[automerger skipped] Merge TQ1A.230105.002 to stage-aosp-master - DO NOT MERGE am: 03baf20178 -s ours
am skip reason: Merged-In I2e5d88ea3e008d55596702e3d324c919bb3c20cf with SHA-1 ba6833daea is already in history
Original change: https://googleplex-android-review.googlesource.com/c/platform/hardware/interfaces/+/20875283
Change-Id: I29e55d22fb963d751ade386082905b01aa071182
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/automotive/vehicle/aidl/impl/default_config/include/DefaultConfig.h b/automotive/vehicle/aidl/impl/default_config/include/DefaultConfig.h
index 9a93e1a..622846a 100644
--- a/automotive/vehicle/aidl/impl/default_config/include/DefaultConfig.h
+++ b/automotive/vehicle/aidl/impl/default_config/include/DefaultConfig.h
@@ -190,6 +190,40 @@
},
.initialValue = {.int32Values = {toInt(VehicleUnit::KILOWATT_HOUR)}}},
+ {.config = {.prop = toInt(VehicleProperty::SEAT_MEMORY_SELECT),
+ .access = VehiclePropertyAccess::WRITE,
+ .changeMode = VehiclePropertyChangeMode::ON_CHANGE,
+ .areaConfigs = {VehicleAreaConfig{.areaId = SEAT_1_LEFT,
+ .minInt32Value = 0,
+ .maxInt32Value = 3},
+ VehicleAreaConfig{.areaId = SEAT_1_RIGHT,
+ .minInt32Value = 0,
+ .maxInt32Value = 3},
+ VehicleAreaConfig{.areaId = SEAT_2_LEFT,
+ .minInt32Value = 0,
+ .maxInt32Value = 3},
+ VehicleAreaConfig{.areaId = SEAT_2_RIGHT,
+ .minInt32Value = 0,
+ .maxInt32Value = 3}}},
+ .initialValue = {.int32Values = {1}}},
+
+ {.config = {.prop = toInt(VehicleProperty::SEAT_MEMORY_SET),
+ .access = VehiclePropertyAccess::WRITE,
+ .changeMode = VehiclePropertyChangeMode::ON_CHANGE,
+ .areaConfigs = {VehicleAreaConfig{.areaId = SEAT_1_LEFT,
+ .minInt32Value = 0,
+ .maxInt32Value = 3},
+ VehicleAreaConfig{.areaId = SEAT_1_RIGHT,
+ .minInt32Value = 0,
+ .maxInt32Value = 3},
+ VehicleAreaConfig{.areaId = SEAT_2_LEFT,
+ .minInt32Value = 0,
+ .maxInt32Value = 3},
+ VehicleAreaConfig{.areaId = SEAT_2_RIGHT,
+ .minInt32Value = 0,
+ .maxInt32Value = 3}}},
+ .initialValue = {.int32Values = {1}}},
+
{.config = {.prop = toInt(VehicleProperty::SEAT_BELT_BUCKLED),
.access = VehiclePropertyAccess::READ_WRITE,
.changeMode = VehiclePropertyChangeMode::ON_CHANGE,
diff --git a/automotive/vehicle/aidl/impl/utils/common/include/RecurrentTimer.h b/automotive/vehicle/aidl/impl/utils/common/include/RecurrentTimer.h
index 5f0f716..cd2b727 100644
--- a/automotive/vehicle/aidl/impl/utils/common/include/RecurrentTimer.h
+++ b/automotive/vehicle/aidl/impl/utils/common/include/RecurrentTimer.h
@@ -83,8 +83,9 @@
// each time we might introduce outdated elements to the top. We must make sure the heap is
// always valid from the top.
void removeInvalidCallbackLocked() REQUIRES(mLock);
- // Pops the next closest callback (must be valid) from the heap.
- std::unique_ptr<CallbackInfo> popNextCallbackLocked() REQUIRES(mLock);
+ // Gets the next calblack to run (must be valid) from the heap, update its nextTime and put
+ // it back to the heap.
+ std::shared_ptr<Callback> getNextCallbackLocked(int64_t now) REQUIRES(mLock);
};
} // namespace vehicle
diff --git a/automotive/vehicle/aidl/impl/utils/common/src/RecurrentTimer.cpp b/automotive/vehicle/aidl/impl/utils/common/src/RecurrentTimer.cpp
index 2eca6b7..908564c 100644
--- a/automotive/vehicle/aidl/impl/utils/common/src/RecurrentTimer.cpp
+++ b/automotive/vehicle/aidl/impl/utils/common/src/RecurrentTimer.cpp
@@ -101,68 +101,71 @@
}
}
-std::unique_ptr<RecurrentTimer::CallbackInfo> RecurrentTimer::popNextCallbackLocked() {
+std::shared_ptr<RecurrentTimer::Callback> RecurrentTimer::getNextCallbackLocked(int64_t now) {
std::pop_heap(mCallbackQueue.begin(), mCallbackQueue.end(), CallbackInfo::cmp);
- std::unique_ptr<CallbackInfo> info = std::move(mCallbackQueue[mCallbackQueue.size() - 1]);
- mCallbackQueue.pop_back();
+ auto& callbackInfo = mCallbackQueue[mCallbackQueue.size() - 1];
+ auto nextCallback = callbackInfo->callback;
+ // intervalCount is the number of interval we have to advance until we pass now.
+ size_t intervalCount = (now - callbackInfo->nextTime) / callbackInfo->interval + 1;
+ callbackInfo->nextTime += intervalCount * callbackInfo->interval;
+ std::push_heap(mCallbackQueue.begin(), mCallbackQueue.end(), CallbackInfo::cmp);
+
// Make sure the first element is always valid.
removeInvalidCallbackLocked();
- return info;
+
+ return nextCallback;
}
void RecurrentTimer::loop() {
- std::unique_lock<std::mutex> uniqueLock(mLock);
-
+ std::vector<std::shared_ptr<Callback>> callbacksToRun;
while (true) {
- // Wait until the timer exits or we have at least one recurrent callback.
- mCond.wait(uniqueLock, [this] {
- ScopedLockAssertion lockAssertion(mLock);
- return mStopRequested || mCallbackQueue.size() != 0;
- });
-
- int64_t interval;
{
+ std::unique_lock<std::mutex> uniqueLock(mLock);
ScopedLockAssertion lockAssertion(mLock);
+ // Wait until the timer exits or we have at least one recurrent callback.
+ mCond.wait(uniqueLock, [this] {
+ ScopedLockAssertion lockAssertion(mLock);
+ return mStopRequested || mCallbackQueue.size() != 0;
+ });
+
+ int64_t interval;
if (mStopRequested) {
return;
}
// The first element is the nearest next event.
int64_t nextTime = mCallbackQueue[0]->nextTime;
int64_t now = uptimeNanos();
+
if (nextTime > now) {
interval = nextTime - now;
} else {
interval = 0;
}
- }
- // Wait for the next event or the timer exits.
- if (mCond.wait_for(uniqueLock, std::chrono::nanoseconds(interval), [this] {
- ScopedLockAssertion lockAssertion(mLock);
- return mStopRequested;
- })) {
- return;
- }
+ // Wait for the next event or the timer exits.
