1 /*
2 * Copyright (C) 2012 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 /*
18 * Communicate with secure elements that are attached to the NFC
19 * controller.
20 */
21 #include <semaphore.h>
22 #include <errno.h>
23 #include <ScopedLocalRef.h>
24 #include "OverrideLog.h"
25 #include "SecureElement.h"
26 #include "config.h"
27 #include "PowerSwitch.h"
28 #include "HostAidRouter.h"
29 #include "JavaClassConstants.h"
30
31
32 /*****************************************************************************
33 **
34 ** public variables
35 **
36 *****************************************************************************/
37 int gSEId = -1; // secure element ID to use in connectEE(), -1 means not set
38 int gGatePipe = -1; // gate id or static pipe id to use in connectEE(), -1 means not set
39 bool gUseStaticPipe = false; // if true, use gGatePipe as static pipe id. if false, use as gate id
40
41 namespace android
42 {
43 extern void startRfDiscovery (bool isStart);
44 extern void setUiccIdleTimeout (bool enable);
45 }
46
47 //////////////////////////////////////////////
48 //////////////////////////////////////////////
49
50
51 SecureElement SecureElement::sSecElem;
52 const char* SecureElement::APP_NAME = "nfc_jni";
53
54
55 /*******************************************************************************
56 **
57 ** Function: SecureElement
58 **
59 ** Description: Initialize member variables.
60 **
61 ** Returns: None
62 **
63 *******************************************************************************/
SecureElement()64 SecureElement::SecureElement ()
65 : mActiveEeHandle (NFA_HANDLE_INVALID),
66 mDestinationGate (4), //loopback gate
67 mNfaHciHandle (NFA_HANDLE_INVALID),
68 mNativeData (NULL),
69 mIsInit (false),
70 mActualNumEe (0),
71 mNumEePresent(0),
72 mbNewEE (true), // by default we start w/thinking there are new EE
73 mNewPipeId (0),
74 mNewSourceGate (0),
75 mActiveSeOverride(0),
76 mCommandStatus (NFA_STATUS_OK),
77 mIsPiping (false),
78 mCurrentRouteSelection (NoRoute),
79 mActualResponseSize(0),
80 mUseOberthurWarmReset (false),
81 mActivatedInListenMode (false),
82 mOberthurWarmResetCommand (3),
83 mRfFieldIsOn(false)
84 {
85 memset (&mEeInfo, 0, sizeof(mEeInfo));
86 memset (&mUiccInfo, 0, sizeof(mUiccInfo));
87 memset (&mHciCfg, 0, sizeof(mHciCfg));
88 memset (mResponseData, 0, sizeof(mResponseData));
89 memset (mAidForEmptySelect, 0, sizeof(mAidForEmptySelect));
90 memset (&mLastRfFieldToggle, 0, sizeof(mLastRfFieldToggle));
91 }
92
93
94 /*******************************************************************************
95 **
96 ** Function: ~SecureElement
97 **
98 ** Description: Release all resources.
99 **
100 ** Returns: None
101 **
102 *******************************************************************************/
~SecureElement()103 SecureElement::~SecureElement ()
104 {
105 }
106
107
108 /*******************************************************************************
109 **
110 ** Function: getInstance
111 **
112 ** Description: Get the SecureElement singleton object.
113 **
114 ** Returns: SecureElement object.
115 **
116 *******************************************************************************/
getInstance()117 SecureElement& SecureElement::getInstance()
118 {
119 return sSecElem;
120 }
121
122
123 /*******************************************************************************
124 **
125 ** Function: setActiveSeOverride
126 **
127 ** Description: Specify which secure element to turn on.
128 ** activeSeOverride: ID of secure element
129 **
130 ** Returns: None
131 **
132 *******************************************************************************/
setActiveSeOverride(UINT8 activeSeOverride)133 void SecureElement::setActiveSeOverride(UINT8 activeSeOverride)
134 {
135 ALOGD ("SecureElement::setActiveSeOverride, seid=0x%X", activeSeOverride);
136 mActiveSeOverride = activeSeOverride;
137 }
138
139
140 /*******************************************************************************
141 **
142 ** Function: initialize
143 **
144 ** Description: Initialize all member variables.
145 ** native: Native data.
146 **
147 ** Returns: True if ok.
148 **
149 *******************************************************************************/
initialize(nfc_jni_native_data * native)150 bool SecureElement::initialize (nfc_jni_native_data* native)
151 {
152 static const char fn [] = "SecureElement::initialize";
153 tNFA_STATUS nfaStat;
154 unsigned long num = 0;
155
156 ALOGD ("%s: enter", fn);
157
158 if (GetNumValue("NFA_HCI_DEFAULT_DEST_GATE", &num, sizeof(num)))
159 mDestinationGate = num;
160 ALOGD ("%s: Default destination gate: 0x%X", fn, mDestinationGate);
161
162 // active SE, if not set active all SEs
163 if (GetNumValue("ACTIVE_SE", &num, sizeof(num)))
164 mActiveSeOverride = num;
165 ALOGD ("%s: Active SE override: 0x%X", fn, mActiveSeOverride);
166
167 if (GetNumValue("OBERTHUR_WARM_RESET_COMMAND", &num, sizeof(num)))
168 {
169 mUseOberthurWarmReset = true;
170 mOberthurWarmResetCommand = (UINT8) num;
171 }
172
173 mActiveEeHandle = NFA_HANDLE_INVALID;
174 mNfaHciHandle = NFA_HANDLE_INVALID;
175
176 mNativeData = native;
177 mActualNumEe = MAX_NUM_EE;
178 mbNewEE = true;
179 mNewPipeId = 0;
180 mNewSourceGate = 0;
181 mRfFieldIsOn = false;
182 mActivatedInListenMode = false;
183 mCurrentRouteSelection = NoRoute;
184 memset (mEeInfo, 0, sizeof(mEeInfo));
185 memset (&mUiccInfo, 0, sizeof(mUiccInfo));
186 memset (&mHciCfg, 0, sizeof(mHciCfg));
187 mUsedAids.clear ();
188 memset(mAidForEmptySelect, 0, sizeof(mAidForEmptySelect));
189
190 // Get Fresh EE info.
191 if (! getEeInfo())
192 return (false);
193
194 {
195 SyncEventGuard guard (mEeRegisterEvent);
196 ALOGD ("%s: try ee register", fn);
197 nfaStat = NFA_EeRegister (nfaEeCallback);
198 if (nfaStat != NFA_STATUS_OK)
199 {
200 ALOGE ("%s: fail ee register; error=0x%X", fn, nfaStat);
201 return (false);
202 }
203 mEeRegisterEvent.wait ();
204 }
205
206 // If the controller has an HCI Network, register for that
207 for (size_t xx = 0; xx < mActualNumEe; xx++)
208 {
209 if ((mEeInfo[xx].num_interface > 0) && (mEeInfo[xx].ee_interface[0] == NCI_NFCEE_INTERFACE_HCI_ACCESS) )
210 {
211 ALOGD ("%s: Found HCI network, try hci register", fn);
212
213 SyncEventGuard guard (mHciRegisterEvent);
214
215 nfaStat = NFA_HciRegister (const_cast<char*>(APP_NAME), nfaHciCallback, TRUE);
216 if (nfaStat != NFA_STATUS_OK)
217 {
218 ALOGE ("%s: fail hci register; error=0x%X", fn, nfaStat);
219 return (false);
220 }
221 mHciRegisterEvent.wait();
222 break;
223 }
224 }
225
226 mRouteDataSet.initialize ();
227 mRouteDataSet.import (); //read XML file
228 HostAidRouter::getInstance().initialize ();
229
230 GetStrValue(NAME_AID_FOR_EMPTY_SELECT, (char*)&mAidForEmptySelect[0], sizeof(mAidForEmptySelect));
231
232 mIsInit = true;
233 ALOGD ("%s: exit", fn);
234 return (true);
235 }
236
237
238 /*******************************************************************************
239 **
240 ** Function: finalize
241 **
242 ** Description: Release all resources.
243 **
244 ** Returns: None
245 **
246 *******************************************************************************/
finalize()247 void SecureElement::finalize ()
248 {
249 static const char fn [] = "SecureElement::finalize";
250 ALOGD ("%s: enter", fn);
251
252 NFA_EeDeregister (nfaEeCallback);
253
254 if (mNfaHciHandle != NFA_HANDLE_INVALID)
255 NFA_HciDeregister (const_cast<char*>(APP_NAME));
256
257 mNfaHciHandle = NFA_HANDLE_INVALID;
258 mNativeData = NULL;
259 mIsInit = false;
260 mActualNumEe = 0;
261 mNumEePresent = 0;
262 mNewPipeId = 0;
263 mNewSourceGate = 0;
264 mIsPiping = false;
265 memset (mEeInfo, 0, sizeof(mEeInfo));
266 memset (&mUiccInfo, 0, sizeof(mUiccInfo));
267
268 ALOGD ("%s: exit", fn);
269 }
270
271
272 /*******************************************************************************
273 **
274 ** Function: getEeInfo
275 **
276 ** Description: Get latest information about execution environments from stack.
277 **
278 ** Returns: True if at least 1 EE is available.
279 **
280 *******************************************************************************/
getEeInfo()281 bool SecureElement::getEeInfo()
282 {
283 static const char fn [] = "SecureElement::getEeInfo";
284 ALOGD ("%s: enter; mbNewEE=%d, mActualNumEe=%d", fn, mbNewEE, mActualNumEe);
285 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
286
287 // If mbNewEE is true then there is new EE info.
288 if (mbNewEE)
289 {
290 mActualNumEe = MAX_NUM_EE;
291
292 if ((nfaStat = NFA_EeGetInfo (&mActualNumEe, mEeInfo)) != NFA_STATUS_OK)
293 {
294 ALOGE ("%s: fail get info; error=0x%X", fn, nfaStat);
295 mActualNumEe = 0;
296 }
297 else
298 {
299 mbNewEE = false;
300
301 ALOGD ("%s: num EEs discovered: %u", fn, mActualNumEe);
302 if (mActualNumEe != 0)
303 {
304 for (UINT8 xx = 0; xx < mActualNumEe; xx++)
305 {
306 if ((mEeInfo[xx].num_interface != 0) && (mEeInfo[xx].ee_interface[0] != NCI_NFCEE_INTERFACE_HCI_ACCESS) )
307 mNumEePresent++;
308
309 ALOGD ("%s: EE[%u] Handle: 0x%04x Status: %s Num I/f: %u: (0x%02x, 0x%02x) Num TLVs: %u",
310 fn, xx, mEeInfo[xx].ee_handle, eeStatusToString(mEeInfo[xx].ee_status), mEeInfo[xx].num_interface,
311 mEeInfo[xx].ee_interface[0], mEeInfo[xx].ee_interface[1], mEeInfo[xx].num_tlvs);
312
313 for (size_t yy = 0; yy < mEeInfo[xx].num_tlvs; yy++)
314 {
315 ALOGD ("%s: EE[%u] TLV[%u] Tag: 0x%02x Len: %u Values[]: 0x%02x 0x%02x 0x%02x ...",
316 fn, xx, yy, mEeInfo[xx].ee_tlv[yy].tag, mEeInfo[xx].ee_tlv[yy].len, mEeInfo[xx].ee_tlv[yy].info[0],
317 mEeInfo[xx].ee_tlv[yy].info[1], mEeInfo[xx].ee_tlv[yy].info[2]);
318 }
319 }
320 }
321 }
322 }
323 ALOGD ("%s: exit; mActualNumEe=%d, mNumEePresent=%d", fn, mActualNumEe,mNumEePresent);
324 return (mActualNumEe != 0);
325 }
326
327
328 /*******************************************************************************
329 **
330 ** Function TimeDiff
331 **
332 ** Description Computes time difference in milliseconds.
