CASL Technology
PO BOX 80
Surrey Downs
Adelaide
South Australia
SA 5127
Tel (+61) 8 8288 7528
(+61) 466 390 197

SMSDroidway

SMSDroidway (SDW) is an Android application that allows you to create an SMS Gateway under your total control.

There are many SMS service providers that can provide cost effective and easy to use send facilities, but CASL found ourselves needing a primarily, if not solely, SMS receive capability for many of our ongoing projects.

Gateway providers can provide this, but we found that it would cost around $4500 per year for a single short code, with a $400 setup fee. That's a lot of cash for our prototype systems, additionally we would have to wrap our SMS message formats to allow filtering from a single short code (rather than $4500 per project).

SMSDroidway fixes this, all you need is a Android phone running 2.3 onwards, a PAYG SIM and you can start sending messages to your web service for a total cost of $0.

Free? Well, we offer a free version of SDW which allows only receive of SMS and then forwards them on in plain text to your webserver over HTTP or HTTPS in a JSON format.

If you want to send messages then we offer a standard version which allows your web service to send text messages as well. The sent messages are only sent over HTTP and are in plain text, but does include an authorization scheme to avoid unwanted use of your SMS Gateway should it be accessible via the internet.

Finally, if you want security, then the pro version includes the ability to encrypt both send and receive with AES 128bit CBC.

Please see the download links on the right, you can download the free version there, we are only selling via stores such as Google Play.

Operation description

Once installed you run the application and start the inbound and/or outbound services.

Inbound service

CAUTION!
Once running your phone
will keep the CPU and WiFi alive.
You should be running from a charger!
The inbound service is the one that listens for received SMS, it then parcels them up as JSON formatted messages and POSTs them to your web server.

Outbound service

CAUTION!
Once running your phone
will keep the CPU and WiFi alive.
You should be running from a charger!
This is the service that will accept HTTP POSTs from your web service and forward the messages on as SMS.

Preferences

SDW allows you to specify the operating parameters, to access the preferences use the menu key or the action bar on later phones. Preferences are saved as you exit the dialog.

You should double check the passwords, as it is very easy for extra spaces to be inserted when changing them.

  • URL
    • This setting is the webserver you want to post messages to, e.g. "www.casltech.com/demos/sms/in"
  • SMS Incoming Port [ Standard & Pro Version ]
    • This is the port that the outbound service will listen on for messages from your webservice.
    • Typically this will 8080, but can be any number from 1025 to ~65k.
    • It is probably best to avoid ports such as 80, 443 etc to avoid conflicts with other applications.
  • Incoming Password [ Standard & Pro Version ]
    • This password is used to either encrypt or authenticate messages.
    • Encryption is selected by the web service by sending a suitably formatted message, however if the Standard version receives encrypted messages they will be ignored.
    • Authentication is supported on both Standard and Pro versions, it uses a hash mechanism to verify the message.
  • Encrypted Messages [ Pro Version ]
    • This controls whether messages are encrypted, and, if set, uses the parameters as specified.
  • Encryption Password [ Pro Version ]
    • This is the password used to encrypt the messages that are sent to your web service.

Formats

Incoming SMS messages

Messages are sent in a POST with the body containing JSON formatted data.

[ Clear Text ]

body :== 
{
	"Messages" : 
		[ array_of_messages ]
}
array_of_messages :== 
{
	"OriginatorNumber" : "phone_number",
	"TimeOfReceipt" : java_time_long,
	"Message" : "message_string"	
}
phone_number :== number reported by phone
java_time_long :== The result of a call such as "new Date().getTime()" 
	and is same reference as java time
message_string :== a UTF-8 string
			

[ Encrypted ]

body :== 
{
	"Messages" : 
		[ array_of_messages ]
}
array_of_messages :== 
{
	"TimeOfReceipt" : java_time_long,
	"EncryptedMessage" : "hex_message_string"	
}
java_time_long :== The result of a call such as "new Date().getTime()" 
	and is same reference as java time
hex_message_string :== a HEX String, such as "01234567890ABCDF", where
    each value is two characters, e.g. 1 is 01, 10 is 0A
			

The encrypted string contains:

<16 byte IV><encrypted text>

The encrypted text, once decrypted is:

<phone_number>'>'<sms message text>

The password is MD5 Hashed and used in the AES 128bit CBC.

Please see the examples for creation and decode of these messages.

Outgoing messages

Authenticated messages only

body :== 
{
	"auth" : "hex_string",
	"time" : java_time_long,
	"Messages" : 
		[ array_of_messages ]
}
array_of_messages :== 
{
	"number" : "phone_number",
	"text" : "message_string"	
}
phone_number :== number reported by phone
java_time_long :== The result of a call such as "new Date().getTime()" 
	and is same reference as java time
message_string :== a UTF-8 string
			

The authorisation field combines the first 4 bytes of the time field via a XOR with the MD5 hash of the incoming password (probably easier to look at the samples).

Encrypted messages

body :== 
{
	"time" : java_time_long,
	"enc_messages" : 
		[ array_of_enc_text ]
}
java_time_long :== The result of a call such as "new Date().getTime()" 
	and is same reference as java time
array_of_enc_text :== a HEX String, such as "01234567890ABCDF", where
    each value is two characters, e.g. 1 is 01, 10 is 0A
			

This format sends each message individually encrypted with the incoming password. The format of each string is:

<16 bytes of IV><Encrypted Text>

The encryption uses the MD5 Hash of the incoming password.

The unencrypted text is of the format:

<phone number>'>'<message text>