I have two SIM card I inheritted from a previous project that I've been told came from the same vendor. When I run `pcsc_scan` on them, I get the following output for both:
Reader 0: OMNIKEY CardMan (076B:3022) 3021 00 00 Card state: Card inserted, ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68 + TS = 3B --> Direct Convention + T0 = 7D, Y(1): 0111, K: 13 (historical bytes) TA(1) = 94 --> Fi=512, Di=8, 64 cycles/ETU 62500 bits/s at 4 MHz, fMax for Fi = 5 MHz => 78125 bits/s TB(1) = 00 --> VPP is not electrically connected TC(1) = 00 --> Extra guard time: 0 + Historical bytes: 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68 Category indicator byte: 55 (proprietary format)
Possibly identified card (using /usr/share/pcsc/smartcard_list.txt): 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68 SIM from sysmocom sysmoSIM-GR2
When I try to program one of the SIMs, it works fine:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01 Insert card now (or CTRL-C to cancel) Generated card parameters :
Name : Magic SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000 ICCID : 8901001010000000017 MCC/MNC : 1/1 IMSI : 001010000000001 Ki : ffffffffffffffffffffffffffffffff OPC : f134b55cea2942ebbd213c82e084be62 ACC : None
Programming ... Done !
But on the other I get:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01
Insert card now (or CTRL-C to cancel) Generated card parameters :
Name : Magic SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000 ICCID : 8901001010000000017 MCC/MNC : 1/1 IMSI : 001010000000001 Ki : ffffffffffffffffffffffffffffffff OPC : 53945a5223e299bf6cec05911922442c ACC : None
Programming ... Traceback (most recent call last): File "./pySim-prog.py", line 636, in <module> card.program(cp) File "/home/user/workspace/pysim/pySim/cards.py", line 382, in program self._scc.verify_chv(0x05, pin) File "/home/user/workspace/pysim/pySim/commands.py", line 111, in verify_chv return self._tp.send_apdu_checksw(self.cla_byte + '2000' + ('%02X' % chv_no) + '08' + fc) File "/home/user/workspace/pysim/pySim/transport/__init__.py", line 87, in send_apdu_checksw raise RuntimeError("SW match failed ! Expected %s and got %s." % (sw.lower(), rv[1])) RuntimeError: SW match failed ! Expected 9000 and got 9840.
I also tried some of the other branches, as people on other forums had reported better luck with those, but I get the same error. Is there any documentation explaining the magic byte values that are sent back and forth to the card? I'm having a hard time understanding the spec by which the program is trying too communicate with the card.
Any help is greatly appreciated.
Thanks, Billy
Hi Billy,
Here you go: https://eftlab.co.uk/index.php/site-map/knowledge-base/118-apdu-response-lis... https://eftlab.co.uk/index.php/site-map/knowledge-base/118-apdu-response-list
Good luck! Domi
- szept. 27. dátummal, 17:50 időpontban Billy Jones wljones@praxiseng.com írta:
I have two SIM card I inheritted from a previous project that I've been told came from the same vendor. When I run `pcsc_scan` on them, I get the following output for both:
Reader 0: OMNIKEY CardMan (076B:3022) 3021 00 00 Card state: Card inserted, ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
- TS = 3B --> Direct Convention
- T0 = 7D, Y(1): 0111, K: 13 (historical bytes) TA(1) = 94 --> Fi=512, Di=8, 64 cycles/ETU 62500 bits/s at 4 MHz, fMax for Fi = 5 MHz => 78125 bits/s TB(1) = 00 --> VPP is not electrically connected TC(1) = 00 --> Extra guard time: 0
- Historical bytes: 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68 Category indicator byte: 55 (proprietary format)
Possibly identified card (using /usr/share/pcsc/smartcard_list.txt): 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68 SIM from sysmocom sysmoSIM-GR2
When I try to program one of the SIMs, it works fine:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01 Insert card now (or CTRL-C to cancel) Generated card parameters :
Name : Magic SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000 ICCID : 8901001010000000017 MCC/MNC : 1/1 IMSI : 001010000000001 Ki : ffffffffffffffffffffffffffffffff OPC : f134b55cea2942ebbd213c82e084be62 ACC : None
Programming ... Done !
