From: Sergey Matveev <stargrave@stargrave.org>
Date: Mon, 27 Nov 2023 12:12:54 +0000 (+0300)
Subject: Support or masked 34.10 keys
X-Git-Tag: 5.13^0
X-Git-Url: http://www.git.cypherpunks.ru/?p=pygost.git;a=commitdiff_plain;h=b529ed29328fafc3061c6b83358e3ee03b343189

Support or masked 34.10 keys
---

diff --git a/news.texi b/news.texi
index 1dabeea..ec14a0b 100644
--- a/news.texi
+++ b/news.texi
@@ -3,6 +3,10 @@
 
 @table @strong
 
+@anchor{Release 5.13}
+@item 5.13
+Ability to use masked 34.10 private keys.
+
 @anchor{Release 5.12}
 @item 5.12
 Fixed incorrect digest calculation when using @code{GOST34112012*.update()}
diff --git a/pygost/__init__.py b/pygost/__init__.py
index c0695ad..fba7932 100644
--- a/pygost/__init__.py
+++ b/pygost/__init__.py
@@ -3,4 +3,4 @@
 PyGOST is free software: see the file COPYING for copying conditions.
 """
 
-__version__ = "5.12"
+__version__ = "5.13"
diff --git a/pygost/gost3410.py b/pygost/gost3410.py
index cdb5b03..c12b170 100644
--- a/pygost/gost3410.py
+++ b/pygost/gost3410.py
@@ -242,7 +242,7 @@ for _name, _curve in CURVES.items():
 DEFAULT_CURVE = CURVES["id-tc26-gost-3410-12-256-paramSetB"]
 
 
-def public_key(curve, prv):
+def public_key(curve, prv, mask=None):
     """Generate public key from the private one
 
     :param GOST3410Curve curve: curve to use
@@ -250,10 +250,13 @@ def public_key(curve, prv):
     :returns: public key's parts, X and Y
     :rtype: (long, long)
     """
-    return curve.exp(prv)
+    pub = curve.exp(prv)
+    if mask is not None:
+        pub = curve.exp(mask, pub[0], pub[1])
+    return pub
 
 
-def sign(curve, prv, digest, rand=None):
+def sign(curve, prv, digest, rand=None, mask=None):
     """Calculate signature for provided digest
 
     :param GOST3410Curve curve: curve to use
@@ -278,13 +281,18 @@ def sign(curve, prv, digest, rand=None):
         k = bytes2long(rand) % q
         if k == 0:
             continue
-        r, _ = curve.exp(k)
+        r, y = curve.exp(k)
+        if mask is not None:
+            r, y = curve.exp(mask, x=r, y=y)
         r %= q
         if r == 0:
             continue
         d = prv * r
         k *= e
-        s = (d + k) % q
+        s = d + k
+        if mask is not None:
+            s *= mask
+        s %= q
         if s == 0:
             continue
         break
diff --git a/pygost/gost3410_vko.py b/pygost/gost3410_vko.py
index 92f4a26..3f169dc 100644
--- a/pygost/gost3410_vko.py
+++ b/pygost/gost3410_vko.py
@@ -32,11 +32,13 @@ def ukm_unmarshal(ukm):
     return bytes2long(ukm[::-1])
 
 
-def kek(curve, prv, pub, ukm):
+def kek(curve, prv, pub, ukm, mask=None):
     if not curve.contains(pub):
         raise ValueError("pub is not on the curve")
     key = curve.exp(prv, pub[0], pub[1])
     key = curve.exp(curve.cofactor * ukm, key[0], key[1])
+    if mask is not None:
+        key = curve.exp(mask, key[0], key[1])
     return pub_marshal(key)