de9e2e89314d7fb23c063d50
The contents of EF.AD me be uninitalized (all bytes set to 0xff). If
this is the case reset all bytes of the file to 0x00 and continue the
update of EF.AD with this value.
Change-Id: I57cf53e0c540469f11b6d85bd3daf3f9e14c237e
A MNC of 02 and 002 are *not* equal. The former is a two-digit MNC
and the latter is a three-digit MNC. Hence, we shouldn't treat
MNCs as integer values as we have no clue how many leading zeroes
(if any) the user entered.
Change-Id: I9d1d07a64888c76703c3e430bbdd822080c05819
Closes: OS#4523
pySim-prog and pySim-read currently echo back the pcsc reader id (or
baudrate/socket, depending on the interface used). This makes the output
unecessarly undeterministic, which becomes a problem when verifying the
putput in tests. Lets not echo those variable, user supplied parameters
back. Also lets move the code that does the initalization to utils, so
that it can be used from pySim-prog and from pySim-read (code dup).
Change-Id: I243cc332f075d007b1c111292effcc610e874eb3
Related: OS#4503
The method update_ad() caluclates the size of the data it had just
read from EF.AD, but the result is never used, lets remove that
line
Change-Id: Id38c0dc725ab6874de3ea60132482a09372abe9e
The hex string consists of contains zero or more ePDG identifier data objects.
Each ePDG Identifier TLV data object consists of tag value of '80', length, address type, identifier.
TS 31.102 version 13.4.0 Release 13. The same parsing method applies for both EF.ePDGId and EF.ePDGIdEm
Change-Id: I96fb129d178cfd7ec037989526da77899ae8d344
The functions are imported from the git commit 2a81963790e27eb6b188359af169c45afb6d3aaf from master branch
Change-Id: I5c7fdbd122e696d272f7480785d0c17ad2af138c
As per TS 31.103, This EF indicates which ISIM services are available.
If a service is not indicated as available in the ISIM, the ME shall not select this service.
Parsing of IST is achieved by first selecting the ISIM application using its AID.
This is followed by selecting EF.IST with File ID - 6f07 in ADF.ISIM
Change-Id: I3f0a7227360b72a707dc1bcc4cc9c8a4ec7ad2b2
This commit introduces a lookup table which maps ISIM Service Number to its description.
The mapping is defined in 3GPP TS 31.103 version 14.2.0 Release 14, 4.2.7 EF.IST (ISIM Service Table)
Change-Id: Iad51d0804259df47729308b461062f794b135e66
As per TS.31.102, This EF indicates which USIM services are available.
If a service is not indicated as available in the USIM, the ME shall not select this service.
Parsing of UST is achieved by first selecting the USIM application using its AID.
This is followed by selecting EF.UST with File ID - 6f38 in ADF.USIM
Change-Id: I54dbbd40bd3d22cee81f7c32e58cd946f8564257
This method helps in printing Service Tables in EF.SST, EF.UST, EF.IST.
Takes hex string of Service table, parses it and prints available service along with its description.
Change-Id: Ie1e82e07ead2e28314a5794661e6b2ced0acd72a
Initially the Card is read assuming a UICC SIM, but in case its not, an
error 6e00 will be thrown indicating CLA not supported and Card has just Classic SIM application.
Ref: https://web.archive.org/web/20090630004017/http://cheef.ru/docs/HowTo/APDU.info
The above link provides the bytes to use for CLA, P1, P2 in APDU
Change-Id: Ifea328eff3a381d7b82118e22d2bc0ec5f8a87e4
If AID of the desired ADF is in the list of AIDs of the Card/Card subclass object
then ADF is selected or else None is returned
Change-Id: Ie5f29eec14f099add1d0978e3e7d4ed3c9130854
This commit introduces a lookup table which maps USIM Service Number to its description.
The mapping is defined in 3GPP TS 31.102 version 13.4.0 Release 13, 4.2.8 EF.UST (USIM Service Table)
Change-Id: Ia9025a4be6ba29fe79ca4bf6c7a452188ea3d454
As per TS.51.011, This EF indicates which services in the SIM are allocated, and whether, if allocated, the service is activated
.If a service is not indicated as available in the SIM, the ME shall not select this service.
