I am trying to read and update some elementary files on a SIM. the question is what should be the SPI for a read/update command PDU? In other words, what privileges I need in order to update an elementary file on the SIM?
3GPP TS 23.048 defines standards for doing remote file (RFM) and remote applet management(RAM). But keep in the mind that implementations may differ by each SIM vendor and access conditions to that file might be different than expected according to standard. Content and structure SIM/USIM files are defined according to 3GPP TS 31.102. For example in order to update SMSC address on SIM card , commands should be sent in the following order :
Select 3F00
Select DF 7F10 under MF 3F00
Select EF 6F42 under DF 7F10
Update EF 6F42
Have a look section 4.7 to see SIM file structure from 3GPP TS 31.102
Have a look section 5 to see APDU packet structure from 3GPP TS 23.048
Constructing the Update command requires the parameters that should be obtained from the SIM card vendor,
TAR (toolkit application reference)
MSL (minimum security level setting)
CNTR value
According to MSL value, KiC and KiD(OTA keys) might be required
SPI(Security Parameter Indicator)
Related
In terms of BLE, I'm getting a little confused between the terms and their usage in BlueZ:
Manufacturer Data
Service Data
Advertising Data
I'm going to try to sum up what I understand and where that falls apart.
From here there is a payload in the Advertising Packet that is 31 bytes long that can be used for User Defined Data.
However, BlueZ in its advertising API have a different notion of data. It takes a dict which is of <type> <byte array> from the docs.
Looking a little more you can come across this table which seems to be of the same two byte type and data structure.
It has user defined payload in terms of:
0xFF «Manufacturer Specific Data» Bluetooth Core Specification:Vol. 3, Part C, section 8.1.4 (v2.1 + EDR, 3.0 + HS and 4.0)Vol. 3, Part C, sections 11.1.4 and 18.11 (v4.0)Core Specification Supplement, Part A, section 1.4
So I downloaded the spec to try to read up on the distinction, which leads me to this sentence that I don't quite follow:
The data is sent in advertising or periodic advertising events. Host Advertising
data is placed in the AdvData field of ADV_IND, ADV_NONCONN_IND,
ADV_SCAN_IND, AUX_ADV_IND, and AUX_CHAIN_IND PDUs. Additional
Controller Advertising Data is placed in the ACAD field of AUX_ADV_IND,
AUX_SYNC_IND, and AUX_SCAN_RSP PDUs. Periodic Advertising data is
placed in the AdvData field of AUX_SYNC_IND and AUX_CHAIN_IND PDUs.
Scan Response data is sent in the ScanRspData field of SCAN_RSP PDUs or
the AdvData field of AUX_SCAN_RSP PDUs. If the complete data cannot fit in
the AdvData field of an AUX_ADV_IND, AUX_SYNC_IND, or
AUX_SCAN_RSP PDU, AUX_CHAIN_IND PDUs are used to send the
remaining fragments of the data. An AD Structure may be fragmented over two
or more PDUs
Also when I look in the BlueZ implementation of their own DBUS API, I see they provide a way to fill in manufacturing data but no way to change the type of advertising (ADV_NONCONN vs ADV_CONN)
.
They also do have an adv_data type but it's only 25 bytes? Why can I not get the full 31 bytes?
https://github.com/bluez/bluez/blob/cbbb0c2ead89ed19280ecd94e8a2fb0d22216bb6/client/advertising.c#L55
Actual Questions:
When implementing a BT peripheral using BlueZ do I have 31 or 25 bytes. Can I fill in both Service Data and Manufacturer Data for a total of 50 bytes??
Is Manufacturer Data an abstraction over Advertising Data? If so how can I access the underlying Advertising Data? If not, can I theoretically fill in both Advertising and Manufacturer data?
The image below created by Jos Ryke might be helpful to visualise what is happening.
As shown in the image, ADV FLAGS and Advertisement data make up the 31 bytes advertising payload, but there are only 26 bytes for data available. The image contains examples of Manufacturer Data (type = FF) and Service Data (type = 16)
In the D-Bus API, to change the type of advertising (ADV_NONCONN vs ADV_CONN) use the type property:
https://git.kernel.org/pub/scm/bluetooth/bluez.git/tree/doc/advertising-api.txt#n37
broadcast = ADV_NONCONN
You can have both service and manufacturer data in the same advertisement (see example https://git.kernel.org/pub/scm/bluetooth/bluez.git/tree/test/example-advertisement#n141) but it cannot be longer than 31 bytes. With BlueZ, you can register (if I remember correctly) up to four advertisements that will be sent as different packets.
So in summary, service data and manufacturer data are sub elements types within advertising payload. BlueZ allows you to build up the different data types you want in your advertisement and then register it for broadcast.
We are using Redhawk for an FM modulator. It reads an audio modulating signal from a file, performs the modulation, then sends the modulated data from Redhawk to an external program via TCP/IP for DAC and up-conversion to RF.
The data flows through the following components: rh.FileReader, rh.DataConverter, rh.fastfilter, an FM modulator, rh.DataConverter, and rh.sinksocket. The FM modulator is a custom component.
