Home | History | Annotate | Download | only in jni
      1 /*
      2  * Copyright (C) 2012 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 /*
     18  *  Communicate with secure elements that are attached to the NFC
     19  *  controller.
     20  */
     21 #include <semaphore.h>
     22 #include <errno.h>
     23 #include <ScopedLocalRef.h>
     24 #include "OverrideLog.h"
     25 #include "SecureElement.h"
     26 #include "config.h"
     27 #include "PowerSwitch.h"
     28 #include "HostAidRouter.h"
     29 #include "JavaClassConstants.h"
     30 
     31 
     32 /*****************************************************************************
     33 **
     34 ** public variables
     35 **
     36 *****************************************************************************/
     37 int gSEId = -1;     // secure element ID to use in connectEE(), -1 means not set
     38 int gGatePipe = -1; // gate id or static pipe id to use in connectEE(), -1 means not set
     39 bool gUseStaticPipe = false;    // if true, use gGatePipe as static pipe id.  if false, use as gate id
     40 
     41 namespace android
     42 {
     43     extern void startRfDiscovery (bool isStart);
     44     extern void setUiccIdleTimeout (bool enable);
     45 }
     46 
     47 //////////////////////////////////////////////
     48 //////////////////////////////////////////////
     49 
     50 
     51 SecureElement SecureElement::sSecElem;
     52 const char* SecureElement::APP_NAME = "nfc_jni";
     53 
     54 
     55 /*******************************************************************************
     56 **
     57 ** Function:        SecureElement
     58 **
     59 ** Description:     Initialize member variables.
     60 **
     61 ** Returns:         None
     62 **
     63 *******************************************************************************/
     64 SecureElement::SecureElement ()
     65 :   mActiveEeHandle (NFA_HANDLE_INVALID),
     66     mDestinationGate (4), //loopback gate
     67     mNfaHciHandle (NFA_HANDLE_INVALID),
     68     mNativeData (NULL),
     69     mIsInit (false),
     70     mActualNumEe (0),
     71     mNumEePresent(0),
     72     mbNewEE (true),   // by default we start w/thinking there are new EE
     73     mNewPipeId (0),
     74     mNewSourceGate (0),
     75     mActiveSeOverride(0),
     76     mCommandStatus (NFA_STATUS_OK),
     77     mIsPiping (false),
     78     mCurrentRouteSelection (NoRoute),
     79     mActualResponseSize(0),
     80     mUseOberthurWarmReset (false),
     81     mActivatedInListenMode (false),
     82     mOberthurWarmResetCommand (3),
     83     mRfFieldIsOn(false)
     84 {
     85     memset (&mEeInfo, 0, sizeof(mEeInfo));
     86     memset (&mUiccInfo, 0, sizeof(mUiccInfo));
     87     memset (&mHciCfg, 0, sizeof(mHciCfg));
     88     memset (mResponseData, 0, sizeof(mResponseData));
     89     memset (mAidForEmptySelect, 0, sizeof(mAidForEmptySelect));
     90     memset (&mLastRfFieldToggle, 0, sizeof(mLastRfFieldToggle));
     91 }
     92 
     93 
     94 /*******************************************************************************
     95 **
     96 ** Function:        ~SecureElement
     97 **
     98 ** Description:     Release all resources.
     99 **
    100 ** Returns:         None
    101 **
    102 *******************************************************************************/
    103 SecureElement::~SecureElement ()
    104 {
    105 }
    106 
    107 
    108 /*******************************************************************************
    109 **
    110 ** Function:        getInstance
    111 **
    112 ** Description:     Get the SecureElement singleton object.
    113 **
    114 ** Returns:         SecureElement object.
    115 **
    116 *******************************************************************************/
    117 SecureElement& SecureElement::getInstance()
    118 {
    119     return sSecElem;
    120 }
    121 
    122 
    123 /*******************************************************************************
    124 **
    125 ** Function:        setActiveSeOverride
    126 **
    127 ** Description:     Specify which secure element to turn on.
    128 **                  activeSeOverride: ID of secure element
    129 **
    130 ** Returns:         None
    131 **
    132 *******************************************************************************/
    133 void SecureElement::setActiveSeOverride(UINT8 activeSeOverride)
    134 {
    135     ALOGD ("SecureElement::setActiveSeOverride, seid=0x%X", activeSeOverride);
    136     mActiveSeOverride = activeSeOverride;
    137 }
    138 
    139 
    140 /*******************************************************************************
    141 **
    142 ** Function:        initialize
    143 **
    144 ** Description:     Initialize all member variables.
    145 **                  native: Native data.
    146 **
    147 ** Returns:         True if ok.
    148 **
    149 *******************************************************************************/
    150 bool SecureElement::initialize (nfc_jni_native_data* native)
    151 {
    152     static const char fn [] = "SecureElement::initialize";
    153     tNFA_STATUS nfaStat;
    154     unsigned long num = 0;
    155 
    156     ALOGD ("%s: enter", fn);
    157 
    158     if (GetNumValue("NFA_HCI_DEFAULT_DEST_GATE", &num, sizeof(num)))
    159         mDestinationGate = num;
    160     ALOGD ("%s: Default destination gate: 0x%X", fn, mDestinationGate);
    161 
    162     // active SE, if not set active all SEs
    163     if (GetNumValue("ACTIVE_SE", &num, sizeof(num)))
    164         mActiveSeOverride = num;
    165     ALOGD ("%s: Active SE override: 0x%X", fn, mActiveSeOverride);
    166 
    167     if (GetNumValue("OBERTHUR_WARM_RESET_COMMAND", &num, sizeof(num)))
    168     {
    169         mUseOberthurWarmReset = true;
    170         mOberthurWarmResetCommand = (UINT8) num;
    171     }
    172 
    173     mActiveEeHandle = NFA_HANDLE_INVALID;
    174     mNfaHciHandle = NFA_HANDLE_INVALID;
    175 
    176     mNativeData     = native;
    177     mActualNumEe    = MAX_NUM_EE;
    178     mbNewEE         = true;
    179     mNewPipeId      = 0;
    180     mNewSourceGate  = 0;
    181     mRfFieldIsOn    = false;
    182     mActivatedInListenMode = false;
    183     mCurrentRouteSelection = NoRoute;
    184     memset (mEeInfo, 0, sizeof(mEeInfo));
    185     memset (&mUiccInfo, 0, sizeof(mUiccInfo));
    186     memset (&mHciCfg, 0, sizeof(mHciCfg));
    187     mUsedAids.clear ();
    188     memset(mAidForEmptySelect, 0, sizeof(mAidForEmptySelect));
    189 
    190     // Get Fresh EE info.
    191     if (! getEeInfo())
    192         return (false);
    193 
    194     {
    195         SyncEventGuard guard (mEeRegisterEvent);
    196         ALOGD ("%s: try ee register", fn);
    197         nfaStat = NFA_EeRegister (nfaEeCallback);
    198         if (nfaStat != NFA_STATUS_OK)
    199         {
    200             ALOGE ("%s: fail ee register; error=0x%X", fn, nfaStat);
    201             return (false);
    202         }
    203         mEeRegisterEvent.wait ();
    204     }
    205 
    206     // If the controller has an HCI Network, register for that
    207     for (size_t xx = 0; xx < mActualNumEe; xx++)
    208     {
    209         if ((mEeInfo[xx].num_interface > 0) && (mEeInfo[xx].ee_interface[0] == NCI_NFCEE_INTERFACE_HCI_ACCESS) )
    210         {
    211             ALOGD ("%s: Found HCI network, try hci register", fn);
    212 
    213             SyncEventGuard guard (mHciRegisterEvent);
    214 
    215             nfaStat = NFA_HciRegister (const_cast<char*>(APP_NAME), nfaHciCallback, TRUE);
    216             if (nfaStat != NFA_STATUS_OK)
    217             {
    218                 ALOGE ("%s: fail hci register; error=0x%X", fn, nfaStat);
    219                 return (false);
    220             }
    221             mHciRegisterEvent.wait();
    222             break;
    223         }
    224     }
    225 
    226     mRouteDataSet.initialize ();
    227     mRouteDataSet.import (); //read XML file
    228     HostAidRouter::getInstance().initialize ();
    229 
    230     GetStrValue(NAME_AID_FOR_EMPTY_SELECT, (char*)&mAidForEmptySelect[0], sizeof(mAidForEmptySelect));
    231 
    232     mIsInit = true;
    233     ALOGD ("%s: exit", fn);
    234     return (true);
    235 }
    236 
    237 
    238 /*******************************************************************************
    239 **
    240 ** Function:        finalize
    241 **
    242 ** Description:     Release all resources.
    243 **
    244 ** Returns:         None
    245 **
    246 *******************************************************************************/
    247 void SecureElement::finalize ()
    248 {
    249     static const char fn [] = "SecureElement::finalize";
    250     ALOGD ("%s: enter", fn);
    251 
    252     NFA_EeDeregister (nfaEeCallback);
    253 
    254     if (mNfaHciHandle != NFA_HANDLE_INVALID)
    255         NFA_HciDeregister (const_cast<char*>(APP_NAME));
    256 
    257     mNfaHciHandle = NFA_HANDLE_INVALID;
    258     mNativeData   = NULL;
    259     mIsInit       = false;
    260     mActualNumEe  = 0;
    261     mNumEePresent = 0;
    262     mNewPipeId    = 0;
    263     mNewSourceGate = 0;
    264     mIsPiping = false;
    265     memset (mEeInfo, 0, sizeof(mEeInfo));
    266     memset (&mUiccInfo, 0, sizeof(mUiccInfo));
    267 
    268     ALOGD ("%s: exit", fn);
    269 }
    270 
    271 
    272 /*******************************************************************************
    273 **
    274 ** Function:        getEeInfo
    275 **
    276 ** Description:     Get latest information about execution environments from stack.
    277 **
    278 ** Returns:         True if at least 1 EE is available.
    279 **
    280 *******************************************************************************/
    281 bool SecureElement::getEeInfo()
    282 {
    283     static const char fn [] = "SecureElement::getEeInfo";
    284     ALOGD ("%s: enter; mbNewEE=%d, mActualNumEe=%d", fn, mbNewEE, mActualNumEe);
    285     tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
    286 
    287     // If mbNewEE is true then there is new EE info.
    288     if (mbNewEE)
    289     {
    290         mActualNumEe = MAX_NUM_EE;
    291 
    292         if ((nfaStat = NFA_EeGetInfo (&mActualNumEe, mEeInfo)) != NFA_STATUS_OK)
    293         {
    294             ALOGE ("%s: fail get info; error=0x%X", fn, nfaStat);
    295             mActualNumEe = 0;
    296         }
    297         else
    298         {
    299             mbNewEE = false;
    300 
    301             ALOGD ("%s: num EEs discovered: %u", fn, mActualNumEe);
    302             if (mActualNumEe != 0)
    303             {
    304                 for (UINT8 xx = 0; xx < mActualNumEe; xx++)
    305                 {
    306                     if ((mEeInfo[xx].num_interface != 0) && (mEeInfo[xx].ee_interface[0] != NCI_NFCEE_INTERFACE_HCI_ACCESS) )
    307                         mNumEePresent++;
    308 
    309                     ALOGD ("%s: EE[%u] Handle: 0x%04x  Status: %s  Num I/f: %u: (0x%02x, 0x%02x)  Num TLVs: %u",
    310                           fn, xx, mEeInfo[xx].ee_handle, eeStatusToString(mEeInfo[xx].ee_status), mEeInfo[xx].num_interface,
    311                           mEeInfo[xx].ee_interface[0], mEeInfo[xx].ee_interface[1], mEeInfo[xx].num_tlvs);
    312 
    313                     for (size_t yy = 0; yy < mEeInfo[xx].num_tlvs; yy++)
    314                     {
    315                         ALOGD ("%s: EE[%u] TLV[%u]  Tag: 0x%02x  Len: %u  Values[]: 0x%02x  0x%02x  0x%02x ...",
    316                               fn, xx, yy, mEeInfo[xx].ee_tlv[yy].tag, mEeInfo[xx].ee_tlv[yy].len, mEeInfo[xx].ee_tlv[yy].info[0],
    317                               mEeInfo[xx].ee_tlv[yy].info[1], mEeInfo[xx].ee_tlv[yy].info[2]);
    318                     }
    319                 }
    320             }
    321         }
    322     }
    323     ALOGD ("%s: exit; mActualNumEe=%d, mNumEePresent=%d", fn, mActualNumEe,mNumEePresent);
    324     return (mActualNumEe != 0);
    325 }
    326 
    327 
    328 /*******************************************************************************
    329 **
    330 ** Function         TimeDiff
    331 **
    332 ** Description      Computes time difference in milliseconds.
