Nothing Special   »   [go: up one dir, main page]

WO2017035819A1 - 实现主机卡模拟的方法、终端、数据路由方法及装置 - Google Patents

实现主机卡模拟的方法、终端、数据路由方法及装置 Download PDF

Info

Publication number
WO2017035819A1
WO2017035819A1 PCT/CN2015/088889 CN2015088889W WO2017035819A1 WO 2017035819 A1 WO2017035819 A1 WO 2017035819A1 CN 2015088889 W CN2015088889 W CN 2015088889W WO 2017035819 A1 WO2017035819 A1 WO 2017035819A1
Authority
WO
WIPO (PCT)
Prior art keywords
external data
identifier
tee
hce application
terminal
Prior art date
Application number
PCT/CN2015/088889
Other languages
English (en)
French (fr)
Inventor
李国庆
常新苗
梅敬青
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to PCT/CN2015/088889 priority Critical patent/WO2017035819A1/zh
Priority to US15/756,711 priority patent/US11138027B2/en
Priority to CN201580043877.1A priority patent/CN106663017B/zh
Priority to EP15902626.9A priority patent/EP3333701B1/en
Publication of WO2017035819A1 publication Critical patent/WO2017035819A1/zh

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45504Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
    • G06F9/45508Runtime interpretation or emulation, e g. emulator loops, bytecode interpretation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/61Installation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B5/00Near-field transmission systems, e.g. inductive or capacitive transmission systems
    • H04B5/20Near-field transmission systems, e.g. inductive or capacitive transmission systems characterised by the transmission technique; characterised by the transmission medium
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B5/00Near-field transmission systems, e.g. inductive or capacitive transmission systems
    • H04B5/70Near-field transmission systems, e.g. inductive or capacitive transmission systems specially adapted for specific purposes
    • H04B5/72Near-field transmission systems, e.g. inductive or capacitive transmission systems specially adapted for specific purposes for local intradevice communication

