Merge branch 'laforge/sim'

This contains some work from 2012 about creating a general library about
the data structure of data contained on SIM cards.  This 'libosmosim' is
supposed to be used by (among others)
* tools to review/modify/personalize SIM card filesystem data
* virtual SIM card implementation

20 files changed, 3085 insertions, 4 deletions

diff --git a/.gitignore b/.gitignore
index 2bbb97b3..09304911 100644
--- a/.gitignore
+++ b/.gitignore
@@ -82,6 +82,7 @@ tests/gb/gprs_bssgp_test
 
 utils/osmo-arfcn
 utils/osmo-auc-gen
+utils/osmo-sim-test
 
 doc/codec
 doc/core
diff --git a/Makefile.am b/Makefile.am
index faf7a832..dc9dc371 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,6 +1,7 @@
 ACLOCAL_AMFLAGS = -I m4
 
-SUBDIRS = include src src/vty src/codec src/gsm src/gb src/ctrl tests utils
+AM_CPPFLAGS = $(all_includes) -I$(top_srcdir)/include
+SUBDIRS = include src src/vty src/codec src/gsm src/gb src/ctrl src/sim tests utils
 
 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libosmocore.pc libosmocodec.pc libosmovty.pc libosmogsm.pc \
@@ -49,7 +50,7 @@ install-data-hook:
 uninstall-hook:
 	cd $(DESTDIR)$(htmldir) && rm -rf {core,gsm,vty,codec}
 
-DX_CLEAN = doc/{core,gsm,vty,codec}/{html,latex}/* doc/html.tar
+DX_CLEAN = doc/{core,gsm,vty,codec}/{html,latex}/* doc/html.tar doc/{core,gsm,vty,codec}/doxygen_sqlite3.db
 endif
 
 MOSTLYCLEANFILES = $(DX_CLEAN)
diff --git a/configure.ac b/configure.ac
index deaa8bf7..80e2bccb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -82,6 +82,16 @@ CHECK_TM_INCLUDES_TM_GMTOFF
 dnl Generate the output
 AC_CONFIG_HEADER(config.h)
 
+AC_ARG_ENABLE([pcsc], [AS_HELP_STRING([--disable-pcsc], [Build without PC/SC support])],
+    [
+        osmo_ac_have_pcsc=$enableval
+    ],
+    [
+        PKG_CHECK_MODULES(PCSC, libpcsclite)
+        osmo_ac_have_pcsc="yes"
+    ])
+AM_CONDITIONAL(ENABLE_PCSC, test "x$osmo_ac_have_pcsc" = "xyes")
+
 AC_ARG_ENABLE(talloc,
 	[AS_HELP_STRING(
 		[--disable-talloc],
@@ -187,10 +197,12 @@ AC_OUTPUT(
 	libosmogsm.pc
 	libosmogb.pc
 	libosmoctrl.pc
+	libosmosim.pc
 	include/Makefile
 	src/Makefile
 	src/vty/Makefile
 	src/codec/Makefile
+	src/sim/Makefile
 	src/gsm/Makefile
 	src/gb/Makefile
 	src/ctrl/Makefile
diff --git a/include/Makefile.am b/include/Makefile.am
index c59f9b21..149e29fa 100644
--- a/include/Makefile.am
+++ b/include/Makefile.am
@@ -83,7 +83,8 @@ nobase_include_HEADERS = \
                        osmocom/gsm/rsl.h \
                        osmocom/gsm/rxlev_stat.h \
                        osmocom/gsm/sysinfo.h \
-                       osmocom/gsm/tlv.h
+                       osmocom/gsm/tlv.h \
+		       osmocom/sim/sim.h
 
 if ENABLE_PLUGIN
 nobase_include_HEADERS += osmocom/core/plugin.h
diff --git a/include/osmocom/core/msgb.h b/include/osmocom/core/msgb.h
index 19e4a3d0..644a6391 100644
--- a/include/osmocom/core/msgb.h
+++ b/include/osmocom/core/msgb.h
@@ -224,7 +224,7 @@ static inline void msgb_put_u32(struct msgb *msgb, uint32_t word)
  */
 static inline unsigned char *msgb_get(struct msgb *msgb, unsigned int len)
 {
-	unsigned char *tmp = msgb->data - len;
+	unsigned char *tmp = msgb->tail - len;
 	if (msgb_length(msgb) < len)
 		MSGB_ABORT(msgb, "msgb too small to get %u (len %u)\n",
 			   len, msgb_length(msgb));
diff --git a/include/osmocom/sim/sim.h b/include/osmocom/sim/sim.h
new file mode 100644
index 00000000..02cdcad5
--- /dev/null
+++ b/include/osmocom/sim/sim.h
@@ -0,0 +1,371 @@
+#ifndef _OSMOCOM_SIM_H
+#define _OSMOCOM_SIM_H
+
+#include <osmocom/core/msgb.h>
+#include <osmocom/core/linuxlist.h>
+
+#define APDU_HDR_LEN	5
+
+/*!
