diff options
| -rw-r--r-- | crypto/src/crypto/parameters/DHPublicKeyParameters.cs | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/crypto/src/crypto/parameters/DHPublicKeyParameters.cs b/crypto/src/crypto/parameters/DHPublicKeyParameters.cs index e79375f71..1704c47dc 100644 --- a/crypto/src/crypto/parameters/DHPublicKeyParameters.cs +++ b/crypto/src/crypto/parameters/DHPublicKeyParameters.cs @@ -8,6 +8,25 @@ namespace Org.BouncyCastle.Crypto.Parameters public class DHPublicKeyParameters : DHKeyParameters { + private static BigInteger Validate(BigInteger y, DHParameters dhParams) + { + if (y == null) + throw new ArgumentNullException("y"); + + // TLS check + if (y.CompareTo(BigInteger.Two) < 0 || y.CompareTo(dhParams.P.Subtract(BigInteger.Two)) > 0) + throw new ArgumentException("invalid DH public key", "y"); + + // we can't validate without Q. + if (dhParams.Q != null + && !y.ModPow(dhParams.Q, dhParams.P).Equals(BigInteger.One)) + { + throw new ArgumentException("y value does not appear to be in correct group", "y"); + } + + return y; + } + private readonly BigInteger y; public DHPublicKeyParameters( @@ -15,10 +34,7 @@ namespace Org.BouncyCastle.Crypto.Parameters DHParameters parameters) : base(false, parameters) { - if (y == null) - throw new ArgumentNullException("y"); - - this.y = y; + this.y = Validate(y, parameters); } public DHPublicKeyParameters( @@ -27,10 +43,7 @@ namespace Org.BouncyCastle.Crypto.Parameters DerObjectIdentifier algorithmOid) : base(false, parameters, algorithmOid) { - if (y == null) - throw new ArgumentNullException("y"); - - this.y = y; + this.y = Validate(y, parameters); } public BigInteger Y |