Closed Bug 1139823 Opened 9 years ago Closed 6 years ago

[Secure Element] Problem with opening logical channel to certain AIDs on Nexus 5L

Categories

(Firefox OS Graveyard :: RIL, defect)

Product:
Firefox OS Graveyard
Component:
RIL
Platform:
ARM
Gonk (Firefox OS)
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: tauzen, Unassigned)

References

Details

Attachments

(4 files)

open-channel-CRS-ok.log
2.16 KB, text/x-log
Details
open-channel-payment-not-ok.log
1.95 KB, text/x-log
Details
full-logcat.log
11.08 KB, text/x-log
Details
2015-03-10 SWP sniffing SIM APDU log
1.66 KB, text/plain
Details 
Opening channels to payment applets, which are present on the SIM card, fails with RIL error: "DialModifiedToUssd". The same error is visible while using the full AID retrieved from CRS or shorter AID version. This problem was not present on Flame with QCRIL. 

The same error is actually visible when trying to open channel to applets not present on the SIM.

Opening channels to well know applets like CRS or PPSE works as expected.
RIL log for opening channel to CRS, success scenario.
RIL log, opening channel to payment applet, failure.
Attached file full-logcat.log 
log without RIL filtering
Hi Edgar, could you take a look at this issue? Please let me know if you need some more logs. If you would like to replicate this on your side Alison has a SIM with applets mentioned by me.
Flags: needinfo?(echen)
OS: Mac OS X → Gonk (Firefox OS)
Hardware: x86 → ARM
03-05 11:31:41.273 I/Gecko   (  190): -*- RadioInterface[0]: Received message from worker: {"requestId":"{1b2764b7-0f74-4f19-b52a-344a40486271}","aid":"A0000000041010","rilMessageClientId":0,"rilMessageToken":231,"rilMessageType":"iccOpenChannel","rilRequestType":115,"rilRequestError":17,"errorMsg":"DialModifiedToUssd"}

Actually, in ril version 10, the error 17 means "no such element" [1], moz ril doesn't map it to correct string (will filed a bug for this).

ril_worker just pass the request to rild/modem, I have no idea why rild/modem replies error with "no such element". :(

[1] https://github.com/android/platform_hardware_ril/blob/lollipop-release/include/telephony/ril.h#L102
Flags: needinfo?(echen)
See Also: → 1140259
(used XX to hide full AID)

This shows the APDUs received and responses sent out by SIM while opening a channel to a Payment applet. We can see that SIM is responding with 6A 86 status word each time, which is "incorrect P1 or P2 parameter" [0]. 

So the problematic parameter is probably P2 (see APDU #380). I was informed that P2 set to 0x04 requests 'select response' and apparently the payment applet does not support this (supporting it in JavaCard applets is not mandatory). As an example PPSE applets supports P2 = 0x04 and it's actually visible in this log in Bug 1139835 [1]. 

On QCRIL Flame, while opening the channel the SELECT command was P2 set to 0. As a result we could open the channel to payment applet successfully. We did not get 'select response', but if it was available, it was retrieved by SE stack by sending GET RESPONSE command immediately after channel was opened.


[0] - https://www.eftlab.com.au/index.php/site-map/knowledge-base/118-apdu-response-list 
[1] - https://bug1139835.bugzilla.mozilla.org/attachment.cgi?id=8575995
Firefox OS is not being worked on
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: