Feature #1724: Extend wireshark dissector for SIM/USIM traces

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/simtrace@lists.osmocom.org/.

Gerard Lawrence Pinto gerardfly9 at gmail.com
Sat Jun 17 23:28:57 UTC 2017 

Greetings,

I have been working with wireshark and SIMtrace.
And decided to extended the dissector for 'GET RESPONSE' (mf/df/ef) and
'STATUS' - according to the ETSI 11.11 Section 9.2.1 Page 39 - 41 and Page
46 (Definitions and Codings for response params)
Keeping update with latest wireshark commits.

I would like to commit to their gerrit.
Please could you let me know here -  if the output is as expected.
Let me know your views/comments on the output so I can change it before
commit.

Also code can be viewed here 'https://github.com/GerardPinto/wireshark'
(properly forked and synced with upstream) or
reviewed by wireshark gerrit (Once I get your views on the output).

(1) Get Response MF/DF:

GSM SIM 11.11
    1010 .... = Class Coding: ISO/IEC 7816-4 unless stated otherwise (0xa)
    .... 00.. = Secure Messaging Indication: No SM used between terminal
and card (0x0)
    .... ..00 = Logical Channel number: 0
    Instruction: GET RESPONSE (0xc0)
    Length of Expected Response Data: 32
    RFU: 0x00
    Total amt of memory not allocated to any of the DFs or EFs under the
selected dir: 0x00
    File ID: DF.GSM (0x7f20)
    Type of File: DF (0x02)
    RFU: 0000000000
    Length of following data: 19
    GSM Specific Data
        File Characteristics: 0xb3, Clock Stopping Indication: Not Allowed
- unless at low level, Frequency Required for ENVELOPE cmd /AUTH algo, CHV1
Status
            .... 00.1 = Clock Stopping Indication: Not Allowed - unless at
low level (0x1)
            .... ..1. = Frequency Required for ENVELOPE cmd /AUTH algo:
13/4 Mhz
            .011 .... = RFU: 0x3
            1... .... = CHV1 Status: Enabled
        DFs in Current Directory: 0
        EFs in Current Directory: 41
        Number of CHVs, UNBLOCK CHVs and administrative codes: 4
        RFU: 0x00
        CHV1 status: 0x83, Secret Code initialized
            .... 0011 = False presentations remaining ('0' means blocked): 3
            .000 .... = RFU: 0x0
            1... .... = Secret Code initialized: Yes
        UNBLOCK CHV1 Status: 0x8a, Secret Code initialized
            .... 1010 = False presentations remaining ('0' means blocked):
10
            .000 .... = RFU: 0x0
            1... .... = Secret Code initialized: Yes
        CHV2 Status: 0x8a, Secret Code initialized
            .... 1010 = False presentations remaining ('0' means blocked):
10
            .000 .... = RFU: 0x0
            1... .... = Secret Code initialized: Yes
        UNBLOCK CHV2 Status: 0x8a, Secret Code initialized
            .... 1010 = False presentations remaining ('0' means blocked):
10
            .000 .... = RFU: 0x0
            1... .... = Secret Code initialized: Yes
        RFU: 0x00
        Reserved for the Administrative Management: 030000bbda00000000
    Status Word: 9000 Normal ending of the command

(2) Get Response EF:

GSM SIM 11.11
    1010 .... = Class Coding: ISO/IEC 7816-4 unless stated otherwise (0xa)
    .... 00.. = Secure Messaging Indication: No SM used between terminal
and card (0x0)
    .... ..00 = Logical Channel number: 0
    Instruction: GET RESPONSE (0xc0)
    Length of Expected Response Data: 15
    RFU: 0x00
    File Size: 11
    File ID: EF.LOCI (0x6f7e)
    Type of File: EF (0x04)
    EF response Byte 8: RFU: 00
    Access Condition Byte 9: 0x00, UPDATE: Always (ALW), READ/SEEK: Always
(ALW)
        .... 0000 = UPDATE: Always (ALW) (0x0)
        0000 .... = READ/SEEK: Always (ALW) (0x0)
    Access Condition Byte 10: 0x14, INCREASE: Administrative Authority
(ADM), RFU: Card Holder Verification1 (CHV1)
        .... 0100 = INCREASE: Administrative Authority (ADM) (0x4)
        0001 .... = RFU: Card Holder Verification1 (CHV1) (0x1)
    Access Condition Byte 11: 0x01, INVALIDATE: Card Holder Verification1
(CHV1), REHABILITATE: Always (ALW)
        .... 0001 = INVALIDATE: Card Holder Verification1 (CHV1) (0x1)
        0000 .... = REHABILITATE: Always (ALW) (0x0)
    File Status: 0x01, Validation Status
        .... ...1 = Validation Status: Not invalidated
        .... ..0. = RFU: 0x0
        .... .0.. = Read Update Status: Not readable or updatable when
invalidated
        0000 0... = RFU: 0x00
    Length of following data: 2
    File Structure: Transparent (0x00)
    Length of a record: 0
    Status Word: 9000 Normal ending of the command

(3) STATUS ( ETSI 11.11 Section 9.2.2) says -
The response parameters/data are identical to the response parameters/data
of the SELECT command in case of an MF or DF.


Thanks,
Gerard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/simtrace/attachments/20170617/50a23703/attachment.htm>

More information about the simtrace mailing list