Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sysmoISIM-SJA2 - Problem with installing Certificate on Sysmocom ISIM card #9

Open
RafalArciszewski opened this issue Apr 28, 2021 · 20 comments
Open

sysmoISIM-SJA2 - Problem with installing Certificate on Sysmocom ISIM card #9

RafalArciszewski opened this issue Apr 28, 2021 · 20 comments

Comments

@RafalArciszewski
Copy link

Hi @herlesupreeth
I have a problem with installing certificate on my new sysmocom ISIM card: sysmoISIM-SJA2 with preinstalled ARA-M applet.
I followed the guide and there is an error when checking the status "Error: Could not read A00000015141434C00".
I found old issue #7 and I tried to use GP v20.08.16 or GP v19.06.16 but with no lack.

Can you look at this log, is installing certificate correct?
Thanks Rafal

sum@xubuntu-vm:~/CoIMS_Wiki$ gp --key-enc 158053BBB10A543A7E891DFA02E38A37 --key-mac 6B2B764F5C4E89D755D1F2CD52E19C25 --key-dek AF52B0B682ED873218DA2E5BAB4A6AB5 -lvid
SCardConnect("Alcor Micro AU9560 00 00", T=*) -> T=0, 3B9F96801F878031E073FE211B674A4C753034054BA9
GlobalPlatformPro v20.04.14-0-geaee04c
Running on Linux 5.8.0-50-generic amd64, Java 11.0.10 by Ubuntu
A>> T=0 (4+0000) 00A40400 00 
A<< (0018+2) (33ms) 6F108408A000000003000000A5049F6501FF 9000
A>> T=0 (4+0000) 80CA9F7F 00 
A<< (0000+2) (11ms) 6A88
A>> T=0 (4+0000) 00CA9F7F 00 
A<< (0000+2) (11ms) 6E00
[main] WARN pro.javacard.gp.GPData - GET DATA(CPLC) not supported
A>> T=0 (4+0000) 80CA0042 00 
A<< (0005+2) (23ms) 4203000000 9000
IIN: 4203000000
A>> T=0 (4+0000) 80CA0045 00 
A<< (0004+2) (22ms) 45020000 9000
CIN: 45020000
Card Data: 
A>> T=0 (4+0000) 80CA0066 00 
A<< (0051+2) (21ms) 6631732F06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040215 9000
Tag 6: 1.2.840.114283.1
-> Global Platform card
Tag 60: 1.2.840.114283.2.2.1.1
-> GP Version: 2.1.1
Tag 63: 1.2.840.114283.3
Tag 64: 1.2.840.114283.4.2.21
-> GP SCP02 i=15
Card Capabilities: 
A>> T=0 (4+0000) 80CA0067 00 
A<< (0000+2) (10ms) 6A88
A>> T=0 (4+0000) 80CA00E0 00 
A<< (0074+2) (21ms) E048C00401708010C00402708010C00403708010C00401018010C00402018010C00403018010C00401028010C00402028010C00403028010C00401038010C00402038010C00403038010 9000
Version: 112 (0x70) ID:   1 (0x01) type: DES3 length:  16 
Version: 112 (0x70) ID:   2 (0x02) type: DES3 length:  16 
Version: 112 (0x70) ID:   3 (0x03) type: DES3 length:  16 
Version:   1 (0x01) ID:   1 (0x01) type: DES3 length:  16 
Version:   1 (0x01) ID:   2 (0x02) type: DES3 length:  16 
Version:   1 (0x01) ID:   3 (0x03) type: DES3 length:  16 
Version:   2 (0x02) ID:   1 (0x01) type: DES3 length:  16 
Version:   2 (0x02) ID:   2 (0x02) type: DES3 length:  16 
Version:   2 (0x02) ID:   3 (0x03) type: DES3 length:  16 
Version:   3 (0x03) ID:   1 (0x01) type: DES3 length:  16 
Version:   3 (0x03) ID:   2 (0x02) type: DES3 length:  16 
Version:   3 (0x03) ID:   3 (0x03) type: DES3 length:  16 
[main] WARN pro.javacard.gp.PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[main] WARN pro.javacard.gp.PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[main] WARN pro.javacard.gp.PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[main] INFO pro.javacard.gp.GPSession - Using card master keys: ENC=158053BBB10A543A7E891DFA02E38A37 (KCV: 899C96) MAC=6B2B764F5C4E89D755D1F2CD52E19C25 (KCV: 225ED6) DEK=AF52B0B682ED873218DA2E5BAB4A6AB5 (KCV: D549F1) for null
A>> T=0 (4+0008) 80500000 08 0215D5EB4CCC1159 00
A<< (0028+2) (53ms) 0000000000000000000070020009044C74AAEF2E34F25F7E5BF39418 9000
[main] INFO pro.javacard.gp.GPSession - Diversified card keys: ENC=158053BBB10A543A7E891DFA02E38A37 (KCV: 899C96) MAC=6B2B764F5C4E89D755D1F2CD52E19C25 (KCV: 225ED6) DEK=AF52B0B682ED873218DA2E5BAB4A6AB5 (KCV: D549F1) for SCP02
[main] INFO pro.javacard.gp.GPSession - Session keys: ENC=538794970FFC2F7987627B34F6BDCAF8 MAC=ABEFA3BB9B1D1A8F3D0A36685E783EC9 RMAC=32D6DE1D4109885E93EA46B6CFA9B82E, card keys=ENC=158053BBB10A543A7E891DFA02E38A37 (KCV: 899C96) MAC=6B2B764F5C4E89D755D1F2CD52E19C25 (KCV: 225ED6) DEK=AF52B0B682ED873218DA2E5BAB4A6AB5 (KCV: D549F1) for SCP02
A>> T=0 (4+0016) 84820100 10 6135C39A1258E012CD65B6251341F47B
A<< (0000+2) (32ms) 9000
A>> T=0 (4+0010) 84F28002 0A 4F004434D4DAB70CE569 00
A<< (0023+2) (38ms) E3154F08A0000000030000009F70010FC50198EA028000 9000
A>> T=0 (4+0010) 84F24002 0A 4F00C8F91AA17E975685 00
A<< (0198+2) (40ms) E31D4F10A0000000871002FFFFFFFF89070900009F700107C50100EA028000E31D4F10A0000000871004FFFFFFFF89070900009F700107C50100EA028000E31D4F10A000000087ABCDFFFFFFFF89070900009F700107C50100EA028000E3174F0A53696D62614E2E52414D9F700107C50100EA028000E31D4F10A0000000090001FFFFFFFF89000000009F700107C50104EA028000E3174F0A53696D62614E2E52464D9F700107C50100EA028000E3164F09A00000015141434C009F700107C50100EA028000 9000
A>> T=0 (4+0010) 84F21002 0A 4F0073DC6126AEEC711B 00
A<< (0221+2) (47ms) E30D4F07A00000006200019F700101E3124F0C4A6176656C696E2E6A6372659F700101E30D4F07A00000006201019F700101E30D4F07A00000006201029F700101E30D4F07A00000006202019F700101E30E4F08A0000000620208019F700101E30F4F09A000000062020801019F700101E30D4F07A00000006200029F700101E30D4F07A00000006200039F700101E30E4F08A0000000620101019F700101E30C4F06A000000151009F700101E3164F10A0000000090005FFFFFFFF89110000009F700101E3164F10A0000000090005FFFFFFFF89120000009F700101 6310
A>> T=0 (4+0010) 84F21003 0A 4F005479C154B99421E3 00
A<< (0195+2) (44ms) E3164F10A0000000090005FFFFFFFF89130000009F700101E3164F10A0000000090005FFFFFFFF89110100009F700101E3164F10A0000000871005FFFFFFFF89131000009F700101E3164F10A0000000871005FFFFFFFF89132000009F700101E3164F10A0000000090003FFFFFFFF89107100019F700101E3164F10A0000000090003FFFFFFFF89107100029F700101E3164F10A0000000090005FFFFFFFF89150000009F700101E3194F08A00000015141434C9F7001018409A00000015141434C00 9000
A>> T=0 (4+0010) 84F22002 0A 4F00C2CEE4DE4D2F4640 00
A<< (0221+2) (40ms) E30D4F07A00000006200019F700101E3124F0C4A6176656C696E2E6A6372659F700101E30D4F07A00000006201019F700101E30D4F07A00000006201029F700101E30D4F07A00000006202019F700101E30E4F08A0000000620208019F700101E30F4F09A000000062020801019F700101E30D4F07A00000006200029F700101E30D4F07A00000006200039F700101E30E4F08A0000000620101019F700101E30C4F06A000000151009F700101E3164F10A0000000090005FFFFFFFF89110000009F700101E3164F10A0000000090005FFFFFFFF89120000009F700101 6310
A>> T=0 (4+0010) 84F22003 0A 4F008A712E6366C2A59C 00
A<< (0184+2) (44ms) E3164F10A0000000090005FFFFFFFF89130000009F700101E3164F10A0000000090005FFFFFFFF89110100009F700101E3164F10A0000000871005FFFFFFFF89131000009F700101E3164F10A0000000871005FFFFFFFF89132000009F700101E3164F10A0000000090003FFFFFFFF89107100019F700101E3164F10A0000000090003FFFFFFFF89107100029F700101E3164F10A0000000090005FFFFFFFF89150000009F700101E30E4F08A00000015141434C9F700101 9000
ISD: A000000003000000 (SECURED)
     Privs:   SecurityDomain, CardLock, CardTerminate

APP: A0000000871002FFFFFFFF8907090000 (SELECTABLE) (|................|)
     Privs:   

APP: A0000000871004FFFFFFFF8907090000 (SELECTABLE) (|................|)
     Privs:   

APP: A000000087ABCDFFFFFFFF8907090000 (SELECTABLE) (|................|)
     Privs:   

APP: 53696D62614E2E52414D (SELECTABLE) (|SimbaN.RAM|)
     Privs:   

APP: A0000000090001FFFFFFFF8900000000 (SELECTABLE) (|................|)
     Privs:   CardReset

APP: 53696D62614E2E52464D (SELECTABLE) (|SimbaN.RFM|)
     Privs:   

APP: A00000015141434C00 (SELECTABLE) (|....QACL.|)
     Privs:   

PKG: A0000000620001 (LOADED) (|....b..|)

PKG: 4A6176656C696E2E6A637265 (LOADED) (|Javelin.jcre|)

PKG: A0000000620101 (LOADED) (|....b..|)

PKG: A0000000620102 (LOADED) (|....b..|)

PKG: A0000000620201 (LOADED) (|....b..|)

PKG: A000000062020801 (LOADED) (|....b...|)

PKG: A00000006202080101 (LOADED) (|....b....|)

PKG: A0000000620002 (LOADED) (|....b..|)

PKG: A0000000620003 (LOADED) (|....b..|)

PKG: A000000062010101 (LOADED) (|....b...|)

PKG: A00000015100 (LOADED) (|....Q.|)

PKG: A0000000090005FFFFFFFF8911000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8912000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8913000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8911010000 (LOADED) (|................|)

PKG: A0000000871005FFFFFFFF8913100000 (LOADED) (|................|)

PKG: A0000000871005FFFFFFFF8913200000 (LOADED) (|............. ..|)

PKG: A0000000090003FFFFFFFF8910710001 (LOADED) (|.............q..|)

PKG: A0000000090003FFFFFFFF8910710002 (LOADED) (|.............q..|)

PKG: A0000000090005FFFFFFFF8915000000 (LOADED) (|................|)

PKG: A00000015141434C (LOADED) (|....QACL|)
     Applet:  A00000015141434C00 (|....QACL.|)

sum@xubuntu-vm:~/CoIMS_Wiki$ gp --key-enc 158053BBB10A543A7E891DFA02E38A37 --key-mac 6B2B764F5C4E89D755D1F2CD52E19C25 --key-dek AF52B0B682ED873218DA2E5BAB4A6AB5 -a 00A4040009A00000015141434C0000 -a 80E2900033F031E22FE11E4F06FFFFFFFFFFFFC114E46872F28B350B7E1F140DE535C2A8D5804F0BE3E30DD00101DB080000000000000001 -d -v
SCardConnect("Alcor Micro AU9560 00 00", T=*) -> T=0, 3B9F96801F878031E073FE211B674A4C753034054BA9
GlobalPlatformPro v20.04.14-0-geaee04c
Running on Linux 5.8.0-50-generic amd64, Java 11.0.10 by Ubuntu
A>> T=0 (4+0009) 00A40400 09 A00000015141434C00 00
A<< (0000+2) (16ms) 6E00
A>> T=0 (4+0051) 80E29000 33 F031E22FE11E4F06FFFFFFFFFFFFC114E46872F28B350B7E1F140DE535C2A8D5804F0BE3E30DD00101DB080000000000000001
A<< (0000+2) (182ms) 9000
A>> T=0 (4+0000) 00A40400 00 
A<< (0018+2) (58ms) 6F108408A000000003000000A5049F6501FF 9000
sum@xubuntu-vm:~/CoIMS_Wiki$ 
sum@xubuntu-vm:~/CoIMS_Wiki$ 
sum@xubuntu-vm:~/CoIMS_Wiki$ gp --key-enc 158053BBB10A543A7E891DFA02E38A37 --key-mac 6B2B764F5C4E89D755D1F2CD52E19C25 --key-dek AF52B0B682ED873218DA2E5BAB4A6AB5 --acr-list-aram -d -v 
SCardConnect("Alcor Micro AU9560 00 00", T=*) -> T=0, 3B9F96801F878031E073FE211B674A4C753034054BA9
GlobalPlatformPro v20.04.14-0-geaee04c
Running on Linux 5.8.0-50-generic amd64, Java 11.0.10 by Ubuntu
A>> T=0 (4+0000) 00A40400 00 
A<< (0018+2) (27ms) 6F108408A000000003000000A5049F6501FF 9000
A>> T=0 (4+0009) 00A40400 09 A00000015141434C00 00
A<< (0000+2) (9ms) 6E00
Error: Could not read A00000015141434C00
sum@xubuntu-vm:~/CoIMS_Wiki$
@herlesupreeth
Copy link
Owner

sum@xubuntu-vm:~/CoIMS_Wiki$ gp --key-enc 158053BBB10A543A7E891DFA02E38A37 --key-mac 6B2B764F5C4E89D755D1F2CD52E19C25 --key-dek AF52B0B682ED873218DA2E5BAB4A6AB5 --acr-list-aram -d -v
SCardConnect("Alcor Micro AU9560 00 00", T=*) -> T=0, 3B9F96801F878031E073FE211B674A4C753034054BA9
GlobalPlatformPro v20.04.14-0-geaee04c
Running on Linux 5.8.0-50-generic amd64, Java 11.0.10 by Ubuntu
A>> T=0 (4+0000) 00A40400 00
A<< (0018+2) (27ms) 6F108408A000000003000000A5049F6501FF 9000
A>> T=0 (4+0009) 00A40400 09 A00000015141434C00 00
A<< (0000+2) (9ms) 6E00
Error: Could not read A00000015141434C00

You can ignore this, as its just to list out certificates loaded onto the applet. If you really want to see the certificates loaded use the following method - https://github.com/herlesupreeth/CoIMS_Wiki#step-4-list-certificates-loaded-onto-ara-m-applet

@RafalArciszewski
Copy link
Author

Thanks @herlesupreeth

It seems that there are 6 cerfificates installed. However CoIMS app do not get priviliges


venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -t --kic 158053BBB10A543A7E891DFA02E38A37 --kid 6B2B764F5C4E89D755D1F2CD52E19C25
AID: a0000000620001, State: 01, Privs: 00
AID: 4a6176656c696e2e6a637265, State: 01, Privs: 00
AID: a0000000620101, State: 01, Privs: 00
AID: a0000000620102, State: 01, Privs: 00
AID: a0000000620201, State: 01, Privs: 00
AID: a000000062020801, State: 01, Privs: 00
AID: a00000006202080101, State: 01, Privs: 00
AID: a0000000620002, State: 01, Privs: 00
AID: a0000000620003, State: 01, Privs: 00
AID: a000000062010101, State: 01, Privs: 00
AID: a00000015100, State: 01, Privs: 00
AID: a0000000090005ffffffff8911000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8912000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8913000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8911010000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913100000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913200000, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710001, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710002, State: 01, Privs: 00
AID: a0000000090005ffffffff8915000000, State: 01, Privs: 00
AID: a00000015141434c, State: 01, Privs: 00
	Instance AID: a00000015141434c00
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -t --kic 158053BBB10A543A7E891DFA02E38A37 --kid 6B2B764F5C4E89D755D1F2CD52E19C25 --aram-apdu 80CAFF4000
Certificate 1: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
Certificate 2: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
Certificate 3: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
Certificate 4: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
Certificate 5: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
Certificate 6: e22fe11e4f
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$

@herlesupreeth
Copy link
Owner

Have you put the SIM card in slot 0 of the phone? If so, can you tell me which phone you are using?

@RafalArciszewski
Copy link
Author

I have only one slot in the phone. Its Sony Xperia X F5121 with Android 8.0.0.

@herlesupreeth
Copy link
Owner

Ah i see, then please go to app permission and give all the permissions required. Then, close the app completely and re-open

@RafalArciszewski
Copy link
Author

There was only one permission possible: 'phone'. Unfortunately still not working. Maybe I should remove all those certificates and install only one? How to do it?

@RafalArciszewski
Copy link
Author

I've installed only one certificate on second SIM and tested on two phones (Sony Xperia X F5121 and LG G6 both with Android 8.0.0) and the result is "App does not have Carrier Privileges".

I must be missing something. Mayby that preinstalled applet on sysmoISIM-SJA2 is incorrect? Should SIMs be registred in the network in order CoIMS work? (currently they are not )

Log from the second card:


(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -t --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A
AID: a0000000620001, State: 01, Privs: 00
AID: 4a6176656c696e2e6a637265, State: 01, Privs: 00
AID: a0000000620101, State: 01, Privs: 00
AID: a0000000620102, State: 01, Privs: 00
AID: a0000000620201, State: 01, Privs: 00
AID: a000000062020801, State: 01, Privs: 00
AID: a00000006202080101, State: 01, Privs: 00
AID: a0000000620002, State: 01, Privs: 00
AID: a0000000620003, State: 01, Privs: 00
AID: a000000062010101, State: 01, Privs: 00
AID: a00000015100, State: 01, Privs: 00
AID: a0000000090005ffffffff8911000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8912000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8913000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8911010000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913100000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913200000, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710001, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710002, State: 01, Privs: 00
AID: a0000000090005ffffffff8915000000, State: 01, Privs: 00
AID: a00000015141434c, State: 01, Privs: 00
	Instance AID: a00000015141434c00
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80CAFF4000
Traceback (most recent call last):
  File "shadysim_isim.py", line 471, in <module>
    while res[n] != 0xe2:
IndexError: list index out of range
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80E2900033F031E22FE11E4F06FFFFFFFFFFFFC114E46872F28B350B7E1F140DE535C2A8D5804F0BE3E30DD00101DB080000000000000001
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80CAFF4000
Certificate 1: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$

@herlesupreeth
Copy link
Owner

I must be missing something. Mayby that preinstalled applet on sysmoISIM-SJA2 is incorrect? Should SIMs be registred in the network in order CoIMS work? (currently they are not )

SIM does not need to be registered for CoIMS to work

@herlesupreeth
Copy link
Owner

herlesupreeth commented Apr 29, 2021
edited
Loading

Are those phones running any custom ROM?

Can you also try the --acr-list-aram command using GP v19.06.16 and send me the logs?

@RafalArciszewski
Copy link
Author

Yes, the phones are from T-Mobile and most likely have custom ROM.

The log:


(venv) sum@xubuntu-vm:~/GP_19.06.16$ gp --key-enc BD75A608BCDFAC530A0986FAF58ABBD3 --key-mac BE5AC5488EF16C9D2AAFF3EC0787022A --key-dek A6303BD5FCB60168BC7563F55B02E937 --acr-list-aram -v -d
GlobalPlatformPro 19.06.16-0-gbaccf34
Running on Linux 5.8.0-50-generic amd64, Java 11.0.11 by Ubuntu
# Detected readers from JNA2PCSC
[*] Alcor Micro AU9560 00 00
SCardConnect("Alcor Micro AU9560 00 00", T=*) -> T=0, 3B9F96801F878031E073FE211B674A4C753034054BA9
SCardBeginTransaction("Alcor Micro AU9560 00 00")
Reader: Alcor Micro AU9560 00 00
ATR: 3B9F96801F878031E073FE211B674A4C753034054BA9
More information about your card:
    http://smartcard-atr.appspot.com/parse?ATR=3B9F96801F878031E073FE211B674A4C753034054BA9

A>> T=0 (4+0000) 00A40400 00 
A<< (0018+2) (24ms) 6F108408A000000003000000A5049F6501FF 9000
[TRACE] GPSession -  [6F]
[TRACE] GPSession -      [84] A000000003000000
[TRACE] GPSession -      [A5]
[TRACE] GPSession -          [9F65] FF
[DEBUG] GPSession - Auto-detected ISD: A000000003000000
A>> T=0 (4+0009) 00A40400 09 A00000015141434C00 00
A<< (0000+2) (8ms) 6E00
Could not read A00000015141434C00
(venv) sum@xubuntu-vm:~/GP_19.06.16$ 


(venv) sum@xubuntu-vm:~/GP_19.06.16$ gp --key-enc BD75A608BCDFAC530A0986FAF58ABBD3 --key-mac BE5AC5488EF16C9D2AAFF3EC0787022A --key-dek A6303BD5FCB60168BC7563F55B02E937 -lvi
GlobalPlatformPro 19.06.16-0-gbaccf34
Running on Linux 5.8.0-50-generic amd64, Java 11.0.11 by Ubuntu
Reader: Alcor Micro AU9560 00 00
ATR: 3B9F96801F878031E073FE211B674A4C753034054BA9
More information about your card:
    http://smartcard-atr.appspot.com/parse?ATR=3B9F96801F878031E073FE211B674A4C753034054BA9

[DEBUG] GPSession - Auto-detected ISD: A000000003000000
[WARN] GPData - GET DATA(CPLC) not supported
IIN: 4203000000
CIN: 45020000
Card Data: 
Tag 6: 1.2.840.114283.1
-> Global Platform card
Tag 60: 1.2.840.114283.2.2.1.1
-> GP Version: 2.1.1
Tag 63: 1.2.840.114283.3
Tag 64: 1.2.840.114283.4.2.21
-> GP SCP02 i=15
Card Capabilities: 
[DEBUG] GPData - GET DATA(Card Capabilities): N/A
Version: 112 (0x70) ID:   1 (0x01) type: DES3 length:  16 
Version: 112 (0x70) ID:   2 (0x02) type: DES3 length:  16 
Version: 112 (0x70) ID:   3 (0x03) type: DES3 length:  16 
Version:   1 (0x01) ID:   1 (0x01) type: DES3 length:  16 
Version:   1 (0x01) ID:   2 (0x02) type: DES3 length:  16 
Version:   1 (0x01) ID:   3 (0x03) type: DES3 length:  16 
Version:   2 (0x02) ID:   1 (0x01) type: DES3 length:  16 
Version:   2 (0x02) ID:   2 (0x02) type: DES3 length:  16 
Version:   2 (0x02) ID:   3 (0x03) type: DES3 length:  16 
Version:   3 (0x03) ID:   1 (0x01) type: DES3 length:  16 
Version:   3 (0x03) ID:   2 (0x02) type: DES3 length:  16 
Version:   3 (0x03) ID:   3 (0x03) type: DES3 length:  16 
[WARN] PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[WARN] PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[WARN] PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[INFO] GPSession - Using card master keys: ENC=BD75A608BCDFAC530A0986FAF58ABBD3 (KCV: 6AD0CA) MAC=BE5AC5488EF16C9D2AAFF3EC0787022A (KCV: 92DEC8) DEK=A6303BD5FCB60168BC7563F55B02E937 (KCV: 902A8D) for null
[DEBUG] GPSession - Host challenge: 2F5FDB7D82D2ADDA
[DEBUG] GPSession - Card challenge: 000082FC59B23DA0
[DEBUG] GPSession - Card reports SCP02 with key version 112 (0x70)
[INFO] GPSession - Diversified card keys: ENC=BD75A608BCDFAC530A0986FAF58ABBD3 (KCV: 6AD0CA) MAC=BE5AC5488EF16C9D2AAFF3EC0787022A (KCV: 92DEC8) DEK=A6303BD5FCB60168BC7563F55B02E937 (KCV: 902A8D) for SCP02
[INFO] GPSession - Session keys: ENC=D09EF29E943FA4D63EDE2FA42BD8964A MAC=BC7CD642A869076E64A3E50CD966EB10 RMAC=A7430B85744C4DF140C1B06647F56AC2, card keys=ENC=BD75A608BCDFAC530A0986FAF58ABBD3 (KCV: 6AD0CA) MAC=BE5AC5488EF16C9D2AAFF3EC0787022A (KCV: 92DEC8) DEK=A6303BD5FCB60168BC7563F55B02E937 (KCV: 902A8D) for SCP02
[DEBUG] GPSession - Verified card cryptogram: 55B039C7467C2A70
[DEBUG] GPSession - Calculated host cryptogram: 78BE1618C924E79E
[DEBUG] SCP02Wrapper - MAC input: 848201001078BE1618C924E79E
[DEBUG] SCP02Wrapper - MAC input: 84F280020A4F00
[DEBUG] SCP02Wrapper - MAC input: 84F240020A4F00
[DEBUG] SCP02Wrapper - MAC input: 84F220020A4F00
[DEBUG] SCP02Wrapper - MAC input: 84F220030A4F00
[DEBUG] SCP02Wrapper - MAC input: 84F210020A4F00
[DEBUG] SCP02Wrapper - MAC input: 84F210030A4F00
ISD: A000000003000000 (SECURED)
     Privs:   SecurityDomain, CardLock, CardTerminate

APP: A0000000871002FFFFFFFF8907090000 (SELECTABLE) (|................|)
     Privs:   

APP: A0000000871004FFFFFFFF8907090000 (SELECTABLE) (|................|)
     Privs:   

APP: A000000087ABCDFFFFFFFF8907090000 (SELECTABLE) (|................|)
     Privs:   

APP: 53696D62614E2E52414D (SELECTABLE) (|SimbaN.RAM|)
     Privs:   

APP: A0000000090001FFFFFFFF8900000000 (SELECTABLE) (|................|)
     Privs:   CardReset

APP: 53696D62614E2E52464D (SELECTABLE) (|SimbaN.RFM|)
     Privs:   

APP: A00000015141434C00 (SELECTABLE) (|....QACL.|)
     Privs:   

PKG: A0000000620001 (LOADED) (|....b..|)

PKG: 4A6176656C696E2E6A637265 (LOADED) (|Javelin.jcre|)

PKG: A0000000620101 (LOADED) (|....b..|)

PKG: A0000000620102 (LOADED) (|....b..|)

PKG: A0000000620201 (LOADED) (|....b..|)

PKG: A000000062020801 (LOADED) (|....b...|)

PKG: A00000006202080101 (LOADED) (|....b....|)

PKG: A0000000620002 (LOADED) (|....b..|)

PKG: A0000000620003 (LOADED) (|....b..|)

PKG: A000000062010101 (LOADED) (|....b...|)

PKG: A00000015100 (LOADED) (|....Q.|)

PKG: A0000000090005FFFFFFFF8911000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8912000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8913000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8911010000 (LOADED) (|................|)

PKG: A0000000871005FFFFFFFF8913100000 (LOADED) (|................|)

PKG: A0000000871005FFFFFFFF8913200000 (LOADED) (|............. ..|)

PKG: A0000000090003FFFFFFFF8910710001 (LOADED) (|.............q..|)

PKG: A0000000090003FFFFFFFF8910710002 (LOADED) (|.............q..|)

PKG: A0000000090005FFFFFFFF8915000000 (LOADED) (|................|)

PKG: A00000015141434C (LOADED) (|....QACL|)

PKG: A0000000620001 (LOADED) (|....b..|)

PKG: 4A6176656C696E2E6A637265 (LOADED) (|Javelin.jcre|)

PKG: A0000000620101 (LOADED) (|....b..|)

PKG: A0000000620102 (LOADED) (|....b..|)

PKG: A0000000620201 (LOADED) (|....b..|)

PKG: A000000062020801 (LOADED) (|....b...|)

PKG: A00000006202080101 (LOADED) (|....b....|)

PKG: A0000000620002 (LOADED) (|....b..|)

PKG: A0000000620003 (LOADED) (|....b..|)

PKG: A000000062010101 (LOADED) (|....b...|)

PKG: A00000015100 (LOADED) (|....Q.|)

PKG: A0000000090005FFFFFFFF8911000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8912000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8913000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8911010000 (LOADED) (|................|)

PKG: A0000000871005FFFFFFFF8913100000 (LOADED) (|................|)

PKG: A0000000871005FFFFFFFF8913200000 (LOADED) (|............. ..|)

PKG: A0000000090003FFFFFFFF8910710001 (LOADED) (|.............q..|)

PKG: A0000000090003FFFFFFFF8910710002 (LOADED) (|.............q..|)

PKG: A0000000090005FFFFFFFF8915000000 (LOADED) (|................|)

PKG: A00000015141434C (LOADED) (|....QACL|)
     Applet:  A00000015141434C00 (|....QACL.|)

(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80CAFF4000
Certificate 1: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$

@herlesupreeth
Copy link
Owner

It could be ROM, i suspect it may not have support for Carrier Privileges. Can you test it on any other unlocked (non-carrier bound) phones?

@RafalArciszewski
Copy link
Author

I have one with LineageOS (Android v10), but without Google Apps and Play Store. Do you have an apk version of CoIMS?

@herlesupreeth
Copy link
Owner

I think you can find it here - https://m.apkpure.com/coims/com.sherle.coims

@RafalArciszewski
Copy link
Author

nope, on LineageOS (android v10) is not working. I found other non-custom phone Bittium (Android v9) and it is the same problem.
It must be a problem with sysmoISIM-SJA2.

@RafalArciszewski
Copy link
Author

is it possible to delete the preconfigured apllet using shadysim_isim.py ?

@herlesupreeth
Copy link
Owner

Yes, it is.

# Deleting applet
$ python shadysim_isim.py --pcsc -d A00000015141434C --kic KIC3 --kid KID3

@RafalArciszewski
Copy link
Author

KIC3 and KID3? Not KIC1 and KID1?

@RafalArciszewski
Copy link
Author

I noticed that in my sim AID is a00000015141434c but AIDinstance a00000015141434c00. Maybe this is the problem?

@herlesupreeth
Copy link
Owner

I noticed that in my sim AID is a00000015141434c but AIDinstance a00000015141434c00. Maybe this is the problem?

That is correct

KIC3 and KID3? Not KIC1 and KID1?

Sorry my bad, its KIC1 and KID1

@RafalArciszewski
Copy link
Author

I reinstalled the applet and it finally worked on non-custom ROM Android. On custom ROM it is not working, unfortunately

I got 'SIM Carrier id=-1' in CoIMS app, but this is a different story, I believe.

Thank you for your time!


(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -d A00000015141434C --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -t --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A
AID: a0000000620001, State: 01, Privs: 00
AID: 4a6176656c696e2e6a637265, State: 01, Privs: 00
AID: a0000000620101, State: 01, Privs: 00
AID: a0000000620102, State: 01, Privs: 00
AID: a0000000620201, State: 01, Privs: 00
AID: a000000062020801, State: 01, Privs: 00
AID: a00000006202080101, State: 01, Privs: 00
AID: a0000000620002, State: 01, Privs: 00
AID: a0000000620003, State: 01, Privs: 00
AID: a000000062010101, State: 01, Privs: 00
AID: a00000015100, State: 01, Privs: 00
AID: a0000000090005ffffffff8911000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8912000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8913000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8911010000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913100000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913200000, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710001, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710002, State: 01, Privs: 00
AID: a0000000090005ffffffff8915000000, State: 01, Privs: 00
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80CAFF4000
Traceback (most recent call last):
  File "shadysim_isim.py", line 462, in <module>
    raise RuntimeError("SW match failed! Expected %s and got %s." % ('9000', aram_rv[1]))
RuntimeError: SW match failed! Expected 9000 and got 6a82.
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -l applet.cap -i applet.cap  --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --module-aid A00000015141434C00 --instance-aid A00000015141434C00
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -t --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A
AID: a0000000620001, State: 01, Privs: 00
AID: 4a6176656c696e2e6a637265, State: 01, Privs: 00
AID: a0000000620101, State: 01, Privs: 00
AID: a0000000620102, State: 01, Privs: 00
AID: a0000000620201, State: 01, Privs: 00
AID: a000000062020801, State: 01, Privs: 00
AID: a00000006202080101, State: 01, Privs: 00
AID: a0000000620002, State: 01, Privs: 00
AID: a0000000620003, State: 01, Privs: 00
AID: a000000062010101, State: 01, Privs: 00
AID: a00000015100, State: 01, Privs: 00
AID: a0000000090005ffffffff8911000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8912000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8913000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8911010000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913100000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913200000, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710001, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710002, State: 01, Privs: 00
AID: a0000000090005ffffffff8915000000, State: 01, Privs: 00
AID: a00000015141434c, State: 01, Privs: 00
	Instance AID: a00000015141434c00
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80CAFF4000
Traceback (most recent call last):
  File "shadysim_isim.py", line 471, in <module>
    while res[n] != 0xe2:
IndexError: list index out of range
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80E2900033F031E22FE11E4F06FFFFFFFFFFFFC114E46872F28B350B7E1F140DE535C2A8D5804F0BE3E30DD00101DB080000000000000001
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80CAFF4000
Certificate 1: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@herlesupreeth @RafalArciszewski