Change-Id: Id28a35727adbaaa9df19b1adc621a0c51ad0e51b
This method helps in parsing Service Tables in EF.SST, EF.UST, EF.EST, EF.IST.
Takes hex string as input and output a list of available/enabled services.
Change-Id: I9b72efdb84ba7be4a40928a008a59c67f6fb71d4
This commit introduces a lookup table which maps SIM Service Number to its description.
The mapping is defined in 3GPP TS 51.011 version 4.15.0 Release 4, 10.3.7 EF.SST (SIM Service Table)
Change-Id: I4a416bd8bff563ae08b1b3c053d2047da91667b4
This is a generic function applicable for reading EF records which doesnt require further processing
such EF.SMSP etc while decoding and also to avoid code duplication.
Change-Id: Ic0b4aa11e962b4bb328447b11533136a29ff72d3
This is a generic function applicable for reading EFs which doesnt require further processing
such as GID1, GID2 etc while decoding and also to avoid code duplication.
Change-Id: If3d8fdddb26f9776c89fd442d1d95b83e0d1476b
This function is used to detect the card type and return Card class/Card subclasses object
if its a know card or else None. Also, an initial step towards refactoring of code.
Change-Id: I71f57c6403dc933bd9d54f90df3d3fe105b4f66f
Introduced a new member variable and a member function to Card class to fetch
and store the AIDs present in UICC. And, this variable (a list) is populated
by reading the EF 2f00 under MF 3f00 (function read_aids()).
Change-Id: I7ca77a73ebb42a8ba1381588d878040675d3019a
When pysim-prog programms the application specific files of ISIM and
USIM it selects the application by its AID first. If depending on the
card profile one of the applications is missing the selection of the
related ADF will fail. Lets check the presence of the AID first and if
it is not present lets skip the programming of the related files.
Change-Id: I0eec6ed244320fcd4dc410b6fab20df9c64ff906
Related: SYS#4817
There is a new card version with a different ATR, lets add the ATR for
this card to support it as well.
Change-Id: I222faea89c1df58c36a19b28449dffb84a956e74
Related: SYS#4817
Unlike Python 2, in Python 3 strings also have attribute '__iter__'.
Because of that, a string could be passed to select_file(), that
actually expects a list as the first parameter.
P.S. Madness, Python 3 is just a new different language...
P.P.S. They should have renamed it not to confuse people.
Change-Id: I92af47abb6adff0271c55e7f278e8c5188f2be75
Fixes: OS#4419
From pyscard user's guide [1]:
== Selecting the card communication protocol ==
By defaults, the connect() method of the CardConnection object
will try to connect using either the T=0 or T=1 protocol.
To force a connection protocol, you can pass the required
protocol to the connect() method.
This means that a PC/SC ifd handler may automatically choose T=1
as the highest protocol if the card indicates both in its ATR [2].
Since pySim only supports T=0, let's select it explicitly.
[1] https://pyscard.sourceforge.io/user-guide.html
[2] https://github.com/acshk/acsccid/issues/16#issuecomment-501101972
Change-Id: Ifed4574aab98a86c3ebbeb191f36a8282103e775
In Python 3, traditional division operator returns a float,
while we need a floor integer in the most cases.
Change-Id: I5565eb64a1ddea7075cbb142eaacaa5d494c87bb
This change implements programming of EF.MSISDN as per 3GPP TS 31.102,
sections 4.2.26 and 4.4.2.3, excluding the following fields:
- Alpha Identifier (currently 'FF'O * 20),
- Capability/Configuration1 Record Identifier ('FF'O),
- Extension1 Record Identifier ('FF'O).
This feature is introduced exclusively for sysmoUSIM-SJS1.
Othere SIM card types need to be tested.
Change-Id: Ie033a0ffc3697ae562eaa7a241a0f6af6c2b0594
This change implements parsing of EF.MSISDN (and thus EF.ADN)
as per 3GPP TS 31.102, sections 4.2.26 and 4.4.2.3.
Example (commercial SIM card from 401/02):
EF.MSISDN: ffffffffffffffffffffffffffff07917787028982f7ffffffffffff
Decoded (NPI=1 ToN=1): +77782098287
Note that sysmoUSIM-SJS1 in the test setup has malformed
EF.MSISDN, so that's why the test output is changed.