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to a method, a terminal, and a data routing method and apparatus for implementing host card emulation.
  • Card Emulation (CE) function refers to the use of a terminal that supports Near Field Communication (NFC) and has a Secure Element (SE) to simulate a contactless IC card.
  • NFC Near Field Communication
  • SE Secure Element
  • the card emulation application is installed into the security unit of the terminal and runs in the security unit.
  • the security unit generally allows multiple card emulation applications to be installed, which allows the user to carry a single terminal, which is equivalent to carrying multiple physical cards, which brings great convenience to the user.
  • Host-based Card Emulation or Host Card Emulation means that the card emulation application does not need to be installed in the security unit, but is installed directly into the operating system of the terminal as a normal application, and runs on the terminal host ( Device Host, or device host).
  • HCE is widely used in Near Field Communication (NFC).
  • the HCE application generally runs in the Rich Execution Environment (REE) of the terminal, and communicates with the card reading device such as a POS machine or a card reader through the NFC interface of the terminal.
  • REE is a lower-level operating environment, that is, applications from any source can be installed into the REE of the terminal with user permission, and the protection of data stored in the REE is not sufficient to protect against various malware threats. Therefore, when the HCE application is installed and running in the REE, the confidential data of the related user accounts and the like is low in security and easy to be stolen.
  • HCE mechanism it is often necessary to use the HCE mechanism to implement some applications with high security performance requirements, such as HCE payment applications issued by banks. If these HCE applications with higher security performance requirements are installed in the REE, the account data associated with the HCE application is used. It is easy to be stolen by malicious programs. Therefore, the associated data of the HCE program in the REE is in a relatively dangerous state.
  • Embodiments of the present invention provide a method, a terminal, and a data routing method for implementing host card emulation
  • the device implements HCE functions of different security levels on the terminal.
  • a method for implementing a host card emulation HCE including:
  • the terminal installs the HCE application to a terminal environment corresponding to the type of the HCE application according to the type of the HCE application, where the terminal environment includes a trusted execution environment TEE and a rich execution environment REE;
  • the terminal parses the first identifier of the HCE application and the at least one second identifier included in the HCE application, where the first identifier is used to uniquely identify the HCE application in the terminal, and the second identifier Used to identify a message flow between the card reading device and the HCE application;
  • the terminal registers the routing information of the HCE application to the TEE, where the routing information includes the first identifier, the at least one second identifier, and the terminal environment installed by the HCE application.
  • the method further includes:
  • the route management module sends the external data to an HCE application corresponding to the external data.
  • the terminal sends the obtained external data to the route management module in the TEE, specifically:
  • the terminal acquires external data through an NFCC in a near field communication controller NFCC or REE in the TEE;
  • the external data whose routing target is the device host is sent to the routing management module in the TEE by the NFCC in the NFCC or REE in the TEE.
  • the route management module sends the external data to an HCE application corresponding to the external data, Specifically include:
  • the route management module acquires a second identifier in the external data
  • routing management module sends the external data to the HCE application corresponding to the first identifier of the external data according to the determined terminal environment.
  • the sending the external data to the HCE application corresponding to the first identifier of the external data according to the determined terminal environment includes:
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the TEE through the established session;
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the REE through a service program in the TEE or a shared memory.
  • a data routing method including:
  • the terminal sends the obtained external data to the route management module in the TEE;
  • the route management module sends the external data to an HCE application corresponding to the external data.
  • the terminal sends the obtained external data to the route management module in the TEE, which specifically includes:
  • the terminal acquires the external data through an NFCC driver in the TEE or an NFCC driver in the REE, and sends the external data whose routing target is the device host to the route management module in the TEE.
  • the routing management module sends the external data to the HCE application corresponding to the external data, including:
  • the route management module acquires a second identifier in the external data, where the second identifier is used to identify a message flow between the card reading device and an HCE application;
  • the first identifier is used to uniquely identify an HCE application in the terminal;
  • the sending, according to the determined terminal environment, the external data to the HCE application corresponding to the first identifier of the external data include:
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the TEE through the established session;
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the REE through a service program in the TEE or a shared memory.
  • a terminal for implementing a host card to simulate an HCE including:
  • the installation unit is configured to install the HCE application into a terminal environment corresponding to the type of the HCE application according to a type of the HCE application, where the terminal environment includes a trusted execution environment TEE and a rich execution environment REE;
  • a parsing unit configured to parse the first identifier of the HCE application installed by the installation unit and at least one second identifier included in the HCE application, where the first identifier is used to uniquely identify the An HCE application, where the second identifier is used to identify a message flow between the card reading device and the HCE application;
  • a registration unit configured to register the routing information of the HCE application into the TEE, where the routing information includes the first identifier, the at least one second identifier, and the HCE application parsed by the parsing unit The terminal environment installed.
  • the terminal further includes a first routing unit and a second routing unit, where
  • the first routing unit is configured to send the acquired external data to a second routing unit in the TEE;
  • the second routing unit is configured to send the external data to an HCE application installed by the installation unit corresponding to the external data.
  • the first routing unit is specifically configured to send the obtained external data to the second routing unit of the TEE species as follows:
  • the external data whose routing target is the device host is sent to the second routing unit in the TEE by the NFCC in the NFCC or REE in the TEE.
  • the second routing unit is specifically configured to send the external data as follows To the HCE application corresponding to the external data:
  • the second routing unit is configured to send the external data to and according to the determined terminal environment
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the TEE through the established session;
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the REE through a service program in the TEE or a shared memory.
  • a data routing apparatus including:
  • a first routing unit configured to send external data acquired by the acquiring unit to a second routing unit in the TEE
  • a second routing unit configured to send the external data to an HCE application corresponding to the external data.
  • the first routing unit is specifically configured to send the obtained external data to the second routing unit in the TEE as follows:
  • the second routing unit is specifically configured to send the external data to an HCE application corresponding to the external data as follows:
  • the second routing unit is configured to send the external data to the device according to the determined terminal environment.
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the TEE through the established session;
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the REE through a service program in the TEE or a shared memory.
  • a terminal for implementing a host card emulation HCE including a memory, a peripheral, a communication unit, and a processor, where:
  • the memory includes a common random access memory RAM and a common read only memory ROM running in a rich execution environment REE, and a trusted RAM and a trusted ROM running in a trusted execution environment TEE for storing instructions and data;
  • the peripheral device includes a common peripheral in the REE and a trusted peripheral in the TEE;
  • the communication unit is located in the REE;
  • the processor configured to call instructions and data stored in the common RAM, the common ROM, the trusted RAM, and the trusted ROM, through the trusted peripheral, the public peripheral, and the
  • the communication unit implements the following functions:
  • the HCE application is installed in a terminal environment corresponding to the type of the HCE application according to a type of the HCE application, where the terminal environment includes a TEE and a REE; and the first identifier of the HCE application and the HCE are parsed At least one second identifier included in the application, the first identifier is used to uniquely identify the HCE application in the terminal, and the second identifier is used to identify a message flow between the card reading device and the HCE application And for registering the routing information of the HCE application to the TEE, where the routing information includes the first identifier, the at least one second identifier, and the terminal environment installed by the HCE application.
  • the processor is further configured to:
  • the processor is specifically configured to send the obtained external data to the route management module in the TEE in the following manner:
  • the external data whose routing target is the device host is sent to the routing management module in the TEE by the NFCC in the NFCC or REE in the TEE.
  • the processor is specifically configured to control the routing management module to send the external data to the The HCE application corresponding to the external data:
  • Corresponding external data first identifier, and a terminal environment installed by the HCE application corresponding to the first identifier of the external data, and controlling the routing management module to send the external data to the UI according to the determined terminal environment The HCE application corresponding to the first identifier of the external data.
  • the processor is configured to control, by using, the routing management module to send the external data according to the determined terminal environment To the HCE application corresponding to the first identifier of the external data:
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the REE through a service program in the TEE or a shared memory.
  • the method, the terminal, the data routing method and the device for implementing the host card simulation provided by the embodiment of the present invention distinguish the HCE application into a TA or a CA by using different application type labels, and then install the TA into the TEE, and install the CA into the REE. It implements HCE applications based on TEE and REE based security levels.
  • FIG. 1A to FIG. 1B are diagrams showing a terminal system architecture for applying a host card simulation method according to an embodiment of the present invention
  • FIG. 2 is a flowchart of implementing a host card simulation method according to an embodiment of the present invention
  • FIG. 3 is a flowchart of implementing an HCE application to a corresponding environment according to an embodiment of the present invention
  • FIG. 4 is a flowchart of implementing another host card simulation method according to an embodiment of the present invention.
  • FIG. 5 is a flowchart of sending the acquired external data to a route management module in a TEE according to an embodiment of the present invention
  • FIG. 6 is a schematic diagram of a process for saving routing information according to an embodiment of the present invention.
  • FIG. 7 is a schematic diagram of a process for performing external data routing according to routing information saved by an application according to an embodiment of the present disclosure
  • FIG. 8 is a schematic diagram of a routing table set according to an embodiment of the present invention.
  • FIG. 9 is a schematic diagram of a process of performing routing in a TEE according to an embodiment of the present invention.
  • FIG. 10 is a schematic diagram of a process of forwarding external data to a TA according to an embodiment of the present invention.
  • 11A-11B are schematic diagrams of a process of forwarding external data to a CA according to an embodiment of the present invention.
  • FIG. 12A to FIG. 12B are schematic diagrams showing the structure of a terminal for implementing host card simulation according to an embodiment of the present invention.
  • FIG. 13 is a schematic diagram of another structure of a terminal for implementing host card emulation according to an embodiment of the present disclosure
  • FIG. 14 is a schematic structural diagram of a data routing apparatus according to an embodiment of the present invention.
  • TEE and REE are two kinds of program running environments that exist in the terminal.
  • TEE and REE can be called terminal environments, each of which includes hardware resources such as memory and processor, and operating system. Operating System, OS), Framework (Framework) and other software.
  • REE does not strictly limit the source of the application, and if the user permits, REE can accept software installation from any source. However, the TEE is different.
  • the storage in the TEE is secure storage, which is managed by the TEE issuer (eg, terminal manufacturer or operator) and has certain restricted access conditions; when the terminal receives a request to access the TEE storage, for example, Read and write secure storage (installation of programs into the TEE is a write secure storage operation), verify that the security access rules are met, and access the corresponding storage content if the security access rules are met. Because of the above characteristics of TEE, malicious programs cannot access programs and their data installed in the TEE; programs installed in the TEE environment cannot cross each other to access data that is not their own, thus achieving a higher security level.
  • the TEE issuer eg, terminal manufacturer or operator
  • Trusted Application refers to an application running in the TEE. It can provide security-related functions such as password service, signature service, and digest service for client applications in REE or other trusted applications in the TEE environment.
  • client application (Client APPlication, CA) refers to running in the REE, and can communicate with a trusted application TA in the TEE through a TEE client application programming interface or a shared memory mechanism and invoke the service provided by the TA. application.
  • the embodiment of the present invention provides a host card simulation implementation method for implementing a different security level HCE application on a terminal including a TEE, in order to facilitate a software vendor (SP) to select an HCE of a different security level according to its own service requirements.
  • SP software vendor
  • a high security level service requirement such as a financial card and a payment card application that requires high security performance can be implemented as a TA and installed in a TEE; similar to a low security level service requirement such as a supermarket membership card or an access card, Can be implemented as a CA and installed in the REE.
  • the host card simulation method provided by the embodiment of the present invention installs the HCE application into the corresponding terminal environment according to whether the terminal environment installed by the HCE application service requirement is TEE or REE.
  • an application type label for identifying an environment in which an HCE application is installed in an environment may be defined in a resource file of the HCE application, and the terminal environment to be installed by the HCE application is TEE or REE, and the HCE application is applied by using different application type labels. Installed into TEE or REE to HCE applications supporting different security levels of TEE and REE are implemented on the terminal.
  • the HCE application of the TEE and REE in the security level in order to implement the HCE application of the TEE and REE in the security level, the HCE application of the high security level is installed in the TEE, and the HCE application of the lower security level is installed in the REE.
  • the terminal system architecture shown in FIG. 1A or FIG. 1B implements routing functions of HCE applications of different security levels in the TEE.
  • the NFC Controller NFCC
  • the NFC Controller sends the data to the upper-layer application through the NFCC Driver (NFCC Driver) and the NFCC routing module in the REE operating system kernel.
  • the TEE and REE are supported, the two security levels are supported.
  • the NFCC driver sends the received data to the trusted NFC service framework in the TEE environment, and is forwarded by the NFC Service Framework in the TEE environment to the routing management module (Routing Management Module). Also referred to as Route-TA, the Route Management Module in the TEE distributes (ie routes) data to the TA in the TEE or the CA in the REE.
  • the NFC controller after receiving the data, sends the data to the routing management module in the TEE through the trusted NFCC driver in the trusted operating system kernel in the TEE, and the routing management module in the TEE distributes the data to the TEE.
  • the NFCC in the embodiment of the present invention may also be referred to as a Near Field Communication Controller (NFCC).
  • NFCC Near Field Communication Controller
  • the NFCC is a logical entity defined by the NFC Forum.
  • the NFCC is also commonly used in the industry.
  • the NFCC chip, the NFCC driver, and the NFCC routing module are distinguished, and the above three hardware or software are all part of the NFCC logical entity.
  • FIG. 2 is a flowchart of a method for implementing host card simulation according to an embodiment of the present invention. As shown in FIG. 2, the method includes:
  • the terminal installs the HCE application into a terminal environment corresponding to the type of the HCE application according to the type of the HCE application.
  • the terminal environment in which the HCE application is installed in the embodiment of the present invention includes TEE and REE, and one HCE application only corresponds to one terminal environment, that is, the terminal environment in which the HCE application runs is TEE or REE.
