From b623b8c3e3f128bb6a5b7534c2961334f9838ac0 Mon Sep 17 00:00:00 2001 From: Alisher Alikhodjaev Date: Wed, 10 May 2023 18:27:42 -0700 Subject: Ensure that SecureNFC setting cannot be bypassed Bug: 268038643 Test: ctsverifier (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:6cb53d963d376b97963120a4d2c7df961789e428) Merged-In: I53a45c3600dc6bba7009921ca5135ee37b5edfd0 Change-Id: I53a45c3600dc6bba7009921ca5135ee37b5edfd0 --- src/com/android/nfc/NfcService.java | 6 ++++++ src/com/android/nfc/cardemulation/HostEmulationManager.java | 4 +++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/src/com/android/nfc/NfcService.java b/src/com/android/nfc/NfcService.java index 7e99b8b9..edbdda91 100644 --- a/src/com/android/nfc/NfcService.java +++ b/src/com/android/nfc/NfcService.java @@ -1166,6 +1166,12 @@ public class NfcService implements DeviceHostListener { } } + public boolean isSecureNfcEnabled() { + synchronized (NfcService.this) { + return mIsSecureNfcEnabled; + } + } + final class NfcAdapterService extends INfcAdapter.Stub { @Override public boolean enable() throws RemoteException { diff --git a/src/com/android/nfc/cardemulation/HostEmulationManager.java b/src/com/android/nfc/cardemulation/HostEmulationManager.java index 81462024..8849cca5 100644 --- a/src/com/android/nfc/cardemulation/HostEmulationManager.java +++ b/src/com/android/nfc/cardemulation/HostEmulationManager.java @@ -188,7 +188,9 @@ public class HostEmulationManager { // Resolve to default // Check if resolvedService requires unlock ApduServiceInfo defaultServiceInfo = resolveInfo.defaultService; - if (defaultServiceInfo.requiresUnlock() && mKeyguard.isKeyguardLocked()) { + if ((defaultServiceInfo.requiresUnlock() + || NfcService.getInstance().isSecureNfcEnabled()) + && mKeyguard.isKeyguardLocked()) { NfcService.getInstance().sendRequireUnlockIntent(); NfcService.getInstance().sendData(AID_NOT_FOUND); if (DBG) Log.d(TAG, "requiresUnlock()! show toast"); -- cgit v1.2.3