Project

General

Profile

SoftSIM » History » Version 14

fixeria, 01/21/2019 03:38 AM

1 11 fixeria
h2. softSIM
2 1 tsaitgaist
3 11 fixeria
softSIM is a collection of tools to play with the SIM applications (in the SIM card or elsewhere).
4 1 tsaitgaist
5 11 fixeria
It uses "bluetooth":http://bluetooth.org/ "profile":https://www.bluetooth.org/Technical/Specifications/adopted.htm "SIM Access Profile":https://www.bluetooth.org/DocMan/handlers/DownloadDoc.ashx?doc_id=158740 as abstraction layer to access the SIM (but no Bluetooth is required).
6 1 tsaitgaist
7 11 fixeria
Possible use cases:
8 1 tsaitgaist
9 11 fixeria
* virtual SIM, simulated in software
10
* remote SIM access, using PC/SC interface
11
* remote SIM access, using a Bluetooth enabled phone as reader
12 1 tsaitgaist
13
14 11 fixeria
h2. Requirements
15 7 tsaitgaist
16 11 fixeria
All the scripts are written in Ruby:
17 1 tsaitgaist
18
<pre>
19 11 fixeria
$ sudo apt-get install ruby
20 1 tsaitgaist
</pre>
21 11 fixeria
22 1 tsaitgaist
To use all tools, additional libraries and gems are required (you might want to use "sudo gem install" if you have ruby smartcard package loading problems):
23
24
<pre>
25 11 fixeria
$ sudo apt-get install rubygems ruby-dev libdbus-ruby pcscd ruby-serialport libpcsclite1 libpcsclite-dev libruby libxml-ruby
26
$ gem install --user-install smartcard
27 9 tsaitgaist
</pre>
28 1 tsaitgaist
29 11 fixeria
detailed information is in README.
30 9 tsaitgaist
31 11 fixeria
h2. Source code
32 9 tsaitgaist
33 11 fixeria
<pre>
34
$ git clone git://git.osmocom.org/softsim.git
35
</pre>
36 1 tsaitgaist
37 11 fixeria
h2. Tools
38 1 tsaitgaist
39 12 fixeria
h3. General description
40 1 tsaitgaist
41 12 fixeria
At the moment, the following tools are available:
42 9 tsaitgaist
43 12 fixeria
* demo_server.rb - (BT)SAP Server implementation. Can either talk to a PC/SC reader, or use a stored dump. Clients can connect either via UNIX socket, or using TCP/IP.
44
* demo_client.rb - (BT)SAP Client demo. Can connect to our demo_server.rb either via UNIX socket, or using TCP/IP. Alternatively can connect to a regular phone (that does support this profile) using Bluetooth. Basically executes a sequence of common APDUs.
45
* apdu_forward.rb - forwards APDUs from a UNIX socket to a (BT)SAP server using TCP/IP.
46 8 tsaitgaist
47 3 tsaitgaist
h3. SIM copy
48
49
<pre>
50
./demo_client.rb -t copy
51
</pre>
52 11 fixeria
53 3 tsaitgaist
This file can then be used by the SIMOS server to do softSIM.
54
55 11 fixeria
There are limitations to the copy. Only the body of the files with access condition ALWAYS or CHV1 can be read, otherwise only the header is saved. Ki (the secret key used for authentication and encryption) *can not be extracted* (SIM cards can not be cloned). Only some A38 triplets are saved.
56 3 tsaitgaist
57 11 fixeria
Copying a card takes > 5min. Sometimes the copy hangs (the APDU traffic is blocked).
58 9 tsaitgaist
I don't know the origin of this problem (smartcard gem, pcscd, reader, card, ???).
59
Just wait ~30s and it will continue.
60
61 13 fixeria
h2. Using with [[OsmocomBB]]
62
63
The [[mobile]] application implements (BT)SAP Client, so it can connect to a (BT)SAP Server and use its SIM card.
64
65
h3. Configuration
66
67
By default, [[mobile]] is configured to use '/tmp/osmocom_sap' as UNIX socket address. This address can be changed in the VTY configuration:
68
69
<pre>
70
ms 1
71
  ...
72
  sap-socket /tmp/osmocom_sap
73
  ...
74
</pre>
75
76 14 fixeria
You can also configure [[mobile]] to use (BT)SAP client as a SIM card interface at start-up:
77 13 fixeria
78
<pre>
79
ms 1
80
  ...
81
  sap-socket /tmp/osmocom_sap
82 1 tsaitgaist
  sim sap
83
  ...
84 14 fixeria
</pre>
85
86
h3. Running (with PC/SC reader)
87
88
First of all, make sure your PC/SC reader is connected and recognised properly:
89
90
<pre>
91
$ pcsc_scan
92
PC/SC device scanner
93
V 1.4.22 (c) 2001-2011, Ludovic Rousseau <ludovic.rousseau@free.fr>
94
Compiled with PC/SC lite version: 1.8.10
95
SCardEstablishContext: Service not available.
96
</pre>
97
98
this means that pcscd service is not running, start if required:
99
100
<pre>
101
# On old systems without systemd
102
$ sudo service pcscd start
103
104
# ... or with systemd
105
$ systemctl start pcscd.service
106
</pre>
107
108
and try again:
109
110
<pre>
111
$ pcsc_scan
112
PC/SC device scanner
113
V 1.4.22 (c) 2001-2011, Ludovic Rousseau <ludovic.rousseau@free.fr>
114
Compiled with PC/SC lite version: 1.8.10
115
Using reader plug'n play mechanism
116
Scanning present readers...
117
Waiting for the first reader...
118
</pre>
119
120
this means that a reader is not recognised. You're on your own to solve this.
121
122
If your reader is recognized without any issues, e.g.:
123
124
<pre>
125
$ pcsc_scan
126
PC/SC device scanner
127
V 1.4.22 (c) 2001-2011, Ludovic Rousseau <ludovic.rousseau@free.fr>
128
Compiled with PC/SC lite version: 1.8.10
129
Using reader plug'n play mechanism
130
Scanning present readers...
131
0: OmniKey AG CardMan 3021 00 00
132
133
Mon Jan 21 10:33:36 2019
134
Reader 0: OmniKey AG CardMan 3021 00 00
135
  Card state: Card removed,
136
</pre>
137
138
then you're ready ;)
139
140
Start the (BT)SAP Server:
141
142
<pre>
143
$ cd softsim/src/
144
$ ./demo_server.rb --type pcsc --socket unix --unix /tmp/osmocom_sap
145
</pre>
146
147
Finally, start the [[mobile]] application. If it's configured to use (BT)SAP interface, SIM reading would start immediately.
148
Otherwise you need to enable (BT)SAP interface manually:
149
150
<pre>
151
$ telnet 127.0.0.1 4247
152
Trying 127.0.0.1...
153
Connected to localhost.
154
Escape character is '^]'.
155
Welcome to the OsmocomBB VTY interface
156
157
OsmocomBB> en
158
OsmocomBB# sim sap 1
159
160
% (MS 1)
161
% Connecting to the SAP interface...
162 13 fixeria
</pre>
163
164 11 fixeria
h2. Bugs & more
165 1 tsaitgaist
166
Please contact the author if any bug is discovered.
Add picture from clipboard (Maximum size: 48.8 MB)