    333 **
    334 ** Returns          Time difference in milliseconds
    335 **
    336 *******************************************************************************/
    337 static UINT32 TimeDiff(timespec start, timespec end)
    338 {
    339     end.tv_sec -= start.tv_sec;
    340     end.tv_nsec -= start.tv_nsec;
    341 
    342     if (end.tv_nsec < 0) {
    343         end.tv_nsec += 10e8;
    344         end.tv_sec -=1;
    345     }
    346 
    347     return (end.tv_sec * 1000) + (end.tv_nsec / 10e5);
    348 }
    349 
    350 /*******************************************************************************
    351 **
    352 ** Function:        isRfFieldOn
    353 **
    354 ** Description:     Can be used to determine if the SE is in an RF field
    355 **
    356 ** Returns:         True if the SE is activated in an RF field
    357 **
    358 *******************************************************************************/
    359 bool SecureElement::isRfFieldOn() {
    360     AutoMutex mutex(mMutex);
    361     if (mRfFieldIsOn) {
    362         return true;
    363     }
    364     struct timespec now;
    365     int ret = clock_gettime(CLOCK_MONOTONIC, &now);
    366     if (ret == -1) {
    367         ALOGE("isRfFieldOn(): clock_gettime failed");
    368         return false;
    369     }
    370     if (TimeDiff(mLastRfFieldToggle, now) < 50) {
    371         // If it was less than 50ms ago that RF field
    372         // was turned off, still return ON.
    373         return true;
    374     } else {
    375         return false;
    376     }
    377 }
    378 
    379 /*******************************************************************************
    380 **
    381 ** Function:        isActivatedInListenMode
    382 **
    383 ** Description:     Can be used to determine if the SE is activated in listen mode
    384 **
    385 ** Returns:         True if the SE is activated in listen mode
    386 **
    387 *******************************************************************************/
    388 bool SecureElement::isActivatedInListenMode() {
    389     return mActivatedInListenMode;
    390 }
    391 
    392 /*******************************************************************************
    393 **
    394 ** Function:        getListOfEeHandles
    395 **
    396 ** Description:     Get the list of handles of all execution environments.
    397 **                  e: Java Virtual Machine.
    398 **
    399 ** Returns:         List of handles of all execution environments.
    400 **
    401 *******************************************************************************/
    402 jintArray SecureElement::getListOfEeHandles (JNIEnv* e)
    403 {
    404     static const char fn [] = "SecureElement::getListOfEeHandles";
    405     ALOGD ("%s: enter", fn);
    406     if (mNumEePresent == 0)
    407         return NULL;
    408 
    409     if (!mIsInit)
    410     {
    411         ALOGE ("%s: not init", fn);
    412         return (NULL);
    413     }
    414 
    415     // Get Fresh EE info.
    416     if (! getEeInfo())
    417         return (NULL);
    418 
    419     jintArray list = e->NewIntArray (mNumEePresent); //allocate array
    420     jint jj = 0;
    421     int cnt = 0;
    422     for (int ii = 0; ii < mActualNumEe && cnt < mNumEePresent; ii++)
    423     {
    424         ALOGD ("%s: %u = 0x%X", fn, ii, mEeInfo[ii].ee_handle);
    425         if ((mEeInfo[ii].num_interface == 0) || (mEeInfo[ii].ee_interface[0] == NCI_NFCEE_INTERFACE_HCI_ACCESS) )
    426         {
    427             continue;
    428         }
    429 
    430         jj = mEeInfo[ii].ee_handle & ~NFA_HANDLE_GROUP_EE;
    431         e->SetIntArrayRegion (list, cnt++, 1, &jj);
    432     }
    433 
    434     ALOGD("%s: exit", fn);
    435     return list;
    436 }
    437 
    438 
    439 /*******************************************************************************
    440 **
    441 ** Function:        activate
    442 **
    443 ** Description:     Turn on the secure element.
    444 **                  seID: ID of secure element; 0xF3 or 0xF4.
    445 **
    446 ** Returns:         True if ok.
    447 **
    448 *******************************************************************************/
    449 bool SecureElement::activate (jint seID)
    450 {
    451     static const char fn [] = "SecureElement::activate";
    452     tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
    453     int numActivatedEe = 0;
    454 
    455     ALOGD ("%s: enter; seID=0x%X", fn, seID);
    456 
    457     if (!mIsInit)
    458     {
    459         ALOGE ("%s: not init", fn);
    460         return false;
    461     }
    462 
    463     if (mActiveEeHandle != NFA_HANDLE_INVALID)
    464     {
    465         ALOGD ("%s: already active", fn);
    466         return true;
    467     }
    468 
    469     // Get Fresh EE info if needed.
    470     if (! getEeInfo())
    471     {
    472         ALOGE ("%s: no EE info", fn);
    473         return false;
    474     }
    475 
    476     UINT16 overrideEeHandle = 0;
    477     if (mActiveSeOverride)
    478         overrideEeHandle = NFA_HANDLE_GROUP_EE | mActiveSeOverride;
    479 
    480     if (mRfFieldIsOn) {
    481         ALOGE("%s: RF field indication still on, resetting", fn);
    482         mRfFieldIsOn = false;
    483     }
    484 
    485     ALOGD ("%s: override ee h=0x%X", fn, overrideEeHandle );
    486     //activate every discovered secure element
    487     for (int index=0; index < mActualNumEe; index++)
    488     {
    489         tNFA_EE_INFO& eeItem = mEeInfo[index];
    490 
    491         if ((eeItem.ee_handle == EE_HANDLE_0xF3) || (eeItem.ee_handle == EE_HANDLE_0xF4))
    492         {
    493             if (overrideEeHandle && (overrideEeHandle != eeItem.ee_handle) )
    494                 continue;   // do not enable all SEs; only the override one
    495 
    496             if (eeItem.ee_status != NFC_NFCEE_STATUS_INACTIVE)
    497             {
    498                 ALOGD ("%s: h=0x%X already activated", fn, eeItem.ee_handle);
    499                 numActivatedEe++;
    500                 continue;
    501             }
    502 
    503             {
    504                 SyncEventGuard guard (mEeSetModeEvent);
    505                 ALOGD ("%s: set EE mode activate; h=0x%X", fn, eeItem.ee_handle);
    506                 if ((nfaStat = NFA_EeModeSet (eeItem.ee_handle, NFA_EE_MD_ACTIVATE)) == NFA_STATUS_OK)
    507                 {
    508                     mEeSetModeEvent.wait (); //wait for NFA_EE_MODE_SET_EVT
    509                     if (eeItem.ee_status == NFC_NFCEE_STATUS_ACTIVE)
    510                         numActivatedEe++;
    511                 }
    512                 else
    513                     ALOGE ("%s: NFA_EeModeSet failed; error=0x%X", fn, nfaStat);
    514             }
    515         }
    516     } //for
    517 
    518     mActiveEeHandle = getDefaultEeHandle();
    519     if (mActiveEeHandle == NFA_HANDLE_INVALID)
    520         ALOGE ("%s: ee handle not found", fn);
    521     ALOGD ("%s: exit; active ee h=0x%X", fn, mActiveEeHandle);
    522     return mActiveEeHandle != NFA_HANDLE_INVALID;
    523 }
    524 
    525 
    526 /*******************************************************************************
    527 **
    528 ** Function:        deactivate
    529 **
    530 ** Description:     Turn off the secure element.
    531 **                  seID: ID of secure element; 0xF3 or 0xF4.
    532 **
    533 ** Returns:         True if ok.
    534 **
    535 *******************************************************************************/
    536 bool SecureElement::deactivate (jint seID)
    537 {
    538     static const char fn [] = "SecureElement::deactivate";
    539     bool retval = false;
    540 
    541     ALOGD ("%s: enter; seID=0x%X, mActiveEeHandle=0x%X", fn, seID, mActiveEeHandle);
    542 
    543     if (!mIsInit)
    544     {
    545         ALOGE ("%s: not init", fn);
    546         goto TheEnd;
    547     }
    548 
    549     //if the controller is routing to sec elems or piping,
    550     //then the secure element cannot be deactivated
    551     if ((mCurrentRouteSelection == SecElemRoute) || mIsPiping)
    552     {
    553         ALOGE ("%s: still busy", fn);
    554         goto TheEnd;
    555     }
    556 
    557     if (mActiveEeHandle == NFA_HANDLE_INVALID)
    558     {
    559         ALOGE ("%s: invalid EE handle", fn);
    560         goto TheEnd;
    561     }
    562 
    563     mActiveEeHandle = NFA_HANDLE_INVALID;
    564     retval = true;
    565 
    566 TheEnd:
    567     ALOGD ("%s: exit; ok=%u", fn, retval);
    568     return retval;
    569 }
    570 
    571 
    572 /*******************************************************************************
    573 **
    574 ** Function:        notifyTransactionListenersOfAid
    575 **
    576 ** Description:     Notify the NFC service about a transaction event from secure element.
    577 **                  aid: Buffer contains application ID.
    578 **                  aidLen: Length of application ID.
    579 **
    580 ** Returns:         None
    581 **
    582 *******************************************************************************/
    583 void SecureElement::notifyTransactionListenersOfAid (const UINT8* aidBuffer, UINT8 aidBufferLen)
    584 {
    585     static const char fn [] = "SecureElement::notifyTransactionListenersOfAid";
    586     ALOGD ("%s: enter; aid len=%u", fn, aidBufferLen);
    587 
    588     if (aidBufferLen == 0) {
    589         return;
    590     }
    591 
    592     JNIEnv* e = NULL;
    593     ScopedAttach attach(mNativeData->vm, &e);
    594     if (e == NULL)
    595     {
    596         ALOGE ("%s: jni env is null", fn);
    597         return;
    598     }
    599 
    600     const UINT16 tlvMaxLen = aidBufferLen + 10;
    601     UINT8* tlv = new UINT8 [tlvMaxLen];
    602     if (tlv == NULL)
    603     {
    604         ALOGE ("%s: fail allocate tlv", fn);
    605         return;
    606     }
    607 
    608     memcpy (tlv, aidBuffer, aidBufferLen);
    609     UINT16 tlvActualLen = aidBufferLen;
    610 
    611     ScopedLocalRef<jobject> tlvJavaArray(e, e->NewByteArray(tlvActualLen));
    612     if (tlvJavaArray.get() == NULL)
    613     {
    614         ALOGE ("%s: fail allocate array", fn);
    615         goto TheEnd;
    616     }
    617 
    618     e->SetByteArrayRegion ((jbyteArray)tlvJavaArray.get(), 0, tlvActualLen, (jbyte *)tlv);
    619     if (e->ExceptionCheck())
    620     {
    621         e->ExceptionClear();
    622         ALOGE ("%s: fail fill array", fn);
    623         goto TheEnd;
    624     }
    625 
    626     e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifyTransactionListeners, tlvJavaArray.get());
    627     if (e->ExceptionCheck())
    628     {
    629         e->ExceptionClear();
    630         ALOGE ("%s: fail notify", fn);
    631         goto TheEnd;
    632     }
    633 
    634 TheEnd:
    635     delete [] tlv;
    636     ALOGD ("%s: exit", fn);
    637 }
    638 
    639 
    640 /*******************************************************************************
    641 **
    642 ** Function:        connectEE
    643 **
    644 ** Description:     Connect to the execution environment.