+ if (mCond.wait_for(uniqueLock, std::chrono::nanoseconds(interval), [this] {
+ ScopedLockAssertion lockAssertion(mLock);
+ return mStopRequested;
+ })) {
+ return;
+ }
- {
- ScopedLockAssertion lockAssertion(mLock);
- int64_t now = uptimeNanos();
+ now = uptimeNanos();
+ callbacksToRun.clear();
while (mCallbackQueue.size() > 0) {
int64_t nextTime = mCallbackQueue[0]->nextTime;
if (nextTime > now) {
break;
}
- std::unique_ptr<CallbackInfo> info = popNextCallbackLocked();
- info->nextTime += info->interval;
-
- auto callback = info->callback;
- mCallbackQueue.push_back(std::move(info));
- std::push_heap(mCallbackQueue.begin(), mCallbackQueue.end(), CallbackInfo::cmp);
-
- (*callback)();
+ callbacksToRun.push_back(getNextCallbackLocked(now));
}
}
+
+ // Do not execute the callback while holding the lock.
+ for (size_t i = 0; i < callbacksToRun.size(); i++) {
+ (*callbacksToRun[i])();
+ }
}
}
diff --git a/automotive/vehicle/aidl/impl/utils/common/test/RecurrentTimerTest.cpp b/automotive/vehicle/aidl/impl/utils/common/test/RecurrentTimerTest.cpp
index a033a24..141efc1 100644
--- a/automotive/vehicle/aidl/impl/utils/common/test/RecurrentTimerTest.cpp
+++ b/automotive/vehicle/aidl/impl/utils/common/test/RecurrentTimerTest.cpp
@@ -186,6 +186,33 @@
ASSERT_EQ(countTimerCallbackQueue(&timer), static_cast<size_t>(0));
}
+TEST_F(RecurrentTimerTest, testRegisterCallbackMultipleTimesNoDeadLock) {
+ // We want to avoid the following situation:
+ // Caller holds a lock while calling registerTimerCallback, registerTimerCallback will try
+ // to obtain an internal lock inside timer.
+ // Meanwhile an recurrent action happens with timer holding an internal lock. The action
+ // tries to obtain the lock currently hold by the caller.
+ // The solution is that while calling recurrent actions, timer must not hold the internal lock.
+
+ std::unique_ptr<RecurrentTimer> timer = std::make_unique<RecurrentTimer>();
+ std::mutex lock;
+ for (size_t i = 0; i < 1000; i++) {
+ std::scoped_lock<std::mutex> lockGuard(lock);
+ auto action = std::make_shared<RecurrentTimer::Callback>([&lock] {
+ // While calling this function, the timer must not hold lock in order not to dead
+ // lock.
+ std::scoped_lock<std::mutex> lockGuard(lock);
+ });
+ // 10ms
+ int64_t interval = 10'000'000;
+ timer->registerTimerCallback(interval, action);
+ // Sleep for a little while to let the recurrent actions begin.
+ std::this_thread::sleep_for(std::chrono::milliseconds(1));
+ }
+ // Make sure we stop the timer before we destroy lock.
+ timer.reset();
+}
+
} // namespace vehicle
} // namespace automotive
} // namespace hardware
diff --git a/gnss/aidl/default/Gnss.cpp b/gnss/aidl/default/Gnss.cpp
index cf2c90d..2d6490c 100644
--- a/gnss/aidl/default/Gnss.cpp
+++ b/gnss/aidl/default/Gnss.cpp
@@ -68,7 +68,7 @@
IGnssCallback::GnssSystemInfo systemInfo = {
.yearOfHw = 2022,
- .name = "Google Mock GNSS Implementation AIDL v2",
+ .name = "Google, Cuttlefish, AIDL v2",
};
status = sGnssCallback->gnssSetSystemInfoCb(systemInfo);
if (!status.isOk()) {
diff --git a/neuralnetworks/1.2/utils/src/BurstUtils.cpp b/neuralnetworks/1.2/utils/src/BurstUtils.cpp
index b589c46..c4c096d 100644
--- a/neuralnetworks/1.2/utils/src/BurstUtils.cpp
+++ b/neuralnetworks/1.2/utils/src/BurstUtils.cpp
@@ -190,12 +190,13 @@
size_t index = 0;
// validate packet information
- if (data.size() == 0 || data[index].getDiscriminator() != discriminator::packetInformation) {
+ if (index >= data.size() ||
+ data.at(index).getDiscriminator() != discriminator::packetInformation) {
return NN_ERROR() << "FMQ Request packet ill-formed";
}
// unpackage packet information
- const FmqRequestDatum::PacketInformation& packetInfo = data[index].packetInformation();
+ const FmqRequestDatum::PacketInformation& packetInfo = data.at(index).packetInformation();
index++;
const uint32_t packetSize = packetInfo.packetSize;
const uint32_t numberOfInputOperands = packetInfo.numberOfInputOperands;
@@ -212,13 +213,14 @@
inputs.reserve(numberOfInputOperands);
for (size_t operand = 0; operand < numberOfInputOperands; ++operand) {
// validate input operand information
- if (data[index].getDiscriminator() != discriminator::inputOperandInformation) {
+ if (index >= data.size() ||
+ data.at(index).getDiscriminator() != discriminator::inputOperandInformation) {
return NN_ERROR() << "FMQ Request packet ill-formed";
}
// unpackage operand information
const FmqRequestDatum::OperandInformation& operandInfo =
- data[index].inputOperandInformation();
+ data.at(index).inputOperandInformation();
index++;
const bool hasNoValue = operandInfo.hasNoValue;
const V1_0::DataLocation location = operandInfo.location;
@@ -229,12 +231,13 @@
dimensions.reserve(numberOfDimensions);
for (size_t i = 0; i < numberOfDimensions; ++i) {
// validate dimension
- if (data[index].getDiscriminator() != discriminator::inputOperandDimensionValue) {
+ if (index >= data.size() ||
+ data.at(index).getDiscriminator() != discriminator::inputOperandDimensionValue) {
return NN_ERROR() << "FMQ Request packet ill-formed";
}
// unpackage dimension
- const uint32_t dimension = data[index].inputOperandDimensionValue();
+ const uint32_t dimension = data.at(index).inputOperandDimensionValue();
index++;
// store result
@@ -251,13 +254,14 @@
outputs.reserve(numberOfOutputOperands);
for (size_t operand = 0; operand < numberOfOutputOperands; ++operand) {
// validate output operand information
- if (data[index].getDiscriminator() != discriminator::outputOperandInformation) {
+ if (index >= data.size() ||
+ data.at(index).getDiscriminator() != discriminator::outputOperandInformation) {
return NN_ERROR() << "FMQ Request packet ill-formed";
}
// unpackage operand information
const FmqRequestDatum::OperandInformation& operandInfo =
- data[index].outputOperandInformation();
+ data.at(index).outputOperandInformation();
index++;
const bool hasNoValue = operandInfo.hasNoValue;
const V1_0::DataLocation location = operandInfo.location;
@@ -268,12 +272,13 @@
dimensions.reserve(numberOfDimensions);
for (size_t i = 0; i < numberOfDimensions; ++i) {
// validate dimension
