Latest code.

Applet/AndroidSEProvider/src/com/android/javacard/keymaster/KMAndroidSEProvider.java

@@ -112,6 +112,7 @@ public class KMAndroidSEProvider implements KMSEProvider {
   public static final byte KEYSIZE_128_OFFSET = 0x00;
   public static final byte KEYSIZE_256_OFFSET = 0x01;
   public static final short TMP_ARRAY_SIZE = 256;
+  private static final short RSA_KEY_SIZE = 256;
   public static final short CERT_CHAIN_MAX_SIZE = 2500;//First 2 bytes for length.
 
   final byte[] CIPHER_ALGS = {
@@ -532,13 +533,27 @@ public void createAsymmetricKey(byte alg, byte[] privKeyBuf,
       short pubModStart, short pubModLength, short[] lengths) {
     switch (alg) {
     case KMType.RSA:
+      if (RSA_KEY_SIZE != privKeyLength || RSA_KEY_SIZE != pubModLength) {
+        CryptoException.throwIt(CryptoException.ILLEGAL_VALUE);
+      }
       KeyPair rsaKey = createRsaKeyPair();
       RSAPrivateKey privKey = (RSAPrivateKey) rsaKey.getPrivate();
-      lengths[0] = privKey.getExponent(privKeyBuf, privKeyStart);
-      lengths[1] = privKey.getModulus(pubModBuf, pubModStart);
-      if (lengths[0] > privKeyLength || lengths[1] > pubModLength) {
+      //Copy exponent.
+      Util.arrayFillNonAtomic(tmpArray, (short) 0, RSA_KEY_SIZE, (byte) 0);
+      lengths[0] = privKey.getExponent(tmpArray, (short)0);
+      if (lengths[0] > privKeyLength)
         CryptoException.throwIt(CryptoException.ILLEGAL_VALUE);
-      }
+      Util.arrayFillNonAtomic(privKeyBuf, privKeyStart, privKeyLength, (byte)0);
+      Util.arrayCopyNonAtomic(tmpArray, (short)0,
+              privKeyBuf, (short)(privKeyStart + privKeyLength - lengths[0]), lengths[0]);
+      //Copy modulus
+      Util.arrayFillNonAtomic(tmpArray, (short) 0, RSA_KEY_SIZE, (byte) 0);
+      lengths[1] = privKey.getModulus(tmpArray, (short)0);
+      if (lengths[1] > pubModLength)
+        CryptoException.throwIt(CryptoException.ILLEGAL_VALUE);
+      Util.arrayFillNonAtomic(pubModBuf, pubModStart, pubModLength, (byte)0);
+      Util.arrayCopyNonAtomic(tmpArray, (short)0,
+              pubModBuf, (short)(pubModStart + pubModLength - lengths[1]), lengths[1]);
       break;
     case KMType.EC:
       KeyPair ecKey = createECKeyPair();

Applet/AndroidSEProvider/src/com/android/javacard/keymaster/KMAttestationCertImpl.java

@@ -127,7 +127,6 @@ public static KMAttestationCert instance(boolean rsaCert) {
   }
 
   private static void init() {
-    //    if (repo == null) repo = KMRepository.instance();
     stack = null;
     stackPtr = 0;
     certStart = 0;
@@ -283,7 +282,6 @@ private static void pushTbsCert(boolean rsaCert) {
     pushBytes(X509Subject, (short) 0, (short) X509Subject.length);
     pushValidity();
     // issuer - der encoded
-    //    pushBytes(repo.getCertDataBuffer(), repo.getIssuer(), repo.getIssuerLen());
     pushBytes(
         KMByteBlob.cast(issuer).getBuffer(),
         KMByteBlob.cast(issuer).getStartOff(),
@@ -304,23 +302,6 @@ private static void pushTbsCert(boolean rsaCert) {
 