Change-Id: Ie914ae83d787e3f1a90f9f305bffd45053b8c863
The sysmo-isim-sja2 cards are not yet supported by pysim. Lets add
support for writing KI and OPC in ADF.USIM and ADF.ISIM as well as the
remaining common simcard parameters.
Related: SYS#4466
Change-Id: I23e2b46eac0e0dbc2b271983d448999f6a459ecf
The Change I12e6b46787efb39c5745f4e7f3cdcca9209881b8 was not as
effective as expected. Diff is used wrongly so that no lines are
compared. Lets fix this
Change-Id: I1601d8a2b3e1c07fe1eba375ea8deae3d50bbef0
When working with USIM/ISIMs, The method __record_len() that is used
by the record_count() method returns the length of the file instead
the actual record count. This causes record_count() to return always 1
Change-Id: If810c691893c022e9e9d87218dd0a334c5b2d579
- The .ok files currently dictate in which pysical reader device the
card must be placed. Lets remove this dependncy to make the setup more
reliable. Testing in which reade a card is placed is not in the scope of
our tests.
- Fix bug in pysim-test.sh (test runner), so that the veriable $ADM_HEX
gets reset after the execution of the tests.
Change-Id: I12e6b46787efb39c5745f4e7f3cdcca9209881b8
pySim-prog.py features a way to detect which card type is in the reader.
The returned value is often used as filename for testfiles and other
automated operations. Therefore lets not have spaces in simcard names
Change-Id: Ib7428fab767874dd53478d7c64601ff8938e05aa
Without that we have:
$ python3 pySim-read.py
Using serial reader (port=/dev/ttyUSB0, baudrate=9600) interface
Traceback (most recent call last):
File "pySim-read.py", line 91, in <module>
from pySim.transport.serial import SerialSimLink
File "/home/gnutoo/work/projects/osmocom/pysim/pySim/transport/serial.py", line 29, in <module>
from pySim.exceptions import NoCardError, ProtocolError
File "/home/gnutoo/work/projects/osmocom/pysim/pySim/exceptions.py", line 26, in <module>
import exceptions
ModuleNotFoundError: No module named 'exceptions'
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Change-Id: Ie45dc7ccd72fe077ba3b424f221ff4ed02db436c
Without that fix we have:
$ python3 pySim-read.py
File "pySim-read.py", line 135
try:
^
TabError: inconsistent use of tabs and spaces in indentation
The following command was used to do the conversion:
sed 's# #\t#g' -i $(find -name "*.py")
Then the remaining spaces spotted during the review were
addressed manually.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Change-Id: I83f76a8e9b6e36098f16552a0135a8c22dde545f
In case the MCC/MNC are not supplied with a CSV file we cut out the
missing values from the IMSI string. Lets use a function to do this and
also check the input parameters.
Change-Id: I98e5bf8f9ff2a852efb190cc789edf42c5075bf8
At the moment MNC and MCC are represented as integer numbers inside the
parameter array while all other parameters are represented as strings.
Lets use strings for MNC/MCC as well to simplify the parameter handling.
We will also not loose the length information in case of leading zeros.
Change-Id: Ia2333921a4863f0f26ee923ca796e62ec5e2d59a
At the moment we do not chack if the CSV file exists at all. This may
lead into a crash while programming the card. Lets check the CSV file
before we start.
Change-Id: I2643996282d88e512c17901ab0e1181677d5dd6c
Related: SYS#4654
Inside of pySim all CSV headers are defined in lower case and are
evaluated case sensitive. This means that a CSV file that contains the
headers in uppercase for example will not parse. Lets make sure that the
CSV headers are evaluated case insensitive to increase compatibility
with slightly different formats.
Change-Id: I1a476e7fc521d1aad2956feec3db196156961d20
When the CSV file fails to read the error message is just "Error reading
parameters". Lets make clear that this error is related to a problem
with the CSV file
Change-Id: If285c1fbf7d285f512b573040f1b8983e4e3087e
When using the batch mode of pySim-prog, the user has to insert/remove
the cards from the cardreader manually. This is fine for small batches,
but for high volume batches this method is not applicable.
This patch adds support for the integration of an automatic card handler
machine. The user can freely configure a custom commandline that is
executed when a card should be inserted or moved to a good/bad
collection bin.
