1

I have two different UICCs with USIM applications installed.

With the first card, I can access the USIM EFs without needing to first select the application if I know the file ID of the ADF (which this particular case is 7FF0).

00 A4 08 0C 04 7FF0 6F07 (select by path from MF)

I found the file ID by looking at the FCP template for the ADF.

SELECT EF-DIR
Command: 00 A4 00 0C 02 2F00
SW:      9000

READ RECORD
Command: 00 B2 00 02 00 (next record)
SW:      6C26
61 18 
    4F 10 A0000000871002FFFFFFFF8903050001 AID
    50 04 5553494D USIM
    
SELECT AID
Command: 00 A4 04 0C 10 A0000000871002FFFFFFFF8903050001
SW:      9000

STATUS (after selecting AID)
Command: 80 F2 01 00 00
SW:      6C38
62 36 
    82 02 7821 File descriptor
    83 02 7FF0 File identifier
    84 10 A0000000871002FFFFFFFF8903050001 DF name (AID)
    8A 01 05 Life cycle indicator
    8B 03 2F0609 Security attributes
    C6 0C PIN status template DO
        90 01 60
        83 01 01
        83 01 81
        83 01 0A
        81 04 00002C48

However, when I try and do the same with the second card, I found that the FCP template does not include a file ID, and I need to first select the application, and then select the EF.

00 A4 04 0C 0C A0000000871002FF49FF0589 (select by DF name)
00 A4 00 0C 02 6F07 (Select by file ID)

SELECT EF-DIR
Command: 00 A4 00 0C 02 2F00
SW:      9000

READ RECORD
Command: 00 B2 00 02 00 (next record)
SW:      6C26
61 14 
    4F 0C A0000000871002FF49FF0589 AID
    50 04 5553494D USIM

SELECT AID
Command: 00 A4 04 0C 0C A0000000871002FF49FF0589
SW:      9000

STATUS (after selecting AID)
Command: 80 F2 01 00 00
SW:      6C2A
62 28 
    82 02 7821 File descriptor
    84 0C A0000000871002FF49FF0589 DF name (AID)
    8A 01 05 Life cycle indicator
    8B 03 2F0601 Security attributes
    C6 0C PIN status template DO
        90 01 A0
        83 01 81
        83 01 01
        83 01 0A

My questions are:

  • Why are the two USIM applications configured differently, where one allows access to the application's files directly by specifying a path from the MF, and the other does not; only allowing access relative to the ADF after first selecting the application?

  • Are there security benefits to not allowing direct access?

  • Does one method better facilitate access to files in a multi-application environment?

Improve this question
2
  • Did you find any answers to your questions? :)
    – Ebrahim Ghasemi
    Commented Nov 20, 2022 at 19:58
  • 1
    @Ebrahim Ghasemi - not yet, and I probably won't be able to look at it again myself for another few weeks.
    – Ron McLeod
    Commented Nov 20, 2022 at 23:07

1 Answer 1

Reset to default
1

The definition of an explicit FID for ADF USIM (such as '7FF0') is not mandatory. And there is no standard FID reserved for it. If no explicit FID has been defined, ADF USIM shall initially be selected through its AID. But once it has been selected, '7FFF' implicit FID can be used as it refers to the "current selected application".

Improve this answer

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Not the answer you're looking for? Browse other questions tagged or ask your own question.