覆蓋OffHostApduService以將APDU路由到SIM卡
[英]Overwriting OffHostApduService to route APDU to SIM Card
問題描述
我正在研究一個在Android手機上模擬運輸卡的項目,我通讀了Android Kitkat文檔,發現為了模擬帶有安全元素的卡,我需要從OffHostApduService繼承。
在Google上花費了很多時間之后,我卻找不到在onBind函數上寫什么來將APDU從另一個NFC設備重定向到我的移動設備SIM卡。
該卡與NFC A和B兼容,這是否意味着我可以使用NfcA或NfcB類向其發送命令?
我使用的是Samsung Galaxy 3,Samsung Galaxy 4 Mini,它們都具有openmobile api或至少具有SmartCard API。 我無法修補系統,因為目標是證明有可能在市場上的設備上進行修補。
謝謝你的幫助 !!
1 個解決方案
解決方案1
3 2014-02-27 12:48:13
以下修補程序將打開Nexus 5上4.4到UICC的NFC卡仿真路由:
設備/ lge / hammerhead文件夾中的第一個
diff --git a/nfc/libnfc-brcm-20791b05.conf b/nfc/libnfc-brcm-20791b05.conf
index 0ef61c3..9348673 100644
--- a/nfc/libnfc-brcm-20791b05.conf
+++ b/nfc/libnfc-brcm-20791b05.conf
@@ -26,10 +26,10 @@ LPTD_CFG={38:B9:36:01:00:FF:FF:08:00:00:00:A0:0F:40:00:00:12:02:10:00:00:00:2D:0
#
# This is applied at stack startup.
# Use for Host based CE
-NFA_DM_START_UP_CFG={45:CB:01:01:A5:01:01:CA:17:00:00:00:00:06:00:00:00:00:0F:00:00:00:00:E0:67:35:00:14:01:00:00:10:B5:03:01:02:FF:80:01:01:C9:03:03:0F:AB:5B:01:00:B2:04:E8:03:00:00:CF:02:02:08:B1:06:00:20:00:00:00:12:C2:02
+#NFA_DM_START_UP_CFG={45:CB:01:01:A5:01:01:CA:17:00:00:00:00:06:00:00:00:00:0F:00:00:00:00:E0:67:35:00:14:01:00:00:10:B5:03:01:02:FF:80:01:01:C9:03:03:0F:AB:5B:01:00:B2:04:E8:03:00:00:CF:02:02:08:B1:06:00:20:00:00:00:12:C2:0
# Support UICC
-#NFA_DM_START_UP_CFG={45:CB:01:01:A5:01:01:CA:17:00:00:00:00:06:00:00:00:00:0F:00:00:00:00:E0:67:35:00:14:01:00:00:10:B5:03:01:03:FF:80:01:01:C9:03:03:0F:AB:5B:01:02:B2:04:E8:03:00:00:CF:02:02:08:B1:06:00:20:00:00:00:12:C2:0
+NFA_DM_START_UP_CFG={45:CB:01:01:A5:01:01:CA:17:00:00:00:00:06:00:00:00:00:0F:00:00:00:00:E0:67:35:00:14:01:00:00:10:B5:03:01:03:FF:80:01:01:C9:03:03:0F:AB:5B:01:02:B2:04:E8:03:00:00:CF:02:02:08:B1:06:00:20:00:00:00:12:C2:02
###############################################################################
# Pre-Discovery Startup Configuration (256 bytes maximum)
@@ -39,7 +39,7 @@ NFA_DM_START_UP_CFG={45:CB:01:01:A5:01:01:CA:17:00:00:00:00:06:00:00:00:00:0F:00
# Do not set NFA_DM_PRE_DISCOVERY_CFG
# Support UICC
-#NFA_DM_PRE_DISCOVERY_CFG={0A:C2:08:01:88:00:04:40:4B:4C:00}
+NFA_DM_PRE_DISCOVERY_CFG={0A:C2:08:01:88:00:04:40:4B:4C:00}
###############################################################################
# Antenna Configuration - This data is used when setting 0xC8 config item
diff --git a/nfc/libnfc-brcm.conf b/nfc/libnfc-brcm.conf
index 4840a54..afe80cd 100644
--- a/nfc/libnfc-brcm.conf
+++ b/nfc/libnfc-brcm.conf
@@ -2,8 +2,10 @@
###############################################################################
# Application options
-APPL_TRACE_LEVEL=0x01
-PROTOCOL_TRACE_LEVEL=0x00000000
+#APPL_TRACE_LEVEL=0x01
+#PROTOCOL_TRACE_LEVEL=0x00000000
+APPL_TRACE_LEVEL=0xFF
+PROTOCOL_TRACE_LEVEL=0xFFFFFFFF
###############################################################################
# performance measurement
@@ -75,7 +77,7 @@ NFCC_ENABLE_TIMEOUT=1000
# so that the stack will not wait any longer than necessary.
#
# Use for Host based CE
-NFA_MAX_EE_SUPPORTED=0
+#NFA_MAX_EE_SUPPORTED=0
# Use for UICC support
# NFA_MAX_EE_SUPPORTED=3
@@ -88,10 +90,10 @@ NFA_MAX_EE_SUPPORTED=0
# system in order to skip SE initialization.
#
# Use for Host based CE
-ACTIVE_SE=0x0
+#ACTIVE_SE=0x0
# Use for UICC support
-#ACTIVE_SE=0xF3
+ACTIVE_SE=0xF3
###############################################################################
# Configure the NFC Extras to open and use a static pipe. If the value is
然后在文件夾packages / apps / Nfc中:
diff --git a/src/com/android/nfc/cardemulation/AidRoutingManager.java b/src/com/android/nfc/cardemulation/AidRoutingManager.java
index 154bcf3..951fb2d 100644
--- a/src/com/android/nfc/cardemulation/AidRoutingManager.java
+++ b/src/com/android/nfc/cardemulation/AidRoutingManager.java
@@ -41,7 +41,8 @@ public class AidRoutingManager {
// For Nexus devices, just a static route to the eSE
// OEMs/Carriers could manually map off-host AIDs
// to the correct eSE/UICC based on state they keep.
- static final int DEFAULT_OFFHOST_ROUTE = 0xF4;
+// static final int DEFAULT_OFFHOST_ROUTE = 0xF4;
+ static final int DEFAULT_OFFHOST_ROUTE = 0xF3; // pkvk9345
final Object mLock = new Object();
diff --git a/nci/jni/RoutingManager.cpp b/nci/jni/RoutingManager.cpp
index 83e97d0..885e403 100644
--- a/nci/jni/RoutingManager.cpp
+++ b/nci/jni/RoutingManager.cpp
@@ -89,7 +89,8 @@ void RoutingManager::setDefaultRouting()
ALOGE ("Fail to set default proto routing");
// Tell the UICC to only listen on Nfc-A
- nfaStat = NFA_CeConfigureUiccListenTech (mDefaultEe, 0x01);
+ //nfaStat = NFA_CeConfigureUiccListenTech (mDefaultEe, 0x01);
+ nfaStat = NFA_CeConfigureUiccListenTech (0xF3, 0x03);
if (nfaStat != NFA_STATUS_OK)
ALOGE ("Failed to configure UICC listen technologies");
在Nexus 4上似乎無法路由到UICC,因為SWP觸點未連接到該設備上的NFC芯片。
根據您的建議,可以通過Android尋求智能卡API來將APDU交換到小卡上以裝入票證,或者通過二進制SMS空中傳輸。 前者是最簡單的(但可能不是最安全的,具體取決於上下文)。
如何在Android中與SIM卡進行APDU通信?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.