Change-Id: Icfed3cad7927b92816723d75603b78e1a4b87ef1
Related: SYS#4654
When reading CSV files we currently have no option to provide a
pin_adm_hex field like we already have it as commandline option.
Lets add an option pin_adm_hex for this.
Change-Id: I53e8d666d26a06f580725a8443a335643d10192c
This can be used to reprogram everything including IMSI on the card:
while true; do
./pySim-prog.py -p 0 -t sysmoUSIM-SJS1 --source=csv --read-csv=cards.csv --read-iccid &&
paplay complete.oga
sleep 2
done
Change-Id: Ib343a29141b5255f67a59ab76959b51e162b7916
pySim-prog would implicitly try to use the raw or hex-escaped format
depending on the length of the parameter, now there is the option "-A"
to explicitly specify the hex-escaped ADM1 key.
pysim-test.sh: Explicitly use the "-A" option to pass the hex adm1 key
for wavemobile cards
Change-Id: Id75a03482aa7f8cc3bdbb8d5967f1e8ab45c179a
This way we can have optional fields like pin_adm in the file
Also require iccid as identifier for the SIM card
Set defaults for optional card parameters.
Change-Id: I0d317ea51d0cf582b82157eec6cdec074001a236
Allow decoding and pretty printing of PLMNwAcT, HPLMNwAcT and OPLMNwAct.
Includes unit tests for the added functions.
Change-Id: I9b8ca6ffd98f665690b84239d9a228e2c72c6ff9
This test data is used by the jenkins build verification for pySim,
and it was previously located locally on the build slave.
By moving the testdata to this repository, any contributor can
modify both the code and the expected test results simultaneously.
Change-Id: I6714b091a114035d6aab8ba750c5f2b86e438467
The length field in wavemobile sim cards is not set, so that the field
stays at its initial value, which is 0xFF. Lets write the correct mnc
length here.
Change-Id: Ieda0ce864bf3e8c7b92f062eaa3a5482c98507e2
Related: OS#3850
At the moment EF.AD, which contains the length of the MNC is not
updated. For two digit MNC (the usual case) this is fine since the
length is set to 2 by default. However, when one wants to set an MNC
with 3 digit length the file must be updated, otherwise the third digit
of the MNC is recognized as part of the MSIN.
Change-Id: I827092b2c7f7952f54b2d9f8dbda419a0dbfaf65
Related: OS#3850
The files EF.PLMNsel, EF.PLMNwAcT and EF.OPLMNwAcT are currently not
programmed for sysmo-usim-sjs1, lets add them.
Change-Id: I0cac3041f1902383d98d6dc211cf31ae6e3a610b
Related: OS#3850
The hexadecimal tag defintions of pytlv are case sensitive strings. So
'A5' is something different than 'a5'. Pytlv uses lower case letters for
the upper hexadecimal digits. Lets correct this.
Change-Id: I41a9933707783f6b1b68ebd91a365405ac0892d0
Related: OS#3850
This interface allows to use a Calypso based phone (e.g. Motorola
C1XX) as a SIM card reader. It basically implements a few L1CTL
messages that are used to interact with the SIM card through
the OsmocomBB 'layer1' firmware.
Please note, that this is an experimental implementation, and
there is a risk that SIM programming would fail. Nevertheless,
I've managed to program and read one of my SIMs a few times.
Change-Id: Iec8101140581bf9e2cf7cf3a0b54bdf1875fc51b
The smsc no. programmed by pySim-prog would always be a national number
in the past. Check whether the first 'digit' is a + and indicate that it
is an international number.
Change-Id: Ia79913f5b0307e9786a5acea75c0811927be2eef
When programming or reading a SIM with an IMSI shorter than 15, the IMSI
value is incorrectly encoded/decoded.
The code pads the the IMSI value with 0xF from the left but padding from
the right would be correct.
It also encodes the length as half the number of digits in the IMSI
(rounded up). This isn't correct for even length IMSIs. With even length
IMSIs, the odd/even parity bit bumps the last digit into an extra byte,
which should be counted as well.
- Fix endcoding of IMSI value
- Fix decoding of IMSI value
Change-Id: I9ae4ca4eb7c2965e601a7108843d052ff613beb9
Patch-by: Ben Foxmoore
Closes: SYS#3552
Add support to handle Wavemobile sim cards. The support excludes some
parameters. For example it is not possible to write own KI keys yet.
