Knowledge Base - SMAOT UICC: (2G XOR) Quick Guide

Quick Guide on personalising Smartjac 2G SIM cards with XOR algorithm

Let's get started!

2G quickguide1
  1. Start Card ADMIN by choosing Start > Programs > Gemalto > CardAdmin>CardAdmin.
  2. Have a 2G card from Smartjac ready; Do not punch the SIM card out of the plastic card as it needs to be in CR80 format to be entered in smart card reader.
 

Insert your 2G card in the smart card reader

2G quickguide2

The first time the card is inserted in the card reader, Card Admin will not recognize the Card ID (the ATR signature from the card), so you'll need to select the ID and a correct predefined Card Type.

  1. Click on the pull-down menu and select the ATR
  2. Select "2G OP Card" from the Predefined Card Types
  3. Click on "Apply"

If you accidentally chose the wrong card type, please look a this article on how to change it.

 

Select Mode window

2G quickguide3

Leave defaults and Click "Select"

 

Verifying Secret Codes

2G quickguide4

CHV1: 1234
CHV2: 5678

In order to view and edit files on the SIM card you'll need to verify the secret codes. Best practice is to verify them all at once before you start browsing the card and open files. The secret codes for this particular card can be found here.

The CHV / PIN or ADM secret codes are often required to use a command on a file (for example, Read, Update). The secret code to be verified for a given command is specified as an access condition when the file is first created.

To verify a secret code:

  1. Click on the Secret Codes icon on the top menu bar / or right click on the Master File (MF)
  2. Select the code to be verified in the list box.
  3. Select to verify the code in Hex or ASCII.
  4. Check the Hide codes values box if you want to mask the code values as “*”. If you want the code values to show, leave this box unchecked.

Note: If you have checked this box, enter the value carefully as an incorrect value will decrement the ratification counter of the secret code.
6. Enter the code value in the Secret Codes box and click Verify. The result and the corresponding status words are displayed in the status bar below.

Note:
For all cards, if you specify an incorrect value for the secret code, the Counter (ratification counter (Counter assigned to each CHV and ADM code in the card. It records the number of consecutive times the code has been incorrectly entered. If the ratification counter reaches 0 after a pre-determined number of attempts (chosen when the secret code is first created), the secret code is "blocked". If the secret code is entered correctly before it is blocked, the ratification counter is reset to its initial value, otherwise it must be unblocked using the Unblock CHV command. The purpose of the ratification counter is to prevent exhaustive secret code attacks.)) is decremented. If the Counter reaches 0, the card is blocked. In this case, select the Unblock tab.

 

Verifying ADM code using APDU command

2G quickguide5

As these cards are non-gemalto cards, and as the commands to verify Admin codes are different between different suppliers of SIM cards, we'll need to verify ADM codes by sending a specific APDU command.

  1. Click on the "Exchange APDU..." button on the top-menu bar.
 

Verify ADM code on 2G card

2G quickguide6
  1. APDU commands can be saved in a Macro file. If necessary, create a new Macro file to store your APDU commands. This way you don't need to enter the APDU command manually everytime. After entering all APDU data you just add a new command to the file by entering a name and then click "Add".
  2. Enter APDU command A0200000 08 as showed in the screenshot above.
  3. Enter the Admin code 3131313131313131 in the Data in field.
  4. Click on the "Exchange" button

Make sure you got SW1=90 SW2=00 response from the exchange. (Success)

That's it. You have now succesfully verified the ADM code and you can proceed with editing files (EF's).

 

Personalisation sample - Editing some mandatory files

We will proceed by editing some of the files necessary to have a functional SIM card:

  1. Ki
  2. ACC
  3. IMSI
 

Putting the Authentication Key (Ki)

2G quickguide7

On the Smartjac 2G cards the authentication key is stored under MF / EF_220C

The Card Admin scans some predefined ranges and for that reason some files can not be seen unless you specifically select them.

  1. Click on 3F00 - MF - Master File
  2. Right-click on the right panel and select "Select..." on the pop-up menu
  3. Enter 220C in the File Identifier
  4. Click "Select"
  5. Close the Select window
 

Open the file that stores the Ki key: 220C

2G quickguide8
  1. Double-click on 220C to open it
  2. A warning appears that the file is non-readable because of Access rights settings on that file preventing you to read the data in the file. This is ok and is as it should be for security reasons. Click on OK button.
 

Setting the Ki

2G quickguide9

Enter the value of the Ki you want to use. The Ki is 16 bytes and the 2 last bytes are the CRC checksum.
How to calculate this checksum is explained in the Appendix here.

In the case of Ki being 000102030405060708090A0B0C0D0E0F the checksum is 513D

Click on "Update" button
Click on "Close" button

 

Set ACC

2G quickguide10

Each mobile belongs to one out of ten randomly allocated mobile populations, defined as Access Classes 0 to 9. Moreover, some mobiles may be members of one or more out of 5 special categories (Access Classes 11 to 15). Both these access classes are stored in the SIM.
If the mobile belongs to at least one access class allowed by the network, it can make calls. Otherwise all access attempts will be barred. So you need to set a value in this file. If you don't know, just set 00 01 (Normal priority level 0 allocated)
6F 78h, Access Control Class, is a transparent file containing the mobile’s random access class and possibly a special access class.

  1. Select the DF: 7F20 - GSM - GSM directory and on the panel to the right you will find the EF_6F78 file holding the ACC value.
  2. Double click on ACC
  3. Select first line (0)
  4. Click on "Allocated"
  5. Click on "Update" button
  6. Click on "Close" button
 

Set IMSI

2G quickguide11
  1. Select the DF: 7F20 - GSM - GSM directory and on the panel to the right you will find the EF_6F07 file holding the IMSI value.
  2. Double click on IMSI
  3. If the SIM card is "non-personalized" (i.e. only have some default or empty values) , you will get an "Incorrect data read" error. This is OK. Just click "OK" button.
 

