1 /* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 /* 18 * Communicate with secure elements that are attached to the NFC 19 * controller. 20 */ 21 #include <semaphore.h> 22 #include <errno.h> 23 #include <ScopedLocalRef.h> 24 #include "OverrideLog.h" 25 #include "SecureElement.h" 26 #include "config.h" 27 #include "PowerSwitch.h" 28 #include "HostAidRouter.h" 29 #include "JavaClassConstants.h" 30 31 32 /***************************************************************************** 33 ** 34 ** public variables 35 ** 36 *****************************************************************************/ 37 int gSEId = -1; // secure element ID to use in connectEE(), -1 means not set 38 int gGatePipe = -1; // gate id or static pipe id to use in connectEE(), -1 means not set 39 bool gUseStaticPipe = false; // if true, use gGatePipe as static pipe id. if false, use as gate id 40 41 namespace android 42 { 43 extern void startRfDiscovery (bool isStart); 44 extern void setUiccIdleTimeout (bool enable); 45 } 46 47 ////////////////////////////////////////////// 48 ////////////////////////////////////////////// 49 50 51 SecureElement SecureElement::sSecElem; 52 const char* SecureElement::APP_NAME = "nfc_jni"; 53 54 55 /******************************************************************************* 56 ** 57 ** Function: SecureElement 58 ** 59 ** Description: Initialize member variables. 60 ** 61 ** Returns: None 62 ** 63 *******************************************************************************/ 64 SecureElement::SecureElement () 65 : mActiveEeHandle (NFA_HANDLE_INVALID), 66 mDestinationGate (4), //loopback gate 67 mNfaHciHandle (NFA_HANDLE_INVALID), 68 mNativeData (NULL), 69 mIsInit (false), 70 mActualNumEe (0), 71 mNumEePresent(0), 72 mbNewEE (true), // by default we start w/thinking there are new EE 73 mNewPipeId (0), 74 mNewSourceGate (0), 75 mActiveSeOverride(0), 76 mCommandStatus (NFA_STATUS_OK), 77 mIsPiping (false), 78 mCurrentRouteSelection (NoRoute), 79 mActualResponseSize(0), 80 mUseOberthurWarmReset (false), 81 mActivatedInListenMode (false), 82 mOberthurWarmResetCommand (3), 83 mRfFieldIsOn(false) 84 { 85 memset (&mEeInfo, 0, sizeof(mEeInfo)); 86 memset (&mUiccInfo, 0, sizeof(mUiccInfo)); 87 memset (&mHciCfg, 0, sizeof(mHciCfg)); 88 memset (mResponseData, 0, sizeof(mResponseData)); 89 memset (mAidForEmptySelect, 0, sizeof(mAidForEmptySelect)); 90 memset (&mLastRfFieldToggle, 0, sizeof(mLastRfFieldToggle)); 91 } 92 93 94 /******************************************************************************* 95 ** 96 ** Function: ~SecureElement 97 ** 98 ** Description: Release all resources. 99 ** 100 ** Returns: None 101 ** 102 *******************************************************************************/ 103 SecureElement::~SecureElement () 104 { 105 } 106 107 108 /******************************************************************************* 109 ** 110 ** Function: getInstance 111 ** 112 ** Description: Get the SecureElement singleton object. 113 ** 114 ** Returns: SecureElement object. 115 ** 116 *******************************************************************************/ 117 SecureElement& SecureElement::getInstance() 118 { 119 return sSecElem; 120 } 121 122 123 /******************************************************************************* 124 ** 125 ** Function: setActiveSeOverride 126 ** 127 ** Description: Specify which secure element to turn on. 128 ** activeSeOverride: ID of secure element 129 ** 130 ** Returns: None 131 ** 132 *******************************************************************************/ 133 void SecureElement::setActiveSeOverride(UINT8 activeSeOverride) 134 { 135 ALOGD ("SecureElement::setActiveSeOverride, seid=0x%X", activeSeOverride); 136 mActiveSeOverride = activeSeOverride; 137 } 138 139 140 /******************************************************************************* 141 ** 142 ** Function: initialize 143 ** 144 ** Description: Initialize all member variables. 145 ** native: Native data. 146 ** 147 ** Returns: True if ok. 148 ** 149 *******************************************************************************/ 150 bool SecureElement::initialize (nfc_jni_native_data* native) 151 { 152 static const char fn [] = "SecureElement::initialize"; 153 tNFA_STATUS nfaStat; 154 unsigned long num = 0; 155 156 ALOGD ("%s: enter", fn); 157 158 if (GetNumValue("NFA_HCI_DEFAULT_DEST_GATE", &num, sizeof(num))) 159 mDestinationGate = num; 160 ALOGD ("%s: Default destination gate: 0x%X", fn, mDestinationGate); 161 162 // active SE, if not set active all SEs 163 if (GetNumValue("ACTIVE_SE", &num, sizeof(num))) 164 mActiveSeOverride = num; 165 ALOGD ("%s: Active SE override: 0x%X", fn, mActiveSeOverride); 166 167 if (GetNumValue("OBERTHUR_WARM_RESET_COMMAND", &num, sizeof(num))) 168 { 169 mUseOberthurWarmReset = true; 170 mOberthurWarmResetCommand = (UINT8) num; 171 } 172 173 mActiveEeHandle = NFA_HANDLE_INVALID; 174 mNfaHciHandle = NFA_HANDLE_INVALID; 175 176 mNativeData = native; 177 mActualNumEe = MAX_NUM_EE; 178 mbNewEE = true; 179 mNewPipeId = 0; 180 mNewSourceGate = 0; 181 mRfFieldIsOn = false; 182 mActivatedInListenMode = false; 183 mCurrentRouteSelection = NoRoute; 184 memset (mEeInfo, 0, sizeof(mEeInfo)); 185 memset (&mUiccInfo, 0, sizeof(mUiccInfo)); 186 memset (&mHciCfg, 0, sizeof(mHciCfg)); 187 mUsedAids.clear (); 188 memset(mAidForEmptySelect, 0, sizeof(mAidForEmptySelect)); 189 190 // Get Fresh EE info. 191 if (! getEeInfo()) 192 return (false); 193 194 { 195 SyncEventGuard guard (mEeRegisterEvent); 196 ALOGD ("%s: try ee register", fn); 197 nfaStat = NFA_EeRegister (nfaEeCallback); 198 if (nfaStat != NFA_STATUS_OK) 199 { 200 ALOGE ("%s: fail ee register; error=0x%X", fn, nfaStat); 201 return (false); 202 } 203 mEeRegisterEvent.wait (); 204 } 205 206 // If the controller has an HCI Network, register for that 207 for (size_t xx = 0; xx < mActualNumEe; xx++) 208 { 209 if ((mEeInfo[xx].num_interface > 0) && (mEeInfo[xx].ee_interface[0] == NCI_NFCEE_INTERFACE_HCI_ACCESS) ) 210 { 211 ALOGD ("%s: Found HCI network, try hci register", fn); 212 213 SyncEventGuard guard (mHciRegisterEvent); 214 215 nfaStat = NFA_HciRegister (const_cast<char*>(APP_NAME), nfaHciCallback, TRUE); 216 if (nfaStat != NFA_STATUS_OK) 217 { 218 ALOGE ("%s: fail hci register; error=0x%X", fn, nfaStat); 219 return (false); 220 } 221 mHciRegisterEvent.wait(); 222 break; 223 } 224 } 225 226 mRouteDataSet.initialize (); 227 mRouteDataSet.import (); //read XML file 228 HostAidRouter::getInstance().initialize (); 229 230 GetStrValue(NAME_AID_FOR_EMPTY_SELECT, (char*)&mAidForEmptySelect[0], sizeof(mAidForEmptySelect)); 231 232 mIsInit = true; 233 ALOGD ("%s: exit", fn); 234 return (true); 235 } 236 237 238 /******************************************************************************* 239 ** 240 ** Function: finalize 241 ** 242 ** Description: Release all resources. 243 ** 244 ** Returns: None 245 ** 246 *******************************************************************************/ 247 void SecureElement::finalize () 248 { 249 static const char fn [] = "SecureElement::finalize"; 250 ALOGD ("%s: enter", fn); 251 252 NFA_EeDeregister (nfaEeCallback); 253 254 if (mNfaHciHandle != NFA_HANDLE_INVALID) 255 NFA_HciDeregister (const_cast<char*>(APP_NAME)); 256 257 mNfaHciHandle = NFA_HANDLE_INVALID; 258 mNativeData = NULL; 259 mIsInit = false; 260 mActualNumEe = 0; 261 mNumEePresent = 0; 262 mNewPipeId = 0; 263 mNewSourceGate = 0; 264 mIsPiping = false; 265 memset (mEeInfo, 0, sizeof(mEeInfo)); 266 memset (&mUiccInfo, 0, sizeof(mUiccInfo)); 267 268 ALOGD ("%s: exit", fn); 269 } 270 271 272 /******************************************************************************* 273 ** 274 ** Function: getEeInfo 275 ** 276 ** Description: Get latest information about execution environments from stack. 277 ** 278 ** Returns: True if at least 1 EE is available. 279 ** 280 *******************************************************************************/ 281 bool SecureElement::getEeInfo() 282 { 283 static const char fn [] = "SecureElement::getEeInfo"; 284 ALOGD ("%s: enter; mbNewEE=%d, mActualNumEe=%d", fn, mbNewEE, mActualNumEe); 285 tNFA_STATUS nfaStat = NFA_STATUS_FAILED; 286 287 // If mbNewEE is true then there is new EE info. 288 if (mbNewEE) 289 { 290 mActualNumEe = MAX_NUM_EE; 291 292 if ((nfaStat = NFA_EeGetInfo (&mActualNumEe, mEeInfo)) != NFA_STATUS_OK) 293 { 294 ALOGE ("%s: fail get info; error=0x%X", fn, nfaStat); 295 mActualNumEe = 0; 296 } 297 else 298 { 299 mbNewEE = false; 300 301 ALOGD ("%s: num EEs discovered: %u", fn, mActualNumEe); 302 if (mActualNumEe != 0) 303 { 304 for (UINT8 xx = 0; xx < mActualNumEe; xx++) 305 { 306 if ((mEeInfo[xx].num_interface != 0) && (mEeInfo[xx].ee_interface[0] != NCI_NFCEE_INTERFACE_HCI_ACCESS) ) 307 mNumEePresent++; 308 309 ALOGD ("%s: EE[%u] Handle: 0x%04x Status: %s Num I/f: %u: (0x%02x, 0x%02x) Num TLVs: %u", 310 fn, xx, mEeInfo[xx].ee_handle, eeStatusToString(mEeInfo[xx].ee_status), mEeInfo[xx].num_interface, 311 mEeInfo[xx].ee_interface[0], mEeInfo[xx].ee_interface[1], mEeInfo[xx].num_tlvs); 312 313 for (size_t yy = 0; yy < mEeInfo[xx].num_tlvs; yy++) 314 { 315 ALOGD ("%s: EE[%u] TLV[%u] Tag: 0x%02x Len: %u Values[]: 0x%02x 0x%02x 0x%02x ...", 316 fn, xx, yy, mEeInfo[xx].ee_tlv[yy].tag, mEeInfo[xx].ee_tlv[yy].len, mEeInfo[xx].ee_tlv[yy].info[0], 317 mEeInfo[xx].ee_tlv[yy].info[1], mEeInfo[xx].ee_tlv[yy].info[2]); 318 } 319 } 320 } 321 } 322 } 323 ALOGD ("%s: exit; mActualNumEe=%d, mNumEePresent=%d", fn, mActualNumEe,mNumEePresent); 324 return (mActualNumEe != 0); 325 } 326 327 328 /******************************************************************************* 329 ** 330 ** Function TimeDiff 331 ** 332 ** Description Computes time difference in milliseconds. 