2 * Copyright (c) 2012, 2013 Samsung Electronics Co., Ltd.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 /* standard library header */
24 /* SLP library header */
28 #include "ServerResource.h"
29 #include "TerminalInterface.h"
30 #include "APDUHelper.h"
31 #include "SignatureHelper.h"
34 #include "ServerGDBus.h"
35 #include "smartcard-daemon.h"
38 #define EXTERN_API __attribute__((visibility("default")))
43 namespace smartcard_service_api
45 unsigned int IntegerHandle::newHandle = 0;
46 set<unsigned int> IntegerHandle::setHandles;
47 PMutex IntegerHandle::mutexLock;
49 unsigned int IntegerHandle::assignHandle()
53 pair<set<unsigned int>::iterator, bool> result;
58 if (newHandle == (unsigned int)-1)
63 result = setHandles.insert(newHandle);
66 while (!result.second);
69 _DBG("assign handle : newHandle [%d]", newHandle);
74 void IntegerHandle::releaseHandle(unsigned int handle)
76 _DBG("will be released : Handle [%d]", handle);
80 setHandles.erase(handle);
84 #define OMAPI_SE_PATH "/usr/lib/se"
86 ServerResource::ServerResource() : seLoaded(false)
92 ServerResource::~ServerResource()
96 ServerResource &ServerResource::getInstance()
98 static ServerResource serverResource;
100 return serverResource;
103 bool ServerResource::createClient(const char *name, pid_t pid)
107 if (getClient(name) == NULL)
109 ClientInstance *instance = new ClientInstance(name, pid);
110 if (instance != NULL)
112 mapClients.insert(make_pair(name, instance));
117 _ERR("alloc failed");
122 _ERR("client already exist, name [%s]", name);
128 ClientInstance *ServerResource::getClient(const char *name)
130 ClientInstance *result = NULL;
131 map<string, ClientInstance *>::iterator item;
133 if ((item = mapClients.find(name)) != mapClients.end())
135 result = item->second;
141 void ServerResource::removeClient(const char *name)
143 map<string, ClientInstance *>::iterator item;
145 if ((item = mapClients.find(name)) != mapClients.end())
148 mapClients.erase(item);
152 _DBG("client removed already, name [%s]", name);
156 void ServerResource::removeClients()
158 map<string, ClientInstance *>::iterator item;
160 for (item = mapClients.begin(); item != mapClients.end(); item++)
168 int ServerResource::getClientCount() const
170 return (int)mapClients.size();
173 ServiceInstance *ServerResource::createService(const char *name)
175 ServiceInstance *result = NULL;
176 ClientInstance *instance = NULL;
178 if ((instance = getClient(name)) != NULL)
180 if ((result = instance->createService()) == NULL)
182 _ERR("ClientInstance::createService failed [%d]", name);
187 _ERR("client doesn't exist, name [%s]", name);
193 ServiceInstance *ServerResource::getService(const char *name, unsigned int handle)
195 ServiceInstance *result = NULL;
196 ClientInstance *instance = NULL;
198 if ((instance = getClient(name)) != NULL)
200 result = instance->getService(handle);
204 _ERR("client doesn't exist, name [%s]", name);
210 void ServerResource::removeService(const char *name, unsigned int handle)
212 ClientInstance *instance = NULL;
214 if ((instance = getClient(name)) != NULL)
216 instance->removeService(handle);
217 if (instance->getServiceCounts() == 0) {
219 /* remove client instance */
225 _ERR("client doesn't exist, name [%s]", name);
229 void ServerResource::removeServices(const char *name)
231 ClientInstance *instance = NULL;
233 if ((instance = getClient(name)) != NULL)
235 instance->removeServices();
237 /* remove client instance */
242 _ERR("client doesn't exist, name [%s]", name);
246 unsigned int ServerResource::createSession(const char *name, unsigned int handle, unsigned int readerID, vector<ByteArray> &certHashes, void *caller)
248 unsigned int result = -1;
249 Terminal *temp = NULL;
250 ServiceInstance *instance = NULL;
252 if ((instance = getService(name, handle)) != NULL)
254 if ((temp = getTerminalByReaderID(readerID)) != NULL)
256 result = instance->openSession(temp, certHashes, caller);
261 _ERR("getService doesn't exist : name [%s], handle [%d]", name, handle);
267 ServerSession *ServerResource::getSession(const char *name, unsigned int handle, unsigned int sessionID)
269 ServerSession *result = NULL;
