"1 SIM card (subscriber identity module)
That is, the user identification module is a "smart card" conforming to the GSM specification. The SIM card can be inserted into any mobile phone conforming to the GSM specification to "realize the function that the telephone number is not random with the card", and the call fee is automatically included in the bill of the cardholder, which has nothing to do with the mobile phone.
As a special kind of smart card, SIM card adopts standard contact IC card. He is regulated by ISO7816 standard (provisions for contact integrated circuit IC card) and gsm11.11 of ETSI (European Telecommunications Standards Committee). He follows the characteristics of smart card in security and plays an important role in mobile user authentication and mobile commerce.
At present, mobile phone users store some important phone numbers on their mobile phone SIM card. If the phone is stolen, users can buy a new one, but what about the stored number? If the user can make an electronic copy of the phone number stored on the SIM card in advance, even if the mobile phone is lost, the user can easily write the saved number to the new SIM card. Therefore, the SIM card reader is studied and designed, through which the information in the mobile phone SIM card can be read into the computer, and the editing, backup and management of phonebook and short message can be realized conveniently. It provides an economical and convenient information backup management solution for users who often use mobile phones.
2 SIM card knowledge
SIM card is a "smart card" conforming to GSM specification. In fact, it is a chip card with microprocessor. There are five modules inside, and each module corresponds to one function: CPU (8 bits), program memory (3 ~ 8 KB), working memory (6 ~ 16 KB), data memory (128 ~ 256 KB) and serial communication unit. SIM card can store data (phonebook, short message, etc.) and complete the whole process of customer identity authentication and customer information encryption algorithm under security conditions (personal identity number pin and authentication key ki are correct). These functions are completed by a microprocessor with operating system in SIM card. SIM card has the characteristics of machine card separation (sim-me interface), safe and reliable communication and low cost.
(1) Physical characteristics of SIM card: it can be divided into sizes of 54 mm × 84 mmid-1 sim (large card) and size 25 mm × 15 mmplug in sim (small card).
(2) Storage capacity of SIM card: generally, the SIM card has a storage capacity of 8 KB, and there are SIM cards with capacity of 16 K and 32 K respectively, that is, STK SIM card.
(3) Service temperature of SIM card: standard temperature - 25 ~ + 70 ℃, limit temperature - 35 ~ 85 ℃. Under extreme conditions, each use shall not exceed 4 hours, and the total use shall not exceed 100 times.
(4) Service life of SIM card: the physical life depends on the number of times the customer plugs in and out, about 10000 times; The life of integrated circuit chip depends on the number of writes of data memory, which varies from manufacturer to manufacturer
The indicators are different. Mo Torola has been tested in the laboratory for about 50000 times. The average life span is about 4 years.
3 interface between SIM card and mobile station equipment
The SIM card chip has 8 contacts to connect with the mobile station equipment:
(1) Power supply VCC (contact C1): 4.5 ~ 5.5 V, ICC "10 Ma";
(2) Reset RST (contact C2);
(3) Clock CLK (contact C3): card clock 3.25 MHz;
(4) Not provided (contact C4);
(5) Ground terminal GND (contact C5);
(6) Programming voltage Vpp (contact C6);
(7) Data I / O port (contact C7);
(8) Not available (contact C8).
When the SIM card is connected with the mobile station equipment, at least 5 connecting wires are required: data I / O port (data), reset (RST), grounding terminal (GND), power supply (VCC) and clock (CLK). The interface circuit between it and baseband unit is shown in Figure 1. The SIM CD is the SIM card detection pin, which is used to detect the plug-in of the SIM card; Sim CLK is the reference clock for reading / writing SIM card provided by me; Simrst is the SIM card reset signal; Sim IO is a serial data input / output line, which is pulled up to high level by 20 K Ω pull-up resistance; SIM RNW is a read / write control signal to indicate the current sim_ Direction of data transmission on Io line; SIM pwctrl is a power control signal, which can control the power on the SIM card to turn off in idle mode, so as to reduce power consumption and prolong standby time.
4 SIM card internal data structure
SIM card has three types of data files: master file (MF), dedicated file (DF) and element file (EF). The organizational structure is as follows:
0x3f00 represents the root directory and 0x2fxx represents the basic files under the root directory;
0x7fxx represents the primary subdirectory, and 0x6fxx represents the basic files under the primary subdirectory;
0x5fxx represents the secondary subdirectory, and 0x4fxx represents the basic files under the secondary subdirectory.
5 SIM card power on reset process
The SIM card meets the requirements of international standard ISO7816. According to the provisions of the agreement, the SIM card shall have 8 contacts, including power interface, reset control interface, clock input interface and data input and output interface. The overall current consumption of the SIM card during operation is less than 10 mA. The clock frequency of the SIM card can be provided externally. When running the authentication process within the specified time, the clock frequency of at least 13 / 4 MHz is required. In other cases, the minimum clock frequency of 13 / 8 MHz is used. The data transmission baud rate of I / O port is 1 / 372 of the clock frequency.
5.1 activation and cold reset sequence
Initially, all ports are in low level (L) state, and the voltage range is 0 ~ 0.4 V; VCC power supply voltage is powered on first (H state), and then provides VPP programming voltage. In smart SIM card, VPP terminal is useless, and the voltage range is 5 V ± 0.4 V; After the VCC power supply terminal is stable for a period of time, set the IO port to the receiving mode (H state) and provide a stable CLK clock signal (Note: the IO port shall be set to the receiving mode (TA) before providing the CLK signal or within 200 clock cycles after providing the CLK signal); Rst reset signal shall remain in L state within 400 clock cycles (TB) after CLK signal is provided, and then it can be set to h state; Within 400 ~ 40000 clock cycles (TC) after providing the reset signal, the I / O port has a reset response.