+ * \file sim.h
+ * \brief Routines for helping with SIM (ISO/IEC 7816-4 more generally) communication.
+ */
+
+/*! \brief command-response pairs cases
+ *
+ * Enumeration used to identify the APDU structure based on command-response pair case , as specified in ISO/IEC 7816-3:2006(E) §12.1.
+ */
+enum osim_apdu_case {
+	APDU_CASE_1, /*!< command header, no command data field, no response data field */
+	APDU_CASE_2S, /*!< command header, no command data field, response data field (short) */
+	APDU_CASE_2E, /*!< command header, no command data field, response data field (extended) */
+	APDU_CASE_3S, /*!< command header, command data field (short), no response data field */
+	APDU_CASE_3E, /*!< command header, command data field (extended), no response data field */
+	APDU_CASE_4S, /*!< command header, command data field (short), response data field (short) */
+	APDU_CASE_4E /*!< command header, command data field (extended), response data field (extended) */
+};
+
+/*! \brief APDU/TPDU command header
+ *
+ * This structure encode an APDU/TPDU command header, as specified in ISO/IEC 7816-3:2006(E) §12.2 and §12.3.
+ * The APDU (application layer) can be encoded as different TPDUs (transport layer), depending on the transport protocol used.
+ * The TPDU encoding by T=1 of the APDU command header is identical to the APDU.
+ * The TPDU encoding by T=0 of the APDU command header adds a Parameter 3 field, generally used instead of Lc/Le.
+ * 
+ * @todo have different structures for APDU, TPDU by T=0, and TPDU by T=1.
+ */
+struct osim_apdu_cmd_hdr {
+	uint8_t cla; /*!< CLASS byte */
+	uint8_t ins; /*!< INSTRUCTION byte */
+	uint8_t p1; /*!< Parameter 1 byte */
+	uint8_t p2; /*!< Parameter 2 byte */
+	uint8_t p3; /*!< Parameter 3 byte, used for TPDU by T=0 */
+} __attribute__ ((packed));
+
+#define msgb_apdu_dr(__x)
+
+/*! \brief APDU command body
+ *
+ * This structure encode a command body, as specified in ISO/IEC 7816-3:2006(E) §12.1.
+ * The data and response contents should be provided along with this structure.
+ */
+struct osim_msgb_cb {
+	enum osim_apdu_case apduc; /*!< command-response pair case, defining the encoding of Lc and Le */
+	uint16_t lc; /*!< number of bytes in the command data field Nc, which will encoded in 0, 1 or 3 bytes into Lc, depending on the case */
+	uint16_t le; /*!< maximum number of bytes expected in the response data field,  which will encoded in 0, 1, 2 or 3 bytes into Le, depending on the case */
+	uint16_t sw; /*!< status word, composed of SW1 and SW2 bytes */
+} __attribute__((__may_alias__));
+#define OSIM_MSGB_CB(__msgb)	((struct osim_msgb_cb *)&((__msgb)->cb[0]))
+/*! \brief status word from msgb->cb */
+#define msgb_apdu_case(__x)	OSIM_MSGB_CB(__x)->apduc
+#define msgb_apdu_lc(__x)	OSIM_MSGB_CB(__x)->lc
+#define msgb_apdu_le(__x)	OSIM_MSGB_CB(__x)->le
+#define msgb_apdu_sw(__x)	OSIM_MSGB_CB(__x)->sw
+/*! \brief pointer to the command header of the APDU */
+#define msgb_apdu_h(__x)	((struct osim_apdu_cmd_hdr *)(__x)->l2h)
+
+#define msgb_apdu_dc(__x)	((__x)->l2h + sizeof(struct osim_apdu_cmd_hdr))
+#define msgb_apdu_de(__x)	((__x)->l2h + sizeof(struct osim_apdu_cmd_hdr) + msgb_apdu_lc(__x))
+
+/* FILES */
+
+struct osim_file;
+struct osim_file_desc;
+struct osim_decoded_data;
+
+/*! \brief Operations for a given File */
+struct osim_file_ops {
+	/*! Parse binary file data into osim_decoded_data */
+	int (*parse)(struct osim_decoded_data *dd,
+		     const struct osim_file_desc *desc,
+		     int len, uint8_t *data);
+	/*! Encode osim_decoded_data into binary file */
