raise ValueError if DH parameter numbers are invalid (#12373)

Author: reaperhulk

docs/hazmat/primitives/asymmetric/dh.rst

@@ -314,6 +314,8 @@ Numbers
 
         :returns: A new instance of :class:`DHParameters`.
 
+        :raises ValueError: If the parameters are invalid.
+
 .. class:: DHPrivateNumbers(x, public_numbers)
 
     .. versionadded:: 0.8

src/rust/src/backend/dh.rs

@@ -119,7 +119,13 @@ fn dh_parameters_from_numbers(
         .transpose()?;
     let g = utils::py_int_to_bn(py, numbers.g.bind(py))?;
 
-    Ok(openssl::dh::Dh::from_pqg(p, q, g)?)
+    let dh = openssl::dh::Dh::from_pqg(p, q, g)?;
+    if !dh.check_key()? {
+        return Err(CryptographyError::from(
+            pyo3::exceptions::PyValueError::new_err("Invalid DH parameters"),
+        ));
+    }
+    Ok(dh)
 }
 
 fn clone_dh<T: openssl::pkey::HasParams>(
@@ -415,14 +421,6 @@ impl DHPrivateNumbers {
         let priv_key = utils::py_int_to_bn(py, self.x.bind(py))?;
 
         let dh = dh.set_key(pub_key, priv_key)?;
-        if !dh.check_key()? {
-            return Err(CryptographyError::from(
-                pyo3::exceptions::PyValueError::new_err(
-                    "DH private numbers did not pass safety checks.",
-                ),
-            ));
-        }
-
         let pkey = openssl::pkey::PKey::from_dh(dh)?;
         Ok(DHPrivateKey { pkey })
     }

tests/hazmat/primitives/test_dh.py

@@ -72,6 +72,14 @@ def test_dh_parameternumbers():
         dh.DHParameterNumbers(P_1536, 2, "hello")  # type: ignore[arg-type]
 
 
+@pytest.mark.skip_fips(reason="RHEL8 FIPS doesn't like this")
+def test_dh_invalid_parameter_numbers():
+    # invalid q
+    params = dh.DHParameterNumbers(P_1536, 2, 12345)
+    with pytest.raises(ValueError):
+        params.parameters()
+
+
 def test_dh_numbers():
     params = dh.DHParameterNumbers(P_1536, 2)