search

herlesupreeth / CoIMS_Wiki

Wiki for overriding IMS settings to enable VoLTE/VoWiFi using Carrier Privileges in Android phones
BSD 2-Clause "Simplified" License
81 stars 25 forks source link

sysmoISIM-SJA2 - Problem with installing Certificate on Sysmocom ISIM card #9

Open RafalArciszewski opened 3 years ago

RafalArciszewski commented 3 years ago

Hi @herlesupreeth I have a problem with installing certificate on my new sysmocom ISIM card: sysmoISIM-SJA2 with preinstalled ARA-M applet. I followed the guide and there is an error when checking the status "Error: Could not read A00000015141434C00". I found old issue https://github.com/herlesupreeth/CoIMS_Wiki/issues/7 and I tried to use GP v20.08.16 or GP v19.06.16 but with no lack.

Can you look at this log, is installing certificate correct? Thanks Rafal

sum@xubuntu-vm:~/CoIMS_Wiki$ gp --key-enc 158053BBB10A543A7E891DFA02E38A37 --key-mac 6B2B764F5C4E89D755D1F2CD52E19C25 --key-dek AF52B0B682ED873218DA2E5BAB4A6AB5 -lvid
SCardConnect("Alcor Micro AU9560 00 00", T=*) -> T=0, 3B9F96801F878031E073FE211B674A4C753034054BA9
GlobalPlatformPro v20.04.14-0-geaee04c
Running on Linux 5.8.0-50-generic amd64, Java 11.0.10 by Ubuntu
A>> T=0 (4+0000) 00A40400 00 
A<< (0018+2) (33ms) 6F108408A000000003000000A5049F6501FF 9000
A>> T=0 (4+0000) 80CA9F7F 00 
A<< (0000+2) (11ms) 6A88
A>> T=0 (4+0000) 00CA9F7F 00 
A<< (0000+2) (11ms) 6E00
[main] WARN pro.javacard.gp.GPData - GET DATA(CPLC) not supported
A>> T=0 (4+0000) 80CA0042 00 
A<< (0005+2) (23ms) 4203000000 9000
IIN: 4203000000
A>> T=0 (4+0000) 80CA0045 00 
A<< (0004+2) (22ms) 45020000 9000
CIN: 45020000
Card Data: 
A>> T=0 (4+0000) 80CA0066 00 
A<< (0051+2) (21ms) 6631732F06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040215 9000
Tag 6: 1.2.840.114283.1
-> Global Platform card
Tag 60: 1.2.840.114283.2.2.1.1
-> GP Version: 2.1.1
Tag 63: 1.2.840.114283.3
Tag 64: 1.2.840.114283.4.2.21
-> GP SCP02 i=15
Card Capabilities: 
A>> T=0 (4+0000) 80CA0067 00 
A<< (0000+2) (10ms) 6A88
A>> T=0 (4+0000) 80CA00E0 00 
A<< (0074+2) (21ms) E048C00401708010C00402708010C00403708010C00401018010C00402018010C00403018010C00401028010C00402028010C00403028010C00401038010C00402038010C00403038010 9000
Version: 112 (0x70) ID:   1 (0x01) type: DES3 length:  16 
Version: 112 (0x70) ID:   2 (0x02) type: DES3 length:  16 
Version: 112 (0x70) ID:   3 (0x03) type: DES3 length:  16 
Version:   1 (0x01) ID:   1 (0x01) type: DES3 length:  16 
Version:   1 (0x01) ID:   2 (0x02) type: DES3 length:  16 
Version:   1 (0x01) ID:   3 (0x03) type: DES3 length:  16 
Version:   2 (0x02) ID:   1 (0x01) type: DES3 length:  16 
Version:   2 (0x02) ID:   2 (0x02) type: DES3 length:  16 
Version:   2 (0x02) ID:   3 (0x03) type: DES3 length:  16 
Version:   3 (0x03) ID:   1 (0x01) type: DES3 length:  16 
Version:   3 (0x03) ID:   2 (0x02) type: DES3 length:  16 
Version:   3 (0x03) ID:   3 (0x03) type: DES3 length:  16 
[main] WARN pro.javacard.gp.PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[main] WARN pro.javacard.gp.PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[main] WARN pro.javacard.gp.PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[main] INFO pro.javacard.gp.GPSession - Using card master keys: ENC=158053BBB10A543A7E891DFA02E38A37 (KCV: 899C96) MAC=6B2B764F5C4E89D755D1F2CD52E19C25 (KCV: 225ED6) DEK=AF52B0B682ED873218DA2E5BAB4A6AB5 (KCV: D549F1) for null
