From 68597d6c545b7f94878cce394a633f186a3f1e56 Mon Sep 17 00:00:00 2001
From: Adam Vartanian <flooey@google.com>
Date: Fri, 1 Mar 2019 13:36:42 +0000
Subject: Remove DH keygen special case

BC added an optimization for a BC-specific key generation params class
that ultimately causes Wycheproof's DhTest to fail.  While I believe
it would be safe to include that optimization, in the interest of
being conservative, I'm going to disable it to maintain the behavior of
previous versions.

Bug: 124926190
Test: cts -m CtsLibcoreTestCases
Test: cts -m CtsLibcoreWycheproofBCTestCases
Change-Id: I6aa9945d1e0f55cc4789d35edd41cc47fe61a3d6
---
 .../jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java   | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'bcprov')

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java
index 1e426b12..ce21d3dc 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java
@@ -73,10 +73,22 @@ public class KeyPairGeneratorSpi
 
     private DHKeyGenerationParameters convertParams(SecureRandom random, DHParameterSpec dhParams)
     {
+        // BEGIN Android-removed: Don't special-case DHDomainParameterSpec
+        // When DHDomainParameterSpec is special-cased here, it supplies a value for q that
+        // ultimately results in a smaller value of x, which runs afoul of the Wycheproof test
+        // com.google.security.wycheproof.DhTest.testKeyPairGenerator().  See the docs in DhTest
+        // for more details of why that requirement is made.
+        //
+        // While we believe this code would be safe (and likely somewhat faster), in the interest
+        // of being conservative we've disabled it to preserve the old behavior that also passes
+        // the Wycheproof test.
+        /*
         if (dhParams instanceof DHDomainParameterSpec)
         {
             return new DHKeyGenerationParameters(random, ((DHDomainParameterSpec)dhParams).getDomainParameters());
         }
+        */
+        // END Android-removed: Don't special-case DHDomainParameterSpec
         return new DHKeyGenerationParameters(random, new DHParameters(dhParams.getP(), dhParams.getG(), null, dhParams.getL()));
     }
 
-- 
cgit v1.2.3