270 ServiceInstance *instance = NULL;
272 if ((instance = getService(name, handle)) != NULL)
274 result = instance->getSession(sessionID);
278 _ERR("Session doesn't exist : name [%s], handle [%d], handle [%d]", name, handle, sessionID);
284 bool ServerResource::isValidSessionHandle(const char *name, unsigned int handle, unsigned int session)
286 ServiceInstance *instance = NULL;
288 return (((instance = getService(name, handle)) != NULL) && (instance->isVaildSessionHandle(session)));
291 bool ServerResource::isValidChannelHandle(const char *name, unsigned int handle, unsigned int channel)
293 ServiceInstance *instance = NULL;
295 return (((instance = getService(name, handle)) != NULL) && (instance->isVaildChannelHandle(channel)));
298 unsigned int ServerResource::getChannelCount(const char *name, unsigned int handle, unsigned int sessionID)
300 unsigned int result = -1;
301 ServiceInstance *instance = NULL;
303 if ((instance = getService(name, handle)) != NULL)
305 result = instance->getChannelCountBySession(sessionID);
309 _ERR("getService doesn't exist : name [%s], handle [%d]", name, handle);
315 void ServerResource::removeSession(const char *name, unsigned int handle, unsigned int sessionID)
317 ServiceInstance *instance = NULL;
319 if ((instance = getService(name, handle)) != NULL)
321 instance->closeSession(sessionID);
325 _ERR("getService doesn't exist : name [%s], handle [%d]", name, handle);
329 unsigned int ServerResource::createChannel(const char *name, unsigned int handle, unsigned int sessionID, int channelType, ByteArray aid)
330 throw(ExceptionBase &)
332 unsigned int result = -1;
333 ServiceInstance *service = NULL;
335 if ((service = getService(name, handle)) != NULL)
337 if (service->isVaildSessionHandle(sessionID) == true)
339 ServerSession *session = NULL;
340 Terminal *terminal = NULL;
342 terminal = service->getTerminal(sessionID);
343 session = service->getSession(sessionID);
344 if (terminal != NULL && session != NULL)
346 if (terminal->open() == true) {
347 result = _createChannel(terminal, service, channelType, sessionID, aid);
348 if (result == IntegerHandle::INVALID_HANDLE)
350 _ERR("create channel failed [%d]", sessionID);
355 _ERR("terminal open failed");
356 throw ExceptionBase(SCARD_ERROR_UNAVAILABLE);
361 _ERR("session is invalid [%d]", sessionID);
362 throw ExceptionBase(SCARD_ERROR_UNAVAILABLE);
367 _ERR("session is invalid [%d]", sessionID);
368 throw ExceptionBase(SCARD_ERROR_ILLEGAL_STATE);
373 _ERR("getService is failed, name [%s], handle [%d]", name, handle);
374 throw ExceptionBase(SCARD_ERROR_UNAVAILABLE);
380 Channel *ServerResource::getChannel(const char *name, unsigned int handle, unsigned int channelID)
382 Channel *result = NULL;
383 ServiceInstance *instance = NULL;
385 if ((instance = getService(name, handle)) != NULL)
387 result = instance->getChannel(channelID);
391 _ERR("Channel doesn't exist : name [%s], handle [%d], handle [%d]", name, handle, channelID);
397 void ServerResource::removeChannel(const char *name, unsigned int handle, unsigned int channelID)
399 ServiceInstance *instance = NULL;
401 if ((instance = getService(name, handle)) != NULL)
403 ServerChannel *channel;
404 Terminal *terminal = NULL;
406 channel = instance->getChannel(channelID);
407 if (channel != NULL) {
408 terminal = channel->getTerminal();
411 instance->closeChannel(channelID);
413 if (terminal != NULL) {
419 _ERR("getService doesn't exist : name [%s], handle [%d]", name, handle);
423 Terminal *ServerResource::getTerminal(unsigned int terminalID)
425 Terminal *result = NULL;
426 map<unsigned int, Terminal *>::iterator item;
428 if ((item = mapTerminals.find(terminalID)) != mapTerminals.end())
430 result = item->second;
434 _ERR("Terminal doesn't exist [%d]", terminalID);
440 const Terminal *ServerResource::getTerminal(unsigned int terminalID) const
442 const Terminal *result = NULL;
443 map<unsigned int, Terminal *>::const_iterator item;
445 if ((item = mapTerminals.find(terminalID)) != mapTerminals.end())
447 result = item->second;
451 _ERR("Terminal doesn't exist [%d]", terminalID);
457 Terminal *ServerResource::getTerminal(const char *name)
