27 Sep
2017
27 Sep
'17
5:50 p.m.
I have two SIM card I inheritted from a previous project that I've been told came from
the same vendor. When I run `pcsc_scan` on them, I get the following output for both:
Reader 0: OMNIKEY CardMan (076B:3022) 3021 00 00
Card state: Card inserted,
ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
+ TS = 3B --> Direct Convention
+ T0 = 7D, Y(1): 0111, K: 13 (historical bytes)
TA(1) = 94 --> Fi=512, Di=8, 64 cycles/ETU
62500 bits/s at 4 MHz, fMax for Fi = 5 MHz => 78125 bits/s
TB(1) = 00 --> VPP is not electrically connected
TC(1) = 00 --> Extra guard time: 0
+ Historical bytes: 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
Category indicator byte: 55 (proprietary format)
Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
SIM from sysmocom sysmoSIM-GR2
When I try to program one of the SIMs, it works fine:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t
sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01
Insert card now (or CTRL-C to cancel)
Generated card parameters :
Name : Magic
SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000
ICCID : 8901001010000000017
MCC/MNC : 1/1
IMSI : 001010000000001
Ki : ffffffffffffffffffffffffffffffff
OPC : f134b55cea2942ebbd213c82e084be62
ACC : None
Programming ...
Done !
But on the other I get:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t
sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01
Insert card now (or CTRL-C to cancel)
Generated card parameters :
Name : Magic
SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000
ICCID : 8901001010000000017
MCC/MNC : 1/1
IMSI : 001010000000001
Ki : ffffffffffffffffffffffffffffffff
OPC : 53945a5223e299bf6cec05911922442c
ACC : None
Programming ...
Traceback (most recent call last):
File "./pySim-prog.py", line 636, in <module>
card.program(cp)
File "/home/user/workspace/pysim/pySim/cards.py", line 382, in program
self._scc.verify_chv(0x05, pin)
File "/home/user/workspace/pysim/pySim/commands.py", line 111, in verify_chv
return self._tp.send_apdu_checksw(self.cla_byte + '2000' + ('%02X' %
chv_no) + '08' + fc)
File "/home/user/workspace/pysim/pySim/transport/__init__.py", line 87, in
send_apdu_checksw
raise RuntimeError("SW match failed ! Expected %s and got %s." %
(sw.lower(), rv[1]))
RuntimeError: SW match failed ! Expected 9000 and got 9840.
I also tried some of the other branches, as people on other forums had reported better
luck with those, but I get the same error. Is there any documentation explaining the
magic byte values that are sent back and forth to the card? I'm having a hard time
understanding the spec by which the program is trying too communicate with the card.
Any help is greatly appreciated.
Thanks,
Billy
27 Sep
27 Sep
6:07 p.m.
Hi Billy,
Here you go:
https://eftlab.co.uk/index.php/site-map/knowledge-base/118-apdu-response-li…
<https://eftlab.co.uk/index.php/site-map/knowledge-base/118-apdu-response-list>
Good luck!
Domi
2017. szept. 27. dátummal, 17:50 időpontban Billy
Jones <wljones(a)praxiseng.com> írta:
I have two SIM card I inheritted from a previous project that I've been told came
from the same vendor. When I run `pcsc_scan` on them, I get the following output for
both:
Reader 0: OMNIKEY CardMan (076B:3022) 3021 00 00
Card state: Card inserted,
ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
+ TS = 3B --> Direct Convention
+ T0 = 7D, Y(1): 0111, K: 13 (historical bytes)
TA(1) = 94 --> Fi=512, Di=8, 64 cycles/ETU
62500 bits/s at 4 MHz, fMax for Fi = 5 MHz => 78125 bits/s
TB(1) = 00 --> VPP is not electrically connected
TC(1) = 00 --> Extra guard time: 0
+ Historical bytes: 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
Category indicator byte: 55 (proprietary format)
Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
SIM from sysmocom sysmoSIM-GR2
When I try to program one of the SIMs, it works fine:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t
sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01
Insert card now (or CTRL-C to cancel)
Generated card parameters :
Name : Magic
SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000
ICCID : 8901001010000000017
MCC/MNC : 1/1
IMSI : 001010000000001
Ki : ffffffffffffffffffffffffffffffff
OPC : f134b55cea2942ebbd213c82e084be62
ACC : None
Programming ...
Done !
But on the other I get:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t
sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01
Insert card now (or CTRL-C to cancel)
Generated card parameters :
Name : Magic
SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000
ICCID : 8901001010000000017
MCC/MNC : 1/1
IMSI : 001010000000001
Ki : ffffffffffffffffffffffffffffffff
OPC : 53945a5223e299bf6cec05911922442c
ACC : None
Programming ...
