How does one update EF files in a SIM using pysim? I know the edit_binary_decoded command exists but I keep running into security permissions not being satisfied. Do I need to verify_chv first? For the test eUICC with SGP.26 on sysmocom, is the pin documented somewhere?
This question can not be answered in a generic way. Every EF has access conditions associated with it, and those define which user using which credentials can perform which operation (read/update/delete/deactivate/…).
The response of the “select” command on an EF will tell you the details; possibly you need to consult the linked EF.ACC record, too.
Once you know which identity has the desired permission (if the file is writable by anyone, at all), then you need to authenticate using it. For most UICC like the sysmoUSIM/sysmoISIM products, it’s the ADM1 PIN which is provided at time of purchase.
None of this is specific to pySim, it is a general aspect of all smart cards within the ISO 7816 family.
There are no files on the eUICC itself that you could modify, and hence there is no related PIN.
The files you refer to are likely files of an eSIM profile installed on the eUICC, not the eUICC, right? And that eSIM profile defines the access control conditions as well as PINs (ADM1, etc.) along with them. If you’re using a TS.48 test profile, then you need to consult TS.48 for it.
In general I suggest to learn to work with normal classic SIM/USIM first, before taking the step to eUICC and eSIM profiles. Otherwise it’s just another layer of complexity…
1 Like
So I’m trying to write values onto a writable SIM card using pysim. But when I use any of the write commands, like edit_binary_decoded and the vim editor pops up, I get this error:
File "/pysim/pySim/commands.py", line 395, in update_binary
raise ValueError('%s, failed to write chunk (chunk_offset %d, chunk_len %d)' %
ValueError: SW match failed! Expected 9000 and got 6982: Command not allowed - Security status not satisfied, failed to write chunk (chunk_offset 0, chunk_len 9)
EXCEPTION of type 'ValueError' occurred with message: SW match failed! Expected 9000 and got 6982: Command not allowed - Security status not satisfied, failed to write chunk (chunk_offset 0, chunk_len 9)
Any advice on what I should do?
which “writable SIM” is that? You wrote earlier that you are using a sysmoEUICC-C2T. That is an eUICC, not a SIM. If you’re looking for a “writable SIM”, then you should consider using a symoISIM-SJA5 instead.
Compare that to a physical machine with the ability to run VMs (eSIM profiles). An eUICC itself does not have any files. The files you see are files of the installed and currently activated eSIM profile.
The permissions of each file in the profile are defined by the profile. You do not specify what eSIM profile you have installed.
To continue the physical machine / VM analogy: It’s a bit like asking the hardware manufacturer of a PC about the permissions / ACLs of a file in the operating system. The hardware manufacturer (here: the eUICC manufacturer) doesn’t know what kind of OS you are using and what kind of permissions which file on that might have.
1 Like
I switched to a writable USIM since that’s what you recommended. This error message was received while trying to change a file in the USIM, not eUICC.
That analogy makes sense, do you have any advice as to how I should debug this error?