Only match on exactly GCM mode

In Conscrypt, we're adding AES/GCM-SIV/NoPadding as a cipher, which is a different cipher than AES/GCM/NoPadding. Bouncy Castle previously treated any mode that started with "GCM" as being GCM, which now means it will supply the (incorrectly functioning) GCM mode when GCM-SIV is requested. Make the match more strict to keep that from happening. Bug: 148517383 Test: atest CtsLibcoreTestCases Cherry pick of aosp/1094130 Change-Id: I52dbd3b82ce527df7e4905c1fbe0f66f4d67f86d
author: Daulet Zhanguzin <dauletz@google.com> 2020-02-10 17:04:57 +0000
committer: Daulet Zhanguzin <dauletz@google.com> 2020-02-10 17:04:57 +0000
commit: 14ceec126e49f2f4748f0d540be820515cc725a6 (patch)
tree: 16b30287d1aae0c26e4e761a023136f1ee8fb2ff
parent: 7f368592677d262880b2016bddc3ce29f9c459cf (diff)
download: bouncycastle-14ceec126e49f2f4748f0d540be820515cc725a6.tar.gz
2 files changed, 4 insertions, 2 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
index db2f66ce..d3d04db4 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
@@ -454,7 +454,8 @@ public class BaseBlockCipher
         }
         */
         // END Android-removed: Unsupported modes
-        else if (modeName.startsWith("GCM"))
+        // Android-changed: Use equals instead of startsWith to not catch GCM-SIV
+        else if (modeName.equalsIgnoreCase("GCM"))
         {
             ivLength = baseEngine.getBlockSize();
             // BEGIN Android-removed: Unsupported algorithms
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
index 5c29faed..13514775 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
@@ -458,7 +458,8 @@ public class BaseBlockCipher
         }
         */
         // END Android-removed: Unsupported modes
-        else if (modeName.startsWith("GCM"))
+        // Android-changed: Use equals instead of startsWith to not catch GCM-SIV
+        else if (modeName.equalsIgnoreCase("GCM"))
         {
             ivLength = baseEngine.getBlockSize();
             // BEGIN Android-removed: Unsupported algorithms
author	Daulet Zhanguzin <dauletz@google.com>	2020-02-10 17:04:57 +0000
committer	Daulet Zhanguzin <dauletz@google.com>	2020-02-10 17:04:57 +0000
commit	14ceec126e49f2f4748f0d540be820515cc725a6 (patch)
tree	16b30287d1aae0c26e4e761a023136f1ee8fb2ff
parent	7f368592677d262880b2016bddc3ce29f9c459cf (diff)
download	bouncycastle-14ceec126e49f2f4748f0d540be820515cc725a6.tar.gz