A>> T=0 (4+0008) 80500000 08 0215D5EB4CCC1159 00
A<< (0028+2) (53ms) 0000000000000000000070020009044C74AAEF2E34F25F7E5BF39418 9000
[main] INFO pro.javacard.gp.GPSession - Diversified card keys: ENC=158053BBB10A543A7E891DFA02E38A37 (KCV: 899C96) MAC=6B2B764F5C4E89D755D1F2CD52E19C25 (KCV: 225ED6) DEK=AF52B0B682ED873218DA2E5BAB4A6AB5 (KCV: D549F1) for SCP02
[main] INFO pro.javacard.gp.GPSession - Session keys: ENC=538794970FFC2F7987627B34F6BDCAF8 MAC=ABEFA3BB9B1D1A8F3D0A36685E783EC9 RMAC=32D6DE1D4109885E93EA46B6CFA9B82E, card keys=ENC=158053BBB10A543A7E891DFA02E38A37 (KCV: 899C96) MAC=6B2B764F5C4E89D755D1F2CD52E19C25 (KCV: 225ED6) DEK=AF52B0B682ED873218DA2E5BAB4A6AB5 (KCV: D549F1) for SCP02
A>> T=0 (4+0016) 84820100 10 6135C39A1258E012CD65B6251341F47B
A<< (0000+2) (32ms) 9000
A>> T=0 (4+0010) 84F28002 0A 4F004434D4DAB70CE569 00
A<< (0023+2) (38ms) E3154F08A0000000030000009F70010FC50198EA028000 9000
A>> T=0 (4+0010) 84F24002 0A 4F00C8F91AA17E975685 00
A<< (0198+2) (40ms) E31D4F10A0000000871002FFFFFFFF89070900009F700107C50100EA028000E31D4F10A0000000871004FFFFFFFF89070900009F700107C50100EA028000E31D4F10A000000087ABCDFFFFFFFF89070900009F700107C50100EA028000E3174F0A53696D62614E2E52414D9F700107C50100EA028000E31D4F10A0000000090001FFFFFFFF89000000009F700107C50104EA028000E3174F0A53696D62614E2E52464D9F700107C50100EA028000E3164F09A00000015141434C009F700107C50100EA028000 9000
A>> T=0 (4+0010) 84F21002 0A 4F0073DC6126AEEC711B 00
A<< (0221+2) (47ms) E30D4F07A00000006200019F700101E3124F0C4A6176656C696E2E6A6372659F700101E30D4F07A00000006201019F700101E30D4F07A00000006201029F700101E30D4F07A00000006202019F700101E30E4F08A0000000620208019F700101E30F4F09A000000062020801019F700101E30D4F07A00000006200029F700101E30D4F07A00000006200039F700101E30E4F08A0000000620101019F700101E30C4F06A000000151009F700101E3164F10A0000000090005FFFFFFFF89110000009F700101E3164F10A0000000090005FFFFFFFF89120000009F700101 6310
A>> T=0 (4+0010) 84F21003 0A 4F005479C154B99421E3 00
A<< (0195+2) (44ms) E3164F10A0000000090005FFFFFFFF89130000009F700101E3164F10A0000000090005FFFFFFFF89110100009F700101E3164F10A0000000871005FFFFFFFF89131000009F700101E3164F10A0000000871005FFFFFFFF89132000009F700101E3164F10A0000000090003FFFFFFFF89107100019F700101E3164F10A0000000090003FFFFFFFF89107100029F700101E3164F10A0000000090005FFFFFFFF89150000009F700101E3194F08A00000015141434C9F7001018409A00000015141434C00 9000
A>> T=0 (4+0010) 84F22002 0A 4F00C2CEE4DE4D2F4640 00
A<< (0221+2) (40ms) E30D4F07A00000006200019F700101E3124F0C4A6176656C696E2E6A6372659F700101E30D4F07A00000006201019F700101E30D4F07A00000006201029F700101E30D4F07A00000006202019F700101E30E4F08A0000000620208019F700101E30F4F09A000000062020801019F700101E30D4F07A00000006200029F700101E30D4F07A00000006200039F700101E30E4F08A0000000620101019F700101E30C4F06A000000151009F700101E3164F10A0000000090005FFFFFFFF89110000009F700101E3164F10A0000000090005FFFFFFFF89120000009F700101 6310
A>> T=0 (4+0010) 84F22003 0A 4F008A712E6366C2A59C 00
A<< (0184+2) (44ms) E3164F10A0000000090005FFFFFFFF89130000009F700101E3164F10A0000000090005FFFFFFFF89110100009F700101E3164F10A0000000871005FFFFFFFF89131000009F700101E3164F10A0000000871005FFFFFFFF89132000009F700101E3164F10A0000000090003FFFFFFFF89107100019F700101E3164F10A0000000090003FFFFFFFF89107100029F700101E3164F10A0000000090005FFFFFFFF89150000009F700101E30E4F08A00000015141434C9F700101 9000
ISD: A000000003000000 (SECURED)
     Privs:   SecurityDomain, CardLock, CardTerminate

