From fba95a3a2ce71e5f4fba004a4ecf297d4dacba2c Mon Sep 17 00:00:00 2001
From: Peter Cai <peter@typeblog.net>
Date: Wed, 18 May 2022 21:55:51 -0400
Subject: [PATCH] Send full IMEI in ctxParams1 for AuthenticateServer APDU
 request

---
 .../main/java/im/angry/openeuicc/core/EuiccChannel.kt |  2 ++
 .../im/angry/openeuicc/core/EuiccChannelManager.kt    |  1 +
 .../im/angry/openeuicc/ui/ProfileDownloadFragment.kt  |  2 +-
 .../src/main/java/com/truphone/es9plus/LpaUtils.java  | 10 ----------
 .../java/com/truphone/lpa/LocalProfileAssistant.java  |  2 +-
 .../main/java/com/truphone/lpa/apdu/ApduUtils.java    | 11 +++++++++--
 .../com/truphone/lpa/impl/DownloadProfileWorker.java  |  6 ++++--
 .../truphone/lpa/impl/LocalProfileAssistantImpl.java  |  4 ++--
 .../lpa/impl/download/AuthenticatingPhaseWorker.java  | 11 +++++------
 9 files changed, 25 insertions(+), 24 deletions(-)
 delete mode 100644 libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/es9plus/LpaUtils.java

diff --git a/app/src/main/java/im/angry/openeuicc/core/EuiccChannel.kt b/app/src/main/java/im/angry/openeuicc/core/EuiccChannel.kt
index a51dbde..84c8326 100644
--- a/app/src/main/java/im/angry/openeuicc/core/EuiccChannel.kt
+++ b/app/src/main/java/im/angry/openeuicc/core/EuiccChannel.kt
@@ -7,6 +7,7 @@ data class EuiccChannelInfo(
     val slotId: Int,
     val cardId: Int,
     val name: String,
+    val imei: String,
     val removable: Boolean,
 )
 
@@ -16,6 +17,7 @@ abstract class EuiccChannel(
     val slotId = info.slotId
     val cardId = info.cardId
     val name = info.name
+    val imei = info.imei
     val removable = info.removable
 
     abstract val lpa: LocalProfileAssistant
diff --git a/app/src/main/java/im/angry/openeuicc/core/EuiccChannelManager.kt b/app/src/main/java/im/angry/openeuicc/core/EuiccChannelManager.kt
index 03774d9..b570f3b 100644
--- a/app/src/main/java/im/angry/openeuicc/core/EuiccChannelManager.kt
+++ b/app/src/main/java/im/angry/openeuicc/core/EuiccChannelManager.kt
@@ -66,6 +66,7 @@ class EuiccChannelManager(private val context: Context) {
                 uiccInfo.slotIndex,
                 uiccInfo.cardId,
                 "SIM ${uiccInfo.slotIndex}",
+                tm.getImei(uiccInfo.slotIndex),
                 uiccInfo.isRemovable
             )
 
diff --git a/app/src/main/java/im/angry/openeuicc/ui/ProfileDownloadFragment.kt b/app/src/main/java/im/angry/openeuicc/ui/ProfileDownloadFragment.kt
index b66fcdc..48c26f6 100644
--- a/app/src/main/java/im/angry/openeuicc/ui/ProfileDownloadFragment.kt
+++ b/app/src/main/java/im/angry/openeuicc/ui/ProfileDownloadFragment.kt
@@ -128,7 +128,7 @@ class ProfileDownloadFragment : DialogFragment(), EuiccFragmentMarker, Toolbar.O
     }
 
