Host-based Card Emulation(基于主机的卡片仿真)

最新推荐文章于 2024-09-10 13:44:44 发布
最新推荐文章于 2024-09-10 13:44:44 发布
阅读量1.6k 收藏
点赞数
分类专栏: Android 编程
本文介绍了Android 4.4中引入的主机基卡模拟(HCE),包括如何实现HCE服务、处理APDU指令、解决AID冲突等内容,并探讨了HCE实施中的注意事项。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

Many SIM cards provided by wireless carriers also contain a secure element.Android 4.4 introduces an additional method of card emulation that does not involve a secure element, called host-based card emulation

Android 4.4 supports several protocols that are common in the market today.

Specifically, Android 4.4 supports emulating cards that are based on the NFC-Forum ISO-DEP specification (based on ISO/IEC 14443-4) and process Application Protocol Data Units (APDUs) as defined in the ISO/IEC 7816-4 specification. Android mandates emulating ISO-DEP only on top of the Nfc-A (ISO/IEC 14443-3 Type A) technology. Support for Nfc-B (ISO/IEC 14443-4 Type B) technology is optional.

The HCE architecture in Android is based around Android Service components (known as "HCE services").

This is where the ISO/IEC 7816-4 specification comes in: it defines a way to select applications, centered around an Application ID (AID). An AID consists of up to 16 bytes. 

An AID group is a list of AIDs that should be considered as belonging together by the OS. For all AIDs in an AID group, Android guarantees one of the following:

  • All AIDs in the group are routed to this HCE service
  • No AIDs in the group are routed to this HCE service (for example, because the user preferred another service which requested one or more AIDs in your group as well)

In other words, there is no in-between state, where some AIDs in the group can be routed to one HCE service, and some to another.

The first step is therefore to extend  HostApduService . 
public class MyHostApduService extends HostApduService {
    @Override
    public byte[] processCommandApdu(byte[] apdu, Bundle extras) {
       ...
    }
    @Override
    public void onDeactivated(int reason) {
       ...
    }
}

HostApduService declares two abstract methods that need to be overridden and implemented.

processCommandApdu() is called whenever a NFC reader sends an Application Protocol Data Unit (APDU) to your service. APDUs are defined in the ISO/IEC 7816-4 specification as well. APDUs are the application-level packets being exchanged between the NFC reader and your HCE service. 

Note: The ISO/IEC 7816-4 specification also defines the concept of multiple logical channels, where you can have multiple parallel APDU exchanges on separate logical channels. Android’s HCE implementation however only supports a single logical channel, so there’s only a single-threaded exchange of APDUs.

》 Finally, you must set the android:exported attribute to true, and require the"android.permission.BIND_NFC_SERVICE" permission in your service declaration. The former ensures that the service can be bound to by external applications. The latter then enforces that only external applications that hold the "android.permission.BIND_NFC_SERVICE" permission can bind to your service. Since"android.permission.BIND_NFC_SERVICE" is a system permission, this effectively enforces that only the Android OS can bind to your service.

Here's an example of a HostApduService manifest declaration:

<service android:name=".MyHostApduService" android:exported="true"
         android:permission="android.permission.BIND_NFC_SERVICE">
    <intent-filter>
        <action android:name="android.nfc.cardemulation.action.HOST_APDU_SERVICE"/>
    </intent-filter>
    <meta-data android:name="android.nfc.cardemulation.host_apdu_service"
               android:resource="@xml/apduservice"/>
</service>

This meta-data tag points to an apduservice.xml file. An example of such a file with a single AID group declaration containing two proprietary AIDs is shown below:

<host-apdu-service xmlns:android="http://schemas.android.com/apk/res/android"
           android:description="@string/servicedesc"
           android:requireDeviceUnlock="false">
    <aid-group android:description="@string/aiddescription"
               android:category="other">
        <aid-filter android:name="F0010203040506"/>
        <aid-filter android:name="F0394148148100"/>
    </aid-group>
</host-apdu-service>

AID Conflict Resolution

Multiple HostApduService components may be installed on a single device, and the same AID can be registered by more than one service. The Android platform resolves AID conflicts depending on which category an AID belongs to. Each category may have a different conflict resolution policy.

This asset should be sized 260x96 dp, and can be specified in your meta-data XML file by adding theandroid:apduServiceBanner attribute to the <host-apdu-service> tag, which points to the drawable resource. An example is shown below:

<host-apdu-service xmlns:android="http://schemas.android.com/apk/res/android"
        android:description="@string/servicedesc"
        android:requireDeviceUnlock="false"
        android:apduServiceBanner="@drawable/my_banner">
    <aid-group android:description="@string/aiddescription"
               android:category="payment">
        <aid-filter android:name="F0010203040506"/>
        <aid-filter android:name="F0394148148100"/>
    </aid-group>
</host-apdu-service>
》 The meta-data XML file must use the  <offhost-apdu-service>  root tag. 
  • <service android:name=".MyOffHostApduService" android:exported="true"
         android:permission="android.permission.BIND_NFC_SERVICE">
    <intent-filter>
        <action android:name="android.nfc.cardemulation.action.OFF_HOST_APDU_SERVICE"/>
    </intent-filter>
    <meta-data android:name="android.nfc.cardemulation.off_host_apdu_ervice"
               android:resource="@xml/apduservice"/>
</service>

An example of the corresponding apduservice.xml file registering two AIDs:

<offhost-apdu-service xmlns:android="http://schemas.android.com/apk/res/android"
           android:description="@string/servicedesc">
    <aid-group android:description="@string/subscription" android:category="other">
        <aid-filter android:name="F0010203040506"/>
        <aid-filter android:name="F0394148148100"/>
    </aid-group>
</offhost-apdu-service>

For securely storing and retrieving the data that you want to send from your HCE service, you can, for example, rely on the Android Application Sandbox, which isolates your app's data from other apps. For more details on Android security, read Security Tips .

As noted earlier, HCE implementations only support a single logical channel. Attempting to select applications on different logical channels will not work on a HCE device.