  • the terminal environment in which the HCE application is installed in the embodiment of the present invention is referred to as an environment and an installation environment, and may be referred to as an application running environment, etc., which is not limited in the embodiment of the present invention.
  • the terminal installs the HCE application to the terminal environment corresponding to the type of the HCE application according to the type of the HCE application, and the method flow shown in FIG. 3 may be adopted, including:
  • the HCE application installation package contains the configuration file of the HCE application.
  • the terminal receives the installation package of the HCE application, checks the configuration file in the installation package, and obtains the resources of the HCE application according to the resource file name and path specified in the configuration file. file.
  • S1012 Determine, according to the application type label in the obtained resource file, a terminal environment installed by the HCE application.
  • the terminal environment installed by the HCE application is TEE or REE through different application type labels.
  • the HI host card simulation program ( ⁇ host-apdu-service/>) tag in the resource file identifies that the HCE application is a CA application, and the environment to be installed is REE; the TEE host in the resource file is used.
  • the card emulation program ( ⁇ TEE-apdu-service/>) tag identifies that this HCE application is a TA and the environment to be installed is TEE.
  • the application type label in the obtained resource file is ⁇ host-apdu-service/>, it is determined that the terminal environment in which the HCE application is to be installed is REE, that is, the application is a CA. If the application type label in the obtained resource file is ⁇ TEE-apdu-service/>, the terminal environment in which the HCE application is to be installed is determined to be a TEE, that is, the application is a TA.
  • the terminal environment installed in the HCE application is REE or TEE. If it is determined that the terminal environment installed by the HCE application is a TEE, that is, the application is a TA, the TA is installed in the TEE, and if the HCE is determined, The application installed terminal environment is REE, that is, the application is a CA, and the CA is installed into the REE.
  • S102 The terminal parses the first identifier of the HCE application and the at least one second identifier included in the HCE application.
  • Each HCE application corresponds to an application identifier (APP ID).
  • the CA can use the certificate of the application as the application identifier
  • the TA can use the Universally Unique Identifier (UUID) as the application identifier.
  • UUID Universally Unique Identifier
  • Each HCE application can handle card readers and HCEs There are several message flows between the above, and the message flow is started by the card reader device sending a SELECT AID command. After receiving the SELECT AID routed by the route management module to the HCE application, the HCE application should respond with an APDU command, after which the card reader device sends other messages.
  • a new message flow begins with which HCE application processes the message flow, which is determined by the route management module based on the AID in the new SELECT AID command.
  • the terminal may also receive only one SELECT AID command.
  • the AID in the command is determined by the user selecting the payment card participating in the transaction. At this time, from receiving the SELECT AID command to the end of the transaction, The interaction between the card reading device and the terminal can also be considered as a message flow.
  • the message flow is identified by an Application IDentifier (AID), which is an identifier defined by ISO/IEC 7816-5 for identifying a card application (APPlet) installed in the smart card. This identifier is also used to identify the HCE.
  • an HCE application can implement one or more AID processing logics, and each AID processing logic corresponds to a card application or a corresponding card reading device and HCE application.
  • the application identifier of the HCE application is referred to as a first identifier, and the first identifier is used to uniquely identify an HCE application.
  • the AID is referred to as a second identifier, and the second identifier is used to identify a message flow between the card reading device and the HCE application.
  • the first identifier is used to uniquely identify the HCE application in the terminal, and the second identifier is used to identify a message flow between the card reading device and the HCE application.
  • S103 The terminal registers the routing information of the HCE application into the TEE.
  • the routing information of the HCE application that the terminal registers with the TEE in the embodiment of the present invention includes the first identifier, the at least one second identifier, and the terminal environment where the HCE application is installed.
  • the TA is installed in the TEE and the CA is installed in the REE, and the first identifier and the at least one second identifier included in the HCE application are parsed, and the first identifier and the at least the parsed are parsed.
  • a second identifier, and a terminal environment installed by the HCE application, are registered in the TEE.
  • the first identifier, the second identifier, and the terminal ring installed by the HCE application are installed.
  • the registration of the environment into the TEE is a necessary step for the installation and deployment of the HCE.
  • the installation and deployment process also includes other necessary steps, which are not limited herein.
  • the registration involved in the embodiment of the present invention refers to the first identifier of the HCE application, and the at least one second identifier related to the HCE application, and the terminal environment where the HCE application is located is sent to the route management module in the TEE.
  • the routing management module After the routing management module performs the conflict detection and the conflict resolution processing on the received information, that is, the second identifier related to the HCE application (there may be multiple HCE applications processing the same second identifier, the routing management module needs to perform special processing, such as Specifying one of the multiple HCE applications to process a certain second identifier, and generating multiple routing entries according to the correspondence between the first identifier, the second identifier, and the terminal environment installed by the HCE application, and saving the routing entries to the TEE routing management module
  • the routing information is used according to the routing table.
  • the routing information in the embodiment of the present invention includes the first identifier, the at least one second identifier, and the terminal environment where the HCE application is installed. One or more second identifiers, each of which may generate a routing entry, thus an HCE application
  • the information including at least a single route.
  • the terminal can distinguish the installation environment of the HCE application as TEE or REE by using two different application type labels in the resource file, and then the terminal can pass the application type in the resource file when receiving the HCE application installation package.
  • the label identifies the terminal environment in which the HCE application is installed, distinguishes the HCE application as a TA or CA, and then installs the TA into the TEE, installs the CA into the REE, and implements an HCE application based on two different security levels of TEE and REE.
  • S104 The terminal sends the obtained external data to the route management module in the TEE.
  • the route management module sends the external data to an HCE application corresponding to the external data.
  • the external data that is obtained is sent to the route management module of the TEE, and the data routing method shown in FIG. 5 is used. As shown in FIG. 5, the method includes:
  • S1041 The terminal acquires external data through the NFCC in the TEE or the NFCC in the REE.
  • the terminal When the terminal is in the card analog working mode, the terminal communicates with a contactless card reading device, such as a contactless POS machine or a contactless card reader, through an NFC interface, such as an NFC antenna.
  • a contactless card reading device such as a contactless POS machine or a contactless card reader
  • an NFC interface such as an NFC antenna.
  • the terminal uses the NFCC chip and the NFCC driver to acquire external data from the NFC antenna.
  • the trusted NFCC driver is loaded in the TEE of the terminal, and the trusted operating system (Trusted OS) in the TEE environment obtains the access control authority of the NFC interface, thereby acquiring external data.
  • Trusted OS trusted operating system
  • S1042 The NFCC in the TEE or the NFCC in the REE sends the external data whose routing destination is the device host to the TEE.
  • the terminal uses the NFCC chip and the NFCC driver to obtain the external data sent by the external device such as the contactless card reader or the non-contact POS machine from the NFC antenna, and then sends the obtained data to the NFCC routing module for processing.
  • the NFCC routing module is a software entity (for example, the routing module can be implemented as a chip firmware), the NFCC routing module obtains a second identifier in the external data, and needs to send the data to the TEE according to the routing table stored in the NFCC.
  • the data that needs to be sent to the TEE in the embodiment of the present invention includes the data of the device host, and the device host generally refers to the central processing unit CPU of the terminal, which is also called the host central processing unit (Host). Central Processing Unit, Host CPU).
  • NFC has three working modes: card emulation, P2P and card reader.
  • the NFCC chip will work in polling mode (Poll mode, corresponding to P2P and card reader) and listen mode (listen) mode.
  • the simulation belongs to the listening mode. Therefore, it can be determined whether the routing needs to be performed by determining whether the current working mode of the NFCC chip is a card simulation. Further, the SELECT AID command in the obtained external data and the routing table configured in the NFCC can be determined. Whether the acquired external data needs to be sent to the TEE.
  • the first routing is performed by the NFCC in the TEE, so that the external data whose routing destination is the device host CPU is sent to the routing management module in the TEE, as shown in FIG. 1B.
  • the first routing is performed by the NFCC in the REE, so that the external data whose routing destination is the device host is sent to the routing management module in the TEE, as shown in FIG. 1A.
  • the first route refers to the process of sending the acquired data to the route management module in the TEE.
  • the routing information may be saved in advance, that is, the first identifier of the HCE application and the at least one second identifier and the corresponding The relationship is registered.
  • the first identifier of the HCE application and the at least one second identifier are registered in the routing management module in the TEE, and then the routing management module in the TEE routes the data to the routing information based on the saved routing information.
  • HCE application in the corresponding environment This enables different types of HCE applications to be processed in different terminal environments, improving security based on different HCE applications.
  • An HCE application in a REE may specify a second identifier list corresponding to the HCE application through a static resource file, or may use a dynamic registration application programming interface (API) to specify a second identifier corresponding to the HCE application.
  • the mapping relationship between the first identifier and the second identifier is sent to the routing management module in the TEE through the TEE client application programming interface (TEE Client API) or the shared memory.
  • TEE Client API TEE client application programming interface
  • the HCE application in the TEE can also use the above static or dynamic method to declare the second identifier corresponding to the HCE application, except that the TEE Client API or shared memory is not needed at this time, but the communication mechanism between the TAs is used.
  • the mapping relationship between the first identifier and the second identifier is sent to the routing management module in the TEE, and the routing management module parses the terminal environment installed by the HCE application from the first identifier, and further, the first application of the HCE application
  • the identifier, the at least one second identifier corresponding to the first identifier, and the terminal environment installed by the HCE application are saved in the route management module as at least one routing item.
  • the terminal analyzes the application installation configuration file and parses it into the ⁇ host-apdu-service/> tag, and learns that the HCE application is a CA, further performs resource file parsing and reading.
  • the second identifier in the resource file sends the read first identifier and the at least one second identifier to the route management module in the TEE.
  • the dynamic second identifier loading API is invoked to send the mapping relationship between the first identifier and the second identifier to the TEE through the CA runtime. Routing management module.
  • the CA application is updated or the component is updated, for example, the software application version is upgraded, or a new card application is added to the HCE application, when the AID is added, the updated information needs to be sent to the TEE. Achieve accurate routing.
  • the terminal parses the first identifier and the second identifier of the TA application, or invokes the API of the TA runtime to dynamically load the second identifier, and sends the first identifier.
  • the mapping relationship with the second identifier is sent to the route management module of the TEE.
  • the routing management module in the TEE performs the receiving and management of the first identifier and the second identifier, and saves or updates the routing information of the HCE application in the TEE.
  • the data may be received, and after receiving the data, the NFCC performs the first routing, and the data is routed to the routing management module in the TEE, and the routing management module The second route is performed according to the pre-stored routing information, and the data is forwarded to the CA or the TA, as shown in FIG. 7.
  • the second route refers to the process of receiving data by the route management module and forwarding the data to the CA or the TA.
  • a routing table is set according to the saved routing information in the routing management module of the TEE.
  • the routing table includes: a first identifier, a second identifier, and an installed terminal environment of the TA and the CA, and the routing management module according to the routing The table routes the data to the corresponding HCE application.
  • Figure 8 is a routing table set in the embodiment of the present invention. As shown in Figure 8, a routing entry is set for each second identifier and its corresponding first identifier. For example, the second identifier 1 of the CA corresponds to the first identifier 1 Route 1, the second identifier 2 of the TA and the first identifier 2 correspond to route 2.
  • the registration of the first identifier and the second identifier to the TEE is completed by the method shown in FIG. 6, and the preparation of the routing information is completed, but the implementation is implemented.
  • the following changes to the current HCE mechanism are required:
  • Modification of the configuration file An application type label identifying the HCE application in the TEE, that is, the first identification label, such as ⁇ TEE_apdu_service/>, is required to indicate the presence of an HCE application running on the TEE in the configuration file.
  • the modification of the resource file an application type label identifying the HCE application in the TEE, that is, the first label, such as a ⁇ TEE-apdu-service/> label, associated with a plurality of second identification labels, such as an ⁇ AID-filter> label,
  • the TA can handle the message flow between the reader and the HCE application.
  • the CA is installed in the REE, and the TA is installed in the TEE.
  • the HCE application is installed in the corresponding environment, when the terminal interacts with the non-contact card reading device, the data is performed by the HCE in the corresponding environment. Processing.
  • the terminal sends the external data to the HCE application corresponding to the external data in the TEE, or performs the second routing by the route management module in the TEE, and the method shown in FIG. 9 may be adopted:
  • the route management module in the TEE acquires a second identifier in the external data, where the second identifier is used to identify a message flow between the card reader device and an HCE application on the terminal.
  • the route management module performs the operation of acquiring the second identifier only when receiving the SELECT AID instruction; when receiving other APDU commands, if the SELECT AID has not been received before, it is considered an error; if the SELECT AID command is received before, Then forward the instruction to the HCE application corresponding to the SELECT AID instruction.
  • the route management module in the TEE determines, according to the routing information of the HCE application that is registered in the TEE, the first identifier of the external data corresponding to the second identifier in the external data, and the first identifier corresponding to the external data.
  • the terminal environment for the installation of the HCE application After obtaining the second identifier from the external data, the route management module compares the obtained second identifier with the AID in the routing table of the TEE route management module, until the same AID is found, and the routing item containing the same AID is included in the routing entry.
  • the first identifier is used as the first identifier of the external data, and the terminal environment installed by the HCE application corresponding to the AID is found.
  • the route management module in the TEE sends the external data to the HCE application corresponding to the first identifier of the external data according to the determined terminal environment.
  • the first identifier of the external data corresponding to the second identifier and the terminal environment installed by the HCE application may be determined according to the routing information. After the terminal environment in which the HCE application is installed is determined, the obtained data can be routed to the HCE application in the corresponding environment to complete the data routing of the HCE application supporting different security levels.
  • the routing information in the embodiment of the present invention may further include only the first identifier and the second identifier, and obtain the first identifier of the external data corresponding to the second identifier by acquiring the second identifier in the external data.
  • the resolution of the first identifier of the external data indicates whether the HCE application is a TA or a CA, and the installation environment of the HCE application is known. If the TA is installed, the installation environment is TEE. If it is a CA, the installation environment is REE.
