1 /*
2 * Copyright (C) 2012 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 /*
18 * Communicate with secure elements that are attached to the NFC
19 * controller.
20 */
21 #include <semaphore.h>
22 #include <errno.h>
23 #include <ScopedLocalRef.h>
24 #include "OverrideLog.h"
25 #include "SecureElement.h"
26 #include "config.h"
27 #include "PowerSwitch.h"
28 #include "JavaClassConstants.h"
29
30
31 /*****************************************************************************
32 **
33 ** public variables
34 **
35 *****************************************************************************/
36 int gSEId = -1; // secure element ID to use in connectEE(), -1 means not set
37 int gGatePipe = -1; // gate id or static pipe id to use in connectEE(), -1 means not set
38 bool gUseStaticPipe = false; // if true, use gGatePipe as static pipe id. if false, use as gate id
39
40 namespace android
41 {
42 extern void startRfDiscovery (bool isStart);
43 extern void setUiccIdleTimeout (bool enable);
44 }
45
46 //////////////////////////////////////////////
47 //////////////////////////////////////////////
48
49
50 SecureElement SecureElement::sSecElem;
51 const char* SecureElement::APP_NAME = "nfc_jni";
52 const UINT16 ACTIVE_SE_USE_ANY = 0xFFFF;
53
54 /*******************************************************************************
55 **
56 ** Function: SecureElement
57 **
58 ** Description: Initialize member variables.
59 **
60 ** Returns: None
61 **
62 *******************************************************************************/
SecureElement()63 SecureElement::SecureElement ()
64 : mActiveEeHandle (NFA_HANDLE_INVALID),
65 mDestinationGate (4), //loopback gate
66 mNfaHciHandle (NFA_HANDLE_INVALID),
67 mNativeData (NULL),
68 mIsInit (false),
69 mActualNumEe (0),
70 mNumEePresent(0),
71 mbNewEE (true), // by default we start w/thinking there are new EE
72 mNewPipeId (0),
73 mNewSourceGate (0),
74 mActiveSeOverride(ACTIVE_SE_USE_ANY),
75 mCommandStatus (NFA_STATUS_OK),
76 mIsPiping (false),
77 mCurrentRouteSelection (NoRoute),
78 mActualResponseSize(0),
79 mUseOberthurWarmReset (false),
80 mActivatedInListenMode (false),
81 mOberthurWarmResetCommand (3),
82 mRfFieldIsOn(false)
83 {
84 memset (&mEeInfo, 0, sizeof(mEeInfo));
85 memset (&mUiccInfo, 0, sizeof(mUiccInfo));
86 memset (&mHciCfg, 0, sizeof(mHciCfg));
87 memset (mResponseData, 0, sizeof(mResponseData));
88 memset (mAidForEmptySelect, 0, sizeof(mAidForEmptySelect));
89 memset (&mLastRfFieldToggle, 0, sizeof(mLastRfFieldToggle));
90 }
91
92
93 /*******************************************************************************
94 **
95 ** Function: ~SecureElement
96 **
97 ** Description: Release all resources.
98 **
99 ** Returns: None
100 **
101 *******************************************************************************/
~SecureElement()102 SecureElement::~SecureElement ()
103 {
104 }
105
106
107 /*******************************************************************************
108 **
109 ** Function: getInstance
110 **
111 ** Description: Get the SecureElement singleton object.
112 **
113 ** Returns: SecureElement object.
114 **
115 *******************************************************************************/
getInstance()116 SecureElement& SecureElement::getInstance()
117 {
118 return sSecElem;
119 }
120
121
122 /*******************************************************************************
123 **
124 ** Function: setActiveSeOverride
125 **
126 ** Description: Specify which secure element to turn on.
127 ** activeSeOverride: ID of secure element
128 **
129 ** Returns: None
130 **
131 *******************************************************************************/
setActiveSeOverride(UINT8 activeSeOverride)132 void SecureElement::setActiveSeOverride(UINT8 activeSeOverride)
133 {
134 ALOGD ("SecureElement::setActiveSeOverride, seid=0x%X", activeSeOverride);
135 mActiveSeOverride = activeSeOverride;
136 }
137
138
139 /*******************************************************************************
140 **
141 ** Function: initialize
142 **
143 ** Description: Initialize all member variables.
144 ** native: Native data.
145 **
146 ** Returns: True if ok.
147 **
148 *******************************************************************************/
initialize(nfc_jni_native_data * native)149 bool SecureElement::initialize (nfc_jni_native_data* native)
150 {
151 static const char fn [] = "SecureElement::initialize";
152 tNFA_STATUS nfaStat;
153 unsigned long num = 0;
154
155 ALOGD ("%s: enter", fn);
156
157 if (GetNumValue("NFA_HCI_DEFAULT_DEST_GATE", &num, sizeof(num)))
158 mDestinationGate = num;
159 ALOGD ("%s: Default destination gate: 0x%X", fn, mDestinationGate);
160
161 // active SE, if not set active all SEs, use the first one.
162 if (GetNumValue("ACTIVE_SE", &num, sizeof(num)))
163 {
164 mActiveSeOverride = num;
165 ALOGD ("%s: Active SE override: 0x%X", fn, mActiveSeOverride);
166 }
167
168 if (GetNumValue("OBERTHUR_WARM_RESET_COMMAND", &num, sizeof(num)))
169 {
170 mUseOberthurWarmReset = true;
171 mOberthurWarmResetCommand = (UINT8) num;
172 }
173
174 mActiveEeHandle = NFA_HANDLE_INVALID;
175 mNfaHciHandle = NFA_HANDLE_INVALID;
176
177 mNativeData = native;
178 mActualNumEe = MAX_NUM_EE;
179 mbNewEE = true;
180 mNewPipeId = 0;
181 mNewSourceGate = 0;
182 mRfFieldIsOn = false;
183 mActivatedInListenMode = false;
184 mCurrentRouteSelection = NoRoute;
185 memset (mEeInfo, 0, sizeof(mEeInfo));
186 memset (&mUiccInfo, 0, sizeof(mUiccInfo));
187 memset (&mHciCfg, 0, sizeof(mHciCfg));
188 mUsedAids.clear ();
189 memset(mAidForEmptySelect, 0, sizeof(mAidForEmptySelect));
190
191 // if no SE is to be used, get out.
192 if (mActiveSeOverride == 0)
193 {
194 ALOGD ("%s: No SE; No need to initialize SecureElement", fn);
195 return (false);
196 }
197
198 // Get Fresh EE info.
199 if (! getEeInfo())
200 return (false);
201
202 // If the controller has an HCI Network, register for that
203 for (size_t xx = 0; xx < mActualNumEe; xx++)
204 {
205 if ((mEeInfo[xx].num_interface > 0) && (mEeInfo[xx].ee_interface[0] == NCI_NFCEE_INTERFACE_HCI_ACCESS) )
206 {
207 ALOGD ("%s: Found HCI network, try hci register", fn);
208
209 SyncEventGuard guard (mHciRegisterEvent);
210
211 nfaStat = NFA_HciRegister (const_cast<char*>(APP_NAME), nfaHciCallback, TRUE);
212 if (nfaStat != NFA_STATUS_OK)
213 {
214 ALOGE ("%s: fail hci register; error=0x%X", fn, nfaStat);
215 return (false);
216 }
217 mHciRegisterEvent.wait();
218 break;
219 }
220 }
221
222 GetStrValue(NAME_AID_FOR_EMPTY_SELECT, (char*)&mAidForEmptySelect[0], sizeof(mAidForEmptySelect));
223
224 mIsInit = true;
225 ALOGD ("%s: exit", fn);
226 return (true);
227 }
228
229
230 /*******************************************************************************
231 **
232 ** Function: finalize
233 **
234 ** Description: Release all resources.
