| /* |
| * Copyright (C) 2017 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| /* |
| * Copyright (c) 2017, The Linux Foundation. |
| */ |
| |
| /* |
| * Copyright 2012 Giesecke & Devrient GmbH. |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package com.android.se.security; |
| |
| /** Class for Storing the APDU and NFC Access for a particular Channel */ |
| public class ChannelAccess { |
| |
| private final String mTag = "SecureElement-ChannelAccess"; |
| private String mPackageName = ""; |
| private ACCESS mAccess = ACCESS.UNDEFINED; |
| private ACCESS mApduAccess = ACCESS.UNDEFINED; |
| private boolean mUseApduFilter = false; |
| private int mCallingPid = 0; |
| private String mReason = "no access by default"; |
| private ACCESS mNFCEventAccess = ACCESS.UNDEFINED; |
| private ApduFilter[] mApduFilter = null; |
| private ACCESS mPrivilegeAccess = ACCESS.UNDEFINED; |
| |
| /** Clones the ChannelAccess */ |
| public ChannelAccess clone() { |
| ChannelAccess ca = new ChannelAccess(); |
| ca.setAccess(mAccess, mReason); |
| ca.setPackageName(mPackageName); |
| ca.setApduAccess(mApduAccess); |
| ca.setCallingPid(mCallingPid); |
| ca.setNFCEventAccess(mNFCEventAccess); |
| ca.setUseApduFilter(mUseApduFilter); |
| if (mApduFilter != null) { |
| ApduFilter[] apduFilter = new ApduFilter[mApduFilter.length]; |
| int i = 0; |
| for (ApduFilter filter : mApduFilter) { |
| apduFilter[i++] = filter.clone(); |
| } |
| ca.setApduFilter(apduFilter); |
| } else { |
| ca.setApduFilter(null); |
| } |
| return ca; |
| } |
| |
| public String getPackageName() { |
| return mPackageName; |
| } |
| |
| public void setPackageName(String name) { |
| mPackageName = name; |
| } |
| |
| public ACCESS getApduAccess() { |
| return mApduAccess; |
| } |
| |
| public void setApduAccess(ACCESS apduAccess) { |
| mApduAccess = apduAccess; |
| } |
| |
| public ACCESS getAccess() { |
| return mAccess; |
| } |
| |
| /** Sets the Access for the ChannelAccess */ |
| public void setAccess(ACCESS access, String reason) { |
| mAccess = access; |
| mReason = reason; |
| } |
| |
| public boolean isUseApduFilter() { |
| return mUseApduFilter; |
| } |
| |
| public void setUseApduFilter(boolean useApduFilter) { |
| mUseApduFilter = useApduFilter; |
| } |
| |
| public int getCallingPid() { |
| return mCallingPid; |
| } |
| |
| public void setCallingPid(int callingPid) { |
| mCallingPid = callingPid; |
| } |
| |
| public String getReason() { |
| return mReason; |
| } |
| |
| public ApduFilter[] getApduFilter() { |
| return mApduFilter; |
| } |
| |
| public void setApduFilter(ApduFilter[] accessConditions) { |
| mApduFilter = accessConditions; |
| } |
| |
| public ACCESS getNFCEventAccess() { |
| return mNFCEventAccess; |
| } |
| |
| public void setNFCEventAccess(ACCESS access) { |
| mNFCEventAccess = access; |
| } |
| |
| /** Provides the ChannelAccess with Privilege Access */ |
| public static ChannelAccess getPrivilegeAccess(String packageName, int pid) { |
| ChannelAccess ca = new ChannelAccess(); |
| ca.setPackageName(packageName); |
| ca.setCallingPid(pid); |
| ca.setAccess(ACCESS.ALLOWED, "privilege application"); |
| ca.setApduAccess(ACCESS.ALLOWED); |
| ca.setNFCEventAccess(ACCESS.ALLOWED); |
| ca.setPrivilegeAccess(ACCESS.ALLOWED); |
| |
| return ca; |
| } |
| |
| /** Provides the ChannelAccess with CarrierPrivilege Access */ |
| public static ChannelAccess getCarrierPrivilegeAccess(String packageName, int pid) { |
| ChannelAccess ca = new ChannelAccess(); |
| ca.setPackageName(packageName); |
| ca.setCallingPid(pid); |
| ca.setAccess(ACCESS.ALLOWED, "Carrier-Privilege"); |
| ca.setApduAccess(ACCESS.ALLOWED); |
| ca.setPrivilegeAccess(ACCESS.ALLOWED); |
| |
| return ca; |
| } |
| |
| public ACCESS getPrivilegeAccess() { |
| return mPrivilegeAccess; |
| } |
| |
| public void setPrivilegeAccess(ACCESS access) { |
| mPrivilegeAccess = access; |
| } |
| |
| public void setCarrierPrivilegeAccess(String packageName, int pid) { |
| mPackageName = packageName; |
| mCallingPid = pid; |
| mAccess = ACCESS.ALLOWED; |
| mApduAccess = ACCESS.ALLOWED; |
| mPrivilegeAccess = ACCESS.ALLOWED; |
| mReason = "Carrier-Privilege"; |
| } |
| |
| @Override |
| public String toString() { |
| StringBuilder sb = new StringBuilder(); |
| sb.append(this.getClass().getName()); |
| sb.append("\n [mPackageName="); |
| sb.append(mPackageName); |
| sb.append(", mAccess="); |
| sb.append(mAccess); |
| sb.append(", mApduAccess="); |
| sb.append(mApduAccess); |
| sb.append(", mUseApduFilter="); |
| sb.append(mUseApduFilter); |
| sb.append(", mApduFilter="); |
| if (mApduFilter != null) { |
| for (ApduFilter f : mApduFilter) { |
| sb.append(f.toString()); |
| sb.append(" "); |
| } |
| } else { |
| sb.append("null"); |
| } |
| sb.append(", mCallingPid="); |
| sb.append(mCallingPid); |
| sb.append(", mReason="); |
| sb.append(mReason); |
| sb.append(", mNFCEventAllowed="); |
| sb.append(mNFCEventAccess); |
| sb.append(", mPrivilegeAccess="); |
| sb.append(mPrivilegeAccess); |
| sb.append("]\n"); |
| |
| return sb.toString(); |
| } |
| |
| public enum ACCESS { |
| ALLOWED, |
| DENIED, |
| UNDEFINED; |
| } |
| } |