+	struct msgb * (*encode)(const struct osim_file_desc *desc,
+				const struct osim_decoded_data *decoded);
+};
+
+enum osim_element_type {
+	ELEM_T_NONE,
+	ELEM_T_BOOL,	/*!< a boolean flag */
+	ELEM_T_UINT8,	/*!< unsigned integer */
+	ELEM_T_UINT16,	/*!< unsigned integer */
+	ELEM_T_UINT32,	/*!< unsigned integer */
+	ELEM_T_STRING,	/*!< generic string */
+	ELEM_T_BCD,	/*!< BCD encoded digits */
+	ELEM_T_BYTES,	/*!< BCD encoded digits */
+	ELEM_T_GROUP,	/*!< group container, has siblings */
+};
+
+enum osim_element_repr {
+	ELEM_REPR_NONE,
+	ELEM_REPR_DEC,
+	ELEM_REPR_HEX,
+};
+
+/*! \brief A single decoded element inside a file */
+struct osim_decoded_element {
+	struct llist_head list;
+
+	enum osim_element_type type;
+	enum osim_element_repr representation;
+	const char *name;
+
+	unsigned int length;
+	union {
+		uint8_t u8;
+		uint16_t u16;
+		uint32_t u32;
+		uint8_t *buf;
+		/*! A list of sibling decoded_items */
+		struct llist_head siblings;
+	} u;
+};
+
+/*! Decoded data for a single file, consisting of all decoded elements */
+struct osim_decoded_data {
+	/*! file to which we belong */
+	const struct osim_file *file;
+	/*! list of 'struct decoded_element' */
+	struct llist_head decoded_elements;
+};
+
+
+enum osim_file_type {
+	TYPE_NONE,
+	TYPE_DF,	/*!< Dedicated File */
+	TYPE_ADF,	/*!< Application Dedicated File */
+	TYPE_EF,	/*!< Entry File */
+	TYPE_EF_INT,	/*!< Internal Entry File */
+};
+
+enum osim_ef_type {
+	EF_TYPE_TRANSP,		/*!< Transparent EF */
+	EF_TYPE_RECORD_FIXED,	/*!< Fixed-Size Record EF */
+	EF_TYPE_RECORD_CYCLIC,	/*!< Cyclic Record EF */
+	EF_TYPE_KEY,		/*!< Key file as used in TETRA */
+};
+
+#define F_OPTIONAL		0x0001
+
+#define SFI_NONE 		0xFF
+
+struct osim_file_desc {
+	struct llist_head list;		/*!< local element in list */
+	struct llist_head child_list;	/*!< list of children EF in DF */
+	struct osim_file_desc *parent;	/*!< parent DF */
+
+	enum osim_file_type type;	/*!< Type of the file (EF, DF, ...) */
+	enum osim_ef_type ef_type;	/*!< Type of the EF, if type == TYPE_EF */
+
+	uint16_t fid;			/*!< File Identifier */
+	uint8_t sfid;			/*!< Short File IDentifier */
+	const uint8_t *df_name;
+	uint8_t df_name_len;
+
+	const char *short_name;		/*!< Short Name (like EF.ICCID) */
+	const char *long_name;		/*!< Long / description */
+	unsigned int flags;
+
+	struct osim_file_ops ops;	/*!< Operations (parse/encode */
+
+	struct {
+		size_t min;		/*!< Minimum size of the file
+					  (transparent) or record in
+					  cyclic / linear file */
+		size_t rec;		/*!< Recommended size */
+	} size;
+};
+
+/*! \brief A single instance of a file: Descriptor and contents */
+struct osim_file {
+	/*! Descriptor for the file */
+	const struct osim_file_desc *desc;
+
+	/*! Encoded file contents */
+	struct msgb *encoded_data;
+	/*! Parsed/Decoded file contents */
+	struct osim_decoded_data *decoded_data;
+};
+
+/*! Convenience macros for defining EF */
+#define EF(pfid, sfi, pns, pflags, pnl, ptype, smin, srec, pdec, penc)	\
+	{								\
+		.fid		= pfid,					\
+		.sfid		= sfi,					\
+		.type		= TYPE_EF,				\
+		.ef_type	= ptype,				\
+		.short_name	= pns,					\
+		.long_name	= pnl,					\
+		.flags		= pflags,				\
+		.ops 		= { .encode = penc, .parse = pdec },	\
+		.size		= { .min = smin, .rec = srec},		\
+	}
+
+
+/*! Convenience macros for defining EF */
+#define EF_TRANSP(fid, sfi, ns, flags, smin, srec, nl, dec, enc)	\
+		EF(fid, sfi, ns, flags, nl, EF_TYPE_TRANSP,		\
+		   smin, srec, dec, enc)
+/*! Convenience macros for defining EF */
+#define EF_TRANSP_N(fid, sfi, ns, flags, smin, srec, nl)		\
