APDU笔记

image

 

APDU指令格式

命令格式:
+CSIM=<length>,<command>

响应:
+CSIM: <length>,<response>

 获取ICCID

标准AT指令

[2025-09-16 10:17:03.807]# SEND ASCII>
AT+CCID


[2025-09-16 10:17:03.874]# RECV ASCII>
AT+CCID
+CCID: 898604C4192220253389

OK

 

底层APDU指令 - 读取ICCID

# 组包可以参考ISO/IEC 7816文档,3GPP文档。
# 1、选定文件读取ICCID
# CLA :00 
# SELECT :A4
# P1 :08
# P2 :04
# Lc :02
# data :2FE2
# Le :0A (期望返回的长度)

APDU串:00A40804022FE20A

# 2、读取文件内容
# CLA :00 
# READ BINARY :B0
# P1 :00
# P2 :00
# Le :0A (ICCID 长度)

APDU串:00B000000A


[2025-09-16 10:17:14.639]# SEND ASCII>
AT+CSIM=16,"00A40804022FE20A"

 

[2025-09-16 10:17:14.703]# RECV ASCII>
AT+CSIM=16,"00A40804022FE20A"
+CSIM: 4,"6119"

OK


[2025-09-16 10:17:31.224]# SEND ASCII>
AT+CSIM=10,"00B000000A"


[2025-09-16 10:17:31.274]# RECV ASCII>
AT+CSIM=10,"00B000000A"
+CSIM: 24,"9868404C9122025233989000"

OK

数据处理-> 898604C4192220253389

 

 

获取IMSI



标准AT指令


[2025-09-16 10:37:45.868]# SEND ASCII>
AT+CIMI



[2025-09-16 10:37:45.918]# RECV ASCII>
AT+CIMI




460084492003389




OK




底层APDU指令 - 读取IMSI
# 1、选定DF(GSM)文件
# CLA		:00 
# SELECT 	:A4
# P1		:00 
# P2		:00
# Lc		:02
# data		:7F20 (文件标识id)
APDU串:00A4000C027F20


# 2、选定IMSI文件
# 1、选定DF(GSM)文件
# CLA		:00 
# SELECT 	:A4
# P1		:00 
# P2		:04
# Lc		:02
# data		:6F07  (文件标识id)
APDU串:00A40004026F07


# 3、读取IMSI文件
# CLA		:00 
# READ BINARY 	:B0
# P1		:00 
# P2		:00
# Le		:09 (IMSI 长度) 
APDU串:00B0000009



[2025-09-16 10:37:57.565]# SEND ASCII>
AT+CSIM=14,"00A4000C027F20"





[2025-09-16 10:37:57.616]# RECV ASCII>
AT+CSIM=14,"00A4000C027F20"




+CSIM: 4,"6A82"




OK





[2025-09-16 10:38:03.868]# SEND ASCII>
AT+CSIM=14,"00A40004026F07"





[2025-09-16 10:38:03.933]# RECV ASCII>
AT+CSIM=14,"00A40004026F07"




+CSIM: 4,"6119"




OK





[2025-09-16 10:38:08.588]# SEND ASCII>
AT+CSIM=10,"00B0000009"





[2025-09-16 10:38:08.651]# RECV ASCII>
AT+CSIM=10,"00B0000009"




+CSIM: 22,"0849068044290033989000"




OK


 




 使用WireShark对USB的APDU抓包


image


 