235 **
236 ** Returns: None
237 **
238 *******************************************************************************/
finalize()239 void SecureElement::finalize ()
240 {
241 static const char fn [] = "SecureElement::finalize";
242 ALOGD ("%s: enter", fn);
243
244 if (mNfaHciHandle != NFA_HANDLE_INVALID)
245 NFA_HciDeregister (const_cast<char*>(APP_NAME));
246
247 mNfaHciHandle = NFA_HANDLE_INVALID;
248 mNativeData = NULL;
249 mIsInit = false;
250 mActualNumEe = 0;
251 mNumEePresent = 0;
252 mNewPipeId = 0;
253 mNewSourceGate = 0;
254 mIsPiping = false;
255 memset (mEeInfo, 0, sizeof(mEeInfo));
256 memset (&mUiccInfo, 0, sizeof(mUiccInfo));
257
258 ALOGD ("%s: exit", fn);
259 }
260
261
262 /*******************************************************************************
263 **
264 ** Function: getEeInfo
265 **
266 ** Description: Get latest information about execution environments from stack.
267 **
268 ** Returns: True if at least 1 EE is available.
269 **
270 *******************************************************************************/
getEeInfo()271 bool SecureElement::getEeInfo()
272 {
273 static const char fn [] = "SecureElement::getEeInfo";
274 ALOGD ("%s: enter; mbNewEE=%d, mActualNumEe=%d", fn, mbNewEE, mActualNumEe);
275 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
276
277 // If mbNewEE is true then there is new EE info.
278 if (mbNewEE)
279 {
280 mActualNumEe = MAX_NUM_EE;
281
282 if ((nfaStat = NFA_EeGetInfo (&mActualNumEe, mEeInfo)) != NFA_STATUS_OK)
283 {
284 ALOGE ("%s: fail get info; error=0x%X", fn, nfaStat);
285 mActualNumEe = 0;
286 }
287 else
288 {
289 mbNewEE = false;
290
291 ALOGD ("%s: num EEs discovered: %u", fn, mActualNumEe);
292 if (mActualNumEe != 0)
293 {
294 for (UINT8 xx = 0; xx < mActualNumEe; xx++)
295 {
296 if ((mEeInfo[xx].num_interface != 0) && (mEeInfo[xx].ee_interface[0] != NCI_NFCEE_INTERFACE_HCI_ACCESS) )
297 mNumEePresent++;
298
299 ALOGD ("%s: EE[%u] Handle: 0x%04x Status: %s Num I/f: %u: (0x%02x, 0x%02x) Num TLVs: %u",
300 fn, xx, mEeInfo[xx].ee_handle, eeStatusToString(mEeInfo[xx].ee_status), mEeInfo[xx].num_interface,
301 mEeInfo[xx].ee_interface[0], mEeInfo[xx].ee_interface[1], mEeInfo[xx].num_tlvs);
302
303 for (size_t yy = 0; yy < mEeInfo[xx].num_tlvs; yy++)
304 {
305 ALOGD ("%s: EE[%u] TLV[%u] Tag: 0x%02x Len: %u Values[]: 0x%02x 0x%02x 0x%02x ...",
306 fn, xx, yy, mEeInfo[xx].ee_tlv[yy].tag, mEeInfo[xx].ee_tlv[yy].len, mEeInfo[xx].ee_tlv[yy].info[0],
307 mEeInfo[xx].ee_tlv[yy].info[1], mEeInfo[xx].ee_tlv[yy].info[2]);
308 }
309 }
310 }
311 }
312 }
313 ALOGD ("%s: exit; mActualNumEe=%d, mNumEePresent=%d", fn, mActualNumEe,mNumEePresent);
314 return (mActualNumEe != 0);
315 }
316
317
318 /*******************************************************************************
319 **
320 ** Function TimeDiff
321 **
322 ** Description Computes time difference in milliseconds.
323 **
324 ** Returns Time difference in milliseconds
325 **
326 *******************************************************************************/
TimeDiff(timespec start,timespec end)327 static UINT32 TimeDiff(timespec start, timespec end)
328 {
329 end.tv_sec -= start.tv_sec;
330 end.tv_nsec -= start.tv_nsec;
331
332 if (end.tv_nsec < 0) {
333 end.tv_nsec += 10e8;
334 end.tv_sec -=1;
335 }
336
337 return (end.tv_sec * 1000) + (end.tv_nsec / 10e5);
338 }
339
340 /*******************************************************************************
341 **
342 ** Function: isRfFieldOn
343 **
344 ** Description: Can be used to determine if the SE is in an RF field
345 **
346 ** Returns: True if the SE is activated in an RF field
347 **
348 *******************************************************************************/
isRfFieldOn()349 bool SecureElement::isRfFieldOn() {
350 AutoMutex mutex(mMutex);
351 if (mRfFieldIsOn) {
352 return true;
353 }
354 struct timespec now;
355 int ret = clock_gettime(CLOCK_MONOTONIC, &now);
356 if (ret == -1) {
357 ALOGE("isRfFieldOn(): clock_gettime failed");
358 return false;
359 }
360 if (TimeDiff(mLastRfFieldToggle, now) < 50) {
361 // If it was less than 50ms ago that RF field
362 // was turned off, still return ON.
363 return true;
364 } else {
365 return false;
366 }
367 }
368
369 /*******************************************************************************
370 **
371 ** Function: isActivatedInListenMode
372 **
373 ** Description: Can be used to determine if the SE is activated in listen mode
374 **
375 ** Returns: True if the SE is activated in listen mode
376 **
377 *******************************************************************************/
isActivatedInListenMode()378 bool SecureElement::isActivatedInListenMode() {
379 return mActivatedInListenMode;
380 }
381
382 /*******************************************************************************
383 **
384 ** Function: getSecureElementIdList
385 **
386 ** Description: Get a list of ID's of all secure elements.
387 ** e: Java Virtual Machine.
388 **
389 ** Returns: List of ID's.
390 **
391 *******************************************************************************/
getSecureElementIdList(JNIEnv * e)392 jintArray SecureElement::getSecureElementIdList (JNIEnv* e)
393 {
394 static const char fn [] = "SecureElement::getSecureElementIdList";
395 ALOGD ("%s: enter", fn);
396
397 if (!mIsInit)
398 {
399 ALOGE ("%s: not init", fn);
400 return NULL;
401 }
402
403 if (! getEeInfo())
404 {
405 ALOGE ("%s: no sec elem", fn);
406 return NULL;
407 }
408
409 jintArray list = e->NewIntArray (mNumEePresent); //allocate array
410 jint seId = 0;
411 int cnt = 0;
412 for (int ii = 0; ii < mActualNumEe && cnt < mNumEePresent; ii++)
413 {
414 if ((mEeInfo[ii].num_interface == 0) || (mEeInfo[ii].ee_interface[0] == NCI_NFCEE_INTERFACE_HCI_ACCESS) )
415 continue;
416 seId = mEeInfo[ii].ee_handle & ~NFA_HANDLE_GROUP_EE;
417 e->SetIntArrayRegion (list, cnt++, 1, &seId);
418 ALOGD ("%s: index=%d; se id=0x%X", fn, ii, seId);
419 }
420 ALOGD("%s: exit", fn);
421 return list;
422 }
423
424
425 /*******************************************************************************
426 **
427 ** Function: activate
428 **
429 ** Description: Turn on the secure element.
430 ** seID: ID of secure element; 0xF3 or 0xF4.
431 **
432 ** Returns: True if ok.
