Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-12 18:59:06 +01:00
Code Issues Projects Releases Wiki Activity

Stricter verification of public keys.

Browse Source
This commit is contained in:
akwizgran
2013-03-07 21:01:44 +00:00
parent ecfb4e98a1
commit 1ece8a05fb
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
briar-core/src/net/sf/briar/crypto/Sec1KeyParser.java
View File

@@ -47,7 +47,11 @@ class Sec1KeyParser implements KeyParser {
System.arraycopy(encodedKey, bytesPerInt + 1, yBytes, 0, bytesPerInt);
BigInteger y = new BigInteger(1, yBytes); // Positive signum
if(y.compareTo(modulus) >= 0) throw new InvalidKeySpecException();
// FIXME: Verify that y^2 == x^3 + ax + b (mod q)
// Verify that y^2 == x^3 + ax + b (mod q)
BigInteger a = params.getCurve().getA(), b = params.getCurve().getB();
BigInteger lhs = y.multiply(y).mod(modulus);
BigInteger rhs = x.multiply(x).add(a).multiply(x).add(b).mod(modulus);
if(!lhs.equals(rhs)) throw new InvalidKeySpecException();
// Construct a public key from the point (x, y) and the params
ECPoint pub = new ECPoint(x, y);
ECPublicKeySpec keySpec = new ECPublicKeySpec(pub, params);