openwallet-foundation-labs
diff --git a/‎appholder/src/main/AndroidManifest.xml
+15-7 b/‎appholder/src/main/AndroidManifest.xml
+15-7
diff --git a/‎appholder/src/main/java/com/android/identity/wallet/GetCredentialActivity.kt
+1-1 b/‎appholder/src/main/java/com/android/identity/wallet/GetCredentialActivity.kt
+1-1
diff --git a/‎appholder/src/main/java/com/android/identity/wallet/HolderApp.kt
+31-4 b/‎appholder/src/main/java/com/android/identity/wallet/HolderApp.kt
+31-4
diff --git a/‎appholder/src/main/java/com/android/identity/wallet/MainActivity.kt
+7 b/‎appholder/src/main/java/com/android/identity/wallet/MainActivity.kt
+7
diff --git a/‎appholder/src/main/java/com/android/identity/wallet/document/DocumentInformation.kt
+13-1 b/‎appholder/src/main/java/com/android/identity/wallet/document/DocumentInformation.kt
+13-1
diff --git a/‎appholder/src/main/java/com/android/identity/wallet/document/DocumentManager.kt
+26-6 b/‎appholder/src/main/java/com/android/identity/wallet/document/DocumentManager.kt
+26-6
@@ -26,6 +26,7 @@
     <uses-feature android:name="android.hardware.camera"
         android:required="true" />
 
+    <uses-permission android:name="Manifest.permission.RECEIVE_BOOT_COMPLETED" />
     <uses-permission android:name="android.permission.CAMERA" />
     <uses-permission android:name="android.permission.INTERNET" />
     <!-- As of API 31 BLE doesn't need location permission, but WiFi aware still requires it. -->
@@ -92,8 +93,16 @@
             </intent-filter>
         </activity>
 
+        <receiver
+            android:name=".dynamicregistration.PowerOnReceiver"
+            android:enabled="true"
+            android:exported="true">
+            <intent-filter>
+                <action android:name="android.intent.action.BOOT_COMPLETED" />
+            </intent-filter>
+        </receiver>
 
-    <service
+        <service
             android:name=".util.NfcEngagementHandler"
             android:exported="true"
             android:label="@string/nfc_engagement_service_desc"
@@ -109,18 +118,17 @@
         </service>
 
         <service
-            android:name=".util.NfcDataTransferHandler"
+            android:name=".dynamicregistration.OffHostNfcDataTransferHandler"
             android:exported="true"
-            android:label="@string/nfc_data_transfer_service_desc"
+            android:label="@string/nfc_engagement_service_desc"
             android:permission="android.permission.BIND_NFC_SERVICE">
             <intent-filter>
-                <action android:name="android.nfc.action.NDEF_DISCOVERED" />
-                <action android:name="android.nfc.cardemulation.action.HOST_APDU_SERVICE" />
+                <action android:name="android.nfc.cardemulation.action.OFF_HOST_APDU_SERVICE" />
             </intent-filter>
 
             <meta-data
-                android:name="android.nfc.cardemulation.host_apdu_service"
-                android:resource="@xml/nfc_data_transfer_apdu_service" />
+                android:name="android.nfc.cardemulation.off_host_apdu_service"
+                android:resource="@xml/off_host_nfc_engagement_apdu_service" />
         </service>
 
         <provider
 
@@ -126,7 +126,7 @@ class GetCredentialActivity : FragmentActivity() {
         val nameSpacedData = document!!.applicationData.getNameSpacedData("documentData")
 
         val credential = document.findCredential(
-            ProvisioningUtil.CREDENTIAL_DOMAIN,
+            ProvisioningUtil.MDOC_CREDENTIAL_DOMAIN,
             Clock.System.now()
         ) as MdocCredential? ?: throw IllegalStateException("No credential")
         val staticAuthData = StaticAuthDataParser(credential.issuerProvidedData).parse()
 
@@ -2,6 +2,10 @@ package com.android.identity.wallet
 
 import android.app.Application
 import android.content.Context
+import android.content.Intent
+import android.content.IntentFilter
+import com.android.identity.android.direct_access.DirectAccess
+import com.android.identity.android.direct_access.DirectAccessCredential
 import com.android.identity.android.securearea.AndroidKeystoreSecureArea
 import com.android.identity.android.storage.AndroidStorageEngine
 import com.android.identity.android.util.AndroidLogPrinter
@@ -22,17 +26,19 @@ import com.android.identity.trustmanagement.TrustManager
 import com.android.identity.trustmanagement.TrustPoint
 import com.android.identity.util.Logger
 import com.android.identity.wallet.document.KeysAndCertificates
+import com.android.identity.wallet.dynamicregistration.PowerOffReceiver
 import com.android.identity.wallet.util.PeriodicKeysRefreshWorkRequest
 import com.android.identity.wallet.util.PreferencesHelper
 import com.google.android.material.color.DynamicColors
-import kotlinx.io.files.Path
 import org.bouncycastle.jce.provider.BouncyCastleProvider
 import java.io.ByteArrayInputStream
 import java.security.Security
 import java.security.cert.CertificateFactory
 import java.security.cert.X509Certificate
+import kotlinx.io.files.Path
 
