Gitiles
Code Review Sign In
gerrit.osmocom.org / simtrace2 / 236caf68eb64ca70b7182dd75f052e670a54c4d4 / . / host / simtrace2-remsim.c
blob: 1fd2fa7f7efca33311fca3eb495831730aa42287 [file] [log] [blame]
Harald Welte095ac6c2016-03-19 13:39:33 +0100[diff] [blame]1/* simtrace2-remsim - main program for the host PC
2 *
3 * (C) 2010-2016 by Harald Welte <hwelte@hmw-consulting.de>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2
7 * as published by the Free Software Foundation
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17 */
18
19#include <errno.h>
20#include <unistd.h>
21#include <stdio.h>
22#include <stdlib.h>
23#include <string.h>
24#include <stdint.h>
25#include <time.h>
26#define _GNU_SOURCE
27#include <getopt.h>
28
29#include <sys/time.h>
30#include <sys/types.h>
31#include <sys/socket.h>
32#include <netinet/in.h>
33#include <arpa/inet.h>
34
35#include <libusb.h>
36
37#include "simtrace.h"
38#include "cardemu_prot.h"
39#include "apdu_dispatch.h"
Harald Welte236caf62016-03-19 21:28:09 +0100[diff] [blame^]40#include "simtrace2-discovery.h"
Harald Welte095ac6c2016-03-19 13:39:33 +0100[diff] [blame]41
42#include <osmocom/core/gsmtap.h>
43#include <osmocom/core/gsmtap_util.h>
44#include <osmocom/core/utils.h>
45#include <osmocom/core/socket.h>
46#include <osmocom/sim/class_tables.h>
47#include <osmocom/sim/sim.h>
48
49static struct gsmtap_inst *g_gti;
50struct libusb_device_handle *g_devh;
51const struct osim_cla_ins_card_profile *g_prof;
Harald Welte236caf62016-03-19 21:28:09 +0100[diff] [blame^]52static uint8_t g_in_ep;
53static uint8_t g_out_ep;
Harald Welte095ac6c2016-03-19 13:39:33 +0100[diff] [blame]54static int g_udp_fd = -1;
55static struct osim_chan_hdl *g_chan;
56
57static int gsmtap_send_sim(const uint8_t *apdu, unsigned int len)
58{
59 struct gsmtap_hdr *gh;
60 unsigned int gross_len = len + sizeof(*gh);
61 uint8_t *buf = malloc(gross_len);
62 int rc;
63
64 if (!buf)
65 return -ENOMEM;
66
67 memset(buf, 0, sizeof(*gh));
68 gh = (struct gsmtap_hdr *) buf;
69 gh->version = GSMTAP_VERSION;
70 gh->hdr_len = sizeof(*gh)/4;
71 gh->type = GSMTAP_TYPE_SIM;
72
73 memcpy(buf + sizeof(*gh), apdu, len);
74
75 rc = write(gsmtap_inst_fd(g_gti), buf, gross_len);
76 if (rc < 0) {
77 perror("write gsmtap");
78 free(buf);
79 return rc;
80 }
81
82 free(buf);
83 return 0;
84}
85
86#if 0
87static void apdu_out_cb(uint8_t *buf, unsigned int len, void *user_data)
88{
89 printf("APDU: %s\n", osmo_hexdump(buf, len));
90 gsmtap_send_sim(buf, len);
91}
92#endif
93
94/*! \brief Transmit a given command to the SIMtrace2 device */
95static int tx_to_dev(uint8_t *buf, unsigned int len)
96{
97 struct cardemu_usb_msg_hdr *mh = (struct cardemu_usb_msg_hdr *) buf;
98 int xfer_len;
99
100 mh->msg_len = len;
101
102 printf("<- %s\n", osmo_hexdump(buf, len));
103