APP: A0000000871002FFFFFFFF8907090000 (SELECTABLE) (|................|)
     Privs:   

APP: A0000000871004FFFFFFFF8907090000 (SELECTABLE) (|................|)
     Privs:   

APP: A000000087ABCDFFFFFFFF8907090000 (SELECTABLE) (|................|)
     Privs:   

APP: 53696D62614E2E52414D (SELECTABLE) (|SimbaN.RAM|)
     Privs:   

APP: A0000000090001FFFFFFFF8900000000 (SELECTABLE) (|................|)
     Privs:   CardReset

APP: 53696D62614E2E52464D (SELECTABLE) (|SimbaN.RFM|)
     Privs:   

APP: A00000015141434C00 (SELECTABLE) (|....QACL.|)
     Privs:   

PKG: A0000000620001 (LOADED) (|....b..|)

PKG: 4A6176656C696E2E6A637265 (LOADED) (|Javelin.jcre|)

PKG: A0000000620101 (LOADED) (|....b..|)

PKG: A0000000620102 (LOADED) (|....b..|)

PKG: A0000000620201 (LOADED) (|....b..|)

PKG: A000000062020801 (LOADED) (|....b...|)

PKG: A00000006202080101 (LOADED) (|....b....|)

PKG: A0000000620002 (LOADED) (|....b..|)

PKG: A0000000620003 (LOADED) (|....b..|)

PKG: A000000062010101 (LOADED) (|....b...|)

PKG: A00000015100 (LOADED) (|....Q.|)

PKG: A0000000090005FFFFFFFF8911000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8912000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8913000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8911010000 (LOADED) (|................|)

PKG: A0000000871005FFFFFFFF8913100000 (LOADED) (|................|)

PKG: A0000000871005FFFFFFFF8913200000 (LOADED) (|............. ..|)

PKG: A0000000090003FFFFFFFF8910710001 (LOADED) (|.............q..|)

PKG: A0000000090003FFFFFFFF8910710002 (LOADED) (|.............q..|)

PKG: A0000000090005FFFFFFFF8915000000 (LOADED) (|................|)

PKG: A00000015141434C (LOADED) (|....QACL|)
     Applet:  A00000015141434C00 (|....QACL.|)

sum@xubuntu-vm:~/CoIMS_Wiki$ gp --key-enc 158053BBB10A543A7E891DFA02E38A37 --key-mac 6B2B764F5C4E89D755D1F2CD52E19C25 --key-dek AF52B0B682ED873218DA2E5BAB4A6AB5 -a 00A4040009A00000015141434C0000 -a 80E2900033F031E22FE11E4F06FFFFFFFFFFFFC114E46872F28B350B7E1F140DE535C2A8D5804F0BE3E30DD00101DB080000000000000001 -d -v
SCardConnect("Alcor Micro AU9560 00 00", T=*) -> T=0, 3B9F96801F878031E073FE211B674A4C753034054BA9
GlobalPlatformPro v20.04.14-0-geaee04c
Running on Linux 5.8.0-50-generic amd64, Java 11.0.10 by Ubuntu
A>> T=0 (4+0009) 00A40400 09 A00000015141434C00 00
A<< (0000+2) (16ms) 6E00
A>> T=0 (4+0051) 80E29000 33 F031E22FE11E4F06FFFFFFFFFFFFC114E46872F28B350B7E1F140DE535C2A8D5804F0BE3E30DD00101DB080000000000000001
A<< (0000+2) (182ms) 9000
A>> T=0 (4+0000) 00A40400 00 
A<< (0018+2) (58ms) 6F108408A000000003000000A5049F6501FF 9000
sum@xubuntu-vm:~/CoIMS_Wiki$ 
sum@xubuntu-vm:~/CoIMS_Wiki$ 
sum@xubuntu-vm:~/CoIMS_Wiki$ gp --key-enc 158053BBB10A543A7E891DFA02E38A37 --key-mac 6B2B764F5C4E89D755D1F2CD52E19C25 --key-dek AF52B0B682ED873218DA2E5BAB4A6AB5 --acr-list-aram -d -v 
SCardConnect("Alcor Micro AU9560 00 00", T=*) -> T=0, 3B9F96801F878031E073FE211B674A4C753034054BA9
GlobalPlatformPro v20.04.14-0-geaee04c
Running on Linux 5.8.0-50-generic amd64, Java 11.0.10 by Ubuntu
A>> T=0 (4+0000) 00A40400 00 
A<< (0018+2) (27ms) 6F108408A000000003000000A5049F6501FF 9000
A>> T=0 (4+0009) 00A40400 09 A00000015141434C00 00
A<< (0000+2) (9ms) 6E00
Error: Could not read A00000015141434C00
sum@xubuntu-vm:~/CoIMS_Wiki$
herlesupreeth commented 3 years ago

