FreeCalypso > hg > fc-sim-tools
annotate doc/ADM-PIN-numbering @ 64:dba24129027e
doc/ADM-PIN-numbering article written
| author | Mychaela Falconia <falcon@freecalypso.org> |
|---|---|
| date | Tue, 23 Mar 2021 23:30:00 +0000 |
| parents | |
| children | c9c2a8d954ba |
| rev | line source |
|---|---|
|
64
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
1 ADM access conditions |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
2 ===================== |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
3 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
4 The response to SELECT of any EF in the classic GSM 11.11 SIM protocol carries |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
5 3 bytes that indicate access conditions for the selected file - or more |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
6 precisely, 5 nibbles that indicate access conditions plus one reserved nibble. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
7 Each access condition nibble has the following encoding per standard specs |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
8 (GSM TS 11.11 and 3GPP TS 51.011): |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
9 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
10 Code Meaning |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
11 --------------- |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
12 0 ALW |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
13 1 CHV1 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
14 2 CHV2 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
15 3 RFU |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
16 4-14 ADM |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
17 15 NEV |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
18 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
19 Access condition codes 4 through 14 (0x4 through 0xE) are defined merely as ADM |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
20 by the standard specs, without further distinction. However, those of us who |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
21 work with SIM cards on a tinkering or reverse engineering level and thus need |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
22 to fully decode SIM SELECT responses for intelligent analysis need to somehow |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
23 distinguish between these 11 possible ADM access levels, thus we had to make up |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
24 some scheme of our own for naming different ADMn access levels. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
25 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
26 Unfortunately it just so happened that FC SIM tools and Grcard have come up with |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
27 two different ADMn naming conventions. I (Mother Mychaela) feel that it is too |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
28 late now to change our FC SIM tools ADMn naming convention, and of course it is |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
29 not our place to tell Grcard company to change theirs. Therefore, the only |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
30 remaining solution is to clearly document both naming conventions and just live |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
31 with there being two different ones. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
32 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
33 In the FC SIM tools convention, the 11 possible ADM access levels for EFs are |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
34 named ADM4 through ADM14 - the 'n' in ADMn directly matches the nibble value |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
35 carried in the SIM protocol. This convention is used by fc-simtool select and |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
36 readef commands when they display the access conditions returned by the SIM. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
37 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
38 The convention used by Grcard names these 11 possible ADM access levels ADM1 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
39 through ADM11 instead. As a result of this number shift, what Grcard call ADM1 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
40 is ADM4 to us, what Grcard call ADM2 is ADM5 to us, and so forth. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
41 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
42 ADM key IDs in VERIFY CHV commands |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
43 ================================== |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
44 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
45 Standard specs are silent on the question of exactly how administrative entities |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
46 authenticate themselves to the card to gain various ADM access levels, but most |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
47 card vendors implement an extended form of the standard VERIFY CHV command in |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
48 which the key ID in P2 is not 1 or 2 (standard CHV1 and CHV2), but some other |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
49 code identifying ADM keys and corresponding access levels. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
50 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
51 There is no requirement that P2 key IDs in the extended VERIFY CHV command used |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
52 for ADM authentication have to correspond to the codes used to denote EF access |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
53 conditions. However, on the traditional SIM (not UICC/USIM/ISIM) cards made by |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
54 Grcard, these two separate places in the binary protocol do use the same codes: |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
55 for example, if a given EF has an access condition indicated as code 5 in the |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
56 protocol (called ADM5 by us or ADM2 by Grcard), then the corresponding ADM |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
57 authentication has to be done with a VERIFY CHV command with P2=05. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
58 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
59 ADM PIN numbers on Grcard SIM cards |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
60 =================================== |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
61 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
62 We are aware of two different card models from Grcard that are specifically GSM |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
63 SIM, rather than UICC/USIM/ISIM. (The latter kind also exist of course, but we |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
64 have no interest in them.) The first such model is what we call GrcardSIM1 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
65 (previously sold by Sysmocom as sysmoSIM-GR1), and the other model is what we |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
66 call GrcardSIM2 - previously sold by Sysmocom as sysmoSIM-GR2, and now being |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
67 reintroduced as FreeCalypso Community SIM model FCSIM1. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
68 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
69 GrcardSIM1 cards are currently understood very poorly because they are extremely |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
70 difficult to obtain in the present time (2021). However, they seem to have two |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
71 different ADM access levels which Grcard officially call ADM1 and ADM2. In our |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
72 FC SIM tools naming convention these ADM access levels become ADM4 and ADM5, |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
73 respectively. |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
74 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
75 GrcardSIM2 cards are understood much better because unlike GrcardSIM1, they are |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
76 readily available from Grcard in the present time. They have two different ADM |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
77 access levels that are fully explained in the GrcardSIM2-security-model article, |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
78 and these two ADM levels are known by different names: |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
79 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
80 * Osmocom wiki page for GrcardSIM2 calls them ADM and SUPER ADM; |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
81 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
82 * For our FCSIM1 version of this card, we've named them ADM5 and ADM11, going |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
83 by the numbers that appear in the actual binary protocol; |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
84 |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
85 * Looking at Grcard's own documentation (see doc/vendor/grcard2-person-script), |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
86 one can see that Grcard engineers refer to them as ADM2 and ADM8, following |
|
dba24129027e
doc/ADM-PIN-numbering article written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
87 the numbering shift explained earlier in this article. |