The rh.sinksocket sends data to an external server program that sends the samples from Redhawk to an FPGA and DAC.
At present the sample rate appears to be controlled via the rh.FileReader component. However, we would like the external DAC to set the sample rate of the system, not the rh.FileReader component of Redhawk, for example via TCP/IP flow control.
Is it possible to use an external DAC as the clock source for a Redhawk waveform?
The property on FileReader dictating the sample rate is simply telling it what the sample rate of the provided file is. This is used for the Signal Related Information (SRI) passed to down stream components and then output rate if you do not block or throttle. Eg. FileReader does not do any resampling of the given file to meet the sample rate given.
If you want to resample to a given rate you can try the ArbitraryRateResampler component.
Regarding setting these properties via some external mechanism (TCP/IP) you would want to write a specific component or REDHAWK service that listens for this external event and then makes a configure call to set the property you'd like changed.
If these events are global and can apply to many applications on your domain then a service is the right pattern, if these events are specific to a single application then a component might make more sense.
I'm sorting out how to achieve the following, I want to use smart or memory cards in a project. The cards should be read by standardized card readers (for example ACR38). When they are read by the computer ( command line or by a software (processing or p5js or similar), there should be a popup a window which shows the contents of the card being a picture and a text. Bit similar when I use my regular ID to be read by my E-idsoftware.
For the moment the card I have is this one SLE4428 (at the bottom instructions from the vendor)
These have no data on it yet and are bought blank
=> datasheet
The software I found but don't know if it's suited for my project and how to specifically use it is the following.
Opensource tools that I found when searching for SC cards software (no id how to use them.)
https://linux.die.net/man/1/opensc-tool
https://linux.die.net/man/1/opensc-explorer
I looked at my smartcard reader and found that http://www.acr38u.com/
is a platform but has to be payed for and I'm unable to found sofware for this on linux or apple.
Again here I found a datasheet with hex code to connect to the card, but still not how to physically connect to the cards.
This site shows many points of a working shell but I can't find the installer for it. opendsc
Then lastly this is the most promising and I already contacted the maker of it. But installation gets stuck in the make process (which I've already searched for and is not solution yet, being at it for a week now so therefore this post, maybe the community can help with an alternative look)
This is the explanation from the vendor side (Aliexpress) which is kind of specific. Though I don't know where to input these hex codes to write or read from the card. (there is a software but it's windows (If there is somebody that can say, that the way to solve the core question of my project then I'll try to get a windows pc to work on it via that way))
ISO7816 SLE 4442 Chip PVC Contact Smart Card (0.8* 85.5 * 54mm)
If you need write the 4442 cards,you should buy the contact smart reader writer!! 4442 cards not support 13.56mhz rfid writer!!!
NOTE:There is NO magnetic strip behind the card.
Graphics Quality Cards For All Photo ID Card Printers Including
DataCard, Zebra, Fargo, Evolis, Magicard, NBS & etc.
(These Cards Will Not Work In Inkjet Printers)
If you need 100pcs 4442 cards,pls check the links below:
[https://www.aliexpress.com/store/product/100-pcs-lot-ISO7816-RFID-Contact-SLE-4442-Chip-PVC-Smart-Card/516120_32425491077.html?spm=2114.12010608.0.0.R0bzFx][1]
Features:
Standard:ISO7816
Product Chip:SLE4442
Color:White
Dimension: L 85.5 x W 54 x H 0.80±0.04mm
256 × 8-bit EEPROM organization
32 × 1-bit organization of protection memory
erase cycles more than 100,000 times
Data retention for minimum of ten years
Default passwords: FFFFFF
3 bytes for error counter and card secret code area
1,Write protected area (first 32 bytes) of each byte can be individually write protected, After write,the data can't be changed.
2, Before checking the password, all the data can be read, if necessary,you could encryption data.
3, After confirm password is correct,the data could be write or modify.
4, The 3 bytes of user passwords, after confirm is correct,it could be change.
5, The password error counter, the initial value of 3, check the error code 1, then subtract 1, if the counter value is 0, the card is automatically locked, the data just read out, no longer change can no longer be password verification; if zero, the one time password verification is correct, restore to the initial value.
6, The byte address 0-5,6-7 factory prior written by the manufacturers can not be changed.
The specifics for this question lies in either
A: How can I achieve a working environment on linux or mac (first) to read and write data on an sc card (the one I have or !B: a working alternative)
C: Create a viewer program or webapp, etc.. to view or route the data to when the SC card is being read. (This would be a valid question, If i where to chose a Windows based existing program, I think)
Because this is not code specific, but I still want people that have the same questions to be able to see this page to show them pletora of scripts and ways to approach this or similar SC project.
This guy knows a lot about OpenSC!
I have a raw data file of a sound recording, with each sample stored as a 16 bit short. I want to play this file through Redhawk.
I have a file_source_s connected to AudioSink like so:
I was expecting to hear sound from my speakers when starting these components. But when I start both components, I cannot hear any sound.
