2 * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 /* standard library header */
20 /* SLP library header */
25 #include "PKCS15ODF.h"
26 #include "PKCS15DODF.h"
27 #include "NumberStream.h"
28 #include "SimpleTLV.h"
29 #include "AccessCondition.h"
32 #define EXTERN_API __attribute__((visibility("default")))
35 namespace smartcard_service_api
37 static unsigned char oid_globalplatform[] = { 0x2A, 0x86, 0x48, 0x86, 0xFC, 0x6B, 0x81, 0x48, 0x01, 0x01 };
38 ByteArray GPSEACL::OID_GLOBALPLATFORM(ARRAY_AND_SIZE(oid_globalplatform));
40 GPSEACL::GPSEACL(Channel *channel):AccessControlList(channel)
42 this->channel = channel;
44 if (channel->getSelectResponse().isEmpty() == true)
46 pkcs15 = new PKCS15(channel);
50 pkcs15 = new PKCS15(channel, channel->getSelectResponse());
62 int GPSEACL::loadACL()
64 ByteArray aid, certHash;
67 if ((odf = pkcs15->getODF()) != NULL)
71 if ((dodf = odf->getDODF()) != NULL)
73 loadAccessControl(dodf);
75 printAccessControlList();
79 SCARD_DEBUG_ERR("dodf null");
84 SCARD_DEBUG_ERR("odf null");
90 int GPSEACL::loadAccessControl(PKCS15DODF *dodf)
94 if (dodf->searchOID(OID_GLOBALPLATFORM, path) == 0)
97 FileObject file(channel);
99 SCARD_DEBUG("oid path : %s", path.toString());
101 file.select(NumberStream::getLittleEndianNumber(path));
102 file.readBinary(0, 0, file.getFCP()->getFileSize(), data);
104 SCARD_DEBUG("data : %s", data.toString());
108 if (tlv.decodeTLV() == true && tlv.getTag() == 0x30) /* SEQUENCE : AccessControlMainFile */
110 tlv.enterToValueTLV();
113 ByteArray refreshTag;
115 refreshTag = SimpleTLV::getOctetString(tlv);
116 SCARD_DEBUG("current refresh tag : %s", refreshTag.toString());
118 if (this->refreshTag != refreshTag) /* need to update access control list */
120 this->refreshTag = refreshTag;
124 /* access control rule path */
125 if (tlv.decodeTLV() == true && tlv.getTag() == 0x30) /* SEQUENCE : Path */
127 /* TODO : parse path */
131 path = SimpleTLV::getOctetString(tlv.getValue());
132 SCARD_DEBUG("access control rule path : %s", path.toString());
134 if (loadRules(path) == 0)
136 SCARD_DEBUG("loadRules success");
140 SCARD_DEBUG_ERR("loadRules failed");
144 tlv.returnToParentTLV();
148 SCARD_DEBUG_ERR("tlv.decodeTLV failed");
153 SCARD_DEBUG_ERR("search failed");
159 int GPSEACL::loadRules(ByteArray path)
161 FileObject file(channel);
164 file.select(NumberStream::getLittleEndianNumber(path));
165 file.readBinary(0, 0, file.getFCP()->getFileSize(), data);
167 SCARD_DEBUG("data : %s", data.toString());
171 while (tlv.decodeTLV() == true && tlv.getTag() == 0x30) /* SEQUENCE : Rule */
173 tlv.enterToValueTLV();
174 if (tlv.decodeTLV() == true)
177 switch (tlv.getTag())
179 case 0xA0 : /* CHOICE 0 : EXPLICIT AID */
181 aid = SimpleTLV::getOctetString(tlv.getValue());
184 case 0x81 : /* CHOICE 1?? : default */
185 aid = AccessControlList::AID_DEFAULT;
188 case 0x82 : /* CHOICE 2?? : any application */
189 aid = AccessControlList::AID_ALL;
193 SCARD_DEBUG("aid : %s", aid.toString());
195 /* access condition path */
196 if (tlv.decodeTLV() == true && tlv.getTag() == 0x30) /* SEQUENCE : Path */
201 path = SimpleTLV::getOctetString(tlv.getValue());
202 SCARD_DEBUG("path : %s", path.toString());
204 if (loadAccessConditions(aid, path) == 0)
206 SCARD_DEBUG("loadCertHashes success");
210 SCARD_DEBUG_ERR("loadCertHashes failed");
215 SCARD_DEBUG_ERR("decodeTLV failed");
220 SCARD_DEBUG_ERR("decodeTLV failed");
222 tlv.returnToParentTLV();
228 int GPSEACL::loadAccessConditions(ByteArray aid, ByteArray path)
230 FileObject file(channel);
233 file.select(NumberStream::getLittleEndianNumber(path));
234 file.readBinary(0, 0, file.getFCP()->getFileSize(), data);
236 SCARD_DEBUG("data : %s", data.toString());
238 AccessCondition condition;
240 condition.loadAccessCondition(aid, data);
242 pair<ByteArray, AccessCondition> newItem(aid, condition);
244 mapConditions.insert(newItem);
249 } /* namespace smartcard_service_api */
252 #define GP_SE_ACL_EXTERN_BEGIN \
253 if (handle != NULL) \
255 GPSEACL *acl = (GPSEACL *)handle;
257 #define GP_SE_ACL_EXTERN_END \
261 SCARD_DEBUG_ERR("Invalid param"); \
264 using namespace smartcard_service_api;
266 EXTERN_API gp_se_acl_h gp_se_acl_create_instance(channel_h channel)
268 GPSEACL *acl = new GPSEACL((Channel *)channel);
270 return (gp_se_acl_h)acl;
273 EXTERN_API int gp_se_acl_load_acl(gp_se_acl_h handle)
277 GP_SE_ACL_EXTERN_BEGIN;
278 result = acl->loadACL();
279 GP_SE_ACL_EXTERN_END;
284 EXTERN_API int gp_se_acl_update_acl(gp_se_acl_h handle)
288 GP_SE_ACL_EXTERN_BEGIN;
290 GP_SE_ACL_EXTERN_END;
295 EXTERN_API void gp_se_acl_release_acl(gp_se_acl_h handle)
297 GP_SE_ACL_EXTERN_BEGIN;
299 GP_SE_ACL_EXTERN_END;
302 EXTERN_API bool gp_se_acl_is_authorized_access(gp_se_acl_h handle, unsigned char *aidBuffer, unsigned int aidLength, unsigned char *certHashBuffer, unsigned int certHashLength)
306 GP_SE_ACL_EXTERN_BEGIN;
307 result = acl->isAuthorizedAccess(aidBuffer, aidLength, certHashBuffer, certHashLength);
308 GP_SE_ACL_EXTERN_END;
313 EXTERN_API void gp_se_acl_destroy_instance(gp_se_acl_h handle)
315 GP_SE_ACL_EXTERN_BEGIN;
317 GP_SE_ACL_EXTERN_END;