sum@xubuntu-vm:~/CoIMS_Wiki$ gp --key-enc 158053BBB10A543A7E891DFA02E38A37 --key-mac 6B2B764F5C4E89D755D1F2CD52E19C25 --key-dek AF52B0B682ED873218DA2E5BAB4A6AB5 --acr-list-aram -d -v SCardConnect("Alcor Micro AU9560 00 00", T=*) -> T=0, 3B9F96801F878031E073FE211B674A4C753034054BA9 GlobalPlatformPro v20.04.14-0-geaee04c Running on Linux 5.8.0-50-generic amd64, Java 11.0.10 by Ubuntu A>> T=0 (4+0000) 00A40400 00 A<< (0018+2) (27ms) 6F108408A000000003000000A5049F6501FF 9000 A>> T=0 (4+0009) 00A40400 09 A00000015141434C00 00 A<< (0000+2) (9ms) 6E00 Error: Could not read A00000015141434C00

You can ignore this, as its just to list out certificates loaded onto the applet. If you really want to see the certificates loaded use the following method - https://github.com/herlesupreeth/CoIMS_Wiki#step-4-list-certificates-loaded-onto-ara-m-applet

RafalArciszewski commented 3 years ago

Thanks @herlesupreeth

It seems that there are 6 cerfificates installed. However CoIMS app do not get priviliges


venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -t --kic 158053BBB10A543A7E891DFA02E38A37 --kid 6B2B764F5C4E89D755D1F2CD52E19C25
AID: a0000000620001, State: 01, Privs: 00
AID: 4a6176656c696e2e6a637265, State: 01, Privs: 00
AID: a0000000620101, State: 01, Privs: 00
AID: a0000000620102, State: 01, Privs: 00
AID: a0000000620201, State: 01, Privs: 00
AID: a000000062020801, State: 01, Privs: 00
AID: a00000006202080101, State: 01, Privs: 00
AID: a0000000620002, State: 01, Privs: 00
AID: a0000000620003, State: 01, Privs: 00
AID: a000000062010101, State: 01, Privs: 00
AID: a00000015100, State: 01, Privs: 00
AID: a0000000090005ffffffff8911000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8912000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8913000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8911010000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913100000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913200000, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710001, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710002, State: 01, Privs: 00
AID: a0000000090005ffffffff8915000000, State: 01, Privs: 00
AID: a00000015141434c, State: 01, Privs: 00
    Instance AID: a00000015141434c00
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -t --kic 158053BBB10A543A7E891DFA02E38A37 --kid 6B2B764F5C4E89D755D1F2CD52E19C25 --aram-apdu 80CAFF4000
Certificate 1: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
Certificate 2: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
Certificate 3: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
Certificate 4: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
Certificate 5: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
Certificate 6: e22fe11e4f
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$
herlesupreeth commented 3 years ago

Have you put the SIM card in slot 0 of the phone? If so, can you tell me which phone you are using?

RafalArciszewski commented 3 years ago

I have only one slot in the phone. Its Sony Xperia X F5121 with Android 8.0.0.

herlesupreeth commented 3 years ago

Ah i see, then please go to app permission and give all the permissions required. Then, close the app completely and re-open

RafalArciszewski commented 3 years ago

There was only one permission possible: 'phone'. Unfortunately still not working. Maybe I should remove all those certificates and install only one? How to do it?

