From adeebe5e382c4b0e1d6edbe70ebc0eed3f016cba Mon Sep 17 00:00:00 2001
From: Janis Danisevskis <jdanis@google.com>
Date: Fri, 15 Jan 2021 08:36:47 -0800
Subject: [PATCH] Keystore 2.0 SPI: Fix bug in chunked streamer.

The chunked streamer sent the chunk buffer prematurely leading to
oversized and garbage data sent to keystore.

Test: atest android.keystore.cts.SignatureTest#testSmallMsgKat
Change-Id: I84e40766b735f05b3fb7e0e692d26a25a0496649
---
 .../keystore2/KeyStoreCryptoOperationChunkedStreamer.java     | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/keystore/java/android/security/keystore2/KeyStoreCryptoOperationChunkedStreamer.java b/keystore/java/android/security/keystore2/KeyStoreCryptoOperationChunkedStreamer.java
index 6c733ba712d51..33e8dede9f5c2 100644
--- a/keystore/java/android/security/keystore2/KeyStoreCryptoOperationChunkedStreamer.java
+++ b/keystore/java/android/security/keystore2/KeyStoreCryptoOperationChunkedStreamer.java
@@ -139,7 +139,9 @@ class KeyStoreCryptoOperationChunkedStreamer implements KeyStoreCryptoOperationS
             int inputConsumed = ArrayUtils.copy(input, inputOffset, mChunk, mChunkLength,
                     inputLength);
             inputLength -= inputConsumed;
-            inputOffset += inputOffset;
+            inputOffset += inputConsumed;
+            mChunkLength += inputConsumed;
+            if (mChunkLength < mChunkSizeMax) return output;
             byte[] o = mKeyStoreStream.update(mChunk);
             if (o != null) {
                 output = ArrayUtils.concat(output, o);