param_source: use random.SystemRandom as random nr source
Python's random module uses a PRNG (Mersenne Twister) which is utterly insecure for key generation - it was so far only used for testing. Replace it with random.SystemRandom(), which draws from /dev/urandom and is suitable for generating cryptographic key material.
validate_val() calls len() to check the value against allow_len, min_len and max_len. len() requires the object to have a __len__() method, which integers do not — calling len() on an int raises TypeError.
Fix this by checking for __len__ first: if present, use len(val) as usual; otherwise fall back to len(str(val)), which gives the number of decimal digits for integer values.
ConfigurableParameter: do not magically overwrite the 'name' attribute
The ClassVarMeta metaclass used to derive each ConfigurableParameter's 'name' attribute automatically from the Python class name (via camel_to_snake()). Stop doing this, for three reasons:
1) Python class names follow constraints that do not fit the naming commonly used in CSV files. For example, a name like "5GS-SUCI-CalcInfo" starts with a digit and contains dashes, neither of which is permissible in a class name.
2) Python class names live in their own namespace, distinct from the one used to present eSIM parameters to end users. Deriving the UI name from the class name couples these two namespaces together.
Taken together, (1) and (2) mean that automatic naming both imposes class-name constraints on the user-visible names and merges the internal Python namespace with the publicly shown one - a layer violation from the perspective of UI design.
3) Overriding 'name' from __new__() makes manual naming impossible: a subclass that sets 'name = "bar"' as a class attribute would still end up with the value computed by the metaclass, which is surprising and hard to track down:
class MySuper(metaclass=...): # __new__ sets name = 'foo' ... class MySub(MySuper): name = 'bar' print(MySub().name) # 'foo', not 'bar' as one would expect
Add ConfigurableParameterTest, which applies each parameter to a real UPP DER template and reads it back, comparing results against a stored expected-output snapshot (xo/test_configurable_parameters).
Add TestValidateVal covering validate_val() for Iccid, Imsi, Pin1, Puk1 and K, testing both valid inputs and invalid ones expected to raise ValueError.
Add TestEnumParam covering the EnumParam methods (validate_val, map_name_to_val, map_val_to_name, name_normalize, clean_name_str) using AlgorithmID as the concrete subclass, including fuzzy name matching.
Also add get_value_from_pes() to ConfigurableParameter as a convenience wrapper around get_values_from_pes() that asserts all returned values are identical and returns the single result.
personalization audit: optionally audit all (unknown) SD keys
By a flag, allow to audit also all Security Domain KVN that we have *not* created ConfigurableParameter subclasses for.
For example, SCP80 has reserved kvn 0x01..0x0f, but we offer only Scp80Kvn01, Scp80Kvn02, Scp80Kvn03. So we would not show kvn 0x04..0x0f in an audit.
This patch includes audits of all SD key kvn there may be in the UPP. This will help to spot SD keys that may already be present in a UPP template, with unexpected / unusual kvn.
When the access conditions are extracted from resp_bin, the wrong length is used and only 2 bytes instead of 3 are extracted.
3GPP TS 51.011, section 9.2.1, table below "Response parameters/data in case of an EF", clearly states that the length should be 3 bytes (position 9-11)
unittests: add testcases for decode_select_response
A CardProfile class usually contains a static method decode_select_response. Unfortunately those methods have no unit-test coverage yet. Let's add unit tests for the decoders in CardProfileSIM and CardProfileUICC.
pySim/ts_51_011: rewrite comment for better understanding
The comment reads like that we were applying TS 102.221 here, but we only mean our internal decoding format. The spec that actually matters here is TS 51.011. Let's rephrase the comment so that this becomes more clear.