333 **
334 ** Returns Time difference in milliseconds
335 **
336 *******************************************************************************/
TimeDiff(timespec start,timespec end)337 static UINT32 TimeDiff(timespec start, timespec end)
338 {
339 end.tv_sec -= start.tv_sec;
340 end.tv_nsec -= start.tv_nsec;
341
342 if (end.tv_nsec < 0) {
343 end.tv_nsec += 10e8;
344 end.tv_sec -=1;
345 }
346
347 return (end.tv_sec * 1000) + (end.tv_nsec / 10e5);
348 }
349
350 /*******************************************************************************
351 **
352 ** Function: isRfFieldOn
353 **
354 ** Description: Can be used to determine if the SE is in an RF field
355 **
356 ** Returns: True if the SE is activated in an RF field
357 **
358 *******************************************************************************/
isRfFieldOn()359 bool SecureElement::isRfFieldOn() {
360 AutoMutex mutex(mMutex);
361 if (mRfFieldIsOn) {
362 return true;
363 }
364 struct timespec now;
365 int ret = clock_gettime(CLOCK_MONOTONIC, &now);
366 if (ret == -1) {
367 ALOGE("isRfFieldOn(): clock_gettime failed");
368 return false;
369 }
370 if (TimeDiff(mLastRfFieldToggle, now) < 50) {
371 // If it was less than 50ms ago that RF field
372 // was turned off, still return ON.
373 return true;
374 } else {
375 return false;
376 }
377 }
378
379 /*******************************************************************************
380 **
381 ** Function: isActivatedInListenMode
382 **
383 ** Description: Can be used to determine if the SE is activated in listen mode
384 **
385 ** Returns: True if the SE is activated in listen mode
386 **
387 *******************************************************************************/
isActivatedInListenMode()388 bool SecureElement::isActivatedInListenMode() {
389 return mActivatedInListenMode;
390 }
391
392 /*******************************************************************************
393 **
394 ** Function: getListOfEeHandles
395 **
396 ** Description: Get the list of handles of all execution environments.
397 ** e: Java Virtual Machine.
398 **
399 ** Returns: List of handles of all execution environments.
400 **
401 *******************************************************************************/
getListOfEeHandles(JNIEnv * e)402 jintArray SecureElement::getListOfEeHandles (JNIEnv* e)
403 {
404 static const char fn [] = "SecureElement::getListOfEeHandles";
405 ALOGD ("%s: enter", fn);
406 if (mNumEePresent == 0)
407 return NULL;
408
409 if (!mIsInit)
410 {
411 ALOGE ("%s: not init", fn);
412 return (NULL);
413 }
414
415 // Get Fresh EE info.
416 if (! getEeInfo())
417 return (NULL);
418
419 jintArray list = e->NewIntArray (mNumEePresent); //allocate array
420 jint jj = 0;
421 int cnt = 0;
422 for (int ii = 0; ii < mActualNumEe && cnt < mNumEePresent; ii++)
423 {
424 ALOGD ("%s: %u = 0x%X", fn, ii, mEeInfo[ii].ee_handle);
425 if ((mEeInfo[ii].num_interface == 0) || (mEeInfo[ii].ee_interface[0] == NCI_NFCEE_INTERFACE_HCI_ACCESS) )
426 {
427 continue;
428 }
429
430 jj = mEeInfo[ii].ee_handle & ~NFA_HANDLE_GROUP_EE;
431 e->SetIntArrayRegion (list, cnt++, 1, &jj);
432 }
433
434 ALOGD("%s: exit", fn);
435 return list;
436 }
437
438
439 /*******************************************************************************
440 **
441 ** Function: activate
442 **
443 ** Description: Turn on the secure element.
444 ** seID: ID of secure element; 0xF3 or 0xF4.
445 **
446 ** Returns: True if ok.
447 **
448 *******************************************************************************/
activate(jint seID)449 bool SecureElement::activate (jint seID)
450 {
451 static const char fn [] = "SecureElement::activate";
452 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
453 int numActivatedEe = 0;
454
455 ALOGD ("%s: enter; seID=0x%X", fn, seID);
456
457 if (!mIsInit)
458 {
459 ALOGE ("%s: not init", fn);
460 return false;
461 }
462
463 if (mActiveEeHandle != NFA_HANDLE_INVALID)
464 {
465 ALOGD ("%s: already active", fn);
466 return true;
467 }
468
469 // Get Fresh EE info if needed.
470 if (! getEeInfo())
471 {
472 ALOGE ("%s: no EE info", fn);
473 return false;
474 }
475
476 UINT16 overrideEeHandle = 0;
477 if (mActiveSeOverride)
478 overrideEeHandle = NFA_HANDLE_GROUP_EE | mActiveSeOverride;
479
480 if (mRfFieldIsOn) {
481 ALOGE("%s: RF field indication still on, resetting", fn);
482 mRfFieldIsOn = false;
483 }
484
485 ALOGD ("%s: override ee h=0x%X", fn, overrideEeHandle );
486 //activate every discovered secure element
487 for (int index=0; index < mActualNumEe; index++)
488 {
489 tNFA_EE_INFO& eeItem = mEeInfo[index];
490
491 if ((eeItem.ee_handle == EE_HANDLE_0xF3) || (eeItem.ee_handle == EE_HANDLE_0xF4))
492 {
493 if (overrideEeHandle && (overrideEeHandle != eeItem.ee_handle) )
494 continue; // do not enable all SEs; only the override one
495
496 if (eeItem.ee_status != NFC_NFCEE_STATUS_INACTIVE)
497 {
498 ALOGD ("%s: h=0x%X already activated", fn, eeItem.ee_handle);
499 numActivatedEe++;
500 continue;
501 }
502
503 {
504 SyncEventGuard guard (mEeSetModeEvent);
505 ALOGD ("%s: set EE mode activate; h=0x%X", fn, eeItem.ee_handle);
506 if ((nfaStat = NFA_EeModeSet (eeItem.ee_handle, NFA_EE_MD_ACTIVATE)) == NFA_STATUS_OK)
507 {
508 mEeSetModeEvent.wait (); //wait for NFA_EE_MODE_SET_EVT
509 if (eeItem.ee_status == NFC_NFCEE_STATUS_ACTIVE)
510 numActivatedEe++;
511 }
512 else
513 ALOGE ("%s: NFA_EeModeSet failed; error=0x%X", fn, nfaStat);
514 }
515 }
516 } //for
517
518 mActiveEeHandle = getDefaultEeHandle();
519 if (mActiveEeHandle == NFA_HANDLE_INVALID)
520 ALOGE ("%s: ee handle not found", fn);
521 ALOGD ("%s: exit; active ee h=0x%X", fn, mActiveEeHandle);
522 return mActiveEeHandle != NFA_HANDLE_INVALID;
523 }
524
525
526 /*******************************************************************************
527 **
528 ** Function: deactivate
529 **
530 ** Description: Turn off the secure element.
531 ** seID: ID of secure element; 0xF3 or 0xF4.
532 **
533 ** Returns: True if ok.
534 **
535 *******************************************************************************/
deactivate(jint seID)536 bool SecureElement::deactivate (jint seID)
537 {
538 static const char fn [] = "SecureElement::deactivate";
539 bool retval = false;
540
541 ALOGD ("%s: enter; seID=0x%X, mActiveEeHandle=0x%X", fn, seID, mActiveEeHandle);
542
543 if (!mIsInit)
544 {
545 ALOGE ("%s: not init", fn);
546 goto TheEnd;
547 }
548
549 //if the controller is routing to sec elems or piping,
550 //then the secure element cannot be deactivated
551 if ((mCurrentRouteSelection == SecElemRoute) || mIsPiping)
552 {
553 ALOGE ("%s: still busy", fn);
554 goto TheEnd;
555 }
556
557 if (mActiveEeHandle == NFA_HANDLE_INVALID)
558 {
559 ALOGE ("%s: invalid EE handle", fn);
560 goto TheEnd;
561 }
562
563 mActiveEeHandle = NFA_HANDLE_INVALID;
564 retval = true;
565
566 TheEnd:
567 ALOGD ("%s: exit; ok=%u", fn, retval);
568 return retval;
569 }
570
571
572 /*******************************************************************************
573 **
574 ** Function: notifyTransactionListenersOfAid
575 **
576 ** Description: Notify the NFC service about a transaction event from secure element.
577 ** aid: Buffer contains application ID.
578 ** aidLen: Length of application ID.
579 **
580 ** Returns: None
581 **
582 *******************************************************************************/
notifyTransactionListenersOfAid(const UINT8 * aidBuffer,UINT8 aidBufferLen)583 void SecureElement::notifyTransactionListenersOfAid (const UINT8* aidBuffer, UINT8 aidBufferLen)
584 {
585 static const char fn [] = "SecureElement::notifyTransactionListenersOfAid";
586 ALOGD ("%s: enter; aid len=%u", fn, aidBufferLen);
587
588 if (aidBufferLen == 0) {
589 return;
590 }
591
592 JNIEnv* e = NULL;
593 ScopedAttach attach(mNativeData->vm, &e);
594 if (e == NULL)
595 {
596 ALOGE ("%s: jni env is null", fn);
597 return;
598 }
599
600 const UINT16 tlvMaxLen = aidBufferLen + 10;
601 UINT8* tlv = new UINT8 [tlvMaxLen];
602 if (tlv == NULL)
603 {
604 ALOGE ("%s: fail allocate tlv", fn);
605 return;
606 }
607
608 memcpy (tlv, aidBuffer, aidBufferLen);
609 UINT16 tlvActualLen = aidBufferLen;
610
611 ScopedLocalRef<jobject> tlvJavaArray(e, e->NewByteArray(tlvActualLen));
612 if (tlvJavaArray.get() == NULL)
613 {
614 ALOGE ("%s: fail allocate array", fn);
615 goto TheEnd;
616 }
617
618 e->SetByteArrayRegion ((jbyteArray)tlvJavaArray.get(), 0, tlvActualLen, (jbyte *)tlv);
619 if (e->ExceptionCheck())
620 {
621 e->ExceptionClear();
622 ALOGE ("%s: fail fill array", fn);
623 goto TheEnd;
624 }
625
626 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifyTransactionListeners, tlvJavaArray.get());
627 if (e->ExceptionCheck())
628 {
629 e->ExceptionClear();
630 ALOGE ("%s: fail notify", fn);
631 goto TheEnd;
632 }
633
634 TheEnd:
635 delete [] tlv;
636 ALOGD ("%s: exit", fn);
637 }
638
639
640 /*******************************************************************************
641 **
642 ** Function: connectEE
643 **
644 ** Description: Connect to the execution environment.
645 **
646 ** Returns: True if ok.