- if (data[index].getDiscriminator() != discriminator::outputOperandDimensionValue) {
+ if (index >= data.size() ||
+ data.at(index).getDiscriminator() != discriminator::outputOperandDimensionValue) {
return NN_ERROR() << "FMQ Request packet ill-formed";
}
// unpackage dimension
- const uint32_t dimension = data[index].outputOperandDimensionValue();
+ const uint32_t dimension = data.at(index).outputOperandDimensionValue();
index++;
// store result
@@ -290,12 +295,13 @@
slots.reserve(numberOfPools);
for (size_t pool = 0; pool < numberOfPools; ++pool) {
// validate input operand information
- if (data[index].getDiscriminator() != discriminator::poolIdentifier) {
+ if (index >= data.size() ||
+ data.at(index).getDiscriminator() != discriminator::poolIdentifier) {
return NN_ERROR() << "FMQ Request packet ill-formed";
}
// unpackage operand information
- const int32_t poolId = data[index].poolIdentifier();
+ const int32_t poolId = data.at(index).poolIdentifier();
index++;
// store result
@@ -303,17 +309,17 @@
}
// validate measureTiming
- if (data[index].getDiscriminator() != discriminator::measureTiming) {
+ if (index >= data.size() || data.at(index).getDiscriminator() != discriminator::measureTiming) {
return NN_ERROR() << "FMQ Request packet ill-formed";
}
// unpackage measureTiming
- const V1_2::MeasureTiming measure = data[index].measureTiming();
+ const V1_2::MeasureTiming measure = data.at(index).measureTiming();
index++;
// validate packet information
if (index != packetSize) {
- return NN_ERROR() << "FMQ Result packet ill-formed";
+ return NN_ERROR() << "FMQ Request packet ill-formed";
}
// return request
@@ -328,12 +334,13 @@
size_t index = 0;
// validate packet information
- if (data.size() == 0 || data[index].getDiscriminator() != discriminator::packetInformation) {
+ if (index >= data.size() ||
+ data.at(index).getDiscriminator() != discriminator::packetInformation) {
return NN_ERROR() << "FMQ Result packet ill-formed";
}
// unpackage packet information
- const FmqResultDatum::PacketInformation& packetInfo = data[index].packetInformation();
+ const FmqResultDatum::PacketInformation& packetInfo = data.at(index).packetInformation();
index++;
const uint32_t packetSize = packetInfo.packetSize;
const V1_0::ErrorStatus errorStatus = packetInfo.errorStatus;
@@ -349,12 +356,13 @@
outputShapes.reserve(numberOfOperands);
for (size_t operand = 0; operand < numberOfOperands; ++operand) {
// validate operand information
- if (data[index].getDiscriminator() != discriminator::operandInformation) {
+ if (index >= data.size() ||
+ data.at(index).getDiscriminator() != discriminator::operandInformation) {
return NN_ERROR() << "FMQ Result packet ill-formed";
}
// unpackage operand information
- const FmqResultDatum::OperandInformation& operandInfo = data[index].operandInformation();
+ const FmqResultDatum::OperandInformation& operandInfo = data.at(index).operandInformation();
index++;
const bool isSufficient = operandInfo.isSufficient;
const uint32_t numberOfDimensions = operandInfo.numberOfDimensions;
@@ -364,12 +372,13 @@
dimensions.reserve(numberOfDimensions);
for (size_t i = 0; i < numberOfDimensions; ++i) {
// validate dimension
- if (data[index].getDiscriminator() != discriminator::operandDimensionValue) {
+ if (index >= data.size() ||
+ data.at(index).getDiscriminator() != discriminator::operandDimensionValue) {
return NN_ERROR() << "FMQ Result packet ill-formed";
}
// unpackage dimension
- const uint32_t dimension = data[index].operandDimensionValue();
+ const uint32_t dimension = data.at(index).operandDimensionValue();
index++;
// store result
@@ -381,12 +390,13 @@
}
// validate execution timing
- if (data[index].getDiscriminator() != discriminator::executionTiming) {
+ if (index >= data.size() ||
+ data.at(index).getDiscriminator() != discriminator::executionTiming) {
return NN_ERROR() << "FMQ Result packet ill-formed";
}
// unpackage execution timing
- const V1_2::Timing timing = data[index].executionTiming();
+ const V1_2::Timing timing = data.at(index).executionTiming();
index++;
// validate packet information
diff --git a/secure_element/aidl/default/main.cpp b/secure_element/aidl/default/main.cpp
index 16b8236..9b5a8fc 100644
--- a/secure_element/aidl/default/main.cpp
+++ b/secure_element/aidl/default/main.cpp
@@ -15,141 +15,673 @@
*/
#include <aidl/android/hardware/secure_element/BnSecureElement.h>
-
#include <android-base/hex.h>
#include <android-base/logging.h>
#include <android/binder_manager.h>
#include <android/binder_process.h>
+#include <algorithm>
+
using aidl::android::hardware::secure_element::BnSecureElement;
using aidl::android::hardware::secure_element::ISecureElementCallback;
using aidl::android::hardware::secure_element::LogicalChannelResponse;
using android::base::HexString;
using ndk::ScopedAStatus;
-static const std::vector<uint8_t> kAndroidTestAid = {0xA0, 0x00, 0x00, 0x04, 0x76, 0x41,
- 0x6E, 0x64, 0x72, 0x6F, 0x69, 0x64,
- 0x43, 0x54, 0x53, 0x31};
-static const std::vector<uint8_t> kLongAndroidTestAid = {0xA0, 0x00, 0x00, 0x04, 0x76, 0x41,
- 0x6E, 0x64, 0x72, 0x6F, 0x69, 0x64,
- 0x43, 0x54, 0x53, 0x32};
+static const std::vector<uint8_t> kIssuerSecurityDomainSelectResponse = {0x00, 0x00, 0x90, 0x00};
-class MySecureElement : public BnSecureElement {
+namespace se {
+// Application identifier.
+using Aid = std::vector<uint8_t>;
+
+// ISO7816 APDU status codes.
+enum Status : uint16_t {
+ SW_WRONG_DATA = 0x6A80,
+ SW_LOGICAL_CHANNEL_NOT_SUPPORTED = 0x6881,
+ SW_CONDITIONS_NOT_SATISFIED = 0x6985,
+ SW_INCORRECT_P1P2 = 0x6A86,
+ SW_BYTES_REMAINING_00 = 0x6100,
+ SW_WRONG_LENGTH = 0x6700,
+ SW_CORRECT_LENGTH_00 = 0x6C00,
+ SW_INS_NOT_SUPPORTED = 0x6D00,
+ SW_NO_ERROR = 0x9000,
+};
+
+// Type for raw APDUs.
+using RawApdu = std::vector<uint8_t>;
+
+// Wrap a command APDU (Application Processing Data Unit) to provide
+// accessors for header fields.
+struct Apdu {
public:
- ScopedAStatus closeChannel(int8_t channelNumber) override {
- LOG(INFO) << __func__ << " channel number: " << channelNumber;
- return ScopedAStatus::ok();
+ // Construct a command Apdu.