5.2 warm reset sequence
The hot reset is used when the cold reset fails. During the process, the VCC is kept in H state and there is a stable CLK clock signal; During hot reset, the time to keep RST terminal in L state shall be at least 400 clock cycles (TE); Within 200 clock cycles (TD) before or after the rst terminal is set to the L state, the IO port shall be set to the receiving mode; Within 400 ~ 40000 clock cycles after RST is set to h state, I / O port has reset response.
5.3 clock stop
The external control stops the clock, which can temporarily interrupt the SIM card communication, and keep the rst of VCC end and reset end in H state during the process; To stop the clock, wait at least 1860 clock cycles (TG) after the last character is output from the I / O port; Wait at least 700 clock cycles (th) after clock recovery, and I / O starts to output characters.
5.4 contact release timing (deactivation)
Set RST end to l state; End CLK input and set I / O port to l state; Finally, set the VCC end to l state.
5.5 reset response of SIM card
After the contact of SIM card is activated, the terminal starts a cold reset. If the number of bytes returned by the SIM card after cold reset is inconsistent, or the reset response is not completed within 19200 initial ETUS, the terminal will not immediately terminate the card operation process, but send another hot reset signal. If the same result is still obtained, the interface is not ready to release the contact, otherwise the card will continue to carry out subsequent operations. The flow is shown in Figure 6.
The reset response can be up to 32 bytes (including historical characters, excluding initial characters), of which the historical characters can be up to 15 characters. The protocols are divided into t = O and T = 1. A SIM card only supports one of them. Bit duration: bit duration on IO is defined as a basic time unit ETU. The bit duration during the reset response is called "initial ETU". Initial ETU = 372 / Fs = 372 clock cycles. The bit duration after the reset response is called "current ETU", and current ETU = f / D / Fs. F is the clock frequency conversion factor and D is the bit rate adjustment factor, which are given in the interface character TA1 of SIM card reset response. The default values are f = 372 and d = 1, that is, the current ETU after reset response = initial ETU. In the process of reset response, the minimum time interval between the leading edge of the starting bit of two connected characters is 12 initial ETUS, and the maximum time interval is 9600 initial ETUS. All response characters are transmitted within 19200 initial ETUS, that is, from the leading edge of the starting bit of the first character to the leading edge of the starting bit of the last character).
Reset response format:
TS initial character (mandatory) to determine the transmission sequence of subsequent characters (high order first or low order first);
To format characters (mandatory);
TA1 / tb1 / Tc1 / TD1 ~ Tai / TBI / TCI / TDI interface characters (optional);
T1 ~ TK historical characters (optional);
TCK check character (conditional) does not appear when t = 0.
6 SIM card information interaction procedures
6.1 SIM card information interaction instruction format
6.1.1 command format
6.1.2 response format
Data: response data; SW1 / SW2: return to the command status.
6.1.3 general error return code table
6.2 common basic instructions
6.2.1 directory or file selection instruction (select)
Select a file. After successful selection, the record pointer is uncertain for linear fixed files. For circular files, the record pointer points to a record recently updated or added.
0x9f represents that the command is executed correctly, and XX is the data length returned by the SIM card; 0x94 / 0x04 is returned, which means that the given directory address is wrong. After the reset response (ATR), the main file (MF) is selected by default and becomes the current directory. Then, each file can be selected using the select function that meets the following principles:
① Select DF or MF as the current directory; DF is selected before selecting any of his EF
② Select EF as the current file, and DF or MF is the upper layer of EF. The current EF is always the lower level of the current directory.
Selectable files include: direct sub files belonging to the current directory; The direct child DF belonging to the parent file of the current DF; The upper layer of the current monthly record; Current DF; MF。
6.2.2 get response (get response)
Length (R): the maximum length of response data.
All command responses are:
0x90 / 0x00 indicates that the command is executed correctly.
6.2.3 read byte string instruction stored in binary form from transparent data file (read binary)
0x90 / 0x00 indicates that the command is executed correctly; Return 0x94 / 0x00, which means that no data file is selected, that is, the currently selected directory may be a directory rather than a file; 0x94 / 0x08 is returned, which means that the current directory or data file is inconsistent with the instruction, that is, the current data is not stored in binary form; 0x98 / 0x04 is returned, which means that this operation does not meet the access security rules and the password authentication has not passed.
7 SIM card data reading and writing test
The specific steps and results of SIM card data reading and writing test are as follows:
Step 1 the SIM card is powered on and reset first. The principle is to connect the contact first and then start the cold reset. If the cold reset fails, start the hot reset. If the hot reset fails, release the contact and report an error. After the cold reset or hot reset is successful, the SIM card shall output the reset response.
The reset response signals obtained in the experimental test are as follows:
0x22 indicates that the maximum returned data of the instruction is 34 bytes;
SIM card return:
Step5: send command response data command:
0x00 means that the data offset address is 0, that is, read data from the first byte; 0x09 indicates that IMSI information has 9 bytes;
SIM card return:
0xb0 means that the instruction corresponding to the response data is read binary; 0x08 represents that the IMSI number has 8 bytes of data; 0x90 / 0x00 indicates that the command is executed correctly. According to the agreement, the SIM card IMSI number is:
460 00 0104559542, which complies with the coding rules of international mobile subscriber identification number (IMSI), that is, IMSI = MCC (mobile country number) + MNC (mobile network number) + MSISDN (mobile user number).
8 conclusion
SIM card conforms to GSM specification, adopts standard contact IC card, and is regulated by ISO7816 standard. Based on the study of the international standard ISO7816 of contact IC card, this paper puts forward a design scheme of SIM card reader
Our other product:
