2 * Copyright (c) 2012, 2013 Samsung Electronics Co., Ltd.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 /* standard library header */
24 /* SLP library header */
28 #include "ServerResource.h"
29 #include "TerminalInterface.h"
30 #include "APDUHelper.h"
31 #include "SignatureHelper.h"
34 #include "ServerGDBus.h"
35 #include "smartcard-daemon.h"
38 #define EXTERN_API __attribute__((visibility("default")))
43 namespace smartcard_service_api
45 unsigned int IntegerHandle::newHandle = 0;
46 set<unsigned int> IntegerHandle::setHandles;
47 PMutex IntegerHandle::mutexLock;
49 unsigned int IntegerHandle::assignHandle()
53 pair<set<unsigned int>::iterator, bool> result;
58 if (newHandle == (unsigned int)-1)
63 result = setHandles.insert(newHandle);
65 while (!result.second);
68 _DBG("assign handle : newHandle [%d]", newHandle);
73 void IntegerHandle::releaseHandle(unsigned int handle)
75 _DBG("will be released : Handle [%d]", handle);
79 setHandles.erase(handle);
83 #define OMAPI_SE_PATH "/usr/lib/se"
85 ServerResource::ServerResource() : seLoaded(false)
91 ServerResource::~ServerResource()
95 ServerResource &ServerResource::getInstance()
97 static ServerResource serverResource;
99 return serverResource;
102 bool ServerResource::createClient(const char *name, pid_t pid)
106 if (getClient(name) == NULL) {
107 ClientInstance *instance = new ClientInstance(name, pid);
108 if (instance != NULL) {
109 mapClients.insert(make_pair(name, instance));
112 _ERR("alloc failed"); //LCOV_EXCL_LINE
115 _ERR("client already exist, name [%s]", name); //LCOV_EXCL_LINE
121 ClientInstance *ServerResource::getClient(const char *name)
123 ClientInstance *result = NULL;
124 map<string, ClientInstance *>::iterator item;
126 if ((item = mapClients.find(name)) != mapClients.end())
128 result = item->second;
134 void ServerResource::removeClient(const char *name)
136 map<string, ClientInstance *>::iterator item;
138 if ((item = mapClients.find(name)) != mapClients.end()) {
140 mapClients.erase(item);
142 _DBG("client removed already, name [%s]", name); //LCOV_EXCL_LINE
146 /* LCOV_EXCL_START */
147 void ServerResource::removeClients()
149 map<string, ClientInstance *>::iterator item;
151 for (item = mapClients.begin(); item != mapClients.end(); item++)
159 int ServerResource::getClientCount() const
161 return (int)mapClients.size();
164 ServiceInstance *ServerResource::createService(const char *name)
166 ServiceInstance *result = NULL;
167 ClientInstance *instance = NULL;
169 if ((instance = getClient(name)) != NULL) {
170 if ((result = instance->createService()) == NULL) {
171 _ERR("ClientInstance::createService failed [%s]", name);
174 _ERR("client doesn't exist, name [%s]", name);
180 ServiceInstance *ServerResource::getService(const char *name, unsigned int handle)
182 ServiceInstance *result = NULL;
183 ClientInstance *instance = NULL;
185 if ((instance = getClient(name)) != NULL) {
186 result = instance->getService(handle);
188 _ERR("client doesn't exist, name [%s]", name);
194 void ServerResource::removeService(const char *name, unsigned int handle)
196 ClientInstance *instance = NULL;
198 if ((instance = getClient(name)) != NULL) {
199 instance->removeService(handle);
200 if (instance->getServiceCounts() == 0) {
201 /* remove client instance */
205 _ERR("client doesn't exist, name [%s]", name);
209 void ServerResource::removeServices(const char *name)
211 ClientInstance *instance = NULL;
213 if ((instance = getClient(name)) != NULL) {
214 instance->removeServices();
216 /* remove client instance */
219 _ERR("client doesn't exist, name [%s]", name);
223 unsigned int ServerResource::createSession(const char *name, unsigned int handle, unsigned int readerID, vector<ByteArray> &certHashes, void *caller)
225 unsigned int result = -1;
226 Terminal *temp = NULL;
227 ServiceInstance *instance = NULL;
229 if ((instance = getService(name, handle)) != NULL) {
230 if ((temp = getTerminalByReaderID(readerID)) != NULL) {
231 result = instance->openSession(temp, certHashes, caller);
234 _ERR("getService doesn't exist : name [%s], handle [%d]", name, handle);
240 ServerSession *ServerResource::getSession(const char *name, unsigned int handle, unsigned int sessionID)
242 ServerSession *result = NULL;
243 ServiceInstance *instance = NULL;
245 if ((instance = getService(name, handle)) != NULL) {
246 result = instance->getSession(sessionID);
248 _ERR("Session doesn't exist : name [%s], handle [%d], handle [%d]", name, handle, sessionID);
254 bool ServerResource::isValidSessionHandle(const char *name, unsigned int handle, unsigned int session)
256 ServiceInstance *instance = NULL;
258 return (((instance = getService(name, handle)) != NULL) && (instance->isVaildSessionHandle(session)));
261 bool ServerResource::isValidChannelHandle(const char *name, unsigned int handle, unsigned int channel)
263 ServiceInstance *instance = NULL;
265 return (((instance = getService(name, handle)) != NULL) && (instance->isVaildChannelHandle(channel)));
268 unsigned int ServerResource::getChannelCount(const char *name, unsigned int handle, unsigned int sessionID)
270 unsigned int result = -1;
271 ServiceInstance *instance = NULL;
273 if ((instance = getService(name, handle)) != NULL) {
274 result = instance->getChannelCountBySession(sessionID);
276 _ERR("getService doesn't exist : name [%s], handle [%d]", name, handle);
282 void ServerResource::removeSession(const char *name, unsigned int handle, unsigned int sessionID)
284 ServiceInstance *instance = NULL;
286 if ((instance = getService(name, handle)) != NULL) {
287 instance->closeSession(sessionID);
289 _ERR("getService doesn't exist : name [%s], handle [%d]", name, handle);
293 unsigned int ServerResource::createChannel(const char *name, unsigned int handle, unsigned int sessionID, int channelType, ByteArray aid)
295 unsigned int result = -1;
296 ServiceInstance *service = NULL;
298 if ((service = getService(name, handle)) != NULL) {
299 if (service->isVaildSessionHandle(sessionID) == true) {
300 ServerSession *session = NULL;
301 Terminal *terminal = NULL;
303 terminal = service->getTerminal(sessionID);
304 session = service->getSession(sessionID);
305 if (terminal != NULL && session != NULL) {
306 if (terminal->open() == true) {
307 result = _createChannel(terminal, service, channelType, sessionID, aid);
308 if (result == IntegerHandle::INVALID_HANDLE) {
309 _ERR("create channel failed [%d]", sessionID);
314 _ERR("terminal open failed");
315 throw ExceptionBase(SCARD_ERROR_UNAVAILABLE);
318 _ERR("session is invalid [%d]", sessionID);
319 throw ExceptionBase(SCARD_ERROR_UNAVAILABLE);
322 _ERR("session is invalid [%d]", sessionID);
323 throw ExceptionBase(SCARD_ERROR_ILLEGAL_STATE);
326 _ERR("getService is failed, name [%s], handle [%d]", name, handle);
327 throw ExceptionBase(SCARD_ERROR_UNAVAILABLE);