RafalArciszewski commented 3 years ago

I've installed only one certificate on second SIM and tested on two phones (Sony Xperia X F5121 and LG G6 both with Android 8.0.0) and the result is "App does not have Carrier Privileges".

I must be missing something. Mayby that preinstalled applet on sysmoISIM-SJA2 is incorrect? Should SIMs be registred in the network in order CoIMS work? (currently they are not )

Log from the second card:


(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -t --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A
AID: a0000000620001, State: 01, Privs: 00
AID: 4a6176656c696e2e6a637265, State: 01, Privs: 00
AID: a0000000620101, State: 01, Privs: 00
AID: a0000000620102, State: 01, Privs: 00
AID: a0000000620201, State: 01, Privs: 00
AID: a000000062020801, State: 01, Privs: 00
AID: a00000006202080101, State: 01, Privs: 00
AID: a0000000620002, State: 01, Privs: 00
AID: a0000000620003, State: 01, Privs: 00
AID: a000000062010101, State: 01, Privs: 00
AID: a00000015100, State: 01, Privs: 00
AID: a0000000090005ffffffff8911000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8912000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8913000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8911010000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913100000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913200000, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710001, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710002, State: 01, Privs: 00
AID: a0000000090005ffffffff8915000000, State: 01, Privs: 00
AID: a00000015141434c, State: 01, Privs: 00
    Instance AID: a00000015141434c00
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80CAFF4000
Traceback (most recent call last):
  File "shadysim_isim.py", line 471, in <module>
    while res[n] != 0xe2:
IndexError: list index out of range
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80E2900033F031E22FE11E4F06FFFFFFFFFFFFC114E46872F28B350B7E1F140DE535C2A8D5804F0BE3E30DD00101DB080000000000000001
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80CAFF4000
Certificate 1: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$
herlesupreeth commented 3 years ago

I must be missing something. Mayby that preinstalled applet on sysmoISIM-SJA2 is incorrect? Should SIMs be registred in the network in order CoIMS work? (currently they are not )

SIM does not need to be registered for CoIMS to work

herlesupreeth commented 3 years ago

Are those phones running any custom ROM?

Can you also try the --acr-list-aram command using GP v19.06.16 and send me the logs?

RafalArciszewski commented 3 years ago

Yes, the phones are from T-Mobile and most likely have custom ROM.

The log:


(venv) sum@xubuntu-vm:~/GP_19.06.16$ gp --key-enc BD75A608BCDFAC530A0986FAF58ABBD3 --key-mac BE5AC5488EF16C9D2AAFF3EC0787022A --key-dek A6303BD5FCB60168BC7563F55B02E937 --acr-list-aram -v -d
GlobalPlatformPro 19.06.16-0-gbaccf34
Running on Linux 5.8.0-50-generic amd64, Java 11.0.11 by Ubuntu
# Detected readers from JNA2PCSC
[*] Alcor Micro AU9560 00 00
SCardConnect("Alcor Micro AU9560 00 00", T=*) -> T=0, 3B9F96801F878031E073FE211B674A4C753034054BA9
SCardBeginTransaction("Alcor Micro AU9560 00 00")
Reader: Alcor Micro AU9560 00 00
ATR: 3B9F96801F878031E073FE211B674A4C753034054BA9
More information about your card:
    http://smartcard-atr.appspot.com/parse?ATR=3B9F96801F878031E073FE211B674A4C753034054BA9

A>> T=0 (4+0000) 00A40400 00 
A<< (0018+2) (24ms) 6F108408A000000003000000A5049F6501FF 9000
[TRACE] GPSession -  [6F]
[TRACE] GPSession -      [84] A000000003000000
[TRACE] GPSession -      [A5]
[TRACE] GPSession -          [9F65] FF
[DEBUG] GPSession - Auto-detected ISD: A000000003000000
A>> T=0 (4+0009) 00A40400 09 A00000015141434C00 00
A<< (0000+2) (8ms) 6E00
Could not read A00000015141434C00
(venv) sum@xubuntu-vm:~/GP_19.06.16$ 

