forked from PeterCxy/OpenEUICC
Add SGP.26 (GSMA test) certificate support
Ideally, LPA software like easyEUICC should not make contain a list of hard-coded TLS server certificates, but accept any certificates signed by the SubjectKeyIds reported by the eUICC in GetEuiccInfo1/2. I described this in more detail at PeterCxy/OpenEUICC#11 As a work-around, this commit adds the GSMA SGP.26 test root certificate, so at least test certificates are accepted. This workaround will permit the use of test-SM-DP+ like smdpp.test.rsp.sysmocom.de with test-eUICCs like the sysmoEUICC1-C2T.
This commit is contained in:
parent
e587af9714
commit
de69c6d1e1
30
app-common/src/main/res/raw/gsma_sgp26.pem
Normal file
30
app-common/src/main/res/raw/gsma_sgp26.pem
Normal file
|
@ -0,0 +1,30 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIICUDCCAfegAwIBAgIJALh086v6bETTMAoGCCqGSM49BAMCMEQxEDAOBgNVBAMM
|
||||
B1Rlc3QgQ0kxETAPBgNVBAsMCFRFU1RDRVJUMRAwDgYDVQQKDAdSU1BURVNUMQsw
|
||||
CQYDVQQGEwJJVDAgFw0yMDA0MDEwODI3NTFaGA8yMDU1MDQwMTA4Mjc1MVowRDEQ
|
||||
MA4GA1UEAwwHVGVzdCBDSTERMA8GA1UECwwIVEVTVENFUlQxEDAOBgNVBAoMB1JT
|
||||
UFRFU1QxCzAJBgNVBAYTAklUMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAElAZX
|
||||
pnPcKI+J1S6opHcEmSeR+cNLADbmM+LQy6lFTWXbMusXmBeZ0vJDiO4rlcEJRUbJ
|
||||
eQHOrrqWUJGaLiDSKaOBzzCBzDAdBgNVHQ4EFgQU9UFyvfmKldZcvriKOKHBHYAK
|
||||
hcMwDwYDVR0TAQH/BAUwAwEB/zAXBgNVHSABAf8EDTALMAkGB2eBEgECAQAwDgYD
|
||||
VR0PAQH/BAQDAgEGMA4GA1UdEQQHMAWIA4g3ATBhBgNVHR8EWjBYMCqgKKAmhiRo
|
||||
dHRwOi8vY2kudGVzdC5leGFtcGxlLmNvbS9DUkwtQS5jcmwwKqAooCaGJGh0dHA6
|
||||
Ly9jaS50ZXN0LmV4YW1wbGUuY29tL0NSTC1CLmNybDAKBggqhkjOPQQDAgNHADBE
|
||||
AiBSdWqvwgIKbOy/Ll88IIklEP8pdR0pi9OwFdlgWk/mfQIgV5goNuTSBd3S5sPB
|
||||
tFWTf2tuSTtgL9G2bDV0iak192s=
|
||||
-----END CERTIFICATE-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICUTCCAfigAwIBAgIJALh086v6bETTMAoGCCqGSM49BAMCMEQxEDAOBgNVBAMM
|
||||
B1Rlc3QgQ0kxETAPBgNVBAsMCFRFU1RDRVJUMRAwDgYDVQQKDAdSU1BURVNUMQsw
|
||||
CQYDVQQGEwJJVDAgFw0yMDA0MDEwODI3NTFaGA8yMDU1MDQwMTA4Mjc1MVowRDEQ
|
||||
MA4GA1UEAwwHVGVzdCBDSTERMA8GA1UECwwIVEVTVENFUlQxEDAOBgNVBAoMB1JT
|
||||
UFRFU1QxCzAJBgNVBAYTAklUMFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABCeH
|
||||
tNVu2CSp5r4E4Yh/a5i6/rjHY/UoN/cBE+k2Tt2+E5vAx95+Fo8eXNDBhTT8UGTm
|
||||
T2htxTMnyn8dzqhaKZSjgc8wgcwwHQYDVR0OBBYEFMC8cLo2kp1DtGf/V1cFMOV6
|
||||
uPzYMA8GA1UdEwEB/wQFMAMBAf8wFwYDVR0gAQH/BA0wCzAJBgdngRIBAgEAMA4G
|
||||
A1UdDwEB/wQEAwIBBjAOBgNVHREEBzAFiAOINwEwYQYDVR0fBFowWDAqoCigJoYk
|
||||
aHR0cDovL2NpLnRlc3QuZXhhbXBsZS5jb20vQ1JMLUEuY3JsMCqgKKAmhiRodHRw
|
||||
Oi8vY2kudGVzdC5leGFtcGxlLmNvbS9DUkwtQi5jcmwwCgYIKoZIzj0EAwIDRwAw
|
||||
RAIgPYrf0CKl0FBMUaHx5xS1duTDbQ4wBZN3qKBeNniuux0CIHBek2vLfoANAdtt
|
||||
f5u5Ce6DVC2oIfpn5UnS24F3oMqM
|
||||
-----END CERTIFICATE-----
|
|
@ -3,6 +3,7 @@
|
|||
<base-config>
|
||||
<trust-anchors>
|
||||
<certificates src="@raw/symantec_gsma_rspv2_root_ci1"/>
|
||||
<certificates src="@raw/gsma_sgp26"/>
|
||||
<certificates src="system"/>
|
||||
</trust-anchors>
|
||||
</base-config>
|
||||
|
|
|
@ -20,7 +20,7 @@ android {
|
|||
compileSdk = 34
|
||||
|
||||
defaultConfig {
|
||||
applicationId = "im.angry.easyeuicc"
|
||||
applicationId = "im.angry.easyeuicc_sgp26"
|
||||
minSdk = 28
|
||||
targetSdk = 34
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
<resources>
|
||||
<string name="app_name" translatable="false">EasyEUICC</string>
|
||||
<string name="app_name" translatable="false">EasyEUICC SGP.26</string>
|
||||
<string name="compatibility_check">Compatibility Check</string>
|
||||
|
||||
<!-- Compatibility Check Descriptions -->
|
||||
|
|
|
@ -15,7 +15,7 @@ android {
|
|||
compileSdk = 34
|
||||
|
||||
defaultConfig {
|
||||
applicationId = "im.angry.openeuicc"
|
||||
applicationId = "im.angry.openeuicc_sgp26"
|
||||
minSdk = 30
|
||||
targetSdk = 34
|
||||
|
||||
|
|
Loading…
Reference in a new issue