1

I work on application that communicate with a custom SIM card with use of Android OMAPI. The application had worked, before I updated Google Pixel to Android 13. Since then, when openLogicalChannel of the Session is called, I get the exception below with scarce information:

Caused by: java.io.IOException: OpenLogicalChannel() failed
        at android.se.omapi.Session.openLogicalChannel(Session.java:322)
        at android.se.omapi.Session.openLogicalChannel(Session.java:359)

I haven't found any information about OMAPI changes or additional permission in Androdid 13 documentation.

isSecureElementPresent of Reader returns true.

Does anybody have any clues?

plewand
  • 156
  • 1
  • 9
  • What carrier privileges are you using on the SIM card? Can you also post it? Is your app signed with the same key like indicated in the carrier privileges hash? – k_o_ Sep 29 '22 at 19:24
  • I don't use carrier privilege rules, it was not needed when I worked with Android versions up to 12. The card has updated ARA applet. As far as I know carrier privileges are needed to work with Telephony API, it was not needed to communicate with SIM card at low level with use of APDUs and OMAPI. – plewand Sep 30 '22 at 10:38

1 Answers1

0

As you commented you are not using Android carrier privileges. I'm wondering how this was ever working in your case. In all my setups I needed it for accessing the SEService. The Access Control Enforcer was always checking the access properly in my Pixel devices. Was your previous Pixel device rooted before? Please try to add the hash of your signing certificate to the ARA or use a generic allow all rule. Maybe you can install this allow all applet on the SIM. For analyzing the APDU traffic I have written an XPosed module displaying additional log messages in the Android radio log.

k_o_
  • 5,143
  • 1
  • 34
  • 43