I was reading information on this link in regards to signing an application with carrier privileges.
I am aware of how to sign an application using a keystore for production releases, but how do I add UICC certificates to my app so it gets carrier privileges?
My main goal is to be able to call TelephonyManager functions like:
iccOpenLogicalChannel
iccCloseLogicalChannel
iccTransmitApduLogicalChannel
iccTransmitApduBasicChannel
This is the stack trace I get when calling one of the above functions:
E/AndroidRuntime: FATAL EXCEPTION: main
E/AndroidRuntime: Process: com.xxxx, PID: 2668
E/AndroidRuntime: java.lang.SecurityException: No modify permission or carrier privilege.
E/AndroidRuntime: at android.os.Parcel.readException(Parcel.java:1599)
E/AndroidRuntime: at android.os.Parcel.readException(Parcel.java:1552)
E/AndroidRuntime: at com.android.internal.telephony.ITelephony$Stub$Proxy.iccOpenLogicalChannel(ITelephony.java:2966)
E/AndroidRuntime: at android.telephony.TelephonyManager.iccOpenLogicalChannel(TelephonyManager.java:2914)
E/AndroidRuntime: at android.view.View.performClick(View.java:5198)
E/AndroidRuntime: at android.view.View$PerformClick.run(View.java:21147)
E/AndroidRuntime: at android.os.Handler.handleCallback(Handler.java:739)
E/AndroidRuntime: at android.os.Handler.dispatchMessage(Handler.java:95)
E/AndroidRuntime: at android.os.Looper.loop(Looper.java:148)
E/AndroidRuntime: at android.app.ActivityThread.main(ActivityThread.java:5417)
E/AndroidRuntime: at java.lang.reflect.Method.invoke(Native Method)
E/AndroidRuntime: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
E/AndroidRuntime: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
Thanks in advance!
UICC(Universal Integrated Circuit Card) is an advanced generation SIM card for laptops or smartphones that are compatible with high-speed internet networks. It can store the contacts and provide you with a reliable and secure voice, global roaming, multi-media connection, and adds new services and applications.
Carriers have full control of the UICC, so this mechanism provides a secure and flexible way to manage apps from the mobile network operator (MNO) hosted on generic app distribution channels (such as Google Play) while retaining special privileges on devices and without the need to sign apps with the per-device ...
"Carrier Services enables the latest communication services from. mobile carriers, including battery-optimizations and support. for enhanced features in the Android Messages app."
The carrier configuration supplied by this feature is a set of key-value pairs that change various telephony-related behaviors in the platform.
The question that you should ask yourself is actually a different one: How do I get the certificate for my app signing key into the UICC? Once you have that, the actual signing process is no different than with any other keystore.
So, you would have a keystore containing your signing key pair and a certificate for that key. The certificate could either be a self-signed certificate (that's typically the case for Android app signing keys) or a certificate issued to you by the UICC owner (MNO/carrier). In the first case, you would need to convince the UICC owner to add that self-signed certificate to the access control list(/application) on your UICC. In the second case, the carrier would typically include the root certificate corresponding to the certificate issued to you to the UICC.
You could then use that keystore to sign an app (just as you usually do).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With