问题描述
我工作的一个项目,在Android手机上模拟交通卡,我已经通过Android奇巧文档阅读和发现,为了用一个安全元件模拟卡我需要从OffHostApduService继承。
I'm working on a project to emulate a transport card on an Android phone,I've read through the Android Kitkat documentation and found that in order to emulate a card with a secure element I need to inherit from OffHostApduService.
如何在谷歌花费了大量的时间之后曾经我找不到对的onBind功能写什么,从其他NFC设备重定向APDU到我的移动设备的SIM卡。
How ever after spending a lot of time on Google I couldn't find what to write on the onBind function to redirect APDU from the other NFC device to my mobile device SIM card.
该卡是NFC急症室;乙不兼容这意味着我可以通过发送NFCA或NfcB类的命令呢?
The card is NFC A & B compatible does it means I can send commands to it using the NfcA or NfcB Class ?
我工作在一个三星Galaxy 3,三星Galaxy 4小,二者均具有openmobile API或至少是智能卡的API。我无法修补我的系统,因为我们的目标是坡口,它是可以这样做的市场设备。
I work on a Samsung Galaxy 3, Samsung Galaxy 4 Mini, which both have the openmobile api or at least the SmartCard API. I can't patch my system since the goal is to proove that it's possible to do so on market devices.
感谢您的帮助!
推荐答案
下面的补丁将开启NFC卡模拟路由到UICC上4.4的Nexus 5:
The following patches will turn on NFC card emulation routing to the UICC on 4.4 on Nexus 5 :
首先,在设备/ LGE /锤头文件夹
First in device/lge/hammerhead folder
diff --git a/nfc/libnfc-brcm-20791b05.conf b/nfc/libnfc-brcm-20791b05.conf
index 0ef61c3..9348673 100644
--- a/nfc/libnfc-brcm-20791b05.conf
+++ b/nfc/libnfc-brcm-20791b05.conf
@@ -26,10 +26,10 @@ LPTD_CFG={38:B9:36:01:00:FF:FF:08:00:00:00:A0:0F:40:00:00:12:02:10:00:00:00:2D:0
#
# This is applied at stack startup.
# Use for Host based CE
-NFA_DM_START_UP_CFG={45:CB:01:01:A5:01:01:CA:17:00:00:00:00:06:00:00:00:00:0F:00:00:00:00:E0:67:35:00:14:01:00:00:10:B5:03:01:02:FF:80:01:01:C9:03:03:0F:AB:5B:01:00:B2:04:E8:03:00:00:CF:02:02:08:B1:06:00:20:00:00:00:12:C2:02
+#NFA_DM_START_UP_CFG={45:CB:01:01:A5:01:01:CA:17:00:00:00:00:06:00:00:00:00:0F:00:00:00:00:E0:67:35:00:14:01:00:00:10:B5:03:01:02:FF:80:01:01:C9:03:03:0F:AB:5B:01:00:B2:04:E8:03:00:00:CF:02:02:08:B1:06:00:20:00:00:00:12:C2:0
# Support UICC
-#NFA_DM_START_UP_CFG={45:CB:01:01:A5:01:01:CA:17:00:00:00:00:06:00:00:00:00:0F:00:00:00:00:E0:67:35:00:14:01:00:00:10:B5:03:01:03:FF:80:01:01:C9:03:03:0F:AB:5B:01:02:B2:04:E8:03:00:00:CF:02:02:08:B1:06:00:20:00:00:00:12:C2:0
+NFA_DM_START_UP_CFG={45:CB:01:01:A5:01:01:CA:17:00:00:00:00:06:00:00:00:00:0F:00:00:00:00:E0:67:35:00:14:01:00:00:10:B5:03:01:03:FF:80:01:01:C9:03:03:0F:AB:5B:01:02:B2:04:E8:03:00:00:CF:02:02:08:B1:06:00:20:00:00:00:12:C2:02