333 ** 334 ** Returns Time difference in milliseconds 335 ** 336 *******************************************************************************/ 337 static UINT32 TimeDiff(timespec start, timespec end) 338 { 339 end.tv_sec -= start.tv_sec; 340 end.tv_nsec -= start.tv_nsec; 341 342 if (end.tv_nsec < 0) { 343 end.tv_nsec += 10e8; 344 end.tv_sec -=1; 345 } 346 347 return (end.tv_sec * 1000) + (end.tv_nsec / 10e5); 348 } 349 350 /******************************************************************************* 351 ** 352 ** Function: isRfFieldOn 353 ** 354 ** Description: Can be used to determine if the SE is in an RF field 355 ** 356 ** Returns: True if the SE is activated in an RF field 357 ** 358 *******************************************************************************/ 359 bool SecureElement::isRfFieldOn() { 360 AutoMutex mutex(mMutex); 361 if (mRfFieldIsOn) { 362 return true; 363 } 364 struct timespec now; 365 int ret = clock_gettime(CLOCK_MONOTONIC, &now); 366 if (ret == -1) { 367 ALOGE("isRfFieldOn(): clock_gettime failed"); 368 return false; 369 } 370 if (TimeDiff(mLastRfFieldToggle, now) < 50) { 371 // If it was less than 50ms ago that RF field 372 // was turned off, still return ON. 373 return true; 374 } else { 375 return false; 376 } 377 } 378 379 /******************************************************************************* 380 ** 381 ** Function: isActivatedInListenMode 382 ** 383 ** Description: Can be used to determine if the SE is activated in listen mode 384 ** 385 ** Returns: True if the SE is activated in listen mode 386 ** 387 *******************************************************************************/ 388 bool SecureElement::isActivatedInListenMode() { 389 return mActivatedInListenMode; 390 } 391 392 /******************************************************************************* 393 ** 394 ** Function: getListOfEeHandles 395 ** 396 ** Description: Get the list of handles of all execution environments. 397 ** e: Java Virtual Machine. 398 ** 399 ** Returns: List of handles of all execution environments. 400 ** 401 *******************************************************************************/ 402 jintArray SecureElement::getListOfEeHandles (JNIEnv* e) 403 { 404 static const char fn [] = "SecureElement::getListOfEeHandles"; 405 ALOGD ("%s: enter", fn); 406 if (mNumEePresent == 0) 407 return NULL; 408 409 if (!mIsInit) 410 { 411 ALOGE ("%s: not init", fn); 412 return (NULL); 413 } 414 415 // Get Fresh EE info. 416 if (! getEeInfo()) 417 return (NULL); 418 419 jintArray list = e->NewIntArray (mNumEePresent); //allocate array 420 jint jj = 0; 421 int cnt = 0; 422 for (int ii = 0; ii < mActualNumEe && cnt < mNumEePresent; ii++) 423 { 424 ALOGD ("%s: %u = 0x%X", fn, ii, mEeInfo[ii].ee_handle); 425 if ((mEeInfo[ii].num_interface == 0) || (mEeInfo[ii].ee_interface[0] == NCI_NFCEE_INTERFACE_HCI_ACCESS) ) 426 { 427 continue; 428 } 429 430 jj = mEeInfo[ii].ee_handle & ~NFA_HANDLE_GROUP_EE; 431 e->SetIntArrayRegion (list, cnt++, 1, &jj); 432 } 433 434 ALOGD("%s: exit", fn); 435 return list; 436 } 437 438 439 /******************************************************************************* 440 ** 441 ** Function: activate 442 ** 443 ** Description: Turn on the secure element. 444 ** seID: ID of secure element; 0xF3 or 0xF4. 445 ** 446 ** Returns: True if ok. 447 ** 448 *******************************************************************************/ 449 bool SecureElement::activate (jint seID) 450 { 451 static const char fn [] = "SecureElement::activate"; 452 tNFA_STATUS nfaStat = NFA_STATUS_FAILED; 453 int numActivatedEe = 0; 454 455 ALOGD ("%s: enter; seID=0x%X", fn, seID); 456 457 if (!mIsInit) 458 { 459 ALOGE ("%s: not init", fn); 460 return false; 461 } 462 463 if (mActiveEeHandle != NFA_HANDLE_INVALID) 464 { 465 ALOGD ("%s: already active", fn); 466 return true; 467 } 468 469 // Get Fresh EE info if needed. 470 if (! getEeInfo()) 471 { 472 ALOGE ("%s: no EE info", fn); 473 return false; 474 } 475 476 UINT16 overrideEeHandle = 0; 477 if (mActiveSeOverride) 478 overrideEeHandle = NFA_HANDLE_GROUP_EE | mActiveSeOverride; 479 480 if (mRfFieldIsOn) { 481 ALOGE("%s: RF field indication still on, resetting", fn); 482 mRfFieldIsOn = false; 483 } 484 485 ALOGD ("%s: override ee h=0x%X", fn, overrideEeHandle ); 486 //activate every discovered secure element 487 for (int index=0; index < mActualNumEe; index++) 488 { 489 tNFA_EE_INFO& eeItem = mEeInfo[index]; 490 491 if ((eeItem.ee_handle == EE_HANDLE_0xF3) || (eeItem.ee_handle == EE_HANDLE_0xF4)) 492 { 493 if (overrideEeHandle && (overrideEeHandle != eeItem.ee_handle) ) 494 continue; // do not enable all SEs; only the override one 495 496 if (eeItem.ee_status != NFC_NFCEE_STATUS_INACTIVE) 497 { 498 ALOGD ("%s: h=0x%X already activated", fn, eeItem.ee_handle); 499 numActivatedEe++; 500 continue; 501 } 502 503 { 504 SyncEventGuard guard (mEeSetModeEvent); 505 ALOGD ("%s: set EE mode activate; h=0x%X", fn, eeItem.ee_handle); 506 if ((nfaStat = NFA_EeModeSet (eeItem.ee_handle, NFA_EE_MD_ACTIVATE)) == NFA_STATUS_OK) 507 { 508 mEeSetModeEvent.wait (); //wait for NFA_EE_MODE_SET_EVT 509 if (eeItem.ee_status == NFC_NFCEE_STATUS_ACTIVE) 510 numActivatedEe++; 511 } 512 else 513 ALOGE ("%s: NFA_EeModeSet failed; error=0x%X", fn, nfaStat); 514 } 515 } 516 } //for 517 518 mActiveEeHandle = getDefaultEeHandle(); 519 if (mActiveEeHandle == NFA_HANDLE_INVALID) 520 ALOGE ("%s: ee handle not found", fn); 521 ALOGD ("%s: exit; active ee h=0x%X", fn, mActiveEeHandle); 522 return mActiveEeHandle != NFA_HANDLE_INVALID; 523 } 524 525 526 /******************************************************************************* 527 ** 528 ** Function: deactivate 529 ** 530 ** Description: Turn off the secure element. 531 ** seID: ID of secure element; 0xF3 or 0xF4. 532 ** 533 ** Returns: True if ok. 534 ** 535 *******************************************************************************/ 536 bool SecureElement::deactivate (jint seID) 537 { 538 static const char fn [] = "SecureElement::deactivate"; 539 bool retval = false; 540 541 ALOGD ("%s: enter; seID=0x%X, mActiveEeHandle=0x%X", fn, seID, mActiveEeHandle); 542 543 if (!mIsInit) 544 { 545 ALOGE ("%s: not init", fn); 546 goto TheEnd; 547 } 548 549 //if the controller is routing to sec elems or piping, 550 //then the secure element cannot be deactivated 551 if ((mCurrentRouteSelection == SecElemRoute) || mIsPiping) 552 { 553 ALOGE ("%s: still busy", fn); 554 goto TheEnd; 555 } 556 557 if (mActiveEeHandle == NFA_HANDLE_INVALID) 558 { 559 ALOGE ("%s: invalid EE handle", fn); 560 goto TheEnd; 561 } 562 563 mActiveEeHandle = NFA_HANDLE_INVALID; 564 retval = true; 565 566 TheEnd: 567 ALOGD ("%s: exit; ok=%u", fn, retval); 568 return retval; 569 } 570 571 572 /******************************************************************************* 573 ** 574 ** Function: notifyTransactionListenersOfAid 575 ** 576 ** Description: Notify the NFC service about a transaction event from secure element. 577 ** aid: Buffer contains application ID. 578 ** aidLen: Length of application ID. 579 ** 580 ** Returns: None 581 ** 582 *******************************************************************************/ 583 void SecureElement::notifyTransactionListenersOfAid (const UINT8* aidBuffer, UINT8 aidBufferLen) 584 { 585 static const char fn [] = "SecureElement::notifyTransactionListenersOfAid"; 586 ALOGD ("%s: enter; aid len=%u", fn, aidBufferLen); 587 588 if (aidBufferLen == 0) { 589 return; 590 } 591 592 JNIEnv* e = NULL; 593 ScopedAttach attach(mNativeData->vm, &e); 594 if (e == NULL) 595 { 596 ALOGE ("%s: jni env is null", fn); 597 return; 598 } 599 600 const UINT16 tlvMaxLen = aidBufferLen + 10; 601 UINT8* tlv = new UINT8 [tlvMaxLen]; 602 if (tlv == NULL) 603 { 604 ALOGE ("%s: fail allocate tlv", fn); 605 return; 606 } 607 608 memcpy (tlv, aidBuffer, aidBufferLen); 609 UINT16 tlvActualLen = aidBufferLen; 610 611 ScopedLocalRef<jobject> tlvJavaArray(e, e->NewByteArray(tlvActualLen)); 612 if (tlvJavaArray.get() == NULL) 613 { 614 ALOGE ("%s: fail allocate array", fn); 615 goto TheEnd; 616 } 617 618 e->SetByteArrayRegion ((jbyteArray)tlvJavaArray.get(), 0, tlvActualLen, (jbyte *)tlv); 619 if (e->ExceptionCheck()) 620 { 621 e->ExceptionClear(); 622 ALOGE ("%s: fail fill array", fn); 623 goto TheEnd; 624 } 625 626 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifyTransactionListeners, tlvJavaArray.get()); 627 if (e->ExceptionCheck()) 628 { 629 e->ExceptionClear(); 630 ALOGE ("%s: fail notify", fn); 631 goto TheEnd; 632 } 633 634 TheEnd: 635 delete [] tlv; 636 ALOGD ("%s: exit", fn); 637 } 638 639 640 /******************************************************************************* 641 ** 642 ** Function: connectEE 643 ** 644 ** Description: Connect to the execution environment. 