Merge master to KM41

Applet/AndroidSEProvider/src/com/android/javacard/keymaster/KMAndroidSEApplet.java

@@ -66,7 +66,7 @@ public void onRestore(Element element) {
     keymasterState = element.readByte();
     repository.onRestore(element, packageVersion, CURRENT_PACKAGE_VERSION);
     seProvider.onRestore(element, packageVersion, CURRENT_PACKAGE_VERSION);
-    handleDataUpgradeToVersion1_1();
+    handleDataUpgradeToVersion2_0();
   }
 
   @Override
@@ -101,10 +101,10 @@ private short computePrimitveDataSize() {
   private short computeObjectCount() {
     return (short) 0;
   }
-  
+
   public boolean isUpgradeAllowed(short version) {
     boolean upgradeAllowed = false;
-    short oldMajorVersion = (short) (version >> 8 & 0x00FF);
+    short oldMajorVersion = (short) ((version >> 8) & 0x00FF);
     short oldMinorVersion = (short) (version & 0x00FF);
     short currentMajorVersion = (short) (CURRENT_PACKAGE_VERSION >> 8 & 0x00FF);
     short currentMinorVersion = (short) (CURRENT_PACKAGE_VERSION & 0x00FF);
@@ -121,8 +121,8 @@ public boolean isUpgradeAllowed(short version) {
     }
     return upgradeAllowed;
   }
-  
-  public void handleDataUpgradeToVersion1_1() {
+
+  public void handleDataUpgradeToVersion2_0() {
 
     if (packageVersion != 0) {
       // No Data upgrade required.
@@ -185,7 +185,6 @@ public void handleDataUpgradeToVersion1_1() {
         issuerLen,
         (short) (certChaionOff + certChainLen + issuerLen), // cert expiry offset
         certExpiryLen);
-
 
     // Update computed HMAC key.
     short blob = repository.getComputedHmacKey();

Applet/AndroidSEProvider/src/com/android/javacard/keymaster/KMAndroidSEProvider.java

@@ -1241,7 +1241,7 @@ public void onRestore(Element element, short oldVersion, short currentVersion) {
     preSharedKey = KMHmacKey.onRestore(element);
     if (oldVersion == 0) {
       // Previous versions does not contain version information.
-      handleDataUpgradeToVersion1_1();
+      handleDataUpgradeToVersion2_0();
     } else {
       computedHmacKey = KMHmacKey.onRestore(element);
     }
@@ -1362,7 +1362,7 @@ public KMComputedHmacKey getComputedHmacKey() {
     return computedHmacKey;
   }
 
-  private void handleDataUpgradeToVersion1_1() {
+  private void handleDataUpgradeToVersion2_0() {
     short totalLen = (short) (6 +  KMConfigurations.CERT_CHAIN_MAX_SIZE +
         KMConfigurations.CERT_ISSUER_MAX_SIZE + KMConfigurations.CERT_EXPIRY_MAX_SIZE);
     byte[] oldBuffer = provisionData;

Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java

@@ -45,7 +45,8 @@ public class KMKeymasterApplet extends Applet implements AppletEvent, ExtendedLe
   private static final short POWER_RESET_MASK_FLAG = (short) 0x4000;
   // Magic number version
   public static final byte KM_MAGIC_NUMBER = (byte) 0x81;
-  public static final short CURRENT_PACKAGE_VERSION = 0x0101; // 1.1
+  // MSB byte is for Major version and LSB byte is for Minor version.
+  public static final short CURRENT_PACKAGE_VERSION = 0x0200; // 2.0
 
   // "Keymaster HMAC Verification" - used for HMAC key verification.
   public static final byte[] sharingCheck = {
@@ -1516,7 +1517,7 @@ private boolean isEmpty(byte[] buf, short offset, short len) {
     boolean empty = true;
     short index = 0;
     while (index < len) {
-      if (buf[index] != 0) {
+      if (buf[(short) (index + offset)] != 0) {
         empty = false;
         break;
       }

Applet/src/com/android/javacard/keymaster/KMRepository.java

@@ -940,7 +940,7 @@ public void onRestore(Element ele, short oldVersion, short currentVersion) {
     dataTable = (byte[]) ele.readObject();
     if (oldVersion == 0) {
       // Previous versions does not contain version information.
-      handleDataUpgradeToVersion1_1();
+      handleDataUpgradeToVersion2_0();
     } else {
       attestIdsIndex = ele.readShort();
     }
@@ -994,7 +994,7 @@ public void setEarlyBootEndedStatus(boolean flag) {
     writeDataEntry(EARLY_BOOT_ENDED_STATUS, getHeap(), start, EARLY_BOOT_ENDED_FLAG_SIZE);
   }
 
-  public void handleDataUpgradeToVersion1_1() {
+  public void handleDataUpgradeToVersion2_0() {
     byte[] oldDataTable = dataTable;
     dataTable = new byte[2048];
     attestIdsIndex = (short) (DATA_INDEX_SIZE * DATA_INDEX_ENTRY_SIZE);

HAL/keymaster/4.1/JavacardKeymaster4Device.cpp

@@ -177,7 +177,7 @@ static void clearStrongboxOprHandleEntries(const std::unique_ptr<OperationContex
         << "Secure Element reset or applet upgrade detected. Removing existing operation handles";
     auto it = operationTable.begin();
     while (it != operationTable.end()) {
-        if (it->second == OperationType::PRIVATE_OPERATION) {  // Strongbox operation
+        if (it->second == OperationType::PRIVATE_OPERATION) { // Strongbox operation
             LOG(INFO) << "operation handle: " << it->first << " is removed";
             oprCtx->clearOperationData(it->first);
             it = operationTable.erase(it);
@@ -968,8 +968,7 @@ Return<void> JavacardKeymaster4Device::begin(KeyPurpose purpose, const hidl_vec<
     errorCode = handleBeginOperation(purpose, keyBlob, inParams, authToken, outParams,
                                      operationHandle, operType);
     if (errorCode == ErrorCode::OK && isOperationHandleExists(operationHandle)) {
-        LOG(DEBUG) << "Operation handle " << operationHandle
-                   << "already exists"
+        LOG(DEBUG) << "Operation handle " << operationHandle << "already exists"
                       "in the opertion table. so aborting this opertaion.";
         // abort the operation.
         errorCode = abortOperation(operationHandle, operType);