Here are the file_source_s properties values:
filename: name
itemsize: 2
repeat: true
seek: true
seek_point: 0
whence: SEEK_SET
I know:
the problem is not AudioSink. I have tested the AudioSink with the signal generator (SigGen) and I could hear sound through my speakers.
file_source_s is finding the file. When I put in a non-existent file name, file_source_s gives the "No such file or directory" error. I can also see the first 1024 bytes of the file when I plot the short_out port, but the plot does not update.
The AudioSink component uses the information from the received SRI (Signal Related Information) in order to determine the audio's sample rate. This is seen here from line 156 of the AudioSink component:
int sample_rate = static_cast<int>(rint(1.0/current_sri.xdelta));
It receives the SRI from downstream components, in this case, file_source_s.
The component file_source_s is part of the gnuhawk component package. The GNUHAWK library provides software that enables a GNU Radio block to be integrated into the REDHAWK software framework. Since SRI is a REDHAWK construct and not present in GNURADIO, it does not appear as though the file_source_s block gathers enough information via properties to represent the correct xdelta / sample rate for the audio file.
I'd recommend using a pure REDHAWK component like DataReader which takes in as a property the sample rate.
I am trying to understand the concept of java card , I have some doubts , I want to share with , perhaps you would any best suggestion for me.
//Jcop- I read somewhere that Java Card OpenPlatform (JCOP) is a smart card operating system for the Java Card platform developed by IBM Zürich Research Laboratory.
question 1- if this above sentence is right it means jcop is an operating system developed by IBM, handle all operation inside the card.right?
I have a card which indicate
ATR like- 3b 89 80 01 4a ....40 ( in character form it indicate- ;---jcop41v22m) ,
so can i say? this is a card which o.s is made by IBM. and we require only and only JCOP tool to send cap inside this card because OS inside is JCOP and jcop tool would be the only option to talk to jCOp card?
question 2- or is there any other method by which i can send the applet inside my card?
enable_trace
establish_context
card_connect
select -AID a0000000030000
open_sc -security 1 -keyind 0 -keyver 0 -mac_key 404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f // Open secure channel
delete -AID D0D1D2D3D4D50101
delete -AID D0D1D2D3D4D501
delete -AID D0D1D2D3D4D50101
install -file helloworld.cap -nvDataLimit 500 -instParam 00 -priv 2
# getdata
# close_sc // Close secure channel
# putkey // Put key
// options:
// -keyind Key index
// -keyver Key version
// -key Key value in hex
card_disconnect
release_context`
question 3- above code i got from gpshell 1.4.4 , the code style indictate that this is also a method tp send cap file inside the java card, I want to know that for my card case { atr is -3b 89 80 01 4a ....40 ( in character form it indicate- ;---jcop41v22m)} , I can apply gpshell to send .cap file in my card.
question 4- is gpshell is used to send cap into a special java card which is not jcop enable or which does not contaion jcop operating system?
there are so many techniques , so many type of java card, it makes me confuse , I hope you seems this question genuine and would give me revert back
regards:-
The question is good. I see a lot of people that work with smart card for years and cannot still get the picture.
What you read is right JCOP is operating system for smart cards.
Although it is NOT true that you have to use JCOP tool to deploy applets. They might be helpful but it is not the only way. In fact what you need to know is what version of Global Platform is supported by your card. Global Platform is the standard that defines how Card Contend is managed. This includes installation, security concept and so on. For example if your card support GP 2.1.1 you should use this document as a reference:
http://www.win.tue.nl/pinpasjc/docs/Card%20Spec%20v2.1.1%20v0303.pdf
All the tools like gpshell, jcshell are wrapping global platform commands in more user friendly commands, and also implementing the security protocols for you. So you can use whatever tool that supports the GP version of your target card.
I hope this makes it a bit more clear.
Answer to the subject of the question is:
NO.
Have a look at https://github.com/martinpaljak/GlobalPlatform
NXP currently owns JCOP, you should go to them for questions.
Yes, the VM inside a Java Card implementation executes all byte code.
You can use any Global Platform compatible library, although there are some implementation mistakes that could make a difference.
Try it, it should work
Java Card is a standard, and implementations are tested by Oracle, so sending your Applet to another card should work *1
*1 unless you make assumptions that are not cleared up in Java Card, use too much stack or heap memory for that card, use crypto algorithms that are not present, Java Card API's that have not been implemented by the other card, or of course, proprietary JCOP functionality.
The answer to question 1 is "no". You shouldn't rely on the historical bytes "jcop41v22" in the ATR to recognize the type of card. Any Java Card applet can change these bytes.
Q1&Q2: No.It's right that Java Card OpenPlatform (JCOP) is a smart card operating system for the Java Card platform.But it's not the only tool to deploy applet. For example,i'm using PyAPDUTool to send cap file inside the java card.
Q3: Yes,you can use gpshell to send .cap file in your card.
Q4: NO,you can also send your applet to other javacards.
NO.
You can take a look at this website "www.javacos.com" . On this the tool of jcide also can get what you want And it is free of charge.Although some function is not very perfect.