FreeCalypso > hg > fc-sim-tools
annotate doc/ADM-PIN-numbering @ 93:6041c601304d
fcsim1-mkprov: revert OTA key addition
It appears that GrcardSIM2 cards (which is what we got for FCSIM1)
do not support OTA after all, contrary to what we were previously
led to believe by some tech support emails from Grcard - apparently
those support emails and OTA descriptions referred to some other
card model(s).
| author | Mychaela Falconia <falcon@freecalypso.org> |
|---|---|
| date | Wed, 21 Apr 2021 05:38:39 +0000 |
| parents | c9c2a8d954ba |
| children |
| rev | line source |
|---|---|
|
64
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
1 ADM access conditions |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
2 ===================== |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
3 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
4 The response to SELECT of any EF in the classic GSM 11.11 SIM protocol carries |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
5 3 bytes that indicate access conditions for the selected file - or more |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
6 precisely, 5 nibbles that indicate access conditions plus one reserved nibble. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
7 Each access condition nibble has the following encoding per standard specs |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
8 (GSM TS 11.11 and 3GPP TS 51.011): |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
9 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
10 Code Meaning |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
11 --------------- |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
12 0 ALW |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
13 1 CHV1 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
14 2 CHV2 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
15 3 RFU |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
16 4-14 ADM |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
17 15 NEV |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
18 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
19 Access condition codes 4 through 14 (0x4 through 0xE) are defined merely as ADM |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
20 by the standard specs, without further distinction. However, those of us who |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
21 work with SIM cards on a tinkering or reverse engineering level and thus need |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
22 to fully decode SIM SELECT responses for intelligent analysis need to somehow |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
23 distinguish between these 11 possible ADM access levels, thus we had to make up |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
24 some scheme of our own for naming different ADMn access levels. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
25 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
26 Unfortunately it just so happened that FC SIM tools and Grcard have come up with |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
27 two different ADMn naming conventions. I (Mother Mychaela) feel that it is too |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
28 late now to change our FC SIM tools ADMn naming convention, and of course it is |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
29 not our place to tell Grcard company to change theirs. Therefore, the only |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
30 remaining solution is to clearly document both naming conventions and just live |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
31 with there being two different ones. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
32 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
33 In the FC SIM tools convention, the 11 possible ADM access levels for EFs are |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
34 named ADM4 through ADM14 - the 'n' in ADMn directly matches the nibble value |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
35 carried in the SIM protocol. This convention is used by fc-simtool select and |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
36 readef commands when they display the access conditions returned by the SIM. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
37 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
38 The convention used by Grcard names these 11 possible ADM access levels ADM1 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
39 through ADM11 instead. As a result of this number shift, what Grcard call ADM1 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
40 is ADM4 to us, what Grcard call ADM2 is ADM5 to us, and so forth. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
41 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
42 ADM key IDs in VERIFY CHV commands |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
43 ================================== |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
44 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
45 Standard specs are silent on the question of exactly how administrative entities |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
46 authenticate themselves to the card to gain various ADM access levels, but most |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
47 card vendors implement an extended form of the standard VERIFY CHV command in |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
48 which the key ID in P2 is not 1 or 2 (standard CHV1 and CHV2), but some other |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
49 code identifying ADM keys and corresponding access levels. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
50 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
51 There is no requirement that P2 key IDs in the extended VERIFY CHV command used |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
52 for ADM authentication have to correspond to the codes used to denote EF access |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
53 conditions. However, on the traditional SIM (not UICC/USIM/ISIM) cards made by |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
54 Grcard, these two separate places in the binary protocol do use the same codes: |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
55 for example, if a given EF has an access condition indicated as code 5 in the |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
56 protocol (called ADM5 by us or ADM2 by Grcard), then the corresponding ADM |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
57 authentication has to be done with a VERIFY CHV command with P2=05. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
58 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
59 ADM PIN numbers on Grcard SIM cards |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
60 =================================== |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
61 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
62 We are aware of two different card models from Grcard that are specifically GSM |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
63 SIM, rather than UICC/USIM/ISIM. (The latter kind also exist of course, but we |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
64 have no interest in them.) The first such model is what we call GrcardSIM1 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
65 (previously sold by Sysmocom as sysmoSIM-GR1), and the other model is what we |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
66 call GrcardSIM2 - previously sold by Sysmocom as sysmoSIM-GR2, and now being |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
67 reintroduced as FreeCalypso Community SIM model FCSIM1. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
68 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
69 GrcardSIM1 cards are currently understood very poorly because they are extremely |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
70 difficult to obtain in the present time (2021). However, they seem to have two |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
71 different ADM access levels which Grcard officially call ADM1 and ADM2. In our |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
72 FC SIM tools naming convention these ADM access levels become ADM4 and ADM5, |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
73 respectively. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
74 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
75 GrcardSIM2 cards are understood much better because unlike GrcardSIM1, they are |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
76 readily available from Grcard in the present time. They have two different ADM |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
77 access levels that are fully explained in the GrcardSIM2-security-model article, |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
78 and these two ADM levels are known by different names: |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
79 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
80 * Osmocom wiki page for GrcardSIM2 calls them ADM and SUPER ADM; |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
81 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
82 * For our FCSIM1 version of this card, we've named them ADM5 and ADM11, going |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
83 by the numbers that appear in the actual binary protocol; |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
84 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
85 * Looking at Grcard's own documentation (see doc/vendor/grcard2-person-script), |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
86 one can see that Grcard engineers refer to them as ADM2 and ADM8, following |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
87 the numbering shift explained earlier in this article. |
|
65
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
88 |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
89 Sysmocom USIM/ISIM cards |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
90 ======================== |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
91 |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
92 All UICC/USIM/ISIM cards we know of (made by Sysmocom and others) have just one |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
93 administrative PIN which they call ADM1, and in the UICC protocol this ADM1 PIN |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
94 is entered with a VERIFY PIN command with P2=0x0A. If a UICC-native card also |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
95 allows ADM1 authentication in a GSM 11.11 SIM protocol session, then the |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
96 corresponding extended VERIFY CHV command will also use P2=0x0A. |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
97 |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
98 Because these cards implement the classic GSM 11.11 SIM protocol only as a |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
99 backward compatibility mode, rather than native, there is no universal agreement |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
100 regarding ADM access level codes returned in SELECT responses for EFs in the |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
101 classic SIM protocol: sysmoUSIM-SJS1 cards return ADM5, whereas sysmoISIM-SJA2 |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
102 cards return ADM10 - both numbers are per FC SIM tools numbering convention of |
|
c9c2a8d954ba
doc/ADM-PIN-numbering: add Sysmocom USIM/ISIM description
Mychaela Falconia <falcon@freecalypso.org>
parents:
64
diff
changeset
|
103 ADM4 through ADM14. |