diff options
-rwxr-xr-x | pySim-prog.py | 14 | ||||
-rw-r--r-- | pySim/cards.py | 16 |
2 files changed, 26 insertions, 4 deletions
diff --git a/pySim-prog.py b/pySim-prog.py index 5e5f063..650d8ea 100755 --- a/pySim-prog.py +++ b/pySim-prog.py @@ -62,6 +62,9 @@ def parse_options(): help="Card type (user -t list to view) [default: %default]", default="auto", ) + parser.add_option("-a", "--pin-adm", dest="pin_adm", + help="ADM PIN used for provisioning (overwrites default)", + ) parser.add_option("-e", "--erase", dest="erase", action='store_true', help="Erase beforehand [default: %default]", default=False, @@ -249,7 +252,7 @@ def derive_milenage_opc(ki_hex, op_hex): return b2h(strxor(opc_bytes, h2b(op_hex))) def gen_parameters(opts): - """Generates Name, ICCID, MCC, MNC, IMSI, SMSP, Ki from the + """Generates Name, ICCID, MCC, MNC, IMSI, SMSP, Ki, PIN-ADM from the options given by the user""" # MCC/MNC @@ -374,6 +377,14 @@ def gen_parameters(opts): else: opc = ''.join(['%02x' % random.randrange(0,256) for i in range(16)]) + if opts.pin_adm is not None: + if len(opts.pin_adm) > 8: + raise ValueError("PIN-ADM needs to be <=8 digits") + pin_adm = ''.join(['%02x'%(ord(x)) for x in opts.pin_adm]) + pin_adm = rpad(pin_adm, 16) + else: + pin_adm = None + # Return that return { @@ -386,6 +397,7 @@ def gen_parameters(opts): 'ki' : ki, 'opc' : opc, 'acc' : acc, + 'pin_adm' : pin_adm, } diff --git a/pySim/cards.py b/pySim/cards.py index 4456abc..27083be 100644 --- a/pySim/cards.py +++ b/pySim/cards.py @@ -264,7 +264,11 @@ class GrcardSim(Card): #self._scc.verify_chv(4, h2b("4444444444444444")) # Authenticate using ADM PIN 5 - self._scc.verify_chv(5, h2b("4444444444444444")) + if p['pin_adm']: + pin = p['pin_adm'] + else: + pin = h2b("4444444444444444") + self._scc.verify_chv(5, pin) # EF.ICCID r = self._scc.select_file(['3f00', '2fe2']) @@ -365,11 +369,17 @@ class SysmoSIMgr2(Card): # P1: 3A for PIN, 3B for PUK # P2: CHV number, as in VERIFY CHV for PIN, and as in UNBLOCK CHV for PUK # P3: 08, CHV length (curiously the PUK is also 08 length, instead of 10) - pdu = 'A0D43A0508' + "4444444444444444" + if p['pin_adm']: + pin = p['pin_adm'] + else: + pin = h2b("4444444444444444") + + pdu = 'A0D43A0508' + b2h(pin) data, sw = self._scc._tp.send_apdu(pdu) # authenticate as ADM (enough to write file, and can set PINs) - self._scc.verify_chv(0x05, h2b("4444444444444444")) + + self._scc.verify_chv(0x05, pin) # write EF.ICCID data, sw = self._scc.update_binary('2fe2', enc_iccid(p['iccid'])) |