Add SecureElement HAL interface am: 241e5aba9e

am: a9938a3d57

Change-Id: Ibac179a8a996d97cea169d12e776ca8e71b49301

secure_element/1.0/Android.bp

@@ -0,0 +1,23 @@
+// This file is autogenerated by hidl-gen -Landroidbp.
+
+hidl_interface {
+    name: "android.hardware.secure_element@1.0",
+    root: "android.hardware",
+    vndk: {
+        enabled: true,
+    },
+    srcs: [
+        "types.hal",
+        "ISecureElement.hal",
+        "ISecureElementHalCallback.hal",
+    ],
+    interfaces: [
+        "android.hidl.base@1.0",
+    ],
+    types: [
+        "LogicalChannelResponse",
+        "SecureElementStatus",
+    ],
+    gen_java: true,
+}
+

secure_element/1.0/ISecureElement.hal

@@ -0,0 +1,121 @@
+/*
+ * Copyright (C) 2017 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.secure_element@1.0;
+
+import ISecureElementHalCallback;
+
+/** According to ISO/IEC 7816 */
+interface ISecureElement {
+    /**
+     * Initializes the Secure Element. This may include updating the applet
+     * and/or vendor-specific initialization.
+     *
+     * HAL service must send onStateChange() with connected equal to true
+     * after all the initialization has been successfully completed.
+     * Clients must wait for a onStateChange(true) before opening channels.
+     *
+     * @param clientCallback callback used to sent status of the SE back to the
+     *                       client
+     */
+    init(ISecureElementHalCallback clientCallback);
+
+    /**
+     * Returns Answer to Reset as per ISO/IEC 7816
+     *
+     * @return response containing the response. Empty vector if Secure Element
+     *                  doesn't support ATR.
+     */
+    getAtr() generates (vec<uint8_t> response);
+
+    /**
+     * Returns the current state of the card.
+     *
+     * This is particularly useful for removable
+     * Secure Elements like UICC, Secure Elements on SD cards etc.
+     *
+     * @return present true if present, false otherwise
+     */
+    isCardPresent() generates (bool present);
+
+    /**
+     * Transmits an APDU command (as per ISO/IEC 7816) to the SE.
+     *
+     * @param data APDU command to be sent
+     * @return response to the command. In case of error in communicating with
+     *                  the secure element, an empty vector is returned.
+     */
+     transmit(vec<uint8_t> data) generates (vec<uint8_t> response);
+
+    /**
+     * Opens a logical channel with the Secure Element, selecting the applet
+     * represented by the Application ID (AID).
+     *
+     * @param aid AID to uniquely identify the applet on the Secure Element
+     * @param p2 P2 paramter of SELECT APDU as per ISO 7816-4
+     * @return status SecureElementStatus::SUCCESS on success,
+     *                SecureElementStatus::CHANNEL_NOT_AVAILABLE if secure
+     *                element has reached the maximum limit on the number of
+     *                channels it can support,
+     *                SecureElementStatus::NO_SUCH_ELEMENT_ERROR if AID provided
+     *                doesn't match any applet on the secure element and
+     *                SecureElementStatus::UNSUPPORTED_OPERATION if operation
+     *                provided by the P2 parameter is not permitted by the
+     *                applet.
+     *                SecureElementStatus::IOERROR if there was an error
+     *                communicating with the Secure Element.
+     * @return response On success, response to SELECT command is returned
+     *                        empty vector on failure.
+     */
+    openLogicalChannel(vec<uint8_t> aid, uint8_t p2)
+        generates (LogicalChannelResponse response, SecureElementStatus status);
+
+
+    /**
+     * Opens a basic channel with the Secure Element, selecting the applet
+     * represented by the Application ID (AID).
+     *
+     * @param aid AID to uniquely identify the applet on the Secure Element
+     * @param p2 P2 paramter of SELECT APDU as per ISO 7816-4
+     * @return status SecureElementStatus::SUCCESS on success,
+     *                SecureElementStatus::CHANNEL_NOT_AVAILABLE if secure
+     *                element has reached the maximum limit on the number of
+     *                channels it can support,
+     *                SecureElementStatus::NO_SUCH_ELEMENT_ERROR if AID provided
+     *                doesn't match any applet on the secure element and
+     *                SecureElementStatus::UNSUPPORTED_OPERATION if operation
+     *                provided by the P2 parameter is not permitted by the
+     *                applet.
+     *                SecureElementStatus::IOERROR if there was an error
+     *                communicating with the Secure Element.
+     * @return selectResponse On success, response to SELECT command is returned
+     *                        empty vector on failure.
+     */
+    openBasicChannel(vec<uint8_t> aid, uint8_t p2)
+        generates (vec<uint8_t> selectResponse, SecureElementStatus status);
+
+    /**
+     * Closes the channel indicated by the channelNumber.
+     *
+     * Closing a basic channel, i.e with channelNumber 0 must return
+     * SecureElementStatus::FAILED.
+     *
+     * @param channelNumber to be closed
+     * @return status SecureElementStatus::SUCCESS on success and
+     *                SecureElementStatus::FAILED on error.
+     */
+    closeChannel(uint8_t channelNumber) generates (SecureElementStatus status);
+};

secure_element/1.0/ISecureElementHalCallback.hal

@@ -0,0 +1,21 @@
+/*
+ * Copyright (C) 2017 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.secure_element@1.0;
+
+interface ISecureElementHalCallback {
+    onStateChange(bool connected);
+};

secure_element/1.0/types.hal

@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2017 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.secure_element@1.0;
+
+enum SecureElementStatus : uint8_t {
+    SUCCESS               = 0,
+    FAILED                = 1,
+    CHANNEL_NOT_AVAILABLE = 2,
+    NO_SUCH_ELEMENT_ERROR = 3,
+    UNSUPPORTED_OPERATION = 4,
+    IOERROR = 5
+};
+
+struct LogicalChannelResponse {
+    /** Channel number to uniquely identify the channel */
+    uint8_t channelNumber;
+    /** Response to SELECT command as per ISO/IEC 7816 */
+    vec<uint8_t> selectResponse;
+};