simtrace

simtrace@lists.osmocom.org

346 discussions

Regarding the production of Simtrace2 pcb,
by three0fat＠gmail.com 29 May '23

29 May '23

https://gitea.osmocom.org/sim-card/simtrace/src/branch/master/hardware/pcb/… I am a novice Xiaobai, I am very interested in this project. So I made the pcb by myself, according to the content of the website above. But I can't get it into the program, which annoys me. I don't know if it's my hardware that's wrong. It's still a problem with my software. I hope that the teacher who understands can help me check it out, thank you very much here.

2 5

Call for Help: Test data from SIM cards for pySim-shell decoder unit tests
by Harald Welte 29 Jan '23

29 Jan '23

Hi all! I'm currently adding unit tests for the various pySim encoder/decoder classes for the variouus SIM/UICC/USIM/ISIM files. [1] In order to increase the test coverage, I would appreciate any help in obtaining test data, particularly for the more "exotic" (or recently introduced) files, related to DF.5GS, ADF.ISIM or even DF.WLAN or the like. So if you have any SIM cards with related files populated, I would appreciate some test data. You can simply send me a copy+paste of the respective 'read_binary' / 'read_records' command, or a partial 'export'. In the latter case, please make sure to redact/remove your IMSI/ICCID/MSISDN/Kc data to prevent leaking privacy related information. Thanks in advance. Regards, Harald [1] https://gerrit.osmocom.org/c/pysim/+/24012 -- - Harald Welte <laforge(a)gnumonks.org> https://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

SIMtrace2 - osmo-remsim-client - can't open USB device
by Bruno Natali 23 Jan '23

23 Jan '23

Hello, Recently I acquired a SIMtrace2 card unit with ATSAM3S in order to build a P.O.C. of the communication of the SIM card and the modem remotely, but I could not make the application to communicate via USB with the SIMtrace2. I followed this steps (all of them) https://osmocom.org/projects/simtrace2/wiki/Cardem After I run this command: osmo-remsim-client-st2 --usb-vendor 1d50 --usb-product 60e3 --usb-path 1-2.2 --usb-config 1 --client-id 1 --client-slot 1 --server-ip 127.0.0.1 --server-port 9998 -d DMAIN,1:DST2,1:DRSPRO,1 I'm stuck in this error (even running as sudo): DMAIN DEBUG fsm.c:456 CLIENT_MAIN(main){INIT}: Allocated DRSPRO DEBUG fsm.c:456 RSPRO_CLIENT(server){INIT}: Allocated DRSPRO DEBUG fsm.c:456 RSPRO_CLIENT(server){INIT}: Allocated DRSPRO DEBUG remsim_client_main.c:185 RSPRO_CLIENT(server){INIT}: Received Event SRVC_E_ESTABLISH DRSPRO DEBUG ../rspro_client_fsm.c:355 RSPRO_CLIENT(server){INIT}: state_chg to REESTABLISH DRSPRO INFO ../rspro_client_fsm.c:308 RSPRO_CLIENT(server){REESTABLISH}: Creating TCP connection to server at localhost:9998 DMAIN ERROR user_simtrace2.c:430 can't open USB device Additional information: - Host S.O.: Debian 10 armhf. Also tried on Ubuntu 22 x64 - I've tried to recompile software following `Get and compile the software`, but these steps really doesn't work. Then I tried aclocal, autoconf, automake --add-missing & ./configure but nothing of them can rid of the error: cannot find input file: `include/Makefile.in' - SIMtrace2 firmware: $ sudo simtrace2-list USB matches: 2 1d50:60e3 Addr=8, Path=1-1.3, Cfg=1, Intf=0, Alt=0: 255/2/0 (CardEmulator Modem 1) 1d50:60e3 Addr=8, Path=1-1.3, Cfg=2, Intf=0, Alt=0: 255/255/0 (0.8.1.58-773d) Sorry if this issue was addressed in another email, I even tried looking in the archives but the archives page is not very user friendly. Thanks for your support, Bruno Natali