    645 **
    646 ** Returns:         True if ok.
    647 **
    648 *******************************************************************************/
    649 bool SecureElement::connectEE ()
    650 {
    651     static const char fn [] = "SecureElement::connectEE";
    652     tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
    653     bool        retVal = false;
    654     UINT8       destHost = 0;
    655     unsigned long num = 0;
    656     char pipeConfName[40];
    657     tNFA_HANDLE  eeHandle = mActiveEeHandle;
    658 
    659     ALOGD ("%s: enter, mActiveEeHandle: 0x%04x, SEID: 0x%x, pipe_gate_num=%d, use pipe=%d",
    660         fn, mActiveEeHandle, gSEId, gGatePipe, gUseStaticPipe);
    661 
    662     if (!mIsInit)
    663     {
    664         ALOGE ("%s: not init", fn);
    665         return (false);
    666     }
    667 
    668     if (gSEId != -1)
    669     {
    670         eeHandle = gSEId | NFA_HANDLE_GROUP_EE;
    671         ALOGD ("%s: Using SEID: 0x%x", fn, eeHandle );
    672     }
    673 
    674     if (eeHandle == NFA_HANDLE_INVALID)
    675     {
    676         ALOGE ("%s: invalid handle 0x%X", fn, eeHandle);
    677         return (false);
    678     }
    679 
    680     tNFA_EE_INFO *pEE = findEeByHandle (eeHandle);
    681 
    682     if (pEE == NULL)
    683     {
    684         ALOGE ("%s: Handle 0x%04x  NOT FOUND !!", fn, eeHandle);
    685         return (false);
    686     }
    687 
    688     // Disable RF discovery completely while the DH is connected
    689     android::startRfDiscovery(false);
    690 
    691     // Disable UICC idle timeout while the DH is connected
    692     android::setUiccIdleTimeout (false);
    693 
    694     mNewSourceGate = 0;
    695 
    696     if (gGatePipe == -1)
    697     {
    698         // pipe/gate num was not specifed by app, get from config file
    699         mNewPipeId     = 0;
    700 
    701         // Construct the PIPE name based on the EE handle (e.g. NFA_HCI_STATIC_PIPE_ID_F3 for UICC0).
    702         snprintf (pipeConfName, sizeof(pipeConfName), "NFA_HCI_STATIC_PIPE_ID_%02X", eeHandle & NFA_HANDLE_MASK);
    703 
    704         if (GetNumValue(pipeConfName, &num, sizeof(num)) && (num != 0))
    705         {
    706             mNewPipeId = num;
    707             ALOGD ("%s: Using static pipe id: 0x%X", __FUNCTION__, mNewPipeId);
    708         }
    709         else
    710         {
    711             ALOGD ("%s: Did not find value '%s' defined in the .conf", __FUNCTION__, pipeConfName);
    712         }
    713     }
    714     else
    715     {
    716         if (gUseStaticPipe)
    717         {
    718             mNewPipeId     = gGatePipe;
    719         }
    720         else
    721         {
    722             mNewPipeId      = 0;
    723             mDestinationGate= gGatePipe;
    724         }
    725     }
    726 
    727     // If the .conf file had a static pipe to use, just use it.
    728     if (mNewPipeId != 0)
    729     {
    730         UINT8 host = (mNewPipeId == STATIC_PIPE_0x70) ? 0x02 : 0x03;
    731         UINT8 gate = (mNewPipeId == STATIC_PIPE_0x70) ? 0xF0 : 0xF1;
    732         nfaStat = NFA_HciAddStaticPipe(mNfaHciHandle, host, gate, mNewPipeId);
    733         if (nfaStat != NFA_STATUS_OK)
    734         {
    735             ALOGE ("%s: fail create static pipe; error=0x%X", fn, nfaStat);
    736             retVal = false;
    737             goto TheEnd;
    738         }
    739     }
    740     else
    741     {
    742         if ( (pEE->num_tlvs >= 1) && (pEE->ee_tlv[0].tag == NFA_EE_TAG_HCI_HOST_ID) )
    743             destHost = pEE->ee_tlv[0].info[0];
    744         else
    745             destHost = 2;
    746 
    747         // Get a list of existing gates and pipes
    748         {
    749             ALOGD ("%s: get gate, pipe list", fn);
    750             SyncEventGuard guard (mPipeListEvent);
    751             nfaStat = NFA_HciGetGateAndPipeList (mNfaHciHandle);
    752             if (nfaStat == NFA_STATUS_OK)
    753             {
    754                 mPipeListEvent.wait();
    755                 if (mHciCfg.status == NFA_STATUS_OK)
    756                 {
    757                     for (UINT8 xx = 0; xx < mHciCfg.num_pipes; xx++)
    758                     {
    759                         if ( (mHciCfg.pipe[xx].dest_host == destHost)
    760                          &&  (mHciCfg.pipe[xx].dest_gate == mDestinationGate) )
    761                         {
    762                             mNewSourceGate = mHciCfg.pipe[xx].local_gate;
    763                             mNewPipeId     = mHciCfg.pipe[xx].pipe_id;
    764 
    765                             ALOGD ("%s: found configured gate: 0x%02x  pipe: 0x%02x", fn, mNewSourceGate, mNewPipeId);
    766                             break;
    767                         }
    768                     }
    769                 }
    770             }
    771         }
    772 
    773         if (mNewSourceGate == 0)
    774         {
    775             ALOGD ("%s: allocate gate", fn);
    776             //allocate a source gate and store in mNewSourceGate
    777             SyncEventGuard guard (mAllocateGateEvent);
    778             if ((nfaStat = NFA_HciAllocGate (mNfaHciHandle)) != NFA_STATUS_OK)
    779             {
    780                 ALOGE ("%s: fail allocate source gate; error=0x%X", fn, nfaStat);
    781                 goto TheEnd;
    782             }
    783             mAllocateGateEvent.wait ();
    784             if (mCommandStatus != NFA_STATUS_OK)
    785                goto TheEnd;
    786         }
    787 
    788         if (mNewPipeId == 0)
    789         {
    790             ALOGD ("%s: create pipe", fn);
    791             SyncEventGuard guard (mCreatePipeEvent);
    792             nfaStat = NFA_HciCreatePipe (mNfaHciHandle, mNewSourceGate, destHost, mDestinationGate);
    793             if (nfaStat != NFA_STATUS_OK)
    794             {
    795                 ALOGE ("%s: fail create pipe; error=0x%X", fn, nfaStat);
    796                 goto TheEnd;
    797             }
    798             mCreatePipeEvent.wait ();
    799             if (mCommandStatus != NFA_STATUS_OK)
    800                goto TheEnd;
    801         }
    802 
    803         {
    804             ALOGD ("%s: open pipe", fn);
    805             SyncEventGuard guard (mPipeOpenedEvent);
    806             nfaStat = NFA_HciOpenPipe (mNfaHciHandle, mNewPipeId);
    807             if (nfaStat != NFA_STATUS_OK)
    808             {
    809                 ALOGE ("%s: fail open pipe; error=0x%X", fn, nfaStat);
    810                 goto TheEnd;
    811             }
    812             mPipeOpenedEvent.wait ();
    813             if (mCommandStatus != NFA_STATUS_OK)
    814                goto TheEnd;
    815         }
    816     }
    817 
    818     retVal = true;
    819 
    820 TheEnd:
    821     mIsPiping = retVal;
    822     if (!retVal)
    823     {
    824         // if open failed we need to de-allocate the gate
    825         disconnectEE(0);
    826     }
    827 
    828     ALOGD ("%s: exit; ok=%u", fn, retVal);
    829     return retVal;
    830 }
    831 
    832 
    833 /*******************************************************************************
    834 **
    835 ** Function:        disconnectEE
    836 **
    837 ** Description:     Disconnect from the execution environment.
    838 **                  seID: ID of secure element.
    839 **
    840 ** Returns:         True if ok.
    841 **
    842 *******************************************************************************/
    843 bool SecureElement::disconnectEE (jint seID)
    844 {
    845     static const char fn [] = "SecureElement::disconnectEE";
    846     tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
    847     tNFA_HANDLE eeHandle = seID;
    848 
    849     ALOGD("%s: seID=0x%X; handle=0x%04x", fn, seID, eeHandle);
    850 
    851     if (mUseOberthurWarmReset)
    852     {
    853         //send warm-reset command to Oberthur secure element which deselects the applet;
    854         //this is an Oberthur-specific command;
    855         ALOGD("%s: try warm-reset on pipe id 0x%X; cmd=0x%X", fn, mNewPipeId, mOberthurWarmResetCommand);
    856         SyncEventGuard guard (mRegistryEvent);
    857         nfaStat = NFA_HciSetRegistry (mNfaHciHandle, mNewPipeId,
    858                 1, 1, &mOberthurWarmResetCommand);
    859         if (nfaStat == NFA_STATUS_OK)
    860         {
    861             mRegistryEvent.wait ();
    862             ALOGD("%s: completed warm-reset on pipe 0x%X", fn, mNewPipeId);
    863         }
    864     }
    865 
    866     if (mNewSourceGate)
    867     {
    868         SyncEventGuard guard (mDeallocateGateEvent);
    869         if ((nfaStat = NFA_HciDeallocGate (mNfaHciHandle, mNewSourceGate)) == NFA_STATUS_OK)
    870             mDeallocateGateEvent.wait ();
    871         else
    872             ALOGE ("%s: fail dealloc gate; error=0x%X", fn, nfaStat);
    873     }
    874 
    875     mIsPiping = false;
    876 
    877     // Re-enable UICC low-power mode
    878     android::setUiccIdleTimeout (true);
    879     // Re-enable RF discovery
    880     // Note that it only effactuates the current configuration,
    881     // so if polling/listening were configured OFF (forex because
    882     // the screen was off), they will stay OFF with this call.
    883     android::startRfDiscovery(true);
    884 
    885     return true;
    886 }
    887 
    888 
    889 /*******************************************************************************
    890 **
    891 ** Function:        transceive
    892 **
    893 ** Description:     Send data to the secure element; read it's response.
    894 **                  xmitBuffer: Data to transmit.
    895 **                  xmitBufferSize: Length of data.
    896 **                  recvBuffer: Buffer to receive response.
    897 **                  recvBufferMaxSize: Maximum size of buffer.
    898 **                  recvBufferActualSize: Actual length of response.
    899 **                  timeoutMillisec: timeout in millisecond.
    900 **
    901 ** Returns:         True if ok.
    902 **
    903 *******************************************************************************/
    904 bool SecureElement::transceive (UINT8* xmitBuffer, INT32 xmitBufferSize, UINT8* recvBuffer,
    905         INT32 recvBufferMaxSize, INT32& recvBufferActualSize, INT32 timeoutMillisec)
    906 {
    907     static const char fn [] = "SecureElement::transceive";
    908     tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
    909     bool isSuccess = false;
    910     bool waitOk = false;
    911     UINT8 newSelectCmd[NCI_MAX_AID_LEN + 10];
    912 
    913     ALOGD ("%s: enter; xmitBufferSize=%ld; recvBufferMaxSize=%ld; timeout=%ld", fn, xmitBufferSize, recvBufferMaxSize, timeoutMillisec);
    914 
    915     // Check if we need to replace an "empty" SELECT command.
    916     // 1. Has there been a AID configured, and
    917     // 2. Is that AID a valid length (i.e 16 bytes max), and
    918     // 3. Is the APDU at least 4 bytes (for header), and
    919     // 4. Is INS == 0xA4 (SELECT command), and
    920     // 5. Is P1 == 0x04 (SELECT by AID), and
    921     // 6. Is the APDU len 4 or 5 bytes.
    922     //
    923     // Note, the length of the configured AID is in the first
    924     //   byte, and AID starts from the 2nd byte.
