Bug fixes + In kdfContext use public key as (x|y) instead of uncompre…

Applet/AndroidSEProvider/src/com/android/javacard/keymaster/KMAndroidSEApplet.java

@@ -27,7 +27,9 @@
 
 import javacard.framework.APDU;
 import javacard.framework.ISO7816;
+import javacard.framework.ISOException;
 import javacard.framework.Util;
+import javacard.security.CryptoException;
 
 public class KMAndroidSEApplet extends KMKeymasterApplet implements OnUpgradeListener {
 
@@ -157,6 +159,14 @@ public void process(APDU apdu) {
           super.process(apdu);
           break;
       }
+    } catch (KMException exception) {
+      sendError(apdu, KMException.reason());
+    } catch (ISOException exp) {
+      sendError(apdu, mapISOErrorToKMError(exp.getReason()));
+    } catch (CryptoException e) {
+      sendError(apdu, mapCryptoErrorToKMError(e.getReason()));
+    } catch (Exception e) {
+      sendError(apdu, KMError.GENERIC_UNKNOWN_ERROR);
     } finally {
       repository.clean();
     }

Applet/AndroidSEProvider/src/com/android/javacard/keymaster/KMAttestationCertImpl.java

@@ -267,9 +267,9 @@ public KMAttestationCert notBefore(short obj, boolean derEncoded, byte[] scratch
   public KMAttestationCert notAfter(short usageExpiryTimeObj, boolean derEncoded, byte[] scratchPad) {
     if(!derEncoded) {
       if (usageExpiryTimeObj != KMType.INVALID_VALUE) {
-        // compare if the expiry time is greater then 2051 then use generalized
+        // compare if the expiry time is greater then 2050 then use generalized
         // time format else use utc time format.
-        short tmpVar = KMInteger.uint_64(KMUtils.firstJan2051, (short) 0);
+        short tmpVar = KMInteger.uint_64(KMUtils.firstJan2050, (short) 0);
         if (KMInteger.compare(usageExpiryTimeObj, tmpVar) >= 0) {
           usageExpiryTimeObj = KMUtils.convertToDate(usageExpiryTimeObj, scratchPad,
               false);
@@ -1055,11 +1055,4 @@ public KMAttestationCert rsaAttestKey(short attestPrivExp, short attestMod, byte
     return this;
   }
 
-   //Check
-	/*
-	 * private void print(byte[] buf, short start, short length){ StringBuilder sb =
-	 * new StringBuilder(length * 2); for(short i = start; i < (start+length); i
-	 * ++){ sb.append(String.format("%02x", buf[i])); } System.out.println(
-	 * sb.toString()); }
-	 */
 }

Applet/AndroidSEProvider/src/com/android/javacard/keymaster/KMUtils.java

@@ -34,15 +34,17 @@ public class KMUtils {
       0, 0, 0, 0, (byte) 0x9C, (byte) 0xBE, (byte) 0xBD, 0x50}; // 2629746000 msec
   public static final byte[] leapYearMsec = {
       0, 0, 0, 0x07, (byte) 0x5C, (byte) 0xD7, (byte) 0x88, 0x00}; //31622400000;
+  public static byte[] thirtyDaysMsec = {
+          0, 0, 0, 0, (byte) 0x9A, (byte) 0x7E, (byte) 0xC8, 0}; //2592000000 msec
   public static final byte[] yearMsec = {
       0, 0, 0, 0x07, 0x57, (byte) 0xB1, 0x2C, 0x00}; //31536000000
   //Leap year(366) + 3 * 365
   public static final byte[] fourYrsMsec = {
       0, 0, 0, 0x1D, 0x63, (byte) 0xEB, 0x0C, 0x00};//126230400000
   public static final byte[] firstJan2020 = {
       0, 0, 0x01, 0x6F, 0x5E, 0x66, (byte) 0xE8, 0x00}; // 1577836800000 msec
-  public static final byte[] firstJan2051 = {
-      0, 0, 0x02, 0x53, 0x26, (byte) 0x0E, (byte) 0x1C, 0x00}; // 2556144000000
+  public static final byte[] firstJan2050 = {
+	        0, 0, 0x02, 0x4b, (byte) 0xCE, 0x5C, (byte)0xF0, 0x00}; //2524608000000 
   // msec
   public static final byte[] febMonthLeapMSec = {
       0, 0, 0, 0, (byte) 0x95, 0x58, 0x6C, 0x00}; //2505600000
@@ -80,12 +82,12 @@ public static short convertToDate(short time, byte[] scratchPad,
       KMException.throwIt(KMError.INVALID_ARGUMENT);
     }
     if (utcFlag
-        && KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
+        && KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2050,
         (short) 0, (short) 8) >= 0) {
       KMException.throwIt(KMError.INVALID_ARGUMENT);
     }
 
