samonsun / seek-for-android Goto Github PK
View Code? Open in Web Editor NEWAutomatically exported from code.google.com/p/seek-for-android
Automatically exported from code.google.com/p/seek-for-android
What's the problem?
The exception description of SEService.openLogicalChannel() is confusing.
If the AID is not available on SE, should IOException or NoSuchElementException
be thrown? To my understanding, a NoSuchElementException exception should be
thrown, but at the end of the description of IOException, the "(e.g. if the AID
is not available)" confused me.
Original issue reported on code.google.com by [email protected]
on 3 Jan 2012 at 10:02
http://groups.google.com/group/seek-for-android/browse_thread/thread/ed241f5f5f4
61341
Possible solution in Channel.java:
1. either change 0x9C to 0xBC in setChannelToClassByte()
Does this has any impact on other CLA bytes?
2. modify tansmit() to:
...
// set channel number bits
command[0] = command[0] | mChannelNumber;
byte[] rsp = getTerminal().transmit(command, 2, 0, 0, null);
return rsp;
...
And remove setChannelToClassByte() completely
Original issue reported on code.google.com by [email protected]
on 10 May 2012 at 4:34
Please support BIP Extensions on ICS 4.0.3.
Thanks,
Danny
Original issue reported on code.google.com by [email protected]
on 2 Mar 2012 at 3:46
Here is the sample code to re-produce the error:
SEService se = new SEService(this, this);
.......
if (!se.isConnected())
{
m_errorDesc = "SEService should be connected.";
return m_errorDesc;
}
try
{
se.shutdown();
}
catch(Exception e)
{
}
if (se.isConnected()) // ERROR here !
{
m_errorDesc = "SEService should not be connected.";
return m_errorDesc;
}
The se.isConnected() returns true after SEService was shut down.
Thanks,
Danny
Original issue reported on code.google.com by [email protected]
on 10 Feb 2012 at 11:42
What's the problem?
as I know, that seek is not coming yet with GP SE AC + PKCS15 file system rules
parsing however this seek.
it's necessary to have both implementations supported by the device, knowing
that PKCS15 file systems rules will be only checked in case the secure element
is UICC and there is no ARA-M application present.
Because, some user updated binary including Global Plaform Access Control and
then the users don't want to change thier SIM.
So,, it's better SEEK supports PKCS#15 applet file system.
What is the expected output? What do you see instead?
What version of the product are you using? On what operating system?
smartcard-api-2.4.0, ICS or JB
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 28 Sep 2012 at 7:32
Guys,
The new version don't allow me to perform a SELECT command.
But, in the EMV wolrd, SELECT command returns important information and I need
them on my application.
I wont migrate to this new version due to this limitation. Can you handle this
by at least providing the SELECT answer in the basicChannel?
Thanks.
Original issue reported on code.google.com by [email protected]
on 22 Jun 2011 at 3:32
What's the problem?
I need this implemented in a Tablet - a samsung galaxy tab 2 gt-P3100
Can it be done? The google code website has builds specific to only the Nexus
Family & Moto Xoom.
Can a ROM be built for a Samsung Galaxy Tab 2? from Source?
What mode should I select in lunch??
What steps will reproduce the problem?
1. IF this is compatible with the tab
2. What lunch command I should use
3. If building for (say maguro) can be installed on my device
What is the expected output? What do you see instead?
I get a ROM specific for the device I specify in Lunch.
I need one for my tablet not for those devices
What version of the product are you using? On what operating system?
Galaxy Tab 2 7.0 GT-P3100
Ubuntu 10.04
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 6 Jun 2012 at 12:17
What steps will reproduce the problem?
Build SmartCard API and flash the system according to the Wiki page. On the
device, /system/etc/permissions/org.simalliance.openmobileapi.xml is not
included
Original issue reported on code.google.com by [email protected]
on 29 Feb 2012 at 11:32
I followed the basic steps in the wiki for creating an Addon Terminal and
tested it by running the OpenMobileApiSample application. It correctly found
the new terminal but an exception was thrown calling
session.openBasicChannel(null).
It appears that the service is trying to enableAccessConditions which results
in a comparison to a literal value of 0x9000 (SELECT AID) in
AccessControlApplet.
What steps will reproduce the problem?
1. Build the SamplePluginTerminal (DummyTerminal) and install on device
2. Install and run OpenMobileApiSample
What is the expected output?