    925     if (mAidForEmptySelect[0]                           // 1
    926         && (mAidForEmptySelect[0] <= NCI_MAX_AID_LEN)   // 2
    927         && (xmitBufferSize >= 4)                        // 3
    928         && (xmitBuffer[1] == 0xA4)                      // 4
    929         && (xmitBuffer[2] == 0x04)                      // 5
    930         && (xmitBufferSize <= 5))                       // 6
    931     {
    932         UINT8 idx = 0;
    933 
    934         // Copy APDU command header from the input buffer.
    935         memcpy(&newSelectCmd[0], &xmitBuffer[0], 4);
    936         idx = 4;
    937 
    938         // Set the Lc value to length of the new AID
    939         newSelectCmd[idx++] = mAidForEmptySelect[0];
    940 
    941         // Copy the AID
    942         memcpy(&newSelectCmd[idx], &mAidForEmptySelect[1], mAidForEmptySelect[0]);
    943         idx += mAidForEmptySelect[0];
    944 
    945         // If there is an Le (5th byte of APDU), add it to the end.
    946         if (xmitBufferSize == 5)
    947             newSelectCmd[idx++] = xmitBuffer[4];
    948 
    949         // Point to the new APDU
    950         xmitBuffer = &newSelectCmd[0];
    951         xmitBufferSize = idx;
    952 
    953         ALOGD ("%s: Empty AID SELECT cmd detected, substituting AID from config file, new length=%d", fn, idx);
    954     }
    955 
    956     {
    957         SyncEventGuard guard (mTransceiveEvent);
    958         mActualResponseSize = 0;
    959         memset (mResponseData, 0, sizeof(mResponseData));
    960         if ((mNewPipeId == STATIC_PIPE_0x70) || (mNewPipeId == STATIC_PIPE_0x71))
    961             nfaStat = NFA_HciSendEvent (mNfaHciHandle, mNewPipeId, EVT_SEND_DATA, xmitBufferSize, xmitBuffer, sizeof(mResponseData), mResponseData, 0);
    962         else
    963             nfaStat = NFA_HciSendEvent (mNfaHciHandle, mNewPipeId, NFA_HCI_EVT_POST_DATA, xmitBufferSize, xmitBuffer, sizeof(mResponseData), mResponseData, 0);
    964 
    965         if (nfaStat == NFA_STATUS_OK)
    966         {
    967             waitOk = mTransceiveEvent.wait (timeoutMillisec);
    968             if (waitOk == false) //timeout occurs
    969             {
    970                 ALOGE ("%s: wait response timeout", fn);
    971                 goto TheEnd;
    972             }
    973         }
    974         else
    975         {
    976             ALOGE ("%s: fail send data; error=0x%X", fn, nfaStat);
    977             goto TheEnd;
    978         }
    979     }
    980 
    981     if (mActualResponseSize > recvBufferMaxSize)
    982         recvBufferActualSize = recvBufferMaxSize;
    983     else
    984         recvBufferActualSize = mActualResponseSize;
    985 
    986     memcpy (recvBuffer, mResponseData, recvBufferActualSize);
    987     isSuccess = true;
    988 
    989 TheEnd:
    990     ALOGD ("%s: exit; isSuccess: %d; recvBufferActualSize: %ld", fn, isSuccess, recvBufferActualSize);
    991     return (isSuccess);
    992 }
    993 
    994 
    995 /*******************************************************************************
    996 **
    997 ** Function:        notifyListenModeState
    998 **
    999 ** Description:     Notify the NFC service about whether the SE was activated
   1000 **                  in listen mode.
   1001 **                  isActive: Whether the secure element is activated.
   1002 **
   1003 ** Returns:         None
   1004 **
   1005 *******************************************************************************/
   1006 void SecureElement::notifyListenModeState (bool isActivated) {
   1007     static const char fn [] = "SecureElement::notifyListenMode";
   1008 
   1009     ALOGD ("%s: enter; listen mode active=%u", fn, isActivated);
   1010 
   1011     JNIEnv* e = NULL;
   1012     ScopedAttach attach(mNativeData->vm, &e);
   1013     if (e == NULL)
   1014     {
   1015         ALOGE ("%s: jni env is null", fn);
   1016         return;
   1017     }
   1018 
   1019     mActivatedInListenMode = isActivated;
   1020     if (isActivated) {
   1021         e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeListenActivated);
   1022     }
   1023     else {
   1024         e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeListenDeactivated);
   1025     }
   1026 
   1027     if (e->ExceptionCheck())
   1028     {
   1029         e->ExceptionClear();
   1030         ALOGE ("%s: fail notify", fn);
   1031     }
   1032 
   1033     ALOGD ("%s: exit", fn);
   1034 }
   1035 
   1036 /*******************************************************************************
   1037 **
   1038 ** Function:        notifyRfFieldEvent
   1039 **
   1040 ** Description:     Notify the NFC service about RF field events from the stack.
   1041 **                  isActive: Whether any secure element is activated.
   1042 **
   1043 ** Returns:         None
   1044 **
   1045 *******************************************************************************/
   1046 void SecureElement::notifyRfFieldEvent (bool isActive)
   1047 {
   1048     static const char fn [] = "SecureElement::notifyRfFieldEvent";
   1049     ALOGD ("%s: enter; is active=%u", fn, isActive);
   1050 
   1051     JNIEnv* e = NULL;
   1052     ScopedAttach attach(mNativeData->vm, &e);
   1053     if (e == NULL)
   1054     {
   1055         ALOGE ("%s: jni env is null", fn);
   1056         return;
   1057     }
   1058 
   1059     mMutex.lock();
   1060     int ret = clock_gettime (CLOCK_MONOTONIC, &mLastRfFieldToggle);
   1061     if (ret == -1) {
   1062         ALOGE("%s: clock_gettime failed", fn);
   1063         // There is no good choice here...
   1064     }
   1065     if (isActive) {
   1066         mRfFieldIsOn = true;
   1067         e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeFieldActivated);
   1068     }
   1069     else {
   1070         mRfFieldIsOn = false;
   1071         e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeFieldDeactivated);
   1072     }
   1073     mMutex.unlock();
   1074 
   1075     if (e->ExceptionCheck())
   1076     {
   1077         e->ExceptionClear();
   1078         ALOGE ("%s: fail notify", fn);
   1079     }
   1080     ALOGD ("%s: exit", fn);
   1081 }
   1082 
   1083 /*******************************************************************************
   1084 **
   1085 ** Function:        resetRfFieldStatus
   1086 **
   1087 ** Description:     Resets the field status.
   1088 **                  isActive: Whether any secure element is activated.
   1089 **
   1090 ** Returns:         None
   1091 **
   1092 *******************************************************************************/
   1093 void SecureElement::resetRfFieldStatus ()
   1094 {
   1095     static const char fn [] = "SecureElement::resetRfFieldStatus`";
   1096     ALOGD ("%s: enter;");
   1097 
   1098     mMutex.lock();
   1099     mRfFieldIsOn = false;
   1100     int ret = clock_gettime (CLOCK_MONOTONIC, &mLastRfFieldToggle);
   1101     if (ret == -1) {
   1102         ALOGE("%s: clock_gettime failed", fn);
   1103         // There is no good choice here...
   1104     }
   1105     mMutex.unlock();
   1106 
   1107     ALOGD ("%s: exit", fn);
   1108 }
   1109 
   1110 
   1111 /*******************************************************************************
   1112 **
   1113 ** Function:        storeUiccInfo
   1114 **
   1115 ** Description:     Store a copy of the execution environment information from the stack.
   1116 **                  info: execution environment information.
   1117 **
   1118 ** Returns:         None
   1119 **
   1120 *******************************************************************************/
   1121 void SecureElement::storeUiccInfo (tNFA_EE_DISCOVER_REQ& info)
   1122 {
   1123     static const char fn [] = "SecureElement::storeUiccInfo";
   1124     ALOGD ("%s:  Status: %u   Num EE: %u", fn, info.status, info.num_ee);
   1125 
   1126     SyncEventGuard guard (mUiccInfoEvent);
   1127     memcpy (&mUiccInfo, &info, sizeof(mUiccInfo));
   1128     for (UINT8 xx = 0; xx < info.num_ee; xx++)
   1129     {
   1130         //for each technology (A, B, F, B'), print the bit field that shows
   1131         //what protocol(s) is support by that technology
   1132         ALOGD ("%s   EE[%u] Handle: 0x%04x  techA: 0x%02x  techB: 0x%02x  techF: 0x%02x  techBprime: 0x%02x",
   1133                 fn, xx, info.ee_disc_info[xx].ee_handle,
   1134                 info.ee_disc_info[xx].la_protocol,
   1135                 info.ee_disc_info[xx].lb_protocol,
   1136                 info.ee_disc_info[xx].lf_protocol,
   1137                 info.ee_disc_info[xx].lbp_protocol);
   1138     }
   1139     mUiccInfoEvent.notifyOne ();
   1140 }
   1141 
   1142 
   1143 /*******************************************************************************
   1144 **
   1145 ** Function:        getUiccId
   1146 **
   1147 ** Description:     Get the ID of the secure element.
   1148 **                  eeHandle: Handle to the secure element.
   1149 **                  uid: Array to receive the ID.
   1150 **
   1151 ** Returns:         True if ok.
   1152 **
   1153 *******************************************************************************/
   1154 bool SecureElement::getUiccId (tNFA_HANDLE eeHandle, jbyteArray& uid)
   1155 {
   1156     static const char fn [] = "SecureElement::getUiccId";
   1157     ALOGD ("%s: ee h=0x%X", fn, eeHandle);
   1158     bool retval = false;
   1159 
   1160     JNIEnv* e = NULL;
   1161     ScopedAttach attach(mNativeData->vm, &e);
   1162     if (e == NULL)
   1163     {
   1164         ALOGE ("%s: jni env is null", fn);
   1165         return false;
   1166     }
   1167 
   1168     findUiccByHandle (eeHandle);
   1169     //cannot get UID from the stack; nothing to do
   1170 
   1171     // TODO: uid is unused --- bug?
   1172 
   1173     // TODO: retval is always false --- bug?
   1174     ALOGD ("%s: exit; ret=%u", fn, retval);
   1175     return retval;
   1176 }
   1177 
   1178 
   1179 /*******************************************************************************
   1180 **
   1181 ** Function:        getTechnologyList
   1182 **
   1183 ** Description:     Get all the technologies supported by a secure element.
   1184 **                  eeHandle: Handle of secure element.
   1185 **                  techList: List to receive the technologies.
   1186 **
   1187 ** Returns:         True if ok.
   1188 **
   1189 *******************************************************************************/
   1190 bool SecureElement::getTechnologyList (tNFA_HANDLE eeHandle, jintArray& techList)
   1191 {
   1192     static const char fn [] = "SecureElement::getTechnologyList";
   1193     ALOGD ("%s: ee h=0x%X", fn, eeHandle);
   1194     bool retval = false;
   1195 
   1196     JNIEnv* e = NULL;
   1197     ScopedAttach attach(mNativeData->vm, &e);
   1198     if (e == NULL)
   1199     {
   1200         ALOGE ("%s: jni env is null", fn);
   1201         return false;
   1202     }
   1203 
   1204     tNFA_EE_DISCOVER_INFO *pUICC = findUiccByHandle (eeHandle);
   1205 
   1206     // TODO: theList is written but not set --- bug?
   1207     jint theList = 0;
   1208     if (pUICC->la_protocol != 0)
   1209         theList = TARGET_TYPE_ISO14443_3A;
   1210     else if (pUICC->lb_protocol != 0)
   1211         theList = TARGET_TYPE_ISO14443_3B;
   1212     else if (pUICC->lf_protocol != 0)
   1213         theList = TARGET_TYPE_FELICA;
   1214     else if (pUICC->lbp_protocol != 0)
   1215         theList = TARGET_TYPE_ISO14443_3B;
   1216     else
   1217         theList = TARGET_TYPE_UNKNOWN;
   1218 
   1219     // TODO: techList is neither read nor written --- bug?
   1220 
   1221     // TODO: retval is always false --- bug?