645 ** 646 ** Returns: True if ok. 647 ** 648 *******************************************************************************/ 649 bool SecureElement::connectEE () 650 { 651 static const char fn [] = "SecureElement::connectEE"; 652 tNFA_STATUS nfaStat = NFA_STATUS_FAILED; 653 bool retVal = false; 654 UINT8 destHost = 0; 655 unsigned long num = 0; 656 char pipeConfName[40]; 657 tNFA_HANDLE eeHandle = mActiveEeHandle; 658 659 ALOGD ("%s: enter, mActiveEeHandle: 0x%04x, SEID: 0x%x, pipe_gate_num=%d, use pipe=%d", 660 fn, mActiveEeHandle, gSEId, gGatePipe, gUseStaticPipe); 661 662 if (!mIsInit) 663 { 664 ALOGE ("%s: not init", fn); 665 return (false); 666 } 667 668 if (gSEId != -1) 669 { 670 eeHandle = gSEId | NFA_HANDLE_GROUP_EE; 671 ALOGD ("%s: Using SEID: 0x%x", fn, eeHandle ); 672 } 673 674 if (eeHandle == NFA_HANDLE_INVALID) 675 { 676 ALOGE ("%s: invalid handle 0x%X", fn, eeHandle); 677 return (false); 678 } 679 680 tNFA_EE_INFO *pEE = findEeByHandle (eeHandle); 681 682 if (pEE == NULL) 683 { 684 ALOGE ("%s: Handle 0x%04x NOT FOUND !!", fn, eeHandle); 685 return (false); 686 } 687 688 // Disable RF discovery completely while the DH is connected 689 android::startRfDiscovery(false); 690 691 // Disable UICC idle timeout while the DH is connected 692 android::setUiccIdleTimeout (false); 693 694 mNewSourceGate = 0; 695 696 if (gGatePipe == -1) 697 { 698 // pipe/gate num was not specifed by app, get from config file 699 mNewPipeId = 0; 700 701 // Construct the PIPE name based on the EE handle (e.g. NFA_HCI_STATIC_PIPE_ID_F3 for UICC0). 702 snprintf (pipeConfName, sizeof(pipeConfName), "NFA_HCI_STATIC_PIPE_ID_%02X", eeHandle & NFA_HANDLE_MASK); 703 704 if (GetNumValue(pipeConfName, &num, sizeof(num)) && (num != 0)) 705 { 706 mNewPipeId = num; 707 ALOGD ("%s: Using static pipe id: 0x%X", __FUNCTION__, mNewPipeId); 708 } 709 else 710 { 711 ALOGD ("%s: Did not find value '%s' defined in the .conf", __FUNCTION__, pipeConfName); 712 } 713 } 714 else 715 { 716 if (gUseStaticPipe) 717 { 718 mNewPipeId = gGatePipe; 719 } 720 else 721 { 722 mNewPipeId = 0; 723 mDestinationGate= gGatePipe; 724 } 725 } 726 727 // If the .conf file had a static pipe to use, just use it. 728 if (mNewPipeId != 0) 729 { 730 UINT8 host = (mNewPipeId == STATIC_PIPE_0x70) ? 0x02 : 0x03; 731 UINT8 gate = (mNewPipeId == STATIC_PIPE_0x70) ? 0xF0 : 0xF1; 732 nfaStat = NFA_HciAddStaticPipe(mNfaHciHandle, host, gate, mNewPipeId); 733 if (nfaStat != NFA_STATUS_OK) 734 { 735 ALOGE ("%s: fail create static pipe; error=0x%X", fn, nfaStat); 736 retVal = false; 737 goto TheEnd; 738 } 739 } 740 else 741 { 742 if ( (pEE->num_tlvs >= 1) && (pEE->ee_tlv[0].tag == NFA_EE_TAG_HCI_HOST_ID) ) 743 destHost = pEE->ee_tlv[0].info[0]; 744 else 745 destHost = 2; 746 747 // Get a list of existing gates and pipes 748 { 749 ALOGD ("%s: get gate, pipe list", fn); 750 SyncEventGuard guard (mPipeListEvent); 751 nfaStat = NFA_HciGetGateAndPipeList (mNfaHciHandle); 752 if (nfaStat == NFA_STATUS_OK) 753 { 754 mPipeListEvent.wait(); 755 if (mHciCfg.status == NFA_STATUS_OK) 756 { 757 for (UINT8 xx = 0; xx < mHciCfg.num_pipes; xx++) 758 { 759 if ( (mHciCfg.pipe[xx].dest_host == destHost) 760 && (mHciCfg.pipe[xx].dest_gate == mDestinationGate) ) 761 { 762 mNewSourceGate = mHciCfg.pipe[xx].local_gate; 763 mNewPipeId = mHciCfg.pipe[xx].pipe_id; 764 765 ALOGD ("%s: found configured gate: 0x%02x pipe: 0x%02x", fn, mNewSourceGate, mNewPipeId); 766 break; 767 } 768 } 769 } 770 } 771 } 772 773 if (mNewSourceGate == 0) 774 { 775 ALOGD ("%s: allocate gate", fn); 776 //allocate a source gate and store in mNewSourceGate 777 SyncEventGuard guard (mAllocateGateEvent); 778 if ((nfaStat = NFA_HciAllocGate (mNfaHciHandle)) != NFA_STATUS_OK) 779 { 780 ALOGE ("%s: fail allocate source gate; error=0x%X", fn, nfaStat); 781 goto TheEnd; 782 } 783 mAllocateGateEvent.wait (); 784 if (mCommandStatus != NFA_STATUS_OK) 785 goto TheEnd; 786 } 787 788 if (mNewPipeId == 0) 789 { 790 ALOGD ("%s: create pipe", fn); 791 SyncEventGuard guard (mCreatePipeEvent); 792 nfaStat = NFA_HciCreatePipe (mNfaHciHandle, mNewSourceGate, destHost, mDestinationGate); 793 if (nfaStat != NFA_STATUS_OK) 794 { 795 ALOGE ("%s: fail create pipe; error=0x%X", fn, nfaStat); 796 goto TheEnd; 797 } 798 mCreatePipeEvent.wait (); 799 if (mCommandStatus != NFA_STATUS_OK) 800 goto TheEnd; 801 } 802 803 { 804 ALOGD ("%s: open pipe", fn); 805 SyncEventGuard guard (mPipeOpenedEvent); 806 nfaStat = NFA_HciOpenPipe (mNfaHciHandle, mNewPipeId); 807 if (nfaStat != NFA_STATUS_OK) 808 { 809 ALOGE ("%s: fail open pipe; error=0x%X", fn, nfaStat); 810 goto TheEnd; 811 } 812 mPipeOpenedEvent.wait (); 813 if (mCommandStatus != NFA_STATUS_OK) 814 goto TheEnd; 815 } 816 } 817 818 retVal = true; 819 820 TheEnd: 821 mIsPiping = retVal; 822 if (!retVal) 823 { 824 // if open failed we need to de-allocate the gate 825 disconnectEE(0); 826 } 827 828 ALOGD ("%s: exit; ok=%u", fn, retVal); 829 return retVal; 830 } 831 832 833 /******************************************************************************* 834 ** 835 ** Function: disconnectEE 836 ** 837 ** Description: Disconnect from the execution environment. 838 ** seID: ID of secure element. 839 ** 840 ** Returns: True if ok. 841 ** 842 *******************************************************************************/ 843 bool SecureElement::disconnectEE (jint seID) 844 { 845 static const char fn [] = "SecureElement::disconnectEE"; 846 tNFA_STATUS nfaStat = NFA_STATUS_FAILED; 847 tNFA_HANDLE eeHandle = seID; 848 849 ALOGD("%s: seID=0x%X; handle=0x%04x", fn, seID, eeHandle); 850 851 if (mUseOberthurWarmReset) 852 { 853 //send warm-reset command to Oberthur secure element which deselects the applet; 854 //this is an Oberthur-specific command; 855 ALOGD("%s: try warm-reset on pipe id 0x%X; cmd=0x%X", fn, mNewPipeId, mOberthurWarmResetCommand); 856 SyncEventGuard guard (mRegistryEvent); 857 nfaStat = NFA_HciSetRegistry (mNfaHciHandle, mNewPipeId, 858 1, 1, &mOberthurWarmResetCommand); 859 if (nfaStat == NFA_STATUS_OK) 860 { 861 mRegistryEvent.wait (); 862 ALOGD("%s: completed warm-reset on pipe 0x%X", fn, mNewPipeId); 863 } 864 } 865 866 if (mNewSourceGate) 867 { 868 SyncEventGuard guard (mDeallocateGateEvent); 869 if ((nfaStat = NFA_HciDeallocGate (mNfaHciHandle, mNewSourceGate)) == NFA_STATUS_OK) 870 mDeallocateGateEvent.wait (); 871 else 872 ALOGE ("%s: fail dealloc gate; error=0x%X", fn, nfaStat); 873 } 874 875 mIsPiping = false; 876 877 // Re-enable UICC low-power mode 878 android::setUiccIdleTimeout (true); 879 // Re-enable RF discovery 880 // Note that it only effactuates the current configuration, 881 // so if polling/listening were configured OFF (forex because 882 // the screen was off), they will stay OFF with this call. 883 android::startRfDiscovery(true); 884 885 return true; 886 } 887 888 889 /******************************************************************************* 890 ** 891 ** Function: transceive 892 ** 893 ** Description: Send data to the secure element; read it's response. 894 ** xmitBuffer: Data to transmit. 895 ** xmitBufferSize: Length of data. 896 ** recvBuffer: Buffer to receive response. 897 ** recvBufferMaxSize: Maximum size of buffer. 898 ** recvBufferActualSize: Actual length of response. 899 ** timeoutMillisec: timeout in millisecond. 900 ** 901 ** Returns: True if ok. 902 ** 903 *******************************************************************************/ 904 bool SecureElement::transceive (UINT8* xmitBuffer, INT32 xmitBufferSize, UINT8* recvBuffer, 905 INT32 recvBufferMaxSize, INT32& recvBufferActualSize, INT32 timeoutMillisec) 906 { 907 static const char fn [] = "SecureElement::transceive"; 908 tNFA_STATUS nfaStat = NFA_STATUS_FAILED; 909 bool isSuccess = false; 910 bool waitOk = false; 911 UINT8 newSelectCmd[NCI_MAX_AID_LEN + 10]; 912 913 ALOGD ("%s: enter; xmitBufferSize=%ld; recvBufferMaxSize=%ld; timeout=%ld", fn, xmitBufferSize, recvBufferMaxSize, timeoutMillisec); 914 915 // Check if we need to replace an "empty" SELECT command. 916 // 1. Has there been a AID configured, and 917 // 2. Is that AID a valid length (i.e 16 bytes max), and 918 // 3. Is the APDU at least 4 bytes (for header), and 919 // 4. Is INS == 0xA4 (SELECT command), and 920 // 5. Is P1 == 0x04 (SELECT by AID), and 921 // 6. Is the APDU len 4 or 5 bytes. 