X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=gost3410%2Fvko.go;h=15732967b9cd0b92bbf7729b7fd9deae7f93dfb2;hb=d681002980ca0b115936a6e217de5649bb8966d3;hp=1ac5ea3722f108b7b1860bffeccb2f71b9b48b44;hpb=c40d1e5634cf6d540d908a57423f4b504e39f186;p=gogost.git

diff --git a/gost3410/vko.go b/gost3410/vko.go
index 1ac5ea3..1573296 100644
--- a/gost3410/vko.go
+++ b/gost3410/vko.go
@@ -1,5 +1,5 @@
 // GoGOST -- Pure Go GOST cryptographic functions library
-// Copyright (C) 2015-2020 Sergey Matveev <stargrave@stargrave.org>
+// Copyright (C) 2015-2024 Sergey Matveev <stargrave@stargrave.org>
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -16,20 +16,22 @@
 package gost3410
 
 import (
+	"fmt"
 	"math/big"
 )
 
 func (prv *PrivateKey) KEK(pub *PublicKey, ukm *big.Int) ([]byte, error) {
 	keyX, keyY, err := prv.C.Exp(prv.Key, pub.X, pub.Y)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("gogost/gost3410.PrivateKey.KEK: %w", err)
 	}
-	if ukm.Cmp(bigInt1) != 0 {
-		keyX, keyY, err = prv.C.Exp(ukm, keyX, keyY)
+	u := big.NewInt(0).Set(ukm).Mul(ukm, prv.C.Co)
+	if u.Cmp(bigInt1) != 0 {
+		keyX, keyY, err = prv.C.Exp(u, keyX, keyY)
 		if err != nil {
-			return nil, err
+			return nil, fmt.Errorf("gogost/gost3410.PrivateKey.KEK: %w", err)
 		}
 	}
-	pk := PublicKey{prv.C, prv.Mode, keyX, keyY}
+	pk := PublicKey{prv.C, keyX, keyY}
 	return pk.Raw(), nil
 }