commit 5bbb144a319393e0b2bdd06f403905f28528e459
author Harald Welte <laforge@osmocom.org> Mon Dec 11 12:46:47 2023 +0100
committer laforge <laforge@osmocom.org> Tue Jan 09 21:37:12 2024 +0000
tree 248f0a43947d2f51da9be063b20b46751f1a807f
parent e76fae9c4c339408f85be5b59ece941664e75ad8

Initial proof-of-concept SM-DP+ for GSMA consumer eSIM RSP

This commit introduces

* the osmo-smdpp.py program implementing the main procedures and the
  HTTP/REST based ES9+
* python modules for ES8+ and non-volatile RSP Session State storage
* the ASN.1 source files required to parse/encode RSP
* 3GPP test certificates from SGP.26
* an unsigned profile package (UPP) of a SAIP v2.3 TS48 test profile

As I couldn't get the 'Klein' tls support to work, the SM-DP+ code
currently does not support HTTPS/TLS but plan HTTP, so you either have
to modify your LPA to use HTTP instead of HTTPS, or put a TLS proxy in
front.

I have successfully installed an eSIM profile on a test eUICC that
contains certificate/key data within the test CI defined in GSMA SGP.26

Change-Id: I6232847432dc6920cd2bd08c84d7099c29ca1c11

smdpp-data/certs/DPauth/CERT_S_SM_DP2auth_ECDSA_BRP.der

diff --git a/smdpp-data/certs/DPauth/CERT_S_SM_DP2auth_ECDSA_BRP.der b/smdpp-data/certs/DPauth/CERT_S_SM_DP2auth_ECDSA_BRP.der
new file mode 100644
index 0000000..a3caae5
--- /dev/null
+++ b/smdpp-data/certs/DPauth/CERT_S_SM_DP2auth_ECDSA_BRP.der
Binary files differ

smdpp-data/certs/DPauth/CERT_S_SM_DP2auth_ECDSA_NIST.der

diff --git a/smdpp-data/certs/DPauth/CERT_S_SM_DP2auth_ECDSA_NIST.der b/smdpp-data/certs/DPauth/CERT_S_SM_DP2auth_ECDSA_NIST.der
new file mode 100644
index 0000000..81715bb
--- /dev/null
+++ b/smdpp-data/certs/DPauth/CERT_S_SM_DP2auth_ECDSA_NIST.der
Binary files differ

smdpp-data/certs/DPauth/CERT_S_SM_DPauth_ECDSA_BRP.der

diff --git a/smdpp-data/certs/DPauth/CERT_S_SM_DPauth_ECDSA_BRP.der b/smdpp-data/certs/DPauth/CERT_S_SM_DPauth_ECDSA_BRP.der
new file mode 100644
index 0000000..45c043c
--- /dev/null
+++ b/smdpp-data/certs/DPauth/CERT_S_SM_DPauth_ECDSA_BRP.der
Binary files differ

smdpp-data/certs/DPauth/CERT_S_SM_DPauth_ECDSA_NIST.der

diff --git a/smdpp-data/certs/DPauth/CERT_S_SM_DPauth_ECDSA_NIST.der b/smdpp-data/certs/DPauth/CERT_S_SM_DPauth_ECDSA_NIST.der
new file mode 100644
index 0000000..914b8a1
--- /dev/null
+++ b/smdpp-data/certs/DPauth/CERT_S_SM_DPauth_ECDSA_NIST.der
Binary files differ

smdpp-data/certs/DPauth/PK_S_SM_DP2auth_ECDSA_BRP.pem

diff --git a/smdpp-data/certs/DPauth/PK_S_SM_DP2auth_ECDSA_BRP.pem b/smdpp-data/certs/DPauth/PK_S_SM_DP2auth_ECDSA_BRP.pem
new file mode 100644
index 0000000..e37c621
--- /dev/null
+++ b/smdpp-data/certs/DPauth/PK_S_SM_DP2auth_ECDSA_BRP.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----