(venv) sum@xubuntu-vm:~/GP_19.06.16$ gp --key-enc BD75A608BCDFAC530A0986FAF58ABBD3 --key-mac BE5AC5488EF16C9D2AAFF3EC0787022A --key-dek A6303BD5FCB60168BC7563F55B02E937 -lvi
GlobalPlatformPro 19.06.16-0-gbaccf34
Running on Linux 5.8.0-50-generic amd64, Java 11.0.11 by Ubuntu
Reader: Alcor Micro AU9560 00 00
ATR: 3B9F96801F878031E073FE211B674A4C753034054BA9
More information about your card:
    http://smartcard-atr.appspot.com/parse?ATR=3B9F96801F878031E073FE211B674A4C753034054BA9

[DEBUG] GPSession - Auto-detected ISD: A000000003000000
[WARN] GPData - GET DATA(CPLC) not supported
IIN: 4203000000
CIN: 45020000
Card Data: 
Tag 6: 1.2.840.114283.1
-> Global Platform card
Tag 60: 1.2.840.114283.2.2.1.1
-> GP Version: 2.1.1
Tag 63: 1.2.840.114283.3
Tag 64: 1.2.840.114283.4.2.21
-> GP SCP02 i=15
Card Capabilities: 
[DEBUG] GPData - GET DATA(Card Capabilities): N/A
Version: 112 (0x70) ID:   1 (0x01) type: DES3 length:  16 
Version: 112 (0x70) ID:   2 (0x02) type: DES3 length:  16 
Version: 112 (0x70) ID:   3 (0x03) type: DES3 length:  16 
Version:   1 (0x01) ID:   1 (0x01) type: DES3 length:  16 
Version:   1 (0x01) ID:   2 (0x02) type: DES3 length:  16 
Version:   1 (0x01) ID:   3 (0x03) type: DES3 length:  16 
Version:   2 (0x02) ID:   1 (0x01) type: DES3 length:  16 
Version:   2 (0x02) ID:   2 (0x02) type: DES3 length:  16 
Version:   2 (0x02) ID:   3 (0x03) type: DES3 length:  16 
Version:   3 (0x03) ID:   1 (0x01) type: DES3 length:  16 
Version:   3 (0x03) ID:   2 (0x02) type: DES3 length:  16 
Version:   3 (0x03) ID:   3 (0x03) type: DES3 length:  16 
[WARN] PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[WARN] PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[WARN] PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[INFO] GPSession - Using card master keys: ENC=BD75A608BCDFAC530A0986FAF58ABBD3 (KCV: 6AD0CA) MAC=BE5AC5488EF16C9D2AAFF3EC0787022A (KCV: 92DEC8) DEK=A6303BD5FCB60168BC7563F55B02E937 (KCV: 902A8D) for null
[DEBUG] GPSession - Host challenge: 2F5FDB7D82D2ADDA
[DEBUG] GPSession - Card challenge: 000082FC59B23DA0
[DEBUG] GPSession - Card reports SCP02 with key version 112 (0x70)
[INFO] GPSession - Diversified card keys: ENC=BD75A608BCDFAC530A0986FAF58ABBD3 (KCV: 6AD0CA) MAC=BE5AC5488EF16C9D2AAFF3EC0787022A (KCV: 92DEC8) DEK=A6303BD5FCB60168BC7563F55B02E937 (KCV: 902A8D) for SCP02
[INFO] GPSession - Session keys: ENC=D09EF29E943FA4D63EDE2FA42BD8964A MAC=BC7CD642A869076E64A3E50CD966EB10 RMAC=A7430B85744C4DF140C1B06647F56AC2, card keys=ENC=BD75A608BCDFAC530A0986FAF58ABBD3 (KCV: 6AD0CA) MAC=BE5AC5488EF16C9D2AAFF3EC0787022A (KCV: 92DEC8) DEK=A6303BD5FCB60168BC7563F55B02E937 (KCV: 902A8D) for SCP02
[DEBUG] GPSession - Verified card cryptogram: 55B039C7467C2A70
[DEBUG] GPSession - Calculated host cryptogram: 78BE1618C924E79E
[DEBUG] SCP02Wrapper - MAC input: 848201001078BE1618C924E79E
[DEBUG] SCP02Wrapper - MAC input: 84F280020A4F00
[DEBUG] SCP02Wrapper - MAC input: 84F240020A4F00
[DEBUG] SCP02Wrapper - MAC input: 84F220020A4F00
[DEBUG] SCP02Wrapper - MAC input: 84F220030A4F00
[DEBUG] SCP02Wrapper - MAC input: 84F210020A4F00
[DEBUG] SCP02Wrapper - MAC input: 84F210030A4F00
ISD: A000000003000000 (SECURED)
     Privs:   SecurityDomain, CardLock, CardTerminate

