changeset 76:526193acfb3f

doc/GrcardSIM2-WEKI-file: update with knowledge from doc/vendor/grcard2-person-script
author Mychaela Falconia <falcon@freecalypso.org>
date Fri, 09 Apr 2021 02:01:47 +0000
parents 42229bec887b
children 3fe1954f5dec
files doc/GrcardSIM2-WEKI-file
diffstat 1 files changed, 24 insertions(+), 10 deletions(-) [+]
line wrap: on
line diff
--- a/doc/GrcardSIM2-WEKI-file	Wed Apr 07 07:17:12 2021 +0000
+++ b/doc/GrcardSIM2-WEKI-file	Fri Apr 09 02:01:47 2021 +0000
@@ -6,16 +6,25 @@
 and the selection of COMP128 algorithm version, but the same file also appears
 to have other fields serving other purposes which are not currently understood.
 
+When we (FreeCalypso) asked Grcard about this proprietary file, they sent us a
+"personalization" command script which we have archived in this code repository
+under doc/vendor/grcard2-person-script; this script is a sequence of command
+APDUs (raw hex with minimal comments) for an example card programming.  The
+proprietary file in question is named GSM_KI in this script; the origin of the
+name EF.WEKI that appears in the Osmocom wiki page is still unknown.
+
 The total length of this transparent EF is 35 bytes, out of which only the first
 19 bytes are documented in the Osmocom wiki page and written by their pySim-prog
-tool.  Let us now break down this file according to our currently available
-limited understanding:
+tool.  Interestingly enough, Grcard's "personalization" command script also
+writes only the first 19 bytes.  Let us now break down this file according to
+our currently available limited understanding:
 
 * The first two bytes are always 00 10 - these byte values appear in "blank"
   unprogrammed cards as shipped by Grcard, they also appear in the Osmocom wiki
-  page, and are programmed by pySim-prog.  The purpose and meaning of these two
-  bytes are completely unknown, and we have never tried writing anything
-  different into them.
+  page, and are programmed by pySim-prog.  The "personalization" script we got
+  from Grcard also programs the same 00 10 in these two bytes.  The purpose and
+  meaning of these two bytes are completely unknown, and we have never tried
+  writing anything different into them.
 
 * The next byte gives COMP128 algorithm selection plus something else that is
   not understood:
@@ -32,11 +41,16 @@
     selecting COMP128v1.)
 
   - The remaining 6 bits of this byte are not understood.  Osmocom wiki page
-    tells people to write zeros into the upper 6 bits and so does pySim-prog,
-    but the "blank" unprogrammed cards we got from Grcard have this byte set to
-    0x20.  Setting the upper nibble to either 0 or 2 does not seem to affect
-    the result of RUN GSM ALGORITHM operations, thus it probably controls
-    something else.
+    tells people to write zeros into the upper 6 bits and so does pySim-prog;
+    the "personalization" command script we got from Grcard also writes zeros
+    into these upper 6 bits.  However, if one orders "blank" or unprogrammed
+    cards from Grcard like we do, the initial "unprogrammed" state of this byte
+    is 0x20, as one can see in the data/grcard2-blank-state dump.
+
+    Setting the upper nibble to either 0 or 2 does not seem to affect the
+    result of RUN GSM ALGORITHM operations, thus it probably controls something
+    else - or perhaps that bit controls nothing at all, and the "unprogrammed"
+    state is merely a bogon - we have no way of knowing.
 
 * The next 16 bytes store Ki - this part is straightforward.