diff --git a/Applet/JCardSimProvider/test/com/android/javacard/test/KMFunctionalTest.java b/Applet/JCardSimProvider/test/com/android/javacard/test/KMFunctionalTest.java
index 9df39738..1e80f4b2 100644
--- a/Applet/JCardSimProvider/test/com/android/javacard/test/KMFunctionalTest.java
+++ b/Applet/JCardSimProvider/test/com/android/javacard/test/KMFunctionalTest.java
@@ -2758,9 +2758,9 @@ public void testUpgradeKey() {
             {0, OS_PATCH_LEVEL+1, VENDOR_PATCH_LEVEL-1, BOOT_PATCH_LEVEL+1, NO_UPGRADE,  KMError.INVALID_ARGUMENT },
     };
     for (int i = 0; i < test_data.length; i++) {
-      setAndroidOSSystemProperties(simulator, (short) test_data[i][0], (short) test_data[i][1],
-        (short) test_data[i][2]);
       setBootParams(simulator, (short) test_data[i][3]);
+      setAndroidOSSystemProperties(simulator, (short) test_data[i][0], (short) test_data[i][1],
+          (short) test_data[i][2]);
       ret = upgradeKey(
         KMByteBlob.instance(keyBlob, (short) 0, (short) keyBlob.length),
         null, null, test_data[i][5]);
diff --git a/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java b/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java
index 78fdc4c9..6566dd55 100644
--- a/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java
+++ b/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java
@@ -390,6 +390,7 @@ public void process(APDU apdu) {
         switch (apduIns) {
           case INS_SET_BOOT_PARAMS_CMD:
             if (seProvider.isBootSignalEventSupported()
+                && (keymasterState == KMKeymasterApplet.ACTIVE_STATE)
                 && (!seProvider.isDeviceRebooted())) {
               ISOException.throwIt(ISO7816.SW_COMMAND_NOT_ALLOWED);
             }
diff --git a/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp b/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp
index f1f25cb4..a7298172 100644
--- a/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp
+++ b/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp
@@ -438,7 +438,11 @@ ErrorCode sendData(Instruction ins, std::vector<uint8_t>& inData, std::vector<ui
     return (ErrorCode::OK);//success
 }
 
-static ErrorCode setAndroidSystemProperties(CborConverter& cborConverter_) {
+/**
+ * Sends android system properties like os_version, os_patchlevel and vendor_patchlevel to
+ * the Applet.
+ */
+static ErrorCode setAndroidSystemProperties(CborConverter& cborConverter_, const std::unique_ptr<OperationContext>& oprCtx) {
     ErrorCode errorCode = ErrorCode::UNKNOWN_ERROR;
     cppbor::Array array;
     std::unique_ptr<Item> item;
@@ -453,7 +457,7 @@ static ErrorCode setAndroidSystemProperties(CborConverter& cborConverter_) {
     if (ErrorCode::OK == errorCode) {
         //Skip last 2 bytes in cborData, it contains status.
         std::tie(item, errorCode) = decodeData(cborConverter_, std::vector<uint8_t>(cborOutData.begin(), cborOutData.end()-2),
-                true);
+                true, oprCtx);
     }
     if (ErrorCode::OK != errorCode) 
         LOG(ERROR) << "Failed to set os_version, os_patchlevel and vendor_patchlevel err: " << (int32_t) errorCode;
@@ -471,7 +475,7 @@ JavacardKeymaster4Device::JavacardKeymaster4Device(): softKm_(new ::keymaster::A
     // Send Android system properties like os_version, os_patchlevel and vendor_patchlevel
     // to the Applet. Incase if setting system properties fails here, again try setting
     // it from computeSharedHmac.
-    if (ErrorCode::OK == setAndroidSystemProperties(cborConverter_)) {
+    if (ErrorCode::OK == setAndroidSystemProperties(cborConverter_, oprCtx_)) {
         isEachSystemPropertySet = true;
     }