+		EF_TRANSP(fid, sfi, ns, flags, smin, srec,		\
+			  nl, &default_decode, NULL)
+
+/*! Convenience macros for defining EF */
+#define EF_CYCLIC(fid, sfi, ns, flags, smin, srec, nl, dec, enc)	\
+		EF(fid, sfi, ns, flags, nl, EF_TYPE_RECORD_CYCLIC,	\
+		   smin, srec, dec, enc)
+/*! Convenience macros for defining EF */
+#define EF_CYCLIC_N(fid, sfi, ns, flags, smin, srec, nl)		\
+		EF_CYCLIC(fid, sfi, ns, flags, smin, srec, nl,		\
+			  &default_decode, NULL)
+
+/*! Convenience macros for defining EF */
+#define EF_LIN_FIX(fid, sfi, ns, flags, smin, srec, nl, dec, enc)	\
+		EF(fid, sfi, ns, flags, nl, EF_TYPE_RECORD_FIXED,	\
+		   smin, srec, dec, enc)
+/*! Convenience macros for defining EF */
+#define EF_LIN_FIX_N(fid, sfi, ns, flags, smin, srec, nl)		\
+		EF_LIN_FIX(fid, sfi, ns, flags, smin, srec, nl, 	\
+			   &default_decode, NULL)
+
+/*! Convenience macros for defining EF */
+#define EF_KEY(fid, sfi, ns, flags, smin, srec, nl, dec, enc)		\
+		EF(fid, sfi, ns, flags, nl, EF_TYPE_KEY,		\
+		   smin, srec, dec, enc)
+/*! Convenience macros for defining EF */
+#define EF_KEY_N(fid, sfi, ns, flags, smin, srec, nl)			\
+		EF_KEY(fid, sfi, ns, flags, smin, srec, nl, 		\
+		       &default_decode, NULL)
+
+
+struct osim_file_desc *
+osim_file_find_name(struct osim_file_desc *parent, const char *name);
+
+/* STATUS WORDS */
+
+enum osim_card_sw_type {
+	SW_TYPE_NONE,
+	SW_TYPE_STR,
+};
+
+enum osim_card_sw_class {
+	SW_CLS_NONE,
+	SW_CLS_OK,
+	SW_CLS_POSTP,
+	SW_CLS_WARN,
+	SW_CLS_ERROR,
+};
+
+/*! A card status word (SW) */
+struct osim_card_sw {
+	/*! status word code (2 bytes) */
+	uint16_t code;
+	/*! status word mask (2 bytes), to match range/prefix of SW */
+	uint16_t mask;
+	enum osim_card_sw_type type;
+	enum osim_card_sw_class class;
+	union {
+		/*! Human-readable meaning of SW */
+		const char *str;
+	} u;
+};
+
+#define OSIM_CARD_SW_LAST	(const struct osim_card_sw) {	\
+	.code = 0, .mask = 0, .type = SW_TYPE_NONE,	\
+	.class = SW_CLS_NONE, .u.str = NULL		\
+}
+
+/*! \brief A card profile (e.g. SIM card */
+struct osim_card_profile {
+	const char *name;
+	/*! Descriptor for the MF (root directory */
+	struct osim_file_desc *mf;
+	/*! Array of pointers to status words */
+	const struct osim_card_sw **sws;
+};
+
+const struct osim_card_sw *osim_find_sw(const struct osim_card_profile *cp,
+					uint16_t sw);
+enum osim_card_sw_class osim_sw_class(const struct osim_card_profile *cp,
+					uint16_t sw_in);
+
+struct osim_card_hdl;
+char *osim_print_sw(const struct osim_card_hdl *ch, uint16_t sw_in);
+
+extern const struct tlv_definition ts102221_fcp_tlv_def;
+const struct value_string ts102221_fcp_vals[14];
+
+/* 11.1.1.3 */
+enum ts102221_fcp_tag {
+	UICC_FCP_T_FCP		= 0x62,
+	UICC_FCP_T_FILE_SIZE	= 0x80,
+	UICC_FCP_T_TOT_F_SIZE	= 0x81,
+	UICC_FCP_T_FILE_DESC	= 0x82,
+	UICC_FCP_T_FILE_ID	= 0x83,
+	UICC_FCP_T_DF_NAME	= 0x84,
+	UICC_FCP_T_SFID		= 0x88,
+	UICC_FCP_T_LIFEC_STS	= 0x8A,
+	UICC_FCP_T_SEC_ATTR_REFEXP= 0x8B,
+	UICC_FCP_T_SEC_ATTR_COMP= 0x8C,
+	UICC_FCP_T_PROPRIETARY	= 0xA5,
+	UICC_FCP_T_SEC_ATTR_EXP	= 0xAB,
+	UICC_FCP_T_PIN_STS_DO	= 0xC6,
+};
+
+struct msgb *osim_new_apdumsg(uint8_t cla, uint8_t ins, uint8_t p1,
+			      uint8_t p2, uint16_t lc, uint16_t le);
+
+/* CARD READERS */
+
+struct osim_reader_ops;
+
+enum osim_proto {
+	OSIM_PROTO_T0	= 0,
+	OSIM_PROTO_T1	= 1,
+};
+
+enum osim_reader_driver {
+	OSIM_READER_DRV_PCSC = 0,
+	OSIM_READER_DRV_OPENCT = 1,
+	OSIM_READER_DRV_SERIAL = 2,
+};
+
+struct osim_reader_hdl {
+	/*! \brief member in global list of readers */
+	struct llist_head list;
+	const struct osim_reader_ops *ops;