 class HolderApp: Application() {
+    private lateinit var powerOffReceiver: PowerOffReceiver
 
     private val documentTypeRepository by lazy {
         DocumentTypeRepository()
@@ -70,17 +76,32 @@ class HolderApp: Application() {
         KeysAndCertificates.getTrustedReaderCertificates(this).forEach {
             trustManagerInstance.addTrustPoint(TrustPoint(X509Cert(it.encoded)))
         }
+        powerOffReceiver = PowerOffReceiver()
+        registerReceiver(powerOffReceiver, IntentFilter(Intent.ACTION_SHUTDOWN))
+    }
+
+    override fun onTerminate() {
+        super.onTerminate()
+        unregisterReceiver(powerOffReceiver)
     }
 
     companion object {
 
         lateinit var documentTypeRepositoryInstance: DocumentTypeRepository
         lateinit var trustManagerInstance: TrustManager
         lateinit var certificateStorageEngineInstance: StorageEngine
+        // Use lazy access to prevent delays at app startup when DirectAccessOmapiTransport needs to
+        // wait for connection to SE.
+        val isDirectAccessSupported by lazy {
+            DirectAccess.isDirectAccessSupported
+        }
+
         fun createDocumentStore(
             context: Context,
-            secureAreaRepository: SecureAreaRepository
+            secureAreaRepository: SecureAreaRepository,
         ): DocumentStore {
+            DirectAccess.warmupTransport()
+
             val storageFile = Path(PreferencesHelper.getKeystoreBackedStorageLocation(context).path)
             val storageEngine = AndroidStorageEngine.Builder(context, storageFile).build()
 
@@ -90,11 +111,17 @@ class HolderApp: Application() {
             secureAreaRepository.addImplementation(androidKeystoreSecureArea)
             secureAreaRepository.addImplementation(softwareSecureArea)
 
-            var credentialFactory = CredentialFactory()
+            val credentialFactory = CredentialFactory()
             credentialFactory.addCredentialImplementation(MdocCredential::class) {
                 document, dataItem -> MdocCredential(document, dataItem)
             }
-            return DocumentStore(storageEngine, secureAreaRepository, credentialFactory)
+            credentialFactory.addCredentialImplementation(DirectAccessCredential::class) {
+                document, dataItem -> DirectAccessCredential(document, dataItem)
+            }
+            return DocumentStore(
+                storageEngine,
+                secureAreaRepository,
+                credentialFactory)
         }
     }
 
 
@@ -13,12 +13,15 @@ import androidx.navigation.findNavController
 import androidx.navigation.ui.NavigationUI
 import androidx.navigation.ui.NavigationUI.setupActionBarWithNavController
 import androidx.navigation.ui.setupWithNavController
+import com.android.identity.android.direct_access.DirectAccess
 import com.android.identity.mdoc.origininfo.OriginInfo
 import com.android.identity.mdoc.origininfo.OriginInfoDomain
+import com.android.identity.util.AndroidInitializer
 import com.android.identity.util.Logger
 import com.android.identity.wallet.databinding.ActivityMainBinding
 import com.android.identity.wallet.util.PreferencesHelper
 import com.android.identity.wallet.document.DocumentManager
+import com.android.identity.wallet.dynamicregistration.AidRegistrationUtil
 import com.android.identity.wallet.util.log
 import com.android.identity.wallet.util.logError
 import com.android.identity.wallet.util.logInfo
@@ -39,6 +42,8 @@ class MainActivity : AppCompatActivity() {
 
     override fun onCreate(savedInstanceState: Bundle?) {
         super.onCreate(savedInstanceState)
+        AndroidInitializer.initialize(applicationContext)
+        DirectAccess.warmupTransport()
         val color = SurfaceColors.SURFACE_2.getColor(this)
         window.statusBarColor = color
         window.navigationBarColor = color
@@ -49,6 +54,8 @@ class MainActivity : AppCompatActivity() {
         setupNfc()
         onNewIntent(intent)
         Logger.isDebugEnabled = PreferencesHelper.isDebugLoggingEnabled()
+        // route aids to host by default
+        AidRegistrationUtil.routeAidsToHost(this)
     }
 
