diff options
| author | Adam Vartanian <flooey@google.com> | 2018-05-10 19:23:41 +0100 |
|---|---|---|
| committer | MSe <mse1969@posteo.de> | 2018-07-16 09:27:12 +0200 |
| commit | b81e13ce0a60eabfb2a1008fbfa603f1f8939497 (patch) | |
| tree | 1ab210c954baaf637e070d092ea8e619eadfc2ad | |
| parent | c2727c35a0a865cb64e7d9b9d9aeda4de058a443 (diff) | |
| download | android_external_bouncycastle-cm-14.1.tar.gz android_external_bouncycastle-cm-14.1.tar.bz2 android_external_bouncycastle-cm-14.1.zip | |
Fix probable prime confidence calculations.cm-14.1
This fix from upstream fixes a problem where the number of iterations
used to confirm that a number is prime was based off the length of the
key rather than the length of the factors p and q. Fewer iterations
are called for for a longer number, so this resulted in a
lower-than-expected confidence in the primality of the key factors.
This only affects apps that use RSAKeyPairGenerator directly (which is
not a public API), rather than those that use
java.security.KeyPairGenerator.
Upstream commits:
https://github.com/bcgit/bc-java/commit/73780ac522b7795fc165630aba8d5f5729acc839
https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad
Bug: 79148652
Test: make
Change-Id: I759a226afc9dbd948611eed99ad89ab7f59b09f8
(cherry picked from commit 91719e3c1be2eb206a50a49a5d172884d65eba1c)
CVE-2018-9426
| -rw-r--r-- | bcprov/src/main/java/org/bouncycastle/crypto/generators/RSAKeyPairGenerator.java | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/RSAKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/RSAKeyPairGenerator.java index f23f654..beb1aee 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/RSAKeyPairGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/RSAKeyPairGenerator.java @@ -20,12 +20,10 @@ public class RSAKeyPairGenerator private static final BigInteger ONE = BigInteger.valueOf(1); private RSAKeyGenerationParameters param; - private int iterations; public void init(KeyGenerationParameters param) { this.param = (RSAKeyGenerationParameters)param; - this.iterations = getNumberOfIterations(this.param.getStrength(), this.param.getCertainty()); } public AsymmetricCipherKeyPair generateKeyPair() @@ -191,6 +189,8 @@ public class RSAKeyPairGenerator protected boolean isProbablePrime(BigInteger x) { + int iterations = getNumberOfIterations(x.bitLength(), param.getCertainty()); + /* * Primes class for FIPS 186-4 C.3 primality checking */ |