   private static void pushExtensions() {
     short last = stackPtr;
-    //    byte keyusage = 0;
-    //    byte unusedBits = 8;
-    /*
-    if (KMEnumArrayTag.contains(KMType.PURPOSE, KMType.SIGN, hwParams)) {
-      keyusage = (byte) (keyusage | keyUsageSign);
-      unusedBits = 7;
-    }
-    if (KMEnumArrayTag.contains(KMType.PURPOSE, KMType.WRAP_KEY, hwParams)) {
-      keyusage = (byte) (keyusage | keyUsageKeyEncipher);
-      unusedBits = 5;
-    }
-    if (KMEnumArrayTag.contains(KMType.PURPOSE, KMType.DECRYPT, hwParams)) {
-      keyusage = (byte) (keyusage | keyUsageDataEncipher);
-      unusedBits = 4;
-    }
-
-     */
     if (keyUsage != 0) pushKeyUsage(keyUsage, unusedBits);
     pushKeyDescription();
     pushSequenceHeader((short) (last - stackPtr));
@@ -565,7 +546,6 @@ private static void pushTag(short tag) {
   private static void pushRoT() {
     short last = stackPtr;
     // verified boot hash
-    // pushOctetString(repo.verifiedBootHash, (short) 0, (short) repo.verifiedBootHash.length);
     pushOctetString(
         KMByteBlob.cast(verifiedHash).getBuffer(),
         KMByteBlob.cast(verifiedHash).getStartOff(),
@@ -670,7 +650,6 @@ private static void pushEnumTag(short tagId, byte val) {
   private static void pushIntegerTag(short tagId, byte[] buf, short start, short len) {
     short last = stackPtr;
     pushInteger(buf, start, len);
-    //    pushIntegerHeader((short) (last - stackPtr));
     pushTagIdHeader(tagId, (short) (last - stackPtr));
   }
   // Ignore leading zeros. Only Unsigned Integers are required hence if MSB is set then add 0x00

Applet/AndroidSEProvider/src/com/android/javacard/keymaster/KMUtils.java

@@ -347,29 +347,6 @@ public static void shiftRight(byte[] buf, short start) {
     }
   }
 
-
-  // num1 must be greater then or equal to num2 and both must be positive
-  /*private short subtractIntegers(short num1, short num2) {
-    short buf =
-    repository.alloc((short)24); byte[] scratchPad = repository.getHeap();
-    Util.arrayFillNonAtomic(scratchPad, buf, (short) 24, (byte) 0);
-    Util.arrayCopyNonAtomic(KMInteger.cast(num1).getBuffer(),
-            KMInteger.cast(num1).getStartOff(), scratchPad,
-            (short) (buf + 8 - KMInteger.cast(num1).length()),
-            KMInteger.cast(num1).length());
-    Util.arrayCopyNonAtomic(KMInteger.cast(num2).getBuffer(),
-            KMInteger.cast(num2).getStartOff(), scratchPad,
-            (short) (buf + 16 - KMInteger.cast(num2).length()),
-            KMInteger.cast(num2).length());
-    if (scratchPad[buf] < 0 || scratchPad[(short) (buf + 8)] < 0)
-      return KMType.INVALID_VALUE;
-    if (Util.arrayCompare(scratchPad, buf, scratchPad, (short) (buf + 8),
-            (short) 8) < 1)
-      return KMType.INVALID_VALUE;
-    subtract(scratchPad, buf, (short) (buf + 8), (short) (buf + 16));
-    return KMInteger.uint_64(scratchPad, (short) (buf + 16));
-  }*/
-
   public static void add(byte[] buf, short op1, short op2, short result) {
     byte index = 7;
     byte carry = 0;

Applet/JCardSimProvider/src/com/android/javacard/keymaster/KMAttestationCertImpl.java

@@ -121,7 +121,6 @@ public static KMAttestationCert instance(boolean rsaCert) {
   }
 
   private static void init() {
-    //    if (repo == null) repo = KMRepository.instance();
     stack = null;
     stackPtr = 0;
     certStart = 0;
@@ -277,7 +276,6 @@ private static void pushTbsCert(boolean rsaCert) {
     pushBytes(X509Subject, (short) 0, (short) X509Subject.length);
     pushValidity();
     // issuer - der encoded
-    //    pushBytes(repo.getCertDataBuffer(), repo.getIssuer(), repo.getIssuerLen());
     pushBytes(
         KMByteBlob.cast(issuer).getBuffer(),
         KMByteBlob.cast(issuer).getStartOff(),
@@ -298,23 +296,6 @@ private static void pushTbsCert(boolean rsaCert) {
 