+	uint32_t proto_supported;
+	void *priv;
+	/*! \brief current card, if any */
+	struct osim_card_hdl *card;
+};
+
+struct osim_card_hdl {
+	/*! \brief member in global list of cards */
+	struct llist_head list;
+	/*! \brief reader through which card is accessed */
+	struct osim_reader_hdl *reader;
+	/*! \brief card profile */
+	struct osim_card_profile *prof;
+	/*! \brief card protocol */
+	enum osim_proto proto;
+
+	/*! \brief list of channels for this card */
+	struct llist_head channels;
+};
+
+struct osim_chan_hdl {
+	/*! \brief linked to card->channels */
+	struct llist_head list;
+	/*! \brief card to which this channel belongs */
+	struct osim_card_hdl *card;
+	const struct osim_file_desc *cwd;
+};
+
+/* reader.c */
+int osim_transceive_apdu(struct osim_chan_hdl *st, struct msgb *amsg);
+struct osim_reader_hdl *osim_reader_open(enum osim_reader_driver drv, int idx,
+					 const char *name, void *ctx);
+struct osim_card_hdl *osim_card_open(struct osim_reader_hdl *rh, enum osim_proto proto);
+#endif /* _OSMOCOM_SIM_H */
diff --git a/libosmosim.pc.in b/libosmosim.pc.in
new file mode 100644
index 00000000..cec877b9
--- /dev/null
+++ b/libosmosim.pc.in
@@ -0,0 +1,11 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: Osmocom SIM card related utilities Library
+Description: C Utility Library
+Version: @VERSION@
+Libs: -L${libdir} -losmosim
+Cflags: -I${includedir}/
+
diff --git a/src/sim/Makefile.am b/src/sim/Makefile.am
new file mode 100644
index 00000000..2b30ae99
--- /dev/null
+++ b/src/sim/Makefile.am
@@ -0,0 +1,21 @@
+# This is _NOT_ the library release version, it's an API version.
+# Please read Chapter 6 "Library interface versions" of the libtool documentation before making any modification
+LIBVERSION=0:0:0
+
+INCLUDES = $(all_includes) -I$(top_srcdir)/include
+AM_CFLAGS = -fPIC -Wall $(LIBOSMOCORE_CFLAGS) $(LIBOSMOGSM_CFLAGS) $(PCSC_CFLAGS)
+AM_LDFLAGS = $(COVERAGE_LDFLAGS)
+
+if ENABLE_PCSC
+# FIXME: only build the PC/SC dependent part conditional, but always build other parts
+
+noinst_HEADERS = sim_int.h gsm_int.h
+
+lib_LTLIBRARIES = libosmosim.la
+
+libosmosim_la_SOURCES = core.c reader.c reader_pcsc.c \
+			card_fs_sim.c card_fs_usim.c card_fs_uicc.c card_fs_isim.c card_fs_tetra.c
+libosmosim_la_LDFLAGS = -version-info $(LIBVERSION)
+libosmosim_la_LIBADD = $(LIBOSMOCORE_LIBS) $(LIBOSMOGSM_LIBS) $(PCSC_LIBS)
+
+endif
diff --git a/src/sim/card_fs_isim.c b/src/sim/card_fs_isim.c
new file mode 100644
index 00000000..339e8627
--- /dev/null
+++ b/src/sim/card_fs_isim.c
@@ -0,0 +1,105 @@
+/* 3GPP ISIM specific structures / routines */
+/*
+ * (C) 2014 by Harald Welte <laforge@gnumonks.org>
+ *
+ * All Rights Reserved
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+
+#include <errno.h>
+#include <string.h>
+
+#include <osmocom/sim/sim.h>
+#include <osmocom/core/talloc.h>
+#include <osmocom/gsm/gsm48.h>
+
+#include "sim_int.h"
+#include "gsm_int.h"
+
+/* TS 31.103 Version 11.2.0 Release 11 / Chapoter 7.1.3 */
+const struct osim_card_sw ts31_103_sw[] = {
+	{
+		0x9862, 0xffff, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Security management - Authentication error, incorrect MAC",
+	},
+	OSIM_CARD_SW_LAST
+};
+
+static const struct osim_card_sw *isim_card_sws[] = {
+	ts31_103_sw,
+	ts102221_uicc_sw,
+	NULL
+};
+
+/* TS 31.103 Version 11.2.0 Release 11 / Chapoter 4.2 */
+static const struct osim_file_desc isim_ef_in_adf_isim[] = {
+	EF_TRANSP_N(0x6F02, 0x02, "EF.IMPI", 0, 1, 256,
+		"IMS private user identity"),
+	EF_TRANSP_N(0x6F03, 0x05, "EF.DOMAIN", 0, 1, 256,
+		"Home Network Domain Name"),