647 **
648 *******************************************************************************/
connectEE()649 bool SecureElement::connectEE ()
650 {
651 static const char fn [] = "SecureElement::connectEE";
652 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
653 bool retVal = false;
654 UINT8 destHost = 0;
655 unsigned long num = 0;
656 char pipeConfName[40];
657 tNFA_HANDLE eeHandle = mActiveEeHandle;
658
659 ALOGD ("%s: enter, mActiveEeHandle: 0x%04x, SEID: 0x%x, pipe_gate_num=%d, use pipe=%d",
660 fn, mActiveEeHandle, gSEId, gGatePipe, gUseStaticPipe);
661
662 if (!mIsInit)
663 {
664 ALOGE ("%s: not init", fn);
665 return (false);
666 }
667
668 if (gSEId != -1)
669 {
670 eeHandle = gSEId | NFA_HANDLE_GROUP_EE;
671 ALOGD ("%s: Using SEID: 0x%x", fn, eeHandle );
672 }
673
674 if (eeHandle == NFA_HANDLE_INVALID)
675 {
676 ALOGE ("%s: invalid handle 0x%X", fn, eeHandle);
677 return (false);
678 }
679
680 tNFA_EE_INFO *pEE = findEeByHandle (eeHandle);
681
682 if (pEE == NULL)
683 {
684 ALOGE ("%s: Handle 0x%04x NOT FOUND !!", fn, eeHandle);
685 return (false);
686 }
687
688 // Disable RF discovery completely while the DH is connected
689 android::startRfDiscovery(false);
690
691 // Disable UICC idle timeout while the DH is connected
692 android::setUiccIdleTimeout (false);
693
694 mNewSourceGate = 0;
695
696 if (gGatePipe == -1)
697 {
698 // pipe/gate num was not specifed by app, get from config file
699 mNewPipeId = 0;
700
701 // Construct the PIPE name based on the EE handle (e.g. NFA_HCI_STATIC_PIPE_ID_F3 for UICC0).
702 snprintf (pipeConfName, sizeof(pipeConfName), "NFA_HCI_STATIC_PIPE_ID_%02X", eeHandle & NFA_HANDLE_MASK);
703
704 if (GetNumValue(pipeConfName, &num, sizeof(num)) && (num != 0))
705 {
706 mNewPipeId = num;
707 ALOGD ("%s: Using static pipe id: 0x%X", __FUNCTION__, mNewPipeId);
708 }
709 else
710 {
711 ALOGD ("%s: Did not find value '%s' defined in the .conf", __FUNCTION__, pipeConfName);
712 }
713 }
714 else
715 {
716 if (gUseStaticPipe)
717 {
718 mNewPipeId = gGatePipe;
719 }
720 else
721 {
722 mNewPipeId = 0;
723 mDestinationGate= gGatePipe;
724 }
725 }
726
727 // If the .conf file had a static pipe to use, just use it.
728 if (mNewPipeId != 0)
729 {
730 UINT8 host = (mNewPipeId == STATIC_PIPE_0x70) ? 0x02 : 0x03;
731 UINT8 gate = (mNewPipeId == STATIC_PIPE_0x70) ? 0xF0 : 0xF1;
732 nfaStat = NFA_HciAddStaticPipe(mNfaHciHandle, host, gate, mNewPipeId);
733 if (nfaStat != NFA_STATUS_OK)
734 {
735 ALOGE ("%s: fail create static pipe; error=0x%X", fn, nfaStat);
736 retVal = false;
737 goto TheEnd;
738 }
739 }
740 else
741 {
742 if ( (pEE->num_tlvs >= 1) && (pEE->ee_tlv[0].tag == NFA_EE_TAG_HCI_HOST_ID) )
743 destHost = pEE->ee_tlv[0].info[0];
744 else
745 destHost = 2;
746
747 // Get a list of existing gates and pipes
748 {
749 ALOGD ("%s: get gate, pipe list", fn);
750 SyncEventGuard guard (mPipeListEvent);
751 nfaStat = NFA_HciGetGateAndPipeList (mNfaHciHandle);
752 if (nfaStat == NFA_STATUS_OK)
753 {
754 mPipeListEvent.wait();
755 if (mHciCfg.status == NFA_STATUS_OK)
756 {
757 for (UINT8 xx = 0; xx < mHciCfg.num_pipes; xx++)
758 {
759 if ( (mHciCfg.pipe[xx].dest_host == destHost)
760 && (mHciCfg.pipe[xx].dest_gate == mDestinationGate) )
761 {
762 mNewSourceGate = mHciCfg.pipe[xx].local_gate;
763 mNewPipeId = mHciCfg.pipe[xx].pipe_id;
764
765 ALOGD ("%s: found configured gate: 0x%02x pipe: 0x%02x", fn, mNewSourceGate, mNewPipeId);
766 break;
767 }
768 }
769 }
770 }
771 }
772
773 if (mNewSourceGate == 0)
774 {
775 ALOGD ("%s: allocate gate", fn);
776 //allocate a source gate and store in mNewSourceGate
777 SyncEventGuard guard (mAllocateGateEvent);
778 if ((nfaStat = NFA_HciAllocGate (mNfaHciHandle)) != NFA_STATUS_OK)
779 {
780 ALOGE ("%s: fail allocate source gate; error=0x%X", fn, nfaStat);
781 goto TheEnd;
782 }
783 mAllocateGateEvent.wait ();
784 if (mCommandStatus != NFA_STATUS_OK)
785 goto TheEnd;
786 }
787
788 if (mNewPipeId == 0)
789 {
790 ALOGD ("%s: create pipe", fn);
791 SyncEventGuard guard (mCreatePipeEvent);
792 nfaStat = NFA_HciCreatePipe (mNfaHciHandle, mNewSourceGate, destHost, mDestinationGate);
793 if (nfaStat != NFA_STATUS_OK)
794 {
795 ALOGE ("%s: fail create pipe; error=0x%X", fn, nfaStat);
796 goto TheEnd;
797 }
798 mCreatePipeEvent.wait ();
799 if (mCommandStatus != NFA_STATUS_OK)
800 goto TheEnd;
801 }
802
803 {
804 ALOGD ("%s: open pipe", fn);
805 SyncEventGuard guard (mPipeOpenedEvent);
806 nfaStat = NFA_HciOpenPipe (mNfaHciHandle, mNewPipeId);
807 if (nfaStat != NFA_STATUS_OK)
808 {
809 ALOGE ("%s: fail open pipe; error=0x%X", fn, nfaStat);
810 goto TheEnd;
811 }
812 mPipeOpenedEvent.wait ();
813 if (mCommandStatus != NFA_STATUS_OK)
814 goto TheEnd;
815 }
816 }
817
818 retVal = true;
819
820 TheEnd:
821 mIsPiping = retVal;
822 if (!retVal)
823 {
824 // if open failed we need to de-allocate the gate
825 disconnectEE(0);
826 }
827
828 ALOGD ("%s: exit; ok=%u", fn, retVal);
829 return retVal;
830 }
831
832
833 /*******************************************************************************
834 **
835 ** Function: disconnectEE
836 **
837 ** Description: Disconnect from the execution environment.
838 ** seID: ID of secure element.
839 **
840 ** Returns: True if ok.
841 **
842 *******************************************************************************/
disconnectEE(jint seID)843 bool SecureElement::disconnectEE (jint seID)
844 {
845 static const char fn [] = "SecureElement::disconnectEE";
846 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
847 tNFA_HANDLE eeHandle = seID;
848
849 ALOGD("%s: seID=0x%X; handle=0x%04x", fn, seID, eeHandle);
850
851 if (mUseOberthurWarmReset)
852 {
853 //send warm-reset command to Oberthur secure element which deselects the applet;
854 //this is an Oberthur-specific command;
855 ALOGD("%s: try warm-reset on pipe id 0x%X; cmd=0x%X", fn, mNewPipeId, mOberthurWarmResetCommand);
856 SyncEventGuard guard (mRegistryEvent);
857 nfaStat = NFA_HciSetRegistry (mNfaHciHandle, mNewPipeId,
858 1, 1, &mOberthurWarmResetCommand);
859 if (nfaStat == NFA_STATUS_OK)
860 {
861 mRegistryEvent.wait ();
862 ALOGD("%s: completed warm-reset on pipe 0x%X", fn, mNewPipeId);
863 }
864 }
865
866 if (mNewSourceGate)
867 {
868 SyncEventGuard guard (mDeallocateGateEvent);
869 if ((nfaStat = NFA_HciDeallocGate (mNfaHciHandle, mNewSourceGate)) == NFA_STATUS_OK)
870 mDeallocateGateEvent.wait ();
871 else
872 ALOGE ("%s: fail dealloc gate; error=0x%X", fn, nfaStat);
873 }
874
875 mIsPiping = false;
876
877 // Re-enable UICC low-power mode
878 android::setUiccIdleTimeout (true);
879 // Re-enable RF discovery
880 // Note that it only effactuates the current configuration,
881 // so if polling/listening were configured OFF (forex because
882 // the screen was off), they will stay OFF with this call.
883 android::startRfDiscovery(true);
884
885 return true;
886 }
887
888
889 /*******************************************************************************
890 **
891 ** Function: transceive
892 **
893 ** Description: Send data to the secure element; read it's response.
894 ** xmitBuffer: Data to transmit.
895 ** xmitBufferSize: Length of data.
896 ** recvBuffer: Buffer to receive response.
897 ** recvBufferMaxSize: Maximum size of buffer.
898 ** recvBufferActualSize: Actual length of response.
899 ** timeoutMillisec: timeout in millisecond.
900 **
901 ** Returns: True if ok.
902 **
903 *******************************************************************************/
transceive(UINT8 * xmitBuffer,INT32 xmitBufferSize,UINT8 * recvBuffer,INT32 recvBufferMaxSize,INT32 & recvBufferActualSize,INT32 timeoutMillisec)904 bool SecureElement::transceive (UINT8* xmitBuffer, INT32 xmitBufferSize, UINT8* recvBuffer,
905 INT32 recvBufferMaxSize, INT32& recvBufferActualSize, INT32 timeoutMillisec)
906 {
907 static const char fn [] = "SecureElement::transceive";
908 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
909 bool isSuccess = false;
910 bool waitOk = false;
911 UINT8 newSelectCmd[NCI_MAX_AID_LEN + 10];
912
913 ALOGD ("%s: enter; xmitBufferSize=%ld; recvBufferMaxSize=%ld; timeout=%ld", fn, xmitBufferSize, recvBufferMaxSize, timeoutMillisec);
914
915 // Check if we need to replace an "empty" SELECT command.
916 // 1. Has there been a AID configured, and
917 // 2. Is that AID a valid length (i.e 16 bytes max), and
918 // 3. Is the APDU at least 4 bytes (for header), and
919 // 4. Is INS == 0xA4 (SELECT command), and
920 // 5. Is P1 == 0x04 (SELECT by AID), and
921 // 6. Is the APDU len 4 or 5 bytes.
922 //
923 // Note, the length of the configured AID is in the first
924 // byte, and AID starts from the 2nd byte.
925 if (mAidForEmptySelect[0] // 1
926 && (mAidForEmptySelect[0] <= NCI_MAX_AID_LEN) // 2
927 && (xmitBufferSize >= 4) // 3
928 && (xmitBuffer[1] == 0xA4) // 4
929 && (xmitBuffer[2] == 0x04) // 5
930 && (xmitBufferSize <= 5)) // 6
931 {
932 UINT8 idx = 0;
933
934 // Copy APDU command header from the input buffer.