     private suspend fun doDownloadProfile(server: String, code: String) = withContext(Dispatchers.IO) {
-        channel.lpa.downloadProfile("1\$${server}\$${code}", DownloadProgress().apply {
+        channel.lpa.downloadProfile("1\$${server}\$${code}", channel.imei, DownloadProgress().apply {
             setProgressListener { _, _, percentage, _ ->
                 binding.progress.isIndeterminate = false
                 binding.progress.progress = (percentage * 100).toInt()
diff --git a/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/es9plus/LpaUtils.java b/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/es9plus/LpaUtils.java
deleted file mode 100644
index 145ed30..0000000
--- a/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/es9plus/LpaUtils.java
+++ /dev/null
@@ -1,10 +0,0 @@
-package com.truphone.es9plus;
-
-public class LpaUtils {
-    public static String generateCtxParams1() {
-
-        return "";
-    }
-
-
-}
diff --git a/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/LocalProfileAssistant.java b/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/LocalProfileAssistant.java
index dbeb1ef..4eabdfc 100644
--- a/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/LocalProfileAssistant.java
+++ b/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/LocalProfileAssistant.java
@@ -19,7 +19,7 @@ public interface LocalProfileAssistant {
     String setDefaultSMDP(String smdpAddress, Progress progress);
 
     
-    void downloadProfile(String matchingId, DownloadProgress progress) throws Exception;
+    void downloadProfile(String matchingId, String imei, DownloadProgress progress) throws Exception;
     
     List<LocalProfileInfo> getProfiles();
 
diff --git a/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/apdu/ApduUtils.java b/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/apdu/ApduUtils.java
index 7c698c1..40bab8e 100644
--- a/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/apdu/ApduUtils.java
+++ b/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/apdu/ApduUtils.java
@@ -34,9 +34,16 @@ public class ApduUtils {
         return apdu.toString();
     }
 
+    public static String generateCtxParams1(String matchingId, String imei) {
+        String tac = imei.substring(0, 8);
+        return ToTLV.toTLV("A0",
+                ToTLV.toTLV("80", matchingId) + ToTLV.toTLV("A1",
+                        ToTLV.toTLV("80", tac) + ToTLV.toTLV("A1", "") + ToTLV.toTLV("82", imei + "F")
+                ));
+    }
+
     public static List<String> authenticateServerApdu(String smdpSigned1, String smdpSignature1, String euiccCiPKIdToBeUsed,
-            String cert, String matchingId) {
-        String sctxParams1 = ToTLV.toTLV("A0", ToTLV.toTLV("80", matchingId) + ToTLV.toTLV("A1", ToTLV.toTLV("80", "35550607") + ToTLV.toTLV("A1", "")));
+            String cert, String sctxParams1) {
         String data = ToTLV.toTLV("BF38", smdpSigned1 + smdpSignature1 + euiccCiPKIdToBeUsed + cert + sctxParams1);
 
         return subCommandData(data, len, false);
diff --git a/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/impl/DownloadProfileWorker.java b/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/impl/DownloadProfileWorker.java
index 7db8442..2c1d559 100644
--- a/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/impl/DownloadProfileWorker.java
+++ b/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/impl/DownloadProfileWorker.java
@@ -17,11 +17,13 @@ class DownloadProfileWorker {
     private final DownloadProgress progress;
     private final Es9PlusImpl es9Module;
     private String matchingId;
+    private final String imei;
     private ApduTransmitter apduTransmitter;
 
-    DownloadProfileWorker(String matchingId, DownloadProgress progress, ApduChannel apduChannel, Es9PlusImpl es9Module) {
+    DownloadProfileWorker(String matchingId, String imei, DownloadProgress progress, ApduChannel apduChannel, Es9PlusImpl es9Module) {
 
         this.matchingId = matchingId;
+        this.imei = imei;
         this.progress = progress;
         this.es9Module = es9Module;
         apduTransmitter = new ApduTransmitter(apduChannel);
@@ -59,7 +61,7 @@ class DownloadProfileWorker {
                 authenticatingPhaseWorker.getEuiccInfo(),
                 authenticatingPhaseWorker.getEuiccChallenge(matchingId));
 
-        authenticatingPhaseWorker.initiateAuthentication(initialAuthenticationKeys);
+        authenticatingPhaseWorker.initiateAuthentication(initialAuthenticationKeys, matchingId, imei);
         downloadAndInstallProfilePackage(initialAuthenticationKeys,
                 downloadPhaseWorker.prepareDownload(authenticatingPhaseWorker.authenticateClient(initialAuthenticationKeys,
                         authenticatingPhaseWorker.authenticateWithEuicc(initialAuthenticationKeys))), downloadPhaseWorker);
diff --git a/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/impl/LocalProfileAssistantImpl.java b/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/impl/LocalProfileAssistantImpl.java
index c9decad..bfcec28 100644
--- a/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/impl/LocalProfileAssistantImpl.java
+++ b/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/impl/LocalProfileAssistantImpl.java
@@ -74,10 +74,10 @@ public class LocalProfileAssistantImpl implements LocalProfileAssistant {
     }
 