104 if (g_udp_fd < 0) {
Harald Welte236caf62016-03-19 21:28:09 +0100[diff] [blame^]105 return libusb_bulk_transfer(g_devh, g_out_ep, buf, len,
Harald Welte095ac6c2016-03-19 13:39:33 +0100[diff] [blame]106 &xfer_len, 100000);
107 } else {
108 return write(g_udp_fd, buf, len);
109 }
110}
111
112/*! \brief Request the SIMtrace2 to generate a card-insert signal */
113static int request_card_insert(bool inserted)
114{
115 struct cardemu_usb_msg_cardinsert cins;
116
117 memset(&cins, 0, sizeof(cins));
118 cins.hdr.msg_type = CEMU_USB_MSGT_DT_CARDINSERT;
119 if (inserted)
120 cins.card_insert = 1;
121
122 return tx_to_dev((uint8_t *)&cins, sizeof(cins));
123}
124
125/*! \brief Request the SIMtrace2 to transmit a Procedure Byte, then Rx */
126static int request_pb_and_rx(uint8_t pb, uint8_t le)
127{
128 struct cardemu_usb_msg_tx_data *txd;
129 uint8_t buf[sizeof(*txd) + 1];
130 txd = (struct cardemu_usb_msg_tx_data *) buf;
131
132 printf("<= request_pb_and_rx(%02x, %d)\n", pb, le);
133
134 memset(txd, 0, sizeof(*txd));
135 txd->data_len = 1;
136 txd->hdr.msg_type = CEMU_USB_MSGT_DT_TX_DATA;
137 txd->flags = CEMU_DATA_F_PB_AND_RX;
138 txd->data[0] = pb;
139
140 return tx_to_dev((uint8_t *)txd, sizeof(*txd)+txd->data_len);
141}
142
143/*! \brief Request the SIMtrace2 to transmit a Procedure Byte, then Tx */
144static int request_pb_and_tx(uint8_t pb, const uint8_t *data, uint8_t data_len_in)
145{
146 uint32_t data_len = data_len_in;
147 struct cardemu_usb_msg_tx_data *txd;
148 uint8_t buf[sizeof(*txd) + 1 + data_len_in];
149 txd = (struct cardemu_usb_msg_tx_data *) buf;
150
151 printf("<= request_pb_and_tx(%02x, %s, %d)\n", pb, osmo_hexdump(data, data_len_in), data_len_in);
152
153 memset(txd, 0, sizeof(*txd));
154 txd->hdr.msg_type = CEMU_USB_MSGT_DT_TX_DATA;
155 txd->data_len = 1 + data_len_in;
156 txd->flags = CEMU_DATA_F_PB_AND_TX;
157 txd->data[0] = pb;
158 memcpy(txd->data+1, data, data_len_in);
159
160 return tx_to_dev(buf, sizeof(*txd)+txd->data_len);
161}
162
163/*! \brief Request the SIMtrace2 to send a Status Word */
164static int request_sw_tx(const uint8_t *sw)
165{
166 struct cardemu_usb_msg_tx_data *txd;
167 uint8_t buf[sizeof(*txd) + 2];
168 txd = (struct cardemu_usb_msg_tx_data *) buf;
169
170 printf("<= request_sw_tx(%02x %02x)\n", sw[0], sw[1]);
171
172 memset(txd, 0, sizeof(*txd));
173 txd->hdr.msg_type = CEMU_USB_MSGT_DT_TX_DATA;
174 txd->data_len = 2;
175 txd->flags = CEMU_DATA_F_PB_AND_TX | CEMU_DATA_F_FINAL;
176 txd->data[0] = sw[0];
177 txd->data[1] = sw[1];
178
179 return tx_to_dev((uint8_t *)txd, sizeof(*txd)+txd->data_len);
180}
181
182/*! \brief Process a STATUS message from the SIMtrace2 */
183static int process_do_status(uint8_t *buf, int len)
184{
185 struct cardemu_usb_msg_status *status;
186 status = (struct cardemu_usb_msg_status *) buf;
