From 27b30c61d0d36b35ddab58350fec7ae3efca1164 Mon Sep 17 00:00:00 2001 From: Henri Chataing Date: Mon, 27 Feb 2023 17:28:12 +0000 Subject: [PATCH] secure_element/aidl: Add error case for transmit() Modify the semantics of transmit() to return a service specific error with code CHANNEL_NOT_AVAILABLE if there was an error in communicating with the secure element. This can happen if the SE is put in low power mode when no logical or basic channel is opened, e.g. Bug: 270091254 Test: m VtsHalSecureElementTargetTest Change-Id: I7df3ec6d9b6d5eeb2272971c44fc078a8558d2e6 --- .../hardware/secure_element/ISecureElement.aidl | 3 +++ .../aidl/vts/VtsHalSecureElementTargetTest.cpp | 17 +++++++++++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/secure_element/aidl/android/hardware/secure_element/ISecureElement.aidl b/secure_element/aidl/android/hardware/secure_element/ISecureElement.aidl index b9ce9d1c8f..8c0dd6dfa0 100644 --- a/secure_element/aidl/android/hardware/secure_element/ISecureElement.aidl +++ b/secure_element/aidl/android/hardware/secure_element/ISecureElement.aidl @@ -123,6 +123,9 @@ interface ISecureElement { /** * Transmits an APDU command (as per ISO/IEC 7816) to the SE. * + * @throws ServiceSpecificException with code CHANNEL_NOT_AVAILABLE + * if there was an error in communicating with the secure element. + * * @param data APDU command to be sent * @return response to the command */ diff --git a/secure_element/aidl/vts/VtsHalSecureElementTargetTest.cpp b/secure_element/aidl/vts/VtsHalSecureElementTargetTest.cpp index 2e96f7dbea..0925a2188f 100644 --- a/secure_element/aidl/vts/VtsHalSecureElementTargetTest.cpp +++ b/secure_element/aidl/vts/VtsHalSecureElementTargetTest.cpp @@ -136,18 +136,27 @@ class SecureElementAidl : public ::testing::TestWithParam { apdu[0] |= (channel_number - 4) | 0x40; } - EXPECT_OK(secure_element_->transmit(apdu, &response)); + // transmit() will return an empty response with the error + // code CHANNEL_NOT_AVAILABLE when the SE cannot be + // communicated with. + auto status = secure_element_->transmit(apdu, &response); + if (!status.isOk()) { + return 0x6881; + } + + // transmit() will return a response containing at least + // the APDU response status otherwise. EXPECT_GE(response.size(), 2u); - uint16_t status = + uint16_t apdu_status = (response[response.size() - 2] << 8) | (response[response.size() - 1] << 0); // When the command is successful the response // must contain 256 bytes of data. - if (status == 0x9000) { + if (apdu_status == 0x9000) { EXPECT_EQ(response.size(), 258); } - return status; + return apdu_status; } std::shared_ptr secure_element_;