androidnfchce
"Select AID" command is not always routed to HostApduService in Android HCE
Problem statement
I'm trying to understand why the "Select AID" command is not always successfully routed to the HostApduService of my HCE enabled application.
Sometimes, the "Select AID" is correctly routed to the HostApduService, as can be seen from the following logcat output:
07-11 20:11:36.386: D/NxpNfcJni(1486): RoutingManager::stackCallback: event=0x18
07-11 20:11:36.396: D/HostEmulationManager(1486): notifyHostEmulationActivated
07-11 20:11:36.396: D/NxpNfcJni(1486): RoutingManager::stackCallback: event=0x17
07-11 20:11:36.396: D/NxpNfcJni(1486): RoutingManager::stackCallback: NFA_CE_DATA_EVT; stat=0x0; h=0x301; data len=18
07-11 20:11:36.396: D/HostEmulationManager(1486): notifyHostEmulationData
07-11 20:11:36.396: D/HostEmulationManager(1486): Binding to service ComponentInfo{email.HCE/email.HCE.MyHCEService}
07-11 20:11:36.416: D/HostEmulationManager(1486): Waiting for new service.
07-11 20:11:36.466: D/MYHCESERVICE(25504): APDU RECEIVED
07-11 20:11:36.466: D/HostEmulationManager(1486): Sending data
07-11 20:11:37.276: E/SMD(284): DCD ON
07-11 20:11:37.436: D/NxpNfcJni(1486): RoutingManager::stackCallback: event=0x19
07-11 20:11:37.436: D/NxpNfcJni(1486): RoutingManager::stackCallback: NFA_DEACTIVATED_EVT, NFA_CE_DEACTIVATED_EVT
07-11 20:11:37.446: D/HostEmulationManager(1486): notifyHostEmulationDeactivated
07-11 20:11:37.446: D/MYHCESERVICE(25504): DISCONNECT
07-11 20:11:37.446: D/HostEmulationManager(1486): Unbinding from service ComponentInfo{email.HCE/email.HCE.MyHCEService}
07-11 20:11:37.446: D/MYHCESERVICE(25504): Disconnect by DEACTIVATION_LINK_LOSS
07-11 20:11:37.466: E/NfcNfa(1486): UICC/ESE[0x402] is not activated
However, more frequently, the "Select AID" command does not seem to arrive at the HostApduService. Its even worse, as there seems to be no activity at all from NxpNfcJni in the LogCat output. I consider NxpNfcJni to be the entry point given the excerpt from the LogCat output of a successful attempt.
It must be stated that the frequency of success is a lot lower then the frequency of failure.
Test Setup
Hereafter is a description of the HCE device and corresponding relevant code, followed by the description of the application that controls the reader.
1. HCE device
- Hardware: Samsung Galaxy S5
- OS: Android 5.0
- Code for the HostApduService:
public class MyHCEService extends HostApduService {
@Override
public byte[] processCommandApdu(byte[] apdu, Bundle extras) {
Log.d("MYHCESERVICE", "APDU RECEIVED");
return new byte[]{(byte)0x6F,(byte)0x25}; //returned byte array reduced for this example
}
@Override
public void onDeactivated(int reason) {
Log.d("MYHCESERVICE", "DISCONNECT");
switch(reason) {
case MyHCEService.DEACTIVATION_DESELECTED:
Log.d("MYHCESERVICE", "Disconnect by DEACTIVATION_DESELECTED");
case MyHCEService.DEACTIVATION_LINK_LOSS:
Log.d("MYHCESERVICE", "Disconnect by DEACTIVATION_LINK_LOSS");
}
}
}
- Android Manifest:
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="email.HCE"
android:versionCode="1"
android:versionName="1.0" >
<uses-sdk
android:minSdkVersion="19"
android:targetSdkVersion="22" />
<uses-permission android:name="android.permission.NFC" />
<uses-feature android:name="android.hardware.nfc" android:required="true" />
<uses-feature android:name="android.hardware.nfc.hce" android:required="true" />
<application
android:allowBackup="true"
android:icon="@drawable/ic_launcher"
android:label="@string/app_name"
android:theme="@style/AppTheme" >
<activity
android:name=".MainActivity"
android:label="@string/app_name" >
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
<service android:name=".MyHCEService" android:exported="true"
android:permission="android.permission.BIND_NFC_SERVICE">
<intent-filter>