   1222     ALOGD ("%s: exit; ret=%u", fn, retval);
   1223     return retval;
   1224 }
   1225 
   1226 
   1227 /*******************************************************************************
   1228 **
   1229 ** Function:        adjustRoutes
   1230 **
   1231 ** Description:     Adjust routes in the controller's listen-mode routing table.
   1232 **                  selection: which set of routes to configure the controller.
   1233 **
   1234 ** Returns:         None
   1235 **
   1236 *******************************************************************************/
   1237 void SecureElement::adjustRoutes (RouteSelection selection)
   1238 {
   1239     static const char fn [] = "SecureElement::adjustRoutes";
   1240     ALOGD ("%s: enter; selection=%u", fn, selection);
   1241     RouteDataSet::Database* db = mRouteDataSet.getDatabase (RouteDataSet::DefaultRouteDatabase);
   1242 
   1243     if (selection == SecElemRoute)
   1244         db = mRouteDataSet.getDatabase (RouteDataSet::SecElemRouteDatabase);
   1245 
   1246     mCurrentRouteSelection = selection;
   1247     adjustProtocolRoutes (db, selection);
   1248     adjustTechnologyRoutes (db, selection);
   1249     HostAidRouter::getInstance ().deleteAllRoutes (); //stop all AID routes to host
   1250 
   1251     if (db->empty())
   1252     {
   1253         ALOGD ("%s: no route configuration", fn);
   1254         goto TheEnd;
   1255     }
   1256 
   1257 
   1258 TheEnd:
   1259     NFA_EeUpdateNow (); //apply new routes now
   1260     ALOGD ("%s: exit", fn);
   1261 }
   1262 
   1263 
   1264 /*******************************************************************************
   1265 **
   1266 ** Function:        applyRoutes
   1267 **
   1268 ** Description:     Read route data from file and apply them again.
   1269 **
   1270 ** Returns:         None
   1271 **
   1272 *******************************************************************************/
   1273 void SecureElement::applyRoutes ()
   1274 {
   1275     static const char fn [] = "SecureElement::applyRoutes";
   1276     ALOGD ("%s: enter", fn);
   1277     if (mCurrentRouteSelection != NoRoute)
   1278     {
   1279         mRouteDataSet.import (); //read XML file
   1280         adjustRoutes (mCurrentRouteSelection);
   1281     }
   1282     ALOGD ("%s: exit", fn);
   1283 }
   1284 
   1285 
   1286 /*******************************************************************************
   1287 **
   1288 ** Function:        adjustProtocolRoutes
   1289 **
   1290 ** Description:     Adjust default routing based on protocol in NFC listen mode.
   1291 **                  isRouteToEe: Whether routing to EE (true) or host (false).
   1292 **
   1293 ** Returns:         None
   1294 **
   1295 *******************************************************************************/
   1296 void SecureElement::adjustProtocolRoutes (RouteDataSet::Database* db, RouteSelection routeSelection)
   1297 {
   1298     static const char fn [] = "SecureElement::adjustProtocolRoutes";
   1299     ALOGD ("%s: enter", fn);
   1300     tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
   1301     const tNFA_PROTOCOL_MASK protoMask = NFA_PROTOCOL_MASK_ISO_DEP;
   1302 
   1303     ///////////////////////
   1304     // delete route to host
   1305     ///////////////////////
   1306     {
   1307         ALOGD ("%s: delete route to host", fn);
   1308         SyncEventGuard guard (mRoutingEvent);
   1309         if ((nfaStat = NFA_EeSetDefaultProtoRouting (NFA_EE_HANDLE_DH, 0, 0, 0)) == NFA_STATUS_OK)
   1310             mRoutingEvent.wait ();
   1311         else
   1312             ALOGE ("%s: fail delete route to host; error=0x%X", fn, nfaStat);
   1313     }
   1314 
   1315     ///////////////////////
   1316     // delete route to every sec elem
   1317     ///////////////////////
   1318     for (int i=0; i < mActualNumEe; i++)
   1319     {
   1320         if ((mEeInfo[i].num_interface != 0) &&
   1321                 (mEeInfo[i].ee_interface[0] != NFC_NFCEE_INTERFACE_HCI_ACCESS) &&
   1322                 (mEeInfo[i].ee_status == NFA_EE_STATUS_ACTIVE))
   1323         {
   1324             ALOGD ("%s: delete route to EE h=0x%X", fn, mEeInfo[i].ee_handle);
   1325             SyncEventGuard guard (mRoutingEvent);
   1326             if ((nfaStat = NFA_EeSetDefaultProtoRouting (mEeInfo[i].ee_handle, 0, 0, 0)) == NFA_STATUS_OK)
   1327                 mRoutingEvent.wait ();
   1328             else
   1329                 ALOGE ("%s: fail delete route to EE; error=0x%X", fn, nfaStat);
   1330         }
   1331     }
   1332 
   1333     //////////////////////
   1334     // configure route for every discovered sec elem
   1335     //////////////////////
   1336     for (int i=0; i < mActualNumEe; i++)
   1337     {
   1338         //if sec elem is active
   1339         if ((mEeInfo[i].num_interface != 0) &&
   1340                 (mEeInfo[i].ee_interface[0] != NFC_NFCEE_INTERFACE_HCI_ACCESS) &&
   1341                 (mEeInfo[i].ee_status == NFA_EE_STATUS_ACTIVE))
   1342         {
   1343             tNFA_PROTOCOL_MASK protocolsSwitchOn = 0; //all protocols that are active at full power
   1344             tNFA_PROTOCOL_MASK protocolsSwitchOff = 0; //all protocols that are active when phone is turned off
   1345             tNFA_PROTOCOL_MASK protocolsBatteryOff = 0; //all protocols that are active when there is no power
   1346 
   1347             //for every route in XML, look for protocol route;
   1348             //collect every protocol according to it's desired power mode
   1349             for (RouteDataSet::Database::iterator iter = db->begin(); iter != db->end(); iter++)
   1350             {
   1351                 RouteData* routeData = *iter;
   1352                 RouteDataForProtocol* route = NULL;
   1353                 if (routeData->mRouteType != RouteData::ProtocolRoute)
   1354                     continue; //skip other kinds of routing data
   1355                 route = (RouteDataForProtocol*) (*iter);
   1356                 if (route->mNfaEeHandle == mEeInfo[i].ee_handle)
   1357                 {
   1358                     if (route->mSwitchOn)
   1359                         protocolsSwitchOn |= route->mProtocol;
   1360                     if (route->mSwitchOff)
   1361                         protocolsSwitchOff |= route->mProtocol;
   1362                     if (route->mBatteryOff)
   1363                         protocolsBatteryOff |= route->mProtocol;
   1364                 }
   1365             }
   1366 
   1367             if (protocolsSwitchOn | protocolsSwitchOff | protocolsBatteryOff)
   1368             {
   1369                 ALOGD ("%s: route to EE h=0x%X", fn, mEeInfo[i].ee_handle);
   1370                 SyncEventGuard guard (mRoutingEvent);
   1371                 nfaStat = NFA_EeSetDefaultProtoRouting (mEeInfo[i].ee_handle,
   1372                         protocolsSwitchOn, protocolsSwitchOff, protocolsBatteryOff);
   1373                 if (nfaStat == NFA_STATUS_OK)
   1374                     mRoutingEvent.wait ();
   1375                 else
   1376                     ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat);
   1377             }
   1378         } //if sec elem is active
   1379     } //for every discovered sec elem
   1380 
   1381     //////////////////////
   1382     // configure route to host
   1383     //////////////////////
   1384     {
   1385         tNFA_PROTOCOL_MASK protocolsSwitchOn = 0; //all protocols that are active at full power
   1386         tNFA_PROTOCOL_MASK protocolsSwitchOff = 0; //all protocols that are active when phone is turned off
   1387         tNFA_PROTOCOL_MASK protocolsBatteryOff = 0; //all protocols that are active when there is no power
   1388 
   1389         //for every route in XML, look for protocol route;
   1390         //collect every protocol according to it's desired power mode
   1391         for (RouteDataSet::Database::iterator iter = db->begin(); iter != db->end(); iter++)
   1392         {
   1393             RouteData* routeData = *iter;
   1394             RouteDataForProtocol* route = NULL;
   1395             if (routeData->mRouteType != RouteData::ProtocolRoute)
   1396                 continue; //skip other kinds of routing data
   1397             route = (RouteDataForProtocol*) (*iter);
   1398             if (route->mNfaEeHandle == NFA_EE_HANDLE_DH)
   1399             {
   1400                 if (route->mSwitchOn)
   1401                     protocolsSwitchOn |= route->mProtocol;
   1402                 if (route->mSwitchOff)
   1403                     protocolsSwitchOff |= route->mProtocol;
   1404                 if (route->mBatteryOff)
   1405                     protocolsBatteryOff |= route->mProtocol;
   1406             }
   1407         }
   1408 
   1409         if (protocolsSwitchOn | protocolsSwitchOff | protocolsBatteryOff)
   1410         {
   1411             ALOGD ("%s: route to EE h=0x%X", fn, NFA_EE_HANDLE_DH);
   1412             SyncEventGuard guard (mRoutingEvent);
   1413             nfaStat = NFA_EeSetDefaultProtoRouting (NFA_EE_HANDLE_DH,
   1414                     protocolsSwitchOn, protocolsSwitchOff, protocolsBatteryOff);
   1415             if (nfaStat == NFA_STATUS_OK)
   1416                 mRoutingEvent.wait ();
   1417             else
   1418                 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat);
   1419         }
   1420     }
   1421 
   1422     //////////////////////
   1423     // if route database is empty, setup a default route
   1424     //////////////////////
   1425     if (db->empty())
   1426     {
   1427         tNFA_HANDLE eeHandle = NFA_EE_HANDLE_DH;
   1428         if (routeSelection == SecElemRoute)
   1429             eeHandle = mActiveEeHandle;
   1430         ALOGD ("%s: route to default EE h=0x%X", fn, eeHandle);
   1431         SyncEventGuard guard (mRoutingEvent);
   1432         nfaStat = NFA_EeSetDefaultProtoRouting (eeHandle, protoMask, 0, 0);
   1433         if (nfaStat == NFA_STATUS_OK)
   1434             mRoutingEvent.wait ();
   1435         else
   1436             ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat);
   1437     }
   1438     ALOGD ("%s: exit", fn);
   1439 }
   1440 
   1441 
   1442 /*******************************************************************************
   1443 **
   1444 ** Function:        adjustTechnologyRoutes
   1445 **
   1446 ** Description:     Adjust default routing based on technology in NFC listen mode.
   1447 **                  isRouteToEe: Whether routing to EE (true) or host (false).