187
188 printf("=> STATUS: flags=0x%x, fi=%u, di=%u, wi=%u wtime=%u\n",
189 status->flags, status->fi, status->di, status->wi,
190 status->waiting_time);
191
192 return 0;
193}
194
195/*! \brief Process a PTS indication message from the SIMtrace2 */
196static int process_do_pts(uint8_t *buf, int len)
197{
198 struct cardemu_usb_msg_pts_info *pts;
199 pts = (struct cardemu_usb_msg_pts_info *) buf;
200
201 printf("=> PTS req: %s\n", osmo_hexdump(pts->req, sizeof(pts->req)));
202
203 return 0;
204}
205
206/*! \brief Process a ERROR indication message from the SIMtrace2 */
207static int process_do_error(uint8_t *buf, int len)
208{
209 struct cardemu_usb_msg_error *err;
210 err = (struct cardemu_usb_msg_error *) buf;
211
212 printf("=> ERROR: %u/%u/%u: %s\n",
213 err->severity, err->subsystem, err->code,
214 err->msg_len ? err->msg : "");
215
216 return 0;
217}
218
219/*! \brief Process a RX-DATA indication message from the SIMtrace2 */
220static int process_do_rx_da(uint8_t *buf, int len)
221{
222 static struct apdu_context ac;
223 struct cardemu_usb_msg_rx_data *data;
224 const uint8_t sw_success[] = { 0x90, 0x00 };
225 int rc;
226
227 data = (struct cardemu_usb_msg_rx_data *) buf;
228
229 printf("=> DATA: flags=%x, %s: ", data->flags,
230 osmo_hexdump(data->data, data->data_len));
231
232 rc = apdu_segment_in(&ac, data->data, data->data_len,
233 data->flags & CEMU_DATA_F_TPDU_HDR);
234
235 if (rc & APDU_ACT_TX_CAPDU_TO_CARD) {
236 struct msgb *tmsg = msgb_alloc(1024, "TPDU");
237 struct osim_reader_hdl *rh = g_chan->card->reader;
238 uint8_t *cur;
239
240 /* Copy TPDU header */
241 cur = msgb_put(tmsg, sizeof(ac.hdr));
242 memcpy(cur, &ac.hdr, sizeof(ac.hdr));
243 /* Copy D(c), if any */
244 if (ac.lc.tot) {
245 cur = msgb_put(tmsg, ac.lc.tot);
246 memcpy(cur, ac.dc, ac.lc.tot);
247 }
248 /* send to actual card */
249 tmsg->l3h = tmsg->tail;
250 rc = rh->ops->transceive(rh, tmsg);
251 if (rc < 0) {
252 fprintf(stderr, "error during transceive: %d\n", rc);
253 msgb_free(tmsg);
254 return rc;
255 }
256 msgb_apdu_sw(tmsg) = msgb_get_u16(tmsg);
257 ac.sw[0] = msgb_apdu_sw(tmsg) >> 8;
258 ac.sw[1] = msgb_apdu_sw(tmsg) & 0xff;
259 printf("SW=0x%04x, len_rx=%d\n", msgb_apdu_sw(tmsg), msgb_l3len(tmsg));
260 if (msgb_l3len(tmsg))
261 request_pb_and_tx(ac.hdr.ins, tmsg->l3h, msgb_l3len(tmsg));
262 request_sw_tx(ac.sw);
263 } else if (ac.lc.tot > ac.lc.cur) {
264 request_pb_and_rx(ac.hdr.ins, ac.lc.tot - ac.lc.cur);
265 }
266 return 0;
267}
268
269/*! \brief Process an incoming message from the SIMtrace2 */
270static int process_usb_msg(uint8_t *buf, int len)
271{
272 struct cardemu_usb_msg_hdr *sh = (struct cardemu_usb_msg_hdr *)buf;
273 uint8_t *payload;
274 int payload_len;
275 int rc;
276
277 printf("-> %s\n", osmo_hexdump(buf, len));
278
279 switch (sh->msg_type) {