APP: A0000000871002FFFFFFFF8907090000 (SELECTABLE) (|................|)
     Privs:   

APP: A0000000871004FFFFFFFF8907090000 (SELECTABLE) (|................|)
     Privs:   

APP: A000000087ABCDFFFFFFFF8907090000 (SELECTABLE) (|................|)
     Privs:   

APP: 53696D62614E2E52414D (SELECTABLE) (|SimbaN.RAM|)
     Privs:   

APP: A0000000090001FFFFFFFF8900000000 (SELECTABLE) (|................|)
     Privs:   CardReset

APP: 53696D62614E2E52464D (SELECTABLE) (|SimbaN.RFM|)
     Privs:   

APP: A00000015141434C00 (SELECTABLE) (|....QACL.|)
     Privs:   

PKG: A0000000620001 (LOADED) (|....b..|)

PKG: 4A6176656C696E2E6A637265 (LOADED) (|Javelin.jcre|)

PKG: A0000000620101 (LOADED) (|....b..|)

PKG: A0000000620102 (LOADED) (|....b..|)

PKG: A0000000620201 (LOADED) (|....b..|)

PKG: A000000062020801 (LOADED) (|....b...|)

PKG: A00000006202080101 (LOADED) (|....b....|)

PKG: A0000000620002 (LOADED) (|....b..|)

PKG: A0000000620003 (LOADED) (|....b..|)

PKG: A000000062010101 (LOADED) (|....b...|)

PKG: A00000015100 (LOADED) (|....Q.|)

PKG: A0000000090005FFFFFFFF8911000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8912000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8913000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8911010000 (LOADED) (|................|)

PKG: A0000000871005FFFFFFFF8913100000 (LOADED) (|................|)

PKG: A0000000871005FFFFFFFF8913200000 (LOADED) (|............. ..|)

PKG: A0000000090003FFFFFFFF8910710001 (LOADED) (|.............q..|)

PKG: A0000000090003FFFFFFFF8910710002 (LOADED) (|.............q..|)

PKG: A0000000090005FFFFFFFF8915000000 (LOADED) (|................|)

PKG: A00000015141434C (LOADED) (|....QACL|)

PKG: A0000000620001 (LOADED) (|....b..|)

PKG: 4A6176656C696E2E6A637265 (LOADED) (|Javelin.jcre|)

PKG: A0000000620101 (LOADED) (|....b..|)

PKG: A0000000620102 (LOADED) (|....b..|)

PKG: A0000000620201 (LOADED) (|....b..|)

PKG: A000000062020801 (LOADED) (|....b...|)

PKG: A00000006202080101 (LOADED) (|....b....|)

PKG: A0000000620002 (LOADED) (|....b..|)

PKG: A0000000620003 (LOADED) (|....b..|)

PKG: A000000062010101 (LOADED) (|....b...|)

PKG: A00000015100 (LOADED) (|....Q.|)

PKG: A0000000090005FFFFFFFF8911000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8912000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8913000000 (LOADED) (|................|)

PKG: A0000000090005FFFFFFFF8911010000 (LOADED) (|................|)

PKG: A0000000871005FFFFFFFF8913100000 (LOADED) (|................|)

PKG: A0000000871005FFFFFFFF8913200000 (LOADED) (|............. ..|)

PKG: A0000000090003FFFFFFFF8910710001 (LOADED) (|.............q..|)

PKG: A0000000090003FFFFFFFF8910710002 (LOADED) (|.............q..|)

PKG: A0000000090005FFFFFFFF8915000000 (LOADED) (|................|)

PKG: A00000015141434C (LOADED) (|....QACL|)
     Applet:  A00000015141434C00 (|....QACL.|)

(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80CAFF4000
Certificate 1: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$
herlesupreeth commented 3 years ago

It could be ROM, i suspect it may not have support for Carrier Privileges. Can you test it on any other unlocked (non-carrier bound) phones?

RafalArciszewski commented 3 years ago

I have one with LineageOS (Android v10), but without Google Apps and Play Store. Do you have an apk version of CoIMS?

herlesupreeth commented 3 years ago

I think you can find it here - https://m.apkpure.com/coims/com.sherle.coims

RafalArciszewski commented 3 years ago

nope, on LineageOS (android v10) is not working. I found other non-custom phone Bittium (Android v9) and it is the same problem.
It must be a problem with sysmoISIM-SJA2.

