Applications #

We know of the following applications that implement the LPAd functionality on Android, together with the respective signer key SHA-1 digests. Those SHA-1 digests are typically used inside of access rules in an ARA-M applet in order to receive elevated privileges via the Android Carrier Privileges Mechanism. Most critical is the access to OMAPI, which provides APDU-level access of the LPAd to the eUICC, in order to access the ES10b interface of the eUICC.

FOSS Applications #

• EasyEUICC (Mirror)
  Package Name: im.angry.easyeuicc
  License: GPLv3 only
  Release: gitea.angry.im/PeterCxy/OpenEUICC/releases
  signer key SHA1 digest: 2a2fa878bc7c3354c2cf82935a5945a3edae4afa
• JMP SIM Manager (OEM version of EasyEUICC)
  Package Name: chat.jmp.simmanager
  License: GPLv3 only
  Release: play.google.com/store/apps/details?id=chat.jmp.simmanager
  Release: f-droid.org/en/packages/chat.jmp.simmanager/
  signer key SHA1 digest: 2a2fa878bc7c3354c2cf82935a5945a3edae4afa
• Infineon LPA
  Package Name: com.infineon.esim.lpa
  License: MIT
  Release: github.com/CursedHardware/infineon-lpa-mirror/releases
  signer key SHA1 digest: 6fb0729d5b19897c044078a0184b68647704fa99
• NekokoLPA
  Package Name: ee.nekoko.nlpa
  License: MIT
  Release: play.google.com/store/apps/details?id=ee.nekoko.nlpa
  signer key SHA1 digest: c47350c7ba682b34a3e584a0d58463ea42b1ad73
• NekokoLPA M
  Package Name: ee.nekoko.nlpa.multisign
  License: MIT
  Release: github.com/iebb/NekokoLPA/releases
  signer key SHA1 digest: 114514191909beef280ca91de875403b03999682
  signer key SHA1 digest: 65d0571854afec519a90f92d7c5d8cf8148da373
  signer key SHA1 digest: d1c0f48b370e74d4ea4770ed4c3cd70a3198d31f
  signer key SHA1 digest: c47350c7ba682b34a3e584a0d58463ea42b1ad73

Non-FOSS Applications #

• eSIM.me (TelcoVillage GmbH)
  Package Name: esim.me
  Release: play.google.com/store/apps/details?id=esim.me
  signer key SHA1 digest: 8d48ecfaf44c5752145ee28b3eb7429cc6627e98
• 5ber.eSIM (iFREE GROUP)
  Package Name: com.ifreegroup.moesim
  Release: play.google.com/store/apps/details?id=com.ifreegroup.moesim
  signer key SHA1 digest: 31f78f62fe89aceed93d970d5675f2034edca7e7
  Release: 5beresim-file.oss-cn-hongkong.aliyuncs.com/5berAPP/5ber.eSIM.apk
  signer key SHA1 digest: a8be3c101f840c5025c8a3d8daf5531dd91b1134

Print Certificates #

$ apksigner verify --print-certs easyeuicc-release.apk
Signer #1 certificate DN: CN=Peter Cai, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=CA
Signer #1 certificate SHA-256 digest: 57becc26b373a6475d093d33b0ea1c5e2bf2738ec0233680094ccbbcb500a13e
Signer #1 certificate SHA-1 digest: 2a2fa878bc7c3354c2cf82935a5945a3edae4afa
Signer #1 certificate MD5 digest: e80a9f9f3ce834bfe8761bb835ff1570

See Verify the signature of an APK

References #

• ARA-M Applet
• “Allow all” ARA-M Applet
• SE Access Control v1.0