<action android:name="android.nfc.cardemulation.action.HOST_APDU_SERVICE"/>
</intent-filter>
<meta-data android:name="android.nfc.cardemulation.host_apdu_service"
android:resource="@xml/apduservice"/>
</service>
<activity
android:name=".ListBluetoothDevicesActivity"
android:label="@string/app_name"
android:screenOrientation="portrait"
android:configChanges="screenSize|orientation|keyboardHidden" >
</activity>
</application>
</manifest>
- AID registration file:
<host-apdu-service xmlns:android="http://schemas.android.com/apk/res/android"
android:description="@string/servicedesc"
android:requireDeviceUnlock="false">
<aid-group android:description="@string/aiddescription"
android:category="other">
<aid-filter android:name="11223344556677889900112233"/>
</aid-group>
</host-apdu-service>
2. Reader application
- Contactless reader: ASK RDR 417 http://ask-contactless.com/en-us/contactus/technicalsupport.aspx#gen4xx
- C# based application
- using PCSC-sharp to interface the contactless reader.
- Select application command:
byte[] CMD_SelectApp = {
0x00, //CLA
0xA4, //INS
0x04, //P1
0x00, //P2
0x0D, //LC
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0x11, 0x22, 0x33 //AID
};
- Pseudo-code for connecting connecting to the reader and transmitting the select application command:
SCardContext _Context = new SCardContext();
_Context.Establish(SCardScope.System);
SCardReader _Reader = new SCardReader(_Context);
_Reader.Connect(SelectedReader, SCardShareMode.Direct, SCardProtocol.Any);
_Reader.Transmit(CMD_SelectApp, CMD_SelectApp.Length, RecvBuffer, ref ReceiveBufferLength);
Question
Does anyone see why the "Select AID" command is not always successful? Or someone that can give some indications to debug this one?
Solution
It seems that by selecting only 1 type of polled cards for the ASK RDR 417 through the 'ASK RDR 417 (PC/SC) Properties' (see image below), the HostApduService is responding correctly and as expected.
I'm interested to know why, at first sight this seems to limit the reader capabilities.
- Restricting usage for an Android key for a Google API
- Android menu item visibility change in runtime
- Flutter android build issue post flutter update
- Software Components will not be created automatically for Maven publishing from Android Gradle Plugin 8.0
- "drag control" for Android games
- Android Studio stuck on loading devices
- Android gradle plugin 8.1.0 change apk name
- Get single integer from list on click
- No Android SDK found. Try setting the ANDROID_SDK_ROOT environment variable
- License for package Android SDK Platform 29 not accepted
- "Failed to install the following Android SDK packages as some licences have not been accepted" error
- onPageSelected callback for JetPack Compose Pager
- Android Studio Keyboard shortcut control
- Video Overflows from Bottom Sheet When Scrolling
- Get the background color of a button in android
- Simple export and import of a SQLite database on Android
- Image actual height differences
- Access Unity variables in eclipse
- Create pre build event to copy files to assets folder in Android application
- Set background color for the whole app. Android, Jetpack Compose
- I cannot get the permission window to appear using "requestPermissionLauncher.launch(permissions)"
- How can I document or exclude the generated BuildConfig class in my documentation?
- Android 13 How to save image in galery .Net MAUI
- Could not find org.apache.cordova:framework:7.0.0 after removing jcenter() in Android
- How to darken a given color (int)
- Customize android app preview when it is in background with secure flag
- Foreground Service crashing on Android 14
- android studio rebuild error : Unable to find Gradle tasks to build why?
- Thellmund WeekView Library horizontalScrollListener
- FCM notification not received without permission