All smartcards have embedded crypto capabilities and computation power.
Is is possible to take advantage of this with developed android application? For example, would I be able to sign a file using the public/private key stored on the SIM.
I heard about some standards and norms and initiatives (ETSI-MSS, Mobile PKI) but I do not see any application of such architecture.
Do someone has some clue on this?
No, you cannot access the SIM card directly in Android. All access to telephony-related services takes place in the TelephonyManager API and there is no API exposed to doing and cryptographic operations in the SIM.
My understanding is that SIM cards do not use standard crypto. The handle certains kinds of authentication and crypto for the network. Given the quality of say A3/5, I'm not sure you would want to. I doubt you can get AES or reven basic RSA out of them
Actually the above statement is somewhat incorrect: apparently there is work either to get SIM cards to have this functionality or to write generic libraries for exposing it. I cannot,however, for the life of me remember the article I read this in.
This appears at least to be a starting point https://stackoverflow.com/a/9364030/980922
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With