Expected to see the hard-code dummy response from the sample terminal.
What do you see instead?
The following output appeared in the sample terminal:
OpenBasicChannel
Exception: java.lang.SecurityException: java.security.AccessControlException:
AID not found
What version of the product are you using? On what operating system?
Seek version: 2.3.2
Android version: Gingerbread 2.3.2 (custom build for custom device)
Original issue reported on code.google.com by [email protected]
on 7 Mar 2012 at 11:45
What's the problem?
The Global Platform Access Control specification is not completely implemented
as called for on page 17, where the specifications states: If the ARA-M is not
present, the Access Control enforcer shall retrieve the access rules from the
Access Rule Files (ARF), as illustrated in Figure 2-4.
What steps will reproduce the problem?
1. Configure UICC with access control rules in ARF, but no ARA-M is present
2.
3.
What is the expected output? What do you see instead?
The rules in the ARF should be followed; however, with the current
implementation all access will be denied.
What version of the product are you using? On what operating system?
N/A
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 27 Aug 2012 at 9:11
What's the problem?
Installed SE applications are not selected except SE Application - Card
Manager, SIM, WIM, and GSM.
when I tried to select the SE application, 'NoSuchElementException' displays on
logcat.
Sample AID of SE Application is A0000000031010.
What steps will reproduce the problem?
1. Install SE Application ( AID : A0000000031010 ).
2. Select SE Application ( AID : A0000000031010 )
using Session.openLogicalChannel Method.
What is the expected output? What do you see instead?
1. expected output : return Channel.
2. But my output : NoSuchElementException occurred.
What version of the product are you using? On what operating system?
Android 4.0.4, Galaxy S3 SGH-I747, AT&T
Please provide any additional information below.
It's working well on the other phone.
( Android 4.1.1, Galaxy S3 GT-I9300,
Android 4.1.1, Galaxy S3 SGH-I747 )
Original issue reported on code.google.com by [email protected]
on 14 Nov 2012 at 8:31
according to API Spec @
http://seek-for-android.googlecode.com/svn/trunk/doc/org/simalliance/openmobilea
pi/Session.html#openLogicalChannel(byte[]), when user call
Session.openLogicalChannel against an non-existing AID or non-multiselectable
AID, he/she should get NoSuchElementException according to following statement:
java.utils.NoSuchElementException - if an Applet with the defined AID does not
exist in the SE or a logical channel is already open to a non-multiselectable
applet
But they would not get it because in SEService.java openLogicalChannel, when
checkIfAppletAvailable() is called, NoSuchElementException got casted into
IOException, following is the solution:
private void checkIfAppletAvailable(SmartcardError error) throws IOException {
Exception exp = error.createException();
if (exp != null) {
if(exp instanceof NoSuchElementException) {
//wrong behavior against API spec
// start of solution
//throw new IOException("Applet with the defined aid does not exist in the SE");
throw new NoSuchElementException("Applet with the defined aid does not exist in the SE");
// end of solution
}
}
}
Original issue reported on code.google.com by [email protected]
on 7 Jun 2012 at 9:17
What steps will reproduce the problem?
1. Create an android app on Eclipse
2. Compiled with Smartcard 2.2.2 jar file
3. Run on an ICS device with Smartcard 2.3.2
What is the expected output? What do you see instead?
The APIs are backward compatible, and the app compiled with older jar file
should be able to run on a device with Smartcard 2.3.2.
I'm suspecting the issue is caused by the change of the package name of
android.smartcard.
The problem was found on a real device. I am not sure if the problem can be
re-produced on an emulator.
Thanks,
Danny
Original issue reported on code.google.com by [email protected]
on 10 Feb 2012 at 4:29
What's the problem?
I can't apply patches to cyanogenmod 7.2 (which is gingerbread 2.3.7) in order
to get eap-sim working.
I applied patches in this order:
smartcard-api.patch (2.3.0 version)
uicc.patch (2.3.0 version)
pcsc_system_service_v098.patch
eap-sim-aka_0.4.1.patch
The build (it builds properly) I get for my lg p970 has not working eap-sim.
Did I miss something? Could someone help me? I know you are not part of
cyanogenmod team, but my problem is to get eap-sim working on my phone and they
can't (or don't want) to help me...
