Use curve's cofactor during VKO calculations

[pygost.git] / pygost / gost3410_vko.py

diff --git a/pygost/gost3410_vko.py b/pygost/gost3410_vko.py
index 612f4bc073385379157f8332cf5eceb54714c850..7bc71113b69e99bcf10dbe2d819d2d8b96361a47 100644 (file)
--- a/pygost/gost3410_vko.py
+++ b/pygost/gost3410_vko.py
@@ -1,6 +1,6 @@
 # coding: utf-8
 # PyGOST -- Pure Python GOST cryptographic functions library
-# Copyright (C) 2015-2019 Sergey Matveev <stargrave@stargrave.org>
+# Copyright (C) 2015-2020 Sergey Matveev <stargrave@stargrave.org>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -26,7 +26,7 @@ from pygost.utils import bytes2long
 def ukm_unmarshal(ukm):
     """Unmarshal UKM value
 
-    :type ukm: bytes
+    :type ukm: little-endian bytes
     :rtype: long
     """
     return bytes2long(ukm[::-1])
@@ -34,7 +34,7 @@ def ukm_unmarshal(ukm):
 
 def kek(curve, prv, pub, ukm, mode):
     key = curve.exp(prv, pub[0], pub[1])
-    key = curve.exp(ukm, key[0], key[1])
+    key = curve.exp(curve.cofactor * ukm, key[0], key[1])
     return pub_marshal(key, mode)
 
 
@@ -55,7 +55,7 @@ def kek_34102001(curve, prv, pub, ukm):
     """
     return GOST341194(
         kek(curve, prv, pub, ukm, mode=2001),
-        "id-GostR3411-94-CryptoProParamSet",
+        sbox="id-GostR3411-94-CryptoProParamSet",
     ).digest()