433 **
434 *******************************************************************************/
activate(jint seID)435 bool SecureElement::activate (jint seID)
436 {
437 static const char fn [] = "SecureElement::activate";
438 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
439 int numActivatedEe = 0;
440
441 ALOGD ("%s: enter; seID=0x%X", fn, seID);
442
443 if (!mIsInit)
444 {
445 ALOGE ("%s: not init", fn);
446 return false;
447 }
448
449 if (mActiveEeHandle != NFA_HANDLE_INVALID)
450 {
451 ALOGD ("%s: already active", fn);
452 return true;
453 }
454
455 // Get Fresh EE info if needed.
456 if (! getEeInfo())
457 {
458 ALOGE ("%s: no EE info", fn);
459 return false;
460 }
461
462 UINT16 overrideEeHandle = 0;
463 // If the Active SE is overridden
464 if (mActiveSeOverride && (mActiveSeOverride != ACTIVE_SE_USE_ANY))
465 overrideEeHandle = NFA_HANDLE_GROUP_EE | mActiveSeOverride;
466
467 ALOGD ("%s: override ee h=0x%X", fn, overrideEeHandle );
468
469 if (mRfFieldIsOn) {
470 ALOGE("%s: RF field indication still on, resetting", fn);
471 mRfFieldIsOn = false;
472 }
473
474 //activate every discovered secure element
475 for (int index=0; index < mActualNumEe; index++)
476 {
477 tNFA_EE_INFO& eeItem = mEeInfo[index];
478
479 if ((eeItem.ee_handle == EE_HANDLE_0xF3) || (eeItem.ee_handle == EE_HANDLE_0xF4))
480 {
481 if (overrideEeHandle && (overrideEeHandle != eeItem.ee_handle) )
482 continue; // do not enable all SEs; only the override one
483
484 if (eeItem.ee_status != NFC_NFCEE_STATUS_INACTIVE)
485 {
486 ALOGD ("%s: h=0x%X already activated", fn, eeItem.ee_handle);
487 numActivatedEe++;
488 continue;
489 }
490
491 {
492 SyncEventGuard guard (mEeSetModeEvent);
493 ALOGD ("%s: set EE mode activate; h=0x%X", fn, eeItem.ee_handle);
494 if ((nfaStat = NFA_EeModeSet (eeItem.ee_handle, NFA_EE_MD_ACTIVATE)) == NFA_STATUS_OK)
495 {
496 mEeSetModeEvent.wait (); //wait for NFA_EE_MODE_SET_EVT
497 if (eeItem.ee_status == NFC_NFCEE_STATUS_ACTIVE)
498 numActivatedEe++;
499 }
500 else
501 ALOGE ("%s: NFA_EeModeSet failed; error=0x%X", fn, nfaStat);
502 }
503 }
504 } //for
505
506 mActiveEeHandle = getDefaultEeHandle();
507 if (mActiveEeHandle == NFA_HANDLE_INVALID)
508 ALOGE ("%s: ee handle not found", fn);
509 ALOGD ("%s: exit; active ee h=0x%X", fn, mActiveEeHandle);
510 return mActiveEeHandle != NFA_HANDLE_INVALID;
511 }
512
513
514 /*******************************************************************************
515 **
516 ** Function: deactivate
517 **
518 ** Description: Turn off the secure element.
519 ** seID: ID of secure element; 0xF3 or 0xF4.
520 **
521 ** Returns: True if ok.
522 **
523 *******************************************************************************/
deactivate(jint seID)524 bool SecureElement::deactivate (jint seID)
525 {
526 static const char fn [] = "SecureElement::deactivate";
527 bool retval = false;
528
529 ALOGD ("%s: enter; seID=0x%X, mActiveEeHandle=0x%X", fn, seID, mActiveEeHandle);
530
531 if (!mIsInit)
532 {
533 ALOGE ("%s: not init", fn);
534 goto TheEnd;
535 }
536
537 //if the controller is routing to sec elems or piping,
538 //then the secure element cannot be deactivated
539 if ((mCurrentRouteSelection == SecElemRoute) || mIsPiping)
540 {
541 ALOGE ("%s: still busy", fn);
542 goto TheEnd;
543 }
544
545 if (mActiveEeHandle == NFA_HANDLE_INVALID)
546 {
547 ALOGE ("%s: invalid EE handle", fn);
548 goto TheEnd;
549 }
550
551 mActiveEeHandle = NFA_HANDLE_INVALID;
552 retval = true;
553
554 TheEnd:
555 ALOGD ("%s: exit; ok=%u", fn, retval);
556 return retval;
557 }
558
559
560 /*******************************************************************************
561 **
562 ** Function: notifyTransactionListenersOfAid
563 **
564 ** Description: Notify the NFC service about a transaction event from secure element.
565 ** aid: Buffer contains application ID.
566 ** aidLen: Length of application ID.
567 **
568 ** Returns: None
569 **
570 *******************************************************************************/
notifyTransactionListenersOfAid(const UINT8 * aidBuffer,UINT8 aidBufferLen)571 void SecureElement::notifyTransactionListenersOfAid (const UINT8* aidBuffer, UINT8 aidBufferLen)
572 {
573 static const char fn [] = "SecureElement::notifyTransactionListenersOfAid";
574 ALOGD ("%s: enter; aid len=%u", fn, aidBufferLen);
575
576 if (aidBufferLen == 0) {
577 return;
578 }
579
580 JNIEnv* e = NULL;
581 ScopedAttach attach(mNativeData->vm, &e);
582 if (e == NULL)
583 {
584 ALOGE ("%s: jni env is null", fn);
585 return;
586 }
587
588 const UINT16 tlvMaxLen = aidBufferLen + 10;
589 UINT8* tlv = new UINT8 [tlvMaxLen];
590 if (tlv == NULL)
591 {
592 ALOGE ("%s: fail allocate tlv", fn);
593 return;
594 }
595
596 memcpy (tlv, aidBuffer, aidBufferLen);
597 UINT16 tlvActualLen = aidBufferLen;
598
599 ScopedLocalRef<jobject> tlvJavaArray(e, e->NewByteArray(tlvActualLen));
600 if (tlvJavaArray.get() == NULL)
601 {
602 ALOGE ("%s: fail allocate array", fn);
603 goto TheEnd;
604 }
605
606 e->SetByteArrayRegion ((jbyteArray)tlvJavaArray.get(), 0, tlvActualLen, (jbyte *)tlv);
607 if (e->ExceptionCheck())
608 {
609 e->ExceptionClear();
610 ALOGE ("%s: fail fill array", fn);
611 goto TheEnd;
612 }
613
614 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifyTransactionListeners, tlvJavaArray.get());
615 if (e->ExceptionCheck())
616 {
617 e->ExceptionClear();
618 ALOGE ("%s: fail notify", fn);
619 goto TheEnd;
620 }
621
622 TheEnd:
623 delete [] tlv;
624 ALOGD ("%s: exit", fn);
625 }
626
627
628 /*******************************************************************************
629 **
630 ** Function: connectEE
631 **
632 ** Description: Connect to the execution environment.
633 **
634 ** Returns: True if ok.
