diff options
author | Martijn Coenen <maco@google.com> | 2014-09-08 21:34:22 -0700 |
---|---|---|
committer | Martijn Coenen <maco@google.com> | 2014-09-08 21:37:59 -0700 |
commit | c19c065b6d0e1a088780c4dca27a1404d5926765 (patch) | |
tree | 80fc306e820caea226517ab2c9aa4454db61d2d9 /etc | |
parent | d0393d4d0f421623fb52328fda5ab6a3d93a1a84 (diff) | |
download | android_packages_apps_Nfc-c19c065b6d0e1a088780c4dca27a1404d5926765.tar.gz android_packages_apps_Nfc-c19c065b6d0e1a088780c4dca27a1404d5926765.tar.bz2 android_packages_apps_Nfc-c19c065b6d0e1a088780c4dca27a1404d5926765.zip |
Reinstate RF field events.
These are generic enough to maintain in AOSP,
and can still be protected by nfcee_access.xml
like they used to be.
Bug: 16653617
Change-Id: Id604fcc45d4263b24fea2f16ca6a24e25f8580c3
Diffstat (limited to 'etc')
-rw-r--r-- | etc/sample_nfcee_access.xml | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/etc/sample_nfcee_access.xml b/etc/sample_nfcee_access.xml new file mode 100644 index 00000000..d6c8707d --- /dev/null +++ b/etc/sample_nfcee_access.xml @@ -0,0 +1,45 @@ +<?xml version="1.0" encoding="utf-8"?> +<resources xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2"> + <!-- The built in list of signatures and package names that are allowed + access to the NFCEE (Secure Element). + + Format: + <signer android:signature="SIGNATURE"> + <package android:name="PACKAGE_NAME" /> + ... + </signer> + ... + + Rules: + SIGNATURE is a hex encoded X.509 certificate + See Debug section to generate hex encoded certificates. + PACKAGE_NAME is a Android package name + Zero or more signer tags are allowed. + Each signer tag must have one android:signature. + Zero or more package tags are allowed per signer. + Each package tag must have one android:name. + If a signer has zero package tags, then ANY application with the + specified certificate is granted NFCEE access. + If a signer has one or more package tags, then an application signed + with the specified certificate must have a package name that is an + exact match of one of the specified package names to be granted + NFCEE access. + Duplicate signer tags are not allowed. + Duplicate package tags for a single signer are not allowed. + + Example: + In this example, any application from the first signer is granted + access, but only applications with the specified package names + are granted access for the second signer. + <signer android:signature="308201c53082012ea00302010202044ebb27cc300d06092a864886f70d01010505003026310f300d060355040a1306476f6f676c65311330110603550403130a4e69636b2050656c6c793020170d3131313131303031323432385a180f32313131313031373031323432385a3026310f300d060355040a1306476f6f676c65311330110603550403130a4e69636b2050656c6c7930819f300d06092a864886f70d010101050003818d00308189028181008d43e546b3f5572707a095ced120d8f06781fa162bcf0ffa0ed0ecb48eb90ed009f65a5a1afd69fb4d38cf24e931b69b061741b8c7ca9f785ba59509e883f5a308f5e2da3c496bb362a2229da8f95f08a92f7f94c829c56e78a34e5147d138d0be0671cb5b7caceaffae6199ba544496a7645e7df3c9f02c5ac156eb0501584f0203010001300d06092a864886f70d0101050500038181003511bcb73651a7927db71ad76e4f6dc5ba121c941ae0fd4dfe519aae8775520b204a5e3cdad2c61ad41aff2c510dbe3376a7578d8aba00f35633e1ae72c91ec83d80eac6f5f081fb8361c6c30c47b0a17932d859d7e991e02cba410a82b35234b2b1bc859e50fe308bf9b64b71a8046777300c07ead159287c187b8865e23f23" /> + <signer android:signature="3082044c30820334a003020102020900de7695041d7650c0300d06092a864886f70d01010505003077310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f6964311330110603550403130a476f6f676c65204e4643301e170d3131303332343031303332345a170d3338303830393031303332345a3077310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f6964311330110603550403130a476f6f676c65204e464330820120300d06092a864886f70d01010105000382010d00308201080282010100e6ff3defe92aa10d71eb0fa6408bc036b7e243eeed68a6a4763dc7a52a31757cdac61fe510bb73c716e4000104265b347fcecef4c42bf1e1379dd0a876f028227fbbc1f9bdd5d713b2f6a935a379d2cba9c96f92d2d0787c11f1eb19548008a6a072b34b91836cfa0ae1276780e9007530166986a11c9cef46cef7c704806dde9431fb60284d120ab0e7de1d633f07687d468c51139afffdc6bc9a207ca904b8be1da0aa7b4e97756f43606488be5cae3c68e8bb7942cdf51607c930a2fcda655b75d0759cba89ad06e739bd0ba29b1f404296c2c0a85a847f5ab0d067c6c3ec9c49212042ac63a7e53b546c65b46080b4e3e680e23e1f77cfe7f6de744b1a65020103a381dc3081d9301d0603551d0e04160414a2e89064b05d08865c34db930a9d840050117aec3081a90603551d230481a130819e8014a2e89064b05d08865c34db930a9d840050117aeca17ba4793077310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f6964311330110603550403130a476f6f676c65204e4643820900de7695041d7650c0300c0603551d13040530030101ff300d06092a864886f70d010105050003820101003771870ce87c3c52ea84899230c6e962d94b4d5f1293c25d88261541fd90b5555d1285cef3b8312c3f5df691a8aae04cb981b305e427fd1d2d9e1987e1d29078f13c8452990f1821980263d8d4bd36519348d8d8ba26d8b99fbf09f5fd3ebb0ea3c2f0c9376f1e1fca76f3a6a405429d081b752a7a90b756e9ab44da41abc8e1e8f88ac2758da743fb73e650719a57840ccb6b7add21b99fc681e456e1872c223d5c074adf55f6abda268c2d8b64ea0a8845eecd968f92b493127e75c753c3ff30cbc678b51c9f52961472f17da20a0dc6274aa2463434c1a9b614df697d8ff5ca8101e7a25c7db3fb055d65569c04b01d389cabba57b3a1703ec2e74a88d334"> + <package android:name="com.foo.my.awesome.wallet" /> + <package android:name="com.foo.my.awesome.wallet.tests" /> + </signer> + + Debug: + Including the tag <debug /> will print to logcat the + hex encoded signature of applications that are denied NFCEE + access, for easy cut-and-paste into this file. + --> +</resources> |