FreeCalypso > hg > fc-pcsc-tools
view doc/GrcardSIM2-programming @ 225:208ae1633f6c
simtool code: sysmo.c renamed to sjs1_hacks.c,
comments changed to clarify that these special commands
apply only to the recently discontinued SJS1 cards
and not to the SJA2 successor.
author | Mychaela Falconia <falcon@freecalypso.org> |
---|---|
date | Wed, 10 Mar 2021 19:39:33 +0000 |
parents | 80fc2b2f83c2 |
children |
line wrap: on
line source
The card model which we call GrcardSIM2 is one of the many smart card models made and sold by Grcard in China. As of this writing (2021-03) and going back to somewhere around 2013, it is the card model they sell when a customer asks for a GSM-only SIM card, as opposed to USIM cards for UMTS/LTE/etc. This card model was once resold by Sysmocom as sysmoSIM-GR2, and we are hoping to get a batch of our own FreeCalypso-branded version which we call FCSIM1. Our fc-simtool supports full programming of these cards: you can take a card whose initial state is "blank" or unprogrammed, or a card with some previous programming, and you can program it to your own liking using fc-simtool. For the purpose of programming this particular card model (as opposed to USIM/ISIM cards), our fc-simtool offers the following advantages over well-known competitor pySim-prog: * These cards support all 3 versions of COMP128 algorithm (v1, v2 and v3), but pySim-prog unconditionally selects COMP128v1. Our grcard2-set-comp128 command allows any of the 3 algorithm versions to be selected, and in the Mother's opinion it makes no sense to select any version other than COMP128v3 for new GSM network deployments. * These cards have a fairly sophisticated security model with two different ADM access levels: see GrcardSIM2-security-model article for the details. pySim-prog support for this security model is fundamentally broken: it authenticates with ADM11 as required for writing Ki, but does not support any option of changing this key to a secure one, as would be required in any application where traditional SIM security is desired. OTOH, pySim-prog needlessly resets ADM5, even though they could have left it alone - ADM11 by itself is sufficient for writing to all files. * Further on the security model, GrcardSIM2 cards allow admins to reset PIN1/PIN2/PUK1/PUK2 secret codes after authenticating with ADM5 or ADM11 - this mechanism is the only way to reset PUK1 and PUK2 if the previous codes are unknown. pySim-prog provides no support for setting PIN/PUK codes. * fc-simtool allows every single file in the card file system to be written as you like. Absolutely any file can be read and written in raw hex, and we also provide high-level read and write commands for most files. In contrast, pySim-prog implements a rigid and inflexible programming model, writing only a few files and only in one very limited way. Using fc-simtool to program GrcardSIM2 cards ============================================ To begin with, you must know the ADM11 (aka SUPER ADM) secret code for your card. If you got your card directly from Grcard factory or from a reseller such as FreeCalypso who leaves this default ADM11 key unchanged, your ADM11 key is ASCII-decimal 88888888, and you need to authenticate as follows: verify-ext 11 88888888 If the previous owner of your card changed this ADM11 key to something else, or if you had Grcard factory program cards for you with different ADM keys, then you need to know what the ADM11 secret is - if it is lost, there is no recovery, and you have to get a new card. If you have a non-default ADM11 key, you need to enter it using either verify-ext 11 or verify-hex 11 command, depending on whether the key falls into the restricted ASCII-decimal subset or not. In any case, this verify-ext 11 or verify-hex 11 command should ideally be the first command in your fc-simtool session; if it is not the first command in the session, then it needs to be preceded with select MF. Once you have authenticated with ADM11, you are ready to run your programming scripts. Because fc-simtool is not a "one size fits all" tool like pySim-prog, but rather a fully generalized command shell that allows you to poke at whatever files you like in whatever order and manner you like, practical SIM programming should be done with customized command scripts. Furthermore, we recommend that you split your custom programming scripts into two levels: 1) You should have one command script which you install under /opt/freecalypso/sim-scripts that programs SIMs appropriately for your GSM network. This script should be the same for all of your cards, programming SST, PLMN selection (PLMNsel and FPLMN) and branding files SPN, PNN and OPL. See our fcsim1-defprog script for a starting point. 2) Per-card settings like ICCID, IMSI, ACC and Ki can only be set either manually (OK for one or two cards, but doesn't scale), or by way of custom front end or wrapper programs that generate and execute one-time fc-simtool command scripts. We plan on implementing one such front end tool once we get our FCSIM1 card batch made. Please refer to Admin-write-commands, GrcardSIM2-WEKI-file and GrcardSIM2-security-model articles for commands to be used in crafting your custom programming scripts.