1 /*
2 **
3 ** Copyright 2018, The Android Open Source Project
4 **
5 ** Licensed under the Apache License, Version 2.0 (the "License");
6 ** you may not use this file except in compliance with the License.
7 ** You may obtain a copy of the License at
8 **
9 **     http://www.apache.org/licenses/LICENSE-2.0
10 **
11 ** Unless required by applicable law or agreed to in writing, software
12 ** distributed under the License is distributed on an "AS IS" BASIS,
13 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 ** See the License for the specific language governing permissions and
15 ** limitations under the License.
16 */
17 /******************************************************************************
18  **
19  ** The original Work has been changed by NXP.
20  **
21  ** Licensed under the Apache License, Version 2.0 (the "License");
22  ** you may not use this file except in compliance with the License.
23  ** You may obtain a copy of the License at
24  **
25  ** http://www.apache.org/licenses/LICENSE-2.0
26  **
27  ** Unless required by applicable law or agreed to in writing, software
28  ** distributed under the License is distributed on an "AS IS" BASIS,
29  ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
30  ** See the License for the specific language governing permissions and
31  ** limitations under the License.
32  **
33  ** Copyright 2020-2021,2024 NXP
34  **
35  *********************************************************************************/
36 #ifndef __APPLETCONNECTION_H__
37 #define __APPLETCONNECTION_H__
38 
39 #include <aidl/android/hardware/secure_element/BnSecureElementCallback.h>
40 #include <aidl/android/hardware/secure_element/ISecureElement.h>
41 #include <vector>
42 
43 #include <SBAccessController.h>
44 
45 namespace keymint::javacard {
46 class SecureElementCallback;
47 using aidl::android::hardware::secure_element::ISecureElement;
48 
49 struct AppletConnection {
50 public:
51   AppletConnection(const std::vector<uint8_t>& aid);
52 
53   /**
54    * Connects to the secure element HAL service. Returns true if successful, false otherwise.
55    */
56   bool connectToSEService();
57 
58   /**
59    * Select the applet on the secure element. SELECT command response is returned in resp vector
60    */
61   bool openChannelToApplet(std::vector<uint8_t>& resp);
62 
63   /**
64    * If open, closes the open channel to the applet. Returns an error if channel was not
65    * open or the SE HAL service returned an error.
66    */
67   bool close();
68 
69   /**
70    * Sends the data to the secure element and also receives back the data.
71    * This is a blocking call.
72    */
73   bool transmit(std::vector<uint8_t>& CommandApdu, std::vector<uint8_t>& output);
74 
75   /**
76    * Checks if a channel to the applet is open.
77    */
78   bool isChannelOpen();
79 
80   /**
81    * Checks if service is connected to eSE HAL.
82    */
83   bool isServiceConnected();
84   /**
85    * Get session timeout value based on select response normal/update session
86    */
87   int getSessionTimeout();
88 
89  private:
90   /**
91    * Select applet with given P2 parameter
92    */
93   bool selectApplet(std::vector<uint8_t>& resp, uint8_t p2);
94 
95   std::mutex channel_mutex_;  // exclusive access to isChannelopen()/close()
96 
97   std::shared_ptr<ISecureElement> mSecureElement;
98   std::shared_ptr<SecureElementCallback> mSecureElementCallback;
99   ::ndk::ScopedAIBinder_DeathRecipient mDeathRecipient;
100   static void BinderDiedCallback(void* cookie);
101   std::vector<uint8_t> kAppletAID;
102   int8_t mOpenChannel = -1;
103   SBAccessController& mSBAccessController;
104 };
105 
106 }  // namespace keymint::javacard
107 #endif  // __APPLETCONNECTION_H__
108