333 Channel *ServerResource::getChannel(const char *name, unsigned int handle, unsigned int channelID)
335 Channel *result = NULL;
336 ServiceInstance *instance = NULL;
338 if ((instance = getService(name, handle)) != NULL) {
339 result = instance->getChannel(channelID);
341 _ERR("Channel doesn't exist : name [%s], handle [%d], handle [%d]", name, handle, channelID);
347 void ServerResource::removeChannel(const char *name, unsigned int handle, unsigned int channelID)
349 ServiceInstance *instance = NULL;
351 if ((instance = getService(name, handle)) != NULL) {
352 ServerChannel *channel;
353 Terminal *terminal = NULL;
355 channel = instance->getChannel(channelID);
356 if (channel != NULL) {
357 terminal = channel->getTerminal();
360 instance->closeChannel(channelID);
362 if (terminal != NULL) {
366 _ERR("getService doesn't exist : name [%s], handle [%d]", name, handle);
370 Terminal *ServerResource::getTerminal(unsigned int terminalID)
372 Terminal *result = NULL;
373 map<unsigned int, Terminal *>::iterator item;
375 if ((item = mapTerminals.find(terminalID)) != mapTerminals.end()) {
376 result = item->second;
378 _ERR("Terminal doesn't exist [%d]", terminalID);
384 const Terminal *ServerResource::getTerminal(unsigned int terminalID) const
386 const Terminal *result = NULL;
387 map<unsigned int, Terminal *>::const_iterator item;
389 if ((item = mapTerminals.find(terminalID)) != mapTerminals.end()) {
390 result = item->second;
392 _ERR("Terminal doesn't exist [%d]", terminalID);
398 Terminal *ServerResource::getTerminal(const char *name)
400 Terminal *result = NULL;
401 map<unsigned int, Terminal *>::iterator item;
403 for (item = mapTerminals.begin(); item != mapTerminals.end(); item++)
405 if (strncmp(name, item->second->getName(), strlen(name)) == 0)
407 result = item->second;
415 Terminal *ServerResource::getTerminalByReaderID(unsigned int readerID)
417 Terminal *result = NULL;
418 map<unsigned int, unsigned int>::iterator item;
420 if ((item = mapReaders.find(readerID)) != mapReaders.end()) {
421 result = getTerminal(item->second);
423 _ERR("Terminal doesn't exist, reader ID [%d]", readerID);
429 const Terminal *ServerResource::getTerminalByReaderID(unsigned int readerID) const
431 const Terminal *result = NULL;
432 map<unsigned int, unsigned int>::const_iterator item;
434 if ((item = mapReaders.find(readerID)) != mapReaders.end()) {
435 result = getTerminal(item->second);
437 _ERR("Terminal doesn't exist, reader ID [%d]", readerID);
443 unsigned int ServerResource::getTerminalID(const char *name) const
445 unsigned int result = IntegerHandle::INVALID_HANDLE;
446 map<unsigned int, Terminal *>::const_iterator item;
448 for (item = mapTerminals.begin();
449 item != mapTerminals.end(); item++)
451 if (strncmp(name, item->second->getName(),
454 result = item->first;
462 bool ServerResource::_isAuthorizedAccess(ServerChannel *channel,
463 const ByteArray &aid, const vector<ByteArray> &hashes)
466 AccessControlList *acList = NULL;
468 /* request open channel sequence */
469 if ((acList = getAccessControlList(channel)) == NULL) {
470 /* load access control defined by Global Platform */
471 GPACE *acl = new GPACE();
475 ret = acl->loadACL(channel);
476 if (ret >= SCARD_ERROR_OK) {
478 addAccessControlList(channel, acList);
480 _ERR("unknown error, 0x%x", -ret);
484 _ERR("alloc failed");
487 acList->loadACL(channel);
490 if (acList != NULL) {
