GrcardSIM » History » Version 12
fixeria, 01/15/2021 06:52 PM
1 | 1 | laforge | h1. GRcard SIM |
---|---|---|---|
2 | 9 | tsaitgaist | |
3 | 12 | fixeria | {{>toc}} |
4 | 9 | tsaitgaist | |
5 | 1 | laforge | The GRcard SIM is a programmable GSM SIM card. |
6 | |||
7 | It uses a mixture of TS11.11 / ISO7816-4 and proprietary commands for programming |
||
8 | 3 | laforge | |
9 | 11 | fixeria | There is limited card programming support both in https://git.osmocom.org/pysim/ as well as the more interactive https://git.osmocom.org/cyberflex-shell/. |
10 | 1 | laforge | |
11 | |||
12 | 9 | tsaitgaist | h2. Command reference |
13 | |||
14 | |||
15 | 1 | laforge | To understand this reference, it is assumed that you are familiar with basic knowledge on smartcard |
16 | technologies, such as standard ISO 7816-3/-4 APDUs and GSM TS 11.11. |
||
17 | |||
18 | |||
19 | 9 | tsaitgaist | h3. Setting the ICCID |
20 | |||
21 | |||
22 | 1 | laforge | Uses a standard UPDATE BINARY (D6) command on the EF.ICCID (2FE2) |
23 | |||
24 | Security: ADM2 |
||
25 | |||
26 | |||
27 | 9 | tsaitgaist | h3. Setting the IMSI |
28 | |||
29 | |||
30 | 1 | laforge | Uses a standard UPDATE BINARY (D6) command on the EF.IMSI (7F20/6F07) |
31 | |||
32 | Security: ADM2 |
||
33 | |||
34 | |||
35 | 9 | tsaitgaist | h3. Setting the Access Class |
36 | |||
37 | |||
38 | 1 | laforge | Uses a standard UPDATE BINARY (D6) command on the EF.ACC (7F20/6F78) |
39 | |||
40 | Security: ADM2 |
||
41 | |||
42 | |||
43 | 9 | tsaitgaist | h3. Setting the SMS Parameters |
44 | |||
45 | |||
46 | 1 | laforge | Uses a standard UPDATE RECORD (DC) command on the EF.SMS (7F10/6F42) |
47 | |||
48 | Security: ADM2 |
||
49 | |||
50 | |||
51 | 9 | tsaitgaist | h3. Setting the A3/A8 algorithm |
52 | |||
53 | |||
54 | 1 | laforge | Uses a standard UPDATE BINARY (D6) command on the non-standard (2700/6F70) EF |
55 | |||
56 | The record has a size of 1 byte and is defined as follows: |
||
57 | 9 | tsaitgaist | * 01 - COMP128v1 |
58 | * 02 - COMP128v2 |
||
59 | * 03 - COMP128v3 |
||
60 | 1 | laforge | |
61 | Security: ADM2 |
||
62 | |||
63 | |||
64 | 9 | tsaitgaist | h3. Setting the Ki |
65 | 1 | laforge | |
66 | 10 | laforge | Uses a non-standard APDU @80 D4 02 00 10@, followed by 16 bytes of Ki |
67 | 9 | tsaitgaist | |
68 | 1 | laforge | Security: none |
69 | 6 | tsaitgaist | |
70 | 1 | laforge | |
71 | h3. Setting the PIN1 and PUK1 |
||
72 | 9 | tsaitgaist | |
73 | 10 | laforge | Uses a non-standard APDU @80 D4 00 01 10@ followed by 8 bytes of PIN1 and 8 bytes of PUK1 |
74 | 9 | tsaitgaist | |
75 | |||
76 | 1 | laforge | Security: none |
77 | |||
78 | |||
79 | h3. Setting the PIN2 and PUK2 |
||
80 | |||
81 | 9 | tsaitgaist | |
82 | 10 | laforge | Uses a non-standard APDU @80 D4 00 02 10@ followed by 8 bytes of PIN2 and 8 bytes of PUK2 |
83 | 9 | tsaitgaist | |
84 | 1 | laforge | Security: none |
85 | |||
86 | |||
87 | 9 | tsaitgaist | h3. Setting the ADM1 + AUK1 |
88 | 1 | laforge | |
89 | 9 | tsaitgaist | |
90 | 10 | laforge | Uses a non-standard APDU @80 D4 01 04 12 03 00@ followed by 8 bytes of ADM1 and 8 bytes of AUK1 |
91 | 9 | tsaitgaist | |
92 | 1 | laforge | Security: none |
93 | |||
94 | 9 | tsaitgaist | |
95 | 1 | laforge | h3. Setting the ADM2 + AUK2 |
96 | 9 | tsaitgaist | |
97 | 10 | laforge | Uses a non-standard APDU @80 D4 01 05 12 03 00@ followed by 8 bytes of ADM2 and 8 bytes of AUK2 |
98 | 9 | tsaitgaist | |
99 | Security: none |
||
100 | 1 | laforge | |
101 | 9 | tsaitgaist | |
102 | 1 | laforge | h3. Create File |
103 | |||
104 | 10 | laforge | Uses a non-standard APDU @80 CF 00 P2 LEN FID SIZE OPT1 ACC OPT2@, specified as follows: |
105 | 9 | tsaitgaist | |
106 | 1 | laforge | * Parameter P2: |
107 | 9 | tsaitgaist | ** 00: Create DF |
108 | ** 01: Create linear record EF |
||
109 | 1 | laforge | ** 02: Create transparent EF |
110 | 9 | tsaitgaist | ** 03: Create cyclic record EF |
111 | 10 | laforge | ** 04: used to create EF.0001 with size {{{0A20}}} |
112 | 9 | tsaitgaist | * FID: The 2 byte File ID |
113 | * SIZE: 2 bytes for the transparent EF size; or 1 byte for the number of records, and 1 byte for the record size for linear or cyclic EF |
||
114 | 10 | laforge | * OPT: Always @0100@ |
115 | 9 | tsaitgaist | * ACC: Access conditions (3 bytes), According to TS 11.11, Section 9.3 |
116 | 10 | laforge | * OPT2: Always @FF@ |
117 | 9 | tsaitgaist | |
118 | 4 | tsaitgaist | Security: ADM0 |
119 | |||
120 | 5 | tsaitgaist | |
121 | 9 | tsaitgaist | h3. Erase Card |
122 | |||
123 | 10 | laforge | Uses a non-standard APDU @80FE000014 31323334353600001301FF0000000000000000EA@ |
124 | 5 | tsaitgaist | |
125 | 1 | laforge | Security: none |
126 | |||
127 | 9 | tsaitgaist | |
128 | h3. Authenticate as ADM0 |
||
129 | |||
130 | 10 | laforge | Uses a non-standard APDU @80 F6 00 00 08 PIN@, where per default PIN is @0000000000000000@ |