FreeCalypso > hg > fc-sim-tools
comparison simtool/grcard1.c @ 66:c8e2a0e89d08
grcard1-set-admN: entry form changed from decimal to hex
also added more comments to the code
| author | Mychaela Falconia <falcon@freecalypso.org> |
|---|---|
| date | Wed, 24 Mar 2021 06:04:40 +0000 |
| parents | ddd767f6e15b |
| children |
comparison
equal
deleted
inserted
replaced
| 65:c9c2a8d954ba | 66:c8e2a0e89d08 |
|---|---|
| 1 /* | 1 /* |
| 2 * This module implements a few special commands for those very few | 2 * This module implements a few special commands for those very few |
| 3 * incredibly lucky people on Earth who have no-longer-available | 3 * incredibly lucky people on Earth who have no-longer-available |
| 4 * sysmoSIM-GR1 cards, or any other branded variant of the same card | 4 * sysmoSIM-GR1 cards, or any other branded variant of the same card |
| 5 * from Grcard. | 5 * from Grcard. All knowledge of proprietary APDUs that appears in |
| 6 * this code comes from this Osmocom wiki page: | |
| 7 * | |
| 8 * https://osmocom.org/projects/cellular-infrastructure/wiki/GrcardSIM | |
| 6 */ | 9 */ |
| 7 | 10 |
| 8 #include <sys/types.h> | 11 #include <sys/types.h> |
| 9 #include <stdio.h> | 12 #include <stdio.h> |
| 10 #include "simresp.h" | 13 #include "simresp.h" |
| 14 | |
| 15 /* | |
| 16 * grcard1-set-pin1 command sets PIN1 and PUK1, | |
| 17 * grcard1-set-pin2 command sets PIN2 and PUK2. | |
| 18 * | |
| 19 * The proprietary APDU structure for these commands is naturally | |
| 20 * intuitive (agrees with common sense), hence they are expected | |
| 21 * to be correct despite lack of testing. | |
| 22 */ | |
| 11 | 23 |
| 12 cmd_grcard1_set_pin(argc, argv) | 24 cmd_grcard1_set_pin(argc, argv) |
| 13 char **argv; | 25 char **argv; |
| 14 { | 26 { |
| 15 u_char cmd[21]; | 27 u_char cmd[21]; |
| 45 return(-1); | 57 return(-1); |
| 46 } | 58 } |
| 47 return(0); | 59 return(0); |
| 48 } | 60 } |
| 49 | 61 |
| 62 /* | |
| 63 * The ADM PIN structure of GrcardSIM1 cards is poorly understood. | |
| 64 * The Osmocom wiki page describes ADM1 and ADM2 per Grcard's ADMn | |
| 65 * naming convention (see ../doc/ADM-PIN-numbering), but each of those | |
| 66 * also has an associated unblock code (called AUK1 and AUK2 in the | |
| 67 * wiki page), and the command APDUs set ADM+AUK pairs: either | |
| 68 * ADM1+AUK1 or ADM2+AUK2. The following blind (untested) code is | |
| 69 * based on this wiki page description. | |
| 70 * | |
| 71 * Because these access control codes are proprietary to Grcard | |
| 72 * (not standard PIN1/PIN2/PUK1/PUK2), they can be arbitrary 64-bit | |
| 73 * keys, not restricted to the ASCII-decimal subset used for standard | |
| 74 * PINs and PUKs. According to pySim-prog, the canonical ADM2 key | |
| 75 * on these cards is hex 4444444444444444, which is outside of the | |
| 76 * ASCII-decimal range (contrast with the situation on GrcardSIM2, | |
| 77 * where the canonical SUPER ADM is decimal 88888888) - hence our | |
| 78 * grcard1-set-admN commands take hex strings for ADMn and AUKn, | |
| 79 * not decimal ones like grcard1-set-pinN. | |
| 80 */ | |
| 81 | |
| 50 cmd_grcard1_set_adm(argc, argv) | 82 cmd_grcard1_set_adm(argc, argv) |
| 51 char **argv; | 83 char **argv; |
| 52 { | 84 { |
| 53 u_char cmd[23]; | 85 u_char cmd[23]; |
| 54 int rc; | 86 int rc; |
| 57 cmd[0] = 0x80; | 89 cmd[0] = 0x80; |
| 58 cmd[1] = 0xD4; | 90 cmd[1] = 0xD4; |
| 59 cmd[2] = 0x01; | 91 cmd[2] = 0x01; |
| 60 switch (argv[0][15]) { | 92 switch (argv[0][15]) { |
| 61 case '1': | 93 case '1': |
| 94 case '4': | |
| 62 cmd[3] = 0x04; | 95 cmd[3] = 0x04; |
| 63 break; | 96 break; |
| 64 case '2': | 97 case '2': |
| 98 case '5': | |
| 65 cmd[3] = 0x05; | 99 cmd[3] = 0x05; |
| 66 break; | 100 break; |
| 67 default: | 101 default: |
| 68 fprintf(stderr, "BUG in grcard1-set-admN command\n"); | 102 fprintf(stderr, "BUG in grcard1-set-admN command\n"); |
| 69 return(-1); | 103 return(-1); |
| 70 } | 104 } |
| 71 cmd[4] = 18; | 105 cmd[4] = 18; |
| 72 cmd[5] = 0x03; | 106 cmd[5] = 0x03; |
| 73 cmd[6] = 0x00; | 107 cmd[6] = 0x00; |
| 74 rc = encode_pin_entry(argv[1], cmd + 7); | 108 rc = decode_hex_data_from_string(argv[1], cmd + 7, 8, 8); |
| 75 if (rc < 0) | 109 if (rc < 0) |
| 76 return(rc); | 110 return(rc); |
| 77 rc = encode_pin_entry(argv[2], cmd + 15); | 111 rc = decode_hex_data_from_string(argv[2], cmd + 15, 8, 8); |
| 78 if (rc < 0) | 112 if (rc < 0) |
| 79 return(rc); | 113 return(rc); |
| 80 rc = apdu_exchange(cmd, 23); | 114 rc = apdu_exchange(cmd, 23); |
| 81 if (rc < 0) | 115 if (rc < 0) |
| 82 return(rc); | 116 return(rc); |
| 84 fprintf(stderr, "bad SW response: %04X\n", sim_resp_sw); | 118 fprintf(stderr, "bad SW response: %04X\n", sim_resp_sw); |
| 85 return(-1); | 119 return(-1); |
| 86 } | 120 } |
| 87 return(0); | 121 return(0); |
| 88 } | 122 } |
| 123 | |
| 124 /* | |
| 125 * The command for setting Ki has been extensively exercised | |
| 126 * by Osmocom people, hence it is assumed to be correct. | |
| 127 */ | |
| 89 | 128 |
| 90 cmd_grcard1_set_ki(argc, argv) | 129 cmd_grcard1_set_ki(argc, argv) |
| 91 char **argv; | 130 char **argv; |
| 92 { | 131 { |
| 93 u_char cmd[21]; | 132 u_char cmd[21]; |