280 case CEMU_USB_MSGT_DO_STATUS:
281 rc = process_do_status(buf, len);
282 break;
283 case CEMU_USB_MSGT_DO_PTS:
284 rc = process_do_pts(buf, len);
285 break;
286 case CEMU_USB_MSGT_DO_ERROR:
287 rc = process_do_error(buf, len);
288 break;
289 case CEMU_USB_MSGT_DO_RX_DATA:
290 rc = process_do_rx_da(buf, len);
291 break;
292 default:
293 printf("unknown simtrace msg type 0x%02x\n", sh->msg_type);
294 rc = -1;
295 break;
296 }
297
298 return rc;
299}
300
301static void print_welcome(void)
302{
303 printf("simtrace2-remsim - Remote SIM card forwarding\n"
304 "(C) 2010-2016 by Harald Welte <laforge@gnumonks.org>\n\n");
305}
306
307static void print_help(void)
308{
309 printf( "\t-i\t--gsmtap-ip\tA.B.C.D\n"
310 "\t-a\t--skip-atr\n"
311 "\t-h\t--help\n"
312 "\t-k\t--keep-running\n"
313 "\n"
314 );
315}
316
317static const struct option opts[] = {
318 { "gsmtap-ip", 1, 0, 'i' },
319 { "skip-atr", 0, 0, 'a' },
320 { "help", 0, 0, 'h' },
321 { "keep-running", 0, 0, 'k' },
322 { NULL, 0, 0, 0 }
323};
324
325static void run_mainloop(void)
326{
327 unsigned int msg_count, byte_count = 0;
328 char buf[16*265];
329 int xfer_len;
330 int rc;
331
332 printf("Entering main loop\n");
333
334 while (1) {
335 /* read data from SIMtrace2 device (local or via USB) */
336 if (g_udp_fd < 0) {
Harald Welte236caf62016-03-19 21:28:09 +0100[diff] [blame^]337 rc = libusb_bulk_transfer(g_devh, g_in_ep, buf, sizeof(buf), &xfer_len, 100000);
Harald Welte095ac6c2016-03-19 13:39:33 +0100[diff] [blame]338 if (rc < 0 && rc != LIBUSB_ERROR_TIMEOUT) {
339 fprintf(stderr, "BULK IN transfer error; rc=%d\n", rc);
340 return;
341 }
342 } else {
343 rc = read(g_udp_fd, buf, sizeof(buf));
344 if (rc <= 0) {
345 fprintf(stderr, "shor read from UDP\n");
346 return;
347 }
348 xfer_len = rc;
349 }
350 /* dispatch any incoming data */
351 if (xfer_len > 0) {
352 //printf("URB: %s\n", osmo_hexdump(buf, rc));
353 process_usb_msg(buf, xfer_len);
354 msg_count++;
355 byte_count += xfer_len;
356 }
357 }
358}
359
360int main(int argc, char **argv)
361{
362 char *gsmtap_host = "127.0.0.1";
363 int rc;
364 int c, ret = 1;
365 int skip_atr = 0;
366 int keep_running = 0;
367 int remote_udp_port = 52342;
Harald Welte236caf62016-03-19 21:28:09 +0100[diff] [blame^]368 int if_num = 0;
Harald Welte095ac6c2016-03-19 13:39:33 +0100[diff] [blame]369 char *remote_udp_host = NULL;
370 struct osim_reader_hdl *reader;
371 struct osim_card_hdl *card;
372
373 print_welcome();
374
375 while (1) {
376 int option_index = 0;
377
Harald Welte236caf62016-03-19 21:28:09 +0100[diff] [blame^]378 c = getopt_long(argc, argv, "r:p:hi:I:ak", opts, &option_index);
Harald Welte095ac6c2016-03-19 13:39:33 +0100[diff] [blame]379 if (c == -1)
380 break;
381 switch (c) {
382 case 'r':
383 remote_udp_host = optarg;
384 break;
385 case 'p':