Enter IMSI data

2G quickguide12

Enter MCC, MNC and Subscriber number and click "Update" button.

Click "Close" button

 

 

Details

Created : 2016-06-22 16:31:03, Last Modified : 2017-06-15 13:49:36

User Comments

Keyword Search

Newsletter signup

Subscribe to our mailing list
* indicates required
By subscribing you accept our
 

PGP

Below you'll find our PGP public key. Use it to exchange encrypted messages with us.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP Universal 3.4.2 (Build 502)

mQENBFzGz/QBCAC8FtzEkMUfWXOu8nAz+YxXmPxVoJeCKQ5qf15etgyi7r7QBRcs
b5YO0hjSdZgfJnxvOUlIxDWmllZfKxbS19q6fsF2eQfbQ+AYwwtbAuCWIOwqu7ap
th7Y9ljWhUz23JxG+Omau+N+bKnV9SSSNrBuntNwz/+qb+rBp0lL4BSwWJike/I5
PuU4GzzjPuo3G3eYp76Ja70ggLuCT49wvyXRSnt/0SPhvB1cINvABsJNkQ6yi22l
uIRy4Y3epOLSQUS8/IkGZ9KoiNb0qetmSzmANquWsEdwu71ULdHaJ3Hpk7X1Ne6X
+Dd3h4mAvevFzw2Yi61JQJbWf4uZ0zcQvEEpABEBAAG0KVNtYXJ0amFjIE5vcmRp
YyBBQiA8c3VwcG9ydEBzbWFydGphYy5jb20+iQFUBBMBCAA+FiEEm8unywpHv2Oi
vpbB9cZJgsQEF+QFAlzGz/QCGwMFCQPDs6wFCwkIBwIGFQoJCAsCBBYCAwECHgEC
F4AACgkQ9cZJgsQEF+TVwggAhMSVnzh8F79yPYcCKJHivAUN/ATHLlBIW1YEFhwT
zqunpH28/L40tyzOwSXeYAxS0qXCvqhRhzuE7OZpPvyr70DMouBMm2JsoU6fGzTt
TUqoUR6ErouF4FSWffssjF+Hx4e6KXD1lyzROvLXDJYERVOAGfa2uV/LpNOCyzcy
t2rcRR5nPtoGHpV+Uw/SW24i9iI0mYye0qmAg87THvYRE6MT29c1fDPsfMattaSb
mArY37iZc/2S14p7ht/bXfQorFVn2yXGIEHeWKym+Kq1IHs3qNJz3FtNZ1eebo3t
CGYJZTeoyygluy7pmGrUN/39fgesTfccnlB9siVpDTB4VokBIgQQAQgADAUCXMbt
AgUDABJ1AAAKCRCXELibyletfHlRCACvKglMlTvfNJQSjAdAxdbncr9hUA43uc9j
LNfto3S0AYTaFm5cau3yei35V4mDuTmavpjTH039zdQ1TpGPwlu2a6RShfgx9Kmb
Qq9byOuSvC5AHZUamaY1iaU6I0JcC/XfLoMmuarYasnZTjSLNXBwVh0tbPXtFY4J
ob/bEx0uOXDQ4LFv5PQP3d9OqYRsNzFftMFJBqmOuqBKlYUW9AB018BM/vyL2jR3
EWJfFoxJe33mEHxxURSyQ/Wj5Wov2CnBytKOlTSBHBDXNhXbz3wPv6ald4XGbk2x
zPx8qyv5qUZMENjksx9BgPmdfKWYPZ9u97OS+NnxvqXEMB5JFgyyuQENBFzGz/QB
CADJBKw2/AA3dxqxSyYP9EamoiQyHuNae/80SavptHmqt7O7LY01OihczIa/2DW5
LvJc8UlMGUhacboZ6lW60SZ4iiwknKEXk0MzbRzSDZtLwG7q4+RH/Bkk/SybVGm0
REw1MvTkafkX1n88M7QTqMdOkeJNQ1rpC5cYAclv/cD5lUhSvzI6ewvj0M6GPx5d
qvaB4oz+B2IB+/fGvs+IZUHQHnRIFvTy1Sr6UQQS13Ni4McPRCWS0yhek6au5+bR
6bz0PFC4xOW8vnfF5FQdmy8ScyhpZdhdDV5o97UYk5hC9k5QlXi7KmQNU2Ae7Ir/
MdGW/k7VhTtOTewkLA55pZIVABEBAAGJATwEGAEIACYWIQSby6fLCke/Y6K+lsH1
xkmCxAQX5AUCXMbP9AIbDAUJA8OzrAAKCRD1xkmCxAQX5K+MCACsomGcv503akD0
vH+Re4mtRRVDJYGIZNIdo52gj9o1m4rm3lUoInsfKxkyVWvBQVmwlEErZsA1M39S
cpQIvzDmYYxqui4f8ogy24JvcQNmoJMJlq0hqK3TQRV68qXo18wb1vAwkrUjihXE
nOvLqXDIHZZ3nt0XgR4owAVVMnc7gyV39IZOZ29Q6TRTEnsvoV0+8bYPgrNM7MS5
dTqizEH7YxsL9i8A2XDFKaJUEJ/sg/FD3XDF2jIdGYeBYXfk+FiYolPNmMpsRl8Q
vDtqScr5W/1dgzAUROUpXHHpE+T+YJDELNXXw+FBOqpqKGG00WyVLxQdk5h+qleW
b0sfmPZ3
=jOBj
-----END PGP PUBLIC KEY BLOCK-----

 

This Site

Webstore menu