Proposed OTA Test Tools » History » Version 2
laforge, 06/02/2023 10:38 AM
1 | 1 | laforge | h1. Proposed OTA Test Tools |
---|---|---|---|
2 | |||
3 | This page documents various ideas we have regarding a set of tools for convenient testing of SIM OTA functionality. None of this is implemented below. |
||
4 | |||
5 | The general idea is to have a couple of re-usable modular tools, each implementing one particular part only. |
||
6 | |||
7 | Our initial focus is on SMS based OTA, as this is the _least common denomiator_ between the various OTA transport mechanisms. |
||
8 | |||
9 | |||
10 | h2. SMPP-to-PCSC |
||
11 | |||
12 | The purpose of this tool is to allow exchange of OTA SMS with a SIM card without having to set up a cellular network or even without using a phone/modem. |
||
13 | |||
14 | The proposed tool offers two interfaces: |
||
15 | * a SMPP interface (SMSC role) to allow exchanging SMS with external programs (so-called ESMEs in SMPP vocabulary) |
||
16 | * a user-side PC/SC interface to talk to SIM cards |
||
17 | |||
18 | The idea is that you run this against a SIM card you have locally inserted in a smart card reader, and that any SMS received on the SMPP interface will be delivered to the SIM via the ENVELOPE-SMS mechanism of proactive SIM. To the SIM card, this looks exactly identical to how an OTA-SMS is handed to it while inserted into a UE (phone, modem). |
||
19 | |||
20 | Any responses provided by the SIM should then obviously also be handed back to the external program via SMPP. |
||
21 | |||
22 | The user starting the tool would have to provide the details such as |
||
23 | * IP/port to bind the SMPP interface to |
||
24 | * system_id/password of ESME allowed to connect |
||
25 | * PC/SC reader name / number |
||
26 | |||
27 | 2 | laforge | Initial WIP implementation at https://gitea.osmocom.org/sim-card/pysim/src/branch/laforge/ota/smpp2sim.py |
28 | |||
29 | 1 | laforge | h2. 03.48 OTA core libary |
30 | |||
31 | This libary would implement the TS 03.48 secure APDU encoding/decoding, including |
||
32 | * 3DES and AES encryption/decryption |
||
33 | * padding |
||
34 | * MAC generation / verification |
||
35 | * CRC generation / verification |
||
36 | |||
37 | 2 | laforge | This is part of pySim master: https://gitea.osmocom.org/sim-card/pysim/src/branch/master/pySim/ota.py |
38 | 1 | laforge | |
39 | h2. Virtual OTA card reader |
||
40 | |||
41 | The purpose of this tool is to allow existing smart card software (such as for example pySim-shell) to talk to SIM cards via OTA. |
||
42 | |||
43 | The proposed tool offers two interfaces: |
||
44 | * an emulated PC/SC card reader towards pcscd (e.g. by using "ifd-vpcd":https://github.com/frankmorgner/vsmartcard/tree/master/virtualsmartcard/src/ifd-vpcd) |
||
45 | * a SMPP interface (ESME role) to allow exchanging SMS with external SMSC, such as |
||
46 | ** a real, commercial cellular network, or |
||
47 | ** a private cellular network, e.g. using [[osmomsc:|osmo-msc]]), or |
||
48 | ** the above-mentioned SMPP-to-PCSC tool, talking to a SIM card in a smart card reader |
||
49 | |||
50 | Any Command-APDU arriving on the PC/SC side would undergo |
||
51 | * TS 03.48 OTA encapsulation/encyption/MAC |
||
52 | * SMS TPDU encapsulation |
||
53 | * transmitted via SMPP |
||
54 | |||
55 | Any SMS arriving on the SMPP side would undergo |
||
56 | * SMS TPDU decapsulation |
||
57 | * TS 03.48 OTA decapsulation/decryption/MAC |
||
58 | * Response-APDU handed back via PC/SC |
||
59 | |||
60 | The user starting the tool would have to provide the details such as |
||
61 | * OTA key material |
||
62 | * MSL |
||
63 | * MSISDN to which to send the generated SMS |
||
64 | * IP/port + credentials for the SMPP interface (System ID, password) |
||
65 | 2 | laforge | |
66 | WIP: https://gitea.osmocom.org/sim-card/pysim/src/branch/laforge/ota/vpcd2smpp.py |