eSIM相关




E:\esim\lpa\EasyLPAC-windows-x86_64-with-lpac>lpac.exe profile download -s RSP.BILLIONCONNECT.COM -m F14B1AE5FFC64263AEAEDFBFDE738B37
{"type":"progress","payload":{"code":0,"message":"es10b_get_euicc_challenge_and_info","data":"RSP.BILLIONCONNECT.COM"}}
{"type":"progress","payload":{"code":0,"message":"es9p_initiate_authentication","data":"RSP.BILLIONCONNECT.COM"}}
{"type":"progress","payload":{"code":0,"message":"es10b_authenticate_server","data":"RSP.BILLIONCONNECT.COM"}}
{"type":"progress","payload":{"code":0,"message":"es9p_authenticate_client","data":"RSP.BILLIONCONNECT.COM"}}
{"type":"progress","payload":{"code":0,"message":"es8p_meatadata_parse","data":{"iccid":"89812003919119353839","serviceProviderName":"BillionConnect","profileName":"BillionConnect","iconType":null,"icon":null,"profileClass":"operational"}}}
{"type":"progress","payload":{"code":0,"message":"es10b_prepare_download","data":"RSP.BILLIONCONNECT.COM"}}
{"type":"progress","payload":{"code":0,"message":"es9p_get_bound_profile_package","data":"RSP.BILLIONCONNECT.COM"}}
{"type":"progress","payload":{"code":0,"message":"es10b_load_bound_profile_package","data":"RSP.BILLIONCONNECT.COM"}}
{"type":"lpa","payload":{"code":0,"message":"success","data":null}}

E:\esim\lpa\EasyLPAC-windows-x86_64-with-lpac>lpac.exe profile enable 89812003919119353839
{"type":"lpa","payload":{"code":0,"message":"success","data":null}}

E:\esim\lpa\EasyLPAC-windows-x86_64-with-lpac>lpac.exe profile disable 89812003919119353839
{"type":"lpa","payload":{"code":0,"message":"success","data":null}}

E:\esim\lpa\EasyLPAC-windows-x86_64-with-lpac>lpac.exe profile delete 89812003919119353839
{"type":"lpa","payload":{"code":0,"message":"success","data":null}}




 


image


image


 


image


image


 


 


 APDU - QuecPython


SIM卡文件结构、常用APDU指令和应答-CSDN博客


 


SIM读卡器


image




SCardEstablishContext returned (0x00000000)

SCardListReaders returned (0x00000000)

SCardConnect returned (0x00000000)

SCardGetAttrib returned (0x00000000)
SCardTransmit returned (0x00000000)

APDU Send: A0 A4 00 00 02 2F E2 

APDU Recv: 9F 0F 

SCardTransmit returned (0x00000000)

APDU Send: A0 B0 00 00 0A 

APDU Recv: 98 68 40 4C 91 22 02 52 33 98 90 00 




 读卡器支持 A0 CLA,但您的AT设备不支持


企业微信截图_17629176053091


 




MF(3F00)
    EF_ICCID(2FE2)
    DF_TELECOM(7F10)
        EF_ADN(6F3A)
        EF_FDN(6F3B)
        EF_SMS(6F3C)
        EF_CCP(6F3D)
        EF_MSISDN(6F40)
        EF_SMSP(6F42)
        EF_SMSS(6F43)
        EF_LND(6F44)
        EF_EXT1(6F4A)
        EF_EXT2(6F4B)
    DF_GSM(7F20)
        EF_LP(6F05)
        EF_IMSI(6F07)
        EF_KC(6F20)
        EF_PLMNSEL(6F30)
        EF_HPLMN(6F31)
        EF_ACMMAX(6F37)
        EF_SST(6F38)
        EF_ACM(6F39)
        EF_GID1(6F3E)
        EF_GID2(6F3F)
        EF_PUCT(6F41)
        EF_CBMI(6F45)
        EF_SPN(6F46)
        EF_BCCH(6F74)
        EF_ACC(6F78)
        EF_FPLMN(6F7B)
        EF_LOCI(6F7E)
        EF_AD(6FAD)
        EF_PHASE(6FAE)
    DF_DCS1800(7F21)
        EF_VMWF(6F11)
        EF_SST(6F12)
        EF_CFF(6F13)
        EF_ONS(6F14)
        EF_CSP(6F15)
        EF_CI(6F16)
        EF_MN(6F17)
        EF_ONSF(6F18)
        EF_IN(6F19)




 







            

            
posted @ 
2025-09-16 10:08 
CHHC 
阅读(55) 
评论(0) 
 
收藏 
举报