935 memcpy(&newSelectCmd[0], &xmitBuffer[0], 4);
936 idx = 4;
937
938 // Set the Lc value to length of the new AID
939 newSelectCmd[idx++] = mAidForEmptySelect[0];
940
941 // Copy the AID
942 memcpy(&newSelectCmd[idx], &mAidForEmptySelect[1], mAidForEmptySelect[0]);
943 idx += mAidForEmptySelect[0];
944
945 // If there is an Le (5th byte of APDU), add it to the end.
946 if (xmitBufferSize == 5)
947 newSelectCmd[idx++] = xmitBuffer[4];
948
949 // Point to the new APDU
950 xmitBuffer = &newSelectCmd[0];
951 xmitBufferSize = idx;
952
953 ALOGD ("%s: Empty AID SELECT cmd detected, substituting AID from config file, new length=%d", fn, idx);
954 }
955
956 {
957 SyncEventGuard guard (mTransceiveEvent);
958 mActualResponseSize = 0;
959 memset (mResponseData, 0, sizeof(mResponseData));
960 if ((mNewPipeId == STATIC_PIPE_0x70) || (mNewPipeId == STATIC_PIPE_0x71))
961 nfaStat = NFA_HciSendEvent (mNfaHciHandle, mNewPipeId, EVT_SEND_DATA, xmitBufferSize, xmitBuffer, sizeof(mResponseData), mResponseData, 0);
962 else
963 nfaStat = NFA_HciSendEvent (mNfaHciHandle, mNewPipeId, NFA_HCI_EVT_POST_DATA, xmitBufferSize, xmitBuffer, sizeof(mResponseData), mResponseData, 0);
964
965 if (nfaStat == NFA_STATUS_OK)
966 {
967 waitOk = mTransceiveEvent.wait (timeoutMillisec);
968 if (waitOk == false) //timeout occurs
969 {
970 ALOGE ("%s: wait response timeout", fn);
971 goto TheEnd;
972 }
973 }
974 else
975 {
976 ALOGE ("%s: fail send data; error=0x%X", fn, nfaStat);
977 goto TheEnd;
978 }
979 }
980
981 if (mActualResponseSize > recvBufferMaxSize)
982 recvBufferActualSize = recvBufferMaxSize;
983 else
984 recvBufferActualSize = mActualResponseSize;
985
986 memcpy (recvBuffer, mResponseData, recvBufferActualSize);
987 isSuccess = true;
988
989 TheEnd:
990 ALOGD ("%s: exit; isSuccess: %d; recvBufferActualSize: %ld", fn, isSuccess, recvBufferActualSize);
991 return (isSuccess);
992 }
993
994
995 /*******************************************************************************
996 **
997 ** Function: notifyListenModeState
998 **
999 ** Description: Notify the NFC service about whether the SE was activated
1000 ** in listen mode.
1001 ** isActive: Whether the secure element is activated.
1002 **
1003 ** Returns: None
1004 **
1005 *******************************************************************************/
notifyListenModeState(bool isActivated)1006 void SecureElement::notifyListenModeState (bool isActivated) {
1007 static const char fn [] = "SecureElement::notifyListenMode";
1008
1009 ALOGD ("%s: enter; listen mode active=%u", fn, isActivated);
1010
1011 JNIEnv* e = NULL;
1012 ScopedAttach attach(mNativeData->vm, &e);
1013 if (e == NULL)
1014 {
1015 ALOGE ("%s: jni env is null", fn);
1016 return;
1017 }
1018
1019 mActivatedInListenMode = isActivated;
1020 if (isActivated) {
1021 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeListenActivated);
1022 }
1023 else {
1024 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeListenDeactivated);
1025 }
1026
1027 if (e->ExceptionCheck())
1028 {
1029 e->ExceptionClear();
1030 ALOGE ("%s: fail notify", fn);
1031 }
1032
1033 ALOGD ("%s: exit", fn);
1034 }
1035
1036 /*******************************************************************************
1037 **
1038 ** Function: notifyRfFieldEvent
1039 **
1040 ** Description: Notify the NFC service about RF field events from the stack.
1041 ** isActive: Whether any secure element is activated.
1042 **
1043 ** Returns: None
1044 **
1045 *******************************************************************************/
notifyRfFieldEvent(bool isActive)1046 void SecureElement::notifyRfFieldEvent (bool isActive)
1047 {
1048 static const char fn [] = "SecureElement::notifyRfFieldEvent";
1049 ALOGD ("%s: enter; is active=%u", fn, isActive);
1050
1051 JNIEnv* e = NULL;
1052 ScopedAttach attach(mNativeData->vm, &e);
1053 if (e == NULL)
1054 {
1055 ALOGE ("%s: jni env is null", fn);
1056 return;
1057 }
1058
1059 mMutex.lock();
1060 int ret = clock_gettime (CLOCK_MONOTONIC, &mLastRfFieldToggle);
1061 if (ret == -1) {
1062 ALOGE("%s: clock_gettime failed", fn);
1063 // There is no good choice here...
1064 }
1065 if (isActive) {
1066 mRfFieldIsOn = true;
1067 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeFieldActivated);
1068 }
1069 else {
1070 mRfFieldIsOn = false;
1071 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeFieldDeactivated);
1072 }
1073 mMutex.unlock();
1074
1075 if (e->ExceptionCheck())
1076 {
1077 e->ExceptionClear();
1078 ALOGE ("%s: fail notify", fn);
1079 }
1080 ALOGD ("%s: exit", fn);
1081 }
1082
1083 /*******************************************************************************
1084 **
1085 ** Function: resetRfFieldStatus
1086 **
1087 ** Description: Resets the field status.
1088 ** isActive: Whether any secure element is activated.
1089 **
1090 ** Returns: None
1091 **
1092 *******************************************************************************/
resetRfFieldStatus()1093 void SecureElement::resetRfFieldStatus ()
1094 {
1095 static const char fn [] = "SecureElement::resetRfFieldStatus`";
1096 ALOGD ("%s: enter;");
1097
1098 mMutex.lock();
1099 mRfFieldIsOn = false;
1100 int ret = clock_gettime (CLOCK_MONOTONIC, &mLastRfFieldToggle);
1101 if (ret == -1) {
1102 ALOGE("%s: clock_gettime failed", fn);
1103 // There is no good choice here...
1104 }
1105 mMutex.unlock();
1106
1107 ALOGD ("%s: exit", fn);
1108 }
1109
1110
1111 /*******************************************************************************
1112 **
1113 ** Function: storeUiccInfo
1114 **
1115 ** Description: Store a copy of the execution environment information from the stack.
1116 ** info: execution environment information.
1117 **
1118 ** Returns: None
1119 **
1120 *******************************************************************************/
storeUiccInfo(tNFA_EE_DISCOVER_REQ & info)1121 void SecureElement::storeUiccInfo (tNFA_EE_DISCOVER_REQ& info)
1122 {
1123 static const char fn [] = "SecureElement::storeUiccInfo";
1124 ALOGD ("%s: Status: %u Num EE: %u", fn, info.status, info.num_ee);
1125
1126 SyncEventGuard guard (mUiccInfoEvent);
1127 memcpy (&mUiccInfo, &info, sizeof(mUiccInfo));
1128 for (UINT8 xx = 0; xx < info.num_ee; xx++)
1129 {
1130 //for each technology (A, B, F, B'), print the bit field that shows
1131 //what protocol(s) is support by that technology
1132 ALOGD ("%s EE[%u] Handle: 0x%04x techA: 0x%02x techB: 0x%02x techF: 0x%02x techBprime: 0x%02x",
1133 fn, xx, info.ee_disc_info[xx].ee_handle,
1134 info.ee_disc_info[xx].la_protocol,
1135 info.ee_disc_info[xx].lb_protocol,
1136 info.ee_disc_info[xx].lf_protocol,
1137 info.ee_disc_info[xx].lbp_protocol);
1138 }
1139 mUiccInfoEvent.notifyOne ();
1140 }
1141
1142
1143 /*******************************************************************************
1144 **
1145 ** Function: getUiccId
1146 **
1147 ** Description: Get the ID of the secure element.
1148 ** eeHandle: Handle to the secure element.
1149 ** uid: Array to receive the ID.
1150 **
1151 ** Returns: True if ok.
1152 **
1153 *******************************************************************************/
getUiccId(tNFA_HANDLE eeHandle,jbyteArray & uid)1154 bool SecureElement::getUiccId (tNFA_HANDLE eeHandle, jbyteArray& uid)
1155 {
1156 static const char fn [] = "SecureElement::getUiccId";
1157 ALOGD ("%s: ee h=0x%X", fn, eeHandle);
1158 bool retval = false;
1159
1160 JNIEnv* e = NULL;
1161 ScopedAttach attach(mNativeData->vm, &e);
1162 if (e == NULL)
1163 {
1164 ALOGE ("%s: jni env is null", fn);
1165 return false;
1166 }
1167
1168 findUiccByHandle (eeHandle);
1169 //cannot get UID from the stack; nothing to do
1170
1171 // TODO: uid is unused --- bug?
1172
1173 // TODO: retval is always false --- bug?
1174 ALOGD ("%s: exit; ret=%u", fn, retval);
1175 return retval;
1176 }
1177
1178
1179 /*******************************************************************************
1180 **
1181 ** Function: getTechnologyList
1182 **
1183 ** Description: Get all the technologies supported by a secure element.
1184 ** eeHandle: Handle of secure element.
1185 ** techList: List to receive the technologies.
1186 **
1187 ** Returns: True if ok.
1188 **
1189 *******************************************************************************/
getTechnologyList(tNFA_HANDLE eeHandle,jintArray & techList)1190 bool SecureElement::getTechnologyList (tNFA_HANDLE eeHandle, jintArray& techList)
1191 {
1192 static const char fn [] = "SecureElement::getTechnologyList";
1193 ALOGD ("%s: ee h=0x%X", fn, eeHandle);
1194 bool retval = false;
1195
1196 JNIEnv* e = NULL;
1197 ScopedAttach attach(mNativeData->vm, &e);
1198 if (e == NULL)
1199 {
1200 ALOGE ("%s: jni env is null", fn);
1201 return false;
1202 }
1203
1204 tNFA_EE_DISCOVER_INFO *pUICC = findUiccByHandle (eeHandle);
1205
1206 // TODO: theList is written but not set --- bug?
1207 jint theList = 0;
1208 if (pUICC->la_protocol != 0)
1209 theList = TARGET_TYPE_ISO14443_3A;
1210 else if (pUICC->lb_protocol != 0)
1211 theList = TARGET_TYPE_ISO14443_3B;
1212 else if (pUICC->lf_protocol != 0)
1213 theList = TARGET_TYPE_FELICA;
1214 else if (pUICC->lbp_protocol != 0)
1215 theList = TARGET_TYPE_ISO14443_3B;
1216 else
1217 theList = TARGET_TYPE_UNKNOWN;
1218
1219 // TODO: techList is neither read nor written --- bug?
1220
1221 // TODO: retval is always false --- bug?
1222 ALOGD ("%s: exit; ret=%u", fn, retval);
1223 return retval;
1224 }
1225
1226
1227 /*******************************************************************************
1228 **
1229 ** Function: adjustRoutes
1230 **
1231 ** Description: Adjust routes in the controller's listen-mode routing table.
1232 ** selection: which set of routes to configure the controller.
