I work on application that communicate with a custom SIM card with use of Android OMAPI. The application had worked, before I updated Google Pixel to Android 13. Since then, when openLogicalChannel of the Session is called, I get the exception below with scarce information:
Caused by: java.io.IOException: OpenLogicalChannel() failed
at android.se.omapi.Session.openLogicalChannel(Session.java:322)
at android.se.omapi.Session.openLogicalChannel(Session.java:359)
I haven't found any information about OMAPI changes or additional permission in Androdid 13 documentation.
isSecureElementPresent of Reader returns true.
Does anybody have any clues?
As you commented you are not using Android carrier privileges. I'm wondering how this was ever working in your case. In all my setups I needed it for accessing the SEService. The Access Control Enforcer was always checking the access properly in my Pixel devices. Was your previous Pixel device rooted before?
Please try to add the hash of your signing certificate to the ARA or use a generic allow all rule. Maybe you can install this allow all applet on the SIM. For analyzing the APDU traffic I have written an XPosed module displaying additional log messages in the Android radio log.
Related
I am using APNSetting API as described https://developer.android.com/reference/android/telephony/data/ApnSetting.Builder.
I am able to create the APNSetting as an object in my application, but I need to save this APN setting to the shared APN list of the device (Settings - Mobile networks – Access Point Names) . The building of the object seems is not enough. No idea how to solve this. Am I missing any permission of something else that needs to be implemented? No error or warning is raised. I am using a 28+ API level device. Thank you very much for any help.
I have been using the AWS android sdk(s) to deal with files on S3 inside my android application. There were some issues that were being faced by the users and few of these are related to connection timeouts. While setting up the AmazonS3client in my application, I have set the timeout and the retries using the following code:
ClientConfiguration clientConfiguration = new ClientConfiguration();
clientConfiguration.setMaxErrorRetry(4);
clientConfiguration.setConnectionTimeout(10000); // default is 10 secs
clientConfiguration.setSocketTimeout(15000); // default is 50 secs
Everywhere I read, it says that the maxErrorRetryonly does retries for failed retryable requests. Do the errors related to the connection timeout and socket connection timeout also come under this category? If not, what is the solution for this case? I have been searching for this for quite some time now but did not get any clear answer on this.
Also, I have been facing two specific exceptions which I get in my TransferListener callback. There are:
Unable to store object contents to disk: Read time out (14% of all the users who face any AWS exception face this exception)
Unable to store object contents to disk: timeout (17.4% of all the users who face any AWS exception face this exception)
The above two are the most painful for us. I have been assuming that these occur because of there is no more storage left on the user device. I have been using the application specific directory in the external storage to store the files and now thinking to move these to the cache so that the system handles the cleaning of files if there is no more space left on the device. Do you think this is a good solution assuming that the problem is running out of space on the user device.
What are the other possibilities because of which the above mentioned storage related exceptions can occur?
This error occurs at three places in the SDK, out of which two places are significant and applicable here.
(1) https://github.com/aws/aws-sdk-android/blob/0958a37b4757c41cac40597b973ff417e0b758c4/aws-android-sdk-s3/src/main/java/com/amazonaws/services/s3/internal/ServiceUtils.java#L284
(2) https://github.com/aws/aws-sdk-android/blob/3983fda8c2d8703399ac4e9bf6ec0464d000a5af/aws-android-sdk-s3/src/main/java/com/amazonaws/mobileconnectors/s3/transferutility/DownloadTask.java#L161
I suspect that it is in the (2) which is throwing the exception in your case. This can occur for multiple reasons and storage not available is just one of them.
(1) The S3 object does not exist or the S3 bucket/object does not have the required permissions. Please check on AWS S3 Console if you have the required permissions for your users to access content.
(2) There might be a network interruption during the download. Check if there is proper network throughout the transfer
Check AWS CloudWatch Logs to see if there are any failures in the logs.
While trying to carry out an encryption and decryption process on an Android environment, i have the below log.
com.s.sdk.security.SMException: Error loading Local Master Keys, file:
"/cfg/lmktest.lmk" does not exist. Please specify a valid LMK file, or
rebuild a new one. 09-21 11:56:31.792 16182-16182/com.mpos.sdk
W/System.err: at
com.s.sdk.security.jceadapter.JCESecurityModule.init(JCESecurityModule.java:1785)
09-21 11:56:31.792 16182-16182/com.mpos.sdk W/System.err: at
com.s.sdk.security.jceadapter.JCESecurityModule.(JCESecurityModule.java:159)
The reason why I will want to make use of JPOS is simply because I will want to carry out a financial transaction, which will be used in packaging my message.
