是否可以防止选择AID触发主机卡仿真服务? [英] Can I prevent Host Card Emulation service from being triggered by select AID?

问题描述

我有一个Android应用程序，其中有一个注册到Android Beam的服务和一个注册到主机卡仿真的服务.我想确定何时在代码中启用/禁用HCE服务. 清单中的HCE服务看起来像这样-

I have an Android app with a service registered to Android beam and a service registered to host card emulation. I want to decide when to enable/disable the HCE service in the code. The HCE service in the manifest looks like this -

<service
        android:name="com.bimo.verifonewallet.service.MyHostApduService"
        android:exported="true"
        android:permission="android.permission.BIND_NFC_SERVICE" >
        <intent-filter>
            <action android:name="android.nfc.cardemulation.action.HOST_APDU_SERVICE" />
        </intent-filter>

        <meta-data
            android:name="android.nfc.cardemulation.host_apdu_service"
            android:resource="@xml/apduservice" />
    </service>

实际上，当智能手机接收到选择AID命令(带有服务AID)时，将触发服务并执行服务onCreate()的功能，并在交易完成后调用onDestroy()函数

In fact, when the smartphone receives a select AID command (with the services AID), the service is triggered and the function of the service onCreate() is executed and after the transaction is finished, the function onDestroy() is invoked.

因此，当我从主要活动中执行startService()和stopService()时，它没有任何作用.

Therefore when I do startService() and stopService() from the main activity it has no effect.

我可以控制是否调用服务吗?

Can I control if the service be invoked or not?

推荐答案

您可以尝试 ¹ 禁用整个服务组件(请参阅此

You could try¹ to disable the whole service component (see this question/answer) and only enable the service while your activity is in the foreground:

public void onResume() {
    super.onResume();

    PackageManager pm = getPackageManager();
    pm.setComponentEnabledSetting(new ComponentName(this, "com.example.app.HceService"),
                                  PackageManager.COMPONENT_ENABLED_STATE_ENABLED,
                                  PackageManager.DONT_KILL_APP);
}

public void onPause() {
    super.onPause();

    PackageManager pm = getPackageManager();
    pm.setComponentEnabledSetting(new ComponentName(this, "com.example.app.HceService"),
                                  PackageManager.COMPONENT_ENABLED_STATE_DISABLED,
                                  PackageManager.DONT_KILL_APP);
}

但是，我强烈建议您的HCE服务仍然响应某些命令(尤其是应用程序选择)，并且您仅阻止与安全/隐私相关的命令.例如，您可以通过在应用的共享首选项中设置一个标志来做到这一点(请参阅此问题有关为何共享首选项会是首选方法)，指示是否允许服务执行某些操作.然后，您可以在HCE服务中查询该标志，并确定应该在HCE上提供哪些功能.

However, I would strongly suggest that your HCE service still responds to certain commands (particularly application selection) and that you only block security/privacy relevant commands. You could, for instance, do this by setting a flag in your app's shared preferences (see this question on why shared preferences would be the prefered approach) that indicates if the service is allowed to perform certain actions or not. You could then query that flag within the HCE service and decide what functionality should be available over HCE.

还请记住，完全禁用HCE服务(使用上述方法)可能会允许另一个应用程序(无论是否恶意)接替AID的通信.

¹ )创建和更新HCE服务列表时，我尚未检查Android来源.因此，可能不是每个setComponentEnabledSetting()调用都更新HCE服务列表(NFC系统服务已知)的情况.

¹) I haven't checked the Android source on when the list of HCE services is created and updated. So it might be the case that the list of HCE services (known to the NFC system service) might not be updated on every setComponentEnabledSetting() call.

这篇关于是否可以防止选择AID触发主机卡仿真服务?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！