2 2

Unable to complete ATR with remSIM
by Ken Andrews 17 Jan '23

17 Jan '23

Hello, I’m trying to get basic functionality working with remSIM but am stuck with a failure after what looks like an initial handshake. It appears that the client sees an error in the connectClientRes it receives from the server. For now I’m trying to keep things simple by running on a single (VMWare Fusion) Ubuntu 22.04 VM. I’ve noticed that your CI/CD test setup uses multiple VMs. Is this a requirement? Many thanks, Ken osmo-remsim-apitool -a /clients: {'clients': [{'peer': 'C0:1', 'state': 'CONNECTED_CLIENT', 'component_id': {'type_': 'remsimClient', 'name': 'simtrace2', 'software': 'remsim-client', 'swVersion': '1.0.0.38-b890.202212090008'}}]} /banks: {'banks': [{'peer': 'B1', 'state': 'CONNECTED_BANKD', 'component_id': {'type_': 'remsimBankd', 'name': 'simtrace2', 'software': 'remsim-bankd', 'swVersion': '1.0.0.38-b890.202212090008'}, 'bankId': 1, 'numberOfSlots': 1}]} /slotmaps: {'slotmaps': []} osmo-remsim-apitool -m 1 0 0 1 14:50:24.081685 IP localhost.37287 > localhost.9999: Flags [P.], seq 5:88, ack 1, win 512, options [nop,nop,TS val 1173593478 ecr 1173593477], length 83 0x0000: 4500 0087 9633 4000 4006 a63b 7f00 0001 E....3@.@..;.... 0x0010: 7f00 0001 91a7 270f 9bf7 ee84 1b76 f420 ......'......v.. 0x0020: 8018 0200 fe7b 0000 0101 080a 45f3 9d86 .....{......E... 0x0030: 45f3 9d85 0050 ee07 304d 8001 0281 0100 E....P..0M...... 0x0040: a245 a243 3039 0a01 0016 0973 696d 7472 .E.C09.....simtr 0x0050: 6163 6532 800d 7265 6d73 696d 2d63 6c69 ace2..remsim-cli 0x0060: 656e 7481 1a31 2e30 2e30 2e33 382d 6238 ent..1.0.0.38-b8 0x0070: 3930 2e32 3032 3231 3230 3930 3030 3830 90.2022120900080 0x0080: 0602 0100 0201 01 ....... 14:50:24.081862 IP localhost.9999 > localhost.37287: Flags [P.], seq 5:83, ack 88, win 512, options [nop,nop,TS val 1173593478 ecr 1173593478], length 78 0x0000: 4500 0082 0cbd 4000 4006 2fb7 7f00 0001 E.....@.@./..... 0x0010: 7f00 0001 270f 91a7 1b76 f424 9bf7 eed7 ....'....v.$.... 0x0020: 8018 0200 fe76 0000 0101 080a 45f3 9d86 .....v......E... 0x0030: 45f3 9d86 004b ee07 3048 8001 0281 0209 E....K..0H...... 0x0040: 26a2 3fa3 3d30 380a 0102 1609 7369 6d74 &.?.=08.....simt 0x0050: 7261 6365 3280 0c72 656d 7369 6d2d 6261 race2..remsim-ba 0x0060: 6e6b 6481 1a31 2e30 2e30 2e33 382d 6238 nkd..1.0.0.38-b8 0x0070: 3930 2e32 3032 3231 3230 3930 3030 380a 90.202212090008. 0x0080: 0164 .d rspro_util.c:86 decoding [L1]> 00 4b ee 07 [L2]> 30 48 80 01 02 81 02 09 26 a2 3f a3 3d 30 38 0a 01 02 16 09 73 69 6d 74 72 61 63 65 32 80 0c 72 65 6d 73 69 6d 2d 62 61 6e 6b 64 81 1a 31 2e 30 2e 30 2e 33 38 2d 62 38 39 30 2e 32 30 32 32 31 32 30 39 30 30 30 38 0a 01 64 DRSPRO DEBUG remsim_client.c:80 RSPRO_CLIENT(bankd){ESTABLISHED}: Received Event SRVC_E_CLIENT_CONN_RES DRSPRO ERROR ../rspro_client_fsm.c:295 RSPRO_CLIENT(bankd){ESTABLISHED}: Rx RSPRO connectClientRes(result=<invalid>), closing DRSPRO DEBUG ../rspro_client_fsm.c:298 RSPRO_CLIENT(bankd){ESTABLISHED}: Received Event SRVC_E_TCP_DOWN DRSPRO DEBUG ../rspro_client_fsm.c:245 RSPRO_CLIENT(bankd){ESTABLISHED}: ->REESTABLISH_DELAY delay 999ms; 1ms since last attempt [step 6/123@1s]

2 1

Re: Observing SIM voltages put out by various old phones
by Min Xu 10 Dec '22

10 Dec '22

Hi Mychaela Can you tell me what the intent of the C1 capacitor is for? Previously when I probe the signals I just solder fly wires on to the SIM socket on the FPC, but this capacitor intrigues me. Thanks