  • the data is sent to the HCE application corresponding to the first identifier of the external data according to the determined terminal environment installed by the HCE application, and the following manner may be adopted:
  • the data is sent to the HCE application corresponding to the first identifier of the external data in the TEE through the established session.
  • the route management module of the TEE finds the corresponding first identifier of the external data and the terminal environment installed by the HCE application according to the second identifier in the external data, and the route management module, that is, the Route- in FIG. 1A and FIG. 1B TA, creates a session to the target TA using the internal client API defined by the TEE Internal Core API standard, and forwards the data to the TA, as shown in FIG.
  • the route management module that is, the Route- in FIG. 1A and FIG. 1B TA, creates a session to the target TA using the internal client API defined by the TEE Internal Core API standard, and forwards the data to the TA, as shown in FIG.
  • the TA When the TA is installed, the first identifier of the TA, the at least one second identifier, and the installed terminal environment are registered to the Route-TA in the TEE (that is, the route management module), so the Route-TA can actively acquire the TA.
  • the external data is sent to the TA. Therefore,
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the REE through a service program in the TEE or a shared memory.
  • the service program here referred to as the first identifier UUID of the RNS-TA
  • the route management module has already indicated which CA the data should be processed by, so the RNS-TA can return the data to the CA through the established Session. Therefore, in the embodiment of the present invention, the routing management module of the TEE searches for the corresponding external data first identifier and the terminal environment installed by the HCE application according to the second identifier in the external data, and the routing management module, that is, the routing management module in FIG. 1A and FIG.
  • Route-TA forwards the data to the service program in the TEE, and then forwards the external data to the corresponding CA, as shown in FIG. 11A.
  • the external data may be directly sent to the CA through the shared memory by the routing management module, as shown in FIG. 11B.
  • the NFCC forwards the data frame to the TEE, and the routing management module of the TEE performs the TEE internal routing.
  • the routing management module determines whether the second identifier of the external data is processed by the HCE application that has established the session. It is recorded as HCE application 1 processing.
  • the routing management module directly sends the external data to the HCE application 1 using the current session; if it is processed by other HCE applications different from the current HCE application, For the HCE application 2, the routing management module may choose to maintain the current session or close the current session, but must establish a second session according to the first identifier of the HCE application 2, and select the second identifier selection command and subsequent through the second session.
  • the external data is sent to the HCE application 2.
  • the embodiment of the present invention is described by taking a communication between a non-contact POS machine and a terminal as an example.
  • the terminal supporting the TEE is used as a card emulation device.
  • the terminal acquires the transaction data through the NFCC, and passes the NFCC in the REE or the NFCC in the TEE.
  • the transaction data is transmitted to the routing management module of the TEE, and the routing management module of the TEE searches for the first identifier corresponding to the second identifier according to the AID in the transaction data, and the terminal knows the transaction according to the first identifier.
  • the TA or CA should be processed by the data to establish a session, and the transaction data is sent to the TA or CA corresponding to the AID through the established session.
  • the CA is installed in the REE
  • the TA is installed in the TEE.
  • the terminal interacts with the card reading device, and the HCE application in the corresponding environment is performed.
  • the processing procedure of the data routing involved in the foregoing embodiment may be used, that is, the data routing method may also be provided in the embodiment of the present invention.
  • the specific implementation process refer to the description of the foregoing embodiment, where the embodiment of the present invention is This will not be repeated here.
  • the terminal can distinguish the terminal environment installed by the HCE application as TEE or REE by using two different application type labels in the resource file, and then the terminal can pass the HCE application installation package when receiving the HCE application installation package.
  • the application type label in the resource file determines the terminal environment in which the HCE application is installed, distinguishes the HCE application as a TA or CA, and then installs the TA into the TEE, installs the CA into the REE, and implements two different security levels of TEE and REE. of HCE application, so that developers can choose to implement HCE function in TEE as needed, or choose to implement HCE function in REE to meet the needs of different application functions.
  • the embodiment of the present invention further provides a terminal 100 for implementing a host card to simulate an HCE, where the terminal 100 for implementing a host card to simulate an HCE includes an installation unit 101, a parsing unit 102, and a registration.
  • the unit 103 as shown in FIG. 12A, is in the embodiment of the present invention:
  • the installation unit 101 is configured to install the HCE application into a terminal environment corresponding to a type of the HCE application according to a type of the HCE application.
  • the terminal environment includes a trusted execution environment TEE and a rich execution environment REE.
  • the parsing unit 102 is configured to parse the first identifier of the HCE application installed by the installation unit 101 and the at least one second identifier included in the HCE application.
  • the first identifier is used to uniquely identify the HCE application in the terminal, and the second identifier is used to identify a message flow between the card reading device and the HCE application.
  • the registration unit 103 is configured to register the routing information of the HCE application into the TEE, where the routing information includes the first identifier, the at least one second identifier, and the The terminal environment where the HCE application is installed.
  • the terminal 100 for implementing the host card simulation distinguishes the HCE application into a TA or a CA by using different application type labels, and then installs the TA into the TEE, installs the CA into the REE, and implements the TEE based and based on REE two different security levels of HCE applications.
  • the terminal 100 for implementing host card emulation provided by the embodiment of the present invention further includes a first routing unit 104 and a second routing unit 105, where
  • the first routing unit 104 is configured to send the acquired external data to a second routing unit in the TEE;
  • the second routing unit 105 is configured to send the external data to an HCE application installed by the installation unit 101 corresponding to the external data.
  • the first routing unit 104 is specifically configured to send the obtained external data to the second routing unit 105 in the TEE as follows:
  • the second routing unit 105 is specifically configured to send the external data to the HCE application corresponding to the external data as follows:
  • the second routing unit 105 is configured to send the external data to the HCE application corresponding to the first identifier of the external data according to the determined terminal environment as follows:
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the TEE through the established session;
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the REE through a service program in the TEE or a shared memory.
  • the terminal 100 for implementing the host card simulation provided by the embodiment of the present invention is used to implement the function of the method for implementing the host card simulation according to the foregoing embodiment of the present invention.
  • the specific process of implementation refer to the description of the foregoing embodiment, and the implementation of the present invention is implemented. The examples are not described here.
  • the host card emulation terminal 100 provided by the embodiment of the present invention can distinguish the installation environment of the HCE application as TEE or REE by using two different application type labels, and the terminal can pass the application type label when receiving the HCE application installation package.
  • Determine the terminal environment where the HCE application is installed distinguish the HCE application as the TA or CA, install the TA into the TEE, install the CA into the REE, and implement the HCE application that supports two different security levels, TEE and REE, to enable the developer.
  • You can choose to implement the HCE function in the TEE as needed, or choose to implement the HCE function in the REE to meet the needs of different application functions.
  • the embodiment of the present invention further provides a As shown in FIG. 13, the terminal 200 implementing host card emulation includes a processor 201.
  • the terminal 200 for implementing host card emulation includes two operating environments, REE and TEE.
  • the two operating environments respectively have respective processors, that is, the processor 201 of the terminal 200 that implements host card emulation includes a common processing core 2011 and a trusted processing core. 2012, wherein the common processing core 2011 is a REE processor, and the trusted processing core 2012 is a TEE processor.
  • the common processing core 2011 and the trusted processing core 2012 may be different cores of the same physical CPU, or may be different CPU times of the same physical CPU.
  • the terminal 200 for implementing host card emulation provided in the embodiment of the present invention further includes a memory, and the memory includes a common random access memory (RAM) 2021 and a common read only memory (running in the REE).
  • RAM random access memory
  • ROM Read-only Memory
  • TEE trusted ROM
  • the common RAM 2021, the common ROM 2041, the trusted RAM 2022, and the trusted ROM 2042 can be used to store instructions and data.
  • the storage instruction area may store an operating system, instructions required for at least one function, and the like; the instructions may cause the processor 201 to perform the method for implementing host card emulation involved in the above embodiments of the present invention.
  • the terminal 200 for implementing host card emulation in the embodiment of the present invention further includes a peripheral device, and the peripheral device includes a common peripheral 2031 in the REE and a trusted peripheral 2032 in the TEE.
  • the NFCC is in the REE, the NFCC is a public peripheral; when the NFCC is in the TEE, the NFCC is a trusted peripheral;
  • the terminal 200 that implements host card emulation in the terminal in the embodiment of the present invention further includes a communication unit 2051 located in the REE.
  • the processor 201 is a control center of the terminal 200 for implementing host card emulation, and connects various parts of the entire mobile phone by using various interfaces and lines, and is stored or executed in the common RAM 2021, the public ROM 2041, the trusted RAM 2022, and the like.
  • the instruction in the ROM 2042 and the data stored in the common RAM 2021, the common ROM 2041, the trusted RAM 2022, and the trusted ROM 2042 are executed by the trusted peripheral 2032, the common peripheral 2031, and the communication unit 2051, and the terminal 200 implementing the host card simulation is executed.
  • the various functions and processing data enable overall control of the terminal 200 that implements host card emulation.
  • the processor 201 may include one or more processing units; preferably, the processor 201 may integrate an application processor and a modem processor, where The processor mainly processes the operating system, user interface, application, etc., and the modem processor mainly handles wireless communication. It can be understood that the above modem processor may not be integrated into the processor 201.
  • the processor and memory can be implemented on a single chip, and in some embodiments they can also be implemented separately on separate chips.
  • the terminal 201 included in the terminal 200 for implementing host card emulation provided by the embodiment of the present invention is configured to call instructions and data stored in the common RAM 2021, the public ROM 2041, the trusted RAM 2022, and the trusted ROM 2042 through the trusted
  • the peripheral 2032, the common peripheral 2031, and the communication unit 2051 implement the following functions:
  • the HCE application is installed in a terminal environment corresponding to the type of the HCE application according to a type of the HCE application, where the terminal environment includes a TEE and a REE; and the first identifier of the HCE application and the HCE are parsed At least one second identifier included in the application, the first identifier is used to uniquely identify the HCE application in the terminal, and the second identifier is used to identify a message flow between the card reading device and the HCE application And for registering the routing information of the HCE application to the TEE, where the routing information includes the first identifier, the at least one second identifier, and the terminal environment installed by the HCE application.
  • processor 201 is further configured to:
  • the processor 201 is specifically configured to send the obtained external data to the route management module in the TEE in the following manner:
  • the external data whose routing target is the device host is sent to the routing management module in the TEE by the NFCC in the NFCC or REE in the TEE.
  • the processor 201 is specifically configured to control the routing management module to send the external data to the HCE application corresponding to the external data as follows:
  • Corresponding external data first identifier, and first identifier pair with the external data The HCE application installs the terminal environment, and controls the route management module to send the external data to the HCE application corresponding to the first identifier of the external data according to the determined terminal environment.
  • the processor 201 is configured to: in the following manner, control the routing management module to send the external data to the HCE application corresponding to the first identifier of the external data according to the determined terminal environment:
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the TEE through the established session;
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the REE through a service program in the TEE or a shared memory.
  • the terminal 200 for implementing host card emulation provided by the embodiment of the present invention has the function of implementing any method for implementing host card emulation according to the foregoing embodiment of the present invention.
  • the specific implemented function refer to the description of the foregoing embodiment, and the implementation of the present invention is implemented. The examples are not described here.
  • the host card analog terminal 200 provided by the embodiment of the present invention can distinguish the installation environment of the HCE application as TEE or REE by using two different application type labels, and the terminal can pass the application type label when receiving the HCE application installation package.
  • Determine the terminal environment where the HCE application is installed distinguish the HCE application as the TA or CA, install the TA into the TEE, install the CA into the REE, and implement the HCE application that supports two different security levels, TEE and REE, to enable the developer.
  • You can choose to implement the HCE function in the TEE as needed, or choose to implement the HCE function in the REE to meet the needs of different application functions.
  • the embodiment of the present invention further provides a data routing device 300.
  • the data routing device 300 includes an obtaining unit 301 and a first routing unit 302. And a second routing unit 303, wherein
  • the obtaining unit 301 is configured to acquire external data.
  • the first routing unit 302 is configured to send the external data acquired by the obtaining unit 301 to the TEE;
  • the second routing unit 303 is configured to send the external data to an HCE application corresponding to the external data.
  • the first routing unit 302 is specifically configured to send the obtained external data to the TEE as follows:
  • the data is obtained by the NFCC driver in the TEE or the NFCC driver in the REE, and the external data whose routing destination is the device host is sent to the second routing unit 303 in the TEE.
  • the second routing unit 303 is specifically configured to send the external data to an HCE application corresponding to the external data as follows:
  • the first identifier of the external data corresponding to the second identifier in the external data Determining, according to the routing information of the HCE application that is registered in the TEE, the first identifier of the external data corresponding to the second identifier in the external data, and the terminal environment installed by the HCE application corresponding to the first identifier of the external data
  • the first identifier is used to uniquely identify an HCE application in the terminal;
  • the second routing unit 303 is specifically configured to send the external data to an HCE application corresponding to the first identifier of the external data according to the determined terminal environment.
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the TEE through the established session;
  • the external data is sent to the HCE application corresponding to the first identifier of the external data in the REE through a service program in the TEE or a shared memory.
  • the data routing device 300 provided by the embodiment of the present invention is used to implement the data routing process in the host card emulation method according to the foregoing embodiment of the present invention.
  • the specific process refer to the description of the foregoing embodiment. I will not repeat them here.
  • the data routing device 300 may determine the first identifier of the external data corresponding to the second identifier by acquiring the second identifier in the external data, and determine, by using the first identifier of the external data, that the HCE application is a TA It is also a CA, and the installation environment of the HCE application is known. If it is a TA, the installation environment is TEE, and if it is a CA, the installation environment is REE. After the HCE application installation environment is determined, the obtained data can be routed to the HCE application in the corresponding environment to complete the data routing of the HCE application supporting different security levels.
  • FIG. 1 These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine for the execution of instructions for execution by a processor of a computer or other programmable data processing device.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Stored Programmes (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