Support covers the following files:
EF.SMSP
EF.IMSI
EF.ACC
EF.PLMNsel
EF.PLMNwAcT
EF.OPLMNwAcT
Not yet supported are:
EF.ICCID
KI (propretary file)
OPc (propritary file)
Change-Id: Ida3f37bd6e3ac995812aeddc9770f1ccd54ecf3f
Related: SYS#4245
When sysmosom-gr1 is used with a custom ADM key, then the ADM string is
not fed through h2b() like we see it with sysmo-usim-sjs1 for example.
- feed the ADM to h2b() before use
Change-Id: I0b7cab380b89612ed3b8318e014161038335fe1b
Related: OS#3405
The sysmosim-gr1 lacks the auto detection feature because no autodetect
is yet programmed inside the related class.
- add autodetect for sysmosim-gr1
Change-Id: Iec1f1ab6824ff2328baedd731b08df997df4da01
Related: OS#3405
Some of the USIM-Card programming implementations do not need to look
at card responses, which means they also do not have to parse TLV
data. Lets depend on pytlv only in cases where TLV data has to be
parsed so that useser of cards that do not need at can go without
installing pytlv.
Change-Id: Ida841d74d9581e7f395751b0f74556a06a038de6
So far, the README.md file does not mention much about the
dependencies. This commt adds at lest the most important ones
Change-Id: I912bbf787e1408100183cade2113bf7617b86ffa
Pysim now supports quite a number of different cards. Estimating
if changes in pysim introce regressions becomes increasingly difficult
The script that is added with this patch is intended to run as
atomated testsuit on real cards attached to a test system. However,
it can also be used by developers locally to check for regressions.
Change-Id: I8c6f95998272333bc757b34e3ab6be004e8cd674
Related: OS#3376
The method update_plmnsel() does not return the status word yet, which
causes pysim-prog.py to print an error message that does not influence
the functionality but does not look nice.
- preserve the status word that is returned with update_binary() and
return it properly like the other methods do.
Change-Id: I54e8e165f87365e8162b36d24efc8f0db62b66da
Related: SYS#4245
The files EF.PLMNsel, EF.PLMNwAcT, EF.OPLMNwAcT, EF.HPLMNAcT are not
yet printed by pysim-read. Lets add support for those files.
Change-Id: Ice802033adfa6fc1bccc76da47495eb29c3aef6c
Related: SYS#4245
At the moment the exception is catched, but there is only a vague
error message printed. However, the exception string usually tells
us the status word, so it is very valuable to see it. Lets make
sure that the exception string is printed here.
Change-Id: Icb30470b1c0eee6a15fc028da820e92bf9ded27a
The Card class offers update methods for various EF, but for
PLMNsel there is no update method available yet. Lets add one.
Change-Id: I832f7bef70c92dc101b94ad871b6cafaa626e134
Related: SYS#4245
In some situations it may be helpful to know the card name (type)
we deal with in advance. So lets ad an to probe that only detects
the card and then exists.
- Add commandline option -T --probe
Change-Id: I57422d3819d52fd215ac8f13f890729aad2af76f
Related: OS#3376
Some of the methods SimCardCommands() have ways to determaine length
information from the card response. Regular sims use a format where
the length field is on a fixed position. USIMs use FCP templates
(format control parameters), which is a TLV encodecs string. So lets
distingish if we deal with an USIM (We can easily do this by looking
at the select control parameters) and extract the length info from
the FCP.
- If we deal with USIMs, use the FCP to determine length
information
Change-Id: I068cf8a532e1c79a2d208e9d275c155ddb72713c
Related: SYS#4245
The method send_apdu() first transmits the APDU in the cards direction.
The card may indicate that there is a response available by responding
with SW1=9F, where SW2 is the number of bytes. send_apdu() will then
craft a get-response APDU to pickup the response bytes. This mechanism
works fine for SIM, but USIM uses SW1=61 to indicate the availability
of a response, so lets also sense on SW1=61 to support USIMs as well.
