OTA on GlobalPlatform sim-card. Issues with Load command via sms

Question

I have a testing sim card (sysmoUSIM-SJS1) with a keyset for OTA (Kic,Kid). It's support JavaCard 2.2.1 GlobalPlatform 2.1.1. And I have a helloworld applet for this card.

I can install this applet on the sim via USB card reader using shadysim.py.

I'm setting up a testing GSM operator infrastructure based on Osmo-NITB, and I want to install this applet via sms.

shadysim.py can generate TP-UD Envelop SMS-PP Data Download with --smpp arg:

Install_for_load command:
0270000038150601151500000062b6e1852abd8da3a9ced577a4516889b1fb2007e2e06e6bd5f546e8146fa8666642ee9a4e8d81c977e4ba48d857182e
set of Load command:
027000009015060115150000001d408d19e3e40821858cf6d939f0daed985b1fc5fa1c7288e571376c173fd989a9e1ee3efa2a35f7d9f19bbf77842ff8bfc2d9a449fc833152baccc427ba33cdeba296be260e9ac4819ebe98f5ef1aec44d103091c51cc12066f974f7936e49aaee3b93fc9837f1eaa342e919c62de125081867651e3bfbc9f533dc887052a545425182f20ad5fa3
02700000881506011515000000dc45d4b44cfed45990cbed44a2ec6b7c7148ba38deda77ec4547b07001347a2d534c7152e3d61c4a4ef829ae01ee1bb703d35a01fb634fcc7cc6eb7e8736f6eeb004a79a4e1b2ad420669470bc75faf52df736dd2d3d7e9d8219449f6801630a5b1498889c63b6e8993ca6b7b3e8ec5c8c531377568970dd84077be5f6d3f345
027000008815060115150000008de56fb18f516e4db45b9a852c41f338654d90723f0db9cc9fb419ec86fad650a5ca774aeb907045fd3b74c4776eb7830a7708d3b685ae4559a073e623f166791270afe80b3885dc30f7360d819a88a6ffa9a2e896afe1e65d9cb1c56b6d991506e7c3a960d98f80dff38c924d3e6bdf4d3affc55c9f0d73394cdcb99d570be9
02700000881506011515000000bdcbe43ad35ff5127db243cb93fce0ef5028cae407b7361295fa969c376df77007fb5feb74cdb1258273f7dce9661711cb503179f7da5e0ce8d280c9f7808a51d77b57b804639827cb149c2b90674ae5a6ba51c354e2da4a0e90f43474ddde5013c51a79df5c9a6cdae7ac3db7f9bcc43f6aca73e532efa189c4d89ed3da8ba3
0270000088150601151500000012245591b3705b9d726ac2cd04a821b8c6dcb64f9990ca989a657a1bede3c1b7402c95e03181259fd5fc42578d84f81e6b9263a5fb91e67d9be79706181e927df4d2e0f6f359b0933f1b2d89962388c0e8059421733a18a75b3ef5fcccbe218f8b846a83646d50015779be86cc3e953b92cb1b4af04c21f8af190bcadfba4660
02700000301506011515000000939120ad05341b2ffed0e75529ff7fde648cde2e8afb74a680dcb1757790d846c67a65e709b560c5
Install_for_install command:
0270000068150601151500000001f8b959d85e3aa738a38ce9b088b2c623efbbef9f1c06d7019e0182ac70d38204a5efc034d86f0b7aa44fae6e93819824003932115b556e14f32621f58bde2832e763ac2f37c976c0303b99efa49350ba4a0bb6cf4dcd238f03c42e3b11d4ce

I send this commands via smpp to OsmoNITB SMSC with data_coding=0xF6, esm_class=0x40, protocol_id=0x7F and capture traffic on abis interface OsmoBSC.

First command (Install_for_load) passes successfully. ME send back with RP-ACK 02:71:00:00:0f:0a:00:00:00:00:00:00:00:00:00:00:02:90:00:00 in TP-User-Data

But second command (Load) send back with RP-ERROR TP-FCS:

(U)SIM data download error (0xd5) and TP-User-Data 00:60:00

I tried divide installation process: load applet via USB card reader and then send Install_for_install via sms - successfull. I also tried delete applet via sms, it's successfull too.

In TS 51.014 clause 7.1.1 says the following:

RP-ERROR with the TP-FCS value "(U)SIM data download error" indicates status word "9E XX" - Data download error with response data in TP-User-Data element.

What error I don't understand.

I tried send Load command like Concateneted SM-PP Command Packet - did not help; tried change LoadBlock length - with same result.

What is the problem?

Answer 1

I figured out this problem myself. The key - using Concateneted SM-PP Command Packet for Load Command, but if your applet too large, you mast divide Load Command to several Concateneted SMS. In my case one Concateneted SMS contain 4 parts.