diff options
author | Adam Vartanian <flooey@google.com> | 2019-03-01 10:35:31 -0800 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2019-03-01 10:35:31 -0800 |
commit | 74b4ca16b4f051db24ea04b5a076e387f3d799ef (patch) | |
tree | 91198a5622bc505aab914986507f2270a40dcfe6 | |
parent | 3d9d9178f8d746f0dc52ceba687ca6d28482f480 (diff) | |
parent | a9b7a58bf113c6df8b02b314acd83b381671d62e (diff) | |
download | bouncycastle-74b4ca16b4f051db24ea04b5a076e387f3d799ef.tar.gz |
Merge "Remove DH keygen special case" am: 151ca156c5 am: cabf9a8310
am: a9b7a58bf1
Change-Id: I78110c3906f27236179e9ece5f065af4c83f460e
2 files changed, 24 insertions, 0 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java index 1e426b12..ce21d3dc 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java @@ -73,10 +73,22 @@ public class KeyPairGeneratorSpi private DHKeyGenerationParameters convertParams(SecureRandom random, DHParameterSpec dhParams) { + // BEGIN Android-removed: Don't special-case DHDomainParameterSpec + // When DHDomainParameterSpec is special-cased here, it supplies a value for q that + // ultimately results in a smaller value of x, which runs afoul of the Wycheproof test + // com.google.security.wycheproof.DhTest.testKeyPairGenerator(). See the docs in DhTest + // for more details of why that requirement is made. + // + // While we believe this code would be safe (and likely somewhat faster), in the interest + // of being conservative we've disabled it to preserve the old behavior that also passes + // the Wycheproof test. + /* if (dhParams instanceof DHDomainParameterSpec) { return new DHKeyGenerationParameters(random, ((DHDomainParameterSpec)dhParams).getDomainParameters()); } + */ + // END Android-removed: Don't special-case DHDomainParameterSpec return new DHKeyGenerationParameters(random, new DHParameters(dhParams.getP(), dhParams.getG(), null, dhParams.getL())); } diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java index cb5f7d88..a208fe16 100644 --- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java +++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java @@ -77,10 +77,22 @@ public class KeyPairGeneratorSpi private DHKeyGenerationParameters convertParams(SecureRandom random, DHParameterSpec dhParams) { + // BEGIN Android-removed: Don't special-case DHDomainParameterSpec + // When DHDomainParameterSpec is special-cased here, it supplies a value for q that + // ultimately results in a smaller value of x, which runs afoul of the Wycheproof test + // com.google.security.wycheproof.DhTest.testKeyPairGenerator(). See the docs in DhTest + // for more details of why that requirement is made. + // + // While we believe this code would be safe (and likely somewhat faster), in the interest + // of being conservative we've disabled it to preserve the old behavior that also passes + // the Wycheproof test. + /* if (dhParams instanceof DHDomainParameterSpec) { return new DHKeyGenerationParameters(random, ((DHDomainParameterSpec)dhParams).getDomainParameters()); } + */ + // END Android-removed: Don't special-case DHDomainParameterSpec return new DHKeyGenerationParameters(random, new DHParameters(dhParams.getP(), dhParams.getG(), null, dhParams.getL())); } |