Traceback (most recent call last):
File "./pySim-prog.py", line 636, in <module>
card.program(cp)
File "/home/user/workspace/pysim/pySim/cards.py", line 382, in program
self._scc.verify_chv(0x05, pin)
File "/home/user/workspace/pysim/pySim/commands.py", line 111, in verify_chv
return self._tp.send_apdu_checksw(self.cla_byte + '2000' + ('%02X' %
chv_no) + '08' + fc)
File "/home/user/workspace/pysim/pySim/transport/__init__.py", line 87, in
send_apdu_checksw
raise RuntimeError("SW match failed ! Expected %s and got %s." %
(sw.lower(), rv[1]))
RuntimeError: SW match failed ! Expected 9000 and got 9840.
I also tried some of the other branches, as people on other forums had reported better
luck with those, but I get the same error. Is there any documentation explaining the
magic byte values that are sent back and forth to the card? I'm having a hard time
understanding the spec by which the program is trying too communicate with the card.
Any help is greatly appreciated.
Thanks,
Billy
7:35 p.m.
Domi,
Thank you for the link!
So am I right in concluding that the SIM has a PIN associated with it and I’m not sending
the correct one (from the code it looks like it’s sending “DDDDDDDD” as the default since
I’m not specifying it in the command line)?
Thanks again,
Billy
From: Tomcsányi Domonkos [mailto:domi@tomcsanyi.net]
Sent: Wednesday, September 27, 2017 12:08 PM
To: Billy Jones
Cc: openbsc(a)lists.osmocom.org
Subject: Re: pySim inconsistent on seemingly identical SIM cards
Hi Billy,
Here you go:
https://eftlab.co.uk/index.php/site-map/knowledge-base/118-apdu-response-li…
Good luck!
Domi
2017. szept. 27. dátummal, 17:50 időpontban Billy Jones
<wljones@praxiseng.com<mailto:wljones@praxiseng.com>> írta:
I have two SIM card I inheritted from a previous project that I've been told came from
the same vendor. When I run `pcsc_scan` on them, I get the following output for both:
Reader 0: OMNIKEY CardMan (076B:3022) 3021 00 00
Card state: Card inserted,
ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
+ TS = 3B --> Direct Convention
+ T0 = 7D, Y(1): 0111, K: 13 (historical bytes)
TA(1) = 94 --> Fi=512, Di=8, 64 cycles/ETU
62500 bits/s at 4 MHz, fMax for Fi = 5 MHz => 78125 bits/s
TB(1) = 00 --> VPP is not electrically connected
TC(1) = 00 --> Extra guard time: 0
+ Historical bytes: 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
Category indicator byte: 55 (proprietary format)
Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
SIM from sysmocom sysmoSIM-GR2
When I try to program one of the SIMs, it works fine:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t
sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01
Insert card now (or CTRL-C to cancel)
Generated card parameters :
Name : Magic
SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000
ICCID : 8901001010000000017
MCC/MNC : 1/1
IMSI : 001010000000001
Ki : ffffffffffffffffffffffffffffffff
OPC : f134b55cea2942ebbd213c82e084be62
ACC : None
Programming ...
Done !
But on the other I get:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t
sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01
Insert card now (or CTRL-C to cancel)
Generated card parameters :
Name : Magic
SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000
ICCID : 8901001010000000017
MCC/MNC : 1/1
IMSI : 001010000000001
Ki : ffffffffffffffffffffffffffffffff
OPC : 53945a5223e299bf6cec05911922442c
ACC : None
Programming ...
Traceback (most recent call last):
File "./pySim-prog.py", line 636, in <module>
card.program(cp)
File "/home/user/workspace/pysim/pySim/cards.py", line 382, in program
self._scc.verify_chv(0x05, pin)
File "/home/user/workspace/pysim/pySim/commands.py", line 111, in verify_chv
return self._tp.send_apdu_checksw(self.cla_byte + '2000' + ('%02X' %
chv_no) + '08' + fc)
File "/home/user/workspace/pysim/pySim/transport/__init__.py", line 87, in
send_apdu_checksw
raise RuntimeError("SW match failed ! Expected %s and got %s." %
(sw.lower(), rv[1]))
RuntimeError: SW match failed ! Expected 9000 and got 9840.
I also tried some of the other branches, as people on other forums had reported better
luck with those, but I get the same error. Is there any documentation explaining the
magic byte values that are sent back and forth to the card? I'm having a hard time
understanding the spec by which the program is trying too communicate with the card.
Any help is greatly appreciated.
Thanks,
Billy
11:08 p.m.
