Attention is currently required from: dexter, laforge.

dexter uploaded patch set #3 to this change.

View Change

The following approvals got outdated and were removed: Code-Review+1 by laforge, Verified+1 by Jenkins Builder

AccessRuleMaster: allow locking of STORE DATA commands

The ara-m applet has no security features whatsoever. The rules can
be edited by any user that has APDU access to the ARA-M application.

To add a bit of security for users who want to make sure that their
ARA-M rules are not edited by unauthorized partys, let's add a
propritary lock/unlock command that can be used to lock the access
to STORE DATA on the normal APDU interface of the application. Once
locked, the access to STORE DATA can only be unlocked via an INSTALL
for personalization command that is issued from the ISD on a secure
channel.

Related: SYS#7245
Change-Id: I86437844585c22fc4280cc48b99edbb56e3159db
---
M aram/src/main/java/fr/bmartel/aram/AccessRuleMaster.java
1 file changed, 19 insertions(+), 2 deletions(-)

git pull ssh://gerrit.osmocom.org:29418/aram-applet refs/changes/15/39615/3

To view, visit change 39615. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-MessageType: newpatchset
Gerrit-Project: aram-applet
Gerrit-Branch: master
Gerrit-Change-Id: I86437844585c22fc4280cc48b99edbb56e3159db
Gerrit-Change-Number: 39615
Gerrit-PatchSet: 3
Gerrit-Owner: dexter <pmaier@sysmocom.de>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: laforge <laforge@osmocom.org>
Gerrit-Attention: laforge <laforge@osmocom.org>
Gerrit-Attention: dexter <pmaier@sysmocom.de>