1 /* 2 * Copyright (C) 2017 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 /* 17 * Copyright (c) 2017, The Linux Foundation. 18 */ 19 20 /* 21 * Copyright 2012 Giesecke & Devrient GmbH. 22 * 23 * Licensed under the Apache License, Version 2.0 (the "License"); 24 * you may not use this file except in compliance with the License. 25 * You may obtain a copy of the License at 26 * 27 * http://www.apache.org/licenses/LICENSE-2.0 28 * 29 * Unless required by applicable law or agreed to in writing, software 30 * distributed under the License is distributed on an "AS IS" BASIS, 31 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 32 * See the License for the specific language governing permissions and 33 * limitations under the License. 34 */ 35 package com.android.se.security.gpac; 36 37 import java.util.ArrayList; 38 39 /** 40 * Response-ALL-AR-DO All access rules stored in the Secure Element have to be returned by the ARA-M 41 * after a GET DATA (All) command in the response data field within a Response-ALL-AR-DO. The GET 42 * DATA command can also be applied iteratively with subsequent GET DATA (Next) commands if the 43 * Response-ALL-AR-DO is too large for the GET DATA (All) command. The length field of the 44 * Response-ALL-AR-DO shall always contain the full length of the DOs value to determine on device 45 * side if a subsequent GET DATA (Next) command is needed. 46 */ 47 public class Response_ALL_AR_DO extends BerTlv { 48 49 public static final int TAG = 0xFF40; 50 51 private ArrayList<REF_AR_DO> mRefArDos = new ArrayList<REF_AR_DO>(); 52 Response_ALL_AR_DO(byte[] rawData, int valueIndex, int valueLength)53 public Response_ALL_AR_DO(byte[] rawData, int valueIndex, int valueLength) { 54 super(rawData, TAG, valueIndex, valueLength); 55 } 56 getRefArDos()57 public ArrayList<REF_AR_DO> getRefArDos() { 58 return mRefArDos; 59 } 60 61 @Override 62 /** 63 * Tag: FF 40 64 * 65 * <p>Length: n or 0 If n is equal to zero, then there are no rules to fetch. 66 * 67 * <p>Value: REF-AR-DO 1..n or empty An REF-AR-DO if access rules exist. REF-AR-DOs can occur 68 * several times in a concatenated DO chain if several REF-AR-DO exist on the SE. The value is 69 * empty if access rules do not exist. 70 */ interpret()71 public void interpret() throws ParserException { 72 73 mRefArDos.clear(); 74 75 byte[] data = getRawData(); 76 int index = getValueIndex(); 77 78 if (getValueLength() == 0) { 79 // No Access rule available for the requested reference. 80 return; 81 } 82 83 if (index + getValueLength() > data.length) { 84 throw new ParserException("Not enough data for Response_AR_DO!"); 85 } 86 87 BerTlv temp; 88 int currentPos = index; 89 int endPos = index + getValueLength(); 90 do { 91 temp = BerTlv.decode(data, currentPos); 92 93 REF_AR_DO tempRefArDo; 94 95 if (temp.getTag() == REF_AR_DO.TAG) { // REF-AR-DO tag 96 tempRefArDo = new REF_AR_DO(data, temp.getValueIndex(), temp.getValueLength()); 97 tempRefArDo.interpret(); 98 mRefArDos.add(tempRefArDo); 99 } else { 100 // uncomment following line if a more restrictive 101 // behavior is necessary. 102 // throw new ParserException("Invalid DO in Response-ALL-AR-DO!"); 103 } 104 // get REF-AR-DOs as long as data is available. 105 currentPos = temp.getValueIndex() + temp.getValueLength(); 106 } while (currentPos < endPos); 107 } 108 } 109