- Also check on SW1=61 to see if a response is available
Change-Id: Ied7fb78873a7c4109de471c7a5e9c3701ba0c7d5
Related: SYS#4245
with Change I38f5d36d16b41b5d516a6a3e2ec1d09637883932, new constants
for file identifiers were introduced. When csv file input is used,
then pySim-prog.py uses one of these constans without importing
it from ts_51_011.py
- Add missing import
Change-Id: Ic5b067b16ec204c2ba2264b1ffb48d37be8d5eb3
The method send_apdu_checksw() is used to check the SW of the final
response against some pre defined value. However, in many cases the
last two digits of the SW are used to return varying information
(e.g. length information or a more specific status info). To cover
those cases it would be helfpul to define status words that contain
wildcards (e.g. 61**) in order to be able to accept all SWs from
6100 to 61ff.
- When the user supplies an expected SW with wildcards, mask out
those digits in the response before comparing
Change-Id: I5bfc0522b4228b5d9b3415f6e708abcf0da0a7b7
At the momemnt pysim takes the supplied ADM pin number and interprets
it as ascii string. This ascii string (max 8 digitis) is then padded
with 0xff bytes if necessary and sent to the card.
This limits the range of possible ADM keys and it is not possible
to deal with situataions where the ADM pin consists of arbitrary
bytes. At the momemnt pysim-prog forbis anything that is longer
than 8 digits. Lets also check if there are 16 digits and if yes
interpret them as raw bytes.
- when the adm pin is 16 digits long, interpret the string as raw
bytes (hex).
Change-Id: If0ac0d328c64b57bc4d45d985a4a516930053344
Related: SYS#4245
This reverts commit a51592e180, which
broke the use of ADM pins on sysmoUSIM-SJS1 (and possibly others?)
The ADM pins have so far always been specified as ASCII decimal digits,
i.e. something like "-a 53204025" gets translated to hex "3533323034303235"
After the above patch this is broken and gets instead translated to
"53204025ffffffff" in hex which obviously breaks. Let's revert back to
the old behavior to make it work again.
Change-Id: I3d68b7e09938a2fcb7a9a6a31048388cc3141f79
2018-01-23 16:25:55 +01:00
454 changed files with 92842 additions and 2903 deletions
After installing all dependencies, the pySim applications ``pySim-read.py``, ``pySim-prog.py`` and ``pySim-shell.py`` may be started directly from the cloned repository.
In addition to the dependencies above ``pySim-trace.py`` requires ``tshark`` and the python package ``pyshark`` to be installed. It is known that the ``tshark`` package
in Debian versions before 11 may not work with pyshark.
### Archlinux Package
Archlinux users may install the package ``python-pysim-git``
Successfully established a SCP02[01] secure channel
..warning:: In case you get an "EXCEPTION of type 'ValueError' occurred with message: card cryptogram doesn't match" error message, it is very likely that there is a problem with the key material. The card may lock the ISD access after a certain amount of failed tries. Carefully check the key material any try again.
When the secure channel is established, we are ready to install the applet. The installation normally is a multi step
procedure, where the loading of an executable load file is announced first, then loaded and then installed in a final
step. The pySim-shell command ``install_cap`` automatically takes care of those three steps.
In case larger card batches need to be programmed, it is possible to use the ``--batch`` parameter to run ``pySim-prog`` in batch mode.
The batch mode will prompt the user to insert a card. Once a card is detected in the reader, the programming is carried out. The user may then remove the card again and the process starts over. This allows for a quick and efficient card programming without permanent commandline interaction.
pySim-read
----------
``pySim-read`` allows to read some of the most important data items from a SIM
card. This means it will only read some files of the card, and will only read
files accessible to a normal user (without any special authentication)
These days, it is recommended to use the ``export`` command of ``pySim-shell``
instead. It performs a much more comprehensive export of all of the [standard]
files that can be found on the card. To get a human-readable decode instead of
the raw hex export, you can use ``export --json``.
You can of course achieve a similar functionality with apache, lighttpd or many other web server
software.
supplementary files
~~~~~~~~~~~~~~~~~~~
The `smdpp-data/certs` directory contains the DPtls, DPauth and DPpb as well as CI certificates
used; they are copied from GSMA SGP.26 v2. You can of course replace them with custom certificates
if you're operating eSIM with a *private root CA*.