635 **
636 *******************************************************************************/
connectEE()637 bool SecureElement::connectEE ()
638 {
639 static const char fn [] = "SecureElement::connectEE";
640 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
641 bool retVal = false;
642 UINT8 destHost = 0;
643 unsigned long num = 0;
644 char pipeConfName[40];
645 tNFA_HANDLE eeHandle = mActiveEeHandle;
646
647 ALOGD ("%s: enter, mActiveEeHandle: 0x%04x, SEID: 0x%x, pipe_gate_num=%d, use pipe=%d",
648 fn, mActiveEeHandle, gSEId, gGatePipe, gUseStaticPipe);
649
650 if (!mIsInit)
651 {
652 ALOGE ("%s: not init", fn);
653 return (false);
654 }
655
656 if (gSEId != -1)
657 {
658 eeHandle = gSEId | NFA_HANDLE_GROUP_EE;
659 ALOGD ("%s: Using SEID: 0x%x", fn, eeHandle );
660 }
661
662 if (eeHandle == NFA_HANDLE_INVALID)
663 {
664 ALOGE ("%s: invalid handle 0x%X", fn, eeHandle);
665 return (false);
666 }
667
668 tNFA_EE_INFO *pEE = findEeByHandle (eeHandle);
669
670 if (pEE == NULL)
671 {
672 ALOGE ("%s: Handle 0x%04x NOT FOUND !!", fn, eeHandle);
673 return (false);
674 }
675
676 // Disable RF discovery completely while the DH is connected
677 android::startRfDiscovery(false);
678
679 // Disable UICC idle timeout while the DH is connected
680 android::setUiccIdleTimeout (false);
681
682 mNewSourceGate = 0;
683
684 if (gGatePipe == -1)
685 {
686 // pipe/gate num was not specifed by app, get from config file
687 mNewPipeId = 0;
688
689 // Construct the PIPE name based on the EE handle (e.g. NFA_HCI_STATIC_PIPE_ID_F3 for UICC0).
690 snprintf (pipeConfName, sizeof(pipeConfName), "NFA_HCI_STATIC_PIPE_ID_%02X", eeHandle & NFA_HANDLE_MASK);
691
692 if (GetNumValue(pipeConfName, &num, sizeof(num)) && (num != 0))
693 {
694 mNewPipeId = num;
695 ALOGD ("%s: Using static pipe id: 0x%X", __FUNCTION__, mNewPipeId);
696 }
697 else
698 {
699 ALOGD ("%s: Did not find value '%s' defined in the .conf", __FUNCTION__, pipeConfName);
700 }
701 }
702 else
703 {
704 if (gUseStaticPipe)
705 {
706 mNewPipeId = gGatePipe;
707 }
708 else
709 {
710 mNewPipeId = 0;
711 mDestinationGate= gGatePipe;
712 }
713 }
714
715 // If the .conf file had a static pipe to use, just use it.
716 if (mNewPipeId != 0)
717 {
718 UINT8 host = (mNewPipeId == STATIC_PIPE_0x70) ? 0x02 : 0x03;
719 UINT8 gate = (mNewPipeId == STATIC_PIPE_0x70) ? 0xF0 : 0xF1;
720 nfaStat = NFA_HciAddStaticPipe(mNfaHciHandle, host, gate, mNewPipeId);
721 if (nfaStat != NFA_STATUS_OK)
722 {
723 ALOGE ("%s: fail create static pipe; error=0x%X", fn, nfaStat);
724 retVal = false;
725 goto TheEnd;
726 }
727 }
728 else
729 {
730 if ( (pEE->num_tlvs >= 1) && (pEE->ee_tlv[0].tag == NFA_EE_TAG_HCI_HOST_ID) )
731 destHost = pEE->ee_tlv[0].info[0];
732 else
733 destHost = 2;
734
735 // Get a list of existing gates and pipes
736 {
737 ALOGD ("%s: get gate, pipe list", fn);
738 SyncEventGuard guard (mPipeListEvent);
739 nfaStat = NFA_HciGetGateAndPipeList (mNfaHciHandle);
740 if (nfaStat == NFA_STATUS_OK)
741 {
742 mPipeListEvent.wait();
743 if (mHciCfg.status == NFA_STATUS_OK)
744 {
745 for (UINT8 xx = 0; xx < mHciCfg.num_pipes; xx++)
746 {
747 if ( (mHciCfg.pipe[xx].dest_host == destHost)
748 && (mHciCfg.pipe[xx].dest_gate == mDestinationGate) )
749 {
750 mNewSourceGate = mHciCfg.pipe[xx].local_gate;
751 mNewPipeId = mHciCfg.pipe[xx].pipe_id;
752
753 ALOGD ("%s: found configured gate: 0x%02x pipe: 0x%02x", fn, mNewSourceGate, mNewPipeId);
754 break;
755 }
756 }
757 }
758 }
759 }
760
761 if (mNewSourceGate == 0)
762 {
763 ALOGD ("%s: allocate gate", fn);
764 //allocate a source gate and store in mNewSourceGate
765 SyncEventGuard guard (mAllocateGateEvent);
766 if ((nfaStat = NFA_HciAllocGate (mNfaHciHandle)) != NFA_STATUS_OK)
767 {
768 ALOGE ("%s: fail allocate source gate; error=0x%X", fn, nfaStat);
769 goto TheEnd;
770 }
771 mAllocateGateEvent.wait ();
772 if (mCommandStatus != NFA_STATUS_OK)
773 goto TheEnd;
774 }
775
776 if (mNewPipeId == 0)
777 {
778 ALOGD ("%s: create pipe", fn);
779 SyncEventGuard guard (mCreatePipeEvent);
780 nfaStat = NFA_HciCreatePipe (mNfaHciHandle, mNewSourceGate, destHost, mDestinationGate);
781 if (nfaStat != NFA_STATUS_OK)
782 {
783 ALOGE ("%s: fail create pipe; error=0x%X", fn, nfaStat);
784 goto TheEnd;
785 }
786 mCreatePipeEvent.wait ();
787 if (mCommandStatus != NFA_STATUS_OK)
788 goto TheEnd;
789 }
790
791 {
792 ALOGD ("%s: open pipe", fn);
793 SyncEventGuard guard (mPipeOpenedEvent);
794 nfaStat = NFA_HciOpenPipe (mNfaHciHandle, mNewPipeId);
795 if (nfaStat != NFA_STATUS_OK)
796 {
797 ALOGE ("%s: fail open pipe; error=0x%X", fn, nfaStat);
798 goto TheEnd;
799 }
800 mPipeOpenedEvent.wait ();
801 if (mCommandStatus != NFA_STATUS_OK)
802 goto TheEnd;
803 }
804 }
805
806 retVal = true;
807
808 TheEnd:
809 mIsPiping = retVal;
810 if (!retVal)
811 {
812 // if open failed we need to de-allocate the gate
813 disconnectEE(0);
814 }
815
816 ALOGD ("%s: exit; ok=%u", fn, retVal);
817 return retVal;
818 }
819
820
821 /*******************************************************************************
822 **
823 ** Function: disconnectEE
824 **
825 ** Description: Disconnect from the execution environment.
826 ** seID: ID of secure element.
827 **
828 ** Returns: True if ok.