1233 **
1234 ** Returns: None
1235 **
1236 *******************************************************************************/
adjustRoutes(RouteSelection selection)1237 void SecureElement::adjustRoutes (RouteSelection selection)
1238 {
1239 static const char fn [] = "SecureElement::adjustRoutes";
1240 ALOGD ("%s: enter; selection=%u", fn, selection);
1241 RouteDataSet::Database* db = mRouteDataSet.getDatabase (RouteDataSet::DefaultRouteDatabase);
1242
1243 if (selection == SecElemRoute)
1244 db = mRouteDataSet.getDatabase (RouteDataSet::SecElemRouteDatabase);
1245
1246 mCurrentRouteSelection = selection;
1247 adjustProtocolRoutes (db, selection);
1248 adjustTechnologyRoutes (db, selection);
1249 HostAidRouter::getInstance ().deleteAllRoutes (); //stop all AID routes to host
1250
1251 if (db->empty())
1252 {
1253 ALOGD ("%s: no route configuration", fn);
1254 goto TheEnd;
1255 }
1256
1257
1258 TheEnd:
1259 NFA_EeUpdateNow (); //apply new routes now
1260 ALOGD ("%s: exit", fn);
1261 }
1262
1263
1264 /*******************************************************************************
1265 **
1266 ** Function: applyRoutes
1267 **
1268 ** Description: Read route data from file and apply them again.
1269 **
1270 ** Returns: None
1271 **
1272 *******************************************************************************/
applyRoutes()1273 void SecureElement::applyRoutes ()
1274 {
1275 static const char fn [] = "SecureElement::applyRoutes";
1276 ALOGD ("%s: enter", fn);
1277 if (mCurrentRouteSelection != NoRoute)
1278 {
1279 mRouteDataSet.import (); //read XML file
1280 adjustRoutes (mCurrentRouteSelection);
1281 }
1282 ALOGD ("%s: exit", fn);
1283 }
1284
1285
1286 /*******************************************************************************
1287 **
1288 ** Function: adjustProtocolRoutes
1289 **
1290 ** Description: Adjust default routing based on protocol in NFC listen mode.
1291 ** isRouteToEe: Whether routing to EE (true) or host (false).
1292 **
1293 ** Returns: None
1294 **
1295 *******************************************************************************/
adjustProtocolRoutes(RouteDataSet::Database * db,RouteSelection routeSelection)1296 void SecureElement::adjustProtocolRoutes (RouteDataSet::Database* db, RouteSelection routeSelection)
1297 {
1298 static const char fn [] = "SecureElement::adjustProtocolRoutes";
1299 ALOGD ("%s: enter", fn);
1300 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
1301 const tNFA_PROTOCOL_MASK protoMask = NFA_PROTOCOL_MASK_ISO_DEP;
1302
1303 ///////////////////////
1304 // delete route to host
1305 ///////////////////////
1306 {
1307 ALOGD ("%s: delete route to host", fn);
1308 SyncEventGuard guard (mRoutingEvent);
1309 if ((nfaStat = NFA_EeSetDefaultProtoRouting (NFA_EE_HANDLE_DH, 0, 0, 0)) == NFA_STATUS_OK)
1310 mRoutingEvent.wait ();
1311 else
1312 ALOGE ("%s: fail delete route to host; error=0x%X", fn, nfaStat);
1313 }
1314
1315 ///////////////////////
1316 // delete route to every sec elem
1317 ///////////////////////
1318 for (int i=0; i < mActualNumEe; i++)
1319 {
1320 if ((mEeInfo[i].num_interface != 0) &&
1321 (mEeInfo[i].ee_interface[0] != NFC_NFCEE_INTERFACE_HCI_ACCESS) &&
1322 (mEeInfo[i].ee_status == NFA_EE_STATUS_ACTIVE))
1323 {
1324 ALOGD ("%s: delete route to EE h=0x%X", fn, mEeInfo[i].ee_handle);
1325 SyncEventGuard guard (mRoutingEvent);
1326 if ((nfaStat = NFA_EeSetDefaultProtoRouting (mEeInfo[i].ee_handle, 0, 0, 0)) == NFA_STATUS_OK)
1327 mRoutingEvent.wait ();
1328 else
1329 ALOGE ("%s: fail delete route to EE; error=0x%X", fn, nfaStat);
1330 }
1331 }
1332
1333 //////////////////////
1334 // configure route for every discovered sec elem
1335 //////////////////////
1336 for (int i=0; i < mActualNumEe; i++)
1337 {
1338 //if sec elem is active
1339 if ((mEeInfo[i].num_interface != 0) &&
1340 (mEeInfo[i].ee_interface[0] != NFC_NFCEE_INTERFACE_HCI_ACCESS) &&
1341 (mEeInfo[i].ee_status == NFA_EE_STATUS_ACTIVE))
1342 {
1343 tNFA_PROTOCOL_MASK protocolsSwitchOn = 0; //all protocols that are active at full power
1344 tNFA_PROTOCOL_MASK protocolsSwitchOff = 0; //all protocols that are active when phone is turned off
1345 tNFA_PROTOCOL_MASK protocolsBatteryOff = 0; //all protocols that are active when there is no power
1346
1347 //for every route in XML, look for protocol route;
1348 //collect every protocol according to it's desired power mode
1349 for (RouteDataSet::Database::iterator iter = db->begin(); iter != db->end(); iter++)
1350 {
1351 RouteData* routeData = *iter;
1352 RouteDataForProtocol* route = NULL;
1353 if (routeData->mRouteType != RouteData::ProtocolRoute)
1354 continue; //skip other kinds of routing data
1355 route = (RouteDataForProtocol*) (*iter);
1356 if (route->mNfaEeHandle == mEeInfo[i].ee_handle)
1357 {
1358 if (route->mSwitchOn)
1359 protocolsSwitchOn |= route->mProtocol;
1360 if (route->mSwitchOff)
1361 protocolsSwitchOff |= route->mProtocol;
1362 if (route->mBatteryOff)
1363 protocolsBatteryOff |= route->mProtocol;
1364 }
1365 }
1366
1367 if (protocolsSwitchOn | protocolsSwitchOff | protocolsBatteryOff)
1368 {
1369 ALOGD ("%s: route to EE h=0x%X", fn, mEeInfo[i].ee_handle);
1370 SyncEventGuard guard (mRoutingEvent);
1371 nfaStat = NFA_EeSetDefaultProtoRouting (mEeInfo[i].ee_handle,
1372 protocolsSwitchOn, protocolsSwitchOff, protocolsBatteryOff);
1373 if (nfaStat == NFA_STATUS_OK)
1374 mRoutingEvent.wait ();
1375 else
1376 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat);
1377 }
1378 } //if sec elem is active
1379 } //for every discovered sec elem
1380
1381 //////////////////////
1382 // configure route to host
1383 //////////////////////
1384 {
1385 tNFA_PROTOCOL_MASK protocolsSwitchOn = 0; //all protocols that are active at full power
1386 tNFA_PROTOCOL_MASK protocolsSwitchOff = 0; //all protocols that are active when phone is turned off
1387 tNFA_PROTOCOL_MASK protocolsBatteryOff = 0; //all protocols that are active when there is no power
1388
1389 //for every route in XML, look for protocol route;
1390 //collect every protocol according to it's desired power mode
1391 for (RouteDataSet::Database::iterator iter = db->begin(); iter != db->end(); iter++)
1392 {
1393 RouteData* routeData = *iter;
1394 RouteDataForProtocol* route = NULL;
1395 if (routeData->mRouteType != RouteData::ProtocolRoute)
1396 continue; //skip other kinds of routing data
1397 route = (RouteDataForProtocol*) (*iter);
1398 if (route->mNfaEeHandle == NFA_EE_HANDLE_DH)
1399 {
1400 if (route->mSwitchOn)
1401 protocolsSwitchOn |= route->mProtocol;
1402 if (route->mSwitchOff)
1403 protocolsSwitchOff |= route->mProtocol;
1404 if (route->mBatteryOff)
1405 protocolsBatteryOff |= route->mProtocol;
1406 }
1407 }
1408
1409 if (protocolsSwitchOn | protocolsSwitchOff | protocolsBatteryOff)
1410 {
1411 ALOGD ("%s: route to EE h=0x%X", fn, NFA_EE_HANDLE_DH);
1412 SyncEventGuard guard (mRoutingEvent);
1413 nfaStat = NFA_EeSetDefaultProtoRouting (NFA_EE_HANDLE_DH,
1414 protocolsSwitchOn, protocolsSwitchOff, protocolsBatteryOff);
1415 if (nfaStat == NFA_STATUS_OK)
1416 mRoutingEvent.wait ();
1417 else
1418 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat);
1419 }
1420 }
1421
1422 //////////////////////
1423 // if route database is empty, setup a default route
1424 //////////////////////
1425 if (db->empty())
1426 {
1427 tNFA_HANDLE eeHandle = NFA_EE_HANDLE_DH;
1428 if (routeSelection == SecElemRoute)
1429 eeHandle = mActiveEeHandle;
1430 ALOGD ("%s: route to default EE h=0x%X", fn, eeHandle);
1431 SyncEventGuard guard (mRoutingEvent);
1432 nfaStat = NFA_EeSetDefaultProtoRouting (eeHandle, protoMask, 0, 0);
1433 if (nfaStat == NFA_STATUS_OK)
1434 mRoutingEvent.wait ();
1435 else
1436 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat);
1437 }
1438 ALOGD ("%s: exit", fn);
1439 }
1440
1441
1442 /*******************************************************************************
1443 **
1444 ** Function: adjustTechnologyRoutes
1445 **
1446 ** Description: Adjust default routing based on technology in NFC listen mode.
1447 ** isRouteToEe: Whether routing to EE (true) or host (false).