The `smdpp-data/upp` directory contains the UPP (Unprotected Profile Package) used. The file names (without
.der suffix) are looked up by the matchingID parameter from the activation code presented by the LPA.
commandline options
~~~~~~~~~~~~~~~~~~~
Typically, you just run osmo-smdpp without any arguments, and it will bind its built-in HTTPS ES9+ interface to
`localhost` TCP port 443. In this case an external TLS reverse proxy is not needed.
osmo-smdpp currently doesn't have any configuration file.
There are command line options for binding:
Bind the HTTPS ES9+ to a port other than 443::
./osmo-smdpp.py -p 8443
Disable the built-in TLS support and bind the plain-HTTP ES9+ to a port 8000::
./osmo-smdpp.py -p 8000 --nossl
Bind the HTTP ES9+ to a different local interface::
./osmo-smdpp.py -H 127.0.0.2
DNS setup for your LPA
~~~~~~~~~~~~~~~~~~~~~~
The LPA must resolve `testsmdpplus1.example.com` to the IP address of your TLS proxy.
It must also accept the TLS certificates used by your TLS proxy. In case osmo-smdpp is used with built-in TLS support,
it will use the certificates provided in smdpp-data.
NOTE: The HTTPS ES9+ interface cannot be addressed by the LPA directly via its IP address. The reason for this is that
the included SGP.26 (DPtls) test certificates explicitly restrict the hostname to `testsmdpplus1.example.com` in the
`X509v3 Subject Alternative Name` extension. Using a bare IP address as hostname may cause the certificate to be
rejected by the LPA.
Supported eUICC
~~~~~~~~~~~~~~~
If you run osmo-smdpp with the included SGP.26 (DPauth, DPpb) certificates, you must use an eUICC with matching SGP.26
certificates, i.e. the EUM certificate must be signed by a SGP.26 test root CA and the eUICC certificate
in turn must be signed by that SGP.26 EUM certificate.
sysmocom (sponsoring development and maintenance of pySim and osmo-smdpp) is selling SGP.26 test eUICC
as `sysmoEUICC1-C2T`. They are publicly sold in the `sysmocom webshop <https://shop.sysmocom.de/eUICC-for-consumer-eSIM-RSP-with-SGP.26-Test-Certificates/sysmoEUICC1-C2T>`_.
In general you can use osmo-smdpp also with certificates signed by any other certificate authority. You
just always must ensure that the certificates of the SM-DP+ are signed by the same root CA as those of your
eUICCs.
Hypothetically, osmo-smdpp could also be operated with GSMA production certificates, but it would require
that somebody brings the code in-line with all the GSMA security requirements (HSM support, ...) and operate
it in a GSMA SAS-SM accredited environment and pays for the related audits.
This is a program to emulate the entire communication path SMSC-CN-RAN-ME
that is usually between an OTA backend and the SIM card. This allows
to play with SIM OTA technology without using a mobile network or even
a mobile phone.
An external application can act as SMPP ESME and must encode (and
encrypt/sign) the OTA SMS and submit them via SMPP to this program, just
like it would submit it normally to a SMSC (SMS Service Centre). The
program then re-formats the SMPP-SUBMIT into a SMS DELIVER TPDU and
passes it via an ENVELOPE APDU to the SIM card that is locally inserted
into a smart card reader.
The path from SIM to external OTA application works the opposite way.
The default SMPP system_id is `test`. Likewise, the default SMPP
password is `test`
Running pySim-smpp2sim
----------------------
The command accepts the same command line arguments for smart card interface device selection as pySim-shell,
as well as a few SMPP specific arguments:
..argparse::
:module:pySim-smpp2sim
:func:option_parser
:prog:pySim-smpp2sim.py
Example execution with sample output
------------------------------------
So for a simple system with a single PC/SC device, you would typically use something like
`./pySim-smpp2sim.py -p0` to start the program. You will see output like this at start-up
::
Using reader PCSC[HID Global OMNIKEY 3x21 Smart Card Reader [OMNIKEY 3x21 Smart Card Reader] 00 00]
INFO root: Binding Virtual SMSC to TCP Port 2775 at ::
The application has hence bound to local TCP port 2775 and expects your SMS-sending applications to send their
SMS there. Once you do, you will see log output like below:
::
WARNING smpp.twisted.protocol: SMPP connection established from ::ffff:127.0.0.1 to port 2775
INFO smpp.twisted.server: Added CommandId.bind_transceiver bind for 'test'. Active binds: CommandId.bind_transceiver: 1, CommandId.bind_transmitter: 0, CommandId.bind_receiver: 0. Max binds: 2
INFO smpp.twisted.protocol: Bind request succeeded for test. 1 active binds
And once your external program is sending SMS to the simulated SMSC, it will log something like
INFO root: ENVELOPE: d147820283818604001032548b3b400290217ff6227052000000002d02700000281516191212b0000127fa28a5bac69d3c5e9df2c7155dfdde449c826b236215566530787b30e8be5d
INFO root: SW 9000: 027100002412b000019a551bb7c28183652de0ace6170d0e563c5e949a3ba56747fe4c1dbbef16642c
..note:: for sending OTA SMS messages :ref:`smpp-ota-tool` may be used.
