2 * Copyright (c) 2012, 2013 Samsung Electronics Co., Ltd.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
20 #include "SimpleTLV.h"
21 #include "AccessControlList.h"
22 #include "AccessCondition.h"
24 namespace smartcard_service_api
26 void AccessRule::addAPDUAccessRule(const ByteArray &apdu,
27 const ByteArray &mask)
29 pair<ByteArray, ByteArray> item(apdu, mask);
31 listFilters.push_back(item);
34 bool AccessRule::isAuthorizedAPDUAccess(const ByteArray &command) const
38 if (command.size() < 4) /* apdu header size */
41 if (listFilters.size() > 0)
43 unsigned int cmd, mask, rule;
44 vector<pair<ByteArray, ByteArray> >::const_iterator item;
46 cmd = *(unsigned int *)command.getBuffer();
47 for (item = listFilters.begin(); item != listFilters.end(); item++)
49 mask = *(unsigned int *)item->second.getBuffer();
50 rule = *(unsigned int *)item->first.getBuffer();
52 if ((cmd & mask) == rule)
61 /* no filter entry. if permission is true, all access will be granted, if not, all access will be denied */
68 bool AccessRule::isAuthorizedNFCAccess(void) const
73 AccessRule *AccessCondition::getAccessRule(const ByteArray &certHash)
75 AccessRule *result = NULL;
76 map<ByteArray, AccessRule>::iterator item;
78 item = mapRules.find(certHash);
79 if (item != mapRules.end()) {
80 result = &item->second;
86 const AccessRule *AccessCondition::getAccessRule(const ByteArray &certHash) const
88 const AccessRule *result = NULL;
89 map<ByteArray, AccessRule>::const_iterator item;
91 item = mapRules.find(certHash);
92 if (item != mapRules.end()) {
93 result = &item->second;
99 void AccessCondition::addAccessRule(const ByteArray &hash)
103 pair<ByteArray, AccessRule> item(hash, rule);
105 mapRules.insert(item);
108 bool AccessCondition::isAuthorizedAccess(const ByteArray &certHash) const
110 bool result = permission;
111 const AccessRule *rule = getAccessRule(certHash);
120 void AccessCondition::setAPDUAccessRule(const ByteArray &certHash,
123 AccessRule *access = getAccessRule(certHash);
125 if (access != NULL) {
126 access->setAPDUAccessRule(rule);
130 void AccessCondition::addAPDUAccessRule(const ByteArray &certHash,
131 const ByteArray &apdu, const ByteArray &mask)
133 AccessRule *access = getAccessRule(certHash);
135 if (access != NULL) {
136 access->addAPDUAccessRule(apdu, mask);
140 void AccessCondition::addAPDUAccessRule(const ByteArray &certHash,
141 const ByteArray &rule)
143 if (rule.size() != 8)
146 addAPDUAccessRule(certHash, rule.sub(0, 4), rule.sub(4, 4));
149 void AccessCondition::setNFCAccessRule(const ByteArray &certHash,
152 AccessRule *access = getAccessRule(certHash);
154 if (access != NULL) {
155 access->setNFCAccessRule(rule);
159 bool AccessCondition::isAuthorizedAPDUAccess(const ByteArray &certHash,
160 const ByteArray &command) const
163 const AccessRule *rule = getAccessRule(certHash);
166 result = rule->isAuthorizedAPDUAccess(command);
172 bool AccessCondition::isAuthorizedNFCAccess(const ByteArray &certHash) const
175 const AccessRule *rule = getAccessRule(certHash);
178 result = rule->isAuthorizedNFCAccess();
183 } /* namespace smartcard_service_api */
projects / platform / core / connectivity / smartcard-service.git / blob