From 1ece8a05fbf4caf4d7c9718798377a3a0dffdb5e Mon Sep 17 00:00:00 2001
From: akwizgran <michael@briarproject.org>
Date: Thu, 7 Mar 2013 21:01:44 +0000
Subject: [PATCH] Stricter verification of public keys.

---
 briar-core/src/net/sf/briar/crypto/Sec1KeyParser.java | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/briar-core/src/net/sf/briar/crypto/Sec1KeyParser.java b/briar-core/src/net/sf/briar/crypto/Sec1KeyParser.java
index 87a3e7a6fa..a3014e95f9 100644
--- a/briar-core/src/net/sf/briar/crypto/Sec1KeyParser.java
+++ b/briar-core/src/net/sf/briar/crypto/Sec1KeyParser.java
@@ -47,7 +47,11 @@ class Sec1KeyParser implements KeyParser {
 		System.arraycopy(encodedKey, bytesPerInt + 1, yBytes, 0, bytesPerInt);
 		BigInteger y = new BigInteger(1, yBytes); // Positive signum
 		if(y.compareTo(modulus) >= 0) throw new InvalidKeySpecException();
-		// FIXME: Verify that y^2 == x^3 + ax + b (mod q)
+		// Verify that y^2 == x^3 + ax + b (mod q)
+		BigInteger a = params.getCurve().getA(), b = params.getCurve().getB();
+		BigInteger lhs = y.multiply(y).mod(modulus);
+		BigInteger rhs = x.multiply(x).add(a).multiply(x).add(b).mod(modulus);
+		if(!lhs.equals(rhs)) throw new InvalidKeySpecException();
 		// Construct a public key from the point (x, y) and the params
 		ECPoint pub = new ECPoint(x, y);
 		ECPublicKeySpec keySpec = new ECPublicKeySpec(pub, params);
-- 
GitLab