829 **
830 *******************************************************************************/
disconnectEE(jint seID)831 bool SecureElement::disconnectEE (jint seID)
832 {
833 static const char fn [] = "SecureElement::disconnectEE";
834 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
835 tNFA_HANDLE eeHandle = seID;
836
837 ALOGD("%s: seID=0x%X; handle=0x%04x", fn, seID, eeHandle);
838
839 if (mUseOberthurWarmReset)
840 {
841 //send warm-reset command to Oberthur secure element which deselects the applet;
842 //this is an Oberthur-specific command;
843 ALOGD("%s: try warm-reset on pipe id 0x%X; cmd=0x%X", fn, mNewPipeId, mOberthurWarmResetCommand);
844 SyncEventGuard guard (mRegistryEvent);
845 nfaStat = NFA_HciSetRegistry (mNfaHciHandle, mNewPipeId,
846 1, 1, &mOberthurWarmResetCommand);
847 if (nfaStat == NFA_STATUS_OK)
848 {
849 mRegistryEvent.wait ();
850 ALOGD("%s: completed warm-reset on pipe 0x%X", fn, mNewPipeId);
851 }
852 }
853
854 if (mNewSourceGate)
855 {
856 SyncEventGuard guard (mDeallocateGateEvent);
857 if ((nfaStat = NFA_HciDeallocGate (mNfaHciHandle, mNewSourceGate)) == NFA_STATUS_OK)
858 mDeallocateGateEvent.wait ();
859 else
860 ALOGE ("%s: fail dealloc gate; error=0x%X", fn, nfaStat);
861 }
862
863 mIsPiping = false;
864
865 // Re-enable UICC low-power mode
866 android::setUiccIdleTimeout (true);
867 // Re-enable RF discovery
868 // Note that it only effactuates the current configuration,
869 // so if polling/listening were configured OFF (forex because
870 // the screen was off), they will stay OFF with this call.
871 android::startRfDiscovery(true);
872
873 return true;
874 }
875
876
877 /*******************************************************************************
878 **
879 ** Function: transceive
880 **
881 ** Description: Send data to the secure element; read it's response.
882 ** xmitBuffer: Data to transmit.
883 ** xmitBufferSize: Length of data.
884 ** recvBuffer: Buffer to receive response.
885 ** recvBufferMaxSize: Maximum size of buffer.
886 ** recvBufferActualSize: Actual length of response.
887 ** timeoutMillisec: timeout in millisecond.
888 **
889 ** Returns: True if ok.
890 **
891 *******************************************************************************/
transceive(UINT8 * xmitBuffer,INT32 xmitBufferSize,UINT8 * recvBuffer,INT32 recvBufferMaxSize,INT32 & recvBufferActualSize,INT32 timeoutMillisec)892 bool SecureElement::transceive (UINT8* xmitBuffer, INT32 xmitBufferSize, UINT8* recvBuffer,
893 INT32 recvBufferMaxSize, INT32& recvBufferActualSize, INT32 timeoutMillisec)
894 {
895 static const char fn [] = "SecureElement::transceive";
896 tNFA_STATUS nfaStat = NFA_STATUS_FAILED;
897 bool isSuccess = false;
898 bool waitOk = false;
899 UINT8 newSelectCmd[NCI_MAX_AID_LEN + 10];
900
901 ALOGD ("%s: enter; xmitBufferSize=%ld; recvBufferMaxSize=%ld; timeout=%ld", fn, xmitBufferSize, recvBufferMaxSize, timeoutMillisec);
902
903 // Check if we need to replace an "empty" SELECT command.
904 // 1. Has there been a AID configured, and
905 // 2. Is that AID a valid length (i.e 16 bytes max), and
906 // 3. Is the APDU at least 4 bytes (for header), and
907 // 4. Is INS == 0xA4 (SELECT command), and
908 // 5. Is P1 == 0x04 (SELECT by AID), and
909 // 6. Is the APDU len 4 or 5 bytes.
910 //
911 // Note, the length of the configured AID is in the first
912 // byte, and AID starts from the 2nd byte.
913 if (mAidForEmptySelect[0] // 1
914 && (mAidForEmptySelect[0] <= NCI_MAX_AID_LEN) // 2
915 && (xmitBufferSize >= 4) // 3
916 && (xmitBuffer[1] == 0xA4) // 4
917 && (xmitBuffer[2] == 0x04) // 5
918 && (xmitBufferSize <= 5)) // 6
919 {
920 UINT8 idx = 0;
921
922 // Copy APDU command header from the input buffer.
923 memcpy(&newSelectCmd[0], &xmitBuffer[0], 4);
924 idx = 4;
925
926 // Set the Lc value to length of the new AID
927 newSelectCmd[idx++] = mAidForEmptySelect[0];
928
929 // Copy the AID
930 memcpy(&newSelectCmd[idx], &mAidForEmptySelect[1], mAidForEmptySelect[0]);
931 idx += mAidForEmptySelect[0];
932
933 // If there is an Le (5th byte of APDU), add it to the end.
934 if (xmitBufferSize == 5)
935 newSelectCmd[idx++] = xmitBuffer[4];
936
937 // Point to the new APDU
938 xmitBuffer = &newSelectCmd[0];
939 xmitBufferSize = idx;
940
941 ALOGD ("%s: Empty AID SELECT cmd detected, substituting AID from config file, new length=%d", fn, idx);
942 }
943
944 {
945 SyncEventGuard guard (mTransceiveEvent);
946 mActualResponseSize = 0;
947 memset (mResponseData, 0, sizeof(mResponseData));
948 if ((mNewPipeId == STATIC_PIPE_0x70) || (mNewPipeId == STATIC_PIPE_0x71))
949 nfaStat = NFA_HciSendEvent (mNfaHciHandle, mNewPipeId, EVT_SEND_DATA, xmitBufferSize, xmitBuffer, sizeof(mResponseData), mResponseData, timeoutMillisec);
950 else
951 nfaStat = NFA_HciSendEvent (mNfaHciHandle, mNewPipeId, NFA_HCI_EVT_POST_DATA, xmitBufferSize, xmitBuffer, sizeof(mResponseData), mResponseData, timeoutMillisec);
952 if (nfaStat == NFA_STATUS_OK)
953 {
954 waitOk = mTransceiveEvent.wait (timeoutMillisec);
955 if (waitOk == false) //timeout occurs
956 {
957 ALOGE ("%s: wait response timeout", fn);
958 goto TheEnd;
959 }
960 }
961 else
962 {
963 ALOGE ("%s: fail send data; error=0x%X", fn, nfaStat);
964 goto TheEnd;
965 }
966 }
967
968 if (mActualResponseSize > recvBufferMaxSize)
969 recvBufferActualSize = recvBufferMaxSize;
970 else
971 recvBufferActualSize = mActualResponseSize;
972
973 memcpy (recvBuffer, mResponseData, recvBufferActualSize);
974 isSuccess = true;
975
976 TheEnd:
977 ALOGD ("%s: exit; isSuccess: %d; recvBufferActualSize: %ld", fn, isSuccess, recvBufferActualSize);
978 return (isSuccess);
979 }
980
981
notifyModeSet(tNFA_HANDLE eeHandle,bool success)982 void SecureElement::notifyModeSet (tNFA_HANDLE eeHandle, bool success)
983 {
984 static const char* fn = "SecureElement::notifyModeSet";
985 if (success)
986 {
987 tNFA_EE_INFO *pEE = sSecElem.findEeByHandle (eeHandle);
988 if (pEE)
989 {
990 pEE->ee_status ^= 1;
991 ALOGD ("%s: NFA_EE_MODE_SET_EVT; pEE->ee_status: %s (0x%04x)", fn, SecureElement::eeStatusToString(pEE->ee_status), pEE->ee_status);
992 }
993 else
994 ALOGE ("%s: NFA_EE_MODE_SET_EVT; EE: 0x%04x not found. mActiveEeHandle: 0x%04x", fn, eeHandle, sSecElem.mActiveEeHandle);
995 }
996 SyncEventGuard guard (sSecElem.mEeSetModeEvent);
997 sSecElem.mEeSetModeEvent.notifyOne();
998 }
999
1000 /*******************************************************************************
1001 **
1002 ** Function: notifyListenModeState
1003 **
1004 ** Description: Notify the NFC service about whether the SE was activated
1005 ** in listen mode.
1006 ** isActive: Whether the secure element is activated.