本发明实施例提供一种实现主机卡模拟的方法及装置,本发明中终端根据HCE应用的类型,将所述HCE应用安装至与所述HCE应用的类型对应的终端环境中,终端环境包括可信执行环境TEE和富执行环境REE;终端解析所述HCE应用的第一标识和所述HCE应用中包含的至少一个第二标识,第一标识用于在终端中唯一标识所述HCE应用,第二标识用于标识读卡设备与所述HCE应用之间的消息流;终端将所述HCE应用的路由信息注册到TEE中,路由信息包括第一标识、至少一个第二标识以及HCE应用安装的终端环境。通过本发明能够在终端上实现支持TEE和REE两种不同安全级别的HCE应用。

Description

实现主机卡模拟的方法、终端、数据路由方法及装置 技术领域
本发明涉及通信技术领域,尤其涉及一种实现主机卡模拟的方法、终端、数据路由方法及装置。
背景技术
卡模拟(Card Emulation,CE)功能,是指利用支持近场通信(Near Field Communication,NFC)功能并且具有安全单元(Secure Element,SE)的终端,模拟非接触式芯片卡(Contactless IC Card)。卡模拟应用安装到终端的安全单元中,并在安全单元中运行。安全单元一般允许安装多个卡模拟应用,这使得用户携带一部终端就相当于携带了多张实体卡片,为用户带来了极大便利。
主机卡模拟(Host-based Card Emulation或Host Card Emulation,HCE)是指卡模拟应用无需安装到安全单元中,而是像普通的应用一样直接安装到终端的操作系统中,并运行在终端主机(Device Host,或者称之为设备主机)上。HCE广泛应用于近场通信(Near Field Communication,NFC)中。
目前,HCE应用程序一般运行在终端的富执行环境(Rich Execution Environment,REE)中,通过终端的NFC接口与POS机或者读卡器等读卡设备进行通信。REE是一种安全级别较低的运行环境,即任何来源的应用程序经用户许可都可安装到终端的REE中,并且对于REE中存储的数据的保护也不足以抵御各种恶意软件的威胁,故当HCE应用程序安装和运行在REE中时,其相关的用户账户等机密数据的安全级别较低,容易被窃取。
然而,目前常常需要利用HCE机制来实现一些安全性能要求较高的应用,诸如银行发布的HCE支付应用等,如果将这些安全性能要求较高的HCE应用安装到REE中,HCE应用关联的账户数据很容易被恶意程序的窃取。因此REE中的HCE程序的关联数据处于比较危险的状态。
发明内容
本发明实施例提供一种实现主机卡模拟的方法、终端、数据路由方法及 装置,以在终端上实现不同安全级别的HCE功能。
第一方面,提供一种实现主机卡模拟HCE的方法,包括:
终端根据HCE应用的类型,将所述HCE应用安装至与所述HCE应用的类型对应的终端环境中,其中,所述终端环境包括可信执行环境TEE和富执行环境REE;
所述终端解析所述HCE应用的第一标识和所述HCE应用中包含的至少一个第二标识,所述第一标识用于在所述终端中唯一标识所述HCE应用,所述第二标识用于标识读卡设备与所述HCE应用之间的消息流;
所述终端将所述HCE应用的路由信息注册到TEE中,其中,所述路由信息包括所述第一标识、所述至少一个第二标识以及所述HCE应用安装的所述终端环境。
结合第一方面,在第一种实现方式中,所述方法还包括:
所述终端将获取的外部数据发送至TEE中的路由管理模块;
所述路由管理模块将所述外部数据发送至与所述外部数据对应的HCE应用。
结合第一方面的第一种实现方式,在第二种实现方式中,所述终端将获取的外部数据发送至TEE中的路由管理模块,具体包括:
所述终端通过TEE中的近场通信控制器NFCC或REE中的NFCC获取外部数据;
由TEE中的所述NFCC或REE中的所述NFCC,将路由目标是设备主机的所述外部数据发送至TEE中的路由管理模块。
结合第一方面的第一种实现方式或者第一方面的第二种实现方式,在第三种实现方式中,所述路由管理模块将所述外部数据发送至所述外部数据对应的HCE应用,具体包括:
所述路由管理模块获取所述外部数据中的第二标识;
所述路由管理模块根据所述注册到TEE中的路由信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对应的HCE应用安装的终端环境;
所述路由管理模块根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用。
结合第一方面的第三种实现方式,在第四种实现方式中,根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用,包括:
若所述确定的终端环境为TEE,则通过建立的会话将所述外部数据发送给TEE中的与所述外部数据第一标识对应的HCE应用;
若所述确定的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的HCE应用。
第二方面,提供一种数据路由方法,包括:
终端将获取的外部数据发送至TEE中的路由管理模块;
所述路由管理模块将所述外部数据发送至与所述外部数据对应的HCE应用。
结合第二方面,在第一种实现方式中,所述终端将获取的外部数据发送至TEE中的路由管理模块,具体包括:
所述终端通过TEE中的NFCC驱动或者REE中的NFCC驱动获取所述外部数据,并将路由目标是设备主机的所述外部数据发送至TEE中的路由管理模块。
结合第二方面或者第二方面的第一种实现方式,在第二种实现方式中,所述路由管理模块将所述外部数据发送至与所述外部数据对应的HCE应用,包括:
所述路由管理模块获取所述外部数据中的第二标识,所述第二标识用于标识读卡设备与一个HCE应用之间的消息流;
根据所述注册到TEE中的HCE应用的路由信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对应的HCE应用安装的终端环境,所述第一标识用于在终端中唯一标识一个HCE应用;
根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一 标识对应的所述HCE应用。
结合第二方面的第二种实现方式,在第三种实现方式中,所述根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的所述HCE应用,包括:
若所述确定的终端环境为TEE,则通过建立的会话将所述外部数据发送给TEE中的与所述外部数据第一标识对应的所述HCE应用;
若所述确定的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的所述HCE应用。
第三方面,提供一种实现主机卡模拟HCE的终端,包括:
安装单元,用于根据HCE应用的类型,将所述HCE应用安装至与所述HCE应用的类型对应的终端环境中,其中,所述终端环境包括可信执行环境TEE和富执行环境REE;
解析单元,用于解析所述安装单元安装的所述HCE应用的第一标识和所述HCE应用中包含的至少一个第二标识,所述第一标识用于在所述终端中唯一标识所述HCE应用,所述第二标识用于标识读卡设备与所述HCE应用之间的消息流;
注册单元,用于将所述HCE应用的路由信息注册到TEE中,其中,所述路由信息包括所述解析单元解析出的所述第一标识、所述至少一个第二标识以及所述HCE应用安装的所述终端环境。
结合第三方面,在第一种实现方式中,所述终端还包括第一路由单元和第二路由单元,其中,
所述第一路由单元,用于将获取的外部数据发送至TEE中的第二路由单元;
所述第二路由单元,用于将所述外部数据发送至与所述外部数据对应的安装单元安装的HCE应用。
结合第三方面的第一种实现方式,在第二种实现方式中,所述第一路由单元,具体用于按如下方式将获取的外部数据发送至TEE种的第二路由单元:
通过TEE中的近场通信控制器NFCC或REE中的NFCC获取外部数据;
由TEE中的所述NFCC或REE中的所述NFCC将路由目标是设备主机的所述外部数据发送至TEE中的第二路由单元。
结合第三方面的第一种实现方式,或者第三方面的的第二种实现方式,在第三种实现方式中,所述第二路由单元,具体用于按如下方式将所述外部数据发送至所述外部数据对应的HCE应用:
获取所述外部数据中的第二标识;
根据注册到TEE中的信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对应的所述HCE应用安装的终端环境;
根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用。
结合第三方面的第三种实现方式,在第四种实现方式中,所述第二路由单元,具体用于按如下方式根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用:
若所述确定的终端环境为TEE,则通过建立的会话将所述外部数据发送给TEE中的与所述外部数据第一标识对应的HCE应用;
若所述确定的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的HCE应用。
第四方面,提供一种数据路由装置,包括:
获取单元,用于获取外部数据;
第一路由单元,用于将所述获取单元获取的外部数据发送至TEE中的第二路由单元;
第二路由单元,用于将所述外部数据发送至与所述外部数据对应的HCE应用。
结合第四方面,在第一种实现方式中,所述第一路由单元,具体用于按如下方式将获取的外部数据发送至TEE中的第二路由单元:
通过TEE中的NFCC驱动或者REE中的NFCC驱动获取所述外部数据, 并将路由目标是设备主机的所述外部数据发送至TEE中的第二路由单元。
结合第四方面的第一种实现方式,在第二种实现方式中,所述第二路由单元,具体用于按如下方式,将所述外部数据发送至与所述外部数据对应的HCE应用:
获取所述外部数据中的第二标识,所述第二标识用于标识读卡设备与一个HCE应用之间的消息流;
根据注册到TEE中的所述HCE应用的路由信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对应的所述HCE应用安装的终端环境,所述第一标识用于在终端中唯一标识一个HCE应用;
根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用。
结合第四方面的第二种实现方式,在第三种实现方式中,所述第二路由单元,具体用于按如下方式,根据所述确定的终端环境,将所述外部数据发送至与所述第一标识对应的HCE应用:
若所述确定的终端环境为TEE,则通过建立的会话将所述外部数据发送给TEE中的与所述外部数据第一标识对应的HCE应用;
若所述确定的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的HCE应用。
第五方面,提供一种实现主机卡模拟HCE的终端,包括存储器、外设、通信单元和处理器,其中:
所述存储器,包括运行于富执行环境REE的公共随机存取存储器RAM和公共只读存储器ROM,以及运行于可信执行环境TEE的可信RAM和可信ROM,用于存储指令和数据;
所述外设,包括所述REE中的公共外设和所述TEE中的可信外设;
所述通信单元,位于所述REE中;
所述处理器,用于调用存储在所述公共RAM、公共ROM、可信RAM以及可信ROM内的指令以及数据,通过所述可信外设、所述公共外设以及所述 通信单元,实现以下功能:
根据HCE应用的类型,将所述HCE应用安装至与所述HCE应用的类型对应的终端环境中,其中,所述终端环境包括TEE和REE;解析所述HCE应用的第一标识和所述HCE应用中包含的至少一个第二标识,所述第一标识用于在所述终端中唯一标识所述HCE应用,所述第二标识用于标识读卡设备与所述HCE应用之间的消息流;并用于将所述HCE应用的路由信息注册到TEE中,其中,所述路由信息包括所述第一标识、所述至少一个第二标识以及所述HCE应用安装的所述终端环境。
结合第五方面,在第一种实现方式中,所述处理器,还用于:
将获取的外部数据发送至TEE中的路由管理模块,控制所述路由管理模块将所述外部数据发送至与所述外部数据对应的HCE应用。
结合第五方面的第一种实现方式,在第二种实现方式中,所述处理器,具体用于采用如下方式将获取的外部数据发送至TEE中的路由管理模块:
通过TEE中的近场通信控制器NFCC或REE中的NFCC获取外部数据;
由TEE中的所述NFCC或REE中的所述NFCC将路由目标是设备主机的所述外部数据发送至TEE中的路由管理模块。
结合第五方面的第一种实现方式或者第二种实现方式,在第三种实现方式中,所述处理器,具体用于按如下方式控制所述路由管理模块将所述外部数据发送至所述外部数据对应的HCE应用:
控制所述路由管理模块通过所述通信单元以及所述外设获取所述外部数据中的第二标识,并根据所述注册到TEE中的路由信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对应的HCE应用安装的终端环境,并控制所述路由管理模块根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用。
结合第五方面的第三种实现方式,在第四种实现方式中,所述处理器,具体用于按如下方式控制所述路由管理模块根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用:
若所述确定的终端环境为TEE,则通过建立的会话将所述外部数据发送 给TEE中的与所述外部数据第一标识对应的HCE应用;
若所述确定的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的HCE应用。本发明实施例提供的实现主机卡模拟的方法、终端、数据路由方法及装置,通过不同的应用类型标签,区分HCE应用为TA或CA,进而将TA安装到TEE中,将CA安装到REE中,实现了基于TEE和基于REE两种不同安全级别的HCE应用。
附图说明
图1A至图1B为本发明实施例提供的主机卡模拟方法应用的终端系统架构;
图2为本发明实施例提供的主机卡模拟方法实现流程图;
图3为本发明实施例提供的将HCE应用安装到对应的环境实现流程图;
图4为本发明实施例提供的另一主机卡模拟方法实现流程图;
图5为本发明实施例提供的将获取的外部数据发送至TEE中的路由管理模块的流程图;
图6为本发明实施例提供的路由信息保存过程示意图;
图7为本发明实施例提供的根据应用保存的路由信息进行外部数据路由的过程示意图;
图8为本发明实施例设置的路由表示意图;
图9为本发明实施例提供的在TEE中执行路由过程示意图;
图10为本发明实施例提供的将外部数据转发给TA过程示意图;
图11A至图11B为本发明实施例提供的将外部数据转发给CA过程示意图;
图12A至图12B为本发明实施例提供的实现主机卡模拟的终端构成示意图;
图13为本发明实施例提供的实现主机卡模拟的终端另一构成示意图;
图14为本发明实施例提供的数据路由装置的构成示意图。
具体实施方式
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行 清楚地描述。
可信执行环境(Trusted Execution Environment,TEE)与REE,是共同存在于终端中的两种程序运行环境,TEE和REE可以称为终端环境,其各自包括存储器、处理器等硬件资源和操作系统(Operating System,OS)、框架(Framework)等软件。REE没有严格限定应用的来源,如果用户许可,REE可接受任何来源的软件安装。然而,TEE则不同,TEE内的存储为安全存储,其会受到TEE发行者(如,终端厂商或运营商)的管理,具有一定的限制访问条件;终端收到访问TEE存储的请求时,例如读写安全存储(向TEE中安装程序属于写安全存储操作),需验证是否符合安全访问规则,在符合安全访问规则的前提下,才可访问相应的存储内容。因为TEE的上述特性,恶意程序无法访问安装到TEE中的程序及其数据;安装到TEE环境中的程序,互相之间也无法越界访问不属于自己的数据,因此实现了较高的安全级别。
可信应用(Trusted APPlication,TA)是指运行于TEE中的应用,能够为REE中的客户端应用或者TEE环境中的其他可信应用提供安全相关功能,如密码服务、签名服务和摘要服务等。相应的,客户端应用(Client APPlication,CA)是指运行在REE中,可以通过TEE客户端应用编程接口或共享内存机制与TEE中的某个可信应用TA进行通信并调用TA提供的服务的应用。
为了便于软件开发商(Soft Processor,SP)根据自己的业务需求选择不同安全级别的HCE,本发明实施例提供一种主机卡模拟实现方法,以在包括TEE的终端上实现不同安全级别HCE应用的安装,满足不同业务需求的不同安全级别需求。例如,对安全性能要求较高的金融卡、支付卡应用等高安全级别的业务需求,可实现为TA,并安装到TEE中;类似于超市会员卡,门禁卡等低安全级别的业务需求,可实现为CA,并安装在REE中。
本发明实施例提供的主机卡模拟方法,依据HCE应用业务需求要求安装的终端环境是TEE还是REE,将HCE应用安装到对应的终端环境中。
