Proposed OTA Test Tools¶

This page documents various ideas we have regarding a set of tools for convenient testing of SIM OTA functionality. None of this is implemented below.

The general idea is to have a couple of re-usable modular tools, each implementing one particular part only.

Our initial focus is on SMS based OTA, as this is the least common denomiator between the various OTA transport mechanisms.

SMPP-to-PCSC¶

The purpose of this tool is to allow exchange of OTA SMS with a SIM card without having to set up a cellular network or even without using a phone/modem.

The proposed tool offers two interfaces:

• a SMPP interface (SMSC role) to allow exchanging SMS with external programs (so-called ESMEs in SMPP vocabulary)
• a user-side PC/SC interface to talk to SIM cards

The idea is that you run this against a SIM card you have locally inserted in a smart card reader, and that any SMS received on the SMPP interface will be delivered to the SIM via the ENVELOPE-SMS mechanism of proactive SIM. To the SIM card, this looks exactly identical to how an OTA-SMS is handed to it while inserted into a UE (phone, modem).

Any responses provided by the SIM should then obviously also be handed back to the external program via SMPP.

The user starting the tool would have to provide the details such as

• IP/port to bind the SMPP interface to
• system_id/password of ESME allowed to connect
• PC/SC reader name / number

03.48 OTA core libary¶

This libary would implement the TS 03.48 secure APDU encoding/decoding, including

• 3DES and AES encryption/decryption
• padding
• MAC generation / verification
• CRC generation / verification

Virtual OTA card reader¶

The purpose of this tool is to allow existing smart card software (such as for example pySim-shell) to talk to SIM cards via OTA.

The proposed tool offers two interfaces:

• an emulated PC/SC card reader towards pcscd (e.g. by using ifd-vpcd)
• a SMPP interface (ESME role) to allow exchanging SMS with external SMSC, such as
  • a real, commercial cellular network, or
  • a private cellular network, e.g. using osmo-msc), or
  • the above-mentioned SMPP-to-PCSC tool, talking to a SIM card in a smart card reader

Any Command-APDU arriving on the PC/SC side would undergo

• TS 03.48 OTA encapsulation/encyption/MAC
• SMS TPDU encapsulation
• transmitted via SMPP

Any SMS arriving on the SMPP side would undergo

• SMS TPDU decapsulation
• TS 03.48 OTA decapsulation/decryption/MAC
• Response-APDU handed back via PC/SC

The user starting the tool would have to provide the details such as

• OTA key material
• MSL
• MSISDN to which to send the generated SMS
• IP/port + credentials for the SMPP interface (System ID, password)