summary refs log tree commit diff
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2024-04-23 14:31:22 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2024-04-23 14:31:22 +0700
commit56daa6eac526f165416d17f661422d60de0dfd63 (patch)
tree05b528b7cd80ae0950e58d3dee95f48cb8147ec7
parentAdd some more utility methods around X.509 extensions (diff)
downloadBouncyCastle.NET-ed25519-56daa6eac526f165416d17f661422d60de0dfd63.tar.xz
Restrict m value in F2m curves
- configure limit w/ env. var. "Org.BouncyCastle.EC.F2m_MaxSize"
Diffstat
-rw-r--r--crypto/src/math/ec/ECCurve.cs18
-rw-r--r--crypto/test/src/math/ec/test/ECPointTest.cs20
2 files changed, 31 insertions, 7 deletions
diff --git a/crypto/src/math/ec/ECCurve.cs b/crypto/src/math/ec/ECCurve.cs

index 245ca1941..ae0d5d69e 100644
--- a/crypto/src/math/ec/ECCurve.cs
+++ b/crypto/src/math/ec/ECCurve.cs
@@ -607,6 +607,13 @@ namespace Org.BouncyCastle.Math.EC
         }
 #endif
 
+        internal static int ImplGetInteger(string envVariable, int defaultValue)
+        {
+            string property = Platform.GetEnvironmentVariable(envVariable);
+
+            return int.TryParse(property, out int value) ? value : defaultValue;
+        }
+
         private class DefaultLookupTable
             : AbstractECLookupTable
         {
@@ -757,13 +764,6 @@ namespace Org.BouncyCastle.Math.EC
                 throw new ArgumentException("Fp q value not prime");
         }
 
-        private static int ImplGetInteger(string envVariable, int defaultValue)
-        {
-            string property = Platform.GetEnvironmentVariable(envVariable);
-
-            return int.TryParse(property, out int value) ? value : defaultValue;
-        }
-
         private static int ImplGetIterations(int bits, int certainty)
         {
             /*
@@ -966,6 +966,10 @@ namespace Org.BouncyCastle.Math.EC
 
         private static IFiniteField BuildField(int m, int k1, int k2, int k3)
         {
+            int maxM = ImplGetInteger("Org.BouncyCastle.EC.F2m_MaxSize", 1142); // 2 * 571
+            if (m > maxM)
+                throw new ArgumentException("F2m m value out of range");
+
             int[] exponents = (k2 | k3) == 0
                 ? new int[]{ 0, k1, m }
                 : new int[]{ 0, k1, k2, k3, m };
diff --git a/crypto/test/src/math/ec/test/ECPointTest.cs b/crypto/test/src/math/ec/test/ECPointTest.cs

index 7a833a413..a5129f3fb 100644
--- a/crypto/test/src/math/ec/test/ECPointTest.cs
+++ b/crypto/test/src/math/ec/test/ECPointTest.cs
@@ -179,6 +179,26 @@ namespace Org.BouncyCastle.Math.EC.Tests
             }
         }
 
+        [Test]
+        public void TestLargeMInF2m()
+        {
+            int m = 2048;
+            int k1 = 1;
+            BigInteger aTpb = new BigInteger("1000", 2);
+            BigInteger bTpb = new BigInteger("1001", 2);
+            BigInteger n = new BigInteger("23");
+            BigInteger h = new BigInteger("1");
+
+            try
+            {
+                F2mCurve curve = new F2mCurve(m, k1, aTpb, bTpb, n, h);
+            }
+            catch (ArgumentException e)
+            {
+                Assert.AreEqual("F2m m value out of range", e.Message);
+            }
+        }
+
         /**
          * Calls <code>implTestAdd()</code> for <code>Fp</code> and
          * <code>F2m</code>.
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-04-13 20:53:44 +0000