459 Terminal *result = NULL;
460 map<unsigned int, Terminal *>::iterator item;
462 for (item = mapTerminals.begin(); item != mapTerminals.end(); item++)
464 if (strncmp(name, item->second->getName(), strlen(name)) == 0)
466 result = item->second;
474 Terminal *ServerResource::getTerminalByReaderID(unsigned int readerID)
476 Terminal *result = NULL;
477 map<unsigned int, unsigned int>::iterator item;
479 if ((item = mapReaders.find(readerID)) != mapReaders.end())
481 result = getTerminal(item->second);
485 _ERR("Terminal doesn't exist, reader ID [%d]", readerID);
491 const Terminal *ServerResource::getTerminalByReaderID(unsigned int readerID) const
493 const Terminal *result = NULL;
494 map<unsigned int, unsigned int>::const_iterator item;
496 if ((item = mapReaders.find(readerID)) != mapReaders.end())
498 result = getTerminal(item->second);
502 _ERR("Terminal doesn't exist, reader ID [%d]", readerID);
508 unsigned int ServerResource::getTerminalID(const char *name) const
510 unsigned int result = IntegerHandle::INVALID_HANDLE;
511 map<unsigned int, Terminal *>::const_iterator item;
513 for (item = mapTerminals.begin();
514 item != mapTerminals.end(); item++)
516 if (strncmp(name, item->second->getName(),
519 result = item->first;
527 bool ServerResource::_isAuthorizedAccess(ServerChannel *channel,
528 const ByteArray &aid, const vector<ByteArray> &hashes)
531 AccessControlList *acList = NULL;
533 /* request open channel sequence */
534 if ((acList = getAccessControlList(channel)) == NULL)
536 /* load access control defined by Global Platform */
537 GPACE *acl = new GPACE();
542 ret = acl->loadACL(channel);
543 if (ret >= SCARD_ERROR_OK)
546 addAccessControlList(channel, acList);
550 _ERR("unknown error, 0x%x", -ret);
556 _ERR("alloc failed");
561 acList->loadACL(channel);
566 result = acList->isAuthorizedAccess(aid, hashes);
572 int ServerResource::_openLogicalChannel(Terminal *terminal)
580 command = APDUHelper::generateAPDU(APDUHelper::COMMAND_OPEN_LOGICAL_CHANNEL, 0, ByteArray::EMPTY);
582 _DBG("command [%d] : %s", command.size(), command.toString().c_str());
584 rv = terminal->transmitSync(command, response);
585 if (rv == 0 && response.size() >= 2)
587 ResponseHelper resp(response);
589 if (resp.getStatus() >= 0)
591 result = resp.getDataField()[0];
595 result = resp.getStatus();
600 _ERR("transmitSync failed, rv [%d], length [%d]", rv, response.size());
606 int ServerResource::_closeLogicalChannel(Terminal *terminal, int channelNum)
608 int result = SCARD_ERROR_UNKNOWN;
614 command = APDUHelper::generateAPDU(APDUHelper::COMMAND_CLOSE_LOGICAL_CHANNEL, channelNum, ByteArray::EMPTY);
616 _DBG("command [%d] : %s", command.size(), command.toString().c_str());
618 rv = terminal->transmitSync(command, response);
619 if (rv == 0 && response.size() >= 2)
621 ResponseHelper resp(response);
623 if (resp.getStatus() >= 0)
625 _DBG("channel closed [%d]", channelNum);
626 result = SCARD_ERROR_OK;
630 _ERR("status word [ %02X %02X ]", resp.getSW1(), resp.getSW2());
635 _ERR("select apdu is failed, rv [%d], length [%d]", rv, response.size());
641 unsigned int ServerResource::_createChannel(Terminal *terminal,
642 ServiceInstance *service, int channelType,
643 unsigned int sessionID, const ByteArray &aid)
644 throw(ExceptionBase &)
646 unsigned int result = IntegerHandle::INVALID_HANDLE;
648 ServerChannel *channel = NULL;
650 /* open logical channel */
651 if (channelType == 1)
653 channelNum = _openLogicalChannel(terminal);
656 _DBG("channelNum [%d]", channelNum);
660 _ERR("_openLogicalChannel failed [%d]", channelNum);
661 throw ExceptionBase(SCARD_ERROR_NOT_ENOUGH_RESOURCE);
665 /* create channel instance */
666 result = service->openChannel(sessionID, channelNum, ByteArray::EMPTY);
667 if (result == IntegerHandle::INVALID_HANDLE)
669 _ERR("channel is null.");
671 /* close logical channel */
674 _closeLogicalChannel(terminal, channelNum);
676 throw ExceptionBase(SCARD_ERROR_OUT_OF_MEMORY);
679 channel = service->getChannel(result);
682 _ERR("channel is null.");
684 throw ExceptionBase(SCARD_ERROR_OUT_OF_MEMORY);
687 /* NOTICE : This code is Access contol implementation in OpenMobile Specification.