+	EF_LIN_FIX_N(0x6F04, 0x04, "EF.IMPU", 0, 1, 256,
+		"IMS public user identity"),
+	EF_TRANSP_N(0x6FAD, 0x03, "EF.AD", 0, 4, 16,
+		"Administrative Data"),
+	EF_LIN_FIX_N(0x6F06, 0x06, "EF.ARR", 0, 1, 256,
+		"Access Rule TLV data objects"),
+	EF_TRANSP_N(0x6F07, 0x07, "EF.IST", F_OPTIONAL, 1, 16,
+		"ISIM Service Table"),
+	EF_LIN_FIX_N(0x6F09, SFI_NONE, "EF.P-CSCF", F_OPTIONAL, 1, 256,
+		"P-CSCF Address"),
+	EF_TRANSP_N(0x6FD5, SFI_NONE, "EF.GBABP", F_OPTIONAL, 1, 35,
+		"GBA Bootstrapping parameters"),
+	EF_LIN_FIX_N(0x6FD7, SFI_NONE, "EF.GBANL", F_OPTIONAL, 1, 256,
+		"NAF Key Identifier TLV Objects"),
+	EF_LIN_FIX_N(0x6FDD, SFI_NONE, "EF.NAFKCA", F_OPTIONAL, 1, 256,
+		"NAF Key Centre Address"),
+	EF_LIN_FIX_N(0x6F3C, SFI_NONE, "EF.SMS", F_OPTIONAL, 176, 176,
+		"Short messages"),
+	EF_TRANSP_N(0x6F43, SFI_NONE, "EF.SMSS", F_OPTIONAL, 2, 4,
+		"SMS status"),
+	EF_LIN_FIX_N(0x6F47, SFI_NONE, "EF.SMSR", F_OPTIONAL, 30, 30,
+		"Short message status reports"),
+	EF_LIN_FIX_N(0x6F42, SFI_NONE, "EF.SMSP", F_OPTIONAL, 29, 64,
+		"Short message service parameters"),
+	EF_LIN_FIX_N(0x6FE7, SFI_NONE, "EF.UICCIARI", F_OPTIONAL, 1, 256,
+		"UICC IARI"),
+};
+
+/* Annex E - TS 101 220 */
+static const uint8_t adf_isim_aid[] = { 0xA0, 0x00, 0x00, 0x00, 0x87, 0x10, 0x04 };
+
+struct osim_card_profile *osim_cprof_isim(void *ctx)
+{
+	struct osim_card_profile *cprof;
+	struct osim_file_desc *mf;
+
+	cprof = talloc_zero(ctx, struct osim_card_profile);
+	cprof->name = "3GPP ISIM";
+	cprof->sws = isim_card_sws;
+
+	mf = alloc_df(cprof, 0x3f00, "MF");
+
+	cprof->mf = mf;
+
+	/* ADF.USIM with its EF siblings */
+	add_adf_with_ef(mf, adf_isim_aid, sizeof(adf_isim_aid),
+			"ADF.ISIM", isim_ef_in_adf_isim,
+			ARRAY_SIZE(isim_ef_in_adf_isim));
+
+	return cprof;
+}
diff --git a/src/sim/card_fs_sim.c b/src/sim/card_fs_sim.c
new file mode 100644
index 00000000..432c945b
--- /dev/null
+++ b/src/sim/card_fs_sim.c
@@ -0,0 +1,477 @@
+/* classic SIM card specific structures/routines */
+/*
+ * (C) 2012-2014 by Harald Welte <laforge@gnumonks.org>
+ *
+ * All Rights Reserved
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#include <errno.h>
+#include <string.h>
+
+#include <osmocom/sim/sim.h>
+#include <osmocom/core/talloc.h>
+#include <osmocom/gsm/gsm48.h>
+
+#include "sim_int.h"
+
+/* 3GPP TS 51.011 / Chapter 9.4 */
+static const struct osim_card_sw ts11_11_sw[] = {
+	{
+		0x9000, 0xffff, SW_TYPE_STR, SW_CLS_OK,
+		.u.str = "Normal ending of the command",
+	}, {
+		0x9100, 0xff00, SW_TYPE_STR, SW_CLS_OK,
+		.u.str = "Normal ending of the command - proactive command from SIM pending",
+	}, {
+		0x9e00, 0xff00, SW_TYPE_STR, SW_CLS_OK,
+		.u.str = "Normal ending of the command - response data for SIM data download",
+	}, {
+		0x9f00, 0xff00, SW_TYPE_STR, SW_CLS_OK,
+		.u.str = "Normal ending of the command - response data available",
+	}, {
+		0x9300, 0xffff, SW_TYPE_STR, SW_CLS_POSTP,
+		.u.str = "SIM Application Toolkit is busy, command cannot be executed at present",
+	}, {
+		0x9200, 0xfff0, SW_TYPE_STR, SW_CLS_WARN,
+		.u.str = "Memory management - Command successful but after using an internal updat retry X times",
+	}, {
+		0x9240, 0xffff, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Memory management - Memory problem",
+	}, {
+		0x9400, 0xffff, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Referencing management - no EF selected",
+	}, {
+		0x9402, 0xffff, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Referencing management - out of range (invalid address)",
+	}, {
+		0x9404, 0xffff, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Referencing management - file ID not found / pattern not found",
+	}, {
+		0x9408, 0xffff, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Referencing management - file is inconsistent with the command",
+	}, {
+		0x9802, 0xffff, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Security management - no CHV initialized",
+	}, {
+		0x9804, 0xffff, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Security management - access condition not fulfilled",
+	}, {
+		0x9808, 0xffff, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Security management - in contradiction with CHV status",
+	}, {
+		0x9810, 0xffff, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Security management - in contradiction with invalidation status",
+	}, {
+		0x9840, 0xffff, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Security management - unsuccessful CHV verification, no attempt left",
+	}, {
+		0x9850, 0xffff, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Security management - increase cannot be performed, max value reached",
+	}, {
+		0x6700, 0xff00, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Application independent - incorrect parameter P3",
+	}, {
+		0x6b00, 0xff00, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Application independent - incorrect parameter P1 or P2",
+	}, {
+		0x6d00, 0xff00, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Application independent - unknown instruction code",
+	}, {
+		0x6e00, 0xff00, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Application independent - wrong instruction class",
+	}, {
+		0x6f00, 0xff00, SW_TYPE_STR, SW_CLS_ERROR,
+		.u.str = "Application independent - technical problem with no diagnostic given",
+	},
+	OSIM_CARD_SW_LAST
+};
+
+static const struct osim_card_sw *sim_card_sws[] = {
+	ts11_11_sw,
+	NULL
+};
+
+static int iccid_decode(struct osim_decoded_data *dd,
+			const struct osim_file_desc *desc,
+	     		int len, uint8_t *data)
+{
+	struct osim_decoded_element *elem;
+
+	elem = element_alloc(dd, "ICCID", ELEM_T_BCD, ELEM_REPR_DEC);
+	elem->length = len;
+	elem->u.buf = talloc_memdup(elem, data, len);
+
+	return 0;
+}
+
+static int elp_decode(struct osim_decoded_data *dd,
+		      const struct osim_file_desc *desc,
+		      int len, uint8_t *data)
+{
+	int i, num_lp = len / 2;
+
+	for (i = 0; i < num_lp; i++) {
+		uint8_t *cur = data + i*2;
+		struct osim_decoded_element *elem;
+		elem = element_alloc(dd, "Language Code", ELEM_T_STRING, ELEM_REPR_NONE);
+		elem->u.buf = (uint8_t *) talloc_strndup(elem, (const char *) cur, 2);
+	}
+
+	return 0;
+}
+
+/* 10.3.1 */
+int gsm_lp_decode(struct osim_decoded_data *dd,
+		 const struct osim_file_desc *desc,
+		 int len, uint8_t *data)
+{
+	int i;
+
+	for (i = 0; i < len; i++) {
+		struct osim_decoded_element *elem;
+		elem = element_alloc(dd, "Language Code", ELEM_T_UINT8, ELEM_REPR_DEC);
+		elem->u.u8 = data[i];
+	}
+
+	return 0;
+}
+
+/* 10.3.2 */
+int gsm_imsi_decode(struct osim_decoded_data *dd,
+		   const struct osim_file_desc *desc,
+		   int len, uint8_t *data)
+{
+	struct osim_decoded_element *elem;
+
+	if (len < 2)
+		return -EINVAL;
+
+	elem = element_alloc(dd, "IMSI", ELEM_T_BCD, ELEM_REPR_DEC);
+	elem->length = data[0];
+	elem->u.buf = talloc_memdup(elem, data+1, len-1);
+
+	return 0;
+}
+
+/* 10.3.3 */
+static int gsm_kc_decode(struct osim_decoded_data *dd,
+			 const struct osim_file_desc *desc,
+			 int len, uint8_t *data)
+{
+	struct osim_decoded_element *kc, *cksn;
+
+	if (len < 9)
+		return -EINVAL;
+
+	kc = element_alloc(dd, "Kc", ELEM_T_BYTES, ELEM_REPR_HEX);
+	kc->u.buf = talloc_memdup(kc, data, 8);
+	cksn = element_alloc(dd, "CKSN", ELEM_T_UINT8, ELEM_REPR_DEC);
+	cksn->u.u8 = data[8];
+
+	return 0;
+}
+
+/* 10.3.4 */
+static int gsm_plmnsel_decode(struct osim_decoded_data *dd,
+			      const struct osim_file_desc *desc,
+			      int len, uint8_t *data)
+{
+	int i, n_plmn = len / 3;
+
+	if (n_plmn < 1)
+		return -EINVAL;
+
+	for (i = 0; i < n_plmn; i++) {
+		uint8_t *cur = data + 3*i;
+		struct osim_decoded_element *elem, *mcc, *mnc;
+		uint8_t ra_buf[6];
+		struct gprs_ra_id ra_id;
+
+		memset(ra_buf, 0, sizeof(ra_buf));
+		memcpy(ra_buf, cur, 3);
+		gsm48_parse_ra(&ra_id, ra_buf);
+
+		elem = element_alloc(dd, "PLMN", ELEM_T_GROUP, ELEM_REPR_NONE);
+
+		mcc = element_alloc_sub(elem, "MCC", ELEM_T_UINT16, ELEM_REPR_DEC);
+		mcc->u.u16 = ra_id.mcc;
+
+		mnc = element_alloc_sub(elem, "MNC", ELEM_T_UINT16, ELEM_REPR_DEC);
+		mnc->u.u16 = ra_id.mnc;
+	}
+
+	return 0;
+}
+
+/* 10.3.5 */
+int gsm_hpplmn_decode(struct osim_decoded_data *dd,
+		     const struct osim_file_desc *desc,
+		     int len, uint8_t *data)
+{
+	struct osim_decoded_element *elem;
+
+	elem = element_alloc(dd, "Time interval", ELEM_T_UINT8, ELEM_REPR_DEC);
+	elem->u.u8 = *data;
+
+	return 0;
+}
+
+/* Chapter 10.1. Contents of the EFs at the MF level */
+static const struct osim_file_desc sim_ef_in_mf[] = {
+	EF_TRANSP(0x2FE2, SFI_NONE, "EF.ICCID", 0, 10, 10,
+		  "ICC Identification", &iccid_decode, NULL),
+	EF_TRANSP(0x2F05, SFI_NONE, "EF.PL", F_OPTIONAL, 2, 20,
+		  "Preferred language", &elp_decode, NULL),
+};
+
+/* Chapter 10.3.x Contents of files at the GSM application level */
+static const struct osim_file_desc sim_ef_in_gsm[] = {
+	EF_TRANSP(0x6F05, SFI_NONE, "EF.LP", 0, 1, 16,
+		  "Language preference", &gsm_lp_decode, NULL),
+	EF_TRANSP(0x6F07, SFI_NONE, "EF.IMSI", 0, 9, 9,
+		  "IMSI", &gsm_imsi_decode, NULL),
+	EF_TRANSP(0x6F20, SFI_NONE, "EF.Kc", 0, 9, 9,
+		  "Ciphering key Kc", &gsm_kc_decode, NULL),
+	EF_TRANSP(0x6F30, SFI_NONE, "EF.PLMNsel", F_OPTIONAL, 24, 72,
+		  "PLMN selector", &gsm_plmnsel_decode, NULL),
+	EF_TRANSP(0x6F31, SFI_NONE, "EF.HPPLMN", 0, 1, 1,
+		  "Higher Priority PLMN search period", &gsm_hpplmn_decode, NULL),
+	EF_TRANSP_N(0x6F37, SFI_NONE, "EF.ACMmax", F_OPTIONAL, 3, 3,
+		  "ACM maximum value"),
+	EF_TRANSP_N(0x6F38, SFI_NONE, "EF.SST", 0, 2, 16,
+		  "SIM service table"),
+	EF_CYCLIC_N(0x6F39, SFI_NONE, "EF.ACM", F_OPTIONAL, 3, 3,
+		  "Accumulated call meter"),
+	EF_TRANSP_N(0x6F3E, SFI_NONE, "EF.GID1", F_OPTIONAL, 1, 8,
+		  "Group Identifier Level 1"),
+	EF_TRANSP_N(0x6F3F, SFI_NONE, "EF.GID2", F_OPTIONAL, 1, 8,
+		  "Group Identifier Level 2"),
+	EF_TRANSP_N(0x6F46, SFI_NONE, "EF.SPN", F_OPTIONAL, 17, 17,
+		  "Service Provider Name"),
+	EF_TRANSP_N(0x6F41, SFI_NONE, "EF.PUCT", F_OPTIONAL, 5, 5,
+		  "Price per unit and currency table"),
+	EF_TRANSP_N(0x6F45, SFI_NONE, "EF.CBMI", F_OPTIONAL, 2, 32,
+		  "Cell broadcast massage identifier selection"),
+	EF_TRANSP_N(0x6F74, SFI_NONE, "EF.BCCH", 0, 16, 16,
+		  "Broadcast control channels"),
+	EF_TRANSP_N(0x6F78, SFI_NONE, "EF.ACC", 0, 2, 2,
+		  "Access control class"),
+	EF_TRANSP_N(0x6F7B, SFI_NONE, "EF.FPLMN", 0, 12, 12,
+		  "Forbidden PLMNs"),
+	EF_TRANSP_N(0x6F7E, SFI_NONE, "EF.LOCI", 0, 11, 11,
+		  "Location information"),
+	EF_TRANSP_N(0x6FAD, SFI_NONE, "EF.AD", 0, 3, 8,
+		  "Administrative data"),
+	EF_TRANSP_N(0x6FAE, SFI_NONE, "EF.Phase", 0, 1, 1,
+		  "Phase identification"),
+	EF_TRANSP_N(0x6FB1, SFI_NONE, "EF.VGCS", F_OPTIONAL, 4, 80,
+		  "Voice Group Call Service"),
+	EF_TRANSP_N(0x6FB2, SFI