Add validation to DH public key constructor

1 files changed, 21 insertions, 8 deletions

diff --git a/crypto/src/crypto/parameters/DHPublicKeyParameters.cs b/crypto/src/crypto/parameters/DHPublicKeyParameters.cs
index e79375f71..1704c47dc 100644
--- a/crypto/src/crypto/parameters/DHPublicKeyParameters.cs
+++ b/crypto/src/crypto/parameters/DHPublicKeyParameters.cs
@@ -8,6 +8,25 @@ namespace Org.BouncyCastle.Crypto.Parameters
     public class DHPublicKeyParameters
 		: DHKeyParameters
     {
+        private static BigInteger Validate(BigInteger y, DHParameters dhParams)
+        {
+            if (y == null)
+                throw new ArgumentNullException("y");
+
+            // TLS check
+            if (y.CompareTo(BigInteger.Two) < 0 || y.CompareTo(dhParams.P.Subtract(BigInteger.Two)) > 0)
+                throw new ArgumentException("invalid DH public key", "y");
+
+            // we can't validate without Q.
+            if (dhParams.Q != null
+                && !y.ModPow(dhParams.Q, dhParams.P).Equals(BigInteger.One))
+            {
+                throw new ArgumentException("y value does not appear to be in correct group", "y");
+            }
+
+            return y;
+        }
+
         private readonly BigInteger y;
 
 		public DHPublicKeyParameters(
@@ -15,10 +34,7 @@ namespace Org.BouncyCastle.Crypto.Parameters
             DHParameters	parameters)
 			: base(false, parameters)
         {
-			if (y == null)
-				throw new ArgumentNullException("y");
-
-			this.y = y;
+			this.y = Validate(y, parameters);
         }
 
 		public DHPublicKeyParameters(
@@ -27,10 +43,7 @@ namespace Org.BouncyCastle.Crypto.Parameters
 		    DerObjectIdentifier	algorithmOid)
 			: base(false, parameters, algorithmOid)
         {
-			if (y == null)
-				throw new ArgumentNullException("y");
-
-			this.y = y;
+            this.y = Validate(y, parameters);
         }
 
         public BigInteger Y