688 If you need the Access control in your target, please remove this comment.*/
690 if (_isAuthorizedAccess(channel, aid,
691 service->getParent()->getCertificationHashes()) == true)
695 if (aid == PKCS15::PKCS15_AID)
697 PKCS15 pkcs15(channel);
699 rv = pkcs15.select();
700 if (rv >= SCARD_ERROR_OK)
702 channel->unsetPrivilegeMode();
703 channel->setSelectResponse(pkcs15.getSelectResponse());
707 _ERR("select failed, [%x]", -rv);
709 service->closeChannel(result);
710 throw ExceptionBase(SCARD_ERROR_IO_FAILED);
715 FileObject file(channel);
717 rv = file.select(aid);
718 if (rv >= SCARD_ERROR_OK)
720 channel->unsetPrivilegeMode();
721 channel->setSelectResponse(file.getSelectResponse());
725 _ERR("select failed [%x]", -rv);
727 service->closeChannel(result);
728 throw ExceptionBase(SCARD_ERROR_IO_FAILED);
734 _ERR("unauthorized access");
736 service->closeChannel(result);
737 throw ExceptionBase(SCARD_ERROR_SECURITY_NOT_ALLOWED);
743 void ServerResource::addAccessControlList(Terminal *terminal, AccessControlList *acl)
745 map<Terminal *, AccessControlList *>::iterator item;
747 if ((item = mapACL.find(terminal)) == mapACL.end())
749 mapACL.insert(make_pair(terminal, acl));
757 void ServerResource::addAccessControlList(ServerChannel *channel, AccessControlList *acl)
759 map<Terminal *, AccessControlList *>::iterator item;
761 if ((item = mapACL.find(channel->getTerminal())) == mapACL.end())
763 mapACL.insert(make_pair(channel->getTerminal(), acl));
771 AccessControlList *ServerResource::getAccessControlList(Terminal *terminal)
773 AccessControlList *result = NULL;
774 map<Terminal *, AccessControlList *>::iterator item;
776 if ((item = mapACL.find(terminal)) != mapACL.end())
778 result = item->second;
784 AccessControlList *ServerResource::getAccessControlList(ServerChannel *channel)
786 AccessControlList *result = NULL;
787 map<Terminal *, AccessControlList *>::iterator item;
789 if ((item = mapACL.find(channel->getTerminal())) != mapACL.end())
791 result = item->second;
797 Terminal *ServerResource::createInstance(void *library)
799 Terminal *terminal = NULL;
800 terminal_create_instance_fn createInstance = NULL;
802 /* create se instance */
803 createInstance = (terminal_create_instance_fn)dlsym(library, "create_instance");
804 if (createInstance != NULL)
806 terminal = (Terminal *)createInstance();
807 if (terminal != NULL)
809 _DBG("terminal [%p]", terminal);
813 _ERR("terminal is null");
818 _ERR("create_instance is null [%d]", errno);
824 bool ServerResource::appendSELibrary(char *library)
826 void *libHandle = NULL;
829 libHandle = dlopen(library, RTLD_LAZY);
830 if (libHandle != NULL)
832 Terminal *terminal = NULL;
834 terminal = createInstance(libHandle);
835 if (terminal != NULL)
837 unsigned int handle = IntegerHandle::assignHandle();
839 mapTerminals.insert(make_pair(handle, terminal));
840 libraries.push_back(libHandle);
842 terminal->setStatusCallback(&ServerResource::terminalCallback);
844 _DBG("register success [%s] [%p] [%s] [%p]", library, libHandle, terminal->getName(), terminal);
846 if (terminal->isSecureElementPresence() == true)
848 createReader(handle);
855 _ERR("terminal is null [%s]", library);
862 _ERR("it is not se file [%s] [%d]", library, errno);
868 int ServerResource::loadSecureElements()
872 if (seLoaded == false)
875 struct dirent *entry;
877 if ((dir = opendir(OMAPI_SE_PATH)) != NULL)
879 while ((entry = readdir(dir)) != NULL)
