You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
jianglk.darker
7ee447c011
|
4 months ago | |
|---|---|---|
| .. | ||
| Android.bp | 4 months ago | |
| README.md | 4 months ago | |
| ese_ls_provision.cpp | 4 months ago | |
README.md
ese-ls-provision tool
Runs on Android host and uploads scripts to the secure element loader service.
Introduction
PN80T and later secure elements include a "loader service" which runs signed, encrypted scripts to
perform high-privilege operations like installing and deleting applets in a secure way. The result
of compiling, encrypting and signing these scripts with the ls-cgt.jar tool is a file containing
hexadecimal blocks separated by newlines; the first line usually starting with 7f21 indicating
the certificate for the signing key. This tool takes those signed, encrypted scripts and sends
them to the secure element.
Usage
ese-ls-provision <identifier> <script> <responsefile>
<identifier>names a file of one to twenty bytes. This is a required parameter to the code which drives communication with the loader service, and the identifier is sent to the SE as part of the initial setup, but I'm not sure what effect it has apart from that; the source code says "It is used to provide the ALA with an Unique Identifier of the Application that has triggered the ALA script".<script>is the compiled, encrypted, signed scrypt as generated byls-cgt.jar.<responsefile>is a file to which to write the response from the loader service. This is also written as newline-separated hexadecimal. On a successful upload, each line ends with9000.