491 result = acList->isAuthorizedAccess(aid, hashes);
497 int ServerResource::_openLogicalChannel(Terminal *terminal)
505 command = APDUHelper::generateAPDU(APDUHelper::COMMAND_OPEN_LOGICAL_CHANNEL, 0, ByteArray::EMPTY);
507 _DBG("command [%zu] : %s", command.size(), command.toString().c_str());
509 rv = terminal->transmitSync(command, response);
510 if (rv == 0 && response.size() >= 2) {
511 ResponseHelper resp(response);
513 if (resp.getStatus() >= 0) {
514 result = resp.getDataField()[0];
516 result = resp.getStatus();
519 _ERR("transmitSync failed, rv [%d], length [%zu]", rv, response.size());
525 int ServerResource::_closeLogicalChannel(Terminal *terminal, int channelNum)
527 int result = SCARD_ERROR_UNKNOWN;
533 command = APDUHelper::generateAPDU(APDUHelper::COMMAND_CLOSE_LOGICAL_CHANNEL, channelNum, ByteArray::EMPTY);
535 _DBG("command [%zu] : %s", command.size(), command.toString().c_str());
537 rv = terminal->transmitSync(command, response);
538 if (rv == 0 && response.size() >= 2) {
539 ResponseHelper resp(response);
541 if (resp.getStatus() >= 0) {
542 _DBG("channel closed [%d]", channelNum);
543 result = SCARD_ERROR_OK;
545 _ERR("status word [ %02X %02X ]", resp.getSW1(), resp.getSW2());
548 _ERR("select apdu is failed, rv [%d], length [%zu]", rv, response.size());
554 unsigned int ServerResource::_createChannel(Terminal *terminal,
555 ServiceInstance *service, int channelType,
556 unsigned int sessionID, const ByteArray &aid)
558 unsigned int result = IntegerHandle::INVALID_HANDLE;
560 ServerChannel *channel = NULL;
562 /* open logical channel */
563 if (channelType == 1) {
564 channelNum = _openLogicalChannel(terminal);
565 if (channelNum > 0) {
566 _DBG("channelNum [%d]", channelNum);
568 _ERR("_openLogicalChannel failed [%d]", channelNum);
569 throw ExceptionBase(SCARD_ERROR_NOT_ENOUGH_RESOURCE);
573 /* create channel instance */
574 result = service->openChannel(sessionID, channelNum, ByteArray::EMPTY);
575 if (result == IntegerHandle::INVALID_HANDLE)
577 _ERR("channel is null.");
579 /* close logical channel */
582 _closeLogicalChannel(terminal, channelNum);
584 throw ExceptionBase(SCARD_ERROR_OUT_OF_MEMORY);
587 channel = service->getChannel(result);
590 _ERR("channel is null.");
592 throw ExceptionBase(SCARD_ERROR_OUT_OF_MEMORY);
595 /* NOTICE : This code is Access contol implementation in OpenMobile Specification.
596 If you need the Access control in your target, please remove this comment.*/
598 if (_isAuthorizedAccess(channel, aid,
599 service->getParent()->getCertificationHashes()) == true) {
602 if (aid == PKCS15::PKCS15_AID) {
603 PKCS15 pkcs15(channel);
605 rv = pkcs15.select();
606 if (rv >= SCARD_ERROR_OK) {
607 channel->unsetPrivilegeMode();
608 channel->setSelectResponse(pkcs15.getSelectResponse());
610 _ERR("select failed, [%x]", -rv);
612 service->closeChannel(result);
613 throw ExceptionBase(SCARD_ERROR_IO_FAILED);
616 FileObject file(channel);
618 rv = file.select(aid);
619 if (rv >= SCARD_ERROR_OK) {
620 channel->unsetPrivilegeMode();
621 channel->setSelectResponse(file.getSelectResponse());
623 _ERR("select failed [%x]", -rv);
625 service->closeChannel(result);
626 throw ExceptionBase(SCARD_ERROR_IO_FAILED);
630 _ERR("unauthorized access");
632 service->closeChannel(result);
633 throw ExceptionBase(SCARD_ERROR_SECURITY_NOT_ALLOWED);
639 void ServerResource::addAccessControlList(Terminal *terminal, AccessControlList *acl)