+ Apdu(std::vector<uint8_t> packet) : bytes_(std::move(packet)) {
+ CHECK(bytes_.size() >= kHeaderSize) << "command APDU created with invalid length";
+ size_t payload_len = bytes_.size() - kHeaderSize;
+
+ // TODO(b/123254068) - add support for extended command APDUs.
+ // Pre compute Lc and Le.
+
+ // Case 1: CLA | INS | P1 | P2
+ if (payload_len == 0) {
+ lc_ = 0;
+ le_ = 0;
+ return;
+ }
+
+ // Case 2: CLA | INS | P1 | P2 | Le
+ // Le has a value of 1 to 255.
+ if (payload_len == 1) {
+ le_ = bytes_[kHeaderSize];
+ le_ = le_ == 0 ? 256 : le_;
+ lc_ = 0;
+ return;
+ }
+
+ // Case 3: CLA | INS | P1 | P2 | Lc | Data
+ // Lc is less than 256 bytes
+ // of data, and Le is zero.
+ lc_ = bytes_[kHeaderSize];
+ if (payload_len <= (1 + lc_)) {
+ le_ = 0;
+ }
+
+ // Case 4: CLA | INS | P1 | P2 | Lc | Data | Le
+ // The legacy Case 4. Lc and Le
+ // are less than 256 bytes of data.
+ else {
+ le_ = bytes_[bytes_.size() - 1];
+ le_ = le_ == 0 ? 256 : le_;
+ }
}
- ScopedAStatus getAtr(std::vector<uint8_t>* _aidl_return) override {
- LOG(INFO) << __func__;
- _aidl_return->clear();
- return ScopedAStatus::ok();
+
+ // Construct a response Apdu with data.
+ static RawApdu CreateResponse(std::vector<uint8_t> data, Status status) {
+ // Append status word.
+ data.push_back(status >> 8);
+ data.push_back(status);
+ return data;
}
+
+ // Construct a response Apdu with no data.
+ static RawApdu CreateResponse(Status status) {
+ // Append status word.
+ return std::vector<uint8_t>{static_cast<uint8_t>(status >> 8),
+ static_cast<uint8_t>(status)};
+ }
+
+ // Return if command APDU is extended.
+ // The ISO/IEC 7816-4:2013 specification defines an extended APDU as any APDU
+ // whose payload data, response data or expected data length exceeds the 256
+ // byte limit.
+ bool IsExtended() const { return (bytes_.size() - kHeaderSize) > 256; }
+
+ // Return if command APDU has payload bytes.
+ bool HasPayload() const { return bytes_.size() > kHeaderSize; }
+
+ uint8_t get_cla() const { return bytes_[0]; }
+ uint8_t get_ins() const { return bytes_[1]; }
+ uint8_t get_p1() const { return bytes_[2]; }
+ uint8_t get_p2() const { return bytes_[3]; }
+
+ // Return the channel number encoded in the CLA field.
+ uint8_t get_channel_number() const {
+ // Type 4 commands — Encode legacy ISO/IEC 7816-4 logical channel
+ // information. Type 16 commands — Defined by the ISO/IEC 7816-4:2013
+ // specification to
+ // encode information for additional 16 logical channels in the card.
+ uint8_t cla = get_cla();
+ return (cla & 0x40) == 0 ? cla & 0x3 : 4 + (cla & 0xf);
+ }
+
+ // Return the length of the command data field.
+ uint16_t get_lc() const { return lc_; }
+
+ // Return the expected length of the response data field.
+ // Le should be have the same format as Lc.
+ uint16_t get_le() const { return le_; }
+
+ // Get the pointer to the APDU raw data.
+ std::vector<uint8_t> const& get_data() const { return bytes_; }
+
+ private:
+ // Size of command header, including CLA, INS, P1, P2 fields.
+ const size_t kHeaderSize = 4;
+
+ // Command or response buffer.
+ std::vector<uint8_t> bytes_{};
+
+ // Lengths of command data field and expected response data field.
+ uint16_t lc_{0};
+ uint16_t le_{0};
+};
+
+// Type of SE applets.
+class Applet {
+ public:
+ virtual ~Applet() {}
+
+ // Called to inform this applet that it has been selected.
+ virtual RawApdu Select(Aid const& aid, uint8_t p2) = 0;
+
+ // Called by the Java Card runtime environment to process an
+ // incoming APDU command. SELECT commands are processed by \ref select
+ // instead.
+ virtual RawApdu Process(Apdu const& apdu) = 0;
+};
+}; // namespace se
+
+// Implement the Google-eSE-test.cap test applet for passing OMAPI CTS tests
+// on Cuttlefish. The reference can be found here:
+// cts/tests/tests/secure_element/sample_applet/src/com/android/cts/omapi/test/CtsAndroidOmapiTestApplet.java
+class CtsAndroidOmapiTestApplet : public se::Applet {
+ public:
+ CtsAndroidOmapiTestApplet() {}
+ virtual ~CtsAndroidOmapiTestApplet() {}
+
+ se::RawApdu Select(se::Aid const& aid, uint8_t /*p2*/) override {
+ if (aid[aid.size() - 1] == 0x31) {
+ // AID: A000000476416E64726F696443545331
+ return se::Apdu::CreateResponse(se::Status::SW_NO_ERROR);
+ } else {
+ // AID: A000000476416E64726F696443545332
+ return se::Apdu::CreateResponse(GenerateBerTLVBytes(SELECT_RESPONSE_DATA_LENGTH),
+ se::Status::SW_NO_ERROR);
+ }
+ }
+
+ se::RawApdu ReadNextResponseChunk(uint16_t max_output_len) {
+ uint16_t output_len = static_cast<uint16_t>(response_.size() - response_offset_);
+ output_len = std::min<uint16_t>(max_output_len, output_len);
+ std::vector<uint8_t> output{
+ &response_[response_offset_],
+ &response_[response_offset_ + output_len],
+ };
+ response_offset_ += output_len;
+ uint16_t remaining_len = response_.size() - response_offset_;
+ se::Status status = se::Status::SW_NO_ERROR;
+ if (remaining_len > 0) {
+ if (remaining_len > 256) {
+ remaining_len = 0x00;
+ }
+ status = se::Status(se::Status::SW_BYTES_REMAINING_00 | remaining_len);
+ } else {
+ response_.clear();
+ response_offset_ = 0;
+ }
+ return se::Apdu::CreateResponse(output, status);
+ }
+
+ se::RawApdu Process(se::Apdu const& apdu) override {
+ uint16_t lc;
+ uint16_t le = apdu.get_le();
+ uint8_t p1 = apdu.get_p1();
+ uint8_t p2 = apdu.get_p2();
+
+ switch (apdu.get_ins()) {
+ case NO_DATA_INS_1:
+ case NO_DATA_INS_2:
+ LOG(INFO) << __func__ << ": NO_DATA_INS_1|2";
+ return se::Apdu::CreateResponse(se::Status::SW_NO_ERROR);
+
+ case DATA_INS_1:
+ case DATA_INS_2:
+ // Return 256 bytes of data.