2 1

Observing SIM voltages put out by various old phones
by Mychaela Falconia 01 Dec '22

01 Dec '22

Hello fellow SIM tracers, I just built this little gadget that allows one to observe (easily, safely, non-invasively) what voltages each given phone puts out toward the SIM: https://www.freecalypso.org/members/falcon/pictures/SIM-volt-test/sim-fpc-p… It is a trivial PCB adapter that connects together a SIM socket, an FPC connector that fits existing SIMtrace FPC cables, and a set of plain old 2.54 mm header pins exposing each signal on the SIM-ME interface. This adapter is purely passive, hence it doesn't need power, it does not contain any components that can be damaged by high voltages (in fact, there is not one ESD-sensitive component on this PCB!), and it does not introduce any Heisenbug effects into the SIM-ME interface under test. The usage scenario should be obvious: I insert a fitting SIMtrace FPC cable into the phone under test, the other end of that FPC cable plugs into my PCB, the SIM socket on my adapter is either filled with an actual SIM or left empty depending on the test to be performed, and I observe the voltage between GND and VCC pins. Here is that test being performed with a Nokia 2190E, one of the very first GSM phones sold in USA, circa 1995 or 1996: https://www.freecalypso.org/members/falcon/pictures/SIM-volt-test/N2190-tes… https://www.freecalypso.org/members/falcon/pictures/SIM-volt-test/N2190-tes… And here are some test results: * Nokia 2190E, PCS band equivalent of 2110, powered by a 5-cell NiMH battery: always puts out 5V toward the SIM. * Ericsson I888, powered by a 4-cell NiMH battery: likewise always puts out 5V toward the SIM (will probably be a little under 5.0V, but still within 5V spec, under low battery conditions), but I would not classify this phone as "Phase 1": it supports SMS, USSD, CSD via IrDA, and EFR speech codec. * Nokia 6190, PCS band equivalent of 6110 (first ARM-based GSM phone ever?), powered by a 3-cell NiMH battery: tries 3V first, if the SIM is "3V technology SIM" or "1.8V technology SIM", then the phone stays at 3V, but if there is no good ATR at 3V, then it tries 5V. If a phone is powered by a 3-cell NiMH or 1-cell Li-ion battery, then the only way it can put out 5V is by going through a boost converter, which are of course bad for battery life - thus it seems that once phones went to these lower-voltage batteries, then they started preferring 3V SIMs at the same time (while still supporting 5V SIMs in those days!), whereas phones powered by higher-voltage batteries (4 or more Ni-Cd or NiMH cells) keep it simple and always put out 5V, it seems. Now Nokia 2190E is a really finicky phone in terms of which SIMs it accepts: as the r/vintagemobilephones community on Reddit figured out, there is just one T-Mobile MVNO (LycaMobile) whose SIMs it accepts, while all others are rejected - and the worst part is, it rejects my current Themyscira SIMs too! (My SIMs are FCSIM1, equivalent of old sysmoSIM-GR2.) So what is so special about those LycaMobile SIMs which this phone accepts while rejecting all others? Examining that SIM in a card reader, I see nothing special, same deal as most operator-issued SIMs these days: native UICC/USIM/ISIM, has GSM 11.11 support for backward compat, GSM 11.11 SELECT on MF/DF indicates "1.8V technology SIM", ATR indicates all 3 voltage classes supported. Now that I have proven what I previously only suspected (the fact that this ancient Nokia always puts out 5V toward the SIM), SIMtrace2 is definitely out - however, I now also have a SIMtrace1 board, graciously donated by Kevin, and I am going to see if I can find some time to get SIMtrace1 software working and try sniffing Nokia 2190E to SIM comms in the working and not-working cases. M~

