Project

General

Profile

Actions

Feature #5267

open

pySim-shell: Ability to deactivate entire applications on the card

Added by laforge about 2 months ago. Updated about 2 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Target version:
-
Start date:
10/14/2021
Due date:
% Done:

0%

Spec Reference:

Description

We so far can only remove applications from EF.DIR. This just hides the application, but doens't prevent anyone form blindly selecting it.

I suspect there are UE out in the field which don't read EF.DIR and blindly select ADF.ISIM. This succeeds as sysmoISIM-SJA2 have an ISIM application installed.

It would be good to have a pySim-shell command that would deactivate an application, similar to how we have deactivate_file to deactiveat individual files that are not to be used.

Unfortunately, deactivate_file is specified to work only on EF, not on DF (and hence not on ADF). I even tried it, it fails in the CardOS - so it's not just the spec but also the implementation preventing this.

GlobalPlatform has a SET STATUS command which should in theory allow to set the life cycle state from SELECTABLE to LOCKED (or even INSTALLED?). In those states, the application would no longer be selectable.

The "problem" with this is that GlobalPlatform requires secure messaging as per SCP02. The commands are not permitted in plain text after ADM1 pin.


Related issues

Related to pySim - Feature #5268: pySim-shell: GlobalPlatform SCP02 supportNewlaforge10/14/2021

Actions
Actions #1

Updated by laforge about 2 months ago

  • Related to Feature #5268: pySim-shell: GlobalPlatform SCP02 support added
Actions #2

Updated by laforge about 2 months ago

  • Subject changed from Ability to deactivate entire applications on the card to pySim-shell: Ability to deactivate entire applications on the card
Actions

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)