12 Replies Latest reply on Mar 14, 2019 5:48 AM by Abhishek Mishra

    Event Injection using AIDL

    Abhishek Mishra

      I am trying to use the event injection service of zebra.

      Currently I am using the below action and package name to bind to Zebra service using AIDL, but it is not working. I am not getting the callback in onServiceConnected.

      Can anyone please confirm that the Action and package name mentioned here is correct.

       

      Intent zebraIntent= new Intent("com.zebra.eventinjectionservice.IEventInjectionService");

      zebraIntent.setPackage("com.zebra.eventinjectionservice");

        • Re: Event Injection using AIDL
          Dhanya Pillai

          Yes it is correct.

           

          Event injection service is available from MX 8.3 onwards.    

          Please check in Apps & notifications -> AppInfo -> Show system ->EventInjectionService to confirm service exist in device.

          Please find the attachment.event_injection.jpg

          1 of 1 people found this helpful
          • Re: Event Injection using AIDL
            Paul Hurford

            Update OS with latest Lifeguard patch and ensure the MX version is at least 8.3 - It will not work if below this.

            Also you will need to register the signature of the package with AccessMgr - although this would only fail on the authenticate.

            1 of 1 people found this helpful
              • Re: Event Injection using AIDL
                Abhishek Mishra

                Hi..Can you please elaborate a bit on how to authenticate a package for eventInjection through Access Mgr.

                  • Re: Event Injection using AIDL
                    Dhanya Pillai

                    AccessMgr CSP exposes following methods to control which packages can access key and touch injection.

                     

                    • AllowBinding
                    • DisAllowBinding
                    • VerifyBinding
                    • AllowCaller
                    • DisAllowCaller
                    • VerifyCaller

                     

                     

                     

                    Allow Binding

                    Admin can provide service identifier and allow service to be able to access by clients.

                     

                    Note:

                    In case of event injection , service identifier is com.zebra.eventinjectionservice

                     

                     

                    DisAllow Binding

                    Admin can disallow service by providing service identifier.

                     

                     

                    AllowCaller

                    Admin can allow caller by providing service identifier, caller package name and caller signature.

                     

                    Note:

                    Caller signature accepts  certificate in.crt format.

                    Openssl can be used to convert .jks , .pem to .crt as given below.

                    keytool -export -alias aliasname -file mydomain.der -keystore keystore.jks

                    openssl x509 -inform der -in mydomain.der -out certificate.pem

                    openssl x509 -outform der -in certificate.pem -out test.crt

                          

                     

                    DisAllowCaller

                    Admin can disallow caller by providing service identifier, caller package name and caller signature.

                     

                     

                    VerifyBinding

                    Verifies whether service is allowed or disallowed.

                     

                     

                    VerifyCaller

                    Verifies whether caller is allowed or disallowed.

                     

                     

                      Note: Only after successful configuration of AllowBinding and AllowCaller, service authenticate()  method succeeds and remote client app could inject key/touch events .

                    1 of 1 people found this helpful
                • Re: Event Injection using AIDL
                  Abhishek Mishra

                  Thank you..that was really helpful.

                   

                  Currently I am using a TC51 Oreo device with all the patch updates and MX version 8.4. In that I can't see the service running in settings-> apps.

                  Do we have a list of device models that are supported for this feature?

                  • Re: Event Injection using AIDL
                    Paul Hurford

                    This will help you with registering your package with AccessMgr

                     

                     

                    2.0 Steps required to allow remote control by Application

                    A number of steps are required to allow an application access to the remote control API.

                    1. Device needs to be provisioned to allow the application to bind to the Zebra service “com.zebra.eventinjectionservice” this involves using the AccessMgr CSP to allow the application permission to bind to the serviceTypically this is done when commissioning the device.
                    2. Runtime binding to the service by the application so that it can call the appropriate API.

                     

                    2.1 Device provisioning

                    The device must be configured to allow the application access to the required zebra service. The signature of the application needs to be passed to the AccesMgr for access to be granted.

                    2.2 Getting Application signature

                    The application’s public certificate is required in a binary format for Stagenow or Base64 encoded if formatting the MX XML yourself for AccessMgr.  Typically this can be extracted from the keystore (if you have the passwords) or after the application has been installed using the Android Package Manger API.

                    Method 1

                    The signature can be extracted from the keystore using the JAVA tool “Keytool” and “OpenSSL” – these must be installed previously and are outside the scope of this document.

