Only match on exactly GCM mode

In Conscrypt, we're adding AES/GCM-SIV/NoPadding as a cipher, which is
a different cipher than AES/GCM/NoPadding.  Bouncy Castle previously
treated any mode that started with "GCM" as being GCM, which now means
it will supply the (incorrectly functioning) GCM mode when GCM-SIV is
requested.  Make the match more strict to keep that from happening.

We could consider doing the same for other modes that aren't defined
to take a block size suffix, like CCM and CTR, but for now we might as
well avoid too much diff from upstream.

Test: cts -m CtsLibcoreTestCases
Change-Id: I1430fd7678679b1ed23d9c511bc8a1211a7f8c91

1 files changed, 2 insertions, 1 deletions

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
index 5c29faed..13514775 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
@@ -458,7 +458,8 @@ public class BaseBlockCipher
         }
         */
         // END Android-removed: Unsupported modes
-        else if (modeName.startsWith("GCM"))
+        // Android-changed: Use equals instead of startsWith to not catch GCM-SIV
+        else if (modeName.equalsIgnoreCase("GCM"))
         {
             ivLength = baseEngine.getBlockSize();
             // BEGIN Android-removed: Unsupported algorithms