summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYerriswamy <yerriswamy.kurubathayanna@nxp.com>2020-04-15 18:11:21 +0530
committernxf24591 <nanjesh.s_1@nxp.com>2020-05-01 00:48:12 +0530
commitb1d6a254f9d548ef3eb76579fd75de48af633291 (patch)
tree72834bf4c90fd2c1a413d365bf6e42ec7c2a9bd7
parent78601dbd2a21c9998f143adbb7a8f2d021d1d916 (diff)
{R-DP2} Add support for secure_element HAL 1.2
Test: manual Bug: 142495673 Change-Id: I1338a2a11cc60fa50b1c8dd8e75022af9ea1b0a1
Diffstat
-rwxr-xr-xAndroid.bp1
-rwxr-xr-xsrc/com/android/se/Terminal.java68
2 files changed, 53 insertions, 16 deletions
diff --git a/Android.bp b/Android.bp
index 04837f0..603971e 100755
--- a/Android.bp
+++ b/Android.bp
@@ -5,6 +5,7 @@ android_app {
certificate: "platform",
static_libs: ["android.hardware.secure_element-V1.0-java",
"android.hardware.secure_element-V1.1-java",
+ "android.hardware.secure_element-V1.2-java",
"vendor.nxp.nxpese-V1.0-java"],
optimize: {
enabled: false,
diff --git a/src/com/android/se/Terminal.java b/src/com/android/se/Terminal.java
index 10cd865..f526b2c 100755
--- a/src/com/android/se/Terminal.java
+++ b/src/com/android/se/Terminal.java
@@ -24,7 +24,7 @@
*
* The original Work has been changed by NXP Semiconductors.
*
- * Copyright 2018-2019 NXP Semiconductors
+ * Copyright 2018-2020 NXP Semiconductors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -130,13 +130,14 @@ public class Terminal {
private static final int NFC_IN_USE = 3;
private ISecureElement mSEHal;
+ private android.hardware.secure_element.V1_2.ISecureElement mSEHal12;
private INxpEse mNxpEseHal;
/** For each Terminal there will be one AccessController object. */
private AccessControlEnforcer mAccessControlEnforcer;
- private static final String SECURE_ELEMENT_PRIVILEGED_PERMISSION =
- "android.permission.SECURE_ELEMENT_PRIVILEGED";
+ private static final String SECURE_ELEMENT_PRIVILEGED_OPERATION_PERMISSION =
+ "android.permission.SECURE_ELEMENT_PRIVILEGED_OPERATION";
private ISecureElementHalCallback.Stub mHalCallback = new ISecureElementHalCallback.Stub() {
@Override
@@ -247,25 +248,29 @@ public class Terminal {
* @throws RemoteException if there is a failure communicating with the remote
*/
public void initialize(boolean retryOnFail) throws NoSuchElementException, RemoteException {
+ android.hardware.secure_element.V1_1.ISecureElement mSEHal11 = null;
synchronized (mLock) {
- android.hardware.secure_element.V1_1.ISecureElement seHal11 = null;
try {
- seHal11 =
- android.hardware.secure_element.V1_1.ISecureElement.getService(mName,
- retryOnFail);
+ mSEHal = mSEHal11 = mSEHal12 = android.hardware.secure_element.V1_2.ISecureElement.getService(mName, retryOnFail);
} catch (Exception e) {
- Log.d(mTag, "SE Hal V1.1 is not supported");
+ Log.d(mTag, "SE Hal V1.2 is not supported");
}
+ if (mSEHal12 == null) {
+ try {
+ mSEHal = mSEHal11 = android.hardware.secure_element.V1_1.ISecureElement.getService(mName, retryOnFail);
+ } catch (Exception e) {
+ Log.d(mTag, "SE Hal V1.1 is not supported");
+ }
- if (seHal11 == null) {
- mSEHal = ISecureElement.getService(mName, retryOnFail);
- if (mSEHal == null) {
- throw new NoSuchElementException("No HAL is provided for " + mName);
+ if (mSEHal11 == null) {
+ mSEHal = ISecureElement.getService(mName, retryOnFail);
+ if (mSEHal == null) {
+ throw new NoSuchElementException("No HAL is provided for " + mName);
+ }
}
}
- if (seHal11 != null) {
- mSEHal = seHal11;
- seHal11.init_1_1(mHalCallback11);
+ if (mSEHal11 != null || mSEHal12 != null) {
+ mSEHal11.init_1_1(mHalCallback11);
} else {
mSEHal.init(mHalCallback);
}
@@ -755,6 +760,31 @@ public class Terminal {
}
/**
+ * Reset the Secure Element. Return true if success, false otherwise.
+ */
+ public boolean reset() {
+ if (mSEHal12 == null) {
+ return false;
+ }
+ mContext.enforceCallingOrSelfPermission(
+ android.Manifest.permission.SECURE_ELEMENT_PRIVILEGED_OPERATION,
+ "Need SECURE_ELEMENT_PRIVILEGED_OPERATION permission");
+
+ try {
+ byte status = mSEHal12.reset();
+ // Successfully trigger reset. HAL service should send onStateChange
+ // after secure element reset and initialization process complete
+ if (status == SecureElementStatus.SUCCESS) {
+ return true;
+ }
+ Log.e(mTag, "Error reseting terminal " + mName);
+ } catch (RemoteException e) {
+ Log.e(mTag, "Exception in reset()" + e);
+ }
+ return false;
+ }
+
+ /**
* Initialize the Access Control and set up the channel access.
*/
private ChannelAccess setUpChannelAccess(byte[] aid, String packageName, int pid)
@@ -823,7 +853,7 @@ public class Terminal {
private boolean isPrivilegedApplication(String packageName) {
PackageManager pm = mContext.getPackageManager();
if (pm != null) {
- return (pm.checkPermission(SECURE_ELEMENT_PRIVILEGED_PERMISSION,
+ return (pm.checkPermission(SECURE_ELEMENT_PRIVILEGED_OPERATION_PERMISSION,
packageName) == PackageManager.PERMISSION_GRANTED);
}
return false;
@@ -901,6 +931,7 @@ public class Terminal {
if (mAccessControlEnforcer != null) {
mAccessControlEnforcer.dump(writer);
}
+
}
// Implementation of the SecureElement Reader interface according to OMAPI.
@@ -1001,6 +1032,11 @@ public class Terminal {
return Terminal.this;
}
+ @Override
+ public boolean reset() {
+ return Terminal.this.reset();
+ }
+
private String getPublicKeySHA1(String pkg) {
PackageManager pm = mContext.getPackageManager();
PackageInfo packageInfo = null;
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 05:23:43 +0000