   1448 **
   1449 ** Returns:         None
   1450 **
   1451 *******************************************************************************/
   1452 void SecureElement::adjustTechnologyRoutes (RouteDataSet::Database* db, RouteSelection routeSelection)
   1453 {
   1454     static const char fn [] = "SecureElement::adjustTechnologyRoutes";
   1455     ALOGD ("%s: enter", fn);
   1456     tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
   1457     const tNFA_TECHNOLOGY_MASK techMask = NFA_TECHNOLOGY_MASK_A | NFA_TECHNOLOGY_MASK_B;
   1458 
   1459     ///////////////////////
   1460     // delete route to host
   1461     ///////////////////////
   1462     {
   1463         ALOGD ("%s: delete route to host", fn);
   1464         SyncEventGuard guard (mRoutingEvent);
   1465         if ((nfaStat = NFA_EeSetDefaultTechRouting (NFA_EE_HANDLE_DH, 0, 0, 0)) == NFA_STATUS_OK)
   1466             mRoutingEvent.wait ();
   1467         else
   1468             ALOGE ("%s: fail delete route to host; error=0x%X", fn, nfaStat);
   1469     }
   1470 
   1471     ///////////////////////
   1472     // delete route to every sec elem
   1473     ///////////////////////
   1474     for (int i=0; i < mActualNumEe; i++)
   1475     {
   1476         if ((mEeInfo[i].num_interface != 0) &&
   1477                 (mEeInfo[i].ee_interface[0] != NFC_NFCEE_INTERFACE_HCI_ACCESS) &&
   1478                 (mEeInfo[i].ee_status == NFA_EE_STATUS_ACTIVE))
   1479         {
   1480             ALOGD ("%s: delete route to EE h=0x%X", fn, mEeInfo[i].ee_handle);
   1481             SyncEventGuard guard (mRoutingEvent);
   1482             if ((nfaStat = NFA_EeSetDefaultTechRouting (mEeInfo[i].ee_handle, 0, 0, 0)) == NFA_STATUS_OK)
   1483                 mRoutingEvent.wait ();
   1484             else
   1485                 ALOGE ("%s: fail delete route to EE; error=0x%X", fn, nfaStat);
   1486         }
   1487     }
   1488 
   1489     //////////////////////
   1490     // configure route for every discovered sec elem
   1491     //////////////////////
   1492     for (int i=0; i < mActualNumEe; i++)
   1493     {
   1494         //if sec elem is active
   1495         if ((mEeInfo[i].num_interface != 0) &&
   1496                 (mEeInfo[i].ee_interface[0] != NFC_NFCEE_INTERFACE_HCI_ACCESS) &&
   1497                 (mEeInfo[i].ee_status == NFA_EE_STATUS_ACTIVE))
   1498         {
   1499             tNFA_TECHNOLOGY_MASK techsSwitchOn = 0; //all techs that are active at full power
   1500             tNFA_TECHNOLOGY_MASK techsSwitchOff = 0; //all techs that are active when phone is turned off
   1501             tNFA_TECHNOLOGY_MASK techsBatteryOff = 0; //all techs that are active when there is no power
   1502 
   1503             //for every route in XML, look for tech route;
   1504             //collect every tech according to it's desired power mode
   1505             for (RouteDataSet::Database::iterator iter = db->begin(); iter != db->end(); iter++)
   1506             {
   1507                 RouteData* routeData = *iter;
   1508                 RouteDataForTechnology* route = NULL;
   1509                 if (routeData->mRouteType != RouteData::TechnologyRoute)
   1510                     continue; //skip other kinds of routing data
   1511                 route = (RouteDataForTechnology*) (*iter);
   1512                 if (route->mNfaEeHandle == mEeInfo[i].ee_handle)
   1513                 {
   1514                     if (route->mSwitchOn)
   1515                         techsSwitchOn |= route->mTechnology;
   1516                     if (route->mSwitchOff)
   1517                         techsSwitchOff |= route->mTechnology;
   1518                     if (route->mBatteryOff)
   1519                         techsBatteryOff |= route->mTechnology;
   1520                 }
   1521             }
   1522 
   1523             if (techsSwitchOn | techsSwitchOff | techsBatteryOff)
   1524             {
   1525                 ALOGD ("%s: route to EE h=0x%X", fn, mEeInfo[i].ee_handle);
   1526                 SyncEventGuard guard (mRoutingEvent);
   1527                 nfaStat = NFA_EeSetDefaultTechRouting (mEeInfo[i].ee_handle,
   1528                         techsSwitchOn, techsSwitchOff, techsBatteryOff);
   1529                 if (nfaStat == NFA_STATUS_OK)
   1530                     mRoutingEvent.wait ();
   1531                 else
   1532                     ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat);
   1533             }
   1534         } //if sec elem is active
   1535     } //for every discovered sec elem
   1536 
   1537     //////////////////////
   1538     // configure route to host
   1539     //////////////////////
   1540     {
   1541         tNFA_TECHNOLOGY_MASK techsSwitchOn = 0; //all techs that are active at full power
   1542         tNFA_TECHNOLOGY_MASK techsSwitchOff = 0; //all techs that are active when phone is turned off
   1543         tNFA_TECHNOLOGY_MASK techsBatteryOff = 0; //all techs that are active when there is no power
   1544 
   1545         //for every route in XML, look for protocol route;
   1546         //collect every protocol according to it's desired power mode
   1547         for (RouteDataSet::Database::iterator iter = db->begin(); iter != db->end(); iter++)
   1548         {
   1549             RouteData* routeData = *iter;
   1550             RouteDataForTechnology * route = NULL;
   1551             if (routeData->mRouteType != RouteData::TechnologyRoute)
   1552                 continue; //skip other kinds of routing data
   1553             route = (RouteDataForTechnology*) (*iter);
   1554             if (route->mNfaEeHandle == NFA_EE_HANDLE_DH)
   1555             {
   1556                 if (route->mSwitchOn)
   1557                     techsSwitchOn |= route->mTechnology;
   1558                 if (route->mSwitchOff)
   1559                     techsSwitchOff |= route->mTechnology;
   1560                 if (route->mBatteryOff)
   1561                     techsBatteryOff |= route->mTechnology;
   1562             }
   1563         }
   1564 
   1565         if (techsSwitchOn | techsSwitchOff | techsBatteryOff)
   1566         {
   1567             ALOGD ("%s: route to EE h=0x%X", fn, NFA_EE_HANDLE_DH);
   1568             SyncEventGuard guard (mRoutingEvent);
   1569             nfaStat = NFA_EeSetDefaultTechRouting (NFA_EE_HANDLE_DH,
   1570                     techsSwitchOn, techsSwitchOff, techsBatteryOff);
   1571             if (nfaStat == NFA_STATUS_OK)
   1572                 mRoutingEvent.wait ();
   1573             else
   1574                 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat);
   1575         }
   1576     }
   1577 
   1578     //////////////////////
   1579     // if route database is empty, setup a default route
   1580     //////////////////////
   1581     if (db->empty())
   1582     {
   1583         tNFA_HANDLE eeHandle = NFA_EE_HANDLE_DH;
   1584         if (routeSelection == SecElemRoute)
   1585             eeHandle = mActiveEeHandle;
   1586         ALOGD ("%s: route to default EE h=0x%X", fn, eeHandle);
   1587         SyncEventGuard guard (mRoutingEvent);
   1588         nfaStat = NFA_EeSetDefaultTechRouting (eeHandle, techMask, 0, 0);
   1589         if (nfaStat == NFA_STATUS_OK)
   1590             mRoutingEvent.wait ();
   1591         else
   1592             ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat);
   1593     }
   1594     ALOGD ("%s: exit", fn);
   1595 }
   1596 
   1597 
   1598 /*******************************************************************************
   1599 **
   1600 ** Function:        nfaEeCallback
   1601 **
   1602 ** Description:     Receive execution environment-related events from stack.
   1603 **                  event: Event code.
   1604 **                  eventData: Event data.
   1605 **
   1606 ** Returns:         None
   1607 **
   1608 *******************************************************************************/
   1609 void SecureElement::nfaEeCallback (tNFA_EE_EVT event, tNFA_EE_CBACK_DATA* eventData)
   1610 {
   1611     static const char fn [] = "SecureElement::nfaEeCallback";
   1612 
   1613     switch (event)
   1614     {
   1615     case NFA_EE_REGISTER_EVT:
   1616         {
   1617             SyncEventGuard guard (sSecElem.mEeRegisterEvent);
   1618             ALOGD ("%s: NFA_EE_REGISTER_EVT; status=%u", fn, eventData->ee_register);
   1619             sSecElem.mEeRegisterEvent.notifyOne();
   1620         }
   1621         break;
   1622 
   1623     case NFA_EE_MODE_SET_EVT:
   1624         {
   1625             ALOGD ("%s: NFA_EE_MODE_SET_EVT; status: 0x%04X  handle: 0x%04X  mActiveEeHandle: 0x%04X", fn,
   1626                     eventData->mode_set.status, eventData->mode_set.ee_handle, sSecElem.mActiveEeHandle);
   1627 
   1628             if (eventData->mode_set.status == NFA_STATUS_OK)
   1629             {
   1630                 tNFA_EE_INFO *pEE = sSecElem.findEeByHandle (eventData->mode_set.ee_handle);
   1631                 if (pEE)
   1632                 {
   1633                     pEE->ee_status ^= 1;
   1634                     ALOGD ("%s: NFA_EE_MODE_SET_EVT; pEE->ee_status: %s (0x%04x)", fn, SecureElement::eeStatusToString(pEE->ee_status), pEE->ee_status);
   1635                 }
   1636                 else
   1637                     ALOGE ("%s: NFA_EE_MODE_SET_EVT; EE: 0x%04x not found.  mActiveEeHandle: 0x%04x", fn, eventData->mode_set.ee_handle, sSecElem.mActiveEeHandle);
   1638             }
   1639             SyncEventGuard guard (sSecElem.mEeSetModeEvent);
   1640             sSecElem.mEeSetModeEvent.notifyOne();
   1641         }
   1642         break;
   1643 
   1644     case NFA_EE_SET_TECH_CFG_EVT:
   1645         {
   1646             ALOGD ("%s: NFA_EE_SET_TECH_CFG_EVT; status=0x%X", fn, eventData->status);
   1647             SyncEventGuard guard (sSecElem.mRoutingEvent);
   1648             sSecElem.mRoutingEvent.notifyOne ();
   1649         }
   1650         break;
   1651 
   1652     case NFA_EE_SET_PROTO_CFG_EVT:
   1653         {
   1654             ALOGD ("%s: NFA_EE_SET_PROTO_CFG_EVT; status=0x%X", fn, eventData->status);
   1655             SyncEventGuard guard (sSecElem.mRoutingEvent);
   1656             sSecElem.mRoutingEvent.notifyOne ();
   1657         }
   1658         break;
   1659 
   1660     case NFA_EE_ACTION_EVT:
   1661         {
   1662             tNFA_EE_ACTION& action = eventData->action;
   1663             if (action.trigger == NFC_EE_TRIG_SELECT)
   1664                 ALOGD ("%s: NFA_EE_ACTION_EVT; h=0x%X; trigger=select (0x%X)", fn, action.ee_handle, action.trigger);
   1665             else if (action.trigger == NFC_EE_TRIG_APP_INIT)
   1666             {
   1667                 tNFC_APP_INIT& app_init = action.param.app_init;
   1668                 ALOGD ("%s: NFA_EE_ACTION_EVT; h=0x%X; trigger=app-init (0x%X); aid len=%u; data len=%u", fn,
   1669                         action.ee_handle, action.trigger, app_init.len_aid, app_init.len_data);
   1670                 //if app-init operation is successful;
   1671                 //app_init.data[] contains two bytes, which are the status codes of the event;
   1672                 //app_init.data[] does not contain an APDU response;
   1673                 //see EMV Contactless Specification for Payment Systems; Book B; Entry Point Specification;
   1674                 //version 2.1; March 2011; section 3.3.3.5;
   1675                 if ( (app_init.len_data > 1) &&
   1676                      (app_init.data[0] == 0x90) &&
   1677                      (app_init.data[1] == 0x00) )
   1678                 {
   1679                     sSecElem.notifyTransactionListenersOfAid (app_init.aid, app_init.len_aid);
   1680                 }
   1681             }
   1682             else if (action.trigger == NFC_EE_TRIG_RF_PROTOCOL)
   1683                 ALOGD ("%s: NFA_EE_ACTION_EVT; h=0x%X; trigger=rf protocol (0x%X)", fn, action.ee_handle, action.trigger);
   1684             else if (action.trigger == NFC_EE_TRIG_RF_TECHNOLOGY)
   1685                 ALOGD ("%s: NFA_EE_ACTION_EVT; h=0x%X; trigger=rf tech (0x%X)", fn, action.ee_handle, action.trigger);
   1686             else
   1687                 ALOGE ("%s: NFA_EE_ACTION_EVT; h=0x%X; unknown trigger (0x%X)", fn, action.ee_handle, action.trigger);
   1688         }
   1689         break;
   1690 
   1691     case NFA_EE_DISCOVER_REQ_EVT:
   1692         ALOGD ("%s: NFA_EE_DISCOVER_REQ_EVT; status=0x%X; num ee=%u", __FUNCTION__,
   1693                 eventData->discover_req.status, eventData->discover_req.num_ee);
   1694         sSecElem.storeUiccInfo (eventData->discover_req);
   1695         break;
   1696 
   1697     case NFA_EE_NO_CB_ERR_EVT:
   1698         ALOGD ("%s: NFA_EE_NO_CB_ERR_EVT  status=%u", fn, eventData->status);
   1699         break;
   1700 
   1701     case NFA_EE_ADD_AID_EVT:
   1702         {
   1703             ALOGD ("%s: NFA_EE_ADD_AID_EVT  status=%u", fn, eventData->status);
   1704             SyncEventGuard guard (sSecElem.mAidAddRemoveEvent);
   1705             sSecElem.mAidAddRemoveEvent.notifyOne ();
   1706         }
   1707         break;
   1708 
   1709     case NFA_EE_REMOVE_AID_EVT:
   1710         {
   1711             ALOGD ("%s: NFA_EE_REMOVE_AID_EVT  status=%u", fn, eventData->status);
   1712             SyncEventGuard guard (sSecElem.mAidAddRemoveEvent);
   1713             sSecElem.mAidAddRemoveEvent.notifyOne ();
   1714         }
   1715         break;
   1716 
   1717     case NFA_EE_NEW_EE_EVT:
   1718         {
   1719             ALOGD ("%s: NFA_EE_NEW_EE_EVT  h=0x%X; status=%u", fn,
   1720                 eventData->new_ee.ee_handle, eventData->new_ee.ee_status);
   1721             // Indicate there are new EE
   1722             sSecElem.mbNewEE = true;
   1723         }
   1724         break;
   1725 
   1726     default:
   1727         ALOGE ("%s: unknown event=%u ????", fn, event);
   1728         break;
   1729     }
   1730 }
   1731 
   1732 /*******************************************************************************
   1733 **
   1734 ** Function         getSeVerInfo
   1735 **
   1736 ** Description      Gets version information and id for a secure element.  The
   1737 **                  seIndex parmeter is the zero based index of the secure
   1738 **                  element to get verion info for.  The version infommation
   1739 **                  is returned as a string int the verInfo parameter.