922 // 923 // Note, the length of the configured AID is in the first 924 // byte, and AID starts from the 2nd byte. 925 if (mAidForEmptySelect[0] // 1 926 && (mAidForEmptySelect[0] <= NCI_MAX_AID_LEN) // 2 927 && (xmitBufferSize >= 4) // 3 928 && (xmitBuffer[1] == 0xA4) // 4 929 && (xmitBuffer[2] == 0x04) // 5 930 && (xmitBufferSize <= 5)) // 6 931 { 932 UINT8 idx = 0; 933 934 // Copy APDU command header from the input buffer. 935 memcpy(&newSelectCmd[0], &xmitBuffer[0], 4); 936 idx = 4; 937 938 // Set the Lc value to length of the new AID 939 newSelectCmd[idx++] = mAidForEmptySelect[0]; 940 941 // Copy the AID 942 memcpy(&newSelectCmd[idx], &mAidForEmptySelect[1], mAidForEmptySelect[0]); 943 idx += mAidForEmptySelect[0]; 944 945 // If there is an Le (5th byte of APDU), add it to the end. 946 if (xmitBufferSize == 5) 947 newSelectCmd[idx++] = xmitBuffer[4]; 948 949 // Point to the new APDU 950 xmitBuffer = &newSelectCmd[0]; 951 xmitBufferSize = idx; 952 953 ALOGD ("%s: Empty AID SELECT cmd detected, substituting AID from config file, new length=%d", fn, idx); 954 } 955 956 { 957 SyncEventGuard guard (mTransceiveEvent); 958 mActualResponseSize = 0; 959 memset (mResponseData, 0, sizeof(mResponseData)); 960 if ((mNewPipeId == STATIC_PIPE_0x70) || (mNewPipeId == STATIC_PIPE_0x71)) 961 nfaStat = NFA_HciSendEvent (mNfaHciHandle, mNewPipeId, EVT_SEND_DATA, xmitBufferSize, xmitBuffer, sizeof(mResponseData), mResponseData, 0); 962 else 963 nfaStat = NFA_HciSendEvent (mNfaHciHandle, mNewPipeId, NFA_HCI_EVT_POST_DATA, xmitBufferSize, xmitBuffer, sizeof(mResponseData), mResponseData, 0); 964 965 if (nfaStat == NFA_STATUS_OK) 966 { 967 waitOk = mTransceiveEvent.wait (timeoutMillisec); 968 if (waitOk == false) //timeout occurs 969 { 970 ALOGE ("%s: wait response timeout", fn); 971 goto TheEnd; 972 } 973 } 974 else 975 { 976 ALOGE ("%s: fail send data; error=0x%X", fn, nfaStat); 977 goto TheEnd; 978 } 979 } 980 981 if (mActualResponseSize > recvBufferMaxSize) 982 recvBufferActualSize = recvBufferMaxSize; 983 else 984 recvBufferActualSize = mActualResponseSize; 985 986 memcpy (recvBuffer, mResponseData, recvBufferActualSize); 987 isSuccess = true; 988 989 TheEnd: 990 ALOGD ("%s: exit; isSuccess: %d; recvBufferActualSize: %ld", fn, isSuccess, recvBufferActualSize); 991 return (isSuccess); 992 } 993 994 995 /******************************************************************************* 996 ** 997 ** Function: notifyListenModeState 998 ** 999 ** Description: Notify the NFC service about whether the SE was activated 1000 ** in listen mode. 1001 ** isActive: Whether the secure element is activated. 1002 ** 1003 ** Returns: None 1004 ** 1005 *******************************************************************************/ 1006 void SecureElement::notifyListenModeState (bool isActivated) { 1007 static const char fn [] = "SecureElement::notifyListenMode"; 1008 1009 ALOGD ("%s: enter; listen mode active=%u", fn, isActivated); 1010 1011 JNIEnv* e = NULL; 1012 ScopedAttach attach(mNativeData->vm, &e); 1013 if (e == NULL) 1014 { 1015 ALOGE ("%s: jni env is null", fn); 1016 return; 1017 } 1018 1019 mActivatedInListenMode = isActivated; 1020 if (isActivated) { 1021 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeListenActivated); 1022 } 1023 else { 1024 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeListenDeactivated); 1025 } 1026 1027 if (e->ExceptionCheck()) 1028 { 1029 e->ExceptionClear(); 1030 ALOGE ("%s: fail notify", fn); 1031 } 1032 1033 ALOGD ("%s: exit", fn); 1034 } 1035 1036 /******************************************************************************* 1037 ** 1038 ** Function: notifyRfFieldEvent 1039 ** 1040 ** Description: Notify the NFC service about RF field events from the stack. 1041 ** isActive: Whether any secure element is activated. 1042 ** 1043 ** Returns: None 1044 ** 1045 *******************************************************************************/ 1046 void SecureElement::notifyRfFieldEvent (bool isActive) 1047 { 1048 static const char fn [] = "SecureElement::notifyRfFieldEvent"; 1049 ALOGD ("%s: enter; is active=%u", fn, isActive); 1050 1051 JNIEnv* e = NULL; 1052 ScopedAttach attach(mNativeData->vm, &e); 1053 if (e == NULL) 1054 { 1055 ALOGE ("%s: jni env is null", fn); 1056 return; 1057 } 1058 1059 mMutex.lock(); 1060 int ret = clock_gettime (CLOCK_MONOTONIC, &mLastRfFieldToggle); 1061 if (ret == -1) { 1062 ALOGE("%s: clock_gettime failed", fn); 1063 // There is no good choice here... 1064 } 1065 if (isActive) { 1066 mRfFieldIsOn = true; 1067 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeFieldActivated); 1068 } 1069 else { 1070 mRfFieldIsOn = false; 1071 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeFieldDeactivated); 1072 } 1073 mMutex.unlock(); 1074 1075 if (e->ExceptionCheck()) 1076 { 1077 e->ExceptionClear(); 1078 ALOGE ("%s: fail notify", fn); 1079 } 1080 ALOGD ("%s: exit", fn); 1081 } 1082 1083 /******************************************************************************* 1084 ** 1085 ** Function: resetRfFieldStatus 1086 ** 1087 ** Description: Resets the field status. 1088 ** isActive: Whether any secure element is activated. 1089 ** 1090 ** Returns: None 1091 ** 1092 *******************************************************************************/ 1093 void SecureElement::resetRfFieldStatus () 1094 { 1095 static const char fn [] = "SecureElement::resetRfFieldStatus`"; 1096 ALOGD ("%s: enter;"); 1097 1098 mMutex.lock(); 1099 mRfFieldIsOn = false; 1100 int ret = clock_gettime (CLOCK_MONOTONIC, &mLastRfFieldToggle); 1101 if (ret == -1) { 1102 ALOGE("%s: clock_gettime failed", fn); 1103 // There is no good choice here... 1104 } 1105 mMutex.unlock(); 1106 1107 ALOGD ("%s: exit", fn); 1108 } 1109 1110 1111 /******************************************************************************* 1112 ** 1113 ** Function: storeUiccInfo 1114 ** 1115 ** Description: Store a copy of the execution environment information from the stack. 1116 ** info: execution environment information. 1117 ** 1118 ** Returns: None 1119 ** 1120 *******************************************************************************/ 1121 void SecureElement::storeUiccInfo (tNFA_EE_DISCOVER_REQ& info) 1122 { 1123 static const char fn [] = "SecureElement::storeUiccInfo"; 1124 ALOGD ("%s: Status: %u Num EE: %u", fn, info.status, info.num_ee); 1125 1126 SyncEventGuard guard (mUiccInfoEvent); 1127 memcpy (&mUiccInfo, &info, sizeof(mUiccInfo)); 1128 for (UINT8 xx = 0; xx < info.num_ee; xx++) 1129 { 1130 //for each technology (A, B, F, B'), print the bit field that shows 1131 //what protocol(s) is support by that technology 1132 ALOGD ("%s EE[%u] Handle: 0x%04x techA: 0x%02x techB: 0x%02x techF: 0x%02x techBprime: 0x%02x", 1133 fn, xx, info.ee_disc_info[xx].ee_handle, 1134 info.ee_disc_info[xx].la_protocol, 1135 info.ee_disc_info[xx].lb_protocol, 1136 info.ee_disc_info[xx].lf_protocol, 1137 info.ee_disc_info[xx].lbp_protocol); 1138 } 1139 mUiccInfoEvent.notifyOne (); 1140 } 1141 1142 1143 /******************************************************************************* 1144 ** 1145 ** Function: getUiccId 1146 ** 1147 ** Description: Get the ID of the secure element. 1148 ** eeHandle: Handle to the secure element. 1149 ** uid: Array to receive the ID. 1150 ** 1151 ** Returns: True if ok. 1152 ** 1153 *******************************************************************************/ 1154 bool SecureElement::getUiccId (tNFA_HANDLE eeHandle, jbyteArray& uid) 1155 { 1156 static const char fn [] = "SecureElement::getUiccId"; 1157 ALOGD ("%s: ee h=0x%X", fn, eeHandle); 1158 bool retval = false; 1159 1160 JNIEnv* e = NULL; 1161 ScopedAttach attach(mNativeData->vm, &e); 1162 if (e == NULL) 1163 { 1164 ALOGE ("%s: jni env is null", fn); 1165 return false; 1166 } 1167 1168 findUiccByHandle (eeHandle); 1169 //cannot get UID from the stack; nothing to do 1170 1171 // TODO: uid is unused --- bug? 1172 1173 // TODO: retval is always false --- bug? 1174 ALOGD ("%s: exit; ret=%u", fn, retval); 1175 return retval; 1176 } 1177 1178 1179 /******************************************************************************* 1180 ** 1181 ** Function: getTechnologyList 1182 ** 1183 ** Description: Get all the technologies supported by a secure element. 1184 ** eeHandle: Handle of secure element. 1185 ** techList: List to receive the technologies. 