Android使用NFC模拟M卡实现 ()
Ooo0oops
12-14 1万+
Android使用NFC模拟M卡实现 () Android使用NFC模拟M卡实现 () Android使用NFC模拟M卡实现 () 在百度找一遍,没有一篇,讲的比较通俗易懂的文件。讲解Android 的NFC 功能card emulation。 略有点用的附在下面。 参考: 安卓 NFC 主机卡模拟 来自 <https://blog.csdn...
NFC_SoftwareCardEmulation
10-11
NFC功能Android手机上进行卡模拟(Card Emulation)官方技术说明文档
CardEmulation
06-24
Android CardEmulation 示例 此示例演示了如何使用 Android 4.4 中添加的“主机卡模拟”功能模拟 NFC 卡。 此示例使设备在屏幕打开时显示为会员卡,并且用户在适当配置的 NFC 读取器上点击他们的设备。 “CardReader”示例可用于读取此示例中实现的会员卡。 先决条件 安卓 SDK v21 安卓构建工具 v21.1.1 Android 支持库 入门 此示例使用 Gradle 构建系统。 要构建此项目,请使用“gradlew build”命令或在 Android Studio 中使用“导入项目”。 支持 Google+ 社区: : 堆栈溢出: : 如果您在此示例中发现错误,请提出问题: : 鼓励补丁,并且可以通过分叉这个项目并通过 GitHub 提交拉取请求来提交。 有关更多详细信息,请参阅 CONTRIBUTING.md。 执照
基于主机的卡仿真(Host-based Card Emulation)
chuyouyinghe的专栏
12-15 1757
能提供NFC功能很多Android手机已经支持NFC卡模拟。在大多数情况下,该卡是由设备中的单独的芯片仿真,所谓的安全元件。由无线运营商提供了许多的SIM卡还包含一个安全元件。 安卓4.4引入卡仿真的附加方法,该方法不涉及安全元件,称为基于主机的卡模拟。这允许任何Android应用程序来模拟卡,并直接与NFC读取器。本文档介绍了如何基于主机的卡仿真( HCE )适用于Android和如何使
Host-based Card Emulation
热门推荐
jwzhangjie的专栏
03-25 1万+
基于主机的卡仿真(Host-based Card Emulation) 能提供NFC功能很多Android手机已经支持NFC卡模拟。在大多数情况下,该卡是由设备中的单独的芯片仿真,所谓的安全元件。由无线运营商提供了许多的SIM卡还包含一个安全元件。 安卓4.4引入卡仿真的附加方法,该方法不涉及安全元件,称为基于主机的卡模拟。这允许任何Android应用程序来模拟卡,并直接与NFC读取器。本
Android Host-based Card Emulation
司马懿的西山居
12-29 3013
译自 https://developer.android.google.cn/guide/topics/connectivity/nfc/hce.html Many Android-powered devices that offer NFC functionality already support NFC card emulation. In most cases, the card is
HCE:Host-based Card Emulation基于Android设备的卡片模拟器
尘埃落定
01-14 4123
HCE技术支持提供了一个软实现SE的通路,Service实现的方式很多,可以使用文件,使用网络,甚至连接真正的SE。 支持HCE的测试手机:目前可以确定使用了NXP PN547作为CLF的NFC手机已经打通了HCE。市面上可见的目前有Sony Xperia Z2 和 Samsung Galaxy S5。 一份参考资料:http://developer.android.com/guide/top
HCE (HCE 基于主机的卡模拟).zip
03-17
HCE(Host-based Card Emulation,基于主机的卡模拟)是Android系统中的一种技术,它允许智能手机模拟智能卡的功能,使设备能够在支持NFC(近场通信)的环境中进行非接触式支付和其他卡服务。这项技术首次出现在...
Build directory for the kernel ------------------------------ When compiling the kernel, all output files will per default be stored together with the kernel source code. Using the option ``make O=output/dir`` allows you to specify an alternate place for the output files (including .config). Example:: kernel source code: /usr/src/linux-4.X build directory: /home/name/build/kernel To configure and build the kernel, use:: cd /usr/src/linux-4.X make O=/home/name/build/kernel menuconfig make O=/home/name/build/kernel sudo make O=/home/name/build/kernel modules_install install Please note: If the ``O=output/dir`` option is used, then it must be used for all invocations of make. Configuring the kernel ---------------------- Do not skip this step even if you are only upgrading one minor version. New configuration options are added in each release, and odd problems will turn up if the configuration files are not set up as expected. If you want to carry your existing configuration to a new version with minimal work, use ``make oldconfig``, which will only ask you for the answers to new questions. - Alternative configuration commands are:: "make config" Plain text interface. "make menuconfig" Text based color menus, radiolists & dialogs. "make nconfig" Enhanced text based color menus. "make xconfig" Qt based configuration tool. "make gconfig" GTK+ based configuration tool. "make oldconfig" Default all questions based on the contents of your existing ./.config file and asking about new config symbols. "make silentoldconfig" Like above, but avoids cluttering the screen with questions already answered. Additionally updates the dependencies. "make olddefconfig" Like above, but sets new symbols to their default values without prompting. "make defconfig" Create a ./.config file by using the default symbol values from either arch/$ARCH/defconfig or arch/$ARCH/configs/${PLATFORM}_defconfig, depending on the architecture. "make ${PLATFORM}_defconfig" Create a ./.config file by using the default symbol values from arch/$ARCH/configs/${PLATFORM}_defconfig. Use "make help" to get a list of all available platforms of your architecture. "make allyesconfig" Create a ./.config file by setting symbol values to 'y' as much as possible. "make allmodconfig" Create a ./.config file by setting symbol values to 'm' as much as possible. "make allnoconfig" Create a ./.config file by setting symbol values to 'n' as much as possible. "make randconfig" Create a ./.config file by setting symbol values to random values. "make localmodconfig" Create a config based on current config and loaded modules (lsmod). Disables any module option that is not needed for the loaded modules. To create a localmodconfig for another machine, store the lsmod of that machine into a file and pass it in as a LSMOD parameter. target$ lsmod > /tmp/mylsmod target$ scp /tmp/mylsmod host:/tmp host$ make LSMOD=/tmp/mylsmod localmodconfig The above also works when cross compiling. "make localyesconfig" Similar to localmodconfig, except it will