-    if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051, (short) 0,
+    if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2050, (short) 0,
         (short) 8) < 0) {
       Util.arrayCopyNonAtomic(firstJan2020, (short) 0, scratchPad, (short) 8,
           (short) 8);
@@ -94,7 +96,7 @@ public static short convertToDate(short time, byte[] scratchPad,
           (short) 8);
     } else {
       from2020 = false;
-      Util.arrayCopyNonAtomic(firstJan2051, (short) 0, scratchPad, (short) 8,
+      Util.arrayCopyNonAtomic(firstJan2050, (short) 0, scratchPad, (short) 8,
           (short) 8);
       subtract(scratchPad, (short) 0, (short) 8, (short) 16, (byte) 8);
       Util.arrayCopyNonAtomic(scratchPad, (short) 16, scratchPad, (short) 0,

Applet/AndroidSEProviderLib/src/com/android/javacard/seprovider/KMAndroidSEProvider.java

@@ -134,12 +134,12 @@ public KMAndroidSEProvider() {
     // Re-usable AES,DES and HMAC keys in persisted memory.
     aesKeys = new AESKey[2];
     aesKeys[KEYSIZE_128_OFFSET] = (AESKey) KeyBuilder.buildKey(
-        KeyBuilder.TYPE_AES, KeyBuilder.LENGTH_AES_128, false);
+        KeyBuilder.TYPE_AES_TRANSIENT_RESET, KeyBuilder.LENGTH_AES_128, false);
     aesKeys[KEYSIZE_256_OFFSET] = (AESKey) KeyBuilder.buildKey(
-        KeyBuilder.TYPE_AES, KeyBuilder.LENGTH_AES_256, false);
-    triDesKey = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES,
+        KeyBuilder.TYPE_AES_TRANSIENT_RESET, KeyBuilder.LENGTH_AES_256, false);
+    triDesKey = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES_TRANSIENT_RESET,
         KeyBuilder.LENGTH_DES3_3KEY, false);
-    hmacKey = (HMACKey) KeyBuilder.buildKey(KeyBuilder.TYPE_HMAC, (short) 512,
+    hmacKey = (HMACKey) KeyBuilder.buildKey(KeyBuilder.TYPE_HMAC_TRANSIENT_RESET, (short) 512,
         false);
     rsaKeyPair = new KeyPair(KeyPair.ALG_RSA, KeyBuilder.LENGTH_RSA_2048);
     ecKeyPair = new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_256);
@@ -936,6 +936,8 @@ public short getCertificateChainLength() {
   @Override
   public void onSave(Element element) {
     element.write(certificateChain);
+    element.write(additionalCertChain);
+    element.write(bcc);
     KMAESKey.onSave(element, masterKey);
     KMECPrivateKey.onSave(element, attestationKey);
     KMHmacKey.onSave(element, preSharedKey);
@@ -944,6 +946,8 @@ public void onSave(Element element) {
   @Override
   public void onRestore(Element element) {
     certificateChain = (byte[]) element.readObject();
+    additionalCertChain = (byte[]) element.readObject();
+    bcc = (byte[]) element.readObject();
     masterKey = KMAESKey.onRestore(element);
     attestationKey = KMECPrivateKey.onRestore(element);
     preSharedKey = KMHmacKey.onRestore(element);
@@ -1315,7 +1319,7 @@ public void setBootPatchLevel(byte[] buffer, short start, short length) {
     if (length > 4 || length < 0) {
       KMException.throwIt(KMError.UNKNOWN_ERROR);
     }
-    Util.arrayCopyNonAtomic(buffer, start, bootPatchLevel, (short) 0, (short) 4);
+    Util.arrayCopyNonAtomic(buffer, start, bootPatchLevel, (short) 0, (short) length);
   }
 
