Use curve's cofactor during VKO calculations

diff --git a/news.texi b/news.texi
index 4c8094e9b20ff08ebe24ca953421bb982e532e5c..5c0442a00086d37c47e13b2614fb3413cdcbd5d8 100644 (file)
--- a/news.texi
+++ b/news.texi
@@ -6,6 +6,8 @@
 @anchor{Release 4.9}
 @item 4.9
     @itemize
 @anchor{Release 4.9}
 @item 4.9
     @itemize

+    @item @strong{Fixed} nasty bug with Edwards curves using in
+        34.10-VKO functions: curve's cofactor has not been used

     @item CTR-ACPKM mode of operation
     @item OMAC-ACPKM-Master moder of operation
     @item KExp15/KImp15 key export/import functions
     @item CTR-ACPKM mode of operation
     @item OMAC-ACPKM-Master moder of operation
     @item KExp15/KImp15 key export/import functions

diff --git a/pygost/gost3410.py b/pygost/gost3410.py
index d7c733df2f5302f44f6b2bd592e208915c73d00d..9f0a11e656689745056b8f7c53cdf5c3779201b3 100644 (file)
--- a/pygost/gost3410.py
+++ b/pygost/gost3410.py
@@ -54,13 +54,14 @@ class GOST3410Curve(object):
     :param long e, d: coefficients of the equation of the elliptic curve in
                       the twisted Edwards form
     """
     :param long e, d: coefficients of the equation of the elliptic curve in
                       the twisted Edwards form
     """

-    def __init__(self, p, q, a, b, x, y, e=None, d=None):
+    def __init__(self, p, q, a, b, x, y, cofactor=1, e=None, d=None):

         self.p = p
         self.q = q
         self.a = a
         self.b = b
         self.x = x
         self.y = y
         self.p = p
         self.q = q
         self.a = a
         self.b = b
         self.x = x
         self.y = y

+        self.cofactor = cofactor

         self.e = e
         self.d = d
         r1 = self.y * self.y % self.p
         self.e = e
         self.d = d
         r1 = self.y * self.y % self.p


@@ -165,6 +166,7 @@ CURVES = {
         b=bytes2long(hexdec("295F9BAE7428ED9CCC20E7C359A9D41A22FCCD9108E17BF7BA9337A6F8AE9513")),
         x=bytes2long(hexdec("91E38443A5E82C0D880923425712B2BB658B9196932E02C78B2582FE742DAA28")),
         y=bytes2long(hexdec("32879423AB1A0375895786C4BB46E9565FDE0B5344766740AF268ADB32322E5C")),
         b=bytes2long(hexdec("295F9BAE7428ED9CCC20E7C359A9D41A22FCCD9108E17BF7BA9337A6F8AE9513")),
         x=bytes2long(hexdec("91E38443A5E82C0D880923425712B2BB658B9196932E02C78B2582FE742DAA28")),
         y=bytes2long(hexdec("32879423AB1A0375895786C4BB46E9565FDE0B5344766740AF268ADB32322E5C")),

+        cofactor=4,

         e=0x01,
         d=bytes2long(hexdec("0605F6B7C183FA81578BC39CFAD518132B9DF62897009AF7E522C32D6DC7BFFB")),
     ),
         e=0x01,
         d=bytes2long(hexdec("0605F6B7C183FA81578BC39CFAD518132B9DF62897009AF7E522C32D6DC7BFFB")),
     ),