386 remote_udp_port = atoi(optarg);
387 break;
388 case 'h':
389 print_help();
390 exit(0);
391 break;
392 case 'i':
393 gsmtap_host = optarg;
394 break;
Harald Welte236caf62016-03-19 21:28:09 +0100[diff] [blame^]395 case 'I':
396 if_num = atoi(optarg);
397 break;
Harald Welte095ac6c2016-03-19 13:39:33 +0100[diff] [blame]398 case 'a':
399 skip_atr = 1;
400 break;
401 case 'k':
402 keep_running = 1;
403 break;
404 }
405 }
406
407 g_prof = &osim_uicc_sim_cic_profile;
408
409 if (!remote_udp_host) {
410 rc = libusb_init(NULL);
411 if (rc < 0) {
412 fprintf(stderr, "libusb initialization failed\n");
413 goto do_exit;
414 }
415 } else {
416 g_udp_fd = osmo_sock_init(AF_INET, SOCK_DGRAM, IPPROTO_UDP, remote_udp_host,
Harald Welte236caf62016-03-19 21:28:09 +0100[diff] [blame^]417 remote_udp_port+if_num, OSMO_SOCK_F_CONNECT);
Harald Welte095ac6c2016-03-19 13:39:33 +0100[diff] [blame]418 if (g_udp_fd < 0) {
419 fprintf(stderr, "error binding UDP port\n");
420 goto do_exit;
421 }
422 }
423
424 g_gti = gsmtap_source_init(gsmtap_host, GSMTAP_UDP_PORT, 0);
425 if (!g_gti) {
426 perror("unable to open GSMTAP");
427 goto close_exit;
428 }
429 gsmtap_source_add_sink(g_gti);
430
431 reader = osim_reader_open(OSIM_READER_DRV_PCSC, 0, "", NULL);
432 if (!reader) {
433 perror("unable to open PC/SC reader");
434 goto close_exit;
435 }
436
437 card = osim_card_open(reader, OSIM_PROTO_T0);
438 if (!card) {
439 perror("unable to open SIM card");
440 goto close_exit;
441 }
442
443 g_chan = llist_entry(card->channels.next, struct osim_chan_hdl, list);
444 if (!g_chan) {
445 perror("SIM card has no channel?!?");
446 goto close_exit;
447 }
448
449 do {
450 if (g_udp_fd < 0) {
451 g_devh = libusb_open_device_with_vid_pid(NULL, SIMTRACE_USB_VENDOR, SIMTRACE_USB_PRODUCT);
452 if (!g_devh) {
453 fprintf(stderr, "can't open USB device\n");
454 goto close_exit;
455 }
456
Harald Welte236caf62016-03-19 21:28:09 +0100[diff] [blame^]457 rc = libusb_claim_interface(g_devh, if_num);
Harald Welte095ac6c2016-03-19 13:39:33 +0100[diff] [blame]458 if (rc < 0) {
Harald Welte236caf62016-03-19 21:28:09 +0100[diff] [blame^]459 fprintf(stderr, "can't claim interface %d; rc=%d\n", if_num, rc);
460 goto close_exit;
461 }
462
463 rc = get_usb_ep_addrs(g_devh, if_num, &g_out_ep, &g_in_ep, NULL);
464 if (rc < 0) {
465 fprintf(stderr, "can't obtain EP addrs; rc=%d\n", rc);
Harald Welte095ac6c2016-03-19 13:39:33 +0100[diff] [blame]466 goto close_exit;
467 }
468 }
469
470 request_card_insert(true);
471
472 run_mainloop();
473 ret = 0;
474
475 if (g_udp_fd < 0)
476 libusb_release_interface(g_devh, 0);
477close_exit:
478 if (g_devh)
479 libusb_close(g_devh);
480 if (keep_running)
481 sleep(1);
482 } while (keep_running);
483
484release_exit:
485 if (g_udp_fd < 0)
486 libusb_exit(NULL);
487do_exit:
488 return ret;
489}