###############################################################################
# Pre-Discovery Startup Configuration (256 bytes maximum)
@@ -39,7 +39,7 @@ NFA_DM_START_UP_CFG={45:CB:01:01:A5:01:01:CA:17:00:00:00:00:06:00:00:00:00:0F:00
# Do not set NFA_DM_PRE_DISCOVERY_CFG
# Support UICC
-#NFA_DM_PRE_DISCOVERY_CFG={0A:C2:08:01:88:00:04:40:4B:4C:00}
+NFA_DM_PRE_DISCOVERY_CFG={0A:C2:08:01:88:00:04:40:4B:4C:00}
###############################################################################
# Antenna Configuration - This data is used when setting 0xC8 config item
diff --git a/nfc/libnfc-brcm.conf b/nfc/libnfc-brcm.conf
index 4840a54..afe80cd 100644
--- a/nfc/libnfc-brcm.conf
+++ b/nfc/libnfc-brcm.conf
@@ -2,8 +2,10 @@
###############################################################################
# Application options
-APPL_TRACE_LEVEL=0x01
-PROTOCOL_TRACE_LEVEL=0x00000000
+#APPL_TRACE_LEVEL=0x01
+#PROTOCOL_TRACE_LEVEL=0x00000000
+APPL_TRACE_LEVEL=0xFF
+PROTOCOL_TRACE_LEVEL=0xFFFFFFFF
###############################################################################
# performance measurement
@@ -75,7 +77,7 @@ NFCC_ENABLE_TIMEOUT=1000
# so that the stack will not wait any longer than necessary.
#
# Use for Host based CE
-NFA_MAX_EE_SUPPORTED=0
+#NFA_MAX_EE_SUPPORTED=0
# Use for UICC support
# NFA_MAX_EE_SUPPORTED=3
@@ -88,10 +90,10 @@ NFA_MAX_EE_SUPPORTED=0
# system in order to skip SE initialization.
#
# Use for Host based CE
-ACTIVE_SE=0x0
+#ACTIVE_SE=0x0
# Use for UICC support
-#ACTIVE_SE=0xF3
+ACTIVE_SE=0xF3
###############################################################################
# Configure the NFC Extras to open and use a static pipe. If the value is
然后在文件夹中的包/应用程序/ NFC:
Then in folder packages/apps/Nfc :
diff --git a/src/com/android/nfc/cardemulation/AidRoutingManager.java b/src/com/android/nfc/cardemulation/AidRoutingManager.java
index 154bcf3..951fb2d 100644
--- a/src/com/android/nfc/cardemulation/AidRoutingManager.java
+++ b/src/com/android/nfc/cardemulation/AidRoutingManager.java
@@ -41,7 +41,8 @@ public class AidRoutingManager {
// For Nexus devices, just a static route to the eSE
// OEMs/Carriers could manually map off-host AIDs
// to the correct eSE/UICC based on state they keep.
- static final int DEFAULT_OFFHOST_ROUTE = 0xF4;
+// static final int DEFAULT_OFFHOST_ROUTE = 0xF4;
+ static final int DEFAULT_OFFHOST_ROUTE = 0xF3; // pkvk9345
final Object mLock = new Object();
diff --git a/nci/jni/RoutingManager.cpp b/nci/jni/RoutingManager.cpp
index 83e97d0..885e403 100644
--- a/nci/jni/RoutingManager.cpp
+++ b/nci/jni/RoutingManager.cpp
@@ -89,7 +89,8 @@ void RoutingManager::setDefaultRouting()
ALOGE ("Fail to set default proto routing");
// Tell the UICC to only listen on Nfc-A
- nfaStat = NFA_CeConfigureUiccListenTech (mDefaultEe, 0x01);
+ //nfaStat = NFA_CeConfigureUiccListenTech (mDefaultEe, 0x01);
+ nfaStat = NFA_CeConfigureUiccListenTech (0xF3, 0x03);
if (nfaStat != NFA_STATUS_OK)
ALOGE ("Failed to configure UICC listen technologies");
路由到UICC似乎并不可能在Nexus的4,因为SWP触点没有连接到该设备上的NFC芯片。
Routing to the UICC does not seem possible on the Nexus 4 since the SWP contact is not wired to the NFC chip on this device.
交换的APDU到您的小板门票负荷可以做到通过寻求换的Android智能卡API,正如你提到的,或者在空中以二进制的短信。前者是最简单的(但也许不是最安全的,要看具体情况)。
Exchanging APDUs to your cardlet for ticket loading can be done through seek-for-android smartcard API as you suggest, or over-the-air in a binary SMS. The former is the most simple (but maybe not the most secure, depending on the context).
这篇关于覆盖OffHostApduService路由APDU到SIM卡的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!