@@ -199,6 +201,7 @@ CURVES = {
         b=bytes2long(hexdec("B4C4EE28CEBC6C2C8AC12952CF37F16AC7EFB6A9F69F4B57FFDA2E4F0DE5ADE038CBC2FFF719D2C18DE0284B8BFEF3B52B8CC7A5F5BF0A3C8D2319A5312557E1")),
         x=bytes2long(hexdec("E2E31EDFC23DE7BDEBE241CE593EF5DE2295B7A9CBAEF021D385F7074CEA043AA27272A7AE602BF2A7B9033DB9ED3610C6FB85487EAE97AAC5BC7928C1950148")),
         y=bytes2long(hexdec("F5CE40D95B5EB899ABBCCFF5911CB8577939804D6527378B8C108C3D2090FF9BE18E2D33E3021ED2EF32D85822423B6304F726AA854BAE07D0396E9A9ADDC40F")),
         b=bytes2long(hexdec("B4C4EE28CEBC6C2C8AC12952CF37F16AC7EFB6A9F69F4B57FFDA2E4F0DE5ADE038CBC2FFF719D2C18DE0284B8BFEF3B52B8CC7A5F5BF0A3C8D2319A5312557E1")),
         x=bytes2long(hexdec("E2E31EDFC23DE7BDEBE241CE593EF5DE2295B7A9CBAEF021D385F7074CEA043AA27272A7AE602BF2A7B9033DB9ED3610C6FB85487EAE97AAC5BC7928C1950148")),
         y=bytes2long(hexdec("F5CE40D95B5EB899ABBCCFF5911CB8577939804D6527378B8C108C3D2090FF9BE18E2D33E3021ED2EF32D85822423B6304F726AA854BAE07D0396E9A9ADDC40F")),

+        cofactor=4,

         e=0x01,
         d=bytes2long(hexdec("9E4F5D8C017D8D9F13A5CF3CDF5BFE4DAB402D54198E31EBDE28A0621050439CA6B39E0A515C06B304E2CE43E79E369E91A0CFC2BC2A22B4CA302DBB33EE7550")),
     ),
         e=0x01,
         d=bytes2long(hexdec("9E4F5D8C017D8D9F13A5CF3CDF5BFE4DAB402D54198E31EBDE28A0621050439CA6B39E0A515C06B304E2CE43E79E369E91A0CFC2BC2A22B4CA302DBB33EE7550")),
     ),

diff --git a/pygost/gost3410_vko.py b/pygost/gost3410_vko.py
index 6ffc9537014f0b570399fed4d3042fa7708530d1..7bc71113b69e99bcf10dbe2d819d2d8b96361a47 100644 (file)
--- a/pygost/gost3410_vko.py
+++ b/pygost/gost3410_vko.py
@@ -34,7 +34,7 @@ def ukm_unmarshal(ukm):
 
 def kek(curve, prv, pub, ukm, mode):
     key = curve.exp(prv, pub[0], pub[1])
 
 def kek(curve, prv, pub, ukm, mode):
     key = curve.exp(prv, pub[0], pub[1])

-    key = curve.exp(ukm, key[0], key[1])
+    key = curve.exp(curve.cofactor * ukm, key[0], key[1])

     return pub_marshal(key, mode)
 
 
     return pub_marshal(key, mode)
 
 

diff --git a/pygost/stubs/pygost/gost3410.pyi b/pygost/stubs/pygost/gost3410.pyi
index afab2659e665c19d430c88b6869674f5f2e8a97c..4be8b1d63ecd13653a46cfac7271f56a342483f3 100644 (file)
--- a/pygost/stubs/pygost/gost3410.pyi
+++ b/pygost/stubs/pygost/gost3410.pyi
@@ -15,6 +15,7 @@ class GOST3410Curve(object):
     b = ...  # type: int
     x = ...  # type: int
     y = ...  # type: int
     b = ...  # type: int
     x = ...  # type: int
     y = ...  # type: int

+    cofactor = ...  # type: int

     e = ...  # type: int
     d = ...  # type: int
 
     e = ...  # type: int
     d = ...  # type: int
 


@@ -26,6 +27,7 @@ class GOST3410Curve(object):
             b: int,
             x: int,
             y: int,
             b: int,
             x: int,
             y: int,

+            cofactor: int = 1,

             e: int = None,
             d: int = None,
     ) -> None: ...
             e: int = None,
             d: int = None,
     ) -> None: ...