diff options
author | Adam Vartanian <flooey@google.com> | 2018-05-10 19:23:41 +0100 |
---|---|---|
committer | hamzeh <hamzeh@google.com> | 2018-05-16 21:15:20 -0700 |
commit | 0f11f579f8c3a3575c0040d8bcf55cadb43e1591 (patch) | |
tree | 2413bab2ece70e5a3d1a134ef1c7c11fb66242c2 | |
parent | cd9ea7ec6305a93cbe247af670a79d27800bffaa (diff) | |
download | bouncycastle-security-oc-release.tar.gz |
Fix probable prime confidence calculations.android-security-8.0.0_r54android-security-8.0.0_r53android-security-8.0.0_r52android-8.0.0_r51android-8.0.0_r50android-8.0.0_r49android-8.0.0_r48android-8.0.0_r47android-8.0.0_r46android-8.0.0_r45android-8.0.0_r44android-8.0.0_r43android-8.0.0_r42android-8.0.0_r41android-8.0.0_r40android-8.0.0_r39android-8.0.0_r38android-8.0.0_r37security-oc-releaseoreo-security-release
This fix from upstream fixes a problem where the number of iterations
used to confirm that a number is prime was based off the length of the
key rather than the length of the factors p and q. Fewer iterations
are called for for a longer number, so this resulted in a
lower-than-expected confidence in the primality of the key factors.
This only affects apps that use RSAKeyPairGenerator directly (which is
not a public API), rather than those that use
java.security.KeyPairGenerator.
Upstream commits:
https://github.com/bcgit/bc-java/commit/73780ac522b7795fc165630aba8d5f5729acc839
https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad
Bug: 79148652
Test: make
Change-Id: I759a226afc9dbd948611eed99ad89ab7f59b09f8
(cherry picked from commit 91719e3c1be2eb206a50a49a5d172884d65eba1c)
-rw-r--r-- | bcprov/src/main/java/org/bouncycastle/crypto/generators/RSAKeyPairGenerator.java | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/RSAKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/RSAKeyPairGenerator.java index f23f654b..beb1aee2 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/RSAKeyPairGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/RSAKeyPairGenerator.java @@ -20,12 +20,10 @@ public class RSAKeyPairGenerator private static final BigInteger ONE = BigInteger.valueOf(1); private RSAKeyGenerationParameters param; - private int iterations; public void init(KeyGenerationParameters param) { this.param = (RSAKeyGenerationParameters)param; - this.iterations = getNumberOfIterations(this.param.getStrength(), this.param.getCertainty()); } public AsymmetricCipherKeyPair generateKeyPair() @@ -191,6 +189,8 @@ public class RSAKeyPairGenerator protected boolean isProbablePrime(BigInteger x) { + int iterations = getNumberOfIterations(x.bitLength(), param.getCertainty()); + /* * Primes class for FIPS 186-4 C.3 primality checking */ |