I want to help other users which have less knowledge than me with this, so if
you could help me in order to get a working ROM, it would be very kind from you.
Original issue reported on code.google.com by [email protected]
on 22 Jun 2012 at 4:49
What's the problem?
i am unable to open basic/logical channel using following:
Channel channel = _session.openBasicChannel(aid);
Channel channel = _session.openLogicalChannel(aid);
For basic it channel it returns null, and for logical channel it returns
java.lang.SecurityException: Connection refused !!!
What steps will reproduce the problem?
1.
I am working on Samsung SIII(4.0.4) supporting OpenMobileAPI with a proprietary
applet on UIIC having AID "D2760000285100101001028901"
2.
Applet reply "019000" to command "00CA000000".
What is the expected output? What do you see instead?
Hoping i can SELECT applet and send command to it and get response back
What version of the product are you using? On what operating system?
Samsung SIII(4.0.4)
Please provide any additional information below.
However this gives me correct ATR: byte[] atr = _session.getATR(); of SIM card.
Original issue reported on code.google.com by [email protected]
on 5 Nov 2012 at 7:17
According to
http://seek-for-android.googlecode.com/svn/trunk/doc/org/simalliance/openmobilea
pi/Reader.html#openSession()
public Session openSession()
throws IOException
suppose to throw IOException if something went wrong with the communicating to
the Secure Element or the reader.
However, when tested with UICC Reader, without a UICC (SIM) inserted, hence, no
SE present, this API does not throw IOException as expected.
following is a tested propose solution to this issue.
public Session openSession() throws IOException {
// should check whether SE presents before proceed to OpenSession
// according to API doc, IOException should be raised if communication to SE went wrong
// start of solution
if (!mService.isSecureElementPresent(this))
throw new IOException("Secure Element is not presented.");
// end of solution
synchronized (mSessions) {
Session session = new Session(getName(), this);
mSessions.add(session);
return session;
}
}
Original issue reported on code.google.com by [email protected]
on 29 May 2012 at 4:14
Purpose of this feature: Since a new api (getSelectResponse()) added to
OpenMobile, applications need a way to identify what version of the OpenMobile
library is used.
How should the feature be integrated: To add a method such like
SEService.version(), maybe?
Thanks,
Danny
Original issue reported on code.google.com by [email protected]
on 21 Feb 2012 at 5:57
For UICC SE, the name of Reader used to be "UICC" prior to v2.3. Since
v2.3.3, the SE name was changed to "SIM: UICC" which would not be backward
compatible.
Line #44 of the UiccTerminal.java in the
.../smartcard-api/src/org/simalliance/openmobileapi/service/terminals folder.
Original issue reported on code.google.com by [email protected]
on 9 Feb 2012 at 11:59
SmartcardService.openLogicalChannel return a long value which is a handle
(address to the object?), which should indicate the channel is NOT opened
successfully.
However, in SEService.java, such condition is not being handled properly, below
is a proposed solution on that.
Channel openLogicalChannel(Session session, byte[] aid) throws IOException {
if (session == null) {
throw new NullPointerException("session must not be null");
}
if (session.getReader() == null) {
throw new NullPointerException("reader must not be null");
}
if (mSmartcardService == null) {
throw new IllegalStateException("service not connected to system");
}
if (session.isClosed()) {
throw new IllegalStateException("session is closed");
}
SmartcardError error = new SmartcardError();
long hChannel;
try {
hChannel = mSmartcardService.openLogicalChannel(session.getReader().getName(), aid,
mCallback, error);
} catch (Exception e) {
throw new IOException(e.getMessage());
}
if (channelCannotBeEstablished(error)) {
return null;
}
checkIfAppletAvailable(error);
checkForException(error);
// need to check whether channel is actually valid
// my understanding is that channel 0 means it does not succeed.
// start of solution
if (hChannel == 0)
return null;
// end of solution
Channel logicalChannel = new Channel(session, hChannel, true);
return logicalChannel;
}
Original issue reported on code.google.com by [email protected]
on 6 Jun 2012 at 3:10
According to
http://seek-for-android.googlecode.com/svn/trunk/doc/org/simalliance/openmobilea
pi/SEService.html#SEService(Context,
org.simalliance.openmobileapi.SEService.CallBack)
public SEService(Context context,
SEService.CallBack listener)
listener - a SEService.CallBack object. Can be null.
