FreeCalypso > hg > fc-pcsc-tools
diff doc/Low-level-commands @ 96:3bce899bcf78
doc/Low-level-commands: a38 command documented
| author | Mychaela Falconia <falcon@freecalypso.org> | 
|---|---|
| date | Wed, 17 Feb 2021 20:55:34 +0000 | 
| parents | 7412cdd505b3 | 
| children | 08ba6a5d8a3f | 
line wrap: on
 line diff
--- a/doc/Low-level-commands Wed Feb 17 20:41:30 2021 +0000 +++ b/doc/Low-level-commands Wed Feb 17 20:55:34 2021 +0000 @@ -138,4 +138,20 @@ GSM authentication testing ========================== -a38 +a38 RAND + +This fc-simtool command exercises the SIM card's RUN GSM ALGORITHM command. +The user-specified RAND value (a hex string of 16 bytes) is sent to the SIM, +and the SIM response is parsed to display SRES and Kc. + +Per SIM specs GSM TS 11.11 and 3GPP TS 51.011, RUN GSM ALGORITHM can only be +executed when DF_GSM is selected. fc-simtool a38 command does NOT include a +built-in SELECT of DF_GSM, hence you need to manually issue 'select DF_GSM' +first. + +This a38 command can be used to verify if the SIM card's Ki and A38 algorithm +match what you expect them to be. To perform this test, issue an a38 command +to the SIM with some made-up RAND and note the SRES and Kc response. Then use +the osmo-auc-gen utility from Osmocom to run the expected algorithm with the +expected Ki (and the expected OPc if MILENAGE is used) and the same RAND, and +see if SRES and Kc match.