本发明实施例中可在HCE应用的资源文件中定义用于标识HCE应用安装终端环境的应用类型标签,通过不同的应用类型标签区分HCE应用应该安装的终端环境是TEE还是REE,并将HCE应用安装到TEE或REE中,以在 终端上实现支持TEE和REE两种不同安全级别的HCE应用。
本发明实施例中为了实现在终端上支持TEE和REE两种不同安全级别的HCE应用,即将高安全级别的HCE应用安装到TEE中,将较低安全级别的HCE应用安装到REE中,可应用图1A或图1B所示的终端系统架构,在TEE中实现不同安全级别的HCE应用的路由功能。图1A中,NFC控制器(NFC Controller,NFCC)收到数据后,通过REE操作系统内核中的NFCC驱动(NFCC Driver)和NFCC路由模块发送给上层应用,当支持TEE和REE两种不同安全级别的HCE应用时,NFCC driver将收到的数据发送给TEE环境中的可信NFC服务框架(NFC Service Framework),并由TEE环境中的NFC Service Framework转发给路由管理模块(Routing Management Module,本发明中也记为Route-TA),TEE中的路由管理模块(Route-TA)将数据分发(即路由)给TEE中的TA或者REE中的CA。图1B中,NFC控制器收到数据后,通过TEE中的可信操作系统内核中的可信NFCC驱动将数据发送给TEE中的路由管理模块,由TEE中的路由管理模块将数据分发给TEE中的TA或者REE中的CA。
需要说明的是本发明实施例中NFCC,也可称之为近场通信控制器(Near Field Communication Controller,NFCC),NFCC是NFC论坛(NFC Forum)定义的一种逻辑实体,业界也常用NFCC表示实现了主要NFC功能的NFCC芯片。本发明中,将NFCC芯片、NFCC驱动和NFCC路由模块区分开来,以上三种硬件或软件都是NFCC逻辑实体的一部分。
图2所示为本发明实施例提供的主机卡模拟实现方法流程图,如图2所示,包括:
S101:终端根据HCE应用的类型,将所述HCE应用安装至与所述HCE应用的类型对应的终端环境中。
本发明实施例中安装所述HCE应用的终端环境包括TEE和REE,一个HCE应用只对应一种终端环境,即HCE应用运行的终端环境为TEE或者REE。需要说明的是,本发明实施例中安装HCE应用的终端环境称之为环境、安装环境,当然也可称之为应用运行环境等,本发明实施例不做限定。
具体的,本发明实施例中终端根据HCE应用的类型,将所述HCE应用安装至与所述HCE应用的类型对应的终端环境中,可采用如图3所示的方法流程,包括:
S1011:获取HCE应用的资源文件。
HCE应用安装包中包含有HCE应用的配置文件,终端接收到HCE应用的安装包,检查该安装包中的配置文件,并根据该配置文件中指定的资源文件名及路径,获取HCE应用的资源文件。
S1012:根据获取的资源文件中的应用类型标签,确定所述HCE应用安装的终端环境。
本发明实施例中通过不同的应用类型标签,区分HCE应用安装的终端环境是TEE还是REE。本发明实施例中可通过资源文件中的REE主机卡模拟程序(<host-apdu-service/>)标签标识此HCE应用是一个CA应用,待安装的环境为REE;通过资源文件中的TEE主机卡模拟程序(<TEE-apdu-service/>)标签标识此HCE应用是一个TA,待安装的环境为TEE。故,若获取的资源文件中的应用类型标签为<host-apdu-service/>,则确定待安装所述HCE应用的终端环境为REE,即该应用为CA。若获取的资源文件中的应用类型标签为<TEE-apdu-service/>,则确定待安装所述HCE应用的终端环境为TEE,即该应用为TA。
S1013:将所述HCE应用,安装到确定的所述终端环境中。
本发明实施例中HCE应用安装的终端环境为REE或者TEE,若确定所述HCE应用安装的终端环境为TEE,即该应用为TA,则将所述TA安装到TEE中,若确定所述HCE应用安装的终端环境为REE,即该应用为CA,则将所述CA安装到REE中。
S102:终端解析所述HCE应用的第一标识和所述HCE应用中包含的至少一个第二标识。
每一HCE应用对应一个应用标识(APP ID),一般而言,CA可以使用应用的证书作为应用标识,TA可以使用通用唯一识别符(Universally Unique Identifier,UUID)作为应用标识。每一个HCE应用能处理读卡设备与HCE 之间的若干个消息流,上述消息流由读卡设备发送一个SELECT AID命令开始,HCE应用收到路由管理模块路由给它的SELECT AID后,应以APDU命令应答,此后读卡设备发送其他的数据交换命令,HCE应用需要应答,直到终端再次收到一个SELECT AID命令(一般来说,这个SELECT AID命令中的AID,与上一条SELECT AID命令中的AID不同),则当前的消息流结束,一个新的消息流开始,具体由哪个HCE应用处理消息流,由路由管理模块根据新的SELECT AID命令中的AID来确定。在单次使用终端进行的刷卡交易中,终端也可能会只收到一条SELECT AID命令,命令中的AID由用户选中参与交易的支付卡来确定,此时从收到SELECT AID命令至交易结束,读卡设备与终端之间的交互也可认为是一个消息流。综上,消息流由卡应用标识(APPlication IDentifier,AID)进行标识,AID是ISO/IEC 7816-5定义的用于标识智能卡内安装的卡应用(APPlet)的标识,此标识也用于标识HCE应用可以处理的消息流或称之为HCE应用包含的卡应用,一个HCE应用可以实现一个或多个AID的处理逻辑,每一个AID处理逻辑对应一个卡应用或者说对应一段读卡设备与HCE应用之间的消息流。本发明实施例为描述方便,将标识HCE应用的应用标识称之为第一标识,该第一标识用于唯一标识一个HCE应用。将AID称之为第二标识,所述第二标识用于标识读卡设备与HCE应用之间的消息流。
本发明实施例中所述第一标识用于在终端中唯一标识所述HCE应用,所述第二标识用于标识读卡设备与所述HCE应用之间的消息流。
S103:终端将所述HCE应用的路由信息注册到TEE中。
本发明实施例中终端注册到TEE中的HCE应用的路由信息包括所述第一标识、所述至少一个第二标识以及所述HCE应用安装的终端环境。
本发明实施例中在TEE中安装TA和在REE中安装CA,都需要解析第一标识和所述HCE应用中包含的至少一个第二标识,将解析得到的所述第一标识和所述至少一个第二标识,以及所述HCE应用安装的终端环境注册到所述TEE中。
本发明实施例中将第一标识、第二标识以及所述HCE应用安装的终端环 境注册到TEE中,是完成HCE的安装部署的必要步骤,当然所述安装部署过程还包括其他的必要步骤,本发明实施例在此不作限定。
需要说明的是,本发明实施例中涉及的注册,是指将HCE应用的第一标识,以及HCE应用相关的至少一个第二标识,以及HCE应用所在的终端环境发送给TEE中的路由管理模块,路由管理模块对接收到的信息即HCE应用相关的第二标识进行冲突检测和冲突解决处理之后(可能存在多个HCE应用处理相同的第二标识的情况,路由管理模块需要进行特殊处理,如指定多个HCE应用中的一个来处理某个第二标识),根据第一标识、第二标识、以及HCE应用安装的终端环境的对应关系,生成多条路由项,并保存到TEE路由管理模块的路由表中,后续收到外部数据时依据路由表进行路由,其中,本发明实施例中的路由信息包括第一标识、至少一个第二标识以及HCE应用安装的终端环境,由于一个HCE应用对应一个或多个第二标识,每个第二标识可以生成一条路由项,因此一个HCE应用的路由信息包括至少一条路由项。
本发明实施例中通过资源文件中的两种不同的应用类型标签,终端可以区分HCE应用的安装环境为TEE还是REE,进而终端在接收到HCE应用安装包时,可通过资源文件中的应用类型标签,确定HCE应用安装的终端环境,区分该HCE应用为TA或CA,进而将TA安装到TEE中,将CA安装到REE中,实现了基于TEE和基于REE两种不同安全级别的HCE应用。
进一步的,本发明实施例中,将安装在终端TEE和REE中的HCE应用的路由信息均注册到TEE后,还可包括如下步骤:
S104:终端将获取的外部数据发送至TEE中的路由管理模块。
S105:所述路由管理模块将所述外部数据发送至与所述外部数据对应的HCE应用。
本发明实施例中包括上述S104和S105步骤的实施流程图可参阅图4所示。
本发明实施例中将获取的外部数据发送至TEE的路由管理模块,可采用如图5所示的数据路由方法,如图5所示,包括:
S1041:终端通过TEE中的NFCC或者REE中的NFCC获取外部数据。
终端处于卡模拟工作模式时,终端通过NFC接口,例如NFC天线,与非接触读卡设备,例如非接触POS机或者非接触读卡器,进行通信。终端使用NFCC芯片和NFCC驱动,从NFC天线获取外部数据。
可选的,本发明实施例中可在终端的TEE中加载可信NFCC驱动,TEE环境下的可信操作系统(Trusted OS)获得NFC接口的访问控制权限,进而获取外部数据。
S1042:TEE中的NFCC或者REE中的NFCC将路由目标是设备主机的所述外部数据发送至TEE。
本发明实施例中,终端使用NFCC芯片和NFCC驱动,从NFC天线获取到非接触读卡器或非接触POS机等外部设备发送的外部数据后,将获得的数据发送至NFCC路由模块进行处理,NFCC路由模块为一软件实体(例如,路由模块可以实现为芯片固件),该NFCC路由模块获得外部数据中的第二标识,并根据保存在NFCC中的路由表,将需要发送至TEE中的数据转发给TEE,本发明实施例中需要发送至TEE的数据包括路由目标是设备主机的数据,设备主机(Device Host)一般是指终端的中央处理器CPU,也称之为主机中央处理器(Host Central Processing Unit,Host CPU)。
NFC有卡模拟、P2P和读卡器三种工作模式,为支持以上三种工作模式NFCC芯片会工作在轮询模式(Poll模式,对应P2P和读卡器)和侦听(listen)模式,卡模拟属于侦听模式,故,通过确定NFCC芯片当前工作模式是否为卡模拟可确定是否需要执行路由,进一步地,通过获取到的外部数据中的SELECT AID命令与NFCC中配置的路由表,可以确定是否需要将获取的外部数据发送至TEE。
本发明实施例中通过TEE中的NFCC执行第一次路由,从而将路由目标是设备主机CPU的所述外部数据发送至TEE中的路由管理模块,可参阅图1B所示。通过REE中的NFCC执行第一次路由,从而将路由目标是设备主机的所述外部数据发送至TEE中的路由管理模块,可参阅图1A所示。
其中第一次路由是指将获取的数据发送至TEE中的路由管理模块的过程。
本发明实施例中为实现在TEE中将所述外部数据发送至与所述外部数据对应的HCE应用,可预先进行路由信息保存,即将HCE应用的第一标识与至少一个第二标识及其对应关系进行注册,本发明实施例中可将HCE应用的第一标识与至少一个第二标识注册到TEE中的路由管理模块,然后由TEE中的路由管理模块基于保存的路由信息,将数据路由到对应的环境中的HCE应用。这样使得不同类型的HCE应用能够在不同的终端环境中处理,提高了基于不同HCE应用的安全性。
本发明实施例中预先进行路由信息注册的过程,可参阅图6所示。一个REE中的HCE应用,可以通过静态资源文件,指定此HCE应用对应的第二标识列表,也可以使用动态注册应用程序编程接口(Application Programming Interface,API),指定此HCE应用对应的第二标识列表;无论是使用静态还是动态方法,都需要通过TEE客户端应用编程接口(TEE Client API)或共享内存将第一标识与第二标识的映射关系发送给TEE中的路由管理模块。TEE中的HCE应用,也可以使用上述静态或动态方法声明此HCE应用对应的第二标识,不同之处在于,此时无需使用TEE Client API或共享内存,而是使用TA之间的通信机制即会话(session),将第一标识与第二标识的映射关系发送给TEE中的路由管理模块,路由管理模块会从第一标识中解析得到HCE应用安装的终端环境,进而,HCE应用的第一标识、与第一标识对应的至少一个第二标识以及该HCE应用安装的终端环境作为至少一条路由项保存在路由管理模块中。图6中,对于REE,用户下载CA安装包后,终端进行应用安装配置文件的解析,解析到<host-apdu-service/>标签,获知该HCE应用为CA,进一步进行资源文件解析,读取资源文件中的第二标识,将读取到的第一标识与至少一个第二标识发送到TEE中的路由管理模块。
进一步的,本发明实施例中对于REE中的HCE应用(是一个CA),可通过CA运行时,调用动态第二标识加载API将第一标识与第二标识之间的映射关系发送给TEE中的路由管理模块。本发明实施例中当CA应用更新或者组件更新时,例如软件应用版本升级,或者向HCE应用中增加新的卡应用时,即新增AID时,也需将更新的信息发送到TEE中,以实现准确的路由。图6 中,对于TEE中,用户下载HCE应用(是一个TA)安装包后,终端解析TA应用的第一标识与第二标识,或者调用TA运行时的动态加载第二标识的API,发送第一标识与第二标识的映射关系给TEE的路由管理模块。TEE中的路由管理模块,进行第一标识与第二标识的接收与管理,在TEE中保存或者更新HCE应用的路由信息。
本发明实施例中预先保存了HCE应用的路由信息后,则可等待接收数据,当接收到数据后,NFCC执行第一次路由,将数据路由到TEE中的路由管理模块,由该路由管理模块依据预先保存的路由信息进行第二次路由,将数据转发给CA或TA,如图7所示。
其中,第二次路由是指由路由管理模块接收数据,并将数据转发给CA或TA的过程。
本发明实施例,在TEE的路由管理模块中根据保存的路由信息,设置路由表,路由表中包括:TA和CA的第一标识、第二标识和安装的终端环境,路由管理模块依据该路由表将数据路由到相应的HCE应用。
图8为本发明实施例设置的路由表,如图8所示,针对每一个第二标识及其对应的第一标识,分别设置路由项,例如CA的第二标识1和第一标识1对应路由1,TA的第二标识2和第一标识2对应路由2。
需要说明的是,本发明实施例中通过图6所示的方法,完成了CA和TA及其对应的第一标识与第二标识向TEE的注册,完成路由信息的准备工作,但是在具体实施过程中,由于TA的引入,需要对目前的HCE机制做如下改动:
配置文件的修改:需要增加一个标识TEE中HCE应用的应用类型标签,即第一标识标签,诸如<TEE_apdu_service/>,以在配置文件中指示一个运行于TEE的HCE应用的存在。
资源文件的修改:需要给一个标识TEE中HCE应用的应用类型标签,即第一标签,诸如<TEE-apdu-service/>标签,关联若干个第二标识标签,诸如<AID-filter>标签,以便通知服务框架,TA能够处理的读卡器与HCE应用之间的消息流。
本发明实施例中,将CA安装到REE中,将TA安装到TEE中,完成将HCE应用安装到对应环境后,在终端与非接触读卡设备进行交互时,由相应环境中的HCE进行数据的处理。
本发明实施例,终端在TEE中将所述外部数据发送至所述外部数据对应的HCE应用,或者说由TEE中的路由管理模块执行第二次路由,可采用如图9所示的方法:
S1051:TEE中的路由管理模块获取所述外部数据中的第二标识,所述第二标识用于标识读卡设备与终端上一个HCE应用之间的消息流。路由管理模块仅当收到SELECT AID指令时,才执行获取第二标识的操作;收到其他APDU指令时,如果之前没收到过SELECT AID,则认为是错误;如之前收到过SELECT AID指令,则将指令转发给SELECT AID指令对应的HCE应用。
S1052:TEE中的路由管理模块,根据注册到TEE中的HCE应用的路由信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对应的HCE应用安装的终端环境。路由管理模块从外部数据中获得第二标识后,将获得的第二标识与TEE路由管理模块路由表中的AID依次进行比较,直至找到相同的AID,此时将包含相同AID的路由项中的第一标识,作为外部数据第一标识,并找到与该AID对应的HCE应用安装的终端环境。
S1053:TEE中的路由管理模块根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用。
本发明实施例中,通过获取外部数据中的第二标识,可根据路由信息确定与该第二标识对应的外部数据第一标识以及HCE应用安装的终端环境。确定了HCE应用安装的终端环境后,则可将获取到的数据路由至相应环境中的HCE应用,完成支持不同安全级别的HCE应用的数据路由。
需要说明的是,本发明实施例中的路由信息中还可以仅包括第一标识、第二标识,通过获取外部数据中的第二标识,确定与该第二标识对应的外部数据第一标识,通过外部数据第一标识的解析,则可确定该HCE应用是TA还是CA,进而可得知该HCE应用的安装环境,若为TA,则安装环境为TEE, 若为CA,则安装环境为REE。
本发明实施例,根据确定的所述HCE应用安装的终端环境,将所述数据发送至与所述外部数据第一标识对应的HCE应用,具体可采用如下方式:
A:若确定的所述HCE应用安装的终端环境为TEE,则通过建立的会话将所述数据发送给TEE中的与所述外部数据第一标识对应的HCE应用。