However, when calling the function like this:
try
{
seService = new SEService(m_activity, null);
} catch (Exception e)
{
}
while (!seService.isConnected())
{
try
{
Thread.sleep(100);
} catch (Exception e)
{
}
}
java.lang.NullPointerException: listener must not be null is thrown.
expected behavior is that exception is not thrown and the following while loop
should be terminated when after the SEService is connected. (normally when a
callback occur).
Original issue reported on code.google.com by [email protected]
on 2 May 2012 at 4:15
What's the problem?
I'm using Seek-for-android in order to exchange APDU with UICC.
Currently (Seek 2.3.2), Channel.getSelectResponse() returns NULL. According to
the source code (UiccTerminal.java), the value of mSelectResponse is always
"null". In other Terminal subclasses, this value is set.
For instance :
mSelectResponse = transmit(selectCommand, 2, 0x9000, 0xFFFF, "SELECT");
Question : Why does this different implementation exist ? Is it possible to
have a consistent behaviour ?
Original issue reported on code.google.com by [email protected]
on 29 Mar 2012 at 9:56
Purpose of this feature:
Being able to compile SCAPI applications that do not statically link with
org.simalliance.openmobileapi.jar but use the shared library of the device
instead.
How should the feature be integrated:
Download package for the Android SDK Manager
Original issue reported on code.google.com by [email protected]
on 22 Feb 2012 at 9:47
What's the problem?
Sometimes, we get an IOException "Applet with the defined aid does not exist in
the SE" when we are trying to open a logical channel. However, the Applet
exists on the Secure Element.
What steps will reproduce the problem?
1. Connect to a reader and open a logical channel, do some apdu exchanges
2. Close the channel and the session.
3. Open a new session and a new logical channel to another aid.
4. Reopen a logical channel to the first aid, and the exception will be thrown.
What is the expected output? What do you see instead?
we get an IOException "Applet with the defined aid does not exist in the SE"
instead of an opened logical channel
What version of the product are you using? On what operating system?
MSC Smartcard Service 2.3.0 which correspond to my issue.
I have seen a new method in SEService since the 2.3.0 release :
private void checkIfAppletAvailable(SmartcardError error) throws IOException {
Exception exp = error.createException();
if (exp != null) {
if(exp instanceof NoSuchElementException) {
throw new IOException("Applet with the defined aid does not exist in the SE");
}
}
}
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 17 Feb 2012 at 3:18
What's the problem?
When an applet is not multiple-selectable and is already selected by an app,
the second app which tries to select it should receive an exception. What kind
of exception it should receive? It should be specified in SmartCard JavaDoc.
Thanks.
Original issue reported on code.google.com by [email protected]
on 4 Jan 2012 at 7:27
Purpose of this feature: Performance improvement
How should the feature be integrated: Globalplatform Access Control enforcer
Due to the communication latency between device and UICC, fetching the Refresh
tag every time when openLogicalChannel() is called is proved very costly at
performance.
One of improvement options is to move the Refresh tag fetching from Channel
layer to Session layer. In other words, AC enforcer should fetch the Refresh
tag only when a new session instead of a channel is opened. Theologically the
change will booster the performance 40% to 80%.
Thanks.
Original issue reported on code.google.com by [email protected]
on 5 Sep 2012 at 5:32
What's the problem?
What steps will reproduce the problem?
1. From pcsc_system_service_v098.patch, we found we need put "chmod 4755
/system/bin/pcscd"
2. 4755 means it has setuid
3. Why pcsc need setuid? Is it safe?
Original issue reported on code.google.com by [email protected]
on 23 Jul 2012 at 8:07
What's the problem?
I am using a P3100 tab. I am not able to put the tab in fastboot mode.
I have heard in xda forums that this tab doesnt support a Fastboot mode.
So how do I flash the ROM - which I have built onto the device
What steps will reproduce the problem?
1. Alternative flashing method (than fastboot)
2. Enabling fastboot on the P3100
3. Any other ideas to flashing a ROM - such as how to use Odin & Whether
heimdall will work?
What is the expected output? What do you see instead?
1. fastboot devices shows no device
2. The power & volume down combo should show a menu for download & fastboot
modes. Instead it just boots to download/odin mode.
3. adb reboot bootloader reboots into the OS - not bootloader
4. fastboot oem unlock says waiting for device endlessly
What version of the product are you using? On what operating system?