1448 **
1449 ** Returns: None
1450 **
1451 *******************************************************************************/
adjustTechnologyRoutes(RouteDataSet::Database * db,RouteSelection routeSelection)1452 void SecureElement::adjustTechnologyRoutes (RouteDataSet::Database* db, RouteSelection routeSelection)
1453 {
1454 static const char fn [] = "SecureElement::adjustTechnologyRoutes";
1455 ALOGD ("%s: enter", fn);
1456 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
1457 const tNFA_TECHNOLOGY_MASK techMask = NFA_TECHNOLOGY_MASK_A | NFA_TECHNOLOGY_MASK_B;
1458
1459 ///////////////////////
1460 // delete route to host
1461 ///////////////////////
1462 {
1463 ALOGD ("%s: delete route to host", fn);
1464 SyncEventGuard guard (mRoutingEvent);
1465 if ((nfaStat = NFA_EeSetDefaultTechRouting (NFA_EE_HANDLE_DH, 0, 0, 0)) == NFA_STATUS_OK)
1466 mRoutingEvent.wait ();
1467 else
1468 ALOGE ("%s: fail delete route to host; error=0x%X", fn, nfaStat);
1469 }
1470
1471 ///////////////////////
1472 // delete route to every sec elem
1473 ///////////////////////
1474 for (int i=0; i < mActualNumEe; i++)
1475 {
1476 if ((mEeInfo[i].num_interface != 0) &&
1477 (mEeInfo[i].ee_interface[0] != NFC_NFCEE_INTERFACE_HCI_ACCESS) &&
1478 (mEeInfo[i].ee_status == NFA_EE_STATUS_ACTIVE))
1479 {
1480 ALOGD ("%s: delete route to EE h=0x%X", fn, mEeInfo[i].ee_handle);
1481 SyncEventGuard guard (mRoutingEvent);
1482 if ((nfaStat = NFA_EeSetDefaultTechRouting (mEeInfo[i].ee_handle, 0, 0, 0)) == NFA_STATUS_OK)
1483 mRoutingEvent.wait ();
1484 else
1485 ALOGE ("%s: fail delete route to EE; error=0x%X", fn, nfaStat);
1486 }
1487 }
1488
1489 //////////////////////
1490 // configure route for every discovered sec elem
1491 //////////////////////
1492 for (int i=0; i < mActualNumEe; i++)
1493 {
1494 //if sec elem is active
1495 if ((mEeInfo[i].num_interface != 0) &&
1496 (mEeInfo[i].ee_interface[0] != NFC_NFCEE_INTERFACE_HCI_ACCESS) &&
1497 (mEeInfo[i].ee_status == NFA_EE_STATUS_ACTIVE))
1498 {
1499 tNFA_TECHNOLOGY_MASK techsSwitchOn = 0; //all techs that are active at full power
1500 tNFA_TECHNOLOGY_MASK techsSwitchOff = 0; //all techs that are active when phone is turned off
1501 tNFA_TECHNOLOGY_MASK techsBatteryOff = 0; //all techs that are active when there is no power
1502
1503 //for every route in XML, look for tech route;
1504 //collect every tech according to it's desired power mode
1505 for (RouteDataSet::Database::iterator iter = db->begin(); iter != db->end(); iter++)
1506 {
1507 RouteData* routeData = *iter;
1508 RouteDataForTechnology* route = NULL;
1509 if (routeData->mRouteType != RouteData::TechnologyRoute)
1510 continue; //skip other kinds of routing data
1511 route = (RouteDataForTechnology*) (*iter);
1512 if (route->mNfaEeHandle == mEeInfo[i].ee_handle)
1513 {
1514 if (route->mSwitchOn)
1515 techsSwitchOn |= route->mTechnology;
1516 if (route->mSwitchOff)
1517 techsSwitchOff |= route->mTechnology;
1518 if (route->mBatteryOff)
1519 techsBatteryOff |= route->mTechnology;
1520 }
1521 }
1522
1523 if (techsSwitchOn | techsSwitchOff | techsBatteryOff)
1524 {
1525 ALOGD ("%s: route to EE h=0x%X", fn, mEeInfo[i].ee_handle);
1526 SyncEventGuard guard (mRoutingEvent);
1527 nfaStat = NFA_EeSetDefaultTechRouting (mEeInfo[i].ee_handle,
1528 techsSwitchOn, techsSwitchOff, techsBatteryOff);
1529 if (nfaStat == NFA_STATUS_OK)
1530 mRoutingEvent.wait ();
1531 else
1532 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat);
1533 }
1534 } //if sec elem is active
1535 } //for every discovered sec elem
1536
1537 //////////////////////
1538 // configure route to host
1539 //////////////////////
1540 {
1541 tNFA_TECHNOLOGY_MASK techsSwitchOn = 0; //all techs that are active at full power
1542 tNFA_TECHNOLOGY_MASK techsSwitchOff = 0; //all techs that are active when phone is turned off
1543 tNFA_TECHNOLOGY_MASK techsBatteryOff = 0; //all techs that are active when there is no power
1544
1545 //for every route in XML, look for protocol route;
1546 //collect every protocol according to it's desired power mode
1547 for (RouteDataSet::Database::iterator iter = db->begin(); iter != db->end(); iter++)
1548 {
1549 RouteData* routeData = *iter;
1550 RouteDataForTechnology * route = NULL;
1551 if (routeData->mRouteType != RouteData::TechnologyRoute)
1552 continue; //skip other kinds of routing data
1553 route = (RouteDataForTechnology*) (*iter);
1554 if (route->mNfaEeHandle == NFA_EE_HANDLE_DH)
1555 {
1556 if (route->mSwitchOn)
1557 techsSwitchOn |= route->mTechnology;
1558 if (route->mSwitchOff)
1559 techsSwitchOff |= route->mTechnology;
1560 if (route->mBatteryOff)
1561 techsBatteryOff |= route->mTechnology;
1562 }
1563 }
1564
1565 if (techsSwitchOn | techsSwitchOff | techsBatteryOff)
1566 {
1567 ALOGD ("%s: route to EE h=0x%X", fn, NFA_EE_HANDLE_DH);
1568 SyncEventGuard guard (mRoutingEvent);
1569 nfaStat = NFA_EeSetDefaultTechRouting (NFA_EE_HANDLE_DH,
1570 techsSwitchOn, techsSwitchOff, techsBatteryOff);
1571 if (nfaStat == NFA_STATUS_OK)
1572 mRoutingEvent.wait ();
1573 else
1574 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat);
1575 }
1576 }
1577
1578 //////////////////////
1579 // if route database is empty, setup a default route
1580 //////////////////////
1581 if (db->empty())
1582 {
1583 tNFA_HANDLE eeHandle = NFA_EE_HANDLE_DH;
1584 if (routeSelection == SecElemRoute)
1585 eeHandle = mActiveEeHandle;
1586 ALOGD ("%s: route to default EE h=0x%X", fn, eeHandle);
1587 SyncEventGuard guard (mRoutingEvent);
1588 nfaStat = NFA_EeSetDefaultTechRouting (eeHandle, techMask, 0, 0);
1589 if (nfaStat == NFA_STATUS_OK)
1590 mRoutingEvent.wait ();
1591 else
1592 ALOGE ("%s: fail route to EE; error=0x%X", fn, nfaStat);
1593 }
1594 ALOGD ("%s: exit", fn);
1595 }
1596
1597
1598 /*******************************************************************************
1599 **
1600 ** Function: nfaEeCallback
1601 **
1602 ** Description: Receive execution environment-related events from stack.
1603 ** event: Event code.
1604 ** eventData: Event data.
1605 **
1606 ** Returns: None
1607 **
1608 *******************************************************************************/
nfaEeCallback(tNFA_EE_EVT event,tNFA_EE_CBACK_DATA * eventData)1609 void SecureElement::nfaEeCallback (tNFA_EE_EVT event, tNFA_EE_CBACK_DATA* eventData)
1610 {
1611 static const char fn [] = "SecureElement::nfaEeCallback";
1612
1613 switch (event)
1614 {
1615 case NFA_EE_REGISTER_EVT:
1616 {
1617 SyncEventGuard guard (sSecElem.mEeRegisterEvent);
1618 ALOGD ("%s: NFA_EE_REGISTER_EVT; status=%u", fn, eventData->ee_register);
1619 sSecElem.mEeRegisterEvent.notifyOne();
1620 }
1621 break;
1622
1623 case NFA_EE_MODE_SET_EVT:
1624 {
1625 ALOGD ("%s: NFA_EE_MODE_SET_EVT; status: 0x%04X handle: 0x%04X mActiveEeHandle: 0x%04X", fn,
1626 eventData->mode_set.status, eventData->mode_set.ee_handle, sSecElem.mActiveEeHandle);
1627
1628 if (eventData->mode_set.status == NFA_STATUS_OK)
1629 {
1630 tNFA_EE_INFO *pEE = sSecElem.findEeByHandle (eventData->mode_set.ee_handle);
1631 if (pEE)
1632 {
1633 pEE->ee_status ^= 1;
1634 ALOGD ("%s: NFA_EE_MODE_SET_EVT; pEE->ee_status: %s (0x%04x)", fn, SecureElement::eeStatusToString(pEE->ee_status), pEE->ee_status);
1635 }
1636 else
1637 ALOGE ("%s: NFA_EE_MODE_SET_EVT; EE: 0x%04x not found. mActiveEeHandle: 0x%04x", fn, eventData->mode_set.ee_handle, sSecElem.mActiveEeHandle);
1638 }
1639 SyncEventGuard guard (sSecElem.mEeSetModeEvent);
1640 sSecElem.mEeSetModeEvent.notifyOne();
1641 }
1642 break;
1643
1644 case NFA_EE_SET_TECH_CFG_EVT:
1645 {
1646 ALOGD ("%s: NFA_EE_SET_TECH_CFG_EVT; status=0x%X", fn, eventData->status);
1647 SyncEventGuard guard (sSecElem.mRoutingEvent);
1648 sSecElem.mRoutingEvent.notifyOne ();
1649 }
1650 break;
1651
1652 case NFA_EE_SET_PROTO_CFG_EVT:
1653 {
1654 ALOGD ("%s: NFA_EE_SET_PROTO_CFG_EVT; status=0x%X", fn, eventData->status);
1655 SyncEventGuard guard (sSecElem.mRoutingEvent);
1656 sSecElem.mRoutingEvent.notifyOne ();
1657 }
1658 break;
1659
1660 case NFA_EE_ACTION_EVT:
1661 {
1662 tNFA_EE_ACTION& action = eventData->action;
1663 if (action.trigger == NFC_EE_TRIG_SELECT)
1664 ALOGD ("%s: NFA_EE_ACTION_EVT; h=0x%X; trigger=select (0x%X)", fn, action.ee_handle, action.trigger);
1665 else if (action.trigger == NFC_EE_TRIG_APP_INIT)
1666 {
1667 tNFC_APP_INIT& app_init = action.param.app_init;
1668 ALOGD ("%s: NFA_EE_ACTION_EVT; h=0x%X; trigger=app-init (0x%X); aid len=%u; data len=%u", fn,
1669 action.ee_handle, action.trigger, app_init.len_aid, app_init.len_data);
1670 //if app-init operation is successful;
1671 //app_init.data[] contains two bytes, which are the status codes of the event;
1672 //app_init.data[] does not contain an APDU response;
1673 //see EMV Contactless Specification for Payment Systems; Book B; Entry Point Specification;
1674 //version 2.1; March 2011; section 3.3.3.5;
1675 if ( (app_init.len_data > 1) &&
1676 (app_init.data[0] == 0x90) &&
1677 (app_init.data[1] == 0x00) )
1678 {
1679 sSecElem.notifyTransactionListenersOfAid (app_init.aid, app_init.len_aid);
1680 }
1681 }
1682 else if (action.trigger == NFC_EE_TRIG_RF_PROTOCOL)
1683 ALOGD ("%s: NFA_EE_ACTION_EVT; h=0x%X; trigger=rf protocol (0x%X)", fn, action.ee_handle, action.trigger);
1684 else if (action.trigger == NFC_EE_TRIG_RF_TECHNOLOGY)
1685 ALOGD ("%s: NFA_EE_ACTION_EVT; h=0x%X; trigger=rf tech (0x%X)", fn, action.ee_handle, action.trigger);
1686 else
1687 ALOGE ("%s: NFA_EE_ACTION_EVT; h=0x%X; unknown trigger (0x%X)", fn, action.ee_handle, action.trigger);
1688 }
1689 break;
1690
1691 case NFA_EE_DISCOVER_REQ_EVT:
1692 ALOGD ("%s: NFA_EE_DISCOVER_REQ_EVT; status=0x%X; num ee=%u", __FUNCTION__,
1693 eventData->discover_req.status, eventData->discover_req.num_ee);
1694 sSecElem.storeUiccInfo (eventData->discover_req);
1695 break;
1696
1697 case NFA_EE_NO_CB_ERR_EVT:
1698 ALOGD ("%s: NFA_EE_NO_CB_ERR_EVT status=%u", fn, eventData->status);
1699 break;
1700
1701 case NFA_EE_ADD_AID_EVT:
1702 {
1703 ALOGD ("%s: NFA_EE_ADD_AID_EVT status=%u", fn, eventData->status);
1704 SyncEventGuard guard (sSecElem.mAidAddRemoveEvent);
1705 sSecElem.mAidAddRemoveEvent.notifyOne ();
1706 }
1707 break;
1708
1709 case NFA_EE_REMOVE_AID_EVT:
1710 {
1711 ALOGD ("%s: NFA_EE_REMOVE_AID_EVT status=%u", fn, eventData->status);
1712 SyncEventGuard guard (sSecElem.mAidAddRemoveEvent);
1713 sSecElem.mAidAddRemoveEvent.notifyOne ();
1714 }
1715 break;
1716
1717 case NFA_EE_NEW_EE_EVT:
1718 {
1719 ALOGD ("%s: NFA_EE_NEW_EE_EVT h=0x%X; status=%u", fn,
1720 eventData->new_ee.ee_handle, eventData->new_ee.ee_status);
1721 // Indicate there are new EE
1722 sSecElem.mbNewEE = true;
1723 }
1724 break;
1725
1726 default:
1727 ALOGE ("%s: unknown event=%u ????", fn, event);
1728 break;
1729 }
1730 }
1731
1732 /*******************************************************************************
1733 **
1734 ** Function getSeVerInfo
1735 **
1736 ** Description Gets version information and id for a secure element. The
1737 ** seIndex parmeter is the zero based index of the secure
1738 ** element to get verion info for. The version infommation
1739 ** is returned as a string int the verInfo parameter.