   private static void pushExtensions() {
     short last = stackPtr;
-    //    byte keyusage = 0;
-    //    byte unusedBits = 8;
-    /*
-    if (KMEnumArrayTag.contains(KMType.PURPOSE, KMType.SIGN, hwParams)) {
-      keyusage = (byte) (keyusage | keyUsageSign);
-      unusedBits = 7;
-    }
-    if (KMEnumArrayTag.contains(KMType.PURPOSE, KMType.WRAP_KEY, hwParams)) {
-      keyusage = (byte) (keyusage | keyUsageKeyEncipher);
-      unusedBits = 5;
-    }
-    if (KMEnumArrayTag.contains(KMType.PURPOSE, KMType.DECRYPT, hwParams)) {
-      keyusage = (byte) (keyusage | keyUsageDataEncipher);
-      unusedBits = 4;
-    }
-
-     */
     if (keyUsage != 0) pushKeyUsage(keyUsage, unusedBits);
     pushKeyDescription();
     pushSequenceHeader((short) (last - stackPtr));
@@ -559,7 +540,6 @@ private static void pushTag(short tag) {
   private static void pushRoT() {
     short last = stackPtr;
     // verified boot hash
-    // pushOctetString(repo.verifiedBootHash, (short) 0, (short) repo.verifiedBootHash.length);
     pushOctetString(
         KMByteBlob.cast(verifiedHash).getBuffer(),
         KMByteBlob.cast(verifiedHash).getStartOff(),

Applet/JCardSimProvider/src/com/android/javacard/keymaster/KMCipher.java

@@ -16,30 +16,6 @@
 package com.android.javacard.keymaster;
 
 public abstract class KMCipher {
-  /*
-  public static final byte CIPHER_RSA = 7;
-  public static final short PAD_PKCS1_OAEP = 9;
-  public static final short PAD_PKCS1_OAEP_SHA224 = 13;
-  public static final byte PAD_PKCS1_OAEP_SHA256 = 14;
-  public static final short PAD_PKCS1_OAEP_SHA384 = 15;
-  public static final short PAD_PKCS1_OAEP_SHA512 = 16;
-  public static final short PAD_NOPAD = 1;
-  public static final short PAD_PKCS1_PSS = 8;
-  public static final short PAD_NULL = 0;
-  public static final short PAD_PKCS7 = 31; // Not supported in javacard
-  public static final short ALG_DES_CBC_NOPAD = 1;
-  public static final short ALG_DES_ECB_NOPAD = 5;
-  public static final short ALG_AES_BLOCK_128_CBC_NOPAD= 13;
-  public static final short ALG_AES_BLOCK_128_ECB_NOPAD = 14;
-  public static final short ALG_AES_GCM = -13;
-  public static final short MODE_ENCRYPT = 2;
-  public static final short MODE_DECRYPT = 1;
-  public static final short PAD_PKCS1 = 7;
-  public static final short AES_BLOCK_SIZE = 16;
-  public static final short DES_BLOCK_SIZE = 8;
-  public static final short ALG_AES_CTR = -16;
-
-   */
   public static final short SUN_JCE = 0xE9;
 
   public abstract short doFinal(byte[] buffer, short startOff, short length, byte[] scratchPad, short i);

Applet/JCardSimProvider/src/com/android/javacard/keymaster/KMCipherImpl.java

@@ -30,7 +30,6 @@ public class KMCipherImpl extends KMCipher{
   private short cipherAlg;
   private short padding;
   private short mode;
-  private boolean verificationFlag;
   private short blockMode;
   KMCipherImpl(Cipher c){
     cipher = c;
@@ -59,7 +58,6 @@ public short doFinal(byte[] buffer, short startOff, short length, byte[] scratch
         return (short)sunCipher.doFinal(buffer,startOff,length,scratchPad,i);
       } catch (AEADBadTagException e) {
         e.printStackTrace();
-        verificationFlag = false;
         KMException.throwIt(KMError.VERIFICATION_FAILED);
       } catch (ShortBufferException e) {
         e.printStackTrace();