Project

General

Profile

Feature #4807

Support for writing EF_SUCI_Calc_Info

Added by laforge 5 months ago. Updated 6 days ago.

Status:
New
Priority:
Low
Assignee:
-
Target version:
-
Start date:
10/14/2020
Due date:
% Done:

0%

Spec Reference:

Description

Modern cards (including sysmoISIM-SJA2) have an ADF_USIM/EF_SUCI_Calc_Info which is used by 5G UE to perform the SUPI concealment (computation of SUCI).

It would be useful to have pySim support to
  • enable/disable this (Service 124 in EF_UST)
  • read/write ADF_USIM/EF_SUCI_Calc_Info

History

#1 Updated by Brandon about 2 months ago

#2 Updated by merlinchlosta 8 days ago

Just a quick observation:

sysmoISIM-SJA2 has Services 123 (5G Security Parameters) & 124 set by default but no EF_5G_Auth_Keys and EF_SUCI_Calc_Info files present. My Qualcomm modems don't fall back to IMSI then but instead show a USIM failure and apparently stop searching/connecting anything 5G.

So either disabling the services or writing the files is a must with these modems and 5G-SA.

#3 Updated by laforge 8 days ago

On Sun, Feb 21, 2021 at 01:52:18PM +0000, merlinchlosta [REDMINE] wrote:

sysmoISIM-SJA2 has Services 123 (5G Security Parameters) & 124 set by default but no EF_5G_Auth_Keys and EF_SUCI_Calc_Info files present.

Those files defintiely exist. how did you check for those files presence and how did you determine
they don't? Please let me know so we can clarify.

DF_5GS should exist in ADF_USIM, and below DF_5GS there are
  • EF_5GS3GPPLOCI
  • EF_5GSN3GPPLOCI
  • EF_5GS3GPPNSC
  • EF_5GSN3GPPNSC
  • EF_5GAUTHKEYS
  • EF_UAC_AIC
  • EF_SUCI_CalcInfo
  • EF_OPL5G
  • EF_SNSI
  • EF_Routing_Indicator

So either disabling the services or writing the files is a must with these modems and 5G-SA.

Yes, you either need to
  1. disable the services in the SST (if not needed), or
  2. actually write your related information/configuration to the files (which do exist)

The same is true for virtually all the files on the cards. We generally try to create
all files that are ever specified anywhere in 3GPP specs, as creation of new files is only
possible during card personalization and not later at runtime. It's then up to the user to
enable/disable those services they need / want in EF.SST, EF.UST and EF.IST.

Regards,
Harald

#4 Updated by merlinchlosta 8 days ago

I've added the following code in pySim-read, just after USIM initialization (I'm not very familiar with SIM, want to make sure I'm in the right… directory?)

    # Check whether we have th AID of USIM, if so select it by its AID
    # EF.UST - File Id in ADF USIM : 6f38
    if '9000' == card.select_adf_by_aid():
        # Select USIM profile
        usim_card = UsimCard(scc)

        print("EF_UST available (just to check): %s" % str(usim_card.file_exists('6F38')))
        print("EF_SUCI_Calc_Info available: %s" % str(usim_card.file_exists('4F07')))
        print("EF_5G_Auth_Keys available: %s" % str(usim_card.file_exists('4F05')))

        (res, sw) = card.read_binary('6F38')
        if sw == '9000':
            print("EF_UST: %s" % res)
        else:
            print("EF_UST: Can't read, response code = %s" % (sw,))

        (res, sw) = card.read_binary('4F07')
        if sw == '9000':
            print("EF_SUCI_Calc_Info: %s" % res)
        else:
            print("EF_SUCI_Calc_Info: Can't read, response code = %s" % (sw,))

        (res, sw) = card.read_binary('4F05')
        if sw == '9000':
            print("EF_5G_Auth_Keys: %s" % res)
        else:
            print("EF_5G_Auth_Keys: Can't read, response code = %s" % (sw,))

Output:

Using PC/SC reader interface
Reading ...
Autodetected card type: sysmoISIM-SJA2
ICCID: 8988211000000448822
...
EF_UST available (just to check): True
EF_SUCI_Calc_Info available: False
EF_5G_Auth_Keys available: False
EF_UST: beff9f9de73e0408400170330000000000000000
Traceback (most recent call last):
  File "./pySim-read.py", line 267, in <module>
    (res, sw) = card.read_binary('4F07')
  File "/home/merlin/tools/pysim/pySim/cards.py", line 189, in read_binary
    return self._scc.read_binary(ef_path, length, offset)
  File "/home/merlin/tools/pysim/pySim/commands.py", line 128, in read_binary
    r = self.select_file(ef)
  File "/home/merlin/tools/pysim/pySim/commands.py", line 119, in select_file
    data, sw = self._tp.send_apdu_checksw(self.cla_byte + "a4" + self.sel_ctrl + "02" + i)
  File "/home/merlin/tools/pysim/pySim/transport/__init__.py", line 104, in send_apdu_checksw
    raise RuntimeError("SW match failed! Expected %s and got %s." % (sw.lower(), rv[1]))
RuntimeError: SW match failed! Expected 9000 and got 6a82.

Same if I read the other file first, 6a82 seems something like "not found". If I understand correctly, a locked file would still be found?

I've played with the MS Operation Mode as well but besides the card is pretty fresh.

#5 Updated by laforge 7 days ago

On Mon, Feb 22, 2021 at 07:19:26AM +0000, merlinchlosta [REDMINE] wrote:

I've added the following code in pySim-read, just after USIM initialization (I'm not very familiar with SIM, want to make sure I'm in the right… directory?)

You are not in the right directory. You are in ADF.USIM, not in ADF.USIM/DF.5GS

See 3GPP TS 31.102 for the directory hierarchy.

#6 Updated by merlinchlosta 6 days ago

Thanks a lot, the files are there of course.

For anybody googling this, I read ADF.USIM/DF.5GS like this: https://github.com/mrlnc/pysim/commit/c7f9afeeeb43dd4f62ced3f1c63aa21983fcdb24
and updated the UST with something like this in SysmoISIMSJA2.program():

        print("Disabling 5G Security Parameters")
        ust_5g = [122, 123, 124, 126]
        for service in ust_5g:
            sw = self.update_ust(service, 0)
            if sw != '9000':
                print("Disabling 5G Service %i failed with code %s"% (service, sw))

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)