1007 **
1008 ** Returns: None
1009 **
1010 *******************************************************************************/
notifyListenModeState(bool isActivated)1011 void SecureElement::notifyListenModeState (bool isActivated) {
1012 static const char fn [] = "SecureElement::notifyListenMode";
1013
1014 ALOGD ("%s: enter; listen mode active=%u", fn, isActivated);
1015
1016 JNIEnv* e = NULL;
1017 ScopedAttach attach(mNativeData->vm, &e);
1018 if (e == NULL)
1019 {
1020 ALOGE ("%s: jni env is null", fn);
1021 return;
1022 }
1023
1024 mActivatedInListenMode = isActivated;
1025 if (isActivated) {
1026 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeListenActivated);
1027 }
1028 else {
1029 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeListenDeactivated);
1030 }
1031
1032 if (e->ExceptionCheck())
1033 {
1034 e->ExceptionClear();
1035 ALOGE ("%s: fail notify", fn);
1036 }
1037
1038 ALOGD ("%s: exit", fn);
1039 }
1040
1041 /*******************************************************************************
1042 **
1043 ** Function: notifyRfFieldEvent
1044 **
1045 ** Description: Notify the NFC service about RF field events from the stack.
1046 ** isActive: Whether any secure element is activated.
1047 **
1048 ** Returns: None
1049 **
1050 *******************************************************************************/
notifyRfFieldEvent(bool isActive)1051 void SecureElement::notifyRfFieldEvent (bool isActive)
1052 {
1053 static const char fn [] = "SecureElement::notifyRfFieldEvent";
1054 ALOGD ("%s: enter; is active=%u", fn, isActive);
1055
1056 JNIEnv* e = NULL;
1057 ScopedAttach attach(mNativeData->vm, &e);
1058 if (e == NULL)
1059 {
1060 ALOGE ("%s: jni env is null", fn);
1061 return;
1062 }
1063
1064 mMutex.lock();
1065 int ret = clock_gettime (CLOCK_MONOTONIC, &mLastRfFieldToggle);
1066 if (ret == -1) {
1067 ALOGE("%s: clock_gettime failed", fn);
1068 // There is no good choice here...
1069 }
1070 if (isActive) {
1071 mRfFieldIsOn = true;
1072 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeFieldActivated);
1073 }
1074 else {
1075 mRfFieldIsOn = false;
1076 e->CallVoidMethod (mNativeData->manager, android::gCachedNfcManagerNotifySeFieldDeactivated);
1077 }
1078 mMutex.unlock();
1079
1080 if (e->ExceptionCheck())
1081 {
1082 e->ExceptionClear();
1083 ALOGE ("%s: fail notify", fn);
1084 }
1085 ALOGD ("%s: exit", fn);
1086 }
1087
1088 /*******************************************************************************
1089 **
1090 ** Function: resetRfFieldStatus
1091 **
1092 ** Description: Resets the field status.
1093 ** isActive: Whether any secure element is activated.
1094 **
1095 ** Returns: None
1096 **
1097 *******************************************************************************/
resetRfFieldStatus()1098 void SecureElement::resetRfFieldStatus ()
1099 {
1100 static const char fn [] = "SecureElement::resetRfFieldStatus`";
1101 ALOGD ("%s: enter;", fn);
1102
1103 mMutex.lock();
1104 mRfFieldIsOn = false;
1105 int ret = clock_gettime (CLOCK_MONOTONIC, &mLastRfFieldToggle);
1106 if (ret == -1) {
1107 ALOGE("%s: clock_gettime failed", fn);
1108 // There is no good choice here...
1109 }
1110 mMutex.unlock();
1111
1112 ALOGD ("%s: exit", fn);
1113 }
1114
1115
1116 /*******************************************************************************
1117 **
1118 ** Function: storeUiccInfo
1119 **
1120 ** Description: Store a copy of the execution environment information from the stack.
1121 ** info: execution environment information.
1122 **
1123 ** Returns: None
1124 **
1125 *******************************************************************************/
storeUiccInfo(tNFA_EE_DISCOVER_REQ & info)1126 void SecureElement::storeUiccInfo (tNFA_EE_DISCOVER_REQ& info)
1127 {
1128 static const char fn [] = "SecureElement::storeUiccInfo";
1129 ALOGD ("%s: Status: %u Num EE: %u", fn, info.status, info.num_ee);
1130
1131 SyncEventGuard guard (mUiccInfoEvent);
1132 memcpy (&mUiccInfo, &info, sizeof(mUiccInfo));
1133 for (UINT8 xx = 0; xx < info.num_ee; xx++)
1134 {
1135 //for each technology (A, B, F, B'), print the bit field that shows
1136 //what protocol(s) is support by that technology
1137 ALOGD ("%s EE[%u] Handle: 0x%04x techA: 0x%02x techB: 0x%02x techF: 0x%02x techBprime: 0x%02x",
1138 fn, xx, info.ee_disc_info[xx].ee_handle,
1139 info.ee_disc_info[xx].la_protocol,
1140 info.ee_disc_info[xx].lb_protocol,
1141 info.ee_disc_info[xx].lf_protocol,
1142 info.ee_disc_info[xx].lbp_protocol);
1143 }
1144 mUiccInfoEvent.notifyOne ();
1145 }
1146
1147 /*******************************************************************************
1148 **
1149 ** Function getSeVerInfo
1150 **
1151 ** Description Gets version information and id for a secure element. The
1152 ** seIndex parmeter is the zero based index of the secure
1153 ** element to get verion info for. The version infommation
1154 ** is returned as a string int the verInfo parameter.
1155 **
1156 ** Returns ture on success, false on failure
1157 **
1158 *******************************************************************************/
getSeVerInfo(int seIndex,char * verInfo,int verInfoSz,UINT8 * seid)1159 bool SecureElement::getSeVerInfo(int seIndex, char * verInfo, int verInfoSz, UINT8 * seid)
1160 {
1161 ALOGD("%s: enter, seIndex=%d", __FUNCTION__, seIndex);
1162
1163 if (seIndex > (mActualNumEe-1))
1164 {
1165 ALOGE("%s: invalid se index: %d, only %d SEs in system", __FUNCTION__, seIndex, mActualNumEe);
1166 return false;
1167 }
1168
1169 *seid = mEeInfo[seIndex].ee_handle;
1170
1171 if ((mEeInfo[seIndex].num_interface == 0) || (mEeInfo[seIndex].ee_interface[0] == NCI_NFCEE_INTERFACE_HCI_ACCESS) )
1172 {
1173 return false;
1174 }
1175
1176 strncpy(verInfo, "Version info not available", verInfoSz-1);
1177 verInfo[verInfoSz-1] = '\0';
1178
1179 UINT8 pipe = (mEeInfo[seIndex].ee_handle == EE_HANDLE_0xF3) ? 0x70 : 0x71;
1180 UINT8 host = (pipe == STATIC_PIPE_0x70) ? 0x02 : 0x03;
1181 UINT8 gate = (pipe == STATIC_PIPE_0x70) ? 0xF0 : 0xF1;
1182
1183 tNFA_STATUS nfaStat = NFA_HciAddStaticPipe(mNfaHciHandle, host, gate, pipe);
1184 if (nfaStat != NFA_STATUS_OK)
1185 {
1186 ALOGE ("%s: NFA_HciAddStaticPipe() failed, pipe = 0x%x, error=0x%X", __FUNCTION__, pipe, nfaStat);
1187 return true;
1188 }
1189
1190 SyncEventGuard guard (mVerInfoEvent);
1191 if (NFA_STATUS_OK == (nfaStat = NFA_HciGetRegistry (mNfaHciHandle, pipe, 0x02)))
1192 {
1193 if (false == mVerInfoEvent.wait(200))
1194 {
1195 ALOGE ("%s: wait response timeout", __FUNCTION__);
1196 }
1197 else
1198 {
1199 snprintf(verInfo, verInfoSz-1, "Oberthur OS S/N: 0x%02x%02x%02x", mVerInfo[0], mVerInfo[1], mVerInfo[2]);
1200 verInfo[verInfoSz-1] = '\0';
1201 }
1202 }
1203 else
1204 {
1205 ALOGE ("%s: NFA_HciGetRegistry () failed: 0x%X", __FUNCTION__, nfaStat);
1206 }
1207 return true;
1208 }
1209
1210 /*******************************************************************************
1211 **
1212 ** Function getActualNumEe
1213 **
1214 ** Description Returns number of secure elements we know about.
