I am working on an Android app that needs to call an API that requires carrier privilege. I have bought a number of blank SIM cards and tried to write my app's certificate hash onto them.
Based on Android source code, Android uses APDU with CLA byte 0x80 to check rules on the card. However, all the cards I have only support CLA byte 0xA0. Is there any way to find SIM card with the CLA byte I want?
Thanks!
What you are looking for is the GlobalPlatform "Secure Element Access Control" specification which is available here.
Technically, you need a SIM card with ARA-M applet. There is a MIT licensed JavaCard implementation available here which you can load to your card (using e.g. GlobalPlatformPro) -- as long as your SIM card is JavaCard and you have the appropriate keys.
Then you need to store access rules which is described in the above-mentioned specification. Fortunately GlobalPlatformPro seems to support rule loading so you probably will not need to study all the details.
If your SIM cards are not JavaCards then you will have to ask your vendor if ARA-M is supported (you might try selecting ARA-M AID which is A00000015141434C00).
Disclaimer: It has been some time I was (marginally) dealing with this so please do validate my thoughts.
Good luck!