881 if (strncmp(entry->d_name, ".", 1) != 0 &&
882 strncmp(entry->d_name, "..", 2) != 0)
885 /* TODO : need additional name rule :) */
887 /* append each files */
888 snprintf(fullPath, sizeof(fullPath),
889 "%s/%s", OMAPI_SE_PATH, entry->d_name);
891 SECURE_LOGD("se name [%s]", fullPath);
893 result = appendSELibrary(fullPath);
910 void ServerResource::unloadSecureElements()
912 if (seLoaded == true)
915 map<unsigned int, Terminal *>::iterator item;
917 for (item = mapTerminals.begin(); item != mapTerminals.end(); item++)
919 item->second->finalize();
921 IntegerHandle::releaseHandle(item->first);
924 mapTerminals.clear();
926 for (i = 0; i < libraries.size(); i++)
928 if (libraries[i] != NULL)
929 dlclose(libraries[i]);
938 bool ServerResource::isValidReaderHandle(unsigned int reader) const
940 return (getTerminalByReaderID(reader) != NULL);
943 void ServerResource::getReaders(vector<pair<unsigned int, string> > &readers) const
945 const Terminal *terminal;
946 map<unsigned int, unsigned int>::const_iterator item;
950 for (item = mapReaders.begin(); item != mapReaders.end(); item++)
952 if (item->second != IntegerHandle::INVALID_HANDLE)
954 terminal = getTerminal(item->second);
955 if (terminal != NULL && terminal->isSecureElementPresence() == true)
957 readers.push_back(make_pair(item->first, terminal->getName()));
963 int ServerResource::getReadersInformation(ByteArray &info) const
966 unsigned char *buffer = NULL;
967 unsigned int length = 0;
968 unsigned int offset = 0;
969 unsigned int nameLen = 0;
971 if (mapReaders.size() > 0)
973 const Terminal *terminal = NULL;
974 map<unsigned int, unsigned int>::const_iterator item;
976 for (item = mapReaders.begin(); item != mapReaders.end(); item++)
978 if (item->second != IntegerHandle::INVALID_HANDLE)
980 terminal = getTerminal(item->second);
981 if (terminal != NULL)
983 if (terminal->isSecureElementPresence())
985 length += sizeof(nameLen) + strlen(terminal->getName()) + sizeof(unsigned int);
992 buffer = new unsigned char[length];
995 memset(buffer, 0, length);
997 for (item = mapReaders.begin(); item != mapReaders.end(); item++)
999 if (item->second != IntegerHandle::INVALID_HANDLE)
1001 terminal = getTerminal(item->second);
1002 if (terminal != NULL)
1004 if (terminal->isSecureElementPresence())
1006 nameLen = strlen(terminal->getName());
1008 memcpy(buffer + offset, &nameLen, sizeof(nameLen));
1009 offset += sizeof(nameLen);
1011 memcpy(buffer + offset, terminal->getName(), nameLen);
1014 memcpy(buffer + offset, &item->first, sizeof(unsigned int));
1015 offset += sizeof(unsigned int);
1021 info.assign(buffer, length);
1026 _ERR("alloc failed");
1032 _INFO("no secure element");
1038 void ServerResource::terminalCallback(const void *terminal, int event,
1039 int error, void *user_param)
1041 _DBG("terminal [%s], event [%d], error [%d], user_param [%p]", (char *)terminal, event, error, user_param);
1045 case Terminal::NOTIFY_SE_AVAILABLE :
1047 ServerResource &instance = ServerResource::getInstance();
1048 unsigned int terminalID = IntegerHandle::INVALID_HANDLE;
1050 _INFO("[NOTIFY_SE_AVAILABLE]");
1052 terminalID = instance.getTerminalID((char *)terminal);
1053 if (terminalID != IntegerHandle::INVALID_HANDLE)
1055 unsigned int readerID = instance.createReader(terminalID);
1057 ServerGDBus::getInstance().emitReaderInserted(readerID, (const char *)terminal);
1062 case Terminal::NOTIFY_SE_NOT_AVAILABLE :
1064 ServerResource &instance = ServerResource::getInstance();