Hi Billy,
Yes, according to the code you are trying with 4444444444444444, which is indeed
DDDDDDDD.
https://github.com/osmocom/pysim/blob/master/pySim/cards.py#L375
<https://github.com/osmocom/pysim/blob/master/pySim/cards.py#L375>
It is important to note that this is not the PIN-code you enter when you put the card into
a phone, it is the super-admin PIN code/ADM key needed for programming if I understand the
code correctly.
Cheers,
Domi
2017. szept. 27. dátummal, 19:35 időpontban Billy
Jones <wljones(a)praxiseng.com> írta:
Domi,
Thank you for the link!
So am I right in concluding that the SIM has a PIN associated with it and I’m not sending
the correct one (from the code it looks like it’s sending “DDDDDDDD” as the default since
I’m not specifying it in the command line)?
Thanks again,
Billy
From: Tomcsányi Domonkos [mailto:domi@tomcsanyi.net]
Sent: Wednesday, September 27, 2017 12:08 PM
To: Billy Jones
Cc: openbsc(a)lists.osmocom.org
Subject: Re: pySim inconsistent on seemingly identical SIM cards
Hi Billy,
Here you go:
https://eftlab.co.uk/index.php/site-map/knowledge-base/118-apdu-response-li…
<https://eftlab.co.uk/index.php/site-map/knowledge-base/118-apdu-response-list>
Good luck!
Domi
2017. szept. 27. dátummal, 17:50 időpontban Billy Jones <wljones(a)praxiseng.com
<mailto:wljones@praxiseng.com>> írta:
I have two SIM card I inheritted from a previous project that I've been told came
from the same vendor. When I run `pcsc_scan` on them, I get the following output for
both:
Reader 0: OMNIKEY CardMan (076B:3022) 3021 00 00
Card state: Card inserted,
ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
ATR: 3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
+ TS = 3B --> Direct Convention
+ T0 = 7D, Y(1): 0111, K: 13 (historical bytes)
TA(1) = 94 --> Fi=512, Di=8, 64 cycles/ETU
62500 bits/s at 4 MHz, fMax for Fi = 5 MHz => 78125 bits/s
TB(1) = 00 --> VPP is not electrically connected
TC(1) = 00 --> Extra guard time: 0
+ Historical bytes: 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
Category indicator byte: 55 (proprietary format)
Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
3B 7D 94 00 00 55 55 53 0A 74 86 93 0B 24 7C 4D 54 68
SIM from sysmocom sysmoSIM-GR2
When I try to program one of the SIMs, it works fine:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t
sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01
Insert card now (or CTRL-C to cancel)
Generated card parameters :
Name : Magic
SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000
ICCID : 8901001010000000017
MCC/MNC : 1/1
IMSI : 001010000000001
Ki : ffffffffffffffffffffffffffffffff
OPC : f134b55cea2942ebbd213c82e084be62
ACC : None
Programming ...
Done !
But on the other I get:
$ sudo ./pySim-prog.py -p 0 -i 001010000000001 -k ffffffffffffffffffffffffffffffff -t
sysmoSIM-GR2 --num=1 --mcc=001 --mnc=01
Insert card now (or CTRL-C to cancel)
Generated card parameters :
Name : Magic
SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000
ICCID : 8901001010000000017
MCC/MNC : 1/1
IMSI : 001010000000001
Ki : ffffffffffffffffffffffffffffffff
OPC : 53945a5223e299bf6cec05911922442c
ACC : None
Programming ...
Traceback (most recent call last):
File "./pySim-prog.py", line 636, in <module>
card.program(cp)
File "/home/user/workspace/pysim/pySim/cards.py", line 382, in program
self._scc.verify_chv(0x05, pin)
File "/home/user/workspace/pysim/pySim/commands.py", line 111, in verify_chv
return self._tp.send_apdu_checksw(self.cla_byte + '2000' + ('%02X' %
chv_no) + '08' + fc)
File "/home/user/workspace/pysim/pySim/transport/__init__.py", line 87, in
send_apdu_checksw
raise RuntimeError("SW match failed ! Expected %s and got %s." %
(sw.lower(), rv[1]))
RuntimeError: SW match failed ! Expected 9000 and got 9840.
I also tried some of the other branches, as people on other forums had reported better
luck with those, but I get the same error. Is there any documentation explaining the
magic byte values that are sent back and forth to the card? I'm having a hard time
understanding the spec by which the program is trying too communicate with the card.
Any help is greatly appreciated.
Thanks,
Billy
2413
days inactive
2413
days old
3 comments
2 participants
participants (2)
-
Billy Jones -
Tomcsányi Domonkos