+ LOG(INFO) << __func__ << ": DATA_INS_1|2";
+ return se::Apdu::CreateResponse(GeneratesBytes(256), se::Status::SW_NO_ERROR);
+
+ case GET_RESPONSE_INS:
+ // ISO GET_RESPONSE command.
+ LOG(INFO) << __func__ << ": GET_RESPONSE_INS";
+ if (response_.empty()) {
+ return se::Apdu::CreateResponse(se::Status::SW_CONDITIONS_NOT_SATISFIED);
+ }
+ return ReadNextResponseChunk(apdu.get_le());
+
+ case SW_62xx_APDU_INS:
+ LOG(INFO) << __func__ << ": SW_62xx_APDU_INS";
+ if (p1 < 1 || p1 > 16) {
+ return se::Apdu::CreateResponse(se::Status::SW_INCORRECT_P1P2);
+ }
+ if (p2 == SW_62xx_DATA_APDU_P2) {
+ return se::Apdu::CreateResponse(GeneratesBytes(3),
+ se::Status(SW_62xx_resp[p1 - 1]));
+ }
+ if (p2 == SW_62xx_VALIDATE_DATA_P2) {
+ std::vector<uint8_t> output{SW_62xx_VALIDATE_DATA_RESP.begin(),
+ SW_62xx_VALIDATE_DATA_RESP.end()};
+ output[2] = p1;
+ return se::Apdu::CreateResponse(std::move(output),
+ se::Status(SW_62xx_resp[p1 - 1]));
+ }
+ return se::Apdu::CreateResponse(se::Status(SW_62xx_resp[p1 - 1]));
+
+ case SEGMENTED_RESP_INS_1:
+ case SEGMENTED_RESP_INS_2:
+ LOG(INFO) << __func__ << ": SEGMENTED_RESP_INS_1|2";
+ response_ = GeneratesBytes((static_cast<uint16_t>(p1) << 8) | p2);
+ response_offset_ = 0;
+ return ReadNextResponseChunk(std::min<uint16_t>(apdu.get_le(), 256));
+
+ case SEGMENTED_RESP_INS_3:
+ case SEGMENTED_RESP_INS_4:
+ LOG(INFO) << __func__ << ": SEGMENTED_RESP_INS_3|4";
+ response_ = GeneratesBytes((static_cast<uint16_t>(p1) << 8) | p2);
+ response_offset_ = 0;
+ return ReadNextResponseChunk(apdu.get_le());
+
+ case SEGMENTED_RESP_INS_5:
+ LOG(INFO) << __func__ << ": SEGMENTED_RESP_INS_5";
+ if (le == 0xff) {
+ return se::Apdu::CreateResponse(
+ se::Status(se::Status::SW_CORRECT_LENGTH_00 | 0xff));
+ }
+ response_ = GeneratesBytes((static_cast<uint16_t>(p1) << 8) | p2);
+ response_offset_ = 0;
+ return ReadNextResponseChunk(apdu.get_le());
+
+ case CHECK_SELECT_P2_APDU:
+ LOG(INFO) << __func__ << ": CHECK_SELECT_P2_APDU";
+ return se::Apdu::CreateResponse(std::vector<uint8_t>{apdu.get_p2()},
+ se::Status::SW_NO_ERROR);
+
+ default:
+ // Case is not known.
+ LOG(INFO) << __func__ << ": UNKNOWN_INS";
+ return se::Apdu::CreateResponse(se::Status::SW_INS_NOT_SUPPORTED);
+ }
+ }
+
+ private:
+ std::vector<uint8_t> response_{};
+ uint16_t response_offset_{0};
+
+ static const uint8_t NO_DATA_INS_1 = 0x06;
+ static const uint8_t NO_DATA_INS_2 = 0x0A;
+ static const uint8_t DATA_INS_1 = 0x08;
+ static const uint8_t DATA_INS_2 = 0x0C;
+ static const uint8_t SW_62xx_APDU_INS = 0xF3;
+ static const uint8_t SW_62xx_DATA_APDU_P2 = 0x08;
+ static const uint8_t SW_62xx_VALIDATE_DATA_P2 = 0x0C;
+
+ static constexpr std::array<uint8_t, 7> SW_62xx_VALIDATE_DATA_RESP = {0x01, 0xF3, 0x00, 0x0C,
+ 0x01, 0xAA, 0x00};
+ static constexpr uint16_t SW_62xx_resp[] = {
+ 0x6200, 0x6281, 0x6282, 0x6283, 0x6285, 0x62F1, 0x62F2, 0x63F1,
+ 0x63F2, 0x63C2, 0x6202, 0x6280, 0x6284, 0x6286, 0x6300, 0x6381,
+ };
+
+ static const uint8_t SEGMENTED_RESP_INS_1 = 0xC2;
+ static const uint8_t SEGMENTED_RESP_INS_2 = 0xC4;
+ static const uint8_t SEGMENTED_RESP_INS_3 = 0xC6;
+ static const uint8_t SEGMENTED_RESP_INS_4 = 0xC8;
+ static const uint8_t SEGMENTED_RESP_INS_5 = 0xCF;
+ static const uint8_t CHECK_SELECT_P2_APDU = 0xF4;
+ static const uint8_t GET_RESPONSE_INS = 0xC0;
+ static const uint8_t BER_TLV_TYPE = 0x1F;
+ static const uint16_t SELECT_RESPONSE_DATA_LENGTH = 252;
+
+ static const uint16_t LENGTH_256 = 0x0100;
+ static constexpr std::array<uint8_t, 256> resp_bytes256{
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D,
+ 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B,
+ 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29,
+ 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
+ 0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45,
+ 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F, 0x50, 0x51, 0x52, 0x53,
+ 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5A, 0x5B, 0x5C, 0x5D, 0x5E, 0x5F, 0x60, 0x61,
+ 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A, 0x6B, 0x6C, 0x6D, 0x6E, 0x6F,
+ 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A, 0x7B, 0x7C, 0x7D,
+ 0x7E, 0x7F, 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8A, 0x8B,
+ 0x8C, 0x8D, 0x8E, 0x8F, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99,
+ 0x9A, 0x9B, 0x9C, 0x9D, 0x9E, 0x9F, 0xA0, 0xA1, 0xA2, 0xA3, 0xA4, 0xA5, 0xA6, 0xA7,
+ 0xA8, 0xA9, 0xAA, 0xAB, 0xAC, 0xAD, 0xAE, 0xAF, 0xB0, 0xB1, 0xB2, 0xB3, 0xB4, 0xB5,
+ 0xB6, 0xB7, 0xB8, 0xB9, 0xBA, 0xBB, 0xBC, 0xBD, 0xBE, 0xBF, 0xC0, 0xC1, 0xC2, 0xC3,
+ 0xC4, 0xC5, 0xC6, 0xC7, 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF, 0xD0, 0xD1,
+ 0xD2, 0xD3, 0xD4, 0xD5, 0xD6, 0xD7, 0xD8, 0xD9, 0xDA, 0xDB, 0xDC, 0xDD, 0xDE, 0xDF,
+ 0xE0, 0xE1, 0xE2, 0xE3, 0xE4, 0xE5, 0xE6, 0xE7, 0xE8, 0xE9, 0xEA, 0xEB, 0xEC, 0xED,
+ 0xEE, 0xEF, 0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xF8, 0xF9, 0xFA, 0xFB,
+ 0xFC, 0xFD, 0xFE, 0xFF};
+
+ // Generate a response buffer of the selected length containing valid
+ // BER TLV bytes.