1186 ** 1187 ** Returns: True if ok. 1188 ** 1189 *******************************************************************************/ 1190 bool SecureElement::getTechnologyList (tNFA_HANDLE eeHandle, jintArray& techList) 1191 { 1192 static const char fn [] = "SecureElement::getTechnologyList"; 1193 ALOGD ("%s: ee h=0x%X", fn, eeHandle); 1194 bool retval = false; 1195 1196 JNIEnv* e = NULL; 1197 ScopedAttach attach(mNativeData->vm, &e); 1198 if (e == NULL) 1199 { 1200 ALOGE ("%s: jni env is null", fn); 1201 return false; 1202 } 1203 1204 tNFA_EE_DISCOVER_INFO *pUICC = findUiccByHandle (eeHandle); 1205 1206 // TODO: theList is written but not set --- bug? 1207 jint theList = 0; 1208 if (pUICC->la_protocol != 0) 1209 theList = TARGET_TYPE_ISO14443_3A; 1210 else if (pUICC->lb_protocol != 0) 1211 theList = TARGET_TYPE_ISO14443_3B; 1212 else if (pUICC->lf_protocol != 0) 1213 theList = TARGET_TYPE_FELICA; 1214 else if (pUICC->lbp_protocol != 0) 1215 theList = TARGET_TYPE_ISO14443_3B; 1216 else 1217 theList = TARGET_TYPE_UNKNOWN; 1218 1219 // TODO: techList is neither read nor written --- bug? 1220 1221 // TODO: retval is always false --- bug? 1222 ALOGD ("%s: exit; ret=%u", fn, retval); 1223 return retval; 1224 } 1225 1226 1227 /******************************************************************************* 1228 ** 1229 ** Function: adjustRoutes 1230 ** 1231 ** Description: Adjust routes in the controller's listen-mode routing table. 1232 ** selection: which set of routes to configure the controller. 1233 ** 1234 ** Returns: None 1235 ** 1236 *******************************************************************************/ 1237 void SecureElement::adjustRoutes (RouteSelection selection) 1238 { 1239 static const char fn [] = "SecureElement::adjustRoutes"; 1240 ALOGD ("%s: enter; selection=%u", fn, selection); 1241 RouteDataSet::Database* db = mRouteDataSet.getDatabase (RouteDataSet::DefaultRouteDatabase); 1242 1243 if (selection == SecElemRoute) 1244 db = mRouteDataSet.getDatabase (RouteDataSet::SecElemRouteDatabase); 1245 1246 mCurrentRouteSelection = selection; 1247 adjustProtocolRoutes (db, selection); 1248 adjustTechnologyRoutes (db, selection); 1249 HostAidRouter::getInstance ().deleteAllRoutes (); //stop all AID routes to host 1250 1251 if (db->empty()) 1252 { 1253 ALOGD ("%s: no route configuration", fn); 1254 goto TheEnd; 1255 } 1256 1257 1258 TheEnd: 1259 NFA_EeUpdateNow (); //apply new routes now 1260 ALOGD ("%s: exit", fn); 1261 } 1262 1263 1264 /******************************************************************************* 1265 ** 1266 ** Function: applyRoutes 1267 ** 1268 ** Description: Read route data from file and apply them again. 1269 ** 1270 ** Returns: None 1271 ** 1272 *******************************************************************************/ 1273 void SecureElement::applyRoutes () 1274 { 1275 static const char fn [] = "SecureElement::applyRoutes"; 1276 ALOGD ("%s: enter", fn); 1277 if (mCurrentRouteSelection != NoRoute) 1278 { 1279 mRouteDataSet.import (); //read XML file 1280 adjustRoutes (mCurrentRouteSelection); 1281 } 1282 ALOGD ("%s: exit", fn); 1283 } 1284 1285 1286 /******************************************************************************* 1287 ** 1288 ** Function: adjustProtocolRoutes 1289 ** 1290 ** Description: Adjust default routing based on protocol in NFC listen mode. 1291 ** isRouteToEe: Whether routing to EE (true) or host (false). 1292 ** 1293 ** Returns: None 1294 ** 1295 *******************************************************************************/ 1296 void SecureElement::adjustProtocolRoutes (RouteDataSet::Database* db, RouteSelection routeSelection) 1297 { 1298 static const char fn [] = "SecureElement::adjustProtocolRoutes"; 1299 ALOGD ("%s: enter", fn); 1300 tNFA_STATUS nfaStat = NFA_STATUS_FAILED; 1301 const tNFA_PROTOCOL_MASK protoMask = NFA_PROTOCOL_MASK_ISO_DEP; 1302 1303 /////////////////////// 1304 // delete route to host 1305 /////////////////////// 1306 { 1307 ALOGD ("%s: delete route to host", fn); 1308 SyncEventGuard guard (mRoutingEvent); 1309 if ((nfaStat = NFA_EeSetDefaultProtoRouting (NFA_EE_HANDLE_DH, 0, 0, 0)) == NFA_STATUS_OK) 1310 mRoutingEvent.wait (); 1311 else 1312 ALOGE ("%s: fail delete route to host; error=0x%X", fn, nfaStat); 1313 } 1314 1315 /////////////////////// 1316 // delete route to every sec elem 1317 /////////////////////// 1318 for (int i=0; i < mActualNumEe; i++) 1319 { 1320 if ((mEeInfo[i].num_interface != 0) && 1321 (mEeInfo[i].ee_interface[0] != NFC_NFCEE_INTERFACE_HCI_ACCESS) && 1322 (mEeInfo[i].ee_status == NFA_EE_STATUS_ACTIVE)) 1323 { 1324 ALOGD ("%s: delete route to EE h=0x%X", fn, mEeInfo[i].ee_handle); 1325 SyncEventGuard guard (mRoutingEvent); 1326 if ((nfaStat = NFA_EeSetDefaultProtoRouting (mEeInfo[i].ee_handle, 0, 0, 0)) == NFA_STATUS_OK) 1327 mRoutingEvent.wait (); 1328 else 1329 ALOGE ("%s: fail delete route to EE; error=0x%X", fn, nfaStat); 1330 } 1331 } 1332 1333 ////////////////////// 1334 // configure route for every discovered sec elem 1335 ////////////////////// 1336 for (int i=0; i < mActualNumEe; i++) 1337 { 1338 //if sec elem is active 1339 if ((mEeInfo[i].num_interface != 0) && 1340 (mEeInfo[i].ee_interface[0] != NFC_NFCEE_INTERFACE_HCI_ACCESS) && 1341 (mEeInfo[i].ee_status == NFA_EE_STATUS_ACTIVE)) 1342 { 1343 tNFA_PROTOCOL_MASK protocolsSwitchOn = 0; //all protocols that are active at full power 1344 tNFA_PROTOCOL_MASK protocolsSwitchOff = 0; //all protocols that are active when phone is turned off 1345 tNFA_PROTOCOL_MASK protocolsBatteryOff = 0; //all protocols that are active when there is no power 1346 1347 //for every route in XML, look for protocol route; 1348 //collect every protocol according to it's desired power mode 1349 for (RouteDataSet::Database::iterator iter = db->begin(); iter != db->end(); iter++) 1350 { 1351 RouteData* routeData = *iter; 1352 RouteDataForProtocol* route = NULL; 1353 if (routeData->mRouteType != RouteData::ProtocolRoute) 1354 continue; //skip other kinds of routing data 1355 route = (RouteDataForProtocol*) (*iter); 1356 if (route->mNfaEeHandle == mEeInfo[i].ee_handle) 1357 { 1358 if (route->mSwitchOn) 1359 protocolsSwitchOn |= route->mProtocol; 1360 if (route->mSwitchOff) 1361 protocolsSwitchOff |= route->mProtocol; 1362 if (route->mBatteryOff) 1363 protocolsBatteryOff |= route->mProtocol; 1364 } 1365 } 1366 1367 if (protocolsSwitchOn | protocolsSwitchOff | protocolsBatteryOff) 1368 { 1369 ALOGD ("%s: route to EE h=0x%X", fn, mEeInfo[i].ee_handle); 1370 SyncEventGuard guard (mRoutingEvent); 1371 nfaStat = NFA_EeSetDefaultProtoRouting (mEeInfo[i].ee_handle, 1372 protocolsSwitchOn, protocolsSwitchOff, protocolsBatteryOff); 1373 if (nfaStat == NFA_STATUS_OK) 1374 mRoutingEvent.wait (); 1375 else 1376 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat); 1377 } 1378 } //if sec elem is active 1379 } //for every discovered sec elem 1380 1381 ////////////////////// 1382 // configure route to host 1383 ////////////////////// 1384 { 1385 tNFA_PROTOCOL_MASK protocolsSwitchOn = 0; //all protocols that are active at full power 1386 tNFA_PROTOCOL_MASK protocolsSwitchOff = 0; //all protocols that are active when phone is turned off 1387 tNFA_PROTOCOL_MASK protocolsBatteryOff = 0; //all protocols that are active when there is no power 1388 1389 //for every route in XML, look for protocol route; 1390 //collect every protocol according to it's desired power mode 1391 for (RouteDataSet::Database::iterator iter = db->begin(); iter != db->end(); iter++) 1392 { 1393 RouteData* routeData = *iter; 1394 RouteDataForProtocol* route = NULL; 1395 if (routeData->mRouteType != RouteData::ProtocolRoute) 1396 continue; //skip other kinds of routing data 1397 route = (RouteDataForProtocol*) (*iter); 1398 if (route->mNfaEeHandle == NFA_EE_HANDLE_DH) 1399 { 1400 if (route->mSwitchOn) 1401 protocolsSwitchOn |= route->mProtocol; 1402 if (route->mSwitchOff) 1403 protocolsSwitchOff |= route->mProtocol; 1404 if (route->mBatteryOff) 1405 protocolsBatteryOff |= route->mProtocol; 1406 } 1407 } 1408 1409 if (protocolsSwitchOn | protocolsSwitchOff | protocolsBatteryOff) 1410 { 1411 ALOGD ("%s: route to EE h=0x%X", fn, NFA_EE_HANDLE_DH); 1412 SyncEventGuard guard (mRoutingEvent); 1413 nfaStat = NFA_EeSetDefaultProtoRouting (NFA_EE_HANDLE_DH, 1414 protocolsSwitchOn, protocolsSwitchOff, protocolsBatteryOff); 1415 if (nfaStat == NFA_STATUS_OK) 1416 mRoutingEvent.wait (); 1417 else 1418 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat); 1419 } 1420 } 1421 1422 ////////////////////// 1423 // if route database is empty, setup a default route 1424 ////////////////////// 1425 if (db->empty()) 1426 { 1427 tNFA_HANDLE eeHandle = NFA_EE_HANDLE_DH; 1428 if (routeSelection == SecElemRoute) 1429 eeHandle = mActiveEeHandle; 1430 ALOGD ("%s: route to default EE h=0x%X", fn, eeHandle); 1431 SyncEventGuard guard (mRoutingEvent); 1432 nfaStat = NFA_EeSetDefaultProtoRouting (eeHandle, protoMask, 0, 0); 1433 if (nfaStat == NFA_STATUS_OK) 1434 mRoutingEvent.wait (); 1435 else 1436 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat); 1437 } 1438 ALOGD ("%s: exit", fn); 1439 } 1440 1441 1442 /******************************************************************************* 1443 ** 1444 ** Function: adjustTechnologyRoutes 1445 ** 1446 ** Description: Adjust default routing based on technology in NFC listen mode. 1447 ** isRouteToEe: Whether routing to EE (true) or host (false). 