SysmoUSIM-SJS1 » History » Revision 16
Revision 15 (vbohinc, 03/04/2017 06:41 PM) → Revision 16/21 (laforge, 03/17/2017 05:03 PM)
{{>toc}}
h1. sysmoUSIM-SJS1
The sysmoUSIM-SJS1 is programmable and Java capable USIM card. Not all commands are known yet and this page should grow over time. Each card is using a separate ADM1 key and the default configuration is hacker/developer friendly (fields being writable, reduced security for installing applets to have more quick development cycles).
{{thumbnail(sysmousim-sjs1-h-50p.jpg,size=800)}}
Please see [[shadysim.py]] for a tutorial on installing and removing a SIM Toolkit.
h2. User Manual
sysmocom provides a user manual at https://sysmocom.de/manuals/sysmousim-manual.pdf
h2. Tools
The sysmoUSIM-SJS1 can be parameterized using pySim and sysmo-usim-tool. PySim provides the common general bulk provisioning features, which are already known from MagicSIM and previous sysmocom simcard models. Most of the settings (like Ki, ICCIC, OPC, etc...) listed below are covered by PySim. For tweaking higly sysmoUSIM-SJS1 specific parameters (authentication algorithms, milenage parameters, enable/disable USIM application etc...), sysmo-usim-tool can be used. For more information see section "7.2 sysmo-usim-tool" in the provided manual.
See also *pySim-prog.py* program from git://git.osmocom.org/pysim (http://git.osmocom.org/pysim/) and *sysmo-usim-tool* program from git://git.sysmocom.de/sysmo-usim-tool (http://git.sysmocom.de/sysmo-usim-tool)
h2. Availability
sysoUSIM-SJS1 is available from http://shop.sysmocom.de/ in both 2FF+3FF (micro) and 2FF+4FF (nano) form factors.
h2. Command Reference
To understand this reference, it is assumed that you are familiar with basic knowledge on smartcard
technologies, such as standard ISO 7816-3/-4 APDUs and GSM TS 11.11.
The below should be possible to set after authenticating with the ADM1 pin
h3. Setting the IMSI
Use a standard UPDATE BINARY command on EF.IMSI (7F20/6F07)
h3. Setting the ICCID
Use a standard UPDATE BINARY command on EF.ICCID (2FE2)
h3. Setting the Ki
Use a standard UPATE BINARY command on EF.KI (7F20/00FF)
h3. Setting the OP/OPC
Use a standard UPATE BINARY command on the EF.OPC (7F20/00F7)
|_. Offset |_. Size |_. Description |
|0|1| 0x00 for OP, 0x01 for OPc|
|1|16|OP or OPc value, depending on byte at offset 0|
h3. Setting the Algorithm(s)
Use a standard UPDATE BINARY command on EF.AUTH (7FCC/6F00)
Two bytes, first byte for 2G, second byte for 3G.
|_. Value |_. Algorithm |_. Supported Mode |
|01|Milenage|2G + 3G|
|03|COMP128v1|2G|
|04|XOR 2G|2G|
|06|COMP128v2|2G|
|07|COMP128v3|2G|
|08|XOR 3G|3G|
h3. Setting the Milenage parameters (Ci/Ri)
Use a standard UPATE BINARY command on EF.MLNGC (7FCC/6F01)
|_. Offset |_. Size |_. Description |
|0|16|C1|
|16|16|C2|
|32|16|C3|
|48|16|C4|
|64|16|C5|
|80|1|R1|
|81|1|R2|
|82|1|R3|
|83|1|R4|
|84|1|R5|
