Bug #6178
closedcreate_ef failed, Expected 9000 and got 6982: Command not allowed - Security status not satisfied
0%
Description
Hi, I'm using sysmoISIM-SJA2.
I try to create a EF item using create_ef in pySim-shell.py, here is my command under `MF/ADF.USIM`:
create_ef --ef-arr-file-id 6f06 --ef-arr-record-nr 2 --file-size 60 --structure transparent 6f77
I'm sure 6f77 is not used.
However, I got error EXCEPTION of type 'SwMatchError' occurred with message: SW match failed! Expected 9000 and got 6982: Command not allowed - Security status not satisfied
.
Can you help me with some guidance?
I tried verify_adm xxxx
command, it return noting and create_ef still failed.
I also tried -A PIN_ADM1_HEX
, PIN_ADM1_HEX=PIN1+PIN2+ADM1, but it raise 'UiccCardBase' object has no attribute 'verify_adm'
.
Related issues
Updated by laforge 8 months ago
- Assignee set to dexter
I guess this is more a question for the sysmocom customer support (support@sysmocom.de) than a question / problem of the pySim software.
Can you tell us if you have a SJA2v1 (90170...) or SJA2v2 (99970...)? AFAIR file creation was only supported in the latter version.
Updated by laforge 8 months ago
Also, you can alwys decode the access control conditions of ADF.USIM if you look at the file control template and/or the related EF.ARR record when SELECTing ADF.USIM. It should tell you under which conditions the creation of new files is permitted for the given currently selected DF.
Updated by wei 8 months ago
laforge wrote in #note-1:
I guess this is more a question for the sysmocom customer support (support@sysmocom.de) than a question / problem of the pySim software.
Can you tell us if you have a SJA2v1 (90170...) or SJA2v2 (99970...)? AFAIR file creation was only supported in the latter version.
Thanks for your quick reply, I'm using SJA2v2 (99970...).
Here is the discription of ADF.USIM
pySIM-shell (MF)> select ADF.USIM { "file_descriptor": { "file_descriptor_byte": { "shareable": true, "file_type": "df", "structure": "no_info_given" }, "record_len": null, "num_of_rec": null }, "df_name": "a0000000871002ffffffff8907090000", "proprietary_information": { "uicc_characteristics": "71", "available_memory": 96484 }, "life_cycle_status_integer": "operational_activated", "security_attrib_compact": "00", "pin_status_template_do": { "ps_do": "70", "key_reference": 11 } }
Are you referring "security_attrib_compact": "00"? Does this attr mean I have no privilege to create a EF under ADF.USIM?
It would be great if you could share with me which DF are customized EFs placed generally!
Updated by TanguyP 7 months ago
Hey there,
I was facing the same issue as you, but while trying to deactivate option 124 of my SIMs. I knew it worked before and the ADM code was correct, and I found your bug with the same error as me.
I checked for an update to the pysim AUR package (on Manjaro), and lo and behold, there was an update that fixed this error for me. I hope updating your pysim version fixes the error for you as well.
BR
Updated by laforge 7 months ago
- Status changed from New to Feedback
- Assignee changed from dexter to wei
Hi @wei, did an update of pySim help you, as suggested by @TanguyP ? In case of doubt we always suggest to test the latest master branch from git.
In terms of "security_attrib_compact": "00"
I would suggest you check the relevant spec on the decode of the security attributes.
On a sysmoISIM-SJA5 it reads as follows: "security_attrib_compact": "261a0000"
. On a SJA2v1 (90170) it indeed reads as "security_attrib_compact": "00"
. I don't have a SJA2v2 with me here right now.
It would be great to add human-readable decode for those security attributes to pySim-shell... I think we already do that for referenced (via EF.ARR), but not for compact.
Updated by laforge 7 months ago
- Related to Feature #6211: decode security attributes _compact_ in human-readable way, like we decode EF.ARR added