FreeCalypso > hg > fc-sim-tools

/*
 * This module implements a few special commands for those very few
 * incredibly lucky people on Earth who have no-longer-available
 * sysmoSIM-GR1 cards, or any other branded variant of the same card
 * from Grcard.  All knowledge of proprietary APDUs that appears in
 * this code comes from this Osmocom wiki page:
 *
 * https://osmocom.org/projects/cellular-infrastructure/wiki/GrcardSIM
 */

#include <sys/types.h>
#include <stdio.h>
#include "simresp.h"

/*
 * grcard1-set-pin1 command sets PIN1 and PUK1,
 * grcard1-set-pin2 command sets PIN2 and PUK2.
 *
 * The proprietary APDU structure for these commands is naturally
 * intuitive (agrees with common sense), hence they are expected
 * to be correct despite lack of testing.
 */

cmd_grcard1_set_pin(argc, argv)
	char **argv;
{
	u_char cmd[21];
	int rc;

	/* Grcard1 proprietary command APDU */
	cmd[0] = 0x80;
	cmd[1] = 0xD4;
	cmd[2] = 0x00;
	switch (argv[0][15]) {
	case '1':
		cmd[3] = 0x01;
		break;
	case '2':
		cmd[3] = 0x02;
		break;
	default:
		fprintf(stderr, "BUG in grcard1-set-pinN command\n");
		return(-1);
	}
	cmd[4] = 16;
	rc = encode_pin_entry(argv[1], cmd + 5);
	if (rc < 0)
		return(rc);
	rc = encode_pin_entry(argv[2], cmd + 13);
	if (rc < 0)
		return(rc);
	rc = apdu_exchange(cmd, 21);
	if (rc < 0)
		return(rc);
	if (sim_resp_sw != 0x9000) {
		fprintf(stderr, "bad SW response: %04X\n", sim_resp_sw);
		return(-1);
	}
	return(0);
}

/*
 * The ADM PIN structure of GrcardSIM1 cards is poorly understood.
 * The Osmocom wiki page describes ADM1 and ADM2 per Grcard's ADMn
 * naming convention (see ../doc/ADM-PIN-numbering), but each of those
 * also has an associated unblock code (called AUK1 and AUK2 in the
 * wiki page), and the command APDUs set ADM+AUK pairs: either
 * ADM1+AUK1 or ADM2+AUK2.  The following blind (untested) code is
 * based on this wiki page description.
 *
 * Because these access control codes are proprietary to Grcard
 * (not standard PIN1/PIN2/PUK1/PUK2), they can be arbitrary 64-bit
 * keys, not restricted to the ASCII-decimal subset used for standard
 * PINs and PUKs.  According to pySim-prog, the canonical ADM2 key
 * on these cards is hex 4444444444444444, which is outside of the
 * ASCII-decimal range (contrast with the situation on GrcardSIM2,
 * where the canonical SUPER ADM is decimal 88888888) - hence our
 * grcard1-set-admN commands take hex strings for ADMn and AUKn,
 * not decimal ones like grcard1-set-pinN.
 */

cmd_grcard1_set_adm(argc, argv)
	char **argv;
{
	u_char cmd[23];
	int rc;

	/* Grcard1 proprietary command APDU */
	cmd[0] = 0x80;
	cmd[1] = 0xD4;
	cmd[2] = 0x01;
	switch (argv[0][15]) {
	case '1':
	case '4':
		cmd[3] = 0x04;
		break;
	case '2':
	case '5':
		cmd[3] = 0x05;
		break;
	default:
		fprintf(stderr, "BUG in grcard1-set-admN command\n");
		return(-1);
	}
	cmd[4] = 18;
	cmd[5] = 0x03;
	cmd[6] = 0x00;
	rc = decode_hex_data_from_string(argv[1], cmd + 7, 8, 8);
	if (rc < 0)
		return(rc);
	rc = decode_hex_data_from_string(argv[2], cmd + 15, 8, 8);
	if (rc < 0)
		return(rc);
	rc = apdu_exchange(cmd, 23);
	if (rc < 0)
		return(rc);
	if (sim_resp_sw != 0x9000) {
		fprintf(stderr, "bad SW response: %04X\n", sim_resp_sw);
		return(-1);
	}
	return(0);
}

/*
 * The command for setting Ki has been extensively exercised
 * by Osmocom people, hence it is assumed to be correct.
 */

cmd_grcard1_set_ki(argc, argv)
	char **argv;
{
	u_char cmd[21];
	int rc;

	/* Grcard1 proprietary command APDU */
	cmd[0] = 0x80;
	cmd[1] = 0xD4;
	cmd[2] = 0x02;
	cmd[3] = 0x00;
	cmd[4] = 16;
	rc = decode_hex_data_from_string(argv[1], cmd + 5, 16, 16);
	if (rc < 0)
		return(rc);
	rc = apdu_exchange(cmd, 21);
	if (rc < 0)
		return(rc);
	if (sim_resp_sw != 0x9000) {
		fprintf(stderr, "bad SW response: %04X\n", sim_resp_sw);
		return(-1);
	}
	return(0);
}
author	Mychaela Falconia <falcon@freecalypso.org>
date	Wed, 21 Apr 2021 05:38:39 +0000
parents	c8e2a0e89d08
children