But on the other I get:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01
Insert card now (or CTRL-C to cancel) Generated card parameters :
Name : Magic SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000 ICCID : 8901001010000000017 MCC/MNC : 1/1 IMSI : 001010000000001 Ki : ffffffffffffffffffffffffffffffff OPC : 53945a5223e299bf6cec05911922442c ACC : None
Programming ... Traceback (most recent call last): File "./pySim-prog.py", line 636, in <module> card.program(cp) File "/home/user/workspace/pysim/pySim/cards.py", line 382, in program self._scc.verify_chv(0x05, pin) File "/home/user/workspace/pysim/pySim/commands.py", line 111, in verify_chv return self._tp.send_apdu_checksw(self.cla_byte + '2000' + ('%02X' % chv_no) + '08' + fc) File "/home/user/workspace/pysim/pySim/transport/__init__.py", line 87, in send_apdu_checksw raise RuntimeError("SW match failed ! Expected %s and got %s." % (sw.lower(), rv[1])) RuntimeError: SW match failed ! Expected 9000 and got 9840.
I also tried some of the other branches, as people on other forums had reported better luck with those, but I get the same error. Is there any documentation explaining the magic byte values that are sent back and forth to the card? I'm having a hard time understanding the spec by which the program is trying too communicate with the card.
Any help is greatly appreciated.
Thanks, Billy
Domi,
Thank you for the link!
So am I right in concluding that the SIM has a PIN associated with it and I’m not sending the correct one (from the code it looks like it’s sending “DDDDDDDD” as the default since I’m not specifying it in the command line)?
Thanks again, Billy
From: Tomcsányi Domonkos [mailto:domi@tomcsanyi.net] Sent: Wednesday, September 27, 2017 12:08 PM To: Billy Jones Cc: openbsc@lists.osmocom.org Subject: Re: pySim inconsistent on seemingly identical SIM cards
Hi Billy,
Here you go: https://eftlab.co.uk/index.php/site-map/knowledge-base/118-apdu-response-lis...
Good luck! Domi
2017. szept. 27. dátummal, 17:50 időpontban Billy Jones <wljones@praxiseng.commailto:wljones@praxiseng.com> írta:
I have two SIM card I inheritted from a previous project that I've been told came from the same vendor. When I run `pcsc_scan` on them, I get the following output for both:
Reader 0: OMNIKEY CardMan (076B:3022) 3021 00 00 Card state: Card inserted, ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68 + TS = 3B --> Direct Convention + T0 = 7D, Y(1): 0111, K: 13 (historical bytes) TA(1) = 94 --> Fi=512, Di=8, 64 cycles/ETU 62500 bits/s at 4 MHz, fMax for Fi = 5 MHz => 78125 bits/s TB(1) = 00 --> VPP is not electrically connected TC(1) = 00 --> Extra guard time: 0 + Historical bytes: 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68 Category indicator byte: 55 (proprietary format)
Possibly identified card (using /usr/share/pcsc/smartcard_list.txt): 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68 SIM from sysmocom sysmoSIM-GR2
When I try to program one of the SIMs, it works fine:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01 Insert card now (or CTRL-C to cancel) Generated card parameters :
Name : Magic SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000 ICCID : 8901001010000000017 MCC/MNC : 1/1 IMSI : 001010000000001 Ki : ffffffffffffffffffffffffffffffff OPC : f134b55cea2942ebbd213c82e084be62 ACC : None
Programming ... Done !
But on the other I get:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01
Insert card now (or CTRL-C to cancel) Generated card parameters :
Name : Magic SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000 ICCID : 8901001010000000017 MCC/MNC : 1/1 IMSI : 001010000000001 Ki : ffffffffffffffffffffffffffffffff OPC : 53945a5223e299bf6cec05911922442c ACC : None
Programming ... Traceback (most recent call last): File "./pySim-prog.py", line 636, in <module> card.program(cp) File "/home/user/workspace/pysim/pySim/cards.py", line 382, in program self._scc.verify_chv(0x05, pin) File "/home/user/workspace/pysim/pySim/commands.py", line 111, in verify_chv return self._tp.send_apdu_checksw(self.cla_byte + '2000' + ('%02X' % chv_no) + '08' + fc) File "/home/user/workspace/pysim/pySim/transport/__init__.py", line 87, in send_apdu_checksw raise RuntimeError("SW match failed ! Expected %s and got %s." % (sw.lower(), rv[1])) RuntimeError: SW match failed ! Expected 9000 and got 9840.