1. Samsung Galaxy Tab 2 7.0 GT-P3100
2. Ubuntu 10.04
3. I have CWM installed on the tablet
4. The tablet is rooted
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 6 Jun 2012 at 7:53
I have a test that create 10 thread that each does new SEService and GetReaders
and then so on and so forth all the way down to transmitting APDU in logical
channel.
What i discovered is that on Android JellyBean device, PackageManager is easily
craching during that process when one of the thread call GetReaders (becuase of
out of memory situation0. Upon further study, there's PackageManager is being
killed and that trigger uncaught exception on Client level. With some root
cause analyze, 2 thing is discover.
1) GetReaders always call AddonTerminal.java getPackageNames always get a whole
list of all installedPackages
2) then it does an expensive loop of comparison against 2 strings, that can be
100ms+
If AddonTerminal.getPackagesNames is not thread/process safe, then
Getinstalledpackages in ObjectManager can also take extended period of time
that's the case, the long operation can easily be pre-emptted and result in
large amount of memory being allocated at the same time. This issue would need
to be addressed because:
1) because the getPackageManager and string comparison is extremely expensive
in performance.
2) more importantly, the memory foot print that is needed.
AddonTerminal does not affect the build in Readers (UICC, eSE, uSD), is there
any real life use case other than for testing purpose? if not, should it be
done on the Service.onCreate time and have that information cached?
Original issue reported on code.google.com by [email protected]
on 14 Sep 2012 at 8:44
I am new to Android and NFC development and have encountered the
following
problem that I would like some help to resolve.
I have taken a simple NFC app to communicate with a simple secure
element. My app compiles and loads, but gets the following errors when
starting execution.
06-25 14:19:58.545: I/dalvikvm(5140): Failed resolving Lcom/project/
android/AndroidActivity; interface 38 'Lorg/simalliance/openmobileapi/
SEService$CallBack;'
i inserted the .jar in "Librairies" of Java Build Path.
I don't know what to do.
Thanks for your help.
Nicolas
Original issue reported on code.google.com by [email protected]
on 25 Jun 2012 at 1:23
Function getSelectResponse()on channel always throws an exception:
01-23 17:09:40.399: ERROR/AndroidRuntime(1868): java.lang.NoSuchMethodError:
org.simalliance.openmobileapi.Channel.getSelectResponse
What steps will reproduce the problem?
1.Start the application with UICC
2.do openLogicalChannel
3.Then do getSelectResponse() in Channel.
What is the expected output? What do you see instead?
It should work properly.
What version of the product are you using? On what operating system?
2.3.2 for smart-card-api.
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 23 Jan 2013 at 11:40
What's the problem?
After SEService is connected, calling shutdown() without calling getReaders()
will result in a NULL exception on SEService.
Here is the partial code to produce the error:
public void serviceConnected(SEService service)
{
se = service;
if ( se.isConnected() )
{
Log.d(LOG_TAG, "Before SEService shut down!");
// Reader[] readers = se.getReaders(); /* uncomment it to prevent a NULL exception
se.shutdown();
Log.d(LOG_TAG, "After SEService shut down!");
}
}
What is the expected output? What do you see instead?
There should not be any exception thrown.
What version of the product are you using? On what operating system?
HTC Amaze 4G
Original issue reported on code.google.com by [email protected]
on 3 Jan 2012 at 8:54
What's the problem?
at protocolTransmit method which is in Terminal.java, there is no filtering
options on sw2
according to "ETSI_TS_102_221v070200p_Smart cards_UICC Terminal
Interface_Physical and logical characteristics" and
"info_isoiec7816-4{ed2.0}en" documentation, SW2 is distinctly decleared as below
SW1 SW2 Description
'63' 'F1' - More data expected
'63' 'F2' - More data expected and proactive command pending
'63' '00' - No information given
'63' '81' - File filled up by the last write
'63' 'CX' - Counter from 0 to 15 encoded by 'X' (exact meaning depending on the
command)
when rsp is 63XX, it always retransmitting for getResponse. even if SW2 is not
in above table
when SW1 == 63 && SW2(not in above table), I think it must be send rsp to
application directly
What is the expected output? What do you see instead?
Code likely to be fixed.