     @Override
-    public void downloadProfile(final String matchingId,
+    public void downloadProfile(final String matchingId, final String imei,
                                 final DownloadProgress progress) throws Exception {
 
-        new DownloadProfileWorker(matchingId, progress, apduChannel, es9Module).run();
+        new DownloadProfileWorker(matchingId, imei, progress, apduChannel, es9Module).run();
     }
 
     @Override
diff --git a/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/impl/download/AuthenticatingPhaseWorker.java b/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/impl/download/AuthenticatingPhaseWorker.java
index 29fb409..b604df2 100644
--- a/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/impl/download/AuthenticatingPhaseWorker.java
+++ b/libs/lpad-sm-dp-plus-connector/src/main/java/com/truphone/lpa/impl/download/AuthenticatingPhaseWorker.java
@@ -2,7 +2,6 @@ package com.truphone.lpa.impl.download;
 
 
 import com.truphone.es9plus.Es9PlusImpl;
-import com.truphone.es9plus.LpaUtils;
 import com.truphone.es9plus.message.response.AuthenticateClientResp;
 import com.truphone.es9plus.message.response.InitiateAuthenticationResp;
 import com.truphone.lpa.apdu.ApduUtils;
@@ -126,7 +125,7 @@ public class AuthenticatingPhaseWorker {
         }
     }
 
-    public void initiateAuthentication(InitialAuthenticationKeys initialAuthenticationKeys) {
+    public void initiateAuthentication(InitialAuthenticationKeys initialAuthenticationKeys, String matchingId, String imei) {
 
         progress.stepExecuted(DOWNLOAD_PROFILE_INITIATE_AUTHENTICATION, "initiateAuthentication retrieving...");
 
@@ -142,14 +141,14 @@ public class AuthenticatingPhaseWorker {
         setServerCertificate(initialAuthenticationKeys, initiateAuthenticationResp);
         setTransactionId(initialAuthenticationKeys, initiateAuthenticationResp);
         setMatchingId(initialAuthenticationKeys);
-        setCtxParams1(initialAuthenticationKeys);
+        setCtxParams1(initialAuthenticationKeys, matchingId, imei);
 
         progress.stepExecuted(DOWNLOAD_PROFILE_INITIATED_AUTHENTICATION, "initiateAuthentication initiated...");
     }
 
-    private void setCtxParams1(InitialAuthenticationKeys initialAuthenticationKeys) {
+    private void setCtxParams1(InitialAuthenticationKeys initialAuthenticationKeys, String matchingId, String imei) {
 
-        initialAuthenticationKeys.setCtxParams1(LpaUtils.generateCtxParams1());
+        initialAuthenticationKeys.setCtxParams1(ApduUtils.generateCtxParams1(matchingId, imei));
 
         if (LogStub.getInstance().isDebugEnabled()) {
             LogStub.getInstance().logDebug(LOG, LogStub.getInstance().getTag() + " - ctxParams1: " + initialAuthenticationKeys.getCtxParams1());
@@ -276,7 +275,7 @@ public class AuthenticatingPhaseWorker {
         String authenticateServerResponse = apduTransmitter.transmitApdus(ApduUtils.authenticateServerApdu(initialAuthenticationKeys.getServerSigned1(),
                 initialAuthenticationKeys.getServerSignature1(),
                 initialAuthenticationKeys.getEuiccCiPKIdTobeUsed(), initialAuthenticationKeys.getServerCertificate(),
-                initialAuthenticationKeys.getMatchingId()));
+                initialAuthenticationKeys.getCtxParams1()));
         String encodedAuthenticateServerResponse = Base64.encodeBase64String(Util.hexStringToByteArray(authenticateServerResponse));
 
         if (LogStub.getInstance().isDebugEnabled()) {