Harald Welte | 94e8735 | 2021-04-02 13:38:00 +0200 | [diff] [blame] | 1 | pySim-shell |
| 2 | =========== |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 3 | |
| 4 | pySim-shell is an interactive command line shell for all kind of interactions with SIM cards. |
| 5 | |
| 6 | The interactive shell provides command for |
| 7 | |
| 8 | * navigating the on-card filesystem hierarchy |
| 9 | * authenticating with PINs such as ADM1 |
| 10 | * CHV/PIN management (VERIFY, ENABLE, DISABLE, UNBLOCK) |
| 11 | * decoding of SELECT response (file control parameters) |
| 12 | * reading and writing of files and records in raw, hex-encoded binary format |
| 13 | * for some files where related support has been developed: |
| 14 | |
| 15 | * decoded reading (display file data in JSON format) |
| 16 | * decoded writing (encode from JSON to binary format, then write) |
| 17 | |
| 18 | By means of using the python ``cmd2`` module, various useful features improve usability: |
| 19 | |
| 20 | * history of commands (persistent across restarts) |
| 21 | * output re-direction to files on your computer |
| 22 | * output piping through external tools like 'grep' |
| 23 | * tab completion of commands and SELECT-able files/directories |
| 24 | * interactive help for all commands |
| 25 | |
Harald Welte | f2e761c | 2021-04-11 11:56:44 +0200 | [diff] [blame] | 26 | Running pySim-shell |
| 27 | ------------------- |
| 28 | |
| 29 | pySim-shell has a variety of command line arguments to control |
| 30 | |
| 31 | * which transport to use (how to use a reader to talk to the SIM card) |
| 32 | * whether to automatically verify an ADM pin (and in which format) |
| 33 | * whether to execute a start-up script |
| 34 | |
| 35 | .. argparse:: |
| 36 | :module: pySim-shell |
| 37 | :func: option_parser |
| 38 | |
| 39 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 40 | |
| 41 | cmd2 basics |
| 42 | ----------- |
| 43 | |
| 44 | FIXME |
| 45 | |
| 46 | |
| 47 | |
| 48 | ISO7816 commands |
| 49 | ---------------- |
| 50 | |
| 51 | This category of commands relates to commands that originate in the ISO 7861-4 specifications, |
| 52 | most of them have a 1:1 resemblance in the specification. |
| 53 | |
| 54 | select |
| 55 | ~~~~~~ |
| 56 | |
| 57 | The ``select`` command is used to select a file, either by its FID, AID or by its symbolic name. |
| 58 | |
| 59 | Try ``select`` with tab-completion to get a list of all current selectable items: |
| 60 | |
| 61 | :: |
| 62 | |
| 63 | pySIM-shell (MF)> select |
| 64 | .. 2fe2 a0000000871004 EF.ARR MF |
| 65 | 2f00 3f00 ADF.ISIM EF.DIR |
| 66 | 2f05 7f10 ADF.USIM EF.ICCID |
| 67 | 2f06 7f20 DF.GSM EF.PL |
| 68 | 2f08 a0000000871002 DF.TELECOM EF.UMPC |
| 69 | |
| 70 | Use ``select`` with a specific FID or name to select the new file. |
| 71 | |
| 72 | This will |
| 73 | |
| 74 | * output the [JSON decoded, if possible] select response |
| 75 | * change the prompt to the newly selected file |
| 76 | * enable any commands specific to the newly-selected file |
| 77 | |
| 78 | :: |
| 79 | |
| 80 | pySIM-shell (MF)> select ADF.USIM |
| 81 | { |
| 82 | "file_descriptor": { |
Harald Welte | 747a978 | 2022-02-13 17:52:28 +0100 | [diff] [blame^] | 83 | "file_descriptor_byte": { |
| 84 | "shareable": true, |
| 85 | "file_type": "df", |
| 86 | "structure": "no_info_given" |
| 87 | } |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 88 | }, |
| 89 | "df_name": "A0000000871002FFFFFFFF8907090000", |
| 90 | "proprietary_info": { |
| 91 | "uicc_characteristics": "71", |
| 92 | "available_memory": 101640 |
| 93 | }, |
| 94 | "life_cycle_status_int": "operational_activated", |
| 95 | "security_attrib_compact": "00", |
| 96 | "pin_status_template_do": "90017083010183018183010A83010B" |
| 97 | } |
| 98 | pySIM-shell (MF/ADF.USIM)> |
| 99 | |
| 100 | |
| 101 | |
| 102 | change_chv |
| 103 | ~~~~~~~~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 104 | .. argparse:: |