   1740 **
   1741 ** Returns          ture on success, false on failure
   1742 **
   1743 *******************************************************************************/
   1744 bool SecureElement::getSeVerInfo(int seIndex, char * verInfo, int verInfoSz, UINT8 * seid)
   1745 {
   1746     ALOGD("%s: enter, seIndex=%d", __FUNCTION__, seIndex);
   1747 
   1748     if (seIndex > (mActualNumEe-1))
   1749     {
   1750         ALOGE("%s: invalid se index: %d, only %d SEs in system", __FUNCTION__, seIndex, mActualNumEe);
   1751         return false;
   1752     }
   1753 
   1754     *seid = mEeInfo[seIndex].ee_handle;
   1755 
   1756     if ((mEeInfo[seIndex].num_interface == 0) || (mEeInfo[seIndex].ee_interface[0] == NCI_NFCEE_INTERFACE_HCI_ACCESS) )
   1757     {
   1758         return false;
   1759     }
   1760 
   1761     strncpy(verInfo, "Version info not available", verInfoSz-1);
   1762     verInfo[verInfoSz-1] = '\0';
   1763 
   1764     UINT8 pipe = (mEeInfo[seIndex].ee_handle == EE_HANDLE_0xF3) ? 0x70 : 0x71;
   1765     UINT8 host = (pipe == STATIC_PIPE_0x70) ? 0x02 : 0x03;
   1766     UINT8 gate = (pipe == STATIC_PIPE_0x70) ? 0xF0 : 0xF1;
   1767 
   1768     tNFA_STATUS nfaStat = NFA_HciAddStaticPipe(mNfaHciHandle, host, gate, pipe);
   1769     if (nfaStat != NFA_STATUS_OK)
   1770     {
   1771         ALOGE ("%s: NFA_HciAddStaticPipe() failed, pipe = 0x%x, error=0x%X", __FUNCTION__, pipe, nfaStat);
   1772         return true;
   1773     }
   1774 
   1775     SyncEventGuard guard (mVerInfoEvent);
   1776     if (NFA_STATUS_OK == (nfaStat = NFA_HciGetRegistry (mNfaHciHandle, pipe, 0x02)))
   1777     {
   1778         if (false == mVerInfoEvent.wait(200))
   1779         {
   1780             ALOGE ("%s: wait response timeout", __FUNCTION__);
   1781         }
   1782         else
   1783         {
   1784             snprintf(verInfo, verInfoSz-1, "Oberthur OS S/N: 0x%02x%02x%02x", mVerInfo[0], mVerInfo[1], mVerInfo[2]);
   1785             verInfo[verInfoSz-1] = '\0';
   1786         }
   1787     }
   1788     else
   1789     {
   1790         ALOGE ("%s: NFA_HciGetRegistry () failed: 0x%X", __FUNCTION__, nfaStat);
   1791     }
   1792     return true;
   1793 }
   1794 
   1795 /*******************************************************************************
   1796 **
   1797 ** Function         getActualNumEe
   1798 **
   1799 ** Description      Returns number of secure elements we know about.
   1800 **
   1801 ** Returns          Number of secure elements we know about.
   1802 **
   1803 *******************************************************************************/
   1804 UINT8 SecureElement::getActualNumEe()
   1805 {
   1806     return mActualNumEe;
   1807 }
   1808 
   1809 /*******************************************************************************
   1810 **
   1811 ** Function:        nfaHciCallback
   1812 **
   1813 ** Description:     Receive Host Controller Interface-related events from stack.
   1814 **                  event: Event code.
   1815 **                  eventData: Event data.
   1816 **
   1817 ** Returns:         None
   1818 **
   1819 *******************************************************************************/
   1820 void SecureElement::nfaHciCallback (tNFA_HCI_EVT event, tNFA_HCI_EVT_DATA* eventData)
   1821 {
   1822     static const char fn [] = "SecureElement::nfaHciCallback";
   1823     ALOGD ("%s: event=0x%X", fn, event);
   1824 
   1825     switch (event)
   1826     {
   1827     case NFA_HCI_REGISTER_EVT:
   1828         {
   1829             ALOGD ("%s: NFA_HCI_REGISTER_EVT; status=0x%X; handle=0x%X", fn,
   1830                     eventData->hci_register.status, eventData->hci_register.hci_handle);
   1831             SyncEventGuard guard (sSecElem.mHciRegisterEvent);
   1832             sSecElem.mNfaHciHandle = eventData->hci_register.hci_handle;
   1833             sSecElem.mHciRegisterEvent.notifyOne();
   1834         }
   1835         break;
   1836 
   1837     case NFA_HCI_ALLOCATE_GATE_EVT:
   1838         {
   1839             ALOGD ("%s: NFA_HCI_ALLOCATE_GATE_EVT; status=0x%X; gate=0x%X", fn, eventData->status, eventData->allocated.gate);
   1840             SyncEventGuard guard (sSecElem.mAllocateGateEvent);
   1841             sSecElem.mCommandStatus = eventData->status;
   1842             sSecElem.mNewSourceGate = (eventData->allocated.status == NFA_STATUS_OK) ? eventData->allocated.gate : 0;
   1843             sSecElem.mAllocateGateEvent.notifyOne();
   1844         }
   1845         break;
   1846 
   1847     case NFA_HCI_DEALLOCATE_GATE_EVT:
   1848         {
   1849             tNFA_HCI_DEALLOCATE_GATE& deallocated = eventData->deallocated;
   1850             ALOGD ("%s: NFA_HCI_DEALLOCATE_GATE_EVT; status=0x%X; gate=0x%X", fn, deallocated.status, deallocated.gate);
   1851             SyncEventGuard guard (sSecElem.mDeallocateGateEvent);
   1852             sSecElem.mDeallocateGateEvent.notifyOne();
   1853         }
   1854         break;
   1855 
   1856     case NFA_HCI_GET_GATE_PIPE_LIST_EVT:
   1857         {
   1858             ALOGD ("%s: NFA_HCI_GET_GATE_PIPE_LIST_EVT; status=0x%X; num_pipes: %u  num_gates: %u", fn,
   1859                     eventData->gates_pipes.status, eventData->gates_pipes.num_pipes, eventData->gates_pipes.num_gates);
   1860             SyncEventGuard guard (sSecElem.mPipeListEvent);
   1861             sSecElem.mCommandStatus = eventData->gates_pipes.status;
   1862             sSecElem.mHciCfg = eventData->gates_pipes;
   1863             sSecElem.mPipeListEvent.notifyOne();
   1864         }
   1865         break;
   1866 
   1867     case NFA_HCI_CREATE_PIPE_EVT:
   1868         {
   1869             ALOGD ("%s: NFA_HCI_CREATE_PIPE_EVT; status=0x%X; pipe=0x%X; src gate=0x%X; dest host=0x%X; dest gate=0x%X", fn,
   1870                     eventData->created.status, eventData->created.pipe, eventData->created.source_gate, eventData->created.dest_host, eventData->created.dest_gate);
   1871             SyncEventGuard guard (sSecElem.mCreatePipeEvent);
   1872             sSecElem.mCommandStatus = eventData->created.status;
   1873             sSecElem.mNewPipeId = eventData->created.pipe;
   1874             sSecElem.mCreatePipeEvent.notifyOne();
   1875         }
   1876         break;
   1877 
   1878     case NFA_HCI_OPEN_PIPE_EVT:
   1879         {
   1880             ALOGD ("%s: NFA_HCI_OPEN_PIPE_EVT; status=0x%X; pipe=0x%X", fn, eventData->opened.status, eventData->opened.pipe);
   1881             SyncEventGuard guard (sSecElem.mPipeOpenedEvent);
   1882             sSecElem.mCommandStatus = eventData->opened.status;
   1883             sSecElem.mPipeOpenedEvent.notifyOne();
   1884         }
   1885         break;
   1886 
   1887     case NFA_HCI_EVENT_SENT_EVT:
   1888         ALOGD ("%s: NFA_HCI_EVENT_SENT_EVT; status=0x%X", fn, eventData->evt_sent.status);
   1889         break;
   1890 
   1891     case NFA_HCI_RSP_RCVD_EVT: //response received from secure element
   1892         {
   1893             tNFA_HCI_RSP_RCVD& rsp_rcvd = eventData->rsp_rcvd;
   1894             ALOGD ("%s: NFA_HCI_RSP_RCVD_EVT; status: 0x%X; code: 0x%X; pipe: 0x%X; len: %u", fn,
   1895                     rsp_rcvd.status, rsp_rcvd.rsp_code, rsp_rcvd.pipe, rsp_rcvd.rsp_len);
   1896         }
   1897         break;
   1898 
   1899     case NFA_HCI_GET_REG_RSP_EVT :
   1900         ALOGD ("%s: NFA_HCI_GET_REG_RSP_EVT; status: 0x%X; pipe: 0x%X, len: %d", fn,
   1901                 eventData->registry.status, eventData->registry.pipe, eventData->registry.data_len);
   1902         if (eventData->registry.data_len >= 19 && ((eventData->registry.pipe == STATIC_PIPE_0x70) || (eventData->registry.pipe == STATIC_PIPE_0x71)))
   1903         {
   1904             SyncEventGuard guard (sSecElem.mVerInfoEvent);
   1905             // Oberthur OS version is in bytes 16,17, and 18
   1906             sSecElem.mVerInfo[0] = eventData->registry.reg_data[16];
   1907             sSecElem.mVerInfo[1] = eventData->registry.reg_data[17];
   1908             sSecElem.mVerInfo[2] = eventData->registry.reg_data[18];
   1909             sSecElem.mVerInfoEvent.notifyOne ();
   1910         }
   1911         break;
   1912 
   1913     case NFA_HCI_EVENT_RCVD_EVT:
   1914         ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; code: 0x%X; pipe: 0x%X; data len: %u", fn,
   1915                 eventData->rcvd_evt.evt_code, eventData->rcvd_evt.pipe, eventData->rcvd_evt.evt_len);
   1916         if ((eventData->rcvd_evt.pipe == STATIC_PIPE_0x70) || (eventData->rcvd_evt.pipe == STATIC_PIPE_0x71))
   1917         {
   1918             ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; data from static pipe", fn);
   1919             SyncEventGuard guard (sSecElem.mTransceiveEvent);
   1920             sSecElem.mActualResponseSize = (eventData->rcvd_evt.evt_len > MAX_RESPONSE_SIZE) ? MAX_RESPONSE_SIZE : eventData->rcvd_evt.evt_len;
   1921             sSecElem.mTransceiveEvent.notifyOne ();
   1922         }
   1923         else if (eventData->rcvd_evt.evt_code == NFA_HCI_EVT_POST_DATA)
   1924         {
   1925             ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; NFA_HCI_EVT_POST_DATA", fn);
   1926             SyncEventGuard guard (sSecElem.mTransceiveEvent);
   1927             sSecElem.mActualResponseSize = (eventData->rcvd_evt.evt_len > MAX_RESPONSE_SIZE) ? MAX_RESPONSE_SIZE : eventData->rcvd_evt.evt_len;
   1928             sSecElem.mTransceiveEvent.notifyOne ();
   1929         }
   1930         else if (eventData->rcvd_evt.evt_code == NFA_HCI_EVT_TRANSACTION)
   1931         {
   1932             ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; NFA_HCI_EVT_TRANSACTION", fn);
   1933             // If we got an AID, notify any listeners
   1934             if ((eventData->rcvd_evt.evt_len > 3) && (eventData->rcvd_evt.p_evt_buf[0] == 0x81) )
   1935                 sSecElem.notifyTransactionListenersOfAid (&eventData->rcvd_evt.p_evt_buf[2], eventData->rcvd_evt.p_evt_buf[1]);
   1936         }
   1937         break;
   1938 
   1939     case NFA_HCI_SET_REG_RSP_EVT: //received response to write registry command
   1940         {
   1941             tNFA_HCI_REGISTRY& registry = eventData->registry;
   1942             ALOGD ("%s: NFA_HCI_SET_REG_RSP_EVT; status=0x%X; pipe=0x%X", fn, registry.status, registry.pipe);
   1943             SyncEventGuard guard (sSecElem.mRegistryEvent);
   1944             sSecElem.mRegistryEvent.notifyOne ();
   1945             break;
   1946         }
   1947 
   1948     default:
   1949         ALOGE ("%s: unknown event code=0x%X ????", fn, event);
   1950         break;
   1951     }
   1952 }
   1953 
   1954 
   1955 /*******************************************************************************
   1956 **
   1957 ** Function:        findEeByHandle
   1958 **
   1959 ** Description:     Find information about an execution environment.