                    The command lines below will extract the public certificate from the Android keystore (remotecontrol.jks file in example) that was used to sign the certificate.

                    "C:\Program Files (x86)\Java\jre6\bin\keytool" -export -alias RC -file ..\certs\RemoteControl.der -keystore "D:\Android_AppStudioProjects\RemoteControlApplicationDemo\KeyStore\keystore.jks"

                    D:\openSSL\OpenSSL_Tools\openssl x509 -inform der -in ..\certs\RemoteControl.der -out ..\certs\RemoteControl.pem

                    D:\openSSL\OpenSSL_Tools\openssl x509 -outform der -in ..\certs\RemoteControl.pem -out ..\certs\RemoteControl.crt

                    Method 2

                    The certificate can be extracted using android API’s and the package manager. To do this an application or script will be required and the Remote Control application must be already installed. The code would be along the lines

                        String sPackge = “Package name of the remote control application”

                        final PackageManager pm = mContext.getPackageManager( );

                    Signature[] signatures =
                    null;
                    try {
                    signatures = pm.getPackageInfo( sPackage, PackageManager.
                    GET_SIGNATURES).signatures;

                    if ( signatures != null )
                    {
                    for (Signature sig : signatures)
                    {

                    final byte[] sigByte = sig.toByteArray() ;
                    FileUtils.SaveDataToFile(
                    "/sdcard/RemoteControl.crt", sigByte );
                    }
                    }
                    }
                    catch( Exception e )
                    {
                    Log.v(
                    TAG, "Exception Ssignatures Pck:" + sPackage + " Error:" + e.getMessage() );
                    }
                    }

                     

                    2.3 Allowing the Application Access to API

                    In order for the application to be allow access to the service that inject the keys the MX CSP “AccessMgr” must be configured to allow access.  The document assumes that you are familiar with the Zebra tool “StageNow” and using “Expert” mode.

                    First run StageNow and create a profile with MX 8.3 or above and add “AccessMgr” two times in “Xpert” mode.

                    On the first access manager screen enter the follow for each field

                    1. “Service Access Action” – select “Allow binding to service”
                    2. “Service Identifier” – enter “com.zebra.eventinjectionservice”

                    The screen should look similar to this

                     

                    On the second access manager screen enter the follow for each field

                    1. “Service Access Action” – select “Allow caller to call service”
                    2. “Service Identifier” – enter “com.zebra.eventinjectionservice”
                    3. “Caller Package name” enter YOUR application package name
                    4. “Caller Signature” – select the certificate that you extract earlier for the application.  If using demo app select ..\Certs\RemoteControl.crt

                    The screen should look similar to this

                     

                    Save the profile and display the Stagenow barcode.  Select the PDF417 barcode, staging client Stagenow then press “TEST” – barcode will be displayed as a PDF document – ensure Adobe Acrobat Reader DC is installed.

                     

                     

                    On the terminal run the Stagenow client and scan the barcodes (will be several) – this will pass the XML to the MX CSP and apply the XML.

                    You can save the XML to a file – use the “Export for MDM” option.

                    Your application should now have access to the service and be able to send key events.

                    You can also create the XML without using Stagenow and pass to the MX CSP either using the MDM tool kit or the EMDK profile manager – both require it is formatted correctly, note EMDK profile manager requires additional formatting.  It’s recommended that the MDM tool kit is used.

                    The MX XML format is documented please consult Zebra Tech Docs.  The format will be similar to that below which can be passed to the CSP via the MDM tool kit.

                    <wap-provisioningdoc>

                    <characteristic version="8.3" type="AccessMgr">

                        <parm name="OperationMode" value="1" />

                        <parm name="ServiceAccessAction" value="1" />

                        <parm name="ServiceIdentifier" value="com.zebra.eventinjectionservice" />

                    </characteristic>

                    <characteristic version="8.3" type="AccessMgr">

                        <parm name="OperationMode" value="1" />

                        <parm name="ServiceAccessAction" value="4" />

                        <parm name="ServiceIdentifier" value="com.zebra.eventinjectionservice" />

                        <parm name="CallerPackageName" value="com.zebra.remotecontrolapplication" />

                        <parm name="CallerSignature" value="Base64 Encoded Certificate" />

                    </characteristic>

                    </wap-provisioningdoc>

                     

                    Note:

                    The “Characteristic version” must be at least 8.3.

                    Your certificate must the base64 encoded.

                    Should only need to change the items in bold italic text.

                    1 of 1 people found this helpful