   @Override
@@ -1468,7 +1472,7 @@ public void persistAdditionalCertChain(byte[] buf, short offset, short len) {
     //            // self-signed cert, leaf contains DK_pu b
     //    ]
     //    Certificate = COSE_Sign1 of a public key
-    if ((short) (len + 2) >= ADDITIONAL_CERT_CHAIN_MAX_SIZE) {
+    if ((short) (len + 2) > ADDITIONAL_CERT_CHAIN_MAX_SIZE) {
       KMException.throwIt(KMError.INVALID_INPUT_LENGTH);
     }
     JCSystem.beginTransaction();

Applet/src/com/android/javacard/keymaster/KMArray.java

@@ -137,6 +137,11 @@ public short length() {
     return Util.getShort(heap, (short) (KMType.instanceTable[KM_ARRAY_OFFSET] + TLV_HEADER_SIZE + 2));
   }
 
+  public short setLength(short len) {
+    return Util.setShort(heap,
+        (short) (KMType.instanceTable[KM_ARRAY_OFFSET] + TLV_HEADER_SIZE + 2), len);
+  }
+
   public byte[] getBuffer() {
     return heap;
   }

Applet/src/com/android/javacard/keymaster/KMDecoder.java

@@ -345,6 +345,7 @@ private short decodeKeyParam(short exp) {
     short tagClass;
     short allowedType;
     short obj;
+    short arrPos = 0;
     // For each tag in payload ...
     while (index < payloadLength) {
       tagFound = false;
@@ -360,13 +361,14 @@ private short decodeKeyParam(short exp) {
           try {
             tagFound = true;
             obj = decode(tagClass);
-            KMArray.cast(vals).add(index, obj);
+            KMArray.cast(vals).add(arrPos++, obj);
             break;
           }catch(KMException e){
             if(KMException.reason() == KMError.INVALID_TAG &&
             !ignoreInvalidTags){
               KMException.throwIt(KMError.INVALID_TAG);
             }
+            break;
           }
         }
         tagInd++;
@@ -377,6 +379,7 @@ private short decodeKeyParam(short exp) {
         index++;
       }
     }
+    KMArray.cast(vals).setLength(arrPos);
     return KMKeyParameters.instance(vals);
   }
 

Applet/src/com/android/javacard/keymaster/KMEnumTag.java

@@ -103,7 +103,7 @@ public static void create() {
       enums =
           new Object[]{
               new byte[]{RSA, DES, EC, AES, HMAC},
-              new byte[]{P_224, P_256, P_384, P_521},
+              new byte[]{P_224, P_256, P_384, P_521, CURVE_25519},
               new byte[]{STANDALONE, REQUIRES_FILE_SYSTEM},
               new byte[]{USER_AUTH_NONE, PASSWORD, FINGERPRINT, BOTH, ANY},
               new byte[]{GENERATED, DERIVED, IMPORTED, UNKNOWN, SECURELY_IMPORTED},

Applet/src/com/android/javacard/keymaster/KMInteger.java

@@ -147,6 +147,7 @@ public short value(byte[] dest, short destOff) {
     Util.arrayCopyNonAtomic(heap, getStartOff(), dest, destOff, length());
     return length();
   }
+
   public short toLittleEndian(byte[] dest, short destOff) {
     short index = (short) (length() - 1);
     while (index >= 0) {

Applet/src/com/android/javacard/keymaster/KMIntegerTag.java

@@ -195,7 +195,7 @@ public boolean isValidKeySize(byte alg) {
         }
         break;
       case KMType.DES:
-        if (val == 192 || val == 168) {
+        if (val == 168) {
           return true;
         }
         break;