For the encryption and decryption of data, I am to make use of this JCESecurityModule which works well on other platform, but not on the android OS.
NOTE: The file location in my android studio is app/cfg/test.lmk
I was able to get this file from the JPOS-master on github found in the jPOS-master\jPOS-master\jpos\src\test\resources\org\jpos\security
i.e the lmk-test
which was been used this way
JCESecurityModule sm = new JCESecurityModule("app/cfg/test.lmk");
I have also tried rebuilidng the lmk file, using the below method
public JCESecurityModule (String lmkFile) throws SMException
{
init(null, lmkFile, true);
}
which can be found in the JCESecurityModule class (JPOS)
was still having same issue in loading the lmk file
Thanks
For the sake of completeness, this was also asked on the jPOS's Google Group, and discussed there. https://groups.google.com/forum/#!topic/jpos-users/X3r_PX7lgd4
The encryption was done by a device which is to be connected to a mobile phone to carrying out transactions, but the device makers actually did it this way to provide end to end encryption which you are circumventing. You don't need jpos in the device. You need it at your centrally deployed servers, where you would use real HSMs.
by Victor Salaman
in JPOS users google group https://groups.google.com/forum/#!topic/jpos-users/X3r_PX7lgd4
but you can still carry out the encryption and decryption using some other Module instead of the JCESecurityModule (if the problem still persist). e.g. using the SunJCE
I'm using https://github.com/googledrive/appdatapreferences-android to synchronize preferences data. I got the example working at https://github.com/googledrive/appdatapreferences-android-quickstart.
Then I started implementing it in my own app. When I tried to install I got the error: Installation error: INSTALL_FAILED_CONFLICTING_PROVIDER. This error indicates that I had 2 providers with the same authority on the same device (which is NOT allowed). In this case the authority is "com.google.drive.appdatapreferences"
So I changed the authority in my app (manifest) to be distinct. But then the sync doesn't work anymore since the value is hard-coded in com.google.drive.appdatapreferences.AppdataPreferencesSyncManager.AUTHORITY = "com.sourcebrewery.appdatapreferences"
I really don't want to change the library code in appdatapreferences-android.
Is there any way around this? ...otherwise only 1 app per device can use this library :(
I have successfully used the Android TicTacToe app to cast to the TicTacToe receiver app (AppID "TicTacToe"), using unmodified code from the TicTacToe example on github.
Next, I tried to use my personal receiver app. I got the email a couple of hours letting me know that my device was whitelisted and providing the AppID. I put the AppID in line 90 on GameActivity.java (not line 91, as stated in the instructions), and I also put it in line 35 of tictactoe.html (this step was missing from the instructions, but I assume it is needed). I also followed all steps in the Common Errors section of the instructions.
When I click the Start button in the Android app, the Tic-Tac-Toe board appears in the Android app, but the Chromecast device does not noticeably react.
Here is the LogCat:
07-28 00:13:47.776: W/StartSessionTask(10892): StartApplicationRequest failed with status: -4
07-28 00:13:47.826: E/ApplicationSession(10892): StartSessionTask failed with error: failed to start application: request failed
07-28 00:13:47.826: D/GameActivity(10892): start session failed: failed to start application: request failed
Try checking the box that says "Send this Chromecast's serial number when checking for updates".
Mine didn't work at first, after doing this and restarting mine seemed to pick up the whitelisted appID.
As mentioned by the author of question: Make sure to do from ChromeOS, Windows or Mac OSX client until they fix the issue from Android app.
Clients can be downloaded here: https://cast.google.com/chromecast/setup
This was fixed for me after I restarted the chromecast by removing power.
I tried Aaron's answer several times (was finally able to get the setting to stick using the Chromecast Mac app) but it still was giving this same error.
Then, I discovered I actually uploaded the receiver file to the wrong url. So double check which url was actually whitelisted!
Though even after fixing the url it still was broken. So I think I must have entered the wrong serial number when I made the whitelist request. I resent the whitelist request and the new app ids are working properly.
I solved same problem by using HTTP instead of HTTPS for my local hosted receiver, it seems Chromecast looks for valid certificate.