7 Replies Latest reply: May 21, 2012 6:56 AM by Umer RSS

    store data in SIM card and STK applet

    Vivien
      Hi, I am new to this topic, so sorry that I have many questions about what can do and what cannot do with a SIM card. And I think I have confusion of some definitions. Here are my questions:

      1) Can I store some data by creating a file under the file system of the SIM card? Then can I define its access condition such as "UPDATE CHV1" when I create it?

      It seems that this part is covered in ISO/IEC 7816-9, which I don't have access to it. But is it possible? Or is there any other (/better) way to achieve that?


      2) What is the difference between "STK applet" and "JavaCard applet that is deployed on the SIM card"? (most confusing)

      I saw some people saying that STK applet can receive events signals such as SMS arrival. So when we are developing an applet using the javacard kit ourselves, how do I know if it is a STK applet or a normal applet?

      In which case do I have to develop a STK applet (I guess maybe when I want to display a message on the handset?), and in which case it's better to develop a JavaCard applet (examples)?

      And in any case, in order to communicate and process message with the applet on the SIM card, we also need to develop some applet on the handset, is that right?


      3) If I want to deploy (load and install) an applet onto the SIM card, do I really NEED some special authorization such as special keys from the operator?

      Because I saw people mentioning it from time to time. If so, what should I do without the key for test or demo, using a test SIM card???


      Any answer is welcome. Thanks a million!!!
      Wenting

      Edited by: 934624 on May 16, 2012 2:18 AM
        • 1. Re: store data in SIM card and STK applet
          Umer
          934624 wrote:
          Hi, I am new to this topic
          Welcome
          1) Can I store some data by creating a file under the file system of the SIM card?
          Yes
          Then can I define its access condition such as "UPDATE CHV1" when I create it?
          Yes
          It seems that this part is covered in ISO/IEC 7816-9, which I don't have access to it. But is it possible?
          Possible what ?
          Or is there any other (/better) way to achieve that?
          Achieve what ? If you are looking for a method for creating a file then you should follow the specs otherwise SIM card will reject your command.
          2) What is the difference between "STK applet" and "JavaCard applet that is deployed on the SIM card"? (most confusing)
          Java Card applet is a subset of STK applet. Java card applet can only handles APDUs send by the CAD while STK applet can also handles events triggered by the user via ME. Also, it can handle proactive commands etc
          I saw some people saying that STK applet can receive events signals such as SMS arrival. So when we are developing an applet using the javacard kit ourselves, how do I know if it is a STK applet or a normal applet?
          When you will write STK applet then you will need to use special APIs provided by ETSI like:
           sim.access and sim.toolkit
          then you are developing STK application ;)
          In which case do I have to develop a STK applet (I guess maybe when I want to display a message on the handset?), and in which case it's better to develop a JavaCard applet (examples)?
          Its not your choice. I think it depends on the requriement. For example when your applet needs to handle events then you will need to write STK and when only APDUs are point of concern then go for java card applet
          And in any case, in order to communicate and process message with the applet on the SIM card, we also need to develop some applet on the handset, is that right?
          No, its wrong
          If I want to deploy (load and install) an applet onto the SIM card, do I really NEED some special authorization such as special keys from the operator?
          Yes,
          Because I saw people mentioning it from time to time. If so, what should I do without the key for test or demo, using a test SIM card???
          You can use fake keys.

          Hope it helps

          Regards,
          • 2. Re: store data in SIM card and STK applet
            Vivien
            Hi Umer,

            Thanks a lot for your answers!! It is very helpful indeed. I have two further questions about your answers if you don't mind.

            1) My purpose is to store some private data in the sim card which cannot be changed (or even not readable like the authentication key Ki). So one way I think of is to create a file with special access conditions. For this method I am looking for the APDU command to do that. But I can only find very general information about that, e.g. the INS is E0 and nothing more. So do you know where can I get this APDU specification? The other way I am thinking about is to store the data as an object in the applet. As to this I am not sure how secure it would be.

            2) What do you mean by using "fake keys" if I want to load the applet on a sim card?

            Thanks a lot!!

            regards,
            wenting
            • 3. Re: store data in SIM card and STK applet
              Umer
              >
              Thanks a lot for your answers!! It is very helpful indeed.
              If it helps then click on the Helpful button to indicate others.

              I have two further questions about your answers if you don't mind.
              I will not ;)
              1) My purpose is to store some private data in the sim card which cannot be changed (or even not readable like the authentication key Ki). So one way I think of is to create a file with special access conditions. For this method I am looking for the APDU command to do that. But I can only find very general information about that, e.g. the INS is E0 and nothing more. So do you know where can I get this APDU specification? The other way I am thinking about is to store the data as an object in the applet. As to this I am not sure how secure it would be.
              You can do either way. If will store in files then make files permission to never read and never updated. And you will mentioned these permissions during the creation of the file. You can find the specification of the APDU in ISO-7816-9 (if I am not wrong).

              And, also if you are storing that information in a byte array then you can make it private then it will not be accessible outside.
              2) What do you mean by using "fake keys" if I want to load the applet on a sim card?
              By fake keys I mean you can generate your own keys like dummy ones randomly.



              Regards
              • 4. Re: store data in SIM card and STK applet
                Vivien
                Thanks. I didn't notice there's a helpful button :P

                Sorry that I still don't get the idea of fake keys. For example if I have a normal SIM card issued by some operator and I want to use it for development, can I load my applet on it by creating the dummy keys? Or do you mean I buy some test SIM cards, create my dummy key and access to it?

                thanks and regards,
                • 5. Re: store data in SIM card and STK applet
                  Umer
                  934624 wrote:
                  Thanks. I didn't notice there's a helpful button :P
                  hmm : )
                  Sorry that I still don't get the idea of fake keys. For example if I have a normal SIM card issued by some operator and I want to use it for development,
                  No, you can't as they are locked.
                  can I load my applet on it by creating the dummy keys?
                  No you cannot
                  Or do you mean I buy some test SIM cards, create my dummy key and access to it?
                  Yes, you will need test cards. and make sure to get documents of the cards before buying...
                  • 6. Re: store data in SIM card and STK applet
                    Vivien
                    I see. Now I have no more questions :D Thanks a lot for your time!!

                    regards,
                    • 7. Re: store data in SIM card and STK applet
                      Umer
                      welcome : -)