SIM: several fixes

docs/sim.html

@@ -344,7 +344,7 @@ I prefer the mini SIM and use an adapter card for larger phones.
 <p>
 The original ATTINY85 (1) is shown upside down.
 Bend the legs straight and shorten them, so they still fit into a programmer's socket. (2)
-The use P400 sand paper to sand off the bottom of the case until you reach copper plate. (3)
+Use P400 sand paper to sand off the bottom of the chip's case, until you reach the copper plate. (3)
 Make a hole into the PBC and solder the chip upside down into that hole.
 Pin 1 is marked on the PCB.
 </p>
@@ -416,7 +416,7 @@ You may want to use a PIN to select the card whenever you turn on the phone.
 Use the phone to enable a PIN that does not start with "000".
 When you restart your phone, you may enter that PIN, to select the first card.
 Alternatively you may enter the PIN 0000 or 0001, to select the first card, no matter what the PIN was.
-Or you may enter the PIN 0002 .. 0008, to select second to eight card.
+Or you may enter the PIN 0002 .. 0008, to select second to eighth card.
 </p>
 
 <p>
@@ -425,7 +425,7 @@ In order to do that, you need to set a PIN, so the phone will ask for a PIN when
 Choose any PIN you like, but not a PIN stat starts with 000.
 Turn on the phone and you will be asked for a PIN.
 Enter the PIN 9991 to alter the first subscriber data.
-Enter the PIN 9992 .. 9998 to alter second to eigtht subscriber data.
+Enter the PIN 9992 .. 9998 to alter second to eighth subscriber data.
 The subscriber data is shown in the telephone directory and can be altered by changing the numbers in that directory.
 </p>
 
@@ -458,10 +458,10 @@ To program one of the following service cards, change the subscriber data to the
 <table class="sim">
 <tr><th>Type</th><th>FUTLN =<br>Subscriber</th><th>Sicherungs-<br>code</th><th>Karten-<br>kennung</th><th>Sonderheiten-<br>schl&uuml;ssel</th><th>Wartungs-<br>schl&uuml;ssel</th></tr>
 <tr><td>Siemens C5<br>service mode</td><td>-</td><td>-</td><td>-</td><td>900</td><td>1000</td></tr>
-<tr><td>Phillips Miniporty<br>service mode</td><td>-</td><td>-</td><td>-</td><td>900</td><td>1000</td></tr>
-<tr><td>Phillips Miniporty<br>cell monitor</td><td>-</td><td>-</td><td>-</td><td>900</td><td>1728 or<br>2729</td></tr>
-<tr><td>Phillips Porty<br>service mode</td><td>0</td><td>0</td><td>0</td><td>2304</td><td>-</td></tr>
-<tr><td>Phillips Porty<br>cell monitor</td><td>-</td><td>-</td><td>-</td><td>898</td><td>-</td></tr>
+<tr><td>Philips Miniporty<br>service mode</td><td>-</td><td>-</td><td>-</td><td>900</td><td>1000</td></tr>
+<tr><td>Philips Miniporty<br>cell monitor</td><td>-</td><td>-</td><td>-</td><td>900</td><td>1728 or<br>2729</td></tr>
+<tr><td>Philips Porty<br>service mode</td><td>0</td><td>0</td><td>0</td><td>2304</td><td>-</td></tr>
+<tr><td>Philips Porty<br>cell monitor</td><td>-</td><td>-</td><td>-</td><td>898</td><td>-</td></tr>
 </table>
 </p>
 

src/sim/main.c

@@ -28,6 +28,7 @@
 #include <errno.h>
 #include <math.h>
 #include <unistd.h>
+#include <inttypes.h>
 #include <sys/time.h>
 #include "../libdebug/debug.h"
 #include "../liboptions/options.h"
@@ -101,7 +102,7 @@ void print_help(const char *arg0)
 	printf(" -A --authenticate 0x...\n");
 	printf("        Give 64 Bit value for authentication response. (default = all bits 1)\n");
 	printf("\nCommands are:\n");
-	printf("        sniff - To passively sniff ATR and message\n");
+	printf("        sniff - To passively sniff SIM card communication\n");
 	printf("        sim - To simulate a SIM card\n");
 }
 
@@ -225,7 +226,7 @@ size_t eeprom_length(void)
 
 int main_loop(serial_t *serial, int sniffer)
 {
-	int rc, cts, last_cts = 0;
+	int rc, cts = 0, last_cts = 0;
 	uint8_t byte;
 	int skip_bytes = 0;
 	int work = 0;
@@ -333,7 +334,7 @@ int main(int argc, char *argv[])
 	debuglevel = DEBUG_INFO;
 
 	add_options();
-	rc = options_config_file("~/.osmocom/analog/simsim.conf", handle_options);
+	rc = options_config_file("~/.osmocom/analog/sim.conf", handle_options);
 	if (rc < 0)
 		return 0;
 
