bladox.com Forum Index bladox.com
Turbo SIM Toolkit Adapter Forums
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Catching Paging events

 
Post new topic   Reply to topic    bladox.com Forum Index -> Development
View previous topic :: View next topic  
Author Message
bugra.hasbek



Joined: 14 Jul 2009
Posts: 26
PostPosted: Mon Dec 21, 2009 3:48 pm    Post subject: Catching Paging events Reply with quote
Hi

I made some research and it seems like it is possible to know that GSM network will send us RAND, before network actually sends it. GSM network broadcasts timsi before communicating with a sim, and sim responds to this broadcast, if timsi belons to it.I dont want to interrupt this process, i only want to monitor it. Is it possible?

According to etsi 11.11, timsi is stored in first 4 byte of ef_loci. So i decided to register loci file and check whether ef_loci is read. This method doesnt seem to work. Loci file is not read before receiving RAND Sad It is read at random intervals

What is wrong with my approach? Is there any way to catch paging events?

Here is related parts of my code. It might not compile because i deleted significant amount of unrelated code
Code:
 
u8 PROGMEM ef_imsi_path[] = { 0x3f, 0x00, 0x7f, 0x20, 0x6f, 0x07 };
u8 PROGMEM ef_loci_path[] = { 0x3f, 0x00, 0x7f, 0x20, 0x6f, 0x7E };

void g_fake_sim_file(File_apdu_data * fa)
{
   u16 ef = (fa->data[0] << 8) | fa->data[1];
   if(ef == 0x6f7e)
      dbsp("poll request\n");
}

void g_run_gsm (File_apdu_data * fa)
{
   dbsp("rand:");
   for(u8 i = 0 ; i < 16; i++)
   {
      dbch(fa->data[i]);
      dbsp(" ");
   }
   dbsp("\n");

   fa->data[0] = 0x9F;
   fa->data[1] = 0x0C;
}

void turbo_handler (u8 action, void *data)
{
   switch (action)
   {
      case ACTION_APP_INIT:
         reg_action(ACTION_RUN_GSM_ALGORITHM:);
         reg_file(ef_imsi_path, 3);
         reg_file(ef_loci_path, 3);
         break;
      case ACTION_RUN_GSM_ALGORITHM:
         g_run_gsm(data);
         break;
      case ACTION_FILE_APDU:
         g_fake_sim_file(data);
         break;
      default:
         break;
   }
}


Last edited by bugra.hasbek on Thu Dec 31, 2009 10:03 am; edited 2 times in total
Back to top
View user's profile Send private message
pz
Guest
PostPosted: Thu Dec 24, 2009 10:33 am    Post subject: Reply with quote
Hard to say, we've seen some phones play with LOCI more often than others, it's quite possible it's vendor/implementation depending.
Back to top
bugra.hasbek



Joined: 14 Jul 2009
Posts: 26
PostPosted: Thu Dec 31, 2009 10:40 am    Post subject: Reply with quote
I made some more research and it seems like the process is called paging, not polling! Paging is done using paging channel (pch). There are some stk functions related to channels such as open_channel_raw, get_channel_status and close_channel.

Do you think can those functions be used to monitor paging channel (pch) ? I read the documentation but i couldn't understand it. For example, open_channel_raw's documentation states that, first argument is destination (protocol, port, ip address). However paging channel doesn't have an ip address. it is a logical channel...

I would appreciate if you shed some light on channels subject. Can I monitor paging channel using stk functions or other means?

direction to other sources is also appreciated, I checked etsi 11.11 and 11.14 but i couldnt find anything relevant (except monitoring ef_loci which failed miserably)

thanks
Back to top
View user's profile Send private message
pz
Guest
PostPosted: Fri Jan 01, 2010 11:48 am    Post subject: Reply with quote
bugra.hasbek wrote:
I made some more research and it seems like the process is called paging, not polling! Paging is done using paging channel (pch). There are some stk functions related to channels such as open_channel_raw, get_channel_status and close_channel.

Do you think can those functions be used to monitor paging channel (pch) ? I read the documentation but i couldn't understand it. For example, open_channel_raw's documentation states that, first argument is destination (protocol, port, ip address). However paging channel doesn't have an ip address. it is a logical channel...


These calls are for STK Networking, i.e. you can open TCP|UDP/IP channels between SIM and some remote server.

Quote:

I would appreciate if you shed some light on channels subject. Can I monitor paging channel using stk functions or other means?

direction to other sources is also appreciated, I checked etsi 11.11 and 11.14 but i couldnt find anything relevant (except monitoring ef_loci which failed miserably)

thanks


Sorry, don't know.
Back to top
Display posts from previous:   
Post new topic   Reply to topic    bladox.com Forum Index -> Development All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group