Project

General

Profile

Wiki » History » Version 11

fontanon, 11/12/2018 09:26 AM

1 1 zecke2
Dieter Spaar has modified the shadysim.py to support the configured OTA mode on the sysmoUSIM-SJS1 (and by extension the SIM Cards issued at 31C3, the following camp and 32C3).
2
3
4 6 zecke2
h2. What is it about
5
6
7 1 zecke2
(U)SIM cards are Java capable and there is the Globalplatform that specifies standards API. SMS can
8
be addressed directly to the SIM card, the SIM card will get events for network selection and others, it
9
can modify call establishment attempts.
10
11
The following will show how to build the example applet and install it on your USIM. If you create plugins
12
please make them available as Free Software  and point us to them. If you find interesting Globalplatform
13
APIs or hacks please talk about it.
14
15
16 6 zecke2
h2. What you will need
17
18
19 1 zecke2
* sysmoUSIM-SJS1 card
20
* KIC, KID private keys of the card
21
* PCSC, serial card reader or be able to send SMS to the SIM card
22
* JDK to create Java1.1 bytecode to create/customize SIM Toolkit applets.
23
24
25 6 zecke2
h2. What you can read
26
27
28
* [[JavaCard]] API specification (http://www.andresteder.com/static/api/simtoolkitapi/sim/toolkit/package-summary.html)
29 1 zecke2
* 3GPP sim.toolkit API (http://www.etsi.org/deliver/etsi_ts/101400_101499/101476/07.00.00_60/ts_101476v070000p.pdf). Specially setEvent is a good keyword to look at!
30 5 zecke2
31 1 zecke2
32 6 zecke2
h2. Building an example applet
33
34
35
<pre>
36 1 zecke2
git clone git://git.osmocom.org/sim/sim-tools/
37
git clone git://git.osmocom.org/sim/hello-stk
38
cd hello-stk
39
make
40
ls -la ./build/javacard/org/toorcamp/HelloSTK/javacard/HelloSTK.cap
41 6 zecke2
</pre>
42 1 zecke2
43
If you have a javac in your system you have now built an example Helloworld applet.
44
45 7 iamdielenram
h2. More applets
46
47
Follow the same steps as building the Helloworld applet.
48
49
h3. SMS I'm alive
50
51 8 fontanon
Applet to deliver an SMS the very first time the SIM registers in the GSM/GPRS network "https://github.com/PodgroupConnectivity/sim-applet-sms-im-alive":https://github.com/PodgroupConnectivity/sim-applet-sms-im-alive
52 7 iamdielenram
<pre>
53
git clone https://github.com/PodgroupConnectivity/sim-applet-sms-im-alive.git
54
</pre>
55
56
h3. APN autoconfiguration
57
58 11 fontanon
Applet to configure a PDP Context with a correct APN via RUN AT proactive command "https://github.com/PodgroupConnectivity/sim-applet-apn-autoconf":https://github.com/PodgroupConnectivity/sim-applet-apn-autoconf
59 7 iamdielenram
<pre>
60
git clone https://github.com/PodgroupConnectivity/sim-applet-apn-autoconf.git
61
</pre>
62
63
h3. Data heartbeat
64
65 10 fontanon
Applet to monitor the status of data connectivity over-the-air "https://github.com/PodgroupConnectivity/sim-applet-data-heartbeat":https://github.com/PodgroupConnectivity/sim-applet-data-heartbeat
66 7 iamdielenram
<pre>
67
git clone https://github.com/PodgroupConnectivity/sim-applet-data-heartbeat.git
68
</pre>
69 1 zecke2
70 6 zecke2
h2. Working with a PC/SC reader
71
72
73 1 zecke2
Make sure you have the KIC1, KIC2, KIC3 and KID1, KID2 and KID3 for your card. If you have a
74
CCC Event card from 31C3 or later you should be set and for the sysmoUSIM-SJS1 be sure to buy
75
the option that includes the ADM1 keys as otherwise no OTA keys will be provided to you (you will
76
have to buy a new batch of cards then).
77
78 6 zecke2
<pre>
79 4 zecke2
#Clone if you have not done the above
80 1 zecke2
git clone git://git.osmocom.org/sim/sim-tools/
81
cd sim-tools/shady-sim
82 3 zecke2
83 2 zecke2
# Load the applet
84 6 zecke2
python shadysim.py --pcsc -l [[HelloSTK]].cap -i [[HelloSTK]].cap \
85 2 zecke2
          --enable-sim-toolkit --module-aid d07002ca44900101 \
86 1 zecke2
          --instance-aid d07002CA44900101 \
87 2 zecke2
          --nonvolatile-memory-required 0100 \ 
88 1 zecke2
          --volatile-memory-for-install 0100 \
89
          --max-menu-entry-text 15 \
90
          --max-menu-entries 05 --kic KIC1 \
91 2 zecke2
          --kid KID1
92
93 1 zecke2
# Delete it (it takes time)
94
python shadysim.py --pcsc -d d07002CA449001 \
95
          --kic KIC1 \
96 3 zecke2
          --kid KID1
97 6 zecke2
</pre>
98 1 zecke2
99
100 6 zecke2
101
h2. Working with a SMPP reader
102
103 5 zecke2
104
Instead of directly interacting with the SIM through a PCSC reader the APDU is sent through SMPP. Replace
105
the --pcsc call with --smpp and lines starting with SMPP are printed. These then need to be sent.
Add picture from clipboard (Maximum size: 48.8 MB)