   1960 **                  eeHandle: Handle to execution environment.
   1961 **
   1962 ** Returns:         Information about an execution environment.
   1963 **
   1964 *******************************************************************************/
   1965 tNFA_EE_INFO *SecureElement::findEeByHandle (tNFA_HANDLE eeHandle)
   1966 {
   1967     for (UINT8 xx = 0; xx < mActualNumEe; xx++)
   1968     {
   1969         if (mEeInfo[xx].ee_handle == eeHandle)
   1970             return (&mEeInfo[xx]);
   1971     }
   1972     return (NULL);
   1973 }
   1974 
   1975 
   1976 /*******************************************************************************
   1977 **
   1978 ** Function:        getDefaultEeHandle
   1979 **
   1980 ** Description:     Get the handle to the execution environment.
   1981 **
   1982 ** Returns:         Handle to the execution environment.
   1983 **
   1984 *******************************************************************************/
   1985 tNFA_HANDLE SecureElement::getDefaultEeHandle ()
   1986 {
   1987     UINT16 overrideEeHandle = NFA_HANDLE_GROUP_EE | mActiveSeOverride;
   1988     // Find the first EE that is not the HCI Access i/f.
   1989     for (UINT8 xx = 0; xx < mActualNumEe; xx++)
   1990     {
   1991         if (mActiveSeOverride && (overrideEeHandle != mEeInfo[xx].ee_handle))
   1992             continue; //skip all the EE's that are ignored
   1993         if ((mEeInfo[xx].num_interface != 0) &&
   1994             (mEeInfo[xx].ee_interface[0] != NCI_NFCEE_INTERFACE_HCI_ACCESS) &&
   1995             (mEeInfo[xx].ee_status != NFC_NFCEE_STATUS_INACTIVE))
   1996             return (mEeInfo[xx].ee_handle);
   1997     }
   1998     return NFA_HANDLE_INVALID;
   1999 }
   2000 
   2001 
   2002 /*******************************************************************************
   2003 **
   2004 ** Function:        findUiccByHandle
   2005 **
   2006 ** Description:     Find information about an execution environment.
   2007 **                  eeHandle: Handle of the execution environment.
   2008 **
   2009 ** Returns:         Information about the execution environment.
   2010 **
   2011 *******************************************************************************/
   2012 tNFA_EE_DISCOVER_INFO *SecureElement::findUiccByHandle (tNFA_HANDLE eeHandle)
   2013 {
   2014     for (UINT8 index = 0; index < mUiccInfo.num_ee; index++)
   2015     {
   2016         if (mUiccInfo.ee_disc_info[index].ee_handle == eeHandle)
   2017         {
   2018             return (&mUiccInfo.ee_disc_info[index]);
   2019         }
   2020     }
   2021     ALOGE ("SecureElement::findUiccByHandle:  ee h=0x%4x not found", eeHandle);
   2022     return NULL;
   2023 }
   2024 
   2025 
   2026 /*******************************************************************************
   2027 **
   2028 ** Function:        eeStatusToString
   2029 **
   2030 ** Description:     Convert status code to status text.
   2031 **                  status: Status code
   2032 **
   2033 ** Returns:         None
   2034 **
   2035 *******************************************************************************/
   2036 const char* SecureElement::eeStatusToString (UINT8 status)
   2037 {
   2038     switch (status)
   2039     {
   2040     case NFC_NFCEE_STATUS_ACTIVE:
   2041         return("Connected/Active");
   2042     case NFC_NFCEE_STATUS_INACTIVE:
   2043         return("Connected/Inactive");
   2044     case NFC_NFCEE_STATUS_REMOVED:
   2045         return("Removed");
   2046     }
   2047     return("?? Unknown ??");
   2048 }
   2049 
   2050 
   2051 /*******************************************************************************
   2052 **
   2053 ** Function:        connectionEventHandler
   2054 **
   2055 ** Description:     Receive card-emulation related events from stack.
   2056 **                  event: Event code.
   2057 **                  eventData: Event data.
   2058 **
   2059 ** Returns:         None
   2060 **
   2061 *******************************************************************************/
   2062 void SecureElement::connectionEventHandler (UINT8 event, tNFA_CONN_EVT_DATA* /*eventData*/)
   2063 {
   2064     switch (event)
   2065     {
   2066     case NFA_CE_UICC_LISTEN_CONFIGURED_EVT:
   2067         {
   2068             SyncEventGuard guard (mUiccListenEvent);
   2069             mUiccListenEvent.notifyOne ();
   2070         }
   2071         break;
   2072     }
   2073 }
   2074 
   2075 
   2076 /*******************************************************************************
   2077 **
   2078 ** Function:        routeToSecureElement
   2079 **
   2080 ** Description:     Adjust controller's listen-mode routing table so transactions
   2081 **                  are routed to the secure elements.
   2082 **
   2083 ** Returns:         True if ok.
   2084 **
   2085 *******************************************************************************/
   2086 bool SecureElement::routeToSecureElement ()
   2087 {
   2088     static const char fn [] = "SecureElement::routeToSecureElement";
   2089     ALOGD ("%s: enter", fn);
   2090     tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
   2091     tNFA_TECHNOLOGY_MASK tech_mask = NFA_TECHNOLOGY_MASK_A | NFA_TECHNOLOGY_MASK_B;
   2092     bool retval = false;
   2093 
   2094     if (! mIsInit)
   2095     {
   2096         ALOGE ("%s: not init", fn);
   2097         return false;
   2098     }
   2099 
   2100     if (mCurrentRouteSelection == SecElemRoute)
   2101     {
   2102         ALOGE ("%s: already sec elem route", fn);
   2103         return true;
   2104     }
   2105 
   2106     if (mActiveEeHandle == NFA_HANDLE_INVALID)
   2107     {
   2108         ALOGE ("%s: invalid EE handle", fn);
   2109         return false;
   2110     }
   2111 
   2112     adjustRoutes (SecElemRoute);
   2113 
   2114     {
   2115         unsigned long num = 0;
   2116         if (GetNumValue("UICC_LISTEN_TECH_MASK", &num, sizeof(num)))
   2117             tech_mask = num;
   2118         ALOGD ("%s: start UICC listen; h=0x%X; tech mask=0x%X", fn, mActiveEeHandle, tech_mask);
   2119         SyncEventGuard guard (mUiccListenEvent);
   2120         nfaStat = NFA_CeConfigureUiccListenTech (mActiveEeHandle, tech_mask);
   2121         if (nfaStat == NFA_STATUS_OK)
   2122         {
   2123             mUiccListenEvent.wait ();
   2124             retval = true;
   2125         }
   2126         else
   2127             ALOGE ("%s: fail to start UICC listen", fn);
   2128     }
   2129 
   2130     ALOGD ("%s: exit; ok=%u", fn, retval);
   2131     return retval;
   2132 }
   2133 
   2134 
   2135 /*******************************************************************************
   2136 **
   2137 ** Function:        routeToDefault
   2138 **
   2139 ** Description:     Adjust controller's listen-mode routing table so transactions
   2140 **                  are routed to the default destination.
   2141 **
   2142 ** Returns:         True if ok.
   2143 **
   2144 *******************************************************************************/
   2145 bool SecureElement::routeToDefault ()
   2146 {
   2147     static const char fn [] = "SecureElement::routeToDefault";
   2148     tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
   2149     bool retval = false;
   2150 
   2151     ALOGD ("%s: enter", fn);
   2152     if (! mIsInit)
   2153     {
   2154         ALOGE ("%s: not init", fn);
   2155         return false;
   2156     }
   2157 
   2158     if (mCurrentRouteSelection == DefaultRoute)
   2159     {
   2160         ALOGD ("%s: already default route", fn);
   2161         return true;
   2162     }
   2163 
   2164     if (mActiveEeHandle != NFA_HANDLE_INVALID)
   2165     {
   2166         ALOGD ("%s: stop UICC listen; EE h=0x%X", fn, mActiveEeHandle);
   2167         SyncEventGuard guard (mUiccListenEvent);
   2168         nfaStat = NFA_CeConfigureUiccListenTech (mActiveEeHandle, 0);
   2169         if (nfaStat == NFA_STATUS_OK)
   2170         {
   2171             mUiccListenEvent.wait ();
   2172             retval = true;
   2173         }
   2174         else
   2175             ALOGE ("%s: fail to stop UICC listen", fn);
   2176     }
   2177     else
   2178         retval = true;
   2179 
   2180     adjustRoutes (DefaultRoute);
   2181 
   2182     ALOGD ("%s: exit; ok=%u", fn, retval);
   2183     return retval;
   2184 }
   2185 
   2186 
   2187 /*******************************************************************************
   2188 **
   2189 ** Function:        isBusy
   2190 **
   2191 ** Description:     Whether controller is routing listen-mode events to
   2192 **                  secure elements or a pipe is connected.
   2193 **
   2194 ** Returns:         True if either case is true.
   2195 **
   2196 *******************************************************************************/
   2197 bool SecureElement::isBusy ()
   2198 {
   2199     bool retval = (mCurrentRouteSelection == SecElemRoute) || mIsPiping;
   2200     ALOGD ("SecureElement::isBusy: %u", retval);
   2201     return retval;
   2202 }
   2203