1740 **
1741 ** Returns ture on success, false on failure
1742 **
1743 *******************************************************************************/
getSeVerInfo(int seIndex,char * verInfo,int verInfoSz,UINT8 * seid)1744 bool SecureElement::getSeVerInfo(int seIndex, char * verInfo, int verInfoSz, UINT8 * seid)
1745 {
1746 ALOGD("%s: enter, seIndex=%d", __FUNCTION__, seIndex);
1747
1748 if (seIndex > (mActualNumEe-1))
1749 {
1750 ALOGE("%s: invalid se index: %d, only %d SEs in system", __FUNCTION__, seIndex, mActualNumEe);
1751 return false;
1752 }
1753
1754 *seid = mEeInfo[seIndex].ee_handle;
1755
1756 if ((mEeInfo[seIndex].num_interface == 0) || (mEeInfo[seIndex].ee_interface[0] == NCI_NFCEE_INTERFACE_HCI_ACCESS) )
1757 {
1758 return false;
1759 }
1760
1761 strncpy(verInfo, "Version info not available", verInfoSz-1);
1762 verInfo[verInfoSz-1] = '\0';
1763
1764 UINT8 pipe = (mEeInfo[seIndex].ee_handle == EE_HANDLE_0xF3) ? 0x70 : 0x71;
1765 UINT8 host = (pipe == STATIC_PIPE_0x70) ? 0x02 : 0x03;
1766 UINT8 gate = (pipe == STATIC_PIPE_0x70) ? 0xF0 : 0xF1;
1767
1768 tNFA_STATUS nfaStat = NFA_HciAddStaticPipe(mNfaHciHandle, host, gate, pipe);
1769 if (nfaStat != NFA_STATUS_OK)
1770 {
1771 ALOGE ("%s: NFA_HciAddStaticPipe() failed, pipe = 0x%x, error=0x%X", __FUNCTION__, pipe, nfaStat);
1772 return true;
1773 }
1774
1775 SyncEventGuard guard (mVerInfoEvent);
1776 if (NFA_STATUS_OK == (nfaStat = NFA_HciGetRegistry (mNfaHciHandle, pipe, 0x02)))
1777 {
1778 if (false == mVerInfoEvent.wait(200))
1779 {
1780 ALOGE ("%s: wait response timeout", __FUNCTION__);
1781 }
1782 else
1783 {
1784 snprintf(verInfo, verInfoSz-1, "Oberthur OS S/N: 0x%02x%02x%02x", mVerInfo[0], mVerInfo[1], mVerInfo[2]);
1785 verInfo[verInfoSz-1] = '\0';
1786 }
1787 }
1788 else
1789 {
1790 ALOGE ("%s: NFA_HciGetRegistry () failed: 0x%X", __FUNCTION__, nfaStat);
1791 }
1792 return true;
1793 }
1794
1795 /*******************************************************************************
1796 **
1797 ** Function getActualNumEe
1798 **
1799 ** Description Returns number of secure elements we know about.
1800 **
1801 ** Returns Number of secure elements we know about.
1802 **
1803 *******************************************************************************/
getActualNumEe()1804 UINT8 SecureElement::getActualNumEe()
1805 {
1806 return mActualNumEe;
1807 }
1808
1809 /*******************************************************************************
1810 **
1811 ** Function: nfaHciCallback
1812 **
1813 ** Description: Receive Host Controller Interface-related events from stack.
1814 ** event: Event code.
1815 ** eventData: Event data.
1816 **
1817 ** Returns: None
1818 **
1819 *******************************************************************************/
nfaHciCallback(tNFA_HCI_EVT event,tNFA_HCI_EVT_DATA * eventData)1820 void SecureElement::nfaHciCallback (tNFA_HCI_EVT event, tNFA_HCI_EVT_DATA* eventData)
1821 {
1822 static const char fn [] = "SecureElement::nfaHciCallback";
1823 ALOGD ("%s: event=0x%X", fn, event);
1824
1825 switch (event)
1826 {
1827 case NFA_HCI_REGISTER_EVT:
1828 {
1829 ALOGD ("%s: NFA_HCI_REGISTER_EVT; status=0x%X; handle=0x%X", fn,
1830 eventData->hci_register.status, eventData->hci_register.hci_handle);
1831 SyncEventGuard guard (sSecElem.mHciRegisterEvent);
1832 sSecElem.mNfaHciHandle = eventData->hci_register.hci_handle;
1833 sSecElem.mHciRegisterEvent.notifyOne();
1834 }
1835 break;
1836
1837 case NFA_HCI_ALLOCATE_GATE_EVT:
1838 {
1839 ALOGD ("%s: NFA_HCI_ALLOCATE_GATE_EVT; status=0x%X; gate=0x%X", fn, eventData->status, eventData->allocated.gate);
1840 SyncEventGuard guard (sSecElem.mAllocateGateEvent);
1841 sSecElem.mCommandStatus = eventData->status;
1842 sSecElem.mNewSourceGate = (eventData->allocated.status == NFA_STATUS_OK) ? eventData->allocated.gate : 0;
1843 sSecElem.mAllocateGateEvent.notifyOne();
1844 }
1845 break;
1846
1847 case NFA_HCI_DEALLOCATE_GATE_EVT:
1848 {
1849 tNFA_HCI_DEALLOCATE_GATE& deallocated = eventData->deallocated;
1850 ALOGD ("%s: NFA_HCI_DEALLOCATE_GATE_EVT; status=0x%X; gate=0x%X", fn, deallocated.status, deallocated.gate);
1851 SyncEventGuard guard (sSecElem.mDeallocateGateEvent);
1852 sSecElem.mDeallocateGateEvent.notifyOne();
1853 }
1854 break;
1855
1856 case NFA_HCI_GET_GATE_PIPE_LIST_EVT:
1857 {
1858 ALOGD ("%s: NFA_HCI_GET_GATE_PIPE_LIST_EVT; status=0x%X; num_pipes: %u num_gates: %u", fn,
1859 eventData->gates_pipes.status, eventData->gates_pipes.num_pipes, eventData->gates_pipes.num_gates);
1860 SyncEventGuard guard (sSecElem.mPipeListEvent);
1861 sSecElem.mCommandStatus = eventData->gates_pipes.status;
1862 sSecElem.mHciCfg = eventData->gates_pipes;
1863 sSecElem.mPipeListEvent.notifyOne();
1864 }
1865 break;
1866
1867 case NFA_HCI_CREATE_PIPE_EVT:
1868 {
1869 ALOGD ("%s: NFA_HCI_CREATE_PIPE_EVT; status=0x%X; pipe=0x%X; src gate=0x%X; dest host=0x%X; dest gate=0x%X", fn,
1870 eventData->created.status, eventData->created.pipe, eventData->created.source_gate, eventData->created.dest_host, eventData->created.dest_gate);
1871 SyncEventGuard guard (sSecElem.mCreatePipeEvent);
1872 sSecElem.mCommandStatus = eventData->created.status;
1873 sSecElem.mNewPipeId = eventData->created.pipe;
1874 sSecElem.mCreatePipeEvent.notifyOne();
1875 }
1876 break;
1877
1878 case NFA_HCI_OPEN_PIPE_EVT:
1879 {
1880 ALOGD ("%s: NFA_HCI_OPEN_PIPE_EVT; status=0x%X; pipe=0x%X", fn, eventData->opened.status, eventData->opened.pipe);
1881 SyncEventGuard guard (sSecElem.mPipeOpenedEvent);
1882 sSecElem.mCommandStatus = eventData->opened.status;
1883 sSecElem.mPipeOpenedEvent.notifyOne();
1884 }
1885 break;
1886
1887 case NFA_HCI_EVENT_SENT_EVT:
1888 ALOGD ("%s: NFA_HCI_EVENT_SENT_EVT; status=0x%X", fn, eventData->evt_sent.status);
1889 break;
1890
1891 case NFA_HCI_RSP_RCVD_EVT: //response received from secure element
1892 {
1893 tNFA_HCI_RSP_RCVD& rsp_rcvd = eventData->rsp_rcvd;
1894 ALOGD ("%s: NFA_HCI_RSP_RCVD_EVT; status: 0x%X; code: 0x%X; pipe: 0x%X; len: %u", fn,
1895 rsp_rcvd.status, rsp_rcvd.rsp_code, rsp_rcvd.pipe, rsp_rcvd.rsp_len);
1896 }
1897 break;
1898
1899 case NFA_HCI_GET_REG_RSP_EVT :
1900 ALOGD ("%s: NFA_HCI_GET_REG_RSP_EVT; status: 0x%X; pipe: 0x%X, len: %d", fn,
1901 eventData->registry.status, eventData->registry.pipe, eventData->registry.data_len);
1902 if (eventData->registry.data_len >= 19 && ((eventData->registry.pipe == STATIC_PIPE_0x70) || (eventData->registry.pipe == STATIC_PIPE_0x71)))
1903 {
1904 SyncEventGuard guard (sSecElem.mVerInfoEvent);
1905 // Oberthur OS version is in bytes 16,17, and 18
1906 sSecElem.mVerInfo[0] = eventData->registry.reg_data[16];
1907 sSecElem.mVerInfo[1] = eventData->registry.reg_data[17];
1908 sSecElem.mVerInfo[2] = eventData->registry.reg_data[18];
1909 sSecElem.mVerInfoEvent.notifyOne ();
1910 }
1911 break;
1912
1913 case NFA_HCI_EVENT_RCVD_EVT:
1914 ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; code: 0x%X; pipe: 0x%X; data len: %u", fn,
1915 eventData->rcvd_evt.evt_code, eventData->rcvd_evt.pipe, eventData->rcvd_evt.evt_len);
1916 if ((eventData->rcvd_evt.pipe == STATIC_PIPE_0x70) || (eventData->rcvd_evt.pipe == STATIC_PIPE_0x71))
1917 {
1918 ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; data from static pipe", fn);
1919 SyncEventGuard guard (sSecElem.mTransceiveEvent);
1920 sSecElem.mActualResponseSize = (eventData->rcvd_evt.evt_len > MAX_RESPONSE_SIZE) ? MAX_RESPONSE_SIZE : eventData->rcvd_evt.evt_len;
1921 sSecElem.mTransceiveEvent.notifyOne ();
1922 }
1923 else if (eventData->rcvd_evt.evt_code == NFA_HCI_EVT_POST_DATA)
1924 {
1925 ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; NFA_HCI_EVT_POST_DATA", fn);
1926 SyncEventGuard guard (sSecElem.mTransceiveEvent);
1927 sSecElem.mActualResponseSize = (eventData->rcvd_evt.evt_len > MAX_RESPONSE_SIZE) ? MAX_RESPONSE_SIZE : eventData->rcvd_evt.evt_len;
1928 sSecElem.mTransceiveEvent.notifyOne ();
1929 }
1930 else if (eventData->rcvd_evt.evt_code == NFA_HCI_EVT_TRANSACTION)
1931 {
1932 ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; NFA_HCI_EVT_TRANSACTION", fn);
1933 // If we got an AID, notify any listeners
1934 if ((eventData->rcvd_evt.evt_len > 3) && (eventData->rcvd_evt.p_evt_buf[0] == 0x81) )
1935 sSecElem.notifyTransactionListenersOfAid (&eventData->rcvd_evt.p_evt_buf[2], eventData->rcvd_evt.p_evt_buf[1]);
1936 }
1937 break;
1938
1939 case NFA_HCI_SET_REG_RSP_EVT: //received response to write registry command
1940 {
1941 tNFA_HCI_REGISTRY& registry = eventData->registry;
1942 ALOGD ("%s: NFA_HCI_SET_REG_RSP_EVT; status=0x%X; pipe=0x%X", fn, registry.status, registry.pipe);
1943 SyncEventGuard guard (sSecElem.mRegistryEvent);
1944 sSecElem.mRegistryEvent.notifyOne ();
1945 break;
1946 }
1947
1948 default:
1949 ALOGE ("%s: unknown event code=0x%X ????", fn, event);
1950 break;
1951 }
1952 }
1953
1954
1955 /*******************************************************************************
1956 **
1957 ** Function: findEeByHandle
1958 **
1959 ** Description: Find information about an execution environment.