1 0

Re: My progress with 5V SIM investigation
by Min Xu 18 Nov '22

18 Nov '22

I just recently made some changes to my 1.4 firmware to support Man-in-the-Middle modification of ATR because some device apparently changes the Vcc to 1.8v after reading the ATR that indicates the card supports Class C. I don't have access to the device that exhibit this behavior so I was using a USB Smartcard reader to test it, and my Oscilloscope capture shows that the PC was using 5v vddio mode. The SIMtrace 1 are 5v tolerant, and the last time I looked at Cstartup.asm I believe we set the internal pull-ups to disabled, which is "safe" according to the Atmel part documentation. So long as 5v IO levels are not "on"/"fed" into the PIO lines while the device is in reset, this is probably not an issue for SIMtrace 1 boards. > From: Mychaela Falconia <mychaela.falconia(a)gmail.com> > To: simtrace(a)lists.osmocom.org > Cc: > Bcc: > Date: Tue, 25 Oct 2022 20:03:23 -0800 > Subject: My progress with 5V SIM investigation > Hello SIMtrace community, > > I mentioned earlier on this list, and also in last week's OsmoDevCall, > that I play with some old phones that *may* be putting out 5V toward > the SIM, which SIMtrace2 hw does not tolerate - 5V exceeds the absolute > maximum rating spec of SAM3S chip. > > As the first step in the investigation, I cobbled together a simple > PCB design for a purely passive adapter that connects a SIM socket to > FPC cables from current Sysmocom SIMtrace kits, plus 2.54 mm headers > on both sides of the SIM socket providing convenient probing access to > all signals. This trivial design can be found in my fc-small-hw Hg > repository: > > https://www.freecalypso.org/hg/fc-small-hw/ > > Look in the sim-fpc-pasv directory inside the Hg repo. I haven't sent > this little PCB out to fab yet, but I plan on doing so when my budget > allows it, hopefully no later than a week from now. When I get this > adapter board fabbed and assembled, I will test it with my current > collection of old phones (Ericsson I888, Nokia 5190 and 6190) and see > if any of these phones put out 5V toward the SIM. > > Nokia 5190 and 6190 are powered by 3-cell NiMH batteries, but they > still might put out 5V toward the SIM if they include a charge pump or > some other boost converter. At least in TI chipset history, prior to > our well-known Calypso+Iota chipset, their previous ABB chip Nausica > (used in the legendary TSM30, apparently) could put out either 3V or > 5V toward the SIM, selection under fw control, while powered by a > 3-cell NiMH or 1-cell Li-ion battery, doing some kind of boost > conversion for 5V. (I never found a datasheet for that ancient ABB, > so I don't know the full details.) It will be interesting to know > what Nokia 5190 and 6190 do in this regard. It will also be > interesting to see what Ericsson I888 puts out: it is an older, > higher-voltage beast, powered by a 4-cell NiMH battery, and if the > designers felt like operating the SIM in "5V" or Class A mode, they > could have used raw battery voltage without conversion, as the spec is > 4.5 V minimum IIRC. > > During last week's OsmoDevCall Kevin said that he had some SIMtrace1 > boards with ARM7S, which the datasheet says is 5V-tolerant, and I > recall him saying that he could send me one. To Kevin: I greatly > appreciate your offer, and I may indeed take you up on it in another > few weeks - but let me build my sim-fpc-pasv adapter first, and see > what voltages are actually put out by phones in my collection. > > Now the really interesting phone would be Nokia 2190 - supposedly one > of the very first PCS1900 band GSM phones sold in USA, from around > 1995. That one is powered by a 5-cell NiMH battery and thus seems > very likely to put out 5V toward the SIM, possibly always, without > ever switching down to 3V. I don't have one to test, aside from a > sealed box which I am reluctant to cut open (told it may be worth > a fortune some day, the usual story), but another person on Reddit > says that these phones are very finicky in terms of which SIMs they > accept. I sent him a few of my FCSIM1 cards, equivalent to > sysmoSIM-GR2, a pure GSM 11.11 SIM without any UICC at all, very > old-fashioned, and my contact tells me that Nokia 2190 rejects these > SIMs too! It was my desire to use SIMtrace to see what's happening > with that finicky 2190 that prompted my investigation into 5V > tolerance - and when I get my sim-fpc-pasv adapter built, I will get > back in touch with my Nokia 2190 contact person from Reddit and see > how he would like to proceed. > > M~ > _______________________________________________ > simtrace mailing list -- simtrace(a)lists.osmocom.org > To unsubscribe send an email to simtrace-leave(a)lists.osmocom.org

3 4

Log coloring disable, bankd GSMTAP, and RSPRO client reestablish delay
by James Tavares 15 Nov '22

15 Nov '22

Hello, Forgive me as I don’t know the protocol for requesting this, but I was looking for a 2nd reviewer willing to consider the following three PRs on osmo-remsim: bankd, client, server: add -L option to disable log coloring * https://gerrit.osmocom.org/c/osmo-remsim/+/30154 bankd: Add GSMTAP functionality for SIM traffic * <https://gerrit.osmocom.org/c/osmo-remsim/+/30154> https://gerrit.osmocom.org/c/osmo-remsim/+/30139 rspro_client: implement re-establish delay * https://gerrit.osmocom.org/c/osmo-remsim/+/30138 * addresses issues https://osmocom.org/issues/5348 and https://osmocom.org/issues/5610 Regarddss, James James Tavares Lead Software Engineer KVH Industries, Inc. 50 Enterprise Center | Middletown, RI 02842 Direct Tel: +1 401.845.2416 Tel: +1 401.847.3327 | Fax: +1 401.845.8149 jtavares(a)kvh.com<mailto:jtavares@kvh.com> http://www.kvh.com<http://www.kvh.com/>

