FreeCalypso > hg > fc-sim-sniff
annotate doc/Cardem-plans @ 49:7e87b03dd57d
doc/Sniffing-workflow: document simsniff-dec
author | Mychaela Falconia <falcon@freecalypso.org> |
---|---|
date | Thu, 21 Sep 2023 06:47:03 +0000 |
parents | 1068f9fd41d5 |
children |
rev | line source |
---|---|
48
1068f9fd41d5
doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents:
39
diff
changeset
|
1 The long-term goal of FreeCalypso SIMtrace replacement project is to support |
1068f9fd41d5
doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents:
39
diff
changeset
|
2 both SIM interface sniffing (SIMsniff) and card emulation (SIMemu). Both |
1068f9fd41d5
doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents:
39
diff
changeset
|
3 functions are needed when working in the realm of Vintage Mobile Phones: |
39
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
4 |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
5 * Non-invasive, Heisenbug-free Hi-Z sniffing is needed in order to see why |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
6 certain phone-to-SIM combinations work while others don't, and to see exactly |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
7 what a given finicky phone requires from that special hard-to-get SIM. |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
8 |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
9 * The next step of cloning that special SIM, or producing new SIMs that satisfy |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
10 the weird requirements of the finicky phone, will often require full emulation |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
11 of ISO 7816-4 / GSM 11.11 file system and CardOS in software, as we don't have |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
12 a real smartcard chip that gives us full freedom to implement whatever we |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
13 like. |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
14 |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
15 However, in terms of scheduling priority, all of our initial work focuses on |
48
1068f9fd41d5
doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents:
39
diff
changeset
|
16 the sniffer, with SIMemu (cardem) deferred to some indefinite later time. We |
1068f9fd41d5
doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents:
39
diff
changeset
|
17 do, however, have a preliminary idea of how we envision card emulation working: |
39
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
18 |
48
1068f9fd41d5
doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents:
39
diff
changeset
|
19 * Hardware setups will be different between SIMsniff and SIMemu. Our initial |
39
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
20 objective is to produce a solidly usable, production quality sniffer pod, |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
21 described as HW setup version 2 in the Sniffing-hw-setup article. As the |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
22 name says, this pod will be for sniffing only. For card emulation there will |
48
1068f9fd41d5
doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents:
39
diff
changeset
|
23 be a different SIMemu pod. |
39
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
24 |
48
1068f9fd41d5
doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents:
39
diff
changeset
|
25 * The SIMemu pod will be similar to the SIMsniff pod, with just two changes: |
39
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
26 |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
27 - We'll add a 74LVC1G07 OD driver for pulling the I/O line low in exactly the |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
28 same way how real SIM cards do it; |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
29 |
48
1068f9fd41d5
doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents:
39
diff
changeset
|
30 - The SIM socket will be eliminated from the SIMemu pod, to eliminate any |
1068f9fd41d5
doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents:
39
diff
changeset
|
31 possibility of a real SIM and SIMemu "fighting" to talk back to the same |
39
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
32 ME/ID. |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
33 |
48
1068f9fd41d5
doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents:
39
diff
changeset
|
34 * FPGA gateware will also be different between SIMsniff and SIMemu. The SIMemu |
39
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
35 design is expected to be more complex and use more FPGA resources, but there |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
36 is a good chance it will still fit into iCE40-HX1K FPGA and thus allow us to |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
37 keep using the same Icestick board. |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
38 |
48
1068f9fd41d5
doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents:
39
diff
changeset
|
39 * Right now we have no plans to stick a soft CPU core into the FPGA for SIMemu, |
39
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
40 instead the plan is to use the same principal architecture as the sniffer |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
41 FPGA, using the UART channel at 3 Mbps to communicate with the host - although |
a9e87abeeaa2
doc/Cardem-plans: article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
42 this time this UART will be used bidirectionally. |