| 105 | :module: pySim-shell |
| 106 | :func: Iso7816Commands.change_chv_parser |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 107 | |
| 108 | |
| 109 | disable_chv |
| 110 | ~~~~~~~~~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 111 | .. argparse:: |
| 112 | :module: pySim-shell |
| 113 | :func: Iso7816Commands.disable_chv_parser |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 114 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 115 | |
| 116 | enable_chv |
| 117 | ~~~~~~~~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 118 | .. argparse:: |
| 119 | :module: pySim-shell |
| 120 | :func: Iso7816Commands.enable_chv_parser |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 121 | |
| 122 | |
| 123 | unblock_chv |
| 124 | ~~~~~~~~~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 125 | .. argparse:: |
| 126 | :module: pySim-shell |
| 127 | :func: Iso7816Commands.unblock_chv_parser |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 128 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 129 | |
| 130 | verify_chv |
| 131 | ~~~~~~~~~~ |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 132 | This command allows you to verify a CHV (PIN), which is how the specifications call |
| 133 | it if you authenticate yourself with the said CHV/PIN. |
| 134 | |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 135 | .. argparse:: |
| 136 | :module: pySim-shell |
| 137 | :func: Iso7816Commands.verify_chv_parser |
| 138 | |
Harald Welte | a463161 | 2021-04-10 18:17:55 +0200 | [diff] [blame] | 139 | deactivate_file |
| 140 | ~~~~~~~~~~~~~~~ |
| 141 | Deactivate the currently selected file. This used to be called INVALIDATE in TS 11.11. |
| 142 | |
| 143 | |
| 144 | activate_file |
| 145 | ~~~~~~~~~~~~~ |
| 146 | Activate the currently selected file. This used to be called REHABILITATE in TS 11.11. |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 147 | |
Harald Welte | 703f933 | 2021-04-10 18:39:32 +0200 | [diff] [blame] | 148 | open_channel |
| 149 | ~~~~~~~~~~~~ |
| 150 | .. argparse:: |
| 151 | :module: pySim-shell |
| 152 | :func: Iso7816Commands.open_chan_parser |
| 153 | |
| 154 | close_channel |
| 155 | ~~~~~~~~~~~~~ |
| 156 | .. argparse:: |
| 157 | :module: pySim-shell |
| 158 | :func: Iso7816Commands.close_chan_parser |
| 159 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 160 | |
Harald Welte | ec95053 | 2021-10-20 13:09:00 +0200 | [diff] [blame] | 161 | suspend_uicc |
| 162 | ~~~~~~~~~~~~ |
| 163 | This command allows you to perform the SUSPEND UICC command on the card. This is a relatively |
| 164 | recent power-saving addition to the UICC specifications, allowing for suspend/resume while maintaining |
| 165 | state, as opposed to a full power-off (deactivate) and power-on (activate) of the card. |
| 166 | |
| 167 | The pySim command just sends that SUSPEND UICC command and doesn't perform the full related sequence |
| 168 | including the electrical power down. |
| 169 | |
| 170 | .. argparse:: |
| 171 | :module: pySim-shell |
| 172 | :func: Iso7816Commands.suspend_uicc_parser |
| 173 | |
| 174 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 175 | pySim commands |
| 176 | -------------- |
| 177 | |
| 178 | Commands in this category are pySim specific; they do not have a 1:1 correspondence to ISO 7816 |
| 179 | or 3GPP commands. Mostly they will operate either only on local (in-memory) state, or execute |
| 180 | a complex sequence of card-commands. |
| 181 | |
| 182 | desc |
| 183 | ~~~~ |
| 184 | |
| 185 | Display human readable file description for the currently selected file. |
| 186 | |
| 187 | |
| 188 | dir |
| 189 | ~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 190 | .. argparse:: |
| 191 | :module: pySim-shell |
| 192 | :func: PySimCommands.dir_parser |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 193 | |
| 194 | |
| 195 | export |