TEE的路由管理模块根据外部数据中的第二标识在路由表中查找到对应的外部数据第一标识、该HCE应用安装的终端环境,则路由管理模块,即图1A和图1B中的Route-TA,使用TEE内部核心API(TEE Internal Core API)标准定义的内部客户端API(Internal Client API)创建到目标TA的会话(session),将数据转发给TA,如图10所示。因安装TA时,已经将该TA的第一标识、至少一个第二标识和安装的终端环境,注册到TEE中的Route-TA(即路由管理模块),故而Route-TA可以主动的将获取的外部数据发送给TA,故若在建立会话后,如果收到的数据帧不包含选择第二标识命令,则可一直通过当前已经建立的会话转发外部数据给对应的TA。
B:若确定的所述HCE应用安装的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的HCE应用。
具体的,CA启动时,使用服务程序(REE NFC Service),这里简称作RNS-TA的第一标识UUID,创建一个CA到TA的Session,此session处于等待(pending)状态;而RNS-TA收到来自Route-TA的数据后,路由管理模块已经标注数据应由哪个CA处理,故而RNS-TA可以通过已经建立的Session将数据返回给CA。故本发明实施例中TEE的路由管理模块根据外部数据中的第二标识查找到对应的外部数据第一标识、该HCE应用安装的终端环境,则路由管理模块,即图1A和图1B中的Route-TA,将数据转发给TEE中的服务程序,进而将该外部数据转发给对应的CA,如图11A所示。本发明实施例中,若确定HCE应用的安装环境为REE,则还可直接由路由管理模块将该外部数据通过共享内存发送给CA,如图11B所示。
本发明实施例中,当再次收到外部数据,并且外部数据包含第二标识选 择命令(即SELECT AID命令)时,NFCC将数据帧转发给TEE,由TEE的路由管理模块执行TEE内路由,路由管理模块判断此外部数据第二标识是否由当前已经建立Session的HCE应用进行处理,记为HCE应用1处理,如果是由HCE应用1处理,则路由管理模块直接使用当前的Session将该外部数据发送给HCE应用1;如果是由不同于当前HCE应用的其他HCE应用处理,记为HCE应用2,那么路由管理模块可以选择保持当前Session或者关闭当前的Session,但是一定要根据HCE应用2的第一标识建立第二个Session,通过第二个Session把第二标识选择命令及后续的外部数据发送给HCE应用2。
本发明实施例以下将结合实际应用对上述涉及的数据路由过程进行详细说明。
本发明实施例以非接触POS机与终端之间进行通信为例进行说明。支持TEE的终端作为卡模拟设备,当非接触POS机将交易数据通过近场支付环境NFC通道发送给终端时,终端通过NFCC获取到该交易数据,并通过REE中的NFCC或者TEE中的NFCC,将该交易数据传送至TEE的路由管理模块,TEE的路由管理模块根据该交易数据中的AID即第二标识,查找与该第二标识对应的第一标识,终端根据该第一标识可知该交易数据应该由哪个TA或CA处理,进而建立session,并通过建立的session将交易数据发送AID对应的TA或CA。
需要说明的是,本发明实施例,将CA安装到REE中,将TA安装到TEE中,完成将HCE应用安装到对应环境后,在终端与读卡设备进行交互,由相应环境中的HCE应用进行数据处理时,可采用上述实施例涉及的数据路由的处理流程,即本发明实施例还可提供一种数据路由方法,具体的实施过程,可参阅上述实施例的描述,本发明实施例在此不再赘述。
本发明实施例提供的主机卡模拟方法,通过资源文件中的两种不同应用类型标签,终端可以区分HCE应用安装的终端环境为TEE还是REE,进而终端在接收到HCE应用安装包时,可通过资源文件中的应用类型标签,确定HCE应用安装的终端环境,区分该HCE应用为TA或CA,进而将TA安装到TEE中,将CA安装到REE中,实现支持TEE和REE两种不同安全级别的 HCE应用,以使开发者可以根据需要选择在TEE中实现HCE功能,或者选择在REE中实现HCE功能,以满足不同应用功能的需求。
基于上述实施例提供的实现主机卡模拟的方法,本发明实施例还提供一种实现主机卡模拟HCE的终端100,所述实现主机卡模拟HCE的终端100包括安装单元101、解析单元102和注册单元103,如图12A所示,本发明实施例中:
安装单元101,用于根据HCE应用的类型,将所述HCE应用安装至与所述HCE应用的类型对应的终端环境中。
本发明实施例中,所述终端环境包括可信执行环境TEE和富执行环境REE。
解析单元102,用于解析所述安装单元101安装的所述HCE应用的第一标识和所述HCE应用中包含的至少一个第二标识.
本发明实施例中,所述第一标识用于在所述终端中唯一标识所述HCE应用,所述第二标识用于标识读卡设备与所述HCE应用之间的消息流。
注册单元103,用于将所述HCE应用的路由信息注册到TEE中,其中,所述路由信息包括所述解析单元102解析出的所述第一标识、所述至少一个第二标识以及所述HCE应用安装的终端环境。
本发明实施例提供的实现主机卡模拟的终端100,通过不同的应用类型标签,区分HCE应用为TA或CA,进而将TA安装到TEE中,将CA安装到REE中,实现了基于TEE和基于REE两种不同安全级别的HCE应用。
在第一种实现方式中,本发明实施例提供的实现主机卡模拟的终端100还包括第一路由单元104和第二路由单元105,其中,
所述第一路由单元104,用于将获取的外部数据发送至TEE中的第二路由单元;
所述第二路由单元105,用于将所述外部数据发送至与所述外部数据对应的安装单元101安装的HCE应用。
具体的,所述第一路由单元104,具体用于按如下方式将获取的外部数据发送至TEE中的第二路由单元105:
通过TEE中的近场通信控制器NFCC或REE中的NFCC获取外部数据;由TEE中的所述NFCC或REE中的所述NFCC将路由目标是设备主机的所述外部数据发送至TEE中的第二路由单元105。
进一步的,所述第二路由单元105,具体用于按如下方式将所述外部数据发送至所述外部数据对应的HCE应用:
获取所述外部数据中的第二标识;
根据所述注册到TEE中的信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对应的HCE应用安装的终端环境;
根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用。
具体的,所述第二路由单元105,具体用于按如下方式根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用:
若所述确定的终端环境为TEE,则通过建立的会话将所述外部数据发送给TEE中的与所述外部数据第一标识对应的HCE应用;
若所述确定的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的HCE应用。
本发明实施例提供的实现主机卡模拟的终端100,用于实现本发明上述实施例涉及的实现主机卡模拟的方法的功能,对于实现的具体过程,可参阅上述实施例的描述,本发明实施例在此不再赘述。
本发明实施例提供的主机卡模拟终端100,通过两种不同应用类型标签,终端可以区分HCE应用的安装环境为TEE还是REE,进而终端在接收到HCE应用安装包时,可通过应用类型标签,确定HCE应用安装的终端环境,区分该HCE应用为TA或CA,进而将TA安装到TEE中,将CA安装到REE中,实现支持TEE和REE两种不同安全级别的HCE应用,以使开发者可以根据需要选择在TEE中实现HCE功能,或者选择在REE中实现HCE功能,以满足不同应用功能的需求。
基于上述实施例提供的实现主机卡模拟的方法,本发明实施例还提供一 种实现主机卡模拟的终端200,如图13所示,实现主机卡模拟的终端200包括有处理器201。实现主机卡模拟的终端200中包括REE和TEE两种运行环境,两种运行环境分别有各自的处理器,即实现主机卡模拟的终端200的处理器201包括公共处理核2011和可信处理核2012,其中,公共处理核2011为REE的处理器,可信处理核2012为TEE的处理器。需要说明的是,本发明中,公共处理核2011与可信处理核2012可以是同一个实体CPU的不同核心,或者也可以是同一个实体CPU的不同CPU时间。
进一步的,本发明实施例中提供的实现主机卡模拟的终端200还包括存储器,所述存储器包括运行在REE中的公共随机存取存储器(Random-Access Memory,RAM)2021和公共只读存储器(read-only Memory,ROM)2041,以及运行在TEE中的可信RAM2022和可信ROM2042。
本发明实施例中公共RAM2021、公共ROM2041、可信RAM2022以及可信ROM2042可用于存储指令和数据。存储指令区可存储操作系统、至少一个功能所需的指令等;所述指令可使处理器201执行本发明上述实施例涉及的实现主机卡模拟的方法。
本发明实施例中终端实现主机卡模拟的终端200还包括有外设,所述外设包括REE中的公共外设2031和TEE中的可信外设2032。当NFCC位于REE中时,NFCC为公共外设;当NFCC位于TEE中时,NFCC为可信外设;
进一步的,本发明实施例中终端实现主机卡模拟的终端200还包括有位于REE中的通信单元2051。
本发明实施例中处理器201是实现主机卡模拟的终端200的控制中心,利用各种接口和线路连接整个手机的各个部分,通过运行或执行存储在公共RAM2021、公共ROM2041、可信RAM2022以及可信ROM2042内的指令以及调用存储在公共RAM2021、公共ROM2041、可信RAM2022以及可信ROM2042内的数据,通过可信外设2032、公共外设2031以及通信单元2051,执行实现主机卡模拟的终端200的各种功能和处理数据,从而对实现主机卡模拟的终端200进行整体控制。可选的,处理器201可包括一个或多个处理单元;优选的,处理器201可集成应用处理器和调制解调处理器,其中,应 用处理器主要处理操作系统、用户界面和应用程序等,调制解调处理器主要处理无线通信。可以理解的是,上述调制解调处理器也可以不集成到处理器201中。在一些实施例中,处理器和存储器、可以在单一芯片上实现,在一些实施例中,他们也可以在独立的芯片上分别实现。
本发明实施例提供的实现主机卡模拟的终端200包括的处理器201,用于调用存储在所述公共RAM2021、公共ROM2041、可信RAM2022以及可信ROM2042内的指令以及数据,通过所述可信外设2032、所述公共外设2031以及所述通信单元2051,实现以下功能:
根据HCE应用的类型,将所述HCE应用安装至与所述HCE应用的类型对应的终端环境中,其中,所述终端环境包括TEE和REE;解析所述HCE应用的第一标识和所述HCE应用中包含的至少一个第二标识,所述第一标识用于在所述终端中唯一标识所述HCE应用,所述第二标识用于标识读卡设备与所述HCE应用之间的消息流;并用于将所述HCE应用的路由信息注册到TEE中,其中,所述路由信息包括所述第一标识、所述至少一个第二标识以及所述HCE应用安装的所述终端环境。
进一步的,所述处理器201,还用于:
将获取的外部数据发送至TEE中的路由管理模块,控制所述路由管理模块将所述外部数据发送至与所述外部数据对应的HCE应用。
具体的,所述处理器201,具体用于采用如下方式将获取的外部数据发送至TEE中的路由管理模块:
通过TEE中的NFCC或REE中的NFCC获取外部数据;
由TEE中的所述NFCC或REE中的所述NFCC将路由目标是设备主机的所述外部数据发送至TEE中的路由管理模块。
其中,所述处理器201,具体用于按如下方式控制所述路由管理模块将所述外部数据发送至所述外部数据对应的HCE应用:
控制所述路由管理模块通过所述通信单元以及所述外设获取所述外部数据中的第二标识,并根据所述注册到TEE中的路由信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对 应的HCE应用安装的终端环境,并控制所述路由管理模块根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用。
具体的,所述处理器201,具体用于按如下方式控制所述路由管理模块根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用:
若所述确定的终端环境为TEE,则通过建立的会话将所述外部数据发送给TEE中的与所述外部数据第一标识对应的HCE应用;
若所述确定的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的HCE应用。
本发明实施例提供的实现主机卡模拟的终端200,具有实现本发明上述实施例涉及的实现主机卡模拟的任意方法的功能,对于具体实现的功能,可参阅上述实施例的描述,本发明实施例在此不再赘述。
本发明实施例提供的主机卡模拟终端200,通过两种不同应用类型标签,终端可以区分HCE应用的安装环境为TEE还是REE,进而终端在接收到HCE应用安装包时,可通过应用类型标签,确定HCE应用安装的终端环境,区分该HCE应用为TA或CA,进而将TA安装到TEE中,将CA安装到REE中,实现支持TEE和REE两种不同安全级别的HCE应用,以使开发者可以根据需要选择在TEE中实现HCE功能,或者选择在REE中实现HCE功能,以满足不同应用功能的需求。
基于上述实施例提供的实现主机卡模拟方法中的数据路由过程,本发明实施例还提供一种数据路由装置300,如图14所示,数据路由装置300包括获取单元301、第一路由单元302和第二路由单元303,其中,
获取单元301,用于获取外部数据。
第一路由单元302,用于将所述获取单元301获取的外部数据发送至TEE;
第二路由单元303,用于将所述外部数据发送至与所述外部数据对应的HCE应用。
在第一种实现方式中,所述第一路由单元302,具体用于按如下方式将获取的外部数据发送至TEE:
通过TEE中的NFCC驱动或者REE中的NFCC驱动获得所述数据,并将路由目标是设备主机的所述外部数据发送至TEE中的第二路由单元303。
在第二种实现方式中,所述第二路由单元303,具体用于按如下方式,将所述外部数据发送至与所述外部数据对应的HCE应用:
获取所述外部数据中的第二标识,所述第二标识用于标识读卡设备与所述HCE应用之间的消息流;
根据注册到TEE中的所述HCE应用的路由信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对应的HCE应用安装的终端环境,所述第一标识用于在终端中唯一标识一个HCE应用;
根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用。
在第三种实现方式中,所述第二路由单元303,具体用于按如下方式,根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用:
若所述确定的终端环境为TEE,则通过建立的会话将所述外部数据发送给TEE中的与所述外部数据第一标识对应的HCE应用;
若所述确定的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的HCE应用。
本发明实施例提供的数据路由装置300,用于实现本发明上述实施例涉及的实现主机卡模拟方法中的数据路由过程,对于实现的具体过程,可参阅上述实施例的描述,本发明实施例在此不再赘述。
本发明实施例提供的数据路由装置300,通过获取外部数据中的第二标识,可确定与该第二标识对应的外部数据第一标识,通过外部数据第一标识则可确定该HCE应用是TA还是CA,进而可得知该HCE应用的安装环境,若为TA,则安装环境为TEE,若为CA,则安装环境为REE。确定了HCE应用安装环境后,则可将获取到的数据路由至相应环境中的HCE应用,完成支持不同安全级别的HCE应用的数据路由。
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分步骤是可以通过程序来指令处理器完成,所述的程序可以存储于计算机可读存储介质中,所述存储介质是非短暂性(英文:non-transitory)介质,例如随机存取存储器,只读存储器,快闪存储器,硬盘,固态硬盘,磁带(英文:magnetic tape),软盘(英文:floppy disk),光盘(英文:optical disc)及其任意组合。
本发明是参照本发明实施例的方法和设备各自的流程图和方框图来描述的。应理解可由计算机程序指令实现流程图和方框图中的每一流程和方框、以及流程图和方框图中的流程和方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和方框图一个方框或多个方框中指定的功能的装置。
以上所述,仅为本发明较佳的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到的变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应该以权利要求的保护范围为准。