@@ -423,7 +424,7 @@ int main(int argc, char *argv[])
 	} else if (!strcmp(argv[argi], "sim")) {
 		sniffer = 0;
 	} else {
-		fprintf(stderr, "Unknown command '%s', use '-h' for help!\n", argv[argi]);
+		print_help(argv[0]);
 		return -EINVAL;
 	}
 
@@ -441,6 +442,13 @@ int main(int argc, char *argv[])
 		print_image();
 		decode_ebdt(ebdt_data, temp[0], temp[1], temp[2], temp[3], temp[4]);
 		printf("FUTLN=%s, Sicherungscode=%s, Kartekennung=%s, Sonderheitenschluessel=%s, Wartungsschluessel=%s\n", temp[0], temp[1], temp[2], temp[3], temp[4]);
+		for (i = 0; i < 8; i++)
+			temp[0][i] = eeprom_read(EEPROM_PIN_DATA + i);
+		temp[0][(eeprom_read(EEPROM_FLAGS) >> EEPROM_FLAG_PIN_LEN) & 0xf] = '\0';
+		uint64_t auth_value = 0;
+		for (i = 0; i < 8; i++)
+			auth_value |= eeprom_read(EEPROM_AUTH_DATA + i) << (8 * (7 - i));
+		printf("PIN=%s, auth response=0x%016" PRIx64 "\n", temp[0], auth_value);
 		printf("Telephone directory has %d entries.\n", directory_size() - 1);
 		for (i = 0; i < directory_size() - 1; i++) {
 			uint8_t data[24];

src/sim/sim.c

@@ -472,21 +472,21 @@ static void sl_appl(sim_sim_t *sim, uint8_t *data, int length)
 
 	PDEBUG(DSIM7, DEBUG_INFO, " SL-APPL app %d\n", app);
 
-	/* if PIN is required */
-	if (sim->pin_required) {
-		return_pin_not_ok(sim);
-		return;
-	}
-
-	/* check application */
+	/* check and set application */
 	if (app != APP_NETZ_C && app != APP_RUFN_GEBZ) {
 		PDEBUG(DSIM7, DEBUG_NOTICE, "SL-APPL invalid app %d\n", sim->app);
 		return_error(sim);
 		return;
 	}
+	sim->app = app;
+
+	/* if PIN is required, we request it, but we've already selected the app */
+	if (sim->pin_required) {
+		return_pin_not_ok(sim);
+		return;
+	}
 
 	/* respond */
-	sim->app = app;
 	data = alloc_msg(sim, 0);
 	tx_sdu(sim, 0, data, 0);
 }
@@ -913,7 +913,7 @@ static void aut_1(sim_sim_t *sim)
 	uint8_t *data;
 	int i;
 
-	PDEBUG(DSIM7, DEBUG_INFO, " RD-EBDT\n");
+	PDEBUG(DSIM7, DEBUG_INFO, " AUTH-1\n");
 
 	/* respond */
 	data = alloc_msg(sim, 1);
@@ -1337,7 +1337,10 @@ int sim_init_eeprom(void)
 	eeprom_write(EEPROM_FLAGS, (strlen(PIN_DEFAULT) << EEPROM_FLAG_PIN_LEN) | (MAX_PIN_TRY << EEPROM_FLAG_PIN_TRY));
 	for (i = 0; i < (int)strlen(PIN_DEFAULT); i++)
 		eeprom_write(EEPROM_PIN_DATA + i, PIN_DEFAULT[i]);
+	for (i = 0; i < 8; i++)
+		eeprom_write(EEPROM_AUTH_DATA + i, AUTH_DEFAULT >> ((7 - i) * 8));
 
+	/* now write magic characters to identify virgin or initialized EEPROM */
 	eeprom_write(EEPROM_MAGIC + 0, 'C');
 	eeprom_write(EEPROM_MAGIC + 1, '0' + EEPROM_VERSION);
 

src/sim/sim.h

@@ -5,7 +5,7 @@
 #define SONDER_DEFAULT		"0"
 #define WARTUNG_DEFAULT		"65535"
 #define PIN_DEFAULT		"0000"
-#define AUTH_DEFAULT		"0xffffffffffffffff"
+#define AUTH_DEFAULT		((uint64_t)0x000000000badefee)
 
 enum l1_state {
 	L1_STATE_RESET = 0,	/* reset is held */