641 map<Terminal *, AccessControlList *>::iterator item;
643 if ((item = mapACL.find(terminal)) == mapACL.end()) {
644 mapACL.insert(make_pair(terminal, acl));
650 void ServerResource::addAccessControlList(ServerChannel *channel, AccessControlList *acl)
652 map<Terminal *, AccessControlList *>::iterator item;
654 if ((item = mapACL.find(channel->getTerminal())) == mapACL.end()) {
655 mapACL.insert(make_pair(channel->getTerminal(), acl));
661 AccessControlList *ServerResource::getAccessControlList(Terminal *terminal)
663 AccessControlList *result = NULL;
664 map<Terminal *, AccessControlList *>::iterator item;
666 if ((item = mapACL.find(terminal)) != mapACL.end())
668 result = item->second;
674 AccessControlList *ServerResource::getAccessControlList(ServerChannel *channel)
676 AccessControlList *result = NULL;
677 map<Terminal *, AccessControlList *>::iterator item;
679 if ((item = mapACL.find(channel->getTerminal())) != mapACL.end())
681 result = item->second;
687 Terminal *ServerResource::createInstance(void *library)
689 Terminal *terminal = NULL;
690 terminal_create_instance_fn createInstance = NULL;
692 /* create se instance */
693 createInstance = (terminal_create_instance_fn)dlsym(library, "create_instance");
694 if (createInstance != NULL) {
695 terminal = (Terminal *)createInstance();
696 if (terminal != NULL) {
697 _DBG("terminal [%p]", terminal);
699 _ERR("terminal is null");
702 _ERR("create_instance is null [%d]", errno);
708 bool ServerResource::appendSELibrary(char *library)
710 void *libHandle = NULL;
713 libHandle = dlopen(library, RTLD_LAZY);
714 if (libHandle != NULL) {
715 Terminal *terminal = NULL;
717 terminal = createInstance(libHandle);
718 if (terminal != NULL) {
719 unsigned int handle = IntegerHandle::assignHandle();
721 mapTerminals.insert(make_pair(handle, terminal));
722 libraries.push_back(libHandle);
724 terminal->setStatusCallback(&ServerResource::terminalCallback);
726 _DBG("register success [%s] [%p] [%s] [%p]", library, libHandle, terminal->getName(), terminal);
728 if (terminal->isSecureElementPresence() == true) {
729 createReader(handle);
734 _ERR("terminal is null [%s]", library);
739 _ERR("it is not se file [%s] [%d]", library, errno);
745 int ServerResource::loadSecureElements()
749 if (seLoaded == false) {
751 struct dirent *entry;
753 if ((dir = opendir(OMAPI_SE_PATH)) != NULL) {
754 while ((entry = readdir(dir)) != NULL) {
755 if (strncmp(entry->d_name, ".", 1) != 0 &&
756 strncmp(entry->d_name, "..", 2) != 0) {
758 /* TODO : need additional name rule :) */
760 /* append each files */
761 snprintf(fullPath, sizeof(fullPath),
762 "%s/%s", OMAPI_SE_PATH, entry->d_name);
764 SECURE_LOGD("se name [%s]", fullPath); //LCOV_EXCL_LINE
766 result = appendSELibrary(fullPath);
781 void ServerResource::unloadSecureElements()
783 if (seLoaded == true)
786 map<unsigned int, Terminal *>::iterator item;
788 for (item = mapTerminals.begin(); item != mapTerminals.end(); item++)
790 item->second->finalize();
792 IntegerHandle::releaseHandle(item->first);
795 mapTerminals.clear();
797 for (i = 0; i < libraries.size(); i++)
799 if (libraries[i] != NULL)
800 dlclose(libraries[i]);
809 bool ServerResource::isValidReaderHandle(unsigned int reader) const
811 return (getTerminalByReaderID(reader) != NULL);
814 void ServerResource::getReaders(vector<pair<unsigned int, string> > &readers) const
