diff options
author | Jack Yu <jackcwyu@google.com> | 2020-06-08 16:05:01 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-06-08 16:05:01 +0000 |
commit | 7074bc2780e4118a4e10aad17c7cd2bbc1d3ba70 (patch) | |
tree | eb1db0c53464d29ae8890c5150761d63205c60e0 | |
parent | 904263bc38dd5e72d63e237285f5e9f24c64f995 (diff) | |
parent | 69dbe6f5de0429289fce35841c2b394ea25a26bb (diff) | |
download | SecureElement-7074bc2780e4118a4e10aad17c7cd2bbc1d3ba70.tar.gz |
Deny the operation to select ISD-R aid am: 69dbe6f5de
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/SecureElement/+/11786959
Change-Id: I587beab9aea7c31c9ab7c66e02704d74c0805e56
-rw-r--r-- | src/com/android/se/Terminal.java | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/src/com/android/se/Terminal.java b/src/com/android/se/Terminal.java index fb507e0..080f337 100644 --- a/src/com/android/se/Terminal.java +++ b/src/com/android/se/Terminal.java @@ -51,6 +51,7 @@ import com.android.se.security.ChannelAccess; import java.io.IOException; import java.io.PrintWriter; import java.util.ArrayList; +import java.util.Arrays; import java.util.Collection; import java.util.HashMap; import java.util.Map; @@ -84,6 +85,26 @@ public class Terminal { private static final String SECURE_ELEMENT_PRIVILEGED_OPERATION_PERMISSION = "android.permission.SECURE_ELEMENT_PRIVILEGED_OPERATION"; + public static final byte[] ISD_R_AID = + new byte[]{ + (byte) 0xA0, + (byte) 0x00, + (byte) 0x00, + (byte) 0x05, + (byte) 0x59, + (byte) 0x10, + (byte) 0x10, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0x89, + (byte) 0x00, + (byte) 0x00, + (byte) 0x01, + (byte) 0x00, + }; + private ISecureElementHalCallback.Stub mHalCallback = new ISecureElementHalCallback.Stub() { @Override public void onStateChange(boolean state) { @@ -719,7 +740,9 @@ public class Terminal { } mAccessControlEnforcer.setPackageManager(mContext.getPackageManager()); - if (getName().startsWith(SecureElementService.UICC_TERMINAL)) { + // Check carrier privilege when AID is not ISD-R + if (getName().startsWith(SecureElementService.UICC_TERMINAL) + && !Arrays.equals(aid, ISD_R_AID)) { try { PackageManager pm = mContext.getPackageManager(); if (pm != null) { |