Error cleanly if the public and private keys to an ECDH key exchange are on different curves

author: Alex Gaynor <alex.gaynor@gmail.com> 2015-10-28 23:18:43 -0400
committer: Alex Gaynor <alex.gaynor@gmail.com> 2015-10-28 23:18:43 -0400
commit: eb5e0ae4c3f97925ba9787fa1b6a30b7b68b5056 (patch)
tree: e9debfe136011dd17547b674060876824ff6b661 /src
parent: 46a07705f1b9b6a4228eb56620f394675d4612f3 (diff)
download: cryptography-eb5e0ae4c3f97925ba9787fa1b6a30b7b68b5056.tar.gz
cryptography-eb5e0ae4c3f97925ba9787fa1b6a30b7b68b5056.tar.bz2
cryptography-eb5e0ae4c3f97925ba9787fa1b6a30b7b68b5056.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/ec.py b/src/cryptography/hazmat/backends/openssl/ec.py
index cfd559ae..16df37af 100644
--- a/src/cryptography/hazmat/backends/openssl/ec.py
+++ b/src/cryptography/hazmat/backends/openssl/ec.py
@@ -182,6 +182,11 @@ class _EllipticCurvePrivateKey(object):
                 _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
             )
 
+        if type(peer_public_key.curve) is not type(self.curve):
+            raise ValueError(
+                "peer_public_key and self are not on the same curve"
+            )
+
         group = self._backend._lib.EC_KEY_get0_group(self._ec_key)
         z_len = (self._backend._lib.EC_GROUP_get_degree(group) + 7) // 8
         self._backend.openssl_assert(z_len > 0)
author	Alex Gaynor <alex.gaynor@gmail.com>	2015-10-28 23:18:43 -0400
committer	Alex Gaynor <alex.gaynor@gmail.com>	2015-10-28 23:18:43 -0400
commit	eb5e0ae4c3f97925ba9787fa1b6a30b7b68b5056 (patch)
tree	e9debfe136011dd17547b674060876824ff6b661 /src
parent	46a07705f1b9b6a4228eb56620f394675d4612f3 (diff)
download	cryptography-eb5e0ae4c3f97925ba9787fa1b6a30b7b68b5056.tar.gz cryptography-eb5e0ae4c3f97925ba9787fa1b6a30b7b68b5056.tar.bz2 cryptography-eb5e0ae4c3f97925ba9787fa1b6a30b7b68b5056.zip