1448 ** 1449 ** Returns: None 1450 ** 1451 *******************************************************************************/ 1452 void SecureElement::adjustTechnologyRoutes (RouteDataSet::Database* db, RouteSelection routeSelection) 1453 { 1454 static const char fn [] = "SecureElement::adjustTechnologyRoutes"; 1455 ALOGD ("%s: enter", fn); 1456 tNFA_STATUS nfaStat = NFA_STATUS_FAILED; 1457 const tNFA_TECHNOLOGY_MASK techMask = NFA_TECHNOLOGY_MASK_A | NFA_TECHNOLOGY_MASK_B; 1458 1459 /////////////////////// 1460 // delete route to host 1461 /////////////////////// 1462 { 1463 ALOGD ("%s: delete route to host", fn); 1464 SyncEventGuard guard (mRoutingEvent); 1465 if ((nfaStat = NFA_EeSetDefaultTechRouting (NFA_EE_HANDLE_DH, 0, 0, 0)) == NFA_STATUS_OK) 1466 mRoutingEvent.wait (); 1467 else 1468 ALOGE ("%s: fail delete route to host; error=0x%X", fn, nfaStat); 1469 } 1470 1471 /////////////////////// 1472 // delete route to every sec elem 1473 /////////////////////// 1474 for (int i=0; i < mActualNumEe; i++) 1475 { 1476 if ((mEeInfo[i].num_interface != 0) && 1477 (mEeInfo[i].ee_interface[0] != NFC_NFCEE_INTERFACE_HCI_ACCESS) && 1478 (mEeInfo[i].ee_status == NFA_EE_STATUS_ACTIVE)) 1479 { 1480 ALOGD ("%s: delete route to EE h=0x%X", fn, mEeInfo[i].ee_handle); 1481 SyncEventGuard guard (mRoutingEvent); 1482 if ((nfaStat = NFA_EeSetDefaultTechRouting (mEeInfo[i].ee_handle, 0, 0, 0)) == NFA_STATUS_OK) 1483 mRoutingEvent.wait (); 1484 else 1485 ALOGE ("%s: fail delete route to EE; error=0x%X", fn, nfaStat); 1486 } 1487 } 1488 1489 ////////////////////// 1490 // configure route for every discovered sec elem 1491 ////////////////////// 1492 for (int i=0; i < mActualNumEe; i++) 1493 { 1494 //if sec elem is active 1495 if ((mEeInfo[i].num_interface != 0) && 1496 (mEeInfo[i].ee_interface[0] != NFC_NFCEE_INTERFACE_HCI_ACCESS) && 1497 (mEeInfo[i].ee_status == NFA_EE_STATUS_ACTIVE)) 1498 { 1499 tNFA_TECHNOLOGY_MASK techsSwitchOn = 0; //all techs that are active at full power 1500 tNFA_TECHNOLOGY_MASK techsSwitchOff = 0; //all techs that are active when phone is turned off 1501 tNFA_TECHNOLOGY_MASK techsBatteryOff = 0; //all techs that are active when there is no power 1502 1503 //for every route in XML, look for tech route; 1504 //collect every tech according to it's desired power mode 1505 for (RouteDataSet::Database::iterator iter = db->begin(); iter != db->end(); iter++) 1506 { 1507 RouteData* routeData = *iter; 1508 RouteDataForTechnology* route = NULL; 1509 if (routeData->mRouteType != RouteData::TechnologyRoute) 1510 continue; //skip other kinds of routing data 1511 route = (RouteDataForTechnology*) (*iter); 1512 if (route->mNfaEeHandle == mEeInfo[i].ee_handle) 1513 { 1514 if (route->mSwitchOn) 1515 techsSwitchOn |= route->mTechnology; 1516 if (route->mSwitchOff) 1517 techsSwitchOff |= route->mTechnology; 1518 if (route->mBatteryOff) 1519 techsBatteryOff |= route->mTechnology; 1520 } 1521 } 1522 1523 if (techsSwitchOn | techsSwitchOff | techsBatteryOff) 1524 { 1525 ALOGD ("%s: route to EE h=0x%X", fn, mEeInfo[i].ee_handle); 1526 SyncEventGuard guard (mRoutingEvent); 1527 nfaStat = NFA_EeSetDefaultTechRouting (mEeInfo[i].ee_handle, 1528 techsSwitchOn, techsSwitchOff, techsBatteryOff); 1529 if (nfaStat == NFA_STATUS_OK) 1530 mRoutingEvent.wait (); 1531 else 1532 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat); 1533 } 1534 } //if sec elem is active 1535 } //for every discovered sec elem 1536 1537 ////////////////////// 1538 // configure route to host 1539 ////////////////////// 1540 { 1541 tNFA_TECHNOLOGY_MASK techsSwitchOn = 0; //all techs that are active at full power 1542 tNFA_TECHNOLOGY_MASK techsSwitchOff = 0; //all techs that are active when phone is turned off 1543 tNFA_TECHNOLOGY_MASK techsBatteryOff = 0; //all techs that are active when there is no power 1544 1545 //for every route in XML, look for protocol route; 1546 //collect every protocol according to it's desired power mode 1547 for (RouteDataSet::Database::iterator iter = db->begin(); iter != db->end(); iter++) 1548 { 1549 RouteData* routeData = *iter; 1550 RouteDataForTechnology * route = NULL; 1551 if (routeData->mRouteType != RouteData::TechnologyRoute) 1552 continue; //skip other kinds of routing data 1553 route = (RouteDataForTechnology*) (*iter); 1554 if (route->mNfaEeHandle == NFA_EE_HANDLE_DH) 1555 { 1556 if (route->mSwitchOn) 1557 techsSwitchOn |= route->mTechnology; 1558 if (route->mSwitchOff) 1559 techsSwitchOff |= route->mTechnology; 1560 if (route->mBatteryOff) 1561 techsBatteryOff |= route->mTechnology; 1562 } 1563 } 1564 1565 if (techsSwitchOn | techsSwitchOff | techsBatteryOff) 1566 { 1567 ALOGD ("%s: route to EE h=0x%X", fn, NFA_EE_HANDLE_DH); 1568 SyncEventGuard guard (mRoutingEvent); 1569 nfaStat = NFA_EeSetDefaultTechRouting (NFA_EE_HANDLE_DH, 1570 techsSwitchOn, techsSwitchOff, techsBatteryOff); 1571 if (nfaStat == NFA_STATUS_OK) 1572 mRoutingEvent.wait (); 1573 else 1574 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat); 1575 } 1576 } 1577 1578 ////////////////////// 1579 // if route database is empty, setup a default route 1580 ////////////////////// 1581 if (db->empty()) 1582 { 1583 tNFA_HANDLE eeHandle = NFA_EE_HANDLE_DH; 1584 if (routeSelection == SecElemRoute) 1585 eeHandle = mActiveEeHandle; 1586 ALOGD ("%s: route to default EE h=0x%X", fn, eeHandle); 1587 SyncEventGuard guard (mRoutingEvent); 1588 nfaStat = NFA_EeSetDefaultTechRouting (eeHandle, techMask, 0, 0); 1589 if (nfaStat == NFA_STATUS_OK) 1590 mRoutingEvent.wait (); 1591 else 1592 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat); 1593 } 1594 ALOGD ("%s: exit", fn); 1595 } 1596 1597 1598 /******************************************************************************* 1599 ** 1600 ** Function: nfaEeCallback 1601 ** 1602 ** Description: Receive execution environment-related events from stack. 1603 ** event: Event code. 1604 ** eventData: Event data. 1605 ** 1606 ** Returns: None 1607 ** 1608 *******************************************************************************/ 1609 void SecureElement::nfaEeCallback (tNFA_EE_EVT event, tNFA_EE_CBACK_DATA* eventData) 1610 { 1611 static const char fn [] = "SecureElement::nfaEeCallback"; 1612 1613 switch (event) 1614 { 1615 case NFA_EE_REGISTER_EVT: 1616 { 1617 SyncEventGuard guard (sSecElem.mEeRegisterEvent); 1618 ALOGD ("%s: NFA_EE_REGISTER_EVT; status=%u", fn, eventData->ee_register); 1619 sSecElem.mEeRegisterEvent.notifyOne(); 1620 } 1621 break; 1622 1623 case NFA_EE_MODE_SET_EVT: 1624 { 1625 ALOGD ("%s: NFA_EE_MODE_SET_EVT; status: 0x%04X handle: 0x%04X mActiveEeHandle: 0x%04X", fn, 1626 eventData->mode_set.status, eventData->mode_set.ee_handle, sSecElem.mActiveEeHandle); 1627 1628 if (eventData->mode_set.status == NFA_STATUS_OK) 1629 { 1630 tNFA_EE_INFO *pEE = sSecElem.findEeByHandle (eventData->mode_set.ee_handle); 1631 if (pEE) 1632 { 1633 pEE->ee_status ^= 1; 1634 ALOGD ("%s: NFA_EE_MODE_SET_EVT; pEE->ee_status: %s (0x%04x)", fn, SecureElement::eeStatusToString(pEE->ee_status), pEE->ee_status); 1635 } 1636 else 1637 ALOGE ("%s: NFA_EE_MODE_SET_EVT; EE: 0x%04x not found. mActiveEeHandle: 0x%04x", fn, eventData->mode_set.ee_handle, sSecElem.mActiveEeHandle); 1638 } 1639 SyncEventGuard guard (sSecElem.mEeSetModeEvent); 1640 sSecElem.mEeSetModeEvent.notifyOne(); 1641 } 1642 break; 1643 1644 case NFA_EE_SET_TECH_CFG_EVT: 1645 { 1646 ALOGD ("%s: NFA_EE_SET_TECH_CFG_EVT; status=0x%X", fn, eventData->status); 1647 SyncEventGuard guard (sSecElem.mRoutingEvent); 1648 sSecElem.mRoutingEvent.notifyOne (); 1649 } 1650 break; 1651 1652 case NFA_EE_SET_PROTO_CFG_EVT: 1653 { 1654 ALOGD ("%s: NFA_EE_SET_PROTO_CFG_EVT; status=0x%X", fn, eventData->status); 1655 SyncEventGuard guard (sSecElem.mRoutingEvent); 1656 sSecElem.mRoutingEvent.notifyOne (); 1657 } 1658 break; 1659 1660 case NFA_EE_ACTION_EVT: 1661 { 1662 tNFA_EE_ACTION& action = eventData->action; 1663 if (action.trigger == NFC_EE_TRIG_SELECT) 1664 ALOGD ("%s: NFA_EE_ACTION_EVT; h=0x%X; trigger=select (0x%X)", fn, action.ee_handle, action.trigger); 1665 else if (action.trigger == NFC_EE_TRIG_APP_INIT) 1666 { 1667 tNFC_APP_INIT& app_init = action.param.app_init; 1668 ALOGD ("%s: NFA_EE_ACTION_EVT; h=0x%X; trigger=app-init (0x%X); aid len=%u; data len=%u", fn, 1669 action.ee_handle, action.trigger, app_init.len_aid, app_init.len_data); 1670 //if app-init operation is successful; 1671 //app_init.data[] contains two bytes, which are the status codes of the event; 1672 //app_init.data[] does not contain an APDU response; 1673 //see EMV Contactless Specification for Payment Systems; Book B; Entry Point Specification; 1674 //version 2.1; March 2011; section 3.3.3.5; 1675 if ( (app_init.len_data > 1) && 1676 (app_init.data[0] == 0x90) && 1677 (app_init.data[1] == 0x00) ) 1678 { 1679 sSecElem.notifyTransactionListenersOfAid (app_init.aid, app_init.len_aid); 1680 } 1681 } 1682 else if (action.trigger == NFC_EE_TRIG_RF_PROTOCOL) 1683 ALOGD ("%s: NFA_EE_ACTION_EVT; h=0x%X; trigger=rf protocol (0x%X)", fn, action.ee_handle, action.trigger); 1684 else if (action.trigger == NFC_EE_TRIG_RF_TECHNOLOGY) 1685 ALOGD ("%s: NFA_EE_ACTION_EVT; h=0x%X; trigger=rf tech (0x%X)", fn, action.ee_handle, action.trigger); 1686 else 1687 