1 files changed, 9 insertions, 5 deletions
diff --git a/crypto/src/crypto/agreement/ECDHCBasicAgreement.cs b/crypto/src/crypto/agreement/ECDHCBasicAgreement.cs
index 1c9ae45f9..f0b5d1e02 100644
--- a/crypto/src/crypto/agreement/ECDHCBasicAgreement.cs
+++ b/crypto/src/crypto/agreement/ECDHCBasicAgreement.cs
@@ -50,15 +50,19 @@ namespace Org.BouncyCastle.Crypto.Agreement
public virtual BigInteger CalculateAgreement(
ICipherParameters pubKey)
{
- ECPublicKeyParameters pub = (ECPublicKeyParameters) pubKey;
- ECDomainParameters parameters = pub.Parameters;
- if (!parameters.Equals(privKey.Parameters))
+ ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey;
+ ECDomainParameters dp = privKey.Parameters;
+ if (!dp.Equals(pub.Parameters))
throw new InvalidOperationException("ECDHC public key has wrong domain parameters");
- BigInteger hd = parameters.H.Multiply(privKey.D).Mod(parameters.N);
+ BigInteger hd = dp.H.Multiply(privKey.D).Mod(dp.N);
- ECPoint P = pub.Q.Multiply(hd).Normalize();
+ // Always perform calculations on the exact curve specified by our private key's parameters
+ ECPoint pubPoint = ECAlgorithms.CleanPoint(dp.Curve, pub.Q);
+ if (pubPoint.IsInfinity)
+ throw new InvalidOperationException("Infinity is not a valid public key for ECDHC");
+ ECPoint P = pubPoint.Multiply(hd).Normalize();
if (P.IsInfinity)
throw new InvalidOperationException("Infinity is not a valid agreement value for ECDHC");
|
