Hy... I'm trying to find a source code that implementing android HCE with secure element. I have read these two articles right here :
http://developer.android.com/samples/CardEmulation/index.html
http://blog.opendatalab.de/hack/2013/11/07/android-host-card-emulation-with-acr122/
But those just shows an Android HCE without secure element. I have read another blogs too, but none of them shows me the source code example. Just some explanations about Secure elements or else....
Can someone help me with this...?? I need an android source code example with secure element included...And ooowh.. I dont need third party librari, for example from SEEK FOR ANDROID/SIM ALLIANCE or usmile project...
Thanks in adnvace.... :-)
Your question doesn't make sense. You can't have HCE (Host Based Card Emulation) using a secure element. The sole purpose of HCE is, that you don't have to access the secure element.
What you'll probably want is to put a card emulation application into the secure element.
Bad news first: You will very likely not be able to do this because you need to authenticate with the secure element to install any applications. It is highly unlikely that you'll ever get the keys.
Anyway:
To get access to the secure element you have to use a non public API. The relevant files are available in the android source tree at:
<android-sdk-base>frameworks/base/nfc-extras
With a bit of luck you can access the classes provided using java reflection. Once you have access to the classes you'll need an instance of the class NfcExecutionEnvironment. This class provides the function:
byte[] transceive(byte[] in)
This is the communication channel to the secure element. The function expects ISO7816-4 commands, and you can expect it to behave like a JavaCard SmartCard with NFC extensions. Given that you have the keys to authenticate to the SE you should be able to upload and install ordinary JavaCard .cap files directly to the SE.
Using the SEEK API is probably easier and more flexible as it may allow you to install applets to a NFC-SIM card as well.
Related
I would like to create an android application. In this application I would like to create a PKCS file system (like in Java Card applet) (not involving secure element) and perform cryptographic operations through APDU commands. Is it possible? Any valuable suggestions?
Thanks in advance.
Yes, although APDU's are meant to be send over a T=0 or T=1 transmission protocol. You may map those on the internet protocol, but some mapping may be required.
You could start with JCardSim which implements the Java Card specifications (in part) on the JRE. It will likely also run on Android, although you may have to make some modifications.
I am currently designing a secure file storage Android application as part of a group coursework. I am charged with the security side of the app.
Where can I learn about the the classes and imports that Android offers to implement password hashing, encryption of the stored files and such? I have looked on the android developers site, but it was of little use to me, as I am inexperienced with android.
Thanks.
You can find useful information about Android Security here: http://developer.android.com/training/articles/security-tips.html
Anyway, any app on Android is isolated from the other, so you're basically safe until you keep your data in the private storage (obviously if the user has root permission you cannot avoid the reading of these private files).
If you're going to write file OUTSIDE (as on the SD), you will have to implement some algorithm to enrcypt your files.
You can look for AES encyption in Java: Java 256-bit AES Password-Based Encryption
I'm looking for a type (model) of NFC tag/card that would be capable of communicating with Android device and do the following:
Receive a data message
Sign or encrypt it with a secret key stored on the card
Send the signed/encrypted data back to the device.
In addition, the card should be able to return the open key by a
request
Is there any NXP or other chip capable of doing the task?
The NXP chips J3A041, J3A081, J3D081 etc. will probably fit your requirements. As well as chips from other vendors like AT90SC20818RCFV, SLE77CLFX2400PM, S3CT9KA, SA23YR18, M7794 etc.
Will you develop your own OS for this? Looks more practical to use a solutions like JCOP, CONVEGO Join, JK21 etc. to use Java Card for card side development.
If you would like to concentrate efforts just on Android side - a ready tag like NFCCipher may work for you.
The NXP SmartMX line of chips that sport an asymmetric co-processor should be able to do that. If you want to design your own protocol then a Java Card solution (like JCOP on NXP) should do the trick. Signature generation is generally available on higher end processor models, but there should be plenty choice between those.
As the title says - is there something in iOS that lets you say 'this file is allowed to be accessed by other apps' - preferably only readable, but read/write would be good enough.
Basically I am trying to place a file outside the sandbox so other apps can read it - preferably via the openURL that points to a local file rather than an http address.
Thanks
Edit:
I just received an answer from Apple Tech support and they told me that this is currently impossible (just after iOS 6 released)
I don't think it's possible to do it the way you describe. Last I checked, apps can only write inside their sandbox dir and cannot read inside other apps' sandboxes (though IIRC there used to be a few other writable directories).
What, exactly, is the end result you are trying to achieve?
If you know the app you want to read the data, you can use a custom URL scheme.
If you have a file of a certain type (extension/content-type, I think), you can use UIDocumentInteractionController to let the user pick an app to open it in.
If you just want to share some data with any app, the closest I can think of is a custom UIPasteboard. OpenUDID does this for a slightly dubious purpose.
I am currently investigating the implementation of UPnP.
First of all, i luckily found a open-source application that implements
the renderer(DMR) based on the cybergarage library in Android device.
You can find it here:
http://code.google.com/p/stream2android/
(Thanks the developer for this source as my start-up material.)
However, I have some questions below:
The description files puzzle me. Can anyone let me know how to write the description
file .xml? I have searched this topic but not yet found anything can instruct me
comprehensively. what does description file exactly do and how does this file interact
with UPnP?
The project so far implements the renderer(DMR) function and only supports the video
streaming. I want to do it supporting both image and audio media types. What is/are the
key(s) I should pay attention?
Thanks for your reply and instruction in advance. : )
Device description file, well, describes the UPnP device :-) Any device wanting to participate in UPnP network must serve this file in a well known location (URL), so that any other device in the UPnP network can get this XML and know what is the device type, name, serial number and most importantly, what services it implements. I recommend you download the UPnP specs bundle and navigate yourself to documents/UPnP-arch-DeviceArchitecture pdf. This is the starting point for understanding UPnP. It is written very understandably and goes in the exact steps of the device which wants to join UPnP network. Device description is there complete with example and explanation of each single entry.
"Streaming" in UPnP is simply downloading the media binary with HTTP GET. I simplify for the moment because i don't expect you to use any other transport like RTSP or FireWire. So, "streaming" itself is not a problem, you just need to inform the UPnP network that you accept (example) also image/jpeg and audio/mpeg, not only video/mpeg. "the key you should pay attention" is the fact that you must be able to render all that binary data which you asked for. It's not as much about the "streaming" as about having proper codecs and know how to use them on your platform.