+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABC7uB8ltAFvlGV95rR2tzR03jKMJ

+XkT3LupBDwjHVhIskGPJZbf8hSnAyk6bT2WWnCg8ZWNkV4dxGPbRFy1qI2U=

+-----END PUBLIC KEY-----

smdpp-data/certs/DPauth/PK_S_SM_DP2auth_ECDSA_NIST.pem

diff --git a/smdpp-data/certs/DPauth/PK_S_SM_DP2auth_ECDSA_NIST.pem b/smdpp-data/certs/DPauth/PK_S_SM_DP2auth_ECDSA_NIST.pem
new file mode 100644
index 0000000..63fc92d
--- /dev/null
+++ b/smdpp-data/certs/DPauth/PK_S_SM_DP2auth_ECDSA_NIST.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----

+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEKy6bRdNRwJr0DpFDg6GQOEfyYH3m

+DverJcQOA/jbtlCOFFdQjCvgAXNH7Pob+fd159B+gF5S4ZiLe1hacRGuMw==

+-----END PUBLIC KEY-----

smdpp-data/certs/DPauth/PK_S_SM_DPauth_ECDSA_BRP.pem

diff --git a/smdpp-data/certs/DPauth/PK_S_SM_DPauth_ECDSA_BRP.pem b/smdpp-data/certs/DPauth/PK_S_SM_DPauth_ECDSA_BRP.pem
new file mode 100644
index 0000000..cbd8ccc
--- /dev/null
+++ b/smdpp-data/certs/DPauth/PK_S_SM_DPauth_ECDSA_BRP.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABCVdfa8A74Qddvp6Y9Y+s/5sn3BJ
+LTgZI/j4vXsk88WtFo6+OwndgPKef/0kpNG+dH+DI+RykoOW3engFRzquhg=
+-----END PUBLIC KEY-----

smdpp-data/certs/DPauth/PK_S_SM_DPauth_ECDSA_NIST.pem

diff --git a/smdpp-data/certs/DPauth/PK_S_SM_DPauth_ECDSA_NIST.pem b/smdpp-data/certs/DPauth/PK_S_SM_DPauth_ECDSA_NIST.pem
new file mode 100644
index 0000000..8424bb4
--- /dev/null
+++ b/smdpp-data/certs/DPauth/PK_S_SM_DPauth_ECDSA_NIST.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAETf7U9GlHkb8Wlc6gMHo1tBgBlpU4
+e7dbfSRHtrUgnwRFrk5eUhzROIjXX+B8hYAiKuINuqwdd812MEmTQhvXOQ==
+-----END PUBLIC KEY-----

smdpp-data/certs/DPauth/SK_S_SM_DP2auth_ECDSA_BRP.pem

diff --git a/smdpp-data/certs/DPauth/SK_S_SM_DP2auth_ECDSA_BRP.pem b/smdpp-data/certs/DPauth/SK_S_SM_DP2auth_ECDSA_BRP.pem
new file mode 100644
index 0000000..dc20882
--- /dev/null
+++ b/smdpp-data/certs/DPauth/SK_S_SM_DP2auth_ECDSA_BRP.pem
@@ -0,0 +1,8 @@
+-----BEGIN EC PARAMETERS-----

+BgkrJAMDAggBAQc=

+-----END EC PARAMETERS-----

+-----BEGIN EC PRIVATE KEY-----

+MHgCAQEEIAwXNVwBHQ/o19rdY/GXhc9sUcvNRmroi+j4G8EFiEb2oAsGCSskAwMC

+CAEBB6FEA0IABC7uB8ltAFvlGV95rR2tzR03jKMJXkT3LupBDwjHVhIskGPJZbf8

+hSnAyk6bT2WWnCg8ZWNkV4dxGPbRFy1qI2U=

+-----END EC PRIVATE KEY-----

smdpp-data/certs/DPauth/SK_S_SM_DP2auth_ECDSA_NIST.pem

diff --git a/smdpp-data/certs/DPauth/SK_S_SM_DP2auth_ECDSA_NIST.pem b/smdpp-data/certs/DPauth/SK_S_SM_DP2auth_ECDSA_NIST.pem
new file mode 100644
index 0000000..0b19301
--- /dev/null
+++ b/smdpp-data/certs/DPauth/SK_S_SM_DP2auth_ECDSA_NIST.pem
@@ -0,0 +1,8 @@
+-----BEGIN EC PARAMETERS-----