1065 unsigned int readerID = IntegerHandle::INVALID_HANDLE;
1067 _INFO("[NOTIFY_SE_NOT_AVAILABLE]");
1069 readerID = instance.getReaderID((char *)terminal);
1071 ServerGDBus::getInstance().emitReaderRemoved(
1072 readerID, (const char *)terminal);
1074 instance.removeReader(readerID);
1079 _DBG("terminal [%s], event [%d], error [%d], user_param [%p]", (char *)terminal, event, error, user_param);
1084 unsigned int ServerResource::createReader(unsigned int terminalID)
1086 unsigned int result = -1;
1088 result = IntegerHandle::assignHandle();
1090 mapReaders.insert(make_pair(result, terminalID));
1095 unsigned int ServerResource::getReaderID(const char *name) const
1097 unsigned int result = IntegerHandle::INVALID_HANDLE,
1098 terminalID = IntegerHandle::INVALID_HANDLE;
1100 terminalID = getTerminalID(name);
1101 if (terminalID != IntegerHandle::INVALID_HANDLE)
1103 map<unsigned int, unsigned int>::const_iterator item;
1105 for (item = mapReaders.begin();
1106 item != mapReaders.end(); item++)
1108 if (item->second == terminalID)
1110 result = item->first;
1119 void ServerResource::removeReader(unsigned int readerID)
1121 map<unsigned int, unsigned int>::iterator item;
1123 if ((item = mapReaders.find(readerID)) != mapReaders.end())
1125 item->second = IntegerHandle::INVALID_HANDLE;
1129 ServerChannel *ServerResource::createInternalChannel(Terminal *terminal,
1133 ServerChannel *channel = NULL;
1135 /* open logical channel */
1136 if (channelType == 1)
1138 channelNum = _openLogicalChannel(terminal);
1141 _DBG("channelNum [%d]", channelNum);
1145 _ERR("_openLogicalChannel failed [%d]", channelNum);
1146 throw ExceptionBase(SCARD_ERROR_NOT_ENOUGH_RESOURCE);
1150 /* create channel instance */
1151 channel = new ServerChannel(NULL, NULL, channelNum, terminal);
1156 bool ServerResource::isAuthorizedNFCAccess(Terminal *terminal,
1157 const ByteArray &aid, const vector<ByteArray> &hashes)
1159 bool result = false;
1160 ServerChannel *channel;
1162 if (terminal == NULL) {
1166 channel = createInternalChannel(terminal, 1);
1167 if (channel != NULL) {
1168 AccessControlList *acl = getAccessControlList(channel);
1171 /* load access control defined by Global Platform */
1176 ret = acl->loadACL(channel);
1177 if (ret >= SCARD_ERROR_OK) {
1178 addAccessControlList(channel, acl);
1180 _ERR("unknown error, 0x%x", -ret);
1186 _ERR("alloc failed");
1189 acl->updateACL(channel);
1193 result = acl->isAuthorizedNFCAccess(aid, hashes);
1195 _ERR("acl is null");
1200 _ERR("alloc failed");
1206 bool ServerResource::isAuthorizedAccess(Terminal *terminal,
1207 const ByteArray &aid, const vector<ByteArray> &hashes)
1209 bool result = false;
1210 ServerChannel *channel;
1212 if (terminal == NULL) {
1216 channel = createInternalChannel(terminal, 1);
1217 if (channel != NULL) {
1218 AccessControlList *acl = getAccessControlList(channel);
1221 /* load access control defined by Global Platform */
1226 ret = acl->loadACL(channel);
1227 if (ret >= SCARD_ERROR_OK) {
1228 addAccessControlList(channel, acl);
1230 _ERR("unknown error, 0x%x", -ret);
1236 _ERR("alloc failed");
1239 acl->updateACL(channel);
1243 result = acl->isAuthorizedAccess(aid, hashes);
1245 _ERR("acl is null");
1250 _ERR("alloc failed");
1256 void ServerResource::finish()
1258 if (getClientCount() == 0) {
1259 _INFO("no client connected. terminate server");
1261 smartcard_daemon_exit();
1264 } /* namespace smartcard_service_api */