====================================
protected synchronized byte[] protocolTransmit(byte[] cmd) throws CardException
{
...
int sw1 = rsp[rsp.length - 2] & 0xFF;
+ int sw2 = rsp[rsp.length - 1] & 0xFF;
...
- } else if (rsp.length == 2 && sw1 == 0x63) {
+ } else if (rsp.length == 2 && sw1 == 0x63 && (sw2 == 0xF1 || sw2 == 0xF2
|| sw2 == 0x00 || sw2 == 0x81 || sw2 == 0xCX)) {
...
}
Original issue reported on code.google.com by [email protected]
on 5 Feb 2013 at 6:28
On:
http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html
the GnuPG developers discuss how to use an OpenPGP smart card in a USB card
reader with GnuPG.
It would be excellent if the SEEK project not only added hardware cryptography
for Android applications, but presented the attached cryptographic hardware as
a standard card reader and (OpenPGP) smart card when plugged into a PC by USB
(and maybe other standards, such as Bluetooth if possible).
Use case for having this feature implemented:
At the moment, the most practical option for two-factor authentication is to
buy a smart card reader and smart card. It would be excellent if an Android
phone could fulfil that role instead for a number of reasons:
* lower cost, if the user already has the phone;
* more convenient, as a lot of users will have their phones with them (as
opposed to having to carry a card and often a reader);
* more powerful, as an Android phone has the potential to provide a much more
complete (and hardware accelerated) implementation than any one smart card; and
* potential for on-device PIN entry.
If the device can pretend to be a standard smart card/reader, the potential is
quite impressive, as it could nearly-instantly have support in GnuPG, log-ins,
website authentication etc. I assume that you would want to make sure that the
device readable by OpenSC:
http://www.opensc-project.org/opensc/wiki/OverView and the Linux kernel Crypto
API.
To clarify, what I am looking to do is buy a
http://www.gd-sfs.com/the-mobile-security-card/ put it into my Android phone,
plug my Android phone into my Ubuntu Linux computer and have Ubuntu (and GnuPG)
see the mobile security card and phone as a standard smart card that I can use
to log on, sign emails etc.
I would have thought that adding this capability to Android would help your
other aims, as cryptography on the Android currently suffers the chicken-egg
problem. With users using the Android as a smart card reader, there will
quickly be a large demand on the cryptographic functions of the device (as a
large number of desktop applications can use cryptography), which will
encourage the hardware acceleration sufficient to encourage adoption by Android
applications.
Original issue reported on code.google.com by [email protected]
on 4 Aug 2010 at 3:57
mReaders is defined as a non final private field in SEService.
The value is reset on each invocation of getReaders() (line #171)
However the code relies on mReaders for thread syncronization in shutdown code,
while the variable can possible reset leading to a race.
In addition, onServiceDisconnected callback also syncronizes on mReaders. In
case the user never called getReader mReaders will be equal to null leading to
syncronization on null variable.
Original issue reported on code.google.com by [email protected]
on 6 Nov 2012 at 2:24
According to GP Secure Element AC spec 1.0 (section 4.2), there are 2 ways for
the Enforcer to be implemented: 1. Pre-Cache Rules and Refresh Tag mechanism.
2. Instant Query mechanism, which means that the access control enforcer would
never query rules up front; instead, on each open logical channel action, the
Access Control enforcer retrieves the rules associated to the AID & the cert
hash from ARA applet to determine the permission.
Looking into the code of SC 2.4, it seems to me that the implementation does
not follow any of the two mechanisms that GP specified.
Here is a scenario that could cause an error to evaluate access control rules:
1. App-A opens a logical channel to AID-1. As a result, GPAC enforcer loads the
access control rules associated with AID-1.
2. App-B opens a logical channel to AID-2. As a result, GPAC enforcer loads the
access control rules associated with AID-2.
3. OTA adds an access control rule to AID-2. The value of Refresh tag is
changed accordingly.
4. App-A opens a logical channel to AID-1. As the value of Refresh Tag is
changed, GPAC enforcer re-loads the access control rules associated to AID-1.
The new value of Refresh Tag also replaces the current Refresh tag.
5. App-B opens a logical channel to AID-2. Due to the value of Refresh Tag is
unchanged, GPAC enforcer uses the cashed access control rules associated to
AID-2, which is out of date as the rules have been changed since step 3.
Original issue reported on code.google.com by [email protected]
on 8 Feb 2013 at 5:00
[deleted issue]
SIM cards that support T=1 only are not supported by the emulator. Include
proper handling to handle T=0 and T=1
Original issue reported on code.google.com by [email protected]
on 3 Jul 2012 at 6:58
Purpose of this feature: To full support GP Access Control and to be GP Access
Control compliant.
How should the feature be integrated: To integrate NFC-AR-DO with Android NFC
Services and replace the nfcee_access.xml scheme.
Use case for having this feature implemented: The access control for
connectivity and transaction events on Android should be GPAC compliant instead
of Android's proprietary approach (i.e. nfcee_access.xml).
Original issue reported on code.google.com by [email protected]
on 10 Jan 2013 at 5:59
Hi,
We are able to successfully build the source code for Android 4.0.3 and able to
apply the patches of smartcard-api-2_4_0.tgz.
But now we want to try a sample program through emulator for which you had
mentioned to go through PCSC support and patch for it. But we are able to find
the patch for only upto pcsc_systemservice_v098.patch(for SmartCard API 2.3.0
and Android 2.3.7r1) only.
If we apply that patch we are getting HUNK failed messages, which will come for version compatabilities as per our knowledge.
So could you please tell us whether pcsc patch is available for Android
source4.0.3 version?
If so Could you please provide us the link to download it? and if not Could you
please guide us how to run a sample program through Emulator??
Thanks in advance...
Original issue reported on code.google.com by [email protected]
on 18 Feb 2013 at 5:23
On Android, a service could potentially be killed for varvious reason. like a
service it is depending on has died. Anyway, the issue is that while there's
cleanup logic on SEService Client API level on Service unBind and also
SmartCardService onDestroy, it would not cover the situation if the process is
killed.
To reproduce it
1. Have an application that open all the possible logical channel to UICC with
SEEK (e.g. using a multiselectable Applet)
2. on debug DDMS, kill remote SmartCardService API (SEEK) process
3. Client close the session and shutdown the SEService on SEEK
4. Attemp to open a logical channel with SEEK again
- on 4), client should be able to open new channel again with a new SEService
- in reality, when Client close the session and shutdown the SEService, since
the service it is associated with is already killed, that unbind the service
and result in the cleanup logic from client level no longer working correctly.
- neither would the SmartCardService onDestroy would run because the process is
killed
As a brainstorm solution idea:
- SmartCardService is keeping track on channel that is opened so it can do
cleanup probably if onDestroy is triggered, but that is not presistent, so if
onDestroy is not called, no cleanup would run.
- If opened channel is kept presistent, then when SmartCardService is
started/restarted, it checks with any opened channels and close them properly.
Original issue reported on code.google.com by [email protected]
on 7 Sep 2012 at 3:44
Access Control relies on logical channel support to check for proper access
control rules. If the SIM does not support logical channels, no access is
granted.
EAP-SIM is a typical use case where SIM access on the basic channel is required
without the need to have logical channel support as well.
Original issue reported on code.google.com by [email protected]
on 2 Feb 2012 at 1:27
Moto Xoom with ASSD patched into kernel 'android-tegra-moto-2.6.39-ics-mr1'
with SCAPI 2.3.2 & 2.3.3
No USB connection, after device wakes up, no ASSD access possible
Original issue reported on code.google.com by [email protected]
on 5 Jul 2012 at 10:12
What steps will reproduce the problem?
1. Load multiple applets in SIM connected with T=0
2. Run GP GET STATUS command where response is more than one APDU
3. 6310 is returned, SCAPI should take care of protocol handling like with 61xx
What is the expected output? What do you see instead?
expected:
-> 81 F2 20 00 0A 4F 00
<- 63 10
-> 01 C0 00 00 00
<- 6C FF
-> 01 C0 00 00 FF
<- <FF data> 90 00
actual:
-> 81 F2 20 00 0A 4F 00
<- 63 10
Original issue reported on code.google.com by [email protected]
on 17 Feb 2012 at 5:38
Hii,
I am able to successfully build the 4.0.3 source with emulator support(but not
for any real device) in ubuntu12.10.
Actually, My development environment is Windows. Now how can I integrate this
build with my windows so that I can work on Eclipse on my windows using
emulator.
And one more question Can I run java card applet on emulator using the above
build?? If possible how can I do that? and what are the pre-requisites.