SUPI/SUCI Concealment is a feature of 5G-Standalone (SA) to encrypt the
IMSI/SUPI with a network operator public key. 3GPP Specifies two different
variants for this:
* SUCI calculation *in the UE*, using key data from the SIM
* SUCI calculation *on the card itself*
pySim supports writing the 5G-specific files for *SUCI calculation in the UE* on USIM cards, assuming
that your cards contain the required files, and you have the privileges/credentials to write to them.
This is the case using sysmocom sysmoISIM-SJA2 or any flavor of sysmoISIM-SJA5.
There is no 3GPP/ETSI standard method for configuring *SUCI calculation on the card*; pySim currently
supports the vendor-specific method for the sysmoISIM-SJA5-S17).
This document describes both methods.
Technical References
~~~~~~~~~~~~~~~~~~~~
This guide covers the basic workflow of provisioning SIM cards with the 5G SUCI feature. For detailed information on the SUCI feature and file contents, the following documents are helpful:
* USIM files and structure: `3GPP TS 31.102 <https://www.etsi.org/deliver/etsi_ts/131100_131199/131102/16.06.00_60/ts_131102v160600p.pdf>`__
raiseApiError('8.8.4','3.7','The SM-DP+ has no CERT.DPauth.SIG which chains to one of the eSIM CA Root CA Certificate with a Public Key supported by the eUICC')
# verify it supports one of the keys indicated by euiccCiPKIdListForSigning
ci_cert=None
forxinpkid_list:
ci_cert=self.ci_get_cert_for_pkid(x)
# we already support multiple CI certificates but only one set of DPauth + DPpb keys. So we must
# make sure we choose a CI key-id which has issued both the eUICC as well as our own SM-DP side
raiseApiError('8.8.2','3.1','None of the proposed Public Key Identifiers is supported by the SM-DP+')
# Generate a TransactionID which is used to identify the ongoing RSP session. The TransactionID
# SHALL be unique within the scope and lifetime of each SM-DP+.
transactionId=uuid.uuid4().hex.upper()
assertnottransactionIdinself.rss
# Generate a serverChallenge for eUICC authentication attached to the ongoing RSP session.
serverChallenge=os.urandom(16)
# Generate a serverSigned1 data object as expected by the eUICC and described in section 5.7.13 "ES10b.AuthenticateServer". If and only if both eUICC and LPA indicate crlStaplingV3Support, the SM-DP+ SHALL indicate crlStaplingV3Used in sessionContext.
# Generate a signature (serverSignature1) as described in section 5.7.13 "ES10b.AuthenticateServer" using the SK related to the selected CERT.DPauth.SIG.
# serverSignature1 SHALL be created using the private key associated to the RSP Server Certificate for authentication, and verified by the eUICC using the contained public key as described in section 2.6.9. serverSignature1 SHALL apply on serverSigned1 data object.
"""Perform GET DATA [Config] on the ARA-M Applet: Tell it our version and retrieve its version."""
res_do=ADF_ARAM.get_config(self._cmd.lchan.scc)
ifres_do:
self._cmd.poutput_json(res_do.to_dict())
store_ref_ar_do_parse=argparse.ArgumentParser()
# REF-DO
store_ref_ar_do_parse.add_argument(
'--device-app-id',required=True,help='Identifies the specific device application that the rule applies to. Hash of Certificate of Application Provider, or UUID. (20/32 hex bytes)')
'--aid',help='Identifies the specific SE application for which rules are to be stored. Can be a partial AID, containing for example only the RID. (5-16 or 0 hex bytes)')
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
