1 files changed, 21 insertions, 8 deletions
diff --git a/crypto/src/crypto/parameters/DHPublicKeyParameters.cs b/crypto/src/crypto/parameters/DHPublicKeyParameters.cs
index e79375f71..1704c47dc 100644
--- a/crypto/src/crypto/parameters/DHPublicKeyParameters.cs
+++ b/crypto/src/crypto/parameters/DHPublicKeyParameters.cs
@@ -8,6 +8,25 @@ namespace Org.BouncyCastle.Crypto.Parameters
public class DHPublicKeyParameters
: DHKeyParameters
{
+ private static BigInteger Validate(BigInteger y, DHParameters dhParams)
+ {
+ if (y == null)
+ throw new ArgumentNullException("y");
+
+ // TLS check
+ if (y.CompareTo(BigInteger.Two) < 0 || y.CompareTo(dhParams.P.Subtract(BigInteger.Two)) > 0)
+ throw new ArgumentException("invalid DH public key", "y");
+
+ // we can't validate without Q.
+ if (dhParams.Q != null
+ && !y.ModPow(dhParams.Q, dhParams.P).Equals(BigInteger.One))
+ {
+ throw new ArgumentException("y value does not appear to be in correct group", "y");
+ }
+
+ return y;
+ }
+
private readonly BigInteger y;
public DHPublicKeyParameters(
@@ -15,10 +34,7 @@ namespace Org.BouncyCastle.Crypto.Parameters
DHParameters parameters)
: base(false, parameters)
{
- if (y == null)
- throw new ArgumentNullException("y");
-
- this.y = y;
+ this.y = Validate(y, parameters);
}
public DHPublicKeyParameters(
@@ -27,10 +43,7 @@ namespace Org.BouncyCastle.Crypto.Parameters
DerObjectIdentifier algorithmOid)
: base(false, parameters, algorithmOid)
{
- if (y == null)
- throw new ArgumentNullException("y");
-
- this.y = y;
+ this.y = Validate(y, parameters);
}
public BigInteger Y
|