1960 ** eeHandle: Handle to execution environment.
1961 **
1962 ** Returns: Information about an execution environment.
1963 **
1964 *******************************************************************************/
findEeByHandle(tNFA_HANDLE eeHandle)1965 tNFA_EE_INFO *SecureElement::findEeByHandle (tNFA_HANDLE eeHandle)
1966 {
1967 for (UINT8 xx = 0; xx < mActualNumEe; xx++)
1968 {
1969 if (mEeInfo[xx].ee_handle == eeHandle)
1970 return (&mEeInfo[xx]);
1971 }
1972 return (NULL);
1973 }
1974
1975
1976 /*******************************************************************************
1977 **
1978 ** Function: getDefaultEeHandle
1979 **
1980 ** Description: Get the handle to the execution environment.
1981 **
1982 ** Returns: Handle to the execution environment.
1983 **
1984 *******************************************************************************/
getDefaultEeHandle()1985 tNFA_HANDLE SecureElement::getDefaultEeHandle ()
1986 {
1987 UINT16 overrideEeHandle = NFA_HANDLE_GROUP_EE | mActiveSeOverride;
1988 // Find the first EE that is not the HCI Access i/f.
1989 for (UINT8 xx = 0; xx < mActualNumEe; xx++)
1990 {
1991 if (mActiveSeOverride && (overrideEeHandle != mEeInfo[xx].ee_handle))
1992 continue; //skip all the EE's that are ignored
1993 if ((mEeInfo[xx].num_interface != 0) &&
1994 (mEeInfo[xx].ee_interface[0] != NCI_NFCEE_INTERFACE_HCI_ACCESS) &&
1995 (mEeInfo[xx].ee_status != NFC_NFCEE_STATUS_INACTIVE))
1996 return (mEeInfo[xx].ee_handle);
1997 }
1998 return NFA_HANDLE_INVALID;
1999 }
2000
2001
2002 /*******************************************************************************
2003 **
2004 ** Function: findUiccByHandle
2005 **
2006 ** Description: Find information about an execution environment.
2007 ** eeHandle: Handle of the execution environment.
2008 **
2009 ** Returns: Information about the execution environment.
2010 **
2011 *******************************************************************************/
findUiccByHandle(tNFA_HANDLE eeHandle)2012 tNFA_EE_DISCOVER_INFO *SecureElement::findUiccByHandle (tNFA_HANDLE eeHandle)
2013 {
2014 for (UINT8 index = 0; index < mUiccInfo.num_ee; index++)
2015 {
2016 if (mUiccInfo.ee_disc_info[index].ee_handle == eeHandle)
2017 {
2018 return (&mUiccInfo.ee_disc_info[index]);
2019 }
2020 }
2021 ALOGE ("SecureElement::findUiccByHandle: ee h=0x%4x not found", eeHandle);
2022 return NULL;
2023 }
2024
2025
2026 /*******************************************************************************
2027 **
2028 ** Function: eeStatusToString
2029 **
2030 ** Description: Convert status code to status text.
2031 ** status: Status code
2032 **
2033 ** Returns: None
2034 **
2035 *******************************************************************************/
eeStatusToString(UINT8 status)2036 const char* SecureElement::eeStatusToString (UINT8 status)
2037 {
2038 switch (status)
2039 {
2040 case NFC_NFCEE_STATUS_ACTIVE:
2041 return("Connected/Active");
2042 case NFC_NFCEE_STATUS_INACTIVE:
2043 return("Connected/Inactive");
2044 case NFC_NFCEE_STATUS_REMOVED:
2045 return("Removed");
2046 }
2047 return("?? Unknown ??");
2048 }
2049
2050
2051 /*******************************************************************************
2052 **
2053 ** Function: connectionEventHandler
2054 **
2055 ** Description: Receive card-emulation related events from stack.
2056 ** event: Event code.
2057 ** eventData: Event data.
2058 **
2059 ** Returns: None
2060 **
2061 *******************************************************************************/
connectionEventHandler(UINT8 event,tNFA_CONN_EVT_DATA *)2062 void SecureElement::connectionEventHandler (UINT8 event, tNFA_CONN_EVT_DATA* /*eventData*/)
2063 {
2064 switch (event)
2065 {
2066 case NFA_CE_UICC_LISTEN_CONFIGURED_EVT:
2067 {
2068 SyncEventGuard guard (mUiccListenEvent);
2069 mUiccListenEvent.notifyOne ();
2070 }
2071 break;
2072 }
2073 }
2074
2075
2076 /*******************************************************************************
2077 **
2078 ** Function: routeToSecureElement
2079 **
2080 ** Description: Adjust controller's listen-mode routing table so transactions
2081 ** are routed to the secure elements.
2082 **
2083 ** Returns: True if ok.
2084 **
2085 *******************************************************************************/
routeToSecureElement()2086 bool SecureElement::routeToSecureElement ()
2087 {
2088 static const char fn [] = "SecureElement::routeToSecureElement";
2089 ALOGD ("%s: enter", fn);
2090 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
2091 tNFA_TECHNOLOGY_MASK tech_mask = NFA_TECHNOLOGY_MASK_A | NFA_TECHNOLOGY_MASK_B;
2092 bool retval = false;
2093
2094 if (! mIsInit)
2095 {
2096 ALOGE ("%s: not init", fn);
2097 return false;
2098 }
2099
2100 if (mCurrentRouteSelection == SecElemRoute)
2101 {
2102 ALOGE ("%s: already sec elem route", fn);
2103 return true;
2104 }
2105
2106 if (mActiveEeHandle == NFA_HANDLE_INVALID)
2107 {
2108 ALOGE ("%s: invalid EE handle", fn);
2109 return false;
2110 }
2111
2112 adjustRoutes (SecElemRoute);
2113
2114 {
2115 unsigned long num = 0;
2116 if (GetNumValue("UICC_LISTEN_TECH_MASK", &num, sizeof(num)))
2117 tech_mask = num;
2118 ALOGD ("%s: start UICC listen; h=0x%X; tech mask=0x%X", fn, mActiveEeHandle, tech_mask);
2119 SyncEventGuard guard (mUiccListenEvent);
2120 nfaStat = NFA_CeConfigureUiccListenTech (mActiveEeHandle, tech_mask);
2121 if (nfaStat == NFA_STATUS_OK)
2122 {
2123 mUiccListenEvent.wait ();
2124 retval = true;
2125 }
2126 else
2127 ALOGE ("%s: fail to start UICC listen", fn);
2128 }
2129
2130 ALOGD ("%s: exit; ok=%u", fn, retval);
2131 return retval;
2132 }
2133
2134
2135 /*******************************************************************************
2136 **
2137 ** Function: routeToDefault
2138 **
2139 ** Description: Adjust controller's listen-mode routing table so transactions
2140 ** are routed to the default destination.
2141 **
2142 ** Returns: True if ok.
2143 **
2144 *******************************************************************************/
routeToDefault()2145 bool SecureElement::routeToDefault ()
2146 {
2147 static const char fn [] = "SecureElement::routeToDefault";
2148 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
2149 bool retval = false;
2150
2151 ALOGD ("%s: enter", fn);
2152 if (! mIsInit)
2153 {
2154 ALOGE ("%s: not init", fn);
2155 return false;
2156 }
2157
2158 if (mCurrentRouteSelection == DefaultRoute)
2159 {
2160 ALOGD ("%s: already default route", fn);
2161 return true;
2162 }
2163
2164 if (mActiveEeHandle != NFA_HANDLE_INVALID)
2165 {
2166 ALOGD ("%s: stop UICC listen; EE h=0x%X", fn, mActiveEeHandle);
2167 SyncEventGuard guard (mUiccListenEvent);
2168 nfaStat = NFA_CeConfigureUiccListenTech (mActiveEeHandle, 0);
2169 if (nfaStat == NFA_STATUS_OK)
2170 {
2171 mUiccListenEvent.wait ();
2172 retval = true;
2173 }
2174 else
2175 ALOGE ("%s: fail to stop UICC listen", fn);
2176 }
2177 else
2178 retval = true;
2179
2180 adjustRoutes (DefaultRoute);
2181
2182 ALOGD ("%s: exit; ok=%u", fn, retval);
2183 return retval;
2184 }
2185
2186
2187 /*******************************************************************************
2188 **
2189 ** Function: isBusy
2190 **
2191 ** Description: Whether controller is routing listen-mode events to
2192 ** secure elements or a pipe is connected.
2193 **
2194 ** Returns: True if either case is true.
2195 **
2196 *******************************************************************************/
isBusy()2197 bool SecureElement::isBusy ()
2198 {
2199 bool retval = (mCurrentRouteSelection == SecElemRoute) || mIsPiping;
2200 ALOGD ("SecureElement::isBusy: %u", retval);
2201 return retval;
2202 }
2203