+ static std::vector<uint8_t> GenerateBerTLVBytes(uint16_t le) {
+ // Support length from 0x00 - 0x7FFF.
+ uint16_t le_len = 1;
+ if (le < (uint16_t)0x80) {
+ le_len = 1;
+ } else if (le < (uint16_t)0x100) {
+ le_len = 2;
+ } else {
+ le_len = 3;
+ }
+
+ uint16_t total_len = (uint16_t)(le + 2 + le_len);
+ std::vector<uint8_t> output(total_len);
+ uint16_t i = 0;
+
+ output[i++] = BER_TLV_TYPE;
+ output[i++] = 0x00; // second byte of Type
+ if (le < 0x80) {
+ output[i++] = le;
+ } else if (le < 0x100) {
+ output[i++] = 0x81;
+ output[i++] = le;
+ } else {
+ output[i++] = 0x82;
+ output[i++] = (le >> 8);
+ output[i++] = (le & 0xFF);
+ }
+ while (i < total_len) {
+ output[i++] = ((i - 2 - le_len) & 0xFF);
+ }
+
+ // Set the last byte to 0xFF for CTS validation.
+ output[total_len - 1] = 0xFF;
+ return output;
+ }
+
+ // Generate a response buffer of the selected length using the
+ // array resp_bytes256 as input.
+ static std::vector<uint8_t> GeneratesBytes(uint16_t total_len) {
+ std::vector<uint8_t> output(total_len);
+ uint16_t i = 0;
+
+ while (i < total_len) {
+ if ((total_len - i) >= resp_bytes256.size()) {
+ std::memcpy(&output[i], resp_bytes256.data(), resp_bytes256.size());
+ i += resp_bytes256.size();
+ } else {
+ output[i] = i & 0xFF;
+ i += 1;
+ }
+ }
+
+ // Set the last byte to 0xFF for CTS validation.
+ output[total_len - 1] = 0xFF;
+ return output;
+ }
+};
+
+class EmulatedSecureElement : public BnSecureElement {
+ public:
+ EmulatedSecureElement() {
+ std::shared_ptr<CtsAndroidOmapiTestApplet> test_applet =
+ std::make_shared<CtsAndroidOmapiTestApplet>();
+
+ applets_.push_back(std::pair{se::Aid{0xA0, 0x00, 0x00, 0x04, 0x76, 0x41, 0x6E, 0x64, 0x72,
+ 0x6F, 0x69, 0x64, 0x43, 0x54, 0x53, 0x31},
+ test_applet});
+
+ applets_.push_back(std::pair{se::Aid{0xA0, 0x00, 0x00, 0x04, 0x76, 0x41, 0x6E, 0x64, 0x72,
+ 0x6F, 0x69, 0x64, 0x43, 0x54, 0x53, 0x32},
+ test_applet});
+ }
+
ScopedAStatus init(const std::shared_ptr<ISecureElementCallback>& clientCallback) override {
LOG(INFO) << __func__ << " callback: " << clientCallback.get();
if (!clientCallback) {
return ScopedAStatus::fromExceptionCode(EX_NULL_POINTER);
}
- mCb = clientCallback;
- mCb->onStateChange(true, "");
+ client_callback_ = clientCallback;
+ client_callback_->onStateChange(true, "init");
return ScopedAStatus::ok();
}
- ScopedAStatus isCardPresent(bool* _aidl_return) override {
+
+ ScopedAStatus getAtr(std::vector<uint8_t>* aidl_return) override {
LOG(INFO) << __func__;
- *_aidl_return = true;
+ *aidl_return = atr_;
return ScopedAStatus::ok();
}
+
+ ScopedAStatus reset() override {
+ LOG(INFO) << __func__;
+ CHECK(client_callback_ != nullptr) << " init not invoked";
+ client_callback_->onStateChange(false, "reset");
+ client_callback_->onStateChange(true, "reset");
+ // All channels are closed after reset.
+ for (auto channel : channels_) {
+ channel = Channel();
+ }
+ return ScopedAStatus::ok();
+ }
+
+ ScopedAStatus isCardPresent(bool* aidl_return) override {
+ LOG(INFO) << __func__;
+ *aidl_return = true;
+ return ScopedAStatus::ok();
+ }
+
ScopedAStatus openBasicChannel(const std::vector<uint8_t>& aid, int8_t p2,
- std::vector<uint8_t>* _aidl_return) override {
+ std::vector<uint8_t>* aidl_return) override {
LOG(INFO) << __func__ << " aid: " << HexString(aid.data(), aid.size()) << " (" << aid.size()
<< ") p2 " << p2;
- // TODO(b/123254068) - this is not an implementation of the OMAPI protocol or APDU.
- // The functionality here is enough to exercise the framework, but actual
- // calls to the secure element will fail. This implementation does not model
- // channel isolation or any other aspects important to implementing secure element.
- *_aidl_return = {0x90, 0x00, 0x00}; // DO NOT COPY
+ std::vector<uint8_t> select_response;
+ std::shared_ptr<se::Applet> applet = nullptr;
+
+ // The basic channel can only be opened once, and stays opened
+ // and locked until the channel is closed.
+ if (channels_[0].opened) {
+ LOG(INFO) << __func__ << " basic channel already opened";
+ return ScopedAStatus::fromServiceSpecificError(CHANNEL_NOT_AVAILABLE);
+ }
+
+ // If the AID is defined (the AID is not Null and the length of the
+ // AID is not 0) and the channel is not locked then the corresponding
+ // applet shall be selected.
+ if (aid.size() > 0) {
+ applet = SelectApplet(aid);
+ if (applet == nullptr) {
+ // No applet registered with matching AID.
+ LOG(INFO) << __func__ << " basic channel AID not found";
+ return ScopedAStatus::fromServiceSpecificError(NO_SUCH_ELEMENT_ERROR);
+ }
+ select_response = applet->Select(aid, p2);
+ }
+
+ // If the AID is a 0 length AID and the channel is not locked, the
+ // method will select the Issuer Security Domain of the SE by sending a
+ // SELECT command with a 0 length AID as defined in
+ // [GP Card specification].
+ if (aid.size() == 0) {
+ select_response = kIssuerSecurityDomainSelectResponse;
+ }
+
+ LOG(INFO) << __func__ << " sending response: "
+ << HexString(select_response.data(), select_response.size());
+
+ // TODO(b/123254068) - this is not an implementation of the OMAPI protocol
+ // or APDU. The functionality here is enough to exercise the framework,
+ // but actual calls to the secure element will fail. This implementation
+ // does not model channel isolation or any other aspects important to
+ // implementing secure element.