816 const Terminal *terminal;
817 map<unsigned int, unsigned int>::const_iterator item;
821 for (item = mapReaders.begin(); item != mapReaders.end(); item++)
823 if (item->second != IntegerHandle::INVALID_HANDLE)
825 terminal = getTerminal(item->second);
826 if (terminal != NULL && terminal->isSecureElementPresence() == true)
828 readers.push_back(make_pair(item->first, terminal->getName()));
834 int ServerResource::getReadersInformation(ByteArray &info) const
837 unsigned char *buffer = NULL;
838 unsigned int length = 0;
839 unsigned int offset = 0;
840 unsigned int nameLen = 0;
842 if (mapReaders.size() > 0) {
843 const Terminal *terminal = NULL;
844 map<unsigned int, unsigned int>::const_iterator item;
846 for (item = mapReaders.begin(); item != mapReaders.end(); item++) {
847 if (item->second != IntegerHandle::INVALID_HANDLE) {
848 terminal = getTerminal(item->second);
849 if (terminal != NULL) {
850 if (terminal->getName() == NULL) {
851 _ERR("terminal name is NULL");
855 if (terminal->isSecureElementPresence()) {
856 length += sizeof(nameLen) + strlen(terminal->getName()) + sizeof(unsigned int);
863 buffer = new unsigned char[length + 1];
864 if (buffer != NULL) {
865 memset(buffer, 0, length + 1);
867 for (item = mapReaders.begin(); item != mapReaders.end(); item++) {
868 if (item->second != IntegerHandle::INVALID_HANDLE) {
869 terminal = getTerminal(item->second);
870 if (terminal != NULL) {
871 if (terminal->isSecureElementPresence()) {
872 nameLen = strlen(terminal->getName());
874 memcpy(buffer + offset, &nameLen, sizeof(nameLen));
875 offset += sizeof(nameLen);
877 memcpy(buffer + offset, terminal->getName(), nameLen);
880 memcpy(buffer + offset, &item->first, sizeof(unsigned int));
881 offset += sizeof(unsigned int);
883 buffer[offset] = '\0';
889 info.assign(buffer, length);
892 _ERR("alloc failed");
896 _INFO("no secure element");
902 void ServerResource::terminalCallback(const void *terminal, int event,
903 int error, void *user_param)
905 _DBG("terminal [%s], event [%d], error [%d], user_param [%p]", (char *)terminal, event, error, user_param);
909 case Terminal::NOTIFY_SE_AVAILABLE :
911 ServerResource &instance = ServerResource::getInstance();
912 unsigned int terminalID = IntegerHandle::INVALID_HANDLE;
914 _INFO("[NOTIFY_SE_AVAILABLE]");
916 terminalID = instance.getTerminalID((char *)terminal);
917 if (terminalID != IntegerHandle::INVALID_HANDLE)
919 unsigned int readerID = instance.createReader(terminalID);
921 ServerGDBus::getInstance().emitReaderInserted(readerID, (const char *)terminal);
926 case Terminal::NOTIFY_SE_NOT_AVAILABLE :
928 ServerResource &instance = ServerResource::getInstance();
929 unsigned int readerID = IntegerHandle::INVALID_HANDLE;
931 _INFO("[NOTIFY_SE_NOT_AVAILABLE]");
933 readerID = instance.getReaderID((char *)terminal);
935 ServerGDBus::getInstance().emitReaderRemoved(
936 readerID, (const char *)terminal);
938 instance.removeReader(readerID);
942 case Terminal::NOTIFY_CARD_AVAILABLE :
944 ServerResource &instance = ServerResource::getInstance();
945 unsigned int readerID = IntegerHandle::INVALID_HANDLE;
947 _INFO("[NOTIFY_CARD_AVAILABLE]");
949 readerID = instance.getReaderID((char *)terminal);
951 ServerGDBus::getInstance().emitCardInserted(
952 readerID, (const char *)terminal);
955 case Terminal::NOTIFY_CARD_NOT_AVAILABLE :
957 ServerResource &instance = ServerResource::getInstance();