ALOGE ("%s: NFA_EE_ACTION_EVT; h=0x%X; unknown trigger (0x%X)", fn, action.ee_handle, action.trigger); 1688 } 1689 break; 1690 1691 case NFA_EE_DISCOVER_REQ_EVT: 1692 ALOGD ("%s: NFA_EE_DISCOVER_REQ_EVT; status=0x%X; num ee=%u", __FUNCTION__, 1693 eventData->discover_req.status, eventData->discover_req.num_ee); 1694 sSecElem.storeUiccInfo (eventData->discover_req); 1695 break; 1696 1697 case NFA_EE_NO_CB_ERR_EVT: 1698 ALOGD ("%s: NFA_EE_NO_CB_ERR_EVT status=%u", fn, eventData->status); 1699 break; 1700 1701 case NFA_EE_ADD_AID_EVT: 1702 { 1703 ALOGD ("%s: NFA_EE_ADD_AID_EVT status=%u", fn, eventData->status); 1704 SyncEventGuard guard (sSecElem.mAidAddRemoveEvent); 1705 sSecElem.mAidAddRemoveEvent.notifyOne (); 1706 } 1707 break; 1708 1709 case NFA_EE_REMOVE_AID_EVT: 1710 { 1711 ALOGD ("%s: NFA_EE_REMOVE_AID_EVT status=%u", fn, eventData->status); 1712 SyncEventGuard guard (sSecElem.mAidAddRemoveEvent); 1713 sSecElem.mAidAddRemoveEvent.notifyOne (); 1714 } 1715 break; 1716 1717 case NFA_EE_NEW_EE_EVT: 1718 { 1719 ALOGD ("%s: NFA_EE_NEW_EE_EVT h=0x%X; status=%u", fn, 1720 eventData->new_ee.ee_handle, eventData->new_ee.ee_status); 1721 // Indicate there are new EE 1722 sSecElem.mbNewEE = true; 1723 } 1724 break; 1725 1726 default: 1727 ALOGE ("%s: unknown event=%u ????", fn, event); 1728 break; 1729 } 1730 } 1731 1732 /******************************************************************************* 1733 ** 1734 ** Function getSeVerInfo 1735 ** 1736 ** Description Gets version information and id for a secure element. The 1737 ** seIndex parmeter is the zero based index of the secure 1738 ** element to get verion info for. The version infommation 1739 ** is returned as a string int the verInfo parameter. 1740 ** 1741 ** Returns ture on success, false on failure 1742 ** 1743 *******************************************************************************/ 1744 bool SecureElement::getSeVerInfo(int seIndex, char * verInfo, int verInfoSz, UINT8 * seid) 1745 { 1746 ALOGD("%s: enter, seIndex=%d", __FUNCTION__, seIndex); 1747 1748 if (seIndex > (mActualNumEe-1)) 1749 { 1750 ALOGE("%s: invalid se index: %d, only %d SEs in system", __FUNCTION__, seIndex, mActualNumEe); 1751 return false; 1752 } 1753 1754 *seid = mEeInfo[seIndex].ee_handle; 1755 1756 if ((mEeInfo[seIndex].num_interface == 0) || (mEeInfo[seIndex].ee_interface[0] == NCI_NFCEE_INTERFACE_HCI_ACCESS) ) 1757 { 1758 return false; 1759 } 1760 1761 strncpy(verInfo, "Version info not available", verInfoSz-1); 1762 verInfo[verInfoSz-1] = '\0'; 1763 1764 UINT8 pipe = (mEeInfo[seIndex].ee_handle == EE_HANDLE_0xF3) ? 0x70 : 0x71; 1765 UINT8 host = (pipe == STATIC_PIPE_0x70) ? 0x02 : 0x03; 1766 UINT8 gate = (pipe == STATIC_PIPE_0x70) ? 0xF0 : 0xF1; 1767 1768 tNFA_STATUS nfaStat = NFA_HciAddStaticPipe(mNfaHciHandle, host, gate, pipe); 1769 if (nfaStat != NFA_STATUS_OK) 1770 { 1771 ALOGE ("%s: NFA_HciAddStaticPipe() failed, pipe = 0x%x, error=0x%X", __FUNCTION__, pipe, nfaStat); 1772 return true; 1773 } 1774 1775 SyncEventGuard guard (mVerInfoEvent); 1776 if (NFA_STATUS_OK == (nfaStat = NFA_HciGetRegistry (mNfaHciHandle, pipe, 0x02))) 1777 { 1778 if (false == mVerInfoEvent.wait(200)) 1779 { 1780 ALOGE ("%s: wait response timeout", __FUNCTION__); 1781 } 1782 else 1783 { 1784 snprintf(verInfo, verInfoSz-1, "Oberthur OS S/N: 0x%02x%02x%02x", mVerInfo[0], mVerInfo[1], mVerInfo[2]); 1785 verInfo[verInfoSz-1] = '\0'; 1786 } 1787 } 1788 else 1789 { 1790 ALOGE ("%s: NFA_HciGetRegistry () failed: 0x%X", __FUNCTION__, nfaStat); 1791 } 1792 return true; 1793 } 1794 1795 /******************************************************************************* 1796 ** 1797 ** Function getActualNumEe 1798 ** 1799 ** Description Returns number of secure elements we know about. 1800 ** 1801 ** Returns Number of secure elements we know about. 1802 ** 1803 *******************************************************************************/ 1804 UINT8 SecureElement::getActualNumEe() 1805 { 1806 return mActualNumEe; 1807 } 1808 1809 /******************************************************************************* 1810 ** 1811 ** Function: nfaHciCallback 1812 ** 1813 ** Description: Receive Host Controller Interface-related events from stack. 1814 ** event: Event code. 1815 ** eventData: Event data. 1816 ** 1817 ** Returns: None 1818 ** 1819 *******************************************************************************/ 1820 void SecureElement::nfaHciCallback (tNFA_HCI_EVT event, tNFA_HCI_EVT_DATA* eventData) 1821 { 1822 static const char fn [] = "SecureElement::nfaHciCallback"; 1823 ALOGD ("%s: event=0x%X", fn, event); 1824 1825 switch (event) 1826 { 1827 case NFA_HCI_REGISTER_EVT: 1828 { 1829 ALOGD ("%s: NFA_HCI_REGISTER_EVT; status=0x%X; handle=0x%X", fn, 1830 eventData->hci_register.status, eventData->hci_register.hci_handle); 1831 SyncEventGuard guard (sSecElem.mHciRegisterEvent); 1832 sSecElem.mNfaHciHandle = eventData->hci_register.hci_handle; 1833 sSecElem.mHciRegisterEvent.notifyOne(); 1834 } 1835 break; 1836 1837 case NFA_HCI_ALLOCATE_GATE_EVT: 1838 { 1839 ALOGD ("%s: NFA_HCI_ALLOCATE_GATE_EVT; status=0x%X; gate=0x%X", fn, eventData->status, eventData->allocated.gate); 1840 SyncEventGuard guard (sSecElem.mAllocateGateEvent); 1841 sSecElem.mCommandStatus = eventData->status; 1842 sSecElem.mNewSourceGate = (eventData->allocated.status == NFA_STATUS_OK) ? eventData->allocated.gate : 0; 1843 sSecElem.mAllocateGateEvent.notifyOne(); 1844 } 1845 break; 1846 1847 case NFA_HCI_DEALLOCATE_GATE_EVT: 1848 { 1849 tNFA_HCI_DEALLOCATE_GATE& deallocated = eventData->deallocated; 1850 ALOGD ("%s: NFA_HCI_DEALLOCATE_GATE_EVT; status=0x%X; gate=0x%X", fn, deallocated.status, deallocated.gate); 1851 SyncEventGuard guard (sSecElem.mDeallocateGateEvent); 1852 sSecElem.mDeallocateGateEvent.notifyOne(); 1853 } 1854 break; 1855 1856 case NFA_HCI_GET_GATE_PIPE_LIST_EVT: 1857 { 1858 ALOGD ("%s: NFA_HCI_GET_GATE_PIPE_LIST_EVT; status=0x%X; num_pipes: %u num_gates: %u", fn, 1859 eventData->gates_pipes.status, eventData->gates_pipes.num_pipes, eventData->gates_pipes.num_gates); 1860 SyncEventGuard guard (sSecElem.mPipeListEvent); 1861 sSecElem.mCommandStatus = eventData->gates_pipes.status; 1862 sSecElem.mHciCfg = eventData->gates_pipes; 1863 sSecElem.mPipeListEvent.notifyOne(); 1864 } 1865 break; 1866 1867 case NFA_HCI_CREATE_PIPE_EVT: 1868 { 1869 ALOGD ("%s: NFA_HCI_CREATE_PIPE_EVT; status=0x%X; pipe=0x%X; src gate=0x%X; dest host=0x%X; dest gate=0x%X", fn, 1870 eventData->created.status, eventData->created.pipe, eventData->created.source_gate, eventData->created.dest_host, eventData->created.dest_gate); 1871 SyncEventGuard guard (sSecElem.mCreatePipeEvent); 1872 sSecElem.mCommandStatus = eventData->created.status; 1873 sSecElem.mNewPipeId = eventData->created.pipe; 1874 sSecElem.mCreatePipeEvent.notifyOne(); 1875 } 1876 break; 1877 1878 case NFA_HCI_OPEN_PIPE_EVT: 1879 { 1880 ALOGD ("%s: NFA_HCI_OPEN_PIPE_EVT; status=0x%X; pipe=0x%X", fn, eventData->opened.status, eventData->opened.pipe); 1881 SyncEventGuard guard (sSecElem.mPipeOpenedEvent); 1882 sSecElem.mCommandStatus = eventData->opened.status; 1883 sSecElem.mPipeOpenedEvent.notifyOne(); 1884 } 1885 break; 1886 1887 case NFA_HCI_EVENT_SENT_EVT: 1888 ALOGD ("%s: NFA_HCI_EVENT_SENT_EVT; status=0x%X", fn, eventData->evt_sent.status); 1889 break; 1890 1891 case NFA_HCI_RSP_RCVD_EVT: //response received from secure element 1892 { 1893 tNFA_HCI_RSP_RCVD& rsp_rcvd = eventData->rsp_rcvd; 1894 ALOGD ("%s: NFA_HCI_RSP_RCVD_EVT; status: 0x%X; code: 0x%X; pipe: 0x%X; len: %u", fn, 1895 rsp_rcvd.status, rsp_rcvd.rsp_code, rsp_rcvd.pipe, rsp_rcvd.rsp_len); 1896 } 1897 break; 1898 1899 case NFA_HCI_GET_REG_RSP_EVT : 1900 ALOGD ("%s: NFA_HCI_GET_REG_RSP_EVT; status: 0x%X; pipe: 0x%X, len: %d", fn, 1901 eventData->registry.status, eventData->registry.pipe, eventData->registry.data_len); 1902 if (eventData->registry.data_len >= 19 && ((eventData->registry.pipe == STATIC_PIPE_0x70) || (eventData->registry.pipe == STATIC_PIPE_0x71))) 1903 { 1904 SyncEventGuard guard (sSecElem.mVerInfoEvent); 1905 // Oberthur OS version is in bytes 16,17, and 18 1906 sSecElem.mVerInfo[0] = eventData->registry.reg_data[16]; 1907 sSecElem.mVerInfo[1] = eventData->registry.reg_data[17]; 1908 sSecElem.mVerInfo[2] = eventData->registry.reg_data[18]; 1909 sSecElem.mVerInfoEvent.notifyOne (); 1910 } 1911 break; 1912 1913 case NFA_HCI_EVENT_RCVD_EVT: 1914 ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; code: 0x%X; pipe: 0x%X; data len: %u", fn, 1915 eventData->rcvd_evt.evt_code, eventData->rcvd_evt.pipe, eventData->rcvd_evt.evt_len); 1916 if ((eventData->rcvd_evt.pipe == STATIC_PIPE_0x70) || (eventData->rcvd_evt.pipe == STATIC_PIPE_0x71)) 1917 { 1918 ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; data from static pipe", fn); 1919 SyncEventGuard guard (sSecElem.mTransceiveEvent); 1920 sSecElem.mActualResponseSize = (eventData->rcvd_evt.evt_len > MAX_RESPONSE_SIZE) ? MAX_RESPONSE_SIZE : eventData->rcvd_evt.evt_len; 