I also tried some of the other branches, as people on other forums had reported better luck with those, but I get the same error. Is there any documentation explaining the magic byte values that are sent back and forth to the card? I'm having a hard time understanding the spec by which the program is trying too communicate with the card.
Any help is greatly appreciated.
Thanks, Billy
Hi Billy,
Yes, according to the code you are trying with 4444444444444444, which is indeed DDDDDDDD. https://github.com/osmocom/pysim/blob/master/pySim/cards.py#L375 https://github.com/osmocom/pysim/blob/master/pySim/cards.py#L375
It is important to note that this is not the PIN-code you enter when you put the card into a phone, it is the super-admin PIN code/ADM key needed for programming if I understand the code correctly.
Cheers, Domi
- szept. 27. dátummal, 19:35 időpontban Billy Jones wljones@praxiseng.com írta:
Domi,
Thank you for the link!
So am I right in concluding that the SIM has a PIN associated with it and I’m not sending the correct one (from the code it looks like it’s sending “DDDDDDDD” as the default since I’m not specifying it in the command line)?
Thanks again, Billy
From: Tomcsányi Domonkos [mailto:domi@tomcsanyi.net] Sent: Wednesday, September 27, 2017 12:08 PM To: Billy Jones Cc: openbsc@lists.osmocom.org Subject: Re: pySim inconsistent on seemingly identical SIM cards
Hi Billy,
Here you go: https://eftlab.co.uk/index.php/site-map/knowledge-base/118-apdu-response-lis... https://eftlab.co.uk/index.php/site-map/knowledge-base/118-apdu-response-list
Good luck! Domi
- szept. 27. dátummal, 17:50 időpontban Billy Jones <wljones@praxiseng.com mailto:wljones@praxiseng.com> írta:
I have two SIM card I inheritted from a previous project that I've been told came from the same vendor. When I run `pcsc_scan` on them, I get the following output for both:
Reader 0: OMNIKEY CardMan (076B:3022) 3021 00 00 Card state: Card inserted, ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
- TS = 3B --> Direct Convention
- T0 = 7D, Y(1): 0111, K: 13 (historical bytes) TA(1) = 94 --> Fi=512, Di=8, 64 cycles/ETU 62500 bits/s at 4 MHz, fMax for Fi = 5 MHz => 78125 bits/s TB(1) = 00 --> VPP is not electrically connected TC(1) = 00 --> Extra guard time: 0
- Historical bytes: 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68 Category indicator byte: 55 (proprietary format)
Possibly identified card (using /usr/share/pcsc/smartcard_list.txt): 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68 SIM from sysmocom sysmoSIM-GR2
When I try to program one of the SIMs, it works fine:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01 Insert card now (or CTRL-C to cancel) Generated card parameters :
Name : Magic SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000 ICCID : 8901001010000000017 MCC/MNC : 1/1 IMSI : 001010000000001 Ki : ffffffffffffffffffffffffffffffff OPC : f134b55cea2942ebbd213c82e084be62 ACC : None
Programming ... Done !
But on the other I get:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01
Insert card now (or CTRL-C to cancel) Generated card parameters :
Name : Magic SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000 ICCID : 8901001010000000017 MCC/MNC : 1/1 IMSI : 001010000000001 Ki : ffffffffffffffffffffffffffffffff OPC : 53945a5223e299bf6cec05911922442c ACC : None
Programming ... Traceback (most recent call last): File "./pySim-prog.py", line 636, in <module> card.program(cp) File "/home/user/workspace/pysim/pySim/cards.py", line 382, in program self._scc.verify_chv(0x05, pin) File "/home/user/workspace/pysim/pySim/commands.py", line 111, in verify_chv return self._tp.send_apdu_checksw(self.cla_byte + '2000' + ('%02X' % chv_no) + '08' + fc) File "/home/user/workspace/pysim/pySim/transport/__init__.py", line 87, in send_apdu_checksw raise RuntimeError("SW match failed ! Expected %s and got %s." % (sw.lower(), rv[1])) RuntimeError: SW match failed ! Expected 9000 and got 9840.
I also tried some of the other branches, as people on other forums had reported better luck with those, but I get the same error. Is there any documentation explaining the magic byte values that are sent back and forth to the card? I'm having a hard time understanding the spec by which the program is trying too communicate with the card.
Any help is greatly appreciated.
Thanks, Billy
-
Billy Jones -
Tomcsányi Domonkos