| 196 | ~~~~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 197 | .. argparse:: |
| 198 | :module: pySim-shell |
| 199 | :func: PySimCommands.export_parser |
| 200 | |
Harald Welte | bd02f84 | 2021-10-21 14:40:39 +0200 | [diff] [blame] | 201 | Please note that `export` works relative to the current working |
| 202 | directory, so if you are in `MF`, then the export will contain all known |
| 203 | files on the card. However, if you are in `ADF.ISIM`, only files below |
| 204 | that ADF will be part of the export. |
| 205 | |
| 206 | Furthermore, it is strongly advised to first enter the ADM1 pin |
| 207 | (`verify_adm`) to maximize the chance of having permission to read |
| 208 | all/most files. |
| 209 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 210 | |
| 211 | tree |
| 212 | ~~~~ |
Harald Welte | 7743c20 | 2021-05-03 23:30:11 +0200 | [diff] [blame] | 213 | |
| 214 | Display a tree of the card filesystem. It is important to note that this displays a tree |
| 215 | of files that might potentially exist (based on the card profile). In order to determine if |
| 216 | a given file really exists on a given card, you have to try to select that file. |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 217 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 218 | |
| 219 | verify_adm |
| 220 | ~~~~~~~~~~ |
Harald Welte | 7743c20 | 2021-05-03 23:30:11 +0200 | [diff] [blame] | 221 | |
| 222 | Verify the ADM (Administrator) PIN specified as argument. This is typically needed in order |
| 223 | to get write/update permissions to most of the files on SIM cards. |
| 224 | |
| 225 | Currently only ADM1 is supported. |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 226 | |
| 227 | |
Harald Welte | daf2b39 | 2021-05-03 23:17:29 +0200 | [diff] [blame] | 228 | reset |
| 229 | ~~~~~ |
Harald Welte | daf2b39 | 2021-05-03 23:17:29 +0200 | [diff] [blame] | 230 | Perform card reset and display the card ATR. |
| 231 | |
Harald Welte | bd02f84 | 2021-10-21 14:40:39 +0200 | [diff] [blame] | 232 | intro |
| 233 | ~~~~~ |
| 234 | [Re-]Display the introductory banner |
| 235 | |
| 236 | |
| 237 | equip |
| 238 | ~~~~~ |
| 239 | Equip pySim-shell with a card; particularly useful if the program was |
| 240 | started before a card was present, or after a card has been replaced by |
| 241 | the user while pySim-shell was kept running. |
| 242 | |
| 243 | bulk_script |
| 244 | ~~~~~~~~~~~ |
| 245 | .. argparse:: |
| 246 | :module: pySim-shell |
| 247 | :func: PysimApp.bulk_script_parser |
| 248 | |
| 249 | Run a script for bulk-provisioning of multiple cards. |
| 250 | |
| 251 | |
| 252 | echo |
| 253 | ~~~~ |
| 254 | .. argparse:: |
| 255 | :module: pySim-shell |
| 256 | :func: PysimApp.echo_parser |
| 257 | |
| 258 | |
Harald Welte | daf2b39 | 2021-05-03 23:17:29 +0200 | [diff] [blame] | 259 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 260 | Linear Fixed EF commands |
| 261 | ------------------------ |
| 262 | |
| 263 | These commands become enabled only when your currently selected file is of *Linear Fixed EF* type. |
| 264 | |
| 265 | read_record |
| 266 | ~~~~~~~~~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 267 | .. argparse:: |
| 268 | :module: pySim.filesystem |
| 269 | :func: LinFixedEF.ShellCommands.read_rec_parser |
| 270 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 271 | |
| 272 | read_record_decoded |
| 273 | ~~~~~~~~~~~~~~~~~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 274 | .. argparse:: |
| 275 | :module: pySim.filesystem |
| 276 | :func: LinFixedEF.ShellCommands.read_rec_dec_parser |
| 277 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 278 | |
Harald Welte | 850b72a | 2021-04-07 09:33:03 +0200 | [diff] [blame] | 279 | read_records |
| 280 | ~~~~~~~~~~~~ |
| 281 | .. argparse:: |
| 282 | :module: pySim.filesystem |
| 283 | :func: LinFixedEF.ShellCommands.read_recs_parser |
| 284 | |
| 285 | |
| 286 | read_records_decoded |
| 287 | ~~~~~~~~~~~~~~~~~~~~ |