1215 **
1216 ** Returns Number of secure elements we know about.
1217 **
1218 *******************************************************************************/
getActualNumEe()1219 UINT8 SecureElement::getActualNumEe()
1220 {
1221 return mActualNumEe;
1222 }
1223
1224 /*******************************************************************************
1225 **
1226 ** Function: nfaHciCallback
1227 **
1228 ** Description: Receive Host Controller Interface-related events from stack.
1229 ** event: Event code.
1230 ** eventData: Event data.
1231 **
1232 ** Returns: None
1233 **
1234 *******************************************************************************/
nfaHciCallback(tNFA_HCI_EVT event,tNFA_HCI_EVT_DATA * eventData)1235 void SecureElement::nfaHciCallback (tNFA_HCI_EVT event, tNFA_HCI_EVT_DATA* eventData)
1236 {
1237 static const char fn [] = "SecureElement::nfaHciCallback";
1238 ALOGD ("%s: event=0x%X", fn, event);
1239
1240 switch (event)
1241 {
1242 case NFA_HCI_REGISTER_EVT:
1243 {
1244 ALOGD ("%s: NFA_HCI_REGISTER_EVT; status=0x%X; handle=0x%X", fn,
1245 eventData->hci_register.status, eventData->hci_register.hci_handle);
1246 SyncEventGuard guard (sSecElem.mHciRegisterEvent);
1247 sSecElem.mNfaHciHandle = eventData->hci_register.hci_handle;
1248 sSecElem.mHciRegisterEvent.notifyOne();
1249 }
1250 break;
1251
1252 case NFA_HCI_ALLOCATE_GATE_EVT:
1253 {
1254 ALOGD ("%s: NFA_HCI_ALLOCATE_GATE_EVT; status=0x%X; gate=0x%X", fn, eventData->status, eventData->allocated.gate);
1255 SyncEventGuard guard (sSecElem.mAllocateGateEvent);
1256 sSecElem.mCommandStatus = eventData->status;
1257 sSecElem.mNewSourceGate = (eventData->allocated.status == NFA_STATUS_OK) ? eventData->allocated.gate : 0;
1258 sSecElem.mAllocateGateEvent.notifyOne();
1259 }
1260 break;
1261
1262 case NFA_HCI_DEALLOCATE_GATE_EVT:
1263 {
1264 tNFA_HCI_DEALLOCATE_GATE& deallocated = eventData->deallocated;
1265 ALOGD ("%s: NFA_HCI_DEALLOCATE_GATE_EVT; status=0x%X; gate=0x%X", fn, deallocated.status, deallocated.gate);
1266 SyncEventGuard guard (sSecElem.mDeallocateGateEvent);
1267 sSecElem.mDeallocateGateEvent.notifyOne();
1268 }
1269 break;
1270
1271 case NFA_HCI_GET_GATE_PIPE_LIST_EVT:
1272 {
1273 ALOGD ("%s: NFA_HCI_GET_GATE_PIPE_LIST_EVT; status=0x%X; num_pipes: %u num_gates: %u", fn,
1274 eventData->gates_pipes.status, eventData->gates_pipes.num_pipes, eventData->gates_pipes.num_gates);
1275 SyncEventGuard guard (sSecElem.mPipeListEvent);
1276 sSecElem.mCommandStatus = eventData->gates_pipes.status;
1277 sSecElem.mHciCfg = eventData->gates_pipes;
1278 sSecElem.mPipeListEvent.notifyOne();
1279 }
1280 break;
1281
1282 case NFA_HCI_CREATE_PIPE_EVT:
1283 {
1284 ALOGD ("%s: NFA_HCI_CREATE_PIPE_EVT; status=0x%X; pipe=0x%X; src gate=0x%X; dest host=0x%X; dest gate=0x%X", fn,
1285 eventData->created.status, eventData->created.pipe, eventData->created.source_gate, eventData->created.dest_host, eventData->created.dest_gate);
1286 SyncEventGuard guard (sSecElem.mCreatePipeEvent);
1287 sSecElem.mCommandStatus = eventData->created.status;
1288 sSecElem.mNewPipeId = eventData->created.pipe;
1289 sSecElem.mCreatePipeEvent.notifyOne();
1290 }
1291 break;
1292
1293 case NFA_HCI_OPEN_PIPE_EVT:
1294 {
1295 ALOGD ("%s: NFA_HCI_OPEN_PIPE_EVT; status=0x%X; pipe=0x%X", fn, eventData->opened.status, eventData->opened.pipe);
1296 SyncEventGuard guard (sSecElem.mPipeOpenedEvent);
1297 sSecElem.mCommandStatus = eventData->opened.status;
1298 sSecElem.mPipeOpenedEvent.notifyOne();
1299 }
1300 break;
1301
1302 case NFA_HCI_EVENT_SENT_EVT:
1303 ALOGD ("%s: NFA_HCI_EVENT_SENT_EVT; status=0x%X", fn, eventData->evt_sent.status);
1304 break;
1305
1306 case NFA_HCI_RSP_RCVD_EVT: //response received from secure element
1307 {
1308 tNFA_HCI_RSP_RCVD& rsp_rcvd = eventData->rsp_rcvd;
1309 ALOGD ("%s: NFA_HCI_RSP_RCVD_EVT; status: 0x%X; code: 0x%X; pipe: 0x%X; len: %u", fn,
1310 rsp_rcvd.status, rsp_rcvd.rsp_code, rsp_rcvd.pipe, rsp_rcvd.rsp_len);
1311 }
1312 break;
1313
1314 case NFA_HCI_GET_REG_RSP_EVT :
1315 ALOGD ("%s: NFA_HCI_GET_REG_RSP_EVT; status: 0x%X; pipe: 0x%X, len: %d", fn,
1316 eventData->registry.status, eventData->registry.pipe, eventData->registry.data_len);
1317 if (eventData->registry.data_len >= 19 && ((eventData->registry.pipe == STATIC_PIPE_0x70) || (eventData->registry.pipe == STATIC_PIPE_0x71)))
1318 {
1319 SyncEventGuard guard (sSecElem.mVerInfoEvent);
1320 // Oberthur OS version is in bytes 16,17, and 18
1321 sSecElem.mVerInfo[0] = eventData->registry.reg_data[16];
1322 sSecElem.mVerInfo[1] = eventData->registry.reg_data[17];
1323 sSecElem.mVerInfo[2] = eventData->registry.reg_data[18];
1324 sSecElem.mVerInfoEvent.notifyOne ();
1325 }
1326 break;
1327
1328 case NFA_HCI_EVENT_RCVD_EVT:
1329 ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; code: 0x%X; pipe: 0x%X; data len: %u", fn,
1330 eventData->rcvd_evt.evt_code, eventData->rcvd_evt.pipe, eventData->rcvd_evt.evt_len);
1331 if ((eventData->rcvd_evt.pipe == STATIC_PIPE_0x70) || (eventData->rcvd_evt.pipe == STATIC_PIPE_0x71))
1332 {
1333 ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; data from static pipe", fn);
1334 SyncEventGuard guard (sSecElem.mTransceiveEvent);
1335 sSecElem.mActualResponseSize = (eventData->rcvd_evt.evt_len > MAX_RESPONSE_SIZE) ? MAX_RESPONSE_SIZE : eventData->rcvd_evt.evt_len;
1336 sSecElem.mTransceiveEvent.notifyOne ();
1337 }
1338 else if (eventData->rcvd_evt.evt_code == NFA_HCI_EVT_POST_DATA)
1339 {
1340 ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; NFA_HCI_EVT_POST_DATA", fn);
1341 SyncEventGuard guard (sSecElem.mTransceiveEvent);
1342 sSecElem.mActualResponseSize = (eventData->rcvd_evt.evt_len > MAX_RESPONSE_SIZE) ? MAX_RESPONSE_SIZE : eventData->rcvd_evt.evt_len;