1921 sSecElem.mTransceiveEvent.notifyOne (); 1922 } 1923 else if (eventData->rcvd_evt.evt_code == NFA_HCI_EVT_POST_DATA) 1924 { 1925 ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; NFA_HCI_EVT_POST_DATA", fn); 1926 SyncEventGuard guard (sSecElem.mTransceiveEvent); 1927 sSecElem.mActualResponseSize = (eventData->rcvd_evt.evt_len > MAX_RESPONSE_SIZE) ? MAX_RESPONSE_SIZE : eventData->rcvd_evt.evt_len; 1928 sSecElem.mTransceiveEvent.notifyOne (); 1929 } 1930 else if (eventData->rcvd_evt.evt_code == NFA_HCI_EVT_TRANSACTION) 1931 { 1932 ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; NFA_HCI_EVT_TRANSACTION", fn); 1933 // If we got an AID, notify any listeners 1934 if ((eventData->rcvd_evt.evt_len > 3) && (eventData->rcvd_evt.p_evt_buf[0] == 0x81) ) 1935 sSecElem.notifyTransactionListenersOfAid (&eventData->rcvd_evt.p_evt_buf[2], eventData->rcvd_evt.p_evt_buf[1]); 1936 } 1937 break; 1938 1939 case NFA_HCI_SET_REG_RSP_EVT: //received response to write registry command 1940 { 1941 tNFA_HCI_REGISTRY& registry = eventData->registry; 1942 ALOGD ("%s: NFA_HCI_SET_REG_RSP_EVT; status=0x%X; pipe=0x%X", fn, registry.status, registry.pipe); 1943 SyncEventGuard guard (sSecElem.mRegistryEvent); 1944 sSecElem.mRegistryEvent.notifyOne (); 1945 break; 1946 } 1947 1948 default: 1949 ALOGE ("%s: unknown event code=0x%X ????", fn, event); 1950 break; 1951 } 1952 } 1953 1954 1955 /******************************************************************************* 1956 ** 1957 ** Function: findEeByHandle 1958 ** 1959 ** Description: Find information about an execution environment. 1960 ** eeHandle: Handle to execution environment. 1961 ** 1962 ** Returns: Information about an execution environment. 1963 ** 1964 *******************************************************************************/ 1965 tNFA_EE_INFO *SecureElement::findEeByHandle (tNFA_HANDLE eeHandle) 1966 { 1967 for (UINT8 xx = 0; xx < mActualNumEe; xx++) 1968 { 1969 if (mEeInfo[xx].ee_handle == eeHandle) 1970 return (&mEeInfo[xx]); 1971 } 1972 return (NULL); 1973 } 1974 1975 1976 /******************************************************************************* 1977 ** 1978 ** Function: getDefaultEeHandle 1979 ** 1980 ** Description: Get the handle to the execution environment. 1981 ** 1982 ** Returns: Handle to the execution environment. 1983 ** 1984 *******************************************************************************/ 1985 tNFA_HANDLE SecureElement::getDefaultEeHandle () 1986 { 1987 UINT16 overrideEeHandle = NFA_HANDLE_GROUP_EE | mActiveSeOverride; 1988 // Find the first EE that is not the HCI Access i/f. 1989 for (UINT8 xx = 0; xx < mActualNumEe; xx++) 1990 { 1991 if (mActiveSeOverride && (overrideEeHandle != mEeInfo[xx].ee_handle)) 1992 continue; //skip all the EE's that are ignored 1993 if ((mEeInfo[xx].num_interface != 0) && 1994 (mEeInfo[xx].ee_interface[0] != NCI_NFCEE_INTERFACE_HCI_ACCESS) && 1995 (mEeInfo[xx].ee_status != NFC_NFCEE_STATUS_INACTIVE)) 1996 return (mEeInfo[xx].ee_handle); 1997 } 1998 return NFA_HANDLE_INVALID; 1999 } 2000 2001 2002 /******************************************************************************* 2003 ** 2004 ** Function: findUiccByHandle 2005 ** 2006 ** Description: Find information about an execution environment. 2007 ** eeHandle: Handle of the execution environment. 2008 ** 2009 ** Returns: Information about the execution environment. 2010 ** 2011 *******************************************************************************/ 2012 tNFA_EE_DISCOVER_INFO *SecureElement::findUiccByHandle (tNFA_HANDLE eeHandle) 2013 { 2014 for (UINT8 index = 0; index < mUiccInfo.num_ee; index++) 2015 { 2016 if (mUiccInfo.ee_disc_info[index].ee_handle == eeHandle) 2017 { 2018 return (&mUiccInfo.ee_disc_info[index]); 2019 } 2020 } 2021 ALOGE ("SecureElement::findUiccByHandle: ee h=0x%4x not found", eeHandle); 2022 return NULL; 2023 } 2024 2025 2026 /******************************************************************************* 2027 ** 2028 ** Function: eeStatusToString 2029 ** 2030 ** Description: Convert status code to status text. 2031 ** status: Status code 2032 ** 2033 ** Returns: None 2034 ** 2035 *******************************************************************************/ 2036 const char* SecureElement::eeStatusToString (UINT8 status) 2037 { 2038 switch (status) 2039 { 2040 case NFC_NFCEE_STATUS_ACTIVE: 2041 return("Connected/Active"); 2042 case NFC_NFCEE_STATUS_INACTIVE: 2043 return("Connected/Inactive"); 2044 case NFC_NFCEE_STATUS_REMOVED: 2045 return("Removed"); 2046 } 2047 return("?? Unknown ??"); 2048 } 2049 2050 2051 /******************************************************************************* 2052 ** 2053 ** Function: connectionEventHandler 2054 ** 2055 ** Description: Receive card-emulation related events from stack. 2056 ** event: Event code. 2057 ** eventData: Event data. 2058 ** 2059 ** Returns: None 2060 ** 2061 *******************************************************************************/ 2062 void SecureElement::connectionEventHandler (UINT8 event, tNFA_CONN_EVT_DATA* /*eventData*/) 2063 { 2064 switch (event) 2065 { 2066 case NFA_CE_UICC_LISTEN_CONFIGURED_EVT: 2067 { 2068 SyncEventGuard guard (mUiccListenEvent); 2069 mUiccListenEvent.notifyOne (); 2070 } 2071 break; 2072 } 2073 } 2074 2075 2076 /******************************************************************************* 2077 ** 2078 ** Function: routeToSecureElement 2079 ** 2080 ** Description: Adjust controller's listen-mode routing table so transactions 2081 ** are routed to the secure elements. 2082 ** 2083 ** Returns: True if ok. 2084 ** 2085 *******************************************************************************/ 2086 bool SecureElement::routeToSecureElement () 2087 { 2088 static const char fn [] = "SecureElement::routeToSecureElement"; 2089 ALOGD ("%s: enter", fn); 2090 tNFA_STATUS nfaStat = NFA_STATUS_FAILED; 2091 tNFA_TECHNOLOGY_MASK tech_mask = NFA_TECHNOLOGY_MASK_A | NFA_TECHNOLOGY_MASK_B; 2092 bool retval = false; 2093 2094 if (! mIsInit) 2095 { 2096 ALOGE ("%s: not init", fn); 2097 return false; 2098 } 2099 2100 if (mCurrentRouteSelection == SecElemRoute) 2101 { 2102 ALOGE ("%s: already sec elem route", fn); 2103 return true; 2104 } 2105 2106 if (mActiveEeHandle == NFA_HANDLE_INVALID) 2107 { 2108 ALOGE ("%s: invalid EE handle", fn); 2109 return false; 2110 } 2111 2112 adjustRoutes (SecElemRoute); 2113 2114 { 2115 unsigned long num = 0; 2116 if (GetNumValue("UICC_LISTEN_TECH_MASK", &num, sizeof(num))) 2117 tech_mask = num; 2118 ALOGD ("%s: start UICC listen; h=0x%X; tech mask=0x%X", fn, mActiveEeHandle, tech_mask); 2119 SyncEventGuard guard (mUiccListenEvent); 2120 nfaStat = NFA_CeConfigureUiccListenTech (mActiveEeHandle, tech_mask); 2121 if (nfaStat == NFA_STATUS_OK) 2122 { 2123 mUiccListenEvent.wait (); 2124 retval = true; 2125 } 2126 else 2127 ALOGE ("%s: fail to start UICC listen", fn); 2128 } 2129 2130 ALOGD ("%s: exit; ok=%u", fn, retval); 2131 return retval; 2132 } 2133 2134 2135 /******************************************************************************* 2136 ** 2137 ** Function: routeToDefault 2138 ** 2139 ** Description: Adjust controller's listen-mode routing table so transactions 2140 ** are routed to the default destination. 2141 ** 2142 ** Returns: True if ok. 2143 ** 2144 *******************************************************************************/ 2145 bool SecureElement::routeToDefault () 2146 { 2147 static const char fn [] = "SecureElement::routeToDefault"; 2148 tNFA_STATUS nfaStat = NFA_STATUS_FAILED; 2149 bool retval = false; 2150 2151 ALOGD ("%s: enter", fn); 2152 if (! mIsInit) 2153 { 2154 ALOGE ("%s: not init", fn); 2155 return false; 2156 } 2157 2158 if (mCurrentRouteSelection == DefaultRoute) 2159 { 2160 ALOGD ("%s: already default route", fn); 2161 return true; 2162 } 2163 2164 if (mActiveEeHandle != NFA_HANDLE_INVALID) 2165 { 2166 ALOGD ("%s: stop UICC listen; EE h=0x%X", fn, mActiveEeHandle); 2167 SyncEventGuard guard (mUiccListenEvent); 2168 nfaStat = NFA_CeConfigureUiccListenTech (mActiveEeHandle, 0); 2169 if (nfaStat == NFA_STATUS_OK) 2170 { 2171 mUiccListenEvent.wait (); 2172 retval = true; 2173 } 2174 else 2175 ALOGE ("%s: fail to stop UICC listen", fn); 2176 } 2177 else 2178 retval = true; 2179 2180 adjustRoutes (DefaultRoute); 2181 2182 ALOGD ("%s: exit; ok=%u", fn, retval); 2183 return retval; 2184 } 2185 2186 2187 /******************************************************************************* 2188 ** 2189 ** Function: isBusy 2190 ** 2191 ** Description: Whether controller is routing listen-mode events to 2192 ** secure elements or a pipe is connected. 2193 ** 2194 ** Returns: True if either case is true. 2195 ** 2196 *******************************************************************************/ 2197 bool SecureElement::isBusy () 2198 { 2199 bool retval = (mCurrentRouteSelection == SecElemRoute) || mIsPiping; 2200 ALOGD ("SecureElement::isBusy: %u", retval); 2201 return retval; 2202 } 2203