     private fun setupNfc() {
 
@@ -12,7 +12,8 @@ data class DocumentInformation(
     val documentColor: Int,
     val maxUsagesPerKey: Int,
     val lastTimeUsed: String,
-    val authKeys: List<KeyData>
+    val authKeys: List<KeyData>,
+    val daCreds: List<DirectAccessCredInfo> // used in document info screen to show da cred
 ) {
 
     data class KeyData(
@@ -27,5 +28,16 @@ data class DocumentInformation(
         val isHardwareBacked: Boolean,
         val secureAreaDisplayName: String
     )
+
+    // maps to DocumentInfoScreenState.DaKeyInformation
+    data class DirectAccessCredInfo(
+        val counter: Int,
+        val validFrom: String,
+        val validUntil: String,
+        val domain: String,
+        val issuerDataBytesCount: Int,
+        val usagesCount: Int,
+        val secureAreaDisplayName: String
+    )
 }
 
@@ -7,19 +7,21 @@ import android.graphics.BitmapFactory
 import co.nstant.`in`.cbor.CborBuilder
 import co.nstant.`in`.cbor.model.DataItem
 import co.nstant.`in`.cbor.model.UnicodeString
+import com.android.identity.android.direct_access.DirectAccess
+import com.android.identity.android.direct_access.DirectAccessCredential
 import com.android.identity.cbor.Cbor
 import com.android.identity.document.Document
 import com.android.identity.document.NameSpacedData
 import com.android.identity.documenttype.DocumentAttributeType
+import com.android.identity.wallet.HolderApp
+import com.android.identity.wallet.R
 import com.android.identity.wallet.selfsigned.SelfSignedDocumentData
 import com.android.identity.wallet.util.Field
 import com.android.identity.wallet.util.FormatUtil
-import com.android.identity.wallet.HolderApp
 import com.android.identity.wallet.util.ProvisioningUtil
 import com.android.identity.wallet.util.ProvisioningUtil.Companion.toDocumentInformation
 import com.android.identity.wallet.util.log
 import com.android.identity.wallet.util.logError
-import com.android.identity.wallet.R
 import com.android.mdl.app.credman.IdentityCredentialEntry
 import com.android.mdl.app.credman.IdentityCredentialField
 import com.android.mdl.app.credman.IdentityCredentialRegistry
@@ -30,6 +32,7 @@ import java.util.Locale
 class DocumentManager private constructor(private val context: Context) {
     val client = IdentityCredentialManager.Companion.getClient(context)
     companion object {
+        private const val TAG = "DocumentManager"
 
         @SuppressLint("StaticFieldLeak")
         @Volatile
@@ -133,12 +136,28 @@ class DocumentManager private constructor(private val context: Context) {
     }
 
 
-    fun deleteCredentialByName(documentName: String) {
-        val document = getDocumentInformation(documentName)
-        document?.let {
+    fun deleteDocumentByName(documentName: String) {
+        val documentInformation = getDocumentInformation(documentName)
+        var documentHasDirectAccessCreds = false
+        var documentSlot = 0
+        documentInformation?.let {
             val documentStore = ProvisioningUtil.getInstance(context).documentStore
+            documentStore.lookupDocument(documentName)?.let {
+                val certifiedCredentials = it.certifiedCredentials
+                val pendingCredentials = it.pendingCredentials
+                for (credential in (pendingCredentials + certifiedCredentials)) {
+                    if (credential is DirectAccessCredential) {
+                        documentHasDirectAccessCreds = true
+                        documentSlot = credential.documentSlot
+                        break
+                    }
+                }
+            }
             documentStore.deleteDocument(documentName)
         }
+        if (documentHasDirectAccessCreds) {
+            DirectAccess.clearDocumentSlot(documentSlot)
+        }
         registerDocuments()
     }
 
@@ -345,6 +364,7 @@ class DocumentManager private constructor(private val context: Context) {
     fun refreshCredentials(documentName: String) {
         val documentInformation = requireNotNull(getDocumentInformation(documentName))
         val document = requireNotNull(getDocumentByName(documentName))
-        ProvisioningUtil.getInstance(context).refreshCredentials(document, documentInformation.docType)
+        ProvisioningUtil.getInstance(context).refreshMdocCredentials(document, documentInformation.docType)
+        ProvisioningUtil.getInstance(context).refreshDaCredentials(document, documentInformation.docType, 0)
     }
 }