This report gives an overview of secure element integration into Android devices. It focuses on the Open Mobile API as an open interface to access secure elements from Android applications. The overall architecture of the Open Mobile API is described and current Android devices are analyzed with regard to the availability of this API. Moreover, this report summarizes our efforts of reverse engineering the stock ROM of a Samsung Galaxy S3 in order to analyze the integration of the Open Mobile API and the interface that is used to perform APDU-based communication with the UICC (Universal Integrated Circuit Card). It further provides a detailed explanation on how to integrate this functionality into CyanogenMod (an after-market firmware for Android devices).
翻译:本报告概述了安非他明装置中安全元素的整合情况,重点介绍了开放移动API作为获取安非他明应用程序中安全元素的开放接口的情况,介绍了开放移动API的总体结构,并分析了目前安非他明装置的可用性,此外,本报告还概述了我们为逆向工程研究三星银河S3号系统库存ROM的工作,以便分析开放移动API的整合情况,以及用于与UICC(通用集成电路卡)进行APDU通信的接口,还详细解释了如何将这一功能纳入氰素模型(安非他明装置的市场后软件)。