| 288 | .. argparse:: |
| 289 | :module: pySim.filesystem |
| 290 | :func: LinFixedEF.ShellCommands.read_recs_dec_parser |
| 291 | |
| 292 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 293 | update_record |
| 294 | ~~~~~~~~~~~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 295 | .. argparse:: |
| 296 | :module: pySim.filesystem |
| 297 | :func: LinFixedEF.ShellCommands.upd_rec_parser |
| 298 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 299 | |
| 300 | update_record_decoded |
| 301 | ~~~~~~~~~~~~~~~~~~~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 302 | .. argparse:: |
| 303 | :module: pySim.filesystem |
| 304 | :func: LinFixedEF.ShellCommands.upd_rec_dec_parser |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 305 | |
| 306 | |
Harald Welte | 4145d3c | 2021-04-08 20:34:13 +0200 | [diff] [blame] | 307 | edit_record_decoded |
| 308 | ~~~~~~~~~~~~~~~~~~~ |
| 309 | .. argparse:: |
| 310 | :module: pySim.filesystem |
| 311 | :func: LinFixedEF.ShellCommands.edit_rec_dec_parser |
| 312 | |
| 313 | This command will read the selected record, decode it to its JSON representation, save |
| 314 | that JSON to a temporary file on your computer, and launch your configured text editor. |
| 315 | |
| 316 | You may then perform whatever modifications to the JSON representation, save + leave your |
| 317 | text editor. |
| 318 | |
| 319 | Afterwards, the modified JSON will be re-encoded to the binary format, and the result written |
| 320 | back to the record on the SIM card. |
| 321 | |
| 322 | This allows for easy interactive modification of records. |
| 323 | |
| 324 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 325 | |
| 326 | Transparent EF commands |
| 327 | ----------------------- |
| 328 | |
| 329 | These commands become enabled only when your currently selected file is of *Transparent EF* type. |
| 330 | |
| 331 | |
| 332 | read_binary |
| 333 | ~~~~~~~~~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 334 | .. argparse:: |
| 335 | :module: pySim.filesystem |
| 336 | :func: TransparentEF.ShellCommands.read_bin_parser |
| 337 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 338 | |
| 339 | read_binary_decoded |
| 340 | ~~~~~~~~~~~~~~~~~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 341 | .. argparse:: |
| 342 | :module: pySim.filesystem |
| 343 | :func: TransparentEF.ShellCommands.read_bin_dec_parser |
| 344 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 345 | |
| 346 | update_binary |
| 347 | ~~~~~~~~~~~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 348 | .. argparse:: |
| 349 | :module: pySim.filesystem |
| 350 | :func: TransparentEF.ShellCommands.upd_bin_parser |
| 351 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 352 | |
| 353 | update_binary_decoded |
| 354 | ~~~~~~~~~~~~~~~~~~~~~ |
Harald Welte | d36f694 | 2021-04-04 14:37:55 +0200 | [diff] [blame] | 355 | .. argparse:: |
| 356 | :module: pySim.filesystem |
| 357 | :func: TransparentEF.ShellCommands.upd_bin_dec_parser |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 358 | |
Harald Welte | 0d4e98a | 2021-04-07 00:14:40 +0200 | [diff] [blame] | 359 | In normal operation, update_binary_decoded needs a JSON document representing the entire file contents as |
| 360 | input. This can be inconvenient if you want to keep 99% of the content but just toggle one specific |
| 361 | parameter. That's where the JSONpath support comes in handy: You can specify a JSONpath to an element |
| 362 | inside the document as well as a new value for tat field: |
| 363 | |
| 364 | Th below example demonstrates this by modifying the ofm field within EF.AD: |
| 365 | |
| 366 | :: |
| 367 | |
| 368 | pySIM-shell (MF/ADF.USIM/EF.AD)> read_binary_decoded |
| 369 | { |
| 370 | "ms_operation_mode": "normal", |
| 371 | "specific_facilities": { |
| 372 | "ofm": true |
| 373 | }, |
| 374 | "len_of_mnc_in_imsi": 2 |
| 375 | } |