958 unsigned int readerID = IntegerHandle::INVALID_HANDLE;
960 _INFO("[NOTIFY_CARD_NOT_AVAILABLE]");
962 readerID = instance.getReaderID((char *)terminal);
964 ServerGDBus::getInstance().emitCardRemoved(
965 readerID, (const char *)terminal);
969 _DBG("terminal [%s], event [%d], error [%d], user_param [%p]", (char *)terminal, event, error, user_param);
974 unsigned int ServerResource::createReader(unsigned int terminalID)
976 unsigned int result = -1;
978 result = IntegerHandle::assignHandle();
980 mapReaders.insert(make_pair(result, terminalID));
985 unsigned int ServerResource::getReaderID(const char *name) const
987 unsigned int result = IntegerHandle::INVALID_HANDLE,
988 terminalID = IntegerHandle::INVALID_HANDLE;
990 terminalID = getTerminalID(name);
991 if (terminalID != IntegerHandle::INVALID_HANDLE)
993 map<unsigned int, unsigned int>::const_iterator item;
995 for (item = mapReaders.begin();
996 item != mapReaders.end(); item++)
998 if (item->second == terminalID)
1000 result = item->first;
1009 void ServerResource::removeReader(unsigned int readerID)
1011 map<unsigned int, unsigned int>::iterator item;
1013 if ((item = mapReaders.find(readerID)) != mapReaders.end())
1015 item->second = IntegerHandle::INVALID_HANDLE;
1019 ServerChannel *ServerResource::createInternalChannel(Terminal *terminal,
1023 ServerChannel *channel = NULL;
1025 /* open logical channel */
1026 if (channelType == 1) {
1027 channelNum = _openLogicalChannel(terminal);
1028 if (channelNum > 0) {
1029 _DBG("channelNum [%d]", channelNum);
1031 _ERR("_openLogicalChannel failed [%d]", channelNum);
1032 throw ExceptionBase(SCARD_ERROR_NOT_ENOUGH_RESOURCE);
1036 /* create channel instance */
1037 channel = new ServerChannel(NULL, NULL, channelNum, terminal);
1042 bool ServerResource::isAuthorizedNFCAccess(Terminal *terminal,
1043 const ByteArray &aid, const vector<ByteArray> &hashes)
1045 bool result = false;
1046 ServerChannel *channel;
1048 if (terminal == NULL) {
1052 channel = createInternalChannel(terminal, 1);
1053 if (channel != NULL) {
1054 AccessControlList *acl = getAccessControlList(channel);
1056 /* load access control defined by Global Platform */
1061 ret = acl->loadACL(channel);
1062 if (ret >= SCARD_ERROR_OK) {
1063 addAccessControlList(channel, acl);
1065 _ERR("unknown error, 0x%x", -ret);
1071 _ERR("alloc failed");
1074 acl->updateACL(channel);
1078 result = acl->isAuthorizedNFCAccess(aid, hashes);
1080 _ERR("acl is null");
1085 _ERR("alloc failed");
1091 bool ServerResource::isAuthorizedAccess(Terminal *terminal,
1092 const ByteArray &aid, const vector<ByteArray> &hashes)
1094 bool result = false;
1095 ServerChannel *channel;
1097 if (terminal == NULL) {
1101 channel = createInternalChannel(terminal, 1);
1102 if (channel != NULL) {
1103 AccessControlList *acl = getAccessControlList(channel);
1105 /* load access control defined by Global Platform */
1110 ret = acl->loadACL(channel);
1111 if (ret >= SCARD_ERROR_OK) {
1112 addAccessControlList(channel, acl);
1114 _ERR("unknown error, 0x%x", -ret);
1120 _ERR("alloc failed");
1123 acl->updateACL(channel);
1127 result = acl->isAuthorizedAccess(aid, hashes);
1129 _ERR("acl is null");
1134 _ERR("alloc failed");
1139 /* LCOV_EXCL_STOP */
1141 void ServerResource::finish()
1143 if (getClientCount() == 0) {
1144 _INFO("no client connected. terminate server");
1146 smartcard_daemon_exit();
1149 } /* namespace smartcard_service_api */