1 0

My progress with 5V SIM investigation
by Mychaela Falconia 26 Oct '22

26 Oct '22

Hello SIMtrace community, I mentioned earlier on this list, and also in last week's OsmoDevCall, that I play with some old phones that *may* be putting out 5V toward the SIM, which SIMtrace2 hw does not tolerate - 5V exceeds the absolute maximum rating spec of SAM3S chip. As the first step in the investigation, I cobbled together a simple PCB design for a purely passive adapter that connects a SIM socket to FPC cables from current Sysmocom SIMtrace kits, plus 2.54 mm headers on both sides of the SIM socket providing convenient probing access to all signals. This trivial design can be found in my fc-small-hw Hg repository: https://www.freecalypso.org/hg/fc-small-hw/ Look in the sim-fpc-pasv directory inside the Hg repo. I haven't sent this little PCB out to fab yet, but I plan on doing so when my budget allows it, hopefully no later than a week from now. When I get this adapter board fabbed and assembled, I will test it with my current collection of old phones (Ericsson I888, Nokia 5190 and 6190) and see if any of these phones put out 5V toward the SIM. Nokia 5190 and 6190 are powered by 3-cell NiMH batteries, but they still might put out 5V toward the SIM if they include a charge pump or some other boost converter. At least in TI chipset history, prior to our well-known Calypso+Iota chipset, their previous ABB chip Nausica (used in the legendary TSM30, apparently) could put out either 3V or 5V toward the SIM, selection under fw control, while powered by a 3-cell NiMH or 1-cell Li-ion battery, doing some kind of boost conversion for 5V. (I never found a datasheet for that ancient ABB, so I don't know the full details.) It will be interesting to know what Nokia 5190 and 6190 do in this regard. It will also be interesting to see what Ericsson I888 puts out: it is an older, higher-voltage beast, powered by a 4-cell NiMH battery, and if the designers felt like operating the SIM in "5V" or Class A mode, they could have used raw battery voltage without conversion, as the spec is 4.5 V minimum IIRC. During last week's OsmoDevCall Kevin said that he had some SIMtrace1 boards with ARM7S, which the datasheet says is 5V-tolerant, and I recall him saying that he could send me one. To Kevin: I greatly appreciate your offer, and I may indeed take you up on it in another few weeks - but let me build my sim-fpc-pasv adapter first, and see what voltages are actually put out by phones in my collection. Now the really interesting phone would be Nokia 2190 - supposedly one of the very first PCS1900 band GSM phones sold in USA, from around 1995. That one is powered by a 5-cell NiMH battery and thus seems very likely to put out 5V toward the SIM, possibly always, without ever switching down to 3V. I don't have one to test, aside from a sealed box which I am reluctant to cut open (told it may be worth a fortune some day, the usual story), but another person on Reddit says that these phones are very finicky in terms of which SIMs they accept. I sent him a few of my FCSIM1 cards, equivalent to sysmoSIM-GR2, a pure GSM 11.11 SIM without any UICC at all, very old-fashioned, and my contact tells me that Nokia 2190 rejects these SIMs too! It was my desire to use SIMtrace to see what's happening with that finicky 2190 that prompted my investigation into 5V tolerance - and when I get my sim-fpc-pasv adapter built, I will get back in touch with my Nokia 2190 contact person from Reddit and see how he would like to proceed. M~

1 0

Osmocom binary package repository URLs have changed
by Harald Welte 25 Oct '22

25 Oct '22

Hello various Osmocom mailing lists, as previously announced (https://osmocom.org/news/191): * The binary packages are being built on Osmocom's own OBS server now. * We will stop pushing packages to the openSUSE OBS server at the end of October (in one week). If you are using Osmocom binary packages, please make sure that you have configured the new repository URLs. See the wiki for details: https://osmocom.org/projects/cellular-infrastructure/wiki/Binary_Packages Regards, Harald -- - Harald Welte <laforge(a)osmocom.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

← Newer
1
2
3
4
5
6
7
8
...
35
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

simtrace