| 376 | pySIM-shell (MF/ADF.USIM/EF.AD)> update_binary_decoded --json-path specific_facilities.ofm false |
| 377 | pySIM-shell (MF/ADF.USIM/EF.AD)> read_binary_decoded |
| 378 | { |
| 379 | "ms_operation_mode": "normal", |
| 380 | "specific_facilities": { |
| 381 | "ofm": false |
| 382 | }, |
| 383 | "len_of_mnc_in_imsi": 2 |
| 384 | } |
| 385 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 386 | |
Harald Welte | 4145d3c | 2021-04-08 20:34:13 +0200 | [diff] [blame] | 387 | edit_binary_decoded |
| 388 | ~~~~~~~~~~~~~~~~~~~ |
| 389 | This command will read the selected binary EF, decode it to its JSON representation, save |
| 390 | that JSON to a temporary file on your computer, and launch your configured text editor. |
| 391 | |
| 392 | You may then perform whatever modifications to the JSON representation, save + leave your |
| 393 | text editor. |
| 394 | |
| 395 | Afterwards, the modified JSON will be re-encoded to the binary format, and the result written |
| 396 | to the SIM card. |
| 397 | |
| 398 | This allows for easy interactive modification of file contents. |
| 399 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 400 | |
Harald Welte | 917d98c | 2021-04-21 11:51:25 +0200 | [diff] [blame] | 401 | |
| 402 | BER-TLV EF commands |
| 403 | ------------------- |
| 404 | |
| 405 | BER-TLV EFs are files that contain BER-TLV structured data. Every file can contain any number |
| 406 | of variable-length IEs (DOs). The tag within a BER-TLV EF must be unique within the file. |
| 407 | |
| 408 | The commands below become enabled only when your currently selected file is of *BER-TLV EF* type. |
| 409 | |
| 410 | retrieve_tags |
| 411 | ~~~~~~~~~~~~~ |
| 412 | |
| 413 | Retrieve a list of all tags present in the currently selected file. |
| 414 | |
| 415 | |
| 416 | retrieve_data |
| 417 | ~~~~~~~~~~~~~ |
| 418 | .. argparse:: |
| 419 | :module: pySim.filesystem |
| 420 | :func: BerTlvEF.ShellCommands.retrieve_data_parser |
| 421 | |
| 422 | |
| 423 | set_data |
| 424 | ~~~~~~~~ |
| 425 | .. argparse:: |
| 426 | :module: pySim.filesystem |
| 427 | :func: BerTlvEF.ShellCommands.set_data_parser |
| 428 | |
| 429 | |
| 430 | del_data |
| 431 | ~~~~~~~~ |
| 432 | .. argparse:: |
| 433 | :module: pySim.filesystem |
| 434 | :func: BerTlvEF.ShellCommands.del_data_parser |
| 435 | |
| 436 | |
| 437 | |
Harald Welte | 15fae98 | 2021-04-10 10:22:27 +0200 | [diff] [blame] | 438 | USIM commands |
| 439 | ------------- |
| 440 | |
| 441 | authenticate |
| 442 | ~~~~~~~~~~~~ |
| 443 | .. argparse:: |
| 444 | :module: pySim.ts_31_102 |
| 445 | :func: ADF_USIM.AddlShellCommands.authenticate_parser |
| 446 | |
| 447 | |
Harald Welte | 95ce6b1 | 2021-10-20 18:40:54 +0200 | [diff] [blame] | 448 | ARA-M commands |
| 449 | -------------- |
| 450 | |
| 451 | The ARA-M commands exist to manage the access rules stored in an ARA-M applet on the card. |
| 452 | |
| 453 | ARA-M in the context of SIM cards is primarily used to enable Android UICC Carrier Privileges, |
| 454 | please see https://source.android.com/devices/tech/config/uicc for more details on the background. |
| 455 | |
| 456 | |
| 457 | aram_get_all |
| 458 | ~~~~~~~~~~~~ |
| 459 | |
| 460 | Obtain and decode all access rules from the ARA-M applet on the card. |
| 461 | |
| 462 | NOTE: if the total size of the access rules exceeds 255 bytes, this command will fail, as |
| 463 | it doesn't yet implement fragmentation/reassembly on rule retrieval. YMMV |
| 464 | |
| 465 | :: |
| 466 | |
| 467 | pySIM-shell (MF/ADF.ARA-M)> aram_get_all |
| 468 | [ |
| 469 | { |
| 470 | "ResponseAllRefArDO": [ |
| 471 | { |
| 472 | "RefArDO": [ |
| 473 | { |
| 474 | "RefDO": [ |
| 475 | { |
| 476 | "AidRefDO": "ffffffffffff" |
| 477 | }, |
| 478 | { |
| 479 | "DevAppIdRefDO": "e46872f28b350b7e1f140de535c2a8d5804f0be3" |
| 480 | } |
| 481 | ] |
| 482 | }, |
| 483 | { |
| 484 | "ArDO": [ |
| 485 | { |
| 486 | "ApduArDO": { |
| 487 | "generic_access_rule": "always" |
