Attention is currently required from: dexter, laforge.
dexter uploaded patch set #3 to this change.
The following approvals got outdated and were removed: Code-Review+1 by laforge, Verified+1 by Jenkins Builder
AccessRuleMaster: allow locking of STORE DATA commands
The ara-m applet has no security features whatsoever. The rules can
be edited by any user that has APDU access to the ARA-M application.
To add a bit of security for users who want to make sure that their
ARA-M rules are not edited by unauthorized partys, let's add a
propritary lock/unlock command that can be used to lock the access
to STORE DATA on the normal APDU interface of the application. Once
locked, the access to STORE DATA can only be unlocked via an INSTALL
for personalization command that is issued from the ISD on a secure
channel.
Related: SYS#7245
Change-Id: I86437844585c22fc4280cc48b99edbb56e3159db
---
M aram/src/main/java/fr/bmartel/aram/AccessRuleMaster.java
1 file changed, 19 insertions(+), 2 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/aram-applet refs/changes/15/39615/3
To view, visit change 39615. To unsubscribe, or for help writing mail filters, visit settings.