convert all module options to built in (=y) options. You can find more information on using the Linux kernel config tools in Documentation/kbuild/kconfig.txt. - NOTES on ``make config``: - Having unnecessary drivers will make the kernel bigger, and can under some circumstances lead to problems: probing for a nonexistent controller card may confuse your other controllers. - A kernel with math-emulation compiled in will still use the coprocessor if one is present: the math emulation will just never get used in that case. The kernel will be slightly larger, but will work on different machines regardless of whether they have a math coprocessor or not. - The "kernel hacking" configuration details usually result in a bigger or slower kernel (or both), and can even make the kernel less stable by configuring some routines to actively try to break bad code to find kernel problems (kmalloc()). Thus you should probably answer 'n' to the questions for "development", "experimental", or "debugging" features. ——详述一下这段话的步骤
最新发布
08-09
host$ make LSMOD=/tmp/mylsmod localmodconfig ``` #### 三、配置注意事项(关键警告) 1. **精简原则** - ❌ 避免不必要驱动:增大内核体积,可能引发硬件探测冲突 - ❌ 谨慎启用调试选项:`DEBUG_FS`/`KGDB...
Android NFC HCE模拟卡功能的实现与测试
HCE(Host-based Card Emulation,基于主机的卡仿真)是一种NFC功能,它允许设备无需专用的安全硬件(SE,Secure Element)即可执行卡片仿真功能。HCE自Android 4.4(KitKat)起被支持,使开发者能够在没有硬件NFC...
翻译如下内容: NFC is a contactless technology designed for very short-range operation, approximately 10 cm or less. NFC is compliant with today’s field proven contactless smart card technology. NFC may be used to convey a variety of different data structures, some as simple transfers, and others as more complex interactions referred to as NFC Protocols. The NFC Forum defines the Connection Handover protocol [23] to facilitate the "handover" from an NFC exchange to some other connection. The main aspects that make NFC different and complementary to wireless network technology are: 1. Short distance: NFC is designed for a distance of approximately 10 cm or less to ensure that the intentional action of the user, bringing two NFC devices close to each other, is needed to trigger the communication. 2. Passive Communication via NFC Tags: NFC communications may occur between two NFC Devices that each are able to actively "write" (send) NFC data to, and "read" (receive) NFC data from, another NFC Device. Additionally, an NFC Tag is a type of unpowered passive NFC entity that is able to "write" (send) data once it is powered up by the induction provided by an active Peer, which allows communication between a powered device and an unpowered device (one without a battery) such as a contactless smart card or a sticker. NFC requires at least one of the NFC enabled entities to be portable.
07-30
4 保留原文的技术精确性,比如“host-based card emulation”必须译为“基于主机的卡模拟”这个标准术语 如果用户后续提供具体段落,要特别注意: - 数学表达式需用$...$包裹(虽然NFC文本较少见数学公式) - 保持...
Host-based Card Emulation 实例
jwzhangjie的专栏
03-26 4532
1、官方的sdk\samples\android-19\connectivity底下有两个项目分别为:CardEmulationCardReader,前者作为卡仿真,后者作为NFC读取器 2、http://blog.opendatalab.de/hack/2013/11/07/android-host-card-emulation-with-acr122/ 这篇文章里面讲述了卡仿真的实例,
Android NFC Host Card Emulation (HCE)
omnispace的博客
12-04 828
Can I prevent Host Card Emulation service from being triggered by select AID? How to communicate with HostApduService from an Activity how to start and stop HostapduService [duplicate] how to bind HC...
【NFC】Host-based Card Emulation
木子儿
07-14 521
链接:     https://developer.android.com/guide/topics/connectivity/nfc/hce.html#Coexistence
NFC技术Card Emulation模式在A ndroid系统中的应用
tj_shenzhendaxue的专栏
09-21 2837
简介:近地场通讯(Near FieldCommunication,NFC)协议已被Android系统部分支持。随着Android手机的迅速普及,作为NFC三种工作模式之一的CardEmulation模式在电子考勤、移动支付等领域具有越来越广泛的应用潜力。尽管在Android4.4版本之前公开的API并不支持CardEmulation模式,但由于Android本身的开源特征,借助开源项目SEEK或A
【NFC】NFC Tag和NFC CE(Card Emulation)区别
weixin_30556959的博客
11-01 768
NFC Tag和NFC CE(Card Emulation)区别: NFC Tag:   手机不开机,断电情况下传输所存储的信息;   需要NFC Reader通过电磁感应(贴近手机NFC卡片位置)的方式给卡片供电,然后读取Tag数据。 NFC CE:   手机开机且锁屏的情况下传输所存储的信息;   需要NFC Reader直接贴着手机去读去CE数据。 转载于:https:...
鸿蒙开发(API 12 Beta6版)【HCE卡模拟开发】 网络篇
鸿蒙的技术博客
09-10 1102
近场通信(Near Field Communication,NFC)是一种短距高频的无线电技术,在13.56MHz频率运行,通信距离一般在10厘米距离内。HCE(Host Card Emulation),称为基于主机的卡模拟,表示不依赖安全单元芯片,电子设备上的应用程序模拟NFC卡片和NFC读卡器通信,实现NFC刷卡业务。
android.nfc.cardemulation Kotlin |Java
BLOG域名:programb.blog.youkuaiyun.com
05-12 327
Classes CardEmulation This class can be used to query the state of NFC card emulation services. HostApduService HostApduService is a convenience Service class that can be extended to emulate an NFC card inside an Android service component. HostNfcFService
Android卡模拟(Card Emulation)开源项目指南
gitblog_01101的博客
09-01 837
Android卡模拟(Card Emulation)开源项目指南 1. 目录结构及介绍 本教程基于GitHub上的Google存档项目 android-CardEmulation,该仓库展示了如何在Android系统中实现主机卡模拟(Host-based Card Emulation, HCE)功能。以下是项目的典型目录结构及其简介: . ├── README.md # 项目说明文...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值