Attention is currently required from: daniel, laforge, neels.
dexter has posted comments on this change by dexter. ( https://gerrit.osmocom.org/c/pysim/+/42353?usp=email )
Change subject: docs/put_key: add tutorial that explains how to manage global platform keys ......................................................................
Patch Set 3:
(2 comments)
File docs/put_key-tutorial.rst:
https://gerrit.osmocom.org/c/pysim/+/42353/comment/4cf5210a_e1df87dc?usp=ema... : PS2, Line 80: pySIM-shell (00:MF/ADF.ISD-R)>
We need to check back if this really works. […]
I have now reworked this. When I get https://euicc-manual.osmocom.org/docs/lpa/applet-id/ correctly then the purpose of the ISD-P is to be some kind of secure container of the profile. When it also is the "on-card representative of the SM-DP+", then the eSIM profile owner (MNO) probably has no influence here at all. This also may explain why it has no keys provisioned. As far as I understand now the ISD-P is not interesting at all in the scope of this tutorial. What we are interested in is the securityDomain that is specified in the eSIM profile.
https://gerrit.osmocom.org/c/pysim/+/42353/comment/3eab4fe4_cf6a6d15?usp=ema... : PS2, Line 462: +----------------+---------+---------------------------------------+
I am not sure with the purpose of those two keys. […]
I have checked this back. Remote Application Management over HTTP – Public Release v1.1.2, section 3.3.2 clearly says that the second key is a DEK key. So this is correct.