+ channels_[0] = Channel(aid, p2, applet);
+ *aidl_return = select_response;
return ScopedAStatus::ok();
}
+
ScopedAStatus openLogicalChannel(
const std::vector<uint8_t>& aid, int8_t p2,
- ::aidl::android::hardware::secure_element::LogicalChannelResponse* _aidl_return)
+ ::aidl::android::hardware::secure_element::LogicalChannelResponse* aidl_return)
override {
LOG(INFO) << __func__ << " aid: " << HexString(aid.data(), aid.size()) << " (" << aid.size()
<< ") p2 " << p2;
- if (aid != kAndroidTestAid && aid != kLongAndroidTestAid) {
- return ScopedAStatus::fromServiceSpecificError(NO_SUCH_ELEMENT_ERROR);
+ size_t channel_number = 1;
+ std::vector<uint8_t> select_response;
+ std::shared_ptr<se::Applet> applet = nullptr;
+
+ // Look for an available channel number.
+ for (; channel_number < channels_.size(); channel_number++) {
+ if (channels_[channel_number].opened == false) {
+ break;
+ }
}
- *_aidl_return = LogicalChannelResponse{.channelNumber = 1, .selectResponse = {}};
+ // All channels are currently allocated.
+ if (channel_number >= channels_.size()) {
+ LOG(INFO) << __func__ << " all logical channels already opened";
+ return ScopedAStatus::fromServiceSpecificError(CHANNEL_NOT_AVAILABLE);
+ }
- // TODO(b/123254068) - this is not an implementation of the OMAPI protocol or APDU.
- // The functionality here is enough to exercise the framework, but actual
- // calls to the secure element will fail. This implementation does not model
- // channel isolation or any other aspects important to implementing secure element.
- if (aid == kAndroidTestAid) { // DO NOT COPY
- size_t size = 2050; // DO NOT COPY
- _aidl_return->selectResponse.resize(size); // DO NOT COPY
- _aidl_return->selectResponse[size - 1] = 0x00; // DO NOT COPY
- _aidl_return->selectResponse[size - 2] = 0x90; // DO NOT COPY
- } else { // DO NOT COPY
- _aidl_return->selectResponse = {0x00, 0x00, 0x90, 0x00}; // DO NOT COPY
- } // DO NOT COPY
+ // If the AID is defined (the AID is not Null and the length of the
+ // AID is not 0) then the corresponding applet shall be selected.
+ if (aid.size() > 0) {
+ applet = SelectApplet(aid);
+ if (applet == nullptr) {
+ // No applet registered with matching AID.
+ LOG(INFO) << __func__ << " logical channel AID not found";
+ return ScopedAStatus::fromServiceSpecificError(NO_SUCH_ELEMENT_ERROR);
+ }
+ select_response = applet->Select(aid, p2);
+ }
+
+ // If the length of the AID is 0, the method will select the
+ // Issuer Security Domain of the SE by sending a SELECT command
+ // with 0 length AID as defined in [GPCS].
+ if (aid.size() == 0) {
+ select_response = kIssuerSecurityDomainSelectResponse;
+ }
LOG(INFO) << __func__ << " sending response: "
- << HexString(_aidl_return->selectResponse.data(),
- _aidl_return->selectResponse.size());
+ << HexString(select_response.data(), select_response.size());
+ // TODO(b/123254068) - this is not an implementation of the OMAPI protocol
+ // or APDU. The functionality here is enough to exercise the framework,
+ // but actual calls to the secure element will fail. This implementation
+ // does not model channel isolation or any other aspects important to
+ // implementing secure element.
+ channels_[channel_number] = Channel(aid, p2, applet);
+ *aidl_return = LogicalChannelResponse{
+ .channelNumber = static_cast<int8_t>(channel_number),
+ .selectResponse = select_response,
+ };
return ScopedAStatus::ok();
}
- ScopedAStatus reset() override {
- LOG(INFO) << __func__;
- mCb->onStateChange(false, "reset");
- mCb->onStateChange(true, "reset");
+
+ ScopedAStatus closeChannel(int8_t channel_number) override {
+ LOG(INFO) << __func__ << " channel number: " << static_cast<int>(channel_number);
+ // The selected basic or logical channel is not opened.
+ if (channel_number >= channels_.size() || !channels_[channel_number].opened) {
+ return ScopedAStatus::ok();
+ }
+
+ // TODO(b/123254068) - this is not an implementation of the OMAPI protocol
+ // or APDU. The functionality here is enough to exercise the framework,
+ // but actual calls to the secure element will fail. This implementation
+ // does not model channel isolation or any other aspects important to
+ // implementing secure element.
+ channels_[channel_number].opened = false;
return ScopedAStatus::ok();
}
+
ScopedAStatus transmit(const std::vector<uint8_t>& data,
- std::vector<uint8_t>* _aidl_return) override {
+ std::vector<uint8_t>* aidl_return) override {
LOG(INFO) << __func__ << " data: " << HexString(data.data(), data.size()) << " ("
<< data.size() << ")";
- // TODO(b/123254068) - this is not an implementation of the OMAPI protocol or APDU.
- // The functionality here is enough to exercise the framework, but actual
- // calls to the secure element will fail. This implementation does not model
- // channel isolation or any other aspects important to implementing secure element.
+ se::Apdu apdu(data);
+ uint8_t channel_number = apdu.get_channel_number();
+ std::vector<uint8_t> response_apdu;
- std::string hex = HexString(data.data(), data.size()); // DO NOT COPY
- if (hex == "01a4040210a000000476416e64726f696443545331") { // DO NOT COPY
- *_aidl_return = {0x00, 0x6A, 0x00}; // DO NOT COPY
- } else if (data == std::vector<uint8_t>{0x00, 0xF4, 0x00, 0x00, 0x00}) { // DO NOT COPY
- // CHECK_SELECT_P2_APDU w/ channel 1 // DO NOT COPY
- *_aidl_return = {0x00, 0x90, 0x00}; // DO NOT COPY
- } else if (data == std::vector<uint8_t>{0x01, 0xF4, 0x00, 0x00, 0x00}) { // DO NOT COPY
- // CHECK_SELECT_P2_APDU w/ channel 1 // DO NOT COPY
- *_aidl_return = {0x00, 0x90, 0x00}; // DO NOT COPY
- } else if (data.size() == 5 || data.size() == 8) { // DO NOT COPY
- // SEGMENTED_RESP_APDU - happens to use length 5 and 8 // DO NOT COPY
- size_t size = (data[2] << 8 | data[3]) + 2; // DO NOT COPY
- _aidl_return->resize(size); // DO NOT COPY
- (*_aidl_return)[size - 1] = 0x00; // DO NOT COPY
- (*_aidl_return)[size - 2] = 0x90; // DO NOT COPY
- if (size >= 3) (*_aidl_return)[size - 3] = 0xFF; // DO NOT COPY
- } else { // DO NOT COPY
- *_aidl_return = {0x90, 0x00, 0x00}; // DO NOT COPY
- } // DO NOT COPY
+ switch (apdu.get_ins()) {
+ // TODO(b/123254068) - Implement support channel management APDUs.