RafalArciszewski commented 3 years ago

is it possible to delete the preconfigured apllet using shadysim_isim.py ?

herlesupreeth commented 3 years ago

Yes, it is. 

# Deleting applet
$ python shadysim_isim.py --pcsc -d A00000015141434C --kic KIC3 --kid KID3
RafalArciszewski commented 3 years ago

KIC3 and KID3? Not KIC1 and KID1?

RafalArciszewski commented 3 years ago

I noticed that in my sim AID is a00000015141434c but AIDinstance a00000015141434c00. Maybe this is the problem?

herlesupreeth commented 3 years ago

I noticed that in my sim AID is a00000015141434c but AIDinstance a00000015141434c00. Maybe this is the problem?

That is correct

KIC3 and KID3? Not KIC1 and KID1?

Sorry my bad, its KIC1 and KID1

RafalArciszewski commented 3 years ago

I reinstalled the applet and it finally worked on non-custom ROM Android. On custom ROM it is not working, unfortunately

I got 'SIM Carrier id=-1' in CoIMS app, but this is a different story, I believe.

Thank you for your time!


(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -d A00000015141434C --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -t --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A
AID: a0000000620001, State: 01, Privs: 00
AID: 4a6176656c696e2e6a637265, State: 01, Privs: 00
AID: a0000000620101, State: 01, Privs: 00
AID: a0000000620102, State: 01, Privs: 00
AID: a0000000620201, State: 01, Privs: 00
AID: a000000062020801, State: 01, Privs: 00
AID: a00000006202080101, State: 01, Privs: 00
AID: a0000000620002, State: 01, Privs: 00
AID: a0000000620003, State: 01, Privs: 00
AID: a000000062010101, State: 01, Privs: 00
AID: a00000015100, State: 01, Privs: 00
AID: a0000000090005ffffffff8911000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8912000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8913000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8911010000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913100000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913200000, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710001, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710002, State: 01, Privs: 00
AID: a0000000090005ffffffff8915000000, State: 01, Privs: 00
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80CAFF4000
Traceback (most recent call last):
  File "shadysim_isim.py", line 462, in <module>
    raise RuntimeError("SW match failed! Expected %s and got %s." % ('9000', aram_rv[1]))
RuntimeError: SW match failed! Expected 9000 and got 6a82.
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -l applet.cap -i applet.cap  --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --module-aid A00000015141434C00 --instance-aid A00000015141434C00
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc -t --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A
AID: a0000000620001, State: 01, Privs: 00
AID: 4a6176656c696e2e6a637265, State: 01, Privs: 00
AID: a0000000620101, State: 01, Privs: 00
AID: a0000000620102, State: 01, Privs: 00
AID: a0000000620201, State: 01, Privs: 00
AID: a000000062020801, State: 01, Privs: 00
AID: a00000006202080101, State: 01, Privs: 00
AID: a0000000620002, State: 01, Privs: 00
AID: a0000000620003, State: 01, Privs: 00
AID: a000000062010101, State: 01, Privs: 00
AID: a00000015100, State: 01, Privs: 00
AID: a0000000090005ffffffff8911000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8912000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8913000000, State: 01, Privs: 00
AID: a0000000090005ffffffff8911010000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913100000, State: 01, Privs: 00
AID: a0000000871005ffffffff8913200000, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710001, State: 01, Privs: 00
AID: a0000000090003ffffffff8910710002, State: 01, Privs: 00
AID: a0000000090005ffffffff8915000000, State: 01, Privs: 00
AID: a00000015141434c, State: 01, Privs: 00
    Instance AID: a00000015141434c00
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80CAFF4000
Traceback (most recent call last):
  File "shadysim_isim.py", line 471, in <module>
    while res[n] != 0xe2:
IndexError: list index out of range
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80E2900033F031E22FE11E4F06FFFFFFFFFFFFC114E46872F28B350B7E1F140DE535C2A8D5804F0BE3E30DD00101DB080000000000000001
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ python shadysim_isim.py --pcsc --kic BD75A608BCDFAC530A0986FAF58ABBD3 --kid BE5AC5488EF16C9D2AAFF3EC0787022A --aram-apdu 80CAFF4000
Certificate 1: e22fe11e4f06ffffffffffffc114e46872f28b350b7e1f140de535c2a8d5804f0be3e30dd00101db080000000000000001
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$ 
(venv) sum@xubuntu-vm:~/sim-tools/shadysim$