Please help me.. Thanks in advance..
Original issue reported on code.google.com by [email protected]
on 7 Feb 2013 at 6:01
Hello!
SEService getReaders returns null, when using openmobileapi.
But, using android.smartcard.jar everything is good.
What might be the problem?
Thanks in advance.
Original issue reported on code.google.com by [email protected]
on 20 Dec 2012 at 4:40
What steps will reproduce the problem?
1.OpenLogicalChannel() to four applets of different AIDs or to an
multi-selectable applet 4 times
2.When all channels are used, the new request of OpenLogicalChannel() should
fail.
What is the expected output? What do you see instead?
The expected result should be defined. An exception should be thrown, or a
null should be returned.
Original issue reported on code.google.com by [email protected]
on 31 May 2012 at 7:16
Please provide the patch of Smartcard API without GP access control enforcer
for JB 4.1.
Thanks.
Original issue reported on code.google.com by [email protected]
on 15 Aug 2012 at 8:48
What's the problem?
APDU Class 4 doesn't work on Samsung Galaxy S3 (GT-I9300)
What steps will reproduce the problem?
1. Send any APDU class 4 command with non-empty command data (for example,
Global Platform Initialize Update) using channel.transmit.
What is the expected output? What do you see instead?
Response Data is expected, but only SW 9000 is returned.
What version of the product are you using? On what operating system?
Smart Card API 2.3.2. Samsung GT-I9300. Android 4.0.4. OS Build:
IMM76D.I9300XXALEF. Baseband: I9300XXLEF. All the same as in Device Support
Wiki section.
Please provide any additional information below.
Response is returned fine in there is no command data. Tested with Card
Manager, custom applets - same result everywhere.
Original issue reported on code.google.com by [email protected]
on 2 Oct 2012 at 2:29
What's the problem?
When using android.smartcard.jar from svn, I'm always getting "reader must not
be null". If I use android.smartcard.jar available in
http://seek-for-android.googlecode.com/files/MSC_SmartcardService-1_5.tgz it
runs fine.
What steps will reproduce the problem?
1. Generate SmartcardSample.apk from svn;
2. Run it in your device;
What is the expected output? What do you see instead?
It should work like mentioned in
http://code.google.com/p/seek-for-android/wiki/MscSmartcardService
What version of the product are you using? On what operating system?
Android SDK 2.1 - Motorola MB502
Please provide any additional information below.
Easy to reproduce, pretty straight forward.
Original issue reported on code.google.com by [email protected]
on 14 Apr 2011 at 6:22
When the access control applet is not multi-selectable (which is the case on
most Vendor’s implementation), access control checking mechanism can be
preempted and cause undesired behavior. Think of multiple clients or multiple
threads trying to use openLogicalChannel against their respected AIDs at the
same time, but during access control checking on the first thread, it is being
preempted. The 2nd thread would get a Security Exception, because they would
be getting error when AC applet is already selected (and not release yet) and
cannot be select a 2nd time. This is a wrong behavior, because the checking of
access control is transparent to SEEK user and Security Exception should only
be thrown if access is denied (not because of limitation on cannot be
multi-selecting the applet).
There’re 2 possible solutions for this:
1) Support multi-selectable on Access Control Applet, which is not currently a
mandated requirement, and there’re some complication to handle OTA rule
update correctly when someone is querying the data at the same time
2) Or, make the enforcer access control rule checking be thread safe.
While 1st approach might be the ultimate solution if implemented properly, 2nd
approach is something that can be implemented by SEEK, based on the current
known limitation on applet, without any dependency.
Simply by making sure the Access Control checking, from the time it open the AC
applet until closes the channel to it is locked by a critical section. It can
be done by adding the “synchronized” keyword to the following function
signature:
In src/org/simalliance/openmobileapi/service/security/AccessController.java
public ChannelAccess enableAccesssConditions(ITerminal terminal, byte[] aid,
String callerPakcageName, ISmartcardServiceCallback callback, SmartcardError
error) throws Exception
become
public <b>synchronized</b> ChannelAccess enableAccesssConditions(ITerminal
terminal, byte[] aid, String callerPakcageName, ISmartcardServiceCallback
callback, SmartcardError error) throws Exception
Original issue reported on code.google.com by [email protected]
on 18 Feb 2013 at 6:59
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.