1343 sSecElem.mTransceiveEvent.notifyOne ();
1344 }
1345 else if (eventData->rcvd_evt.evt_code == NFA_HCI_EVT_TRANSACTION)
1346 {
1347 ALOGD ("%s: NFA_HCI_EVENT_RCVD_EVT; NFA_HCI_EVT_TRANSACTION", fn);
1348 // If we got an AID, notify any listeners
1349 if ((eventData->rcvd_evt.evt_len > 3) && (eventData->rcvd_evt.p_evt_buf[0] == 0x81) )
1350 sSecElem.notifyTransactionListenersOfAid (&eventData->rcvd_evt.p_evt_buf[2], eventData->rcvd_evt.p_evt_buf[1]);
1351 }
1352 break;
1353
1354 case NFA_HCI_SET_REG_RSP_EVT: //received response to write registry command
1355 {
1356 tNFA_HCI_REGISTRY& registry = eventData->registry;
1357 ALOGD ("%s: NFA_HCI_SET_REG_RSP_EVT; status=0x%X; pipe=0x%X", fn, registry.status, registry.pipe);
1358 SyncEventGuard guard (sSecElem.mRegistryEvent);
1359 sSecElem.mRegistryEvent.notifyOne ();
1360 break;
1361 }
1362
1363 default:
1364 ALOGE ("%s: unknown event code=0x%X ????", fn, event);
1365 break;
1366 }
1367 }
1368
1369
1370 /*******************************************************************************
1371 **
1372 ** Function: findEeByHandle
1373 **
1374 ** Description: Find information about an execution environment.
1375 ** eeHandle: Handle to execution environment.
1376 **
1377 ** Returns: Information about an execution environment.
1378 **
1379 *******************************************************************************/
findEeByHandle(tNFA_HANDLE eeHandle)1380 tNFA_EE_INFO *SecureElement::findEeByHandle (tNFA_HANDLE eeHandle)
1381 {
1382 for (UINT8 xx = 0; xx < mActualNumEe; xx++)
1383 {
1384 if (mEeInfo[xx].ee_handle == eeHandle)
1385 return (&mEeInfo[xx]);
1386 }
1387 return (NULL);
1388 }
1389
1390
1391 /*******************************************************************************
1392 **
1393 ** Function: getDefaultEeHandle
1394 **
1395 ** Description: Get the handle to the execution environment.
1396 **
1397 ** Returns: Handle to the execution environment.
1398 **
1399 *******************************************************************************/
getDefaultEeHandle()1400 tNFA_HANDLE SecureElement::getDefaultEeHandle ()
1401 {
1402 UINT16 overrideEeHandle = NFA_HANDLE_GROUP_EE | mActiveSeOverride;
1403 // Find the first EE that is not the HCI Access i/f.
1404 for (UINT8 xx = 0; xx < mActualNumEe; xx++)
1405 {
1406 if (mActiveSeOverride && (overrideEeHandle != mEeInfo[xx].ee_handle))
1407 continue; //skip all the EE's that are ignored
1408 if ((mEeInfo[xx].num_interface != 0) &&
1409 (mEeInfo[xx].ee_interface[0] != NCI_NFCEE_INTERFACE_HCI_ACCESS) &&
1410 (mEeInfo[xx].ee_status != NFC_NFCEE_STATUS_INACTIVE))
1411 return (mEeInfo[xx].ee_handle);
1412 }
1413 return NFA_HANDLE_INVALID;
1414 }
1415
1416
1417 /*******************************************************************************
1418 **
1419 ** Function: findUiccByHandle
1420 **
1421 ** Description: Find information about an execution environment.
1422 ** eeHandle: Handle of the execution environment.
1423 **
1424 ** Returns: Information about the execution environment.
1425 **
1426 *******************************************************************************/
findUiccByHandle(tNFA_HANDLE eeHandle)1427 tNFA_EE_DISCOVER_INFO *SecureElement::findUiccByHandle (tNFA_HANDLE eeHandle)
1428 {
1429 for (UINT8 index = 0; index < mUiccInfo.num_ee; index++)
1430 {
1431 if (mUiccInfo.ee_disc_info[index].ee_handle == eeHandle)
1432 {
1433 return (&mUiccInfo.ee_disc_info[index]);
1434 }
1435 }
1436 ALOGE ("SecureElement::findUiccByHandle: ee h=0x%4x not found", eeHandle);
1437 return NULL;
1438 }
1439
1440
1441 /*******************************************************************************
1442 **
1443 ** Function: eeStatusToString
1444 **
1445 ** Description: Convert status code to status text.
1446 ** status: Status code
1447 **
1448 ** Returns: None
1449 **
1450 *******************************************************************************/
eeStatusToString(UINT8 status)1451 const char* SecureElement::eeStatusToString (UINT8 status)
1452 {
1453 switch (status)
1454 {
1455 case NFC_NFCEE_STATUS_ACTIVE:
1456 return("Connected/Active");
1457 case NFC_NFCEE_STATUS_INACTIVE:
1458 return("Connected/Inactive");
1459 case NFC_NFCEE_STATUS_REMOVED:
1460 return("Removed");
1461 }
1462 return("?? Unknown ??");
1463 }
1464
1465
1466 /*******************************************************************************
1467 **
1468 ** Function: connectionEventHandler
1469 **
1470 ** Description: Receive card-emulation related events from stack.
1471 ** event: Event code.
1472 ** eventData: Event data.
1473 **
1474 ** Returns: None
1475 **
1476 *******************************************************************************/
connectionEventHandler(UINT8 event,tNFA_CONN_EVT_DATA *)1477 void SecureElement::connectionEventHandler (UINT8 event, tNFA_CONN_EVT_DATA* /*eventData*/)
1478 {
1479 switch (event)
1480 {
1481 case NFA_CE_UICC_LISTEN_CONFIGURED_EVT:
1482 {
1483 SyncEventGuard guard (mUiccListenEvent);
1484 mUiccListenEvent.notifyOne ();
1485 }
1486 break;
1487 }
1488 }
1489
1490 /*******************************************************************************
1491 **
1492 ** Function: isBusy
1493 **
1494 ** Description: Whether controller is routing listen-mode events to
1495 ** secure elements or a pipe is connected.
1496 **
1497 ** Returns: True if either case is true.
1498 **
1499 *******************************************************************************/
isBusy()1500 bool SecureElement::isBusy ()
1501 {
1502 bool retval = (mCurrentRouteSelection == SecElemRoute) || mIsPiping;
1503 ALOGD ("SecureElement::isBusy: %u", retval);
1504 return retval;
1505 }
1506