+BggqhkjOPQMBBw==

+-----END EC PARAMETERS-----

+-----BEGIN EC PRIVATE KEY-----

+MHcCAQEEIJwyoJXUiELZ/6QE9xJRKqLFQloaJjhqtqFF1YEeA5FBoAoGCCqGSM49

+AwEHoUQDQgAEKy6bRdNRwJr0DpFDg6GQOEfyYH3mDverJcQOA/jbtlCOFFdQjCvg

+AXNH7Pob+fd159B+gF5S4ZiLe1hacRGuMw==

+-----END EC PRIVATE KEY-----

smdpp-data/certs/DPauth/SK_S_SM_DPauth_ECDSA_BRP.pem

diff --git a/smdpp-data/certs/DPauth/SK_S_SM_DPauth_ECDSA_BRP.pem b/smdpp-data/certs/DPauth/SK_S_SM_DPauth_ECDSA_BRP.pem
new file mode 100644
index 0000000..6e9d064
--- /dev/null
+++ b/smdpp-data/certs/DPauth/SK_S_SM_DPauth_ECDSA_BRP.pem
@@ -0,0 +1,8 @@
+-----BEGIN EC PARAMETERS-----
+BgkrJAMDAggBAQc=
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MHgCAQEEIJP7M9BYTzSbB/i10q+T18PjVLNJo7kTUC5qvAcOTUkpoAsGCSskAwMC
+CAEBB6FEA0IABCVdfa8A74Qddvp6Y9Y+s/5sn3BJLTgZI/j4vXsk88WtFo6+Ownd
+gPKef/0kpNG+dH+DI+RykoOW3engFRzquhg=
+-----END EC PRIVATE KEY-----

smdpp-data/certs/DPauth/SK_S_SM_DPauth_ECDSA_NIST.pem

diff --git a/smdpp-data/certs/DPauth/SK_S_SM_DPauth_ECDSA_NIST.pem b/smdpp-data/certs/DPauth/SK_S_SM_DPauth_ECDSA_NIST.pem
new file mode 100644
index 0000000..35df74b
--- /dev/null
+++ b/smdpp-data/certs/DPauth/SK_S_SM_DPauth_ECDSA_NIST.pem
@@ -0,0 +1,8 @@
+-----BEGIN EC PARAMETERS-----
+BggqhkjOPQMBBw==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIAp8wcJE5gxSzVt4B6uMNgwmUkYBUH3KvF3VmLWmFtXVoAoGCCqGSM49
+AwEHoUQDQgAETf7U9GlHkb8Wlc6gMHo1tBgBlpU4e7dbfSRHtrUgnwRFrk5eUhzR
+OIjXX+B8hYAiKuINuqwdd812MEmTQhvXOQ==
+-----END EC PRIVATE KEY-----

smdpp-data/certs/DPauth/data_sig.der

diff --git a/smdpp-data/certs/DPauth/data_sig.der b/smdpp-data/certs/DPauth/data_sig.der
new file mode 100644
index 0000000..7f44ce2
--- /dev/null
+++ b/smdpp-data/certs/DPauth/data_sig.der
@@ -0,0 +1 @@
+0D AL¶þV¿eRÌÍìAˆHÊt£×ôͺ„nìE<Nåû R¤~&Àk\þ~­	ÉRlÜÛ°Ÿ‰¥7ì¶NŒŽmWø
\ No newline at end of file