Claims (23)

  1. 一种实现主机卡模拟HCE的方法,其特征在于,包括:
    终端根据HCE应用的类型,将所述HCE应用安装至与所述HCE应用的类型对应的终端环境中,其中,所述终端环境包括可信执行环境TEE和富执行环境REE;
    所述终端解析所述HCE应用的第一标识和所述HCE应用中包含的至少一个第二标识,所述第一标识用于在所述终端中唯一标识所述HCE应用,所述第二标识用于标识读卡设备与所述HCE应用之间的消息流;
    所述终端将所述HCE应用的路由信息注册到TEE中,其中,所述路由信息包括所述第一标识、所述至少一个第二标识以及所述HCE应用安装的所述终端环境。
  2. 根据权利要求1所述的方法,其特征在于,还包括:
    所述终端将获取的外部数据发送至TEE中的路由管理模块;
    所述路由管理模块将所述外部数据发送至与所述外部数据对应的HCE应用。
  3. 根据权利要求2所述的方法,其特征在于,所述终端将获取的外部数据发送至TEE中的路由管理模块,具体包括:
    所述终端通过TEE中的近场通信控制器NFCC或REE中的NFCC获取外部数据;
    由TEE中的所述NFCC或REE中的所述NFCC将路由目标是设备主机的所述外部数据发送至TEE中的路由管理模块。
  4. 根据权利要求2或3所述的方法,其特征在于,所述路由管理模块将所述外部数据发送至所述外部数据对应的HCE应用,具体包括:
    所述路由管理模块获取所述外部数据中的第二标识;
    所述路由管理模块根据所述注册到TEE中的路由信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对应的HCE应用安装的终端环境;
    所述路由管理模块根据所述确定的终端环境,将所述外部数据发送至与 所述外部数据第一标识对应的HCE应用。
  5. 根据权利要求4所述的方法,其特征在于,所述路由管理模块根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用,包括:
    若所述确定的终端环境为TEE,则通过建立的会话将所述外部数据发送给TEE中的与所述外部数据第一标识对应的HCE应用;
    若所述确定的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的HCE应用。
  6. 一种数据路由方法,其特征在于,包括:
    终端将获取的外部数据发送至TEE中的路由管理模块;
    所述路由管理模块将所述外部数据发送至与所述外部数据对应的HCE应用。
  7. 根据权利要求6所述的方法,其特征在于,所述终端将获取的外部数据发送至TEE中的路由管理模块,具体包括:
    所述终端通过TEE中的NFCC驱动或者REE中的NFCC驱动获取所述外部数据,并将路由目标是设备主机的所述外部数据发送至TEE中的所述路由管理模块。
  8. 根据权利要求6或7所述的方法,其特征在于,所述路由管理模块将所述外部数据发送至与所述外部数据对应的HCE应用,包括:
    所述路由管理模块获取所述外部数据中的第二标识,所述第二标识用于标识读卡设备与一个HCE应用之间的消息流;
    根据注册到TEE中的HCE应用的路由信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对应的HCE应用安装的终端环境,所述第一标识用于在终端中唯一标识一个HCE应用;
    根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的所述HCE应用。
  9. 根据权利要求8所述的方法,其特征在于,所述根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的所述HCE应用, 包括:
    若所述确定的终端环境为TEE,则通过建立的会话将所述外部数据发送给TEE中的与所述外部数据第一标识对应的所述HCE应用;
    若所述确定的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的所述HCE应用。
  10. 一种实现主机卡模拟HCE的终端,其特征在于,包括:
    安装单元,用于根据HCE应用的类型,将所述HCE应用安装至与所述HCE应用的类型对应的终端环境中,其中,所述终端环境包括可信执行环境TEE和富执行环境REE;
    解析单元,用于解析所述安装单元安装的所述HCE应用的第一标识和所述HCE应用中包含的至少一个第二标识,所述第一标识用于在所述终端中唯一标识所述HCE应用,所述第二标识用于标识读卡设备与所述HCE应用之间的消息流;
    注册单元,用于将所述HCE应用的路由信息注册到TEE中,其中,所述路由信息包括所述解析单元解析出的所述第一标识、所述至少一个第二标识以及所述HCE应用安装的所述终端环境。
  11. 根据权利要求10所述的终端,其特征在于,还包括第一路由单元和第二路由单元,其中,
    所述第一路由单元,用于将获取的外部数据发送至TEE中的第二路由单元;
    所述第二路由单元,用于将所述外部数据发送至与所述外部数据对应的所述安装单元安装的HCE应用。
  12. 根据权利要求11所述的终端,其特征在于,所述第一路由单元,具体用于按如下方式将获取的外部数据发送至TEE中的第二路由单元:
    通过TEE中的近场通信控制器NFCC或REE中的NFCC获取外部数据;
    由TEE中的所述NFCC或REE中的所述NFCC将路由目标是设备主机的所述外部数据发送至TEE中的第二路由单元。
  13. 根据权利要求11或12所述的终端,其特征在于,所述第二路由单元,具体用于按如下方式将所述外部数据发送至所述外部数据对应的HCE应用:
    获取所述外部数据中的第二标识;
    根据所述注册到TEE中的路由信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对应的HCE应用安装的终端环境;
    根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用。
  14. 根据权利要求13所述的终端,其特征在于,所述第二路由单元,具体用于按如下方式根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用:
    若所述确定的终端环境为TEE,则通过建立的会话将所述外部数据发送给TEE中的与所述外部数据第一标识对应的HCE应用;
    若所述确定的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的HCE应用。
  15. 一种数据路由装置,其特征在于,包括:
    获取单元,用于获取外部数据;
    第一路由单元,用于将所述获取单元获取的外部数据发送至TEE中的第二路由单元;
    第二路由单元,用于将所述外部数据发送至与所述外部数据对应的HCE应用。
  16. 根据权利要求15所述的装置,其特征在于,所述第一路由单元,具体用于按如下方式将获取的外部数据发送至TEE中的第二路由单元:
    通过TEE中的NFCC驱动或者REE中的NFCC驱动获取所述外部数据,并将路由目标是设备主机的所述外部数据发送至TEE中的第二路由单元。
  17. 根据权利要求15或16所述的装置,其特征在于,所述第二路由单元,具体用于按如下方式将所述外部数据发送至与所述外部数据对应的HCE 应用:
    获取所述外部数据中的第二标识,所述第二标识用于标识读卡设备与一个HCE应用之间的消息流;
    根据注册到TEE中的所述HCE应用的路由信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对应的所述HCE应用安装的终端环境,所述第一标识用于在终端中唯一标识一个HCE应用;
    根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用。
  18. 根据权利要求17所述的装置,其特征在于,所述第二路由单元,具体用于按如下方式,根据所述确定的终端环境,将所述外部数据发送至与所述第一标识对应的HCE应用:
    若所述确定的终端环境为TEE,则通过建立的会话将所述外部数据发送给TEE中的与所述外部数据第一标识对应的HCE应用;
    若所述确定的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的HCE应用。
  19. 一种实现主机卡模拟HCE的终端,其特征在于,包括存储器、外设、通信单元和处理器,其中:
    所述存储器,包括运行于富执行环境REE的公共随机存取存储器RAM和公共只读存储器ROM,以及运行于可信执行环境TEE的可信RAM和可信ROM,用于存储指令和数据;
    所述外设,包括所述REE中的公共外设和所述TEE中的可信外设;
    所述通信单元,位于所述REE中;
    所述处理器,用于调用存储在所述公共RAM、公共ROM、可信RAM以及可信ROM内的指令以及数据,通过所述可信外设、所述公共外设以及所述通信单元,实现以下功能:
    根据HCE应用的类型,将所述HCE应用安装至与所述HCE应用的类型对应的终端环境中,其中,所述终端环境包括TEE和REE;解析所述HCE 应用的第一标识和所述HCE应用中包含的至少一个第二标识,所述第一标识用于在所述终端中唯一标识所述HCE应用,所述第二标识用于标识读卡设备与所述HCE应用之间的消息流;并用于将所述HCE应用的路由信息注册到TEE中,其中,所述路由信息包括所述第一标识、所述至少一个第二标识以及所述HCE应用安装的所述终端环境。
  20. 根据权利要求19所述的终端,其特征在于,所述处理器,还用于:
    将获取的外部数据发送至TEE中的路由管理模块,控制所述路由管理模块将所述外部数据发送至与所述外部数据对应的HCE应用。
  21. 根据权利要求20所述的终端,其特征在于,所述处理器,具体用于采用如下方式将获取的外部数据发送至TEE中的路由管理模块:
    通过TEE中的近场通信控制器NFCC或REE中的NFCC获取外部数据;
    由TEE中的所述NFCC或REE中的所述NFCC将路由目标是设备主机的所述外部数据发送至TEE中的路由管理模块。
  22. 根据权利要求20或21所述的终端,其特征在于,所述处理器,具体用于按如下方式控制所述路由管理模块将所述外部数据发送至所述外部数据对应的HCE应用:
    控制所述路由管理模块通过所述通信单元以及所述外设获取所述外部数据中的第二标识,并根据所述注册到TEE中的路由信息,确定与所述外部数据中的第二标识对应的外部数据第一标识、以及与所述外部数据第一标识对应的HCE应用安装的终端环境,并控制所述路由管理模块根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用。
  23. 根据权利要求22所述的终端,其特征在于,所述处理器,具体用于按如下方式控制所述路由管理模块根据所述确定的终端环境,将所述外部数据发送至与所述外部数据第一标识对应的HCE应用:
    若所述确定的终端环境为TEE,则通过建立的会话将所述外部数据发送给TEE中的与所述外部数据第一标识对应的HCE应用;
    若所述确定的终端环境为REE,则通过TEE中的服务程序或者共享内存将所述外部数据发送给REE中的与所述外部数据第一标识对应的HCE应用。
PCT/CN2015/088889 2015-09-02 2015-09-02 实现主机卡模拟的方法、终端、数据路由方法及装置 WO2017035819A1 (zh)

Priority Applications (4)

Application Number Priority Date Filing Date Title
PCT/CN2015/088889 WO2017035819A1 (zh) 2015-09-02 2015-09-02 实现主机卡模拟的方法、终端、数据路由方法及装置
US15/756,711 US11138027B2 (en) 2015-09-02 2015-09-02 Method and terminal for implementing host card emulation, and data routing method and apparatus
CN201580043877.1A CN106663017B (zh) 2015-09-02 2015-09-02 实现主机卡模拟的方法、终端、数据路由方法及装置
EP15902626.9A EP3333701B1 (en) 2015-09-02 2015-09-02 Method for implementing host card emulation, terminal, and data routing method and apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2015/088889 WO2017035819A1 (zh) 2015-09-02 2015-09-02 实现主机卡模拟的方法、终端、数据路由方法及装置

Publications (1)

Publication Number Publication Date
WO2017035819A1 true WO2017035819A1 (zh) 2017-03-09

Family

ID=58186475

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/088889 WO2017035819A1 (zh) 2015-09-02 2015-09-02 实现主机卡模拟的方法、终端、数据路由方法及装置

Country Status (4)

Country Link
US (1) US11138027B2 (zh)
EP (1) EP3333701B1 (zh)
CN (1) CN106663017B (zh)
WO (1) WO2017035819A1 (zh)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112822722A (zh) * 2020-12-30 2021-05-18 联想未来通信科技(重庆)有限公司 一种数据报文的传输方法和装置
CN114286345A (zh) * 2021-12-27 2022-04-05 无锡融卡科技有限公司 智能终端内的nfc通信装置及方法

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11443323B2 (en) * 2018-03-07 2022-09-13 Samsung Electronics Co., Ltd. System and method for secure transactions with a trusted execution environment (TEE)
CN111625815B (zh) * 2020-05-26 2023-09-26 牛津(海南)区块链研究院有限公司 一种基于可信执行环境的数据交易方法及装置
CN112416227B (zh) * 2020-11-19 2022-06-14 Oppo(重庆)智能科技有限公司 一种配置方法、移动终端及计算机存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102047223A (zh) * 2008-03-27 2011-05-04 摩托罗拉移动公司 在电子设备中进行自动近场通信应用选择的方法和装置
CN103778395A (zh) * 2012-10-25 2014-05-07 中国移动通信集团公司 近场通信nfc终端上的应用安装方法和nfc终端
CN104636666A (zh) * 2013-11-07 2015-05-20 中国移动通信集团公司 一种用于移动终端进行安全地信息处理的方法和安全装置
US20150178724A1 (en) * 2013-12-19 2015-06-25 Hao Ngo Limited-use keys and cryptograms

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9357332B2 (en) 2012-06-08 2016-05-31 Broadcom Corporation Near field communication application identification routing in card emulation
EP2911076A1 (en) * 2014-02-24 2015-08-26 Mastercard International Incorporated Biometric authentication
US10387219B2 (en) * 2015-03-10 2019-08-20 Oracle International Corporation Enabling multiple secure elements in a card computing device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102047223A (zh) * 2008-03-27 2011-05-04 摩托罗拉移动公司 在电子设备中进行自动近场通信应用选择的方法和装置
CN103778395A (zh) * 2012-10-25 2014-05-07 中国移动通信集团公司 近场通信nfc终端上的应用安装方法和nfc终端
CN104636666A (zh) * 2013-11-07 2015-05-20 中国移动通信集团公司 一种用于移动终端进行安全地信息处理的方法和安全装置
US20150178724A1 (en) * 2013-12-19 2015-06-25 Hao Ngo Limited-use keys and cryptograms

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
See also references of EP3333701A4 *
ZHANG, YAFEI ET AL.: "Research on TEE-Based Security Scheme for NFC Card Emulation", JOURNAL OF BEIJING ELECTRONIC SCIENCE AND TECHNOLOGY INSTITUTE, vol. 22, no. 4, 31 December 2014 (2014-12-31), XP009504496 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112822722A (zh) * 2020-12-30 2021-05-18 联想未来通信科技(重庆)有限公司 一种数据报文的传输方法和装置
CN114286345A (zh) * 2021-12-27 2022-04-05 无锡融卡科技有限公司 智能终端内的nfc通信装置及方法
CN114286345B (zh) * 2021-12-27 2024-04-02 无锡融卡科技有限公司 智能终端内的nfc通信装置及方法

Also Published As

Publication number Publication date
US20180246742A1 (en) 2018-08-30
CN106663017B (zh) 2020-01-10
US11138027B2 (en) 2021-10-05
EP3333701A1 (en) 2018-06-13
EP3333701A4 (en) 2018-09-05
CN106663017A (zh) 2017-05-10
EP3333701B1 (en) 2022-11-02

Similar Documents

Publication Publication Date Title
US8807440B1 (en) Routing secure element payment requests to an alternate application
JP5323187B2 (ja) 安全なモバイル環境におけるアプリケーションアクセス方法
US11126753B2 (en) Secure processor chip and terminal device
US11039288B2 (en) Information processing apparatus, information processing method, and program
WO2017035819A1 (zh) 实现主机卡模拟的方法、终端、数据路由方法及装置
US9021055B2 (en) Nonconforming web service policy functions
US10032050B2 (en) Electronic device, system and method for NFC
US11763028B2 (en) Data security
CN109766152B (zh) 一种交互方法及装置
US10248795B2 (en) Implementing method for JavaCard application function expansion
WO2017128182A1 (zh) 一种近场通信支付方法及终端
WO2016202108A1 (zh) Nfc支付方法、nfc支付系统和移动终端
JP6923582B2 (ja) 情報処理装置、情報処理方法、およびプログラム
WO2015127842A1 (zh) 信息安全设备实现多应用的方法、信息安全设备和系统
JP2018530054A (ja) モバイル端末のための支払い認証方法及び装置並びにモバイル端末
JP2015195445A (ja) 管理サーバ、およびデータ処理方法、並びにプログラム
US20160119031A1 (en) Managing contactless communications
US20220216987A1 (en) Device and method for managing shared digital key
JP6807817B2 (ja) 端末
KR20220136307A (ko) Sam을 이용한 카드 결제를 수행하는 카드 단말 및 이의 동작 방법
JP2017097659A (ja) Icカード、データ保護方法、セキュリティ関連プログラム、及び通信システム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15902626

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 15756711

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2015902626

Country of ref document: EP