Peter Cai
6e590cfd48
Unfortunately, AOSP is not really good at handling more than one eUICC chips per device, even though the EuiccService interface should technically allow for such a situation. Let's do the next best thing -- only ever report one eUICC chip to AOSP. If the device has an internal one, then only report that one; otherwise, select the first available eUICC chip to report to the system. We might make this more configurable in the future, but for now I think this should work for most of the situations. Note that this does NOT affect how the rest of OpenEUICC behaves. This does mean however OpenEUICC will keep hold of some APDU channels that it will never access via OpenEuiccService. A mitigation is to make EuiccChannelManager close unused channels automatically after some timeout. |
||
---|---|---|
.forgejo/workflows | ||
.idea | ||
app | ||
app-common | ||
app-deps | ||
app-unpriv | ||
buildSrc | ||
gradle/wrapper | ||
libs | ||
.gitignore | ||
.gitmodules | ||
Android.bp | ||
Android.mk | ||
build.gradle.kts | ||
gradle.properties | ||
gradlew | ||
gradlew.bat | ||
LICENSE | ||
privapp_whitelist_im.angry.openeuicc.xml | ||
README.md | ||
settings.gradle.kts |
{Open,Easy}EUICC
A fully free and open-source Local Profile Assistant implementation for Android devices.
There are two variants of this project:
- OpenEUICC: The full-fledged privileged variant.
- Due to its privilege requirement, OpenEUICC must be placed inside
/system/priv-app
and be signed with the platform certificate. - The preferred way to including OpenEUICC in a system image is to build it along with AOSP.
- Due to its privilege requirement, OpenEUICC must be placed inside
- EasyEUICC: Unprivileged version that can run as a user app.
- Due to obvious security requirements, EasyEUICC is only able to access eSIM chips whose ARF/ARA contains the hash of EasyEUICC's signing certificate.
- Prebuilt release-mode EasyEUICC apks can be downloaded here
- For removable eSIM chip vendors: to have your chip supported by official builds of EasyEUICC, include the ARA-M hash
2A2FA878BC7C3354C2CF82935A5945A3EDAE4AFA
Building (Gradle)
Make sure you have all submodules cloned and updated by running
git submodule update --init
A file keystore.properties
is required in the root directory. Template:
storePassword=my-store-password
keyPassword=my-password
keyAlias=my-key
unprivKeyPassword=my-unpriv-password
unprivKeyAlias=my-unpriv-key
storeFile=/path/to/android/keystore
Note that you must have a Java-compatible keystore generated first.
To build the privileged OpenEUICC:
./gradlew :app:assembleRelease
For EasyEUICC:
./gradlew :app-unpriv:assembleRelease
Building (AOSP)
There are two ways to include OpenEUICC in your AOSP-based system image:
- Include this project and its dependencies inside the AOSP tree.
- If inclusion in
manifest.xml
is required, remember to set thesync-s
option to clone submodules. - The module name is
OpenEUICC
. You can include it inPRODUCT_PACKAGES
, or simply build it standalone usingmm
. - Compilation of this project is only tested against the latest AOSP release version. The app itself should be compatible with older AOSP versions, but the source may not compile against an older AOSP source tree.
- If inclusion in
- If compilation against AOSP source tree is not possible, consider building with gradle and import the apk as a prebuilt.
- No official
Android.bp
is provided for this case but it should be straightforward to write. - You might want to include
privapp_whitelist_im.angry.openeuicc.xml
as well.
- No official
FAQs
-
Q: Do you provide prebuilt binaries for OpenEUICC?
-
A: Debug-mode APKs are available continuously as an artifact of the Actions CI used by this project. However, these debug-mode APKs are not intended for inclusion inside system images, nor are they supported by the developer in any sense. If you are a custom ROM developer, either include the entire OpenEUICC repository in your AOSP source tree, or generate an APK using
gradle
and import that as a prebuilt system app. Note that you might wantprivapp_whitelist_im.angry.openeuicc.xml
as well. -
Q: AOSP's Settings app seems to be confused by OpenEUICC (for example, disabling / enabling profiles from the Networks page do not work properly)
-
A: When your device has internal eSIM chip(s) and you have inserted a removable eSIM chip, the Settings app can misbehave since it was never designed for this scenario. Please prefer using OpenEUICC's own management interface whenever possible. In the future, there might be an option to exclude removable SIMs from being reported to the Android system.
-
Q: Can EasyEUICC manage my phone's internal eSIM?
-
A: No. For EasyEUICC to work, the eSIM chip MUST proactively grant access via its ARA-M field.
-
Q: Removable eSIMs? Are they a joke?
-
A: No, even though the name "removable embedded SIM" can sound like an oxymoron. In fact, there can be many advantages to these chips compared to fully embedded ones. For example, the ability to transfer eSIM profiles without carrier support or approval, or the ability to use eSIM on devices that do not and may never get the support, such as Wi-Fi hotspots.
Copyright
Everything except libs/lpac-jni
:
Copyright 2022-2024 OpenEUICC contributors
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
libs/lpac-jni
:
Copyright (C) 2022-2024 OpenEUICC contributiors
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation, version 2.1.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA