×

Discussion Board

Results 1 to 9 of 9
  1. #1
    Registered User
    Join Date
    Apr 2007
    Posts
    12

    OTA Setting: Disable PIN Requirement

    Hi

    I'm sending some VoIP/SIP settings OTA to Nokia E-series phones and it all works fine. However, I can't seem to find a part in the documentation that deals with disabling the the need for the user to enter phone's PIN to open the message.

    Also woule be nice to be able to set the SIP profile's registration to "Always On", instead of "When needed"

    Can anyone give me the answer or point me in the right direction?

    Thanks,
    Franco

  2. #2
    Registered User
    Join Date
    Apr 2007
    Posts
    29

    Re: OTA Setting: Disable PIN Requirement

    Quote Originally Posted by franco_m
    Hi

    Also would be nice to be able to set the SIP profile's registration to "Always On", instead of "When needed"

    Franco
    You'll be able to enable autoregistration using "APPLICATION/AUTOREG". In the SIP-settings section (APPID=w9010), set "<parm name="AUTOREG"/>". To quote the w9010.txt (in Client_Provisioning_Registration_v1_7.zip): "If parameter exists, profile will be registered automatically" and "Indicates if automatic registration is on or off. If on, the terminal will be registered when it is started and a configured WLAN access point is available. If off, registration is done manually via Internet telephone application."

    frodek

  3. #3
    Registered User
    Join Date
    Apr 2007
    Posts
    12

    Re: OTA Setting: Disable PIN Requirement

    Thank you very much frodek. I should have mentioned the particular device I'm using (E60) which is why I was concentrating on the version 1 docs and missed it in version 2. Still will be very useful, as we plan to support these handsets too.

    I infer by the absence of this registration status from the version 1 docs that it's just not possible in this version of the Nokia VoIP/SIP stack?
    Edit: have tested this setting on the E60/E70 as well (version 1 firmware) and it works!

    Have had a look through the version 2 docs but still can't find any reference to the "Lock Code" issue I'm experiencing. Can anyone help me with this?
    Last edited by franco_m; 2007-04-11 at 10:57.

  4. #4
    Registered User
    Join Date
    Apr 2007
    Posts
    12

    Re: OTA Setting: Disable PIN Requirement

    Thought this might be a useful bit of information: on VoIP Rel 1, I've observed that the "Default call type" is automatically set to "Internet" (from "Cellular") when the relevant profiles appear on the phone.

    My colleague reports that this does NOT happen on VoIP Rel 2 phones. To set this, however, you can include the "General VoIP settings" application (w9033).

    e.g.:

    <characteristic type="APPLICATION">
    <parm name="APPID" value="w9033"/>
    <parm name="NAME" value="VoIP settings"/>
    <parm name="PREFTEL" value="1"/><!-- 0 = cellular, 1 = VoIP-->
    </characteristic>

  5. #5
    Registered User
    Join Date
    Apr 2007
    Posts
    29

    Re: OTA Setting: Disable PIN Requirement

    Quote Originally Posted by franco_m
    Hi

    I'm sending some VoIP/SIP settings OTA to Nokia E-series phones and it all works fine. However, I can't seem to find a part in the documentation that deals with disabling the the need for the user to enter phone's PIN to open the message.
    Franco
    Although I've not coded this yet myself and not have been able to verify this (hopefully I'll able to do this next week), it should be possible to use the NETWPIN authentication which should authenticate the message automatic against the IMSI.

    Some sources of information:

    S60_Platform_OMA_Client_Provisioning_v2_0_en.pdf: When calculating the MAC based on NETWPIN, the key K must be the IMSI of the SIM card being provisioned. The IMSI is semi-octet byte encoded before being used as a key.

    "Provisioning Bootstrap" http://www.wmlclub.com/docs/especwap...0010314-a.pdf:
    In GSM, if USERNETWPIN or NETWPIN is used, the IMSI MUST be used as the network specific shared secret. When used as input to the MAC calculation, the IMSI MUST be on semi-octet representation as defined in [GSM11.11]. The length indicatorbyte and possible unused bytes (i.e. the IMSI is less than 15 digits) MUST NOT be used. If the IMSI consists of an even number of digits the filler 0xF MUST be inserted.

    "Sync4j Server DM Programming Guide"
    http://download.forge.objectweb.org/...ming_guide.pdf
    NETWPIN: A shared secret is known by the device and server i.e. an IMSI or ESN. No user intervention is required, and is the simplest yet least secure method of authenticating a bootstrap message.

    A google search on the words "NETWPIN" "USERPIN" should give you further sources of information on this.

    Good luck

    frodek

  6. #6
    Nokia Developer Expert
    Join Date
    Dec 2006
    Location
    Mountain View, CA
    Posts
    197

    Re: OTA Setting: Disable PIN Requirement

    The PIN code that the user must know is set by the operator when constructing a provisioning message. The code can also be disabled/enabled, if wanted.
    The PIN code (USERPIN) is set in the message in connection with the Media type. The Media type (MIME type) is either text/vnd.wap.connectivity-xml or application/vnd.wap.connectivity-wbxml. With Nokia applications, use the latter one because it is the "tokened" version and also supports the security parametres that contain this PIN code.
    http://www.openmobilealliance.org/re...am/cp_v1_1.htm => Provisioning Content (OMA-WAP-ProvCont-v1_1-20050428-C.pdf) says on page 16

    "The connectivity media type may contain security information, which is transported as parameters to the media type application/vnd.wap.connectivity-wbxml. The security information consists of the message authentication code and the security method. The parameters MAC and SEC have been defined for this purpose and these MUST be supported by the WAP client."

    and

    "The parameter specifies the security mechanism used (if it is not present, no security is used). If present it MUST take one of the values USERPIN, USERPINMAC, NETWPIN, USERNETWPIN [PROVBOOT]. If the parameter MAC is provided, the parameter SEC MUST also be present."

    Therefore, the wbxml must include this data.

    If you disable the PIN code request and do not use bootstrapping where the PROVURL parametre contains the TPS (trusted provisioning server), it is very likely that when receiving a message the terminal will display a note saying eg. that the settings received can be harmful (the note depends on the terminal and its language).

  7. #7
    Registered User
    Join Date
    Apr 2007
    Posts
    12

    Re: OTA Setting: Disable PIN Requirement

    Thanks for your help nly. After much pouring over the OMA / WAP / Kannel documentation, I've figured out how to do this.

    One can set the secuity explicitly from Kannel (sendota interface, "sec" and "pin" parameters). Handy! What's not so good from my point of view is that by default, Kannel (1.4.1) adds "USERPIN" and "12345" as the security (gw/smsbox.c). There's no way to change that without hacking the code, it seems.

    Instead of taking this out and recompiling Kannel (thereby giving me a "non-apt") version, I've gone for the option of working out the UDH and WSP headers for myself and using kannel's sendsms interface to send a binary (multipart) SMS. I've taken the security out altogether. I thought about using the IMSI but we'd need a third part to provide this and there would be a cost attached. I've used libwbxml2 to encode the document.

    The "user" I used to send this message can send concatenated messages. Hope this saves someone else the few days it's cost me in reading up.

  8. #8
    Registered User
    Join Date
    Apr 2007
    Posts
    29

    Re: OTA Setting: Disable PIN Requirement

    If you don't authentication and don't use bootstrapping, the end-users may be scared by the message "Message received from untrusted server. Continue anyway?".

    Example coding of a WSP without authentication can be found in this thread.

    regards
    frodek

  9. #9
    Registered User
    Join Date
    Apr 2007
    Posts
    12

    Re: OTA Setting: Disable PIN Requirement

    Hmmm, should have just asked for the WSP header in the first place; would have saved me a great deal of time. Oh well, at least I have a (slightly) better understanding of OMA stuff.

    I actually came pretty close to your WSP header but I had 0106041f2db600 instead of 0106031f01b6. The essential difference being the 5th hex char (0x2d). Not sure what made me pick that, was probably in the kannel logs. Seems to work just the same.

    My firm doesn't want the user to input a PIN and doesn't want to pay for the IMSI numbers, so they're stuck with the warning.


    Quote Originally Posted by frodek
    If you don't authentication and don't use bootstrapping, the end-users may be scared by the message "Message received from untrusted server. Continue anyway?".

    Example coding of a WSP without authentication can be found in this thread.

    regards
    frodek

Similar Threads

  1. Cannot Send OTA MMS Setting to Nokia 7210, help
    By fisip_99 in forum General Messaging
    Replies: 1
    Last Post: 2009-03-04, 09:56
  2. HELP: Sending syncml setting OTA via SMS
    By pdelahun in forum Smart Messaging
    Replies: 1
    Last Post: 2003-02-04, 06:49
  3. 7650 browser setting and bookmark setting via OTA
    By hsinyee in forum Smart Messaging
    Replies: 3
    Last Post: 2002-12-13, 09:29
  4. send csd setting + bookmark via OTA
    By rymnz in forum Smart Messaging
    Replies: 1
    Last Post: 2002-12-09, 09:52
  5. Replies: 1
    Last Post: 2002-06-04, 05:51

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •