We got our hands on an HID OMNIKEY 3121 card reader that we were going to use to program a sysmocom sysmoUSIM-SJS1 SIM card on a Fedora
25 (64bit).
After attaching the card reader on the host machine, we executed lsusb
to verify that we could see the card reader on the host machine.
Among the results we got the following line indicating that the card reader was available.
$ lsusb ... Bus 003 Device 002: ID 076b:3022 OmniKey AG CardMan 3021 ...
Then we added a SIM
card to the reader to prepare it for reading and updated our system:
sudo dnf upgrade -y;
To read and program the SIM
card we decided to use the pySim-prog utility (http://git.osmocom.org/pysim/about/).
pySim-prog
is a small command line utility written in python
, which is used for programming various programmable SIM
/USIM
cards like the sysmoUSIM-SJS1
.
To use the utility, we first installed the needed dependencies using the following command:
sudo dnf install ca-certificates python-pip swig python-devel pcsc-lite-devel git pcsc-lite redhat-rpm-config pcsc-tools -y;
Then we started the pcscd
service as such:
sudo systemctl start pcscd;
Please note that if you want to automatically start the pcscd
service at each boot execute:
sudo systemctl enable pcscd;
Then we used sudo pcsc_scan
tool to test that the reader is functioning properly as it regularly scans every PC/SC
readers connected to the host.
We got some data similar to this:
$ sudo pcsc_scan PC/SC device scanner V 1.4.25 (c) 2001-2011, Ludovic Rousseau <ludovic.rousseau@free.fr> Compiled with PC/SC lite version: 1.8.15 Using reader plug'n play mechanism Scanning present readers... 0: OMNIKEY AG 3121 USB 00 00 Fri May 26 19:22:15 2017 Reader 0: OMNIKEY AG 3121 USB 00 00 Card state: Card inserted, ATR: 18 00 00 01 A5 3B 9F 96 80 1F 21 13 67 43 20 07 C7 80 31 A0 73 BE ATR: 18 00 00 01 A5 3B 9F 96 80 1F 21 13 67 43 20 07 C7 80 31 A0 73 BE + TS = 3B --> Direct Convention + T0 = 9F, Y(1): 1001, K: 15 (historical bytes) TA(1) = 96 --> Fi=512, Di=32, 16 cycles/ETU 250000 bits/s at 4 MHz, fMax for Fi = 5 MHz => 312500 bits/s TD(1) = 80 --> Y(i+1) = 1000, Protocol T = 0 ----- TD(2) = 1F --> Y(i+1) = 0001, Protocol T = 15 - Global interface bytes following ----- TA(3) = C7 --> Clock stop: no preference - Class accepted by the card: (3G) A 5V B 3V C 1.8V + Historical bytes: 00 00 01 80 31 A0 67 43 20 07 18 73 BE 21 13 Category indicator byte: 80 (compact TLV data object) Tag: 3, len: 1 (card service data byte) Card service data byte: A0 - Application selection: by full DF name - BER-TLV data objects available in EF.DIR - EF.DIR and EF.ATR access services: by GET RECORD(s) command - Card with MF Tag: 7, len: 3 (card capabilities) Selection methods: BE - DF selection by full DF name - DF selection by path - DF selection by file identifier - Implicit DF selection - Short EF identifier supported - Record number supported Data coding byte: 21 - Behaviour of write functions: proprietary - Value 'FF' for the first byte of BER-TLV tag fields: invalid - Data unit in quartets: 2 Command chaining, length fields and logical channels: 13 - Logical channel number assignment: by the card - Maximum number of logical channels: 4 Tag: 6, len: 7 (pre-issuing data) Data: 43 20 00 01 07 18 00 + TCK = A5 (correct checksum) Possibly identified card (using /usr/share/pcsc/smartcard_list.txt): 18 00 00 01 A5 3B 9F 96 80 1F 21 13 67 43 20 07 C7 80 31 A0 73 BE sysmoUSIM-SJS1 (Telecommunication) http://www.sysmocom.de/products/sysmousim-sjs1-sim-usim
We hit Ctrl
+C
to terminate the application.
After this successful test, we proceeded into getting the software of pysim
and installing an additional python
dependency called pyscard
through pip
.
sudo pip install --upgrade pip; sudo pip install pyscard;
Later, we cloned the pysim
repository:
git clone http://git.osmocom.org/pysim/; cd pysim;
And finally, we started using it.
Read SIM information
To read the information on the SIM
card, we executed the following
sudo python2 pySim-read.py --pcsc-device=0;
And got this back:
Reading ... ICCID: 0000898100110000821 IMSI: 900659000010170 SMSP: fffffffffffffffffffafffafffbffffffffffffffff0581ffffffffffe1ffffffffffffffffff005155f5ffffffffffff000000 ACC: 0200 MSISDN: Not available Done !
Write SIM information
To write to the SIM
new information we executed the following:
sudo python2 pySim-prog.py --pcsc-device=0 --type sysmoUSIM-SJS1 --pin-adm=81297587 --mcc=901 --mnc=71 --imsi=901700106590000 --iccid=8982211003300110000 --opc=3987059FEF153333661279FB1FC74BE0 --ki=1DAA6FA8B2549F20D0F42113E62B9925;
Which resulted in the following successful message:
Insert card now (or CTRL-C to cancel) Generated card parameters : > Name : Magic > SMSP : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000 > ICCID : 8982211003300110000 > MCC/MNC : 901/71 > IMSI : 901700106590000 > Ki : 1DAA6FA8B2549F20D0F42113E62B9925 > OPC : 3987059FEF153333661279FB1FC74BE0 > ACC : None Programming ... Done !