| 488 | } |
| 489 | }, |
| 490 | { |
| 491 | "PermArDO": { |
| 492 | "permissions": "0000000000000001" |
| 493 | } |
| 494 | } |
| 495 | ] |
| 496 | } |
| 497 | ] |
| 498 | } |
| 499 | ] |
| 500 | } |
| 501 | ] |
| 502 | |
| 503 | aram_get_config |
| 504 | ~~~~~~~~~~~~~~~ |
| 505 | Perform Config handshake with ARA-M applet: Tell it our version and retrieve its version. |
| 506 | |
| 507 | NOTE: Not supported in all ARA-M implementations. |
| 508 | |
| 509 | .. argparse:: |
| 510 | :module: pySim.ara_m |
| 511 | :func: ADF_ARAM.AddlShellCommands.get_config_parser |
| 512 | |
| 513 | |
| 514 | aram_store_ref_ar_do |
| 515 | ~~~~~~~~~~~~~~~~~~~~ |
| 516 | Store a [new] access rule on the ARA-M applet. |
| 517 | |
| 518 | .. argparse:: |
| 519 | :module: pySim.ara_m |
| 520 | :func: ADF_ARAM.AddlShellCommands.store_ref_ar_do_parse |
| 521 | |
| 522 | For example, to store an Android UICC carrier privilege rule for the SHA1 hash of the certificate used to sign the CoIMS android app of Supreeth Herle (https://github.com/herlesupreeth/CoIMS_Wiki) you can use the following command: |
| 523 | |
| 524 | :: |
| 525 | |
| 526 | pySIM-shell (MF/ADF.ARA-M)> aram_store_ref_ar_do --aid FFFFFFFFFFFF --device-app-id E46872F28B350B7E1F140DE535C2A8D5804F0BE3 --android-permissions 0000000000000001 --apdu-always |
| 527 | |
| 528 | |
| 529 | aram_delete_all |
| 530 | ~~~~~~~~~~~~~~~ |
| 531 | This command will request deletion of all access rules stored within the |
| 532 | ARA-M applet. Use it with caution, there is no undo. Any rules later |
| 533 | intended must be manually inserted again using `aram_store_ref_ar_do` |
| 534 | |
| 535 | |
Harald Welte | 15fae98 | 2021-04-10 10:22:27 +0200 | [diff] [blame] | 536 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 537 | cmd2 settable parameters |
| 538 | ------------------------ |
| 539 | |
| 540 | ``cmd2`` has the concept of *settable parameters* which act a bit like environment variables in an OS-level |
| 541 | shell: They can be read and set, and they will influence the behavior somehow. |
| 542 | |
| 543 | conserve_write |
| 544 | ~~~~~~~~~~~~~~ |
| 545 | |
| 546 | If enabled, pySim will (when asked to write to a card) always first read the respective file/record and |
| 547 | verify if the to-be-written value differs from the current on-card value. If not, the write will be skipped. |
| 548 | Writes will only be performed if the new value is different from the current on-card value. |
| 549 | |
| 550 | If disabled, pySim will always write irrespective of the current/new value. |
| 551 | |
Harald Welte | 1748b93 | 2021-04-06 21:12:25 +0200 | [diff] [blame] | 552 | json_pretty_print |
| 553 | ~~~~~~~~~~~~~~~~~ |
| 554 | |
| 555 | This parameter determines if generated JSON output should (by default) be pretty-printed (multi-line |
| 556 | output with indent level of 4 spaces) or not. |
| 557 | |
| 558 | The default value of this parameter is 'true'. |
| 559 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 560 | debug |
| 561 | ~~~~~ |
| 562 | |
| 563 | If enabled, full python back-traces will be displayed in case of exceptions |
| 564 | |
Harald Welte | 7829d8a | 2021-04-10 11:28:53 +0200 | [diff] [blame] | 565 | apdu_trace |
| 566 | ~~~~~~~~~~ |
| 567 | |
| 568 | Boolean variable that determines if a hex-dump of the command + response APDU shall be printed. |
| 569 | |
Harald Welte | be9516f | 2021-04-03 11:30:10 +0200 | [diff] [blame] | 570 | numeric_path |
| 571 | ~~~~~~~~~~~~ |
| 572 | |
| 573 | Boolean variable that determines if path (e.g. in prompt) is displayed with numeric FIDs or string names. |
| 574 | |
| 575 | :: |
| 576 | |
| 577 | pySIM-shell (MF/EF.ICCID)> set numeric_path True |
| 578 | numeric_path - was: False |
| 579 | now: True |
| 580 | pySIM-shell (3f00/2fe2)> set numeric_path False |
| 581 | numeric_path - was: True |
| 582 | now: False |
| 583 | pySIM-shell (MF/EF.ICCID)> help set |