+ case MANAGE_CHANNEL_INS:
+ // P1 = '00' to open
+ // P1 = '80' to close
+ LOG(INFO) << __func__ << " MANAGE_CHANNEL apdu";
+ response_apdu =
+ se::Apdu::CreateResponse(se::Status::SW_LOGICAL_CHANNEL_NOT_SUPPORTED);
+ break;
+ // TODO(b/123254068) - Implement support channel management APDUs.
+ case SELECT_INS:
+ LOG(INFO) << __func__ << " SELECT apdu";
+ response_apdu =
+ se::Apdu::CreateResponse(se::Status::SW_LOGICAL_CHANNEL_NOT_SUPPORTED);
+ break;
+
+ default:
+ CHECK(channel_number < channels_.size()) << " invalid channel number";
+ if (!channels_[channel_number].opened) {
+ LOG(INFO) << __func__ << " the channel " << static_cast<int>(channel_number)
+ << " is not opened";
+ response_apdu =
+ se::Apdu::CreateResponse(se::Status::SW_LOGICAL_CHANNEL_NOT_SUPPORTED);
+ break;
+ }
+ // Send the APDU to the applet for processing.
+ // Applet implementation is optional, default to sending
+ // SW_INS_NOT_SUPPORTED.
+ if (channels_[channel_number].applet == nullptr) {
+ response_apdu = se::Apdu::CreateResponse(se::Status::SW_INS_NOT_SUPPORTED);
+ } else {
+ response_apdu = channels_[channel_number].applet->Process(apdu);
+ }
+ break;
+ }
+
+ aidl_return->assign(response_apdu.begin(), response_apdu.end());
+ LOG(INFO) << __func__
+ << " response: " << HexString(aidl_return->data(), aidl_return->size()) << " ("
+ << aidl_return->size() << ")";
return ScopedAStatus::ok();
}
private:
- std::shared_ptr<ISecureElementCallback> mCb;
+ struct Channel {
+ public:
+ Channel() = default;
+ Channel(Channel const&) = default;
+ Channel(se::Aid const& aid, uint8_t p2, std::shared_ptr<se::Applet> applet)
+ : opened(true), aid(aid), p2(p2), applet(std::move(applet)) {}
+ Channel& operator=(Channel const&) = default;
+
+ bool opened{false};
+ se::Aid aid{};
+ uint8_t p2{0};
+ std::shared_ptr<se::Applet> applet{nullptr};
+ };
+
+ // OMAPI abstraction.
+
+ // Channel 0 is the basic channel, channels 1-19 are the logical channels.
+ std::array<Channel, 20> channels_{};
+ std::shared_ptr<ISecureElementCallback> client_callback_;
+
+ // Secure element abstraction.
+
+ static const uint8_t MANAGE_CHANNEL_INS = 0x70;
+ static const uint8_t SELECT_INS = 0xa4;
+
+ // Secure element ATR (Answer-To-Reset).
+ // The format is specified by ISO/IEC 1816-4 2020 and lists
+ // the capabilities of the card.
+ //
+ // TODO(b/123254068): encode the default SE properties in the ATR:
+ // support for extended Lc / Le fields, maximum number of logical channels.
+ // The CTS tests are *not* checking this value.
+ std::vector<uint8_t> const atr_{};
+
+ // Applet registration.
+ std::vector<std::pair<se::Aid, std::shared_ptr<se::Applet>>> applets_{};
+
+ // Return the first applet that matches the selected aid.
+ std::shared_ptr<se::Applet> SelectApplet(se::Aid const& aid) {
+ for (auto& [applet_aid, applet] : applets_) {
+ if (applet_aid == aid) {
+ return applet;
+ }
+ }
+ return nullptr;
+ }
};
int main() {
ABinderProcess_setThreadPoolMaxThreadCount(0);
- auto se = ndk::SharedRefBase::make<MySecureElement>();
+ auto se = ndk::SharedRefBase::make<EmulatedSecureElement>();
const std::string name = std::string() + BnSecureElement::descriptor + "/eSE1";
binder_status_t status = AServiceManager_addService(se->asBinder().get(), name.c_str());
CHECK_EQ(status, STATUS_OK);
diff --git a/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl b/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
index 5485db3..c506667 100644
--- a/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
+++ b/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
@@ -115,11 +115,9 @@
interface IRemotelyProvisionedComponent {
const int STATUS_FAILED = 1;
const int STATUS_INVALID_MAC = 2;
- // --------- START: Versions 1 and 2 Only ----------
- const int STATUS_PRODUCTION_KEY_IN_TEST_REQUEST = 3;
+ const int STATUS_PRODUCTION_KEY_IN_TEST_REQUEST = 3; // Versions 1 and 2 Only
const int STATUS_TEST_KEY_IN_PRODUCTION_REQUEST = 4;
- const int STATUS_INVALID_EEK = 5;
- // --------- END: Versions 1 and 2 Only ------------
+ const int STATUS_INVALID_EEK = 5; // Versions 1 and 2 Only
const int STATUS_REMOVED = 6;
/**
@@ -347,8 +345,8 @@
* protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 },
* unprotected: {},
* payload: bstr .cbor Data / nil,
- * signature: bstr ; PureEd25519(CDI_Leaf_Priv, bstr .cbor SignedDataSigStruct<Data>) /
- * ; ECDSA(CDI_Leaf_Priv, bstr .cbor SignedDataSigStruct<Data>)
+ * signature: bstr ; PureEd25519(CDI_Leaf_Priv, SignedDataSigStruct<Data>) /
+ * ; ECDSA(CDI_Leaf_Priv, SignedDataSigStruct<Data>)
* ]
*
* ; Sig_structure for SignedData
@@ -427,8 +425,8 @@
* protected : bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 },
* unprotected: {},
* payload: bstr .cbor DiceChainEntryPayload,
- * signature: bstr ; PureEd25519(SigningKey, bstr .cbor DiceChainEntryInput) /
- * ; ECDSA(SigningKey, bstr .cbor DiceChainEntryInput)
+ * signature: bstr ; PureEd25519(SigningKey, DiceChainEntryInput) /
+ * ; ECDSA(SigningKey, DiceChainEntryInput)
* ; See RFC 8032 for details of how to encode the signature value
* ; for Ed25519.
* ]
@@ -442,12 +440,6 @@
*
* ; The following section defines some types that are reused throughout the above
* ; data structures.
- * PubKeyX25519 = { ; COSE_Key
- * 1 : 1, ; Key type : Octet Key Pair
- * -1 : 4, ; Curve : X25519
- * -2 : bstr ; Sender X25519 public key
- * }
- *
* PubKeyEd25519 = { ; COSE_Key
* 1 : 1, ; Key type : octet key pair
* 3 : AlgorithmEdDSA, ; Algorithm : EdDSA
@@ -455,13 +447,6 @@
* -2 : bstr ; X coordinate, little-endian
* }
*
- * PubKeyEcdhP256 = { ; COSE_Key
- * 1 : 2, ; Key type : EC2
- * -1 : 1, ; Curve : P256
- * -2 : bstr ; Sender X coordinate
- * -3 : bstr ; Sender Y coordinate
- * }
- *
* PubKeyECDSA256 = { ; COSE_Key
* 1 : 2, ; Key type : EC2
* 3 : AlgorithmES256, ; Algorithm : ECDSA w/ SHA-256