SysmoUSIM-SJS1 » History » Version 11
dexter, 02/24/2017 09:20 AM
1 | 4 | {{>toc}} |
|
---|---|---|---|
2 | 1 | ||
3 | 4 | h1. sysmoUSIM-SJS1 |
|
4 | |||
5 | 1 | The sysmoUSIM-SJS1 is programmable and Java capable USIM card. Not all commands are known yet and this page should grow over time. Each card is using a separate ADM1 key and the default configuration is hacker/developer friendly (fields being writable, reduced security for installing applets to have more quick development cycles). |
|
6 | 3 | ||
7 | Please see [[shadysim.py]] for a tutorial on installing and removing a SIM Toolkit. |
||
8 | 1 | ||
9 | |||
10 | 5 | laforge | h2. User Manual |
11 | |||
12 | sysmocom provides a user manual at https://www.sysmocom.de/downloads/sysmousim-manual.pdf |
||
13 | 1 | ||
14 | 9 | dexter | |
15 | 10 | dexter | h2. Tools |
16 | |||
17 | 11 | dexter | the *pySim-prog.py* program from git://git.osmocom.org/pysim |
18 | http://git.osmocom.org/pysim/ |
||
19 | the *sysmo-usim-tool* program from git://git.sysmocom.de/sysmo-usim-tool |
||
20 | http://git.sysmocom.de/sysmo-usim-tool |
||
21 | 10 | dexter | |
22 | |||
23 | |||
24 | |||
25 | |||
26 | 6 | laforge | h2. Availability |
27 | |||
28 | sysoUSIM-SJS1 is available from http://shop.sysmocom.de/ in both 2FF+3FF (micro) and 2FF+4FF (nano) form factors. |
||
29 | 1 | ||
30 | 9 | dexter | |
31 | 4 | h2. Command Reference |
|
32 | |||
33 | 1 | To understand this reference, it is assumed that you are familiar with basic knowledge on smartcard |
|
34 | technologies, such as standard ISO 7816-3/-4 APDUs and GSM TS 11.11. |
||
35 | |||
36 | The below should be possible to set after authenticating with the ADM1 pin |
||
37 | |||
38 | |||
39 | 4 | h3. Setting the IMSI |
|
40 | |||
41 | 1 | Use a standard UPDATE BINARY command on EF.IMSI (7F20/6F07) |
|
42 | |||
43 | |||
44 | 4 | h3. Setting the ICCID |
|
45 | |||
46 | 1 | Use a standard UPDATE BINARY command on EF.ICCID (2FE2) |
|
47 | |||
48 | |||
49 | h3. Setting the Ki |
||
50 | 4 | ||
51 | 1 | Use a standard UPATE BINARY command on EF.KI (7F20/00FF) |
|
52 | |||
53 | |||
54 | 9 | dexter | h3. Setting the OP/OPC |
55 | 1 | ||
56 | 9 | dexter | Use a standard UPATE BINARY command on the EF.OPC (7F20/00F7) |
57 | 4 | ||
58 | 9 | dexter | |_. Offset |_. Size |_. Description | |
59 | |0|1| 0x00 for OP, 0x01 for OPc| |
||
60 | |1|16|OP or OPc value, depending on byte at offset 0| |
||
61 | 1 | ||
62 | 4 | ||
63 | h3. Setting the Algorithm(s) |
||
64 | 2 | ||
65 | Use a standard UPDATE BINARY command on EF.AUTH (7FCC/6F00) |
||
66 | |||
67 | Two bytes, first byte for 2G, second byte for 3G. |
||
68 | 1 | ||
69 | 7 | laforge | |_. Value |_. Algorithm |_. Supported Mode | |
70 | |01|Milenage|2G + 3G| |
||
71 | |03|COMP128v1|2G| |
||
72 | |04|XOR 2G|2G| |
||
73 | |06|COMP128v2|2G| |
||
74 | |07|COMP128v3|2G| |
||
75 | |08|XOR 3G|3G| |
||
76 | 8 | dexter | |
77 | |||
78 | h3. Setting the Milenage parameters (Ci/Ri) |
||
79 | |||
80 | Use a standard UPATE BINARY command on EF.MLNGC (7FCC/6F01) |
||
81 | |||
82 | |_. Offset |_. Size |_. Description | |
||
83 | |0|16|C1| |
||
84 | |16|16|C2| |
||
85 | |32|16|C3| |
||
86 | |48|16|C4| |
||
87 | |64|16|C5| |
||
88 | |80|1|R1| |
||
89 | |81|1|R2| |
||
90 | |82|1|R3| |
||
91 | |83|1|R4| |
||
92 | |84|1|R5| |