Hi all.
I’m hoping this is the right forum, and the question hasn’t been asked before.
I’m currently writing an applet for use in SIM cards.
Until now, we’ve been using an old home-brew Python tool to do the flashing. It works with 0348 encryption and a “custom” encryption (not sure how it works TBH).
We’ve come across a batch of SIM cards that we’re not able to flash, as our tool effectively behaves as an OTA platform, and sends PDUs that mimic an OTA campaign to flash a SIM card. The reason we can’t flash them is the cards seem to not have an OTA server running on them.
I’ve tried using GPPro, but apparently that tool doesn’t support SCP80 or 81, and I just can’t get it working.
I’ve had way more luck with pySIM-shell however. (as in I’ve spent 1% of the time I’ve spent struggling with GPPro, and I’ve got 10x further in that time).
I’ve got a live SIM card, made by Idemia. We’ve got ADM1 and ADM2 (plus KIC/KIK/KID 1,2,3 and F).
I want to use this as the reference, as we can flash this using our tool.
I start pySIM-shell using
python pySim-shell.py -p 0 -A BE4444FA5E94527C
It results in …
Using reader PCSC[Alcorlink USB Smart Card Reader 0]
Waiting for card...
Info: Card is of type: UICC
Detected UICC Add-on "SIM"
AIDs on card:
USIM: a0000000871002ff49ffff89050e00ff (EF.DIR)
Welcome to pySim-shell!
(C) 2021-2023 by Harald Welte, sysmocom - s.f.m.c. GmbH and contributors
Online manual available at https://downloads.osmocom.org/docs/pysim/master/html/shell.html
All perfect.
If I use the ADM2 I have for this SIM card, it tells me that
Failed to verify chv_no 0x0A with code 0xF6D48A367D280982, 9 tries left.
So I know the ADM1_PIN as Hex via the CLI is working.
I can move round the file structure, get card info, and that’s all great.
When I come to verify the ADM, this is where stuff starts to go wrong.
I can’t specify the ADM PIN.
If I just try to verify on its own
pySIM-shell (00:MF)> verify_adm
EXCEPTION of type 'ValueError' occurred with message: cannot find ADM-PIN for ICCID '89xxxxxxxxxxxxxxxxxx'
If I specify the ADM_PIN I’ve already specified in the command line
pySIM-shell (00:MF)> verify_adm BE4444FA5E94527C
EXCEPTION of type 'ValueError' occurred with message: PIN-ADM needs to be <=8 digits (ascii)
The help for pySIM-shell says…
-a PIN_ADM1, --pin-adm PIN_ADM1
ADM PIN used for provisioning (overwrites default) (default: None)
-A PIN_ADM1_HEX, --pin-adm-hex PIN_ADM1_HEX
ADM PIN used for provisioning, as hex string (16 characters long) (default: None)
To my eyes, PIN_ADM1 and PIN_ADM1_HEX are the same PIN, but one is in hex and the other is “raw”.
I’ve tried specifying the PIN as non-hex in the CLI…
python pySim-shell.py -p 0 -a 0xBE4444FA5E94527C
but it blows up with
ValueError: PIN-ADM needs to be <=8 digits (ascii)
Is there a workround? Is it a known issue? Am I being an idiot and have missed something in 6 foot tall letters in the docs?
I’m going to open pySIM-shell up and have a look to see what it’s doing, but I thought I’d ask here as well.
Many thanks.
Pete.