gogost.go | 2 +- gost3410/vko.go | 6 +++--- gost3410/vko2001_test.go | 21 +++++++++++++++++++++ news.texi | 5 +++++ diff --git a/gogost.go b/gogost.go index 99c5e211ca598800a499325ca8dcd4ff91f450e9722cd940318dcc1a3bfc4723..d882a31bb990a14bbda87a479b91eccbc70cff11c74cd64b1c57b9ed5bdbc70f 100644 --- a/gogost.go +++ b/gogost.go @@ -1,4 +1,4 @@ // Pure Go GOST cryptographic functions library. package gogost -const Version = "5.0.2" +const Version = "5.1.0" diff --git a/gost3410/vko.go b/gost3410/vko.go index ea5571658220fe121d46618df189d6f21ce40affb40309adfda76f257e1dc054..e64e7dcb8ece56098ff1e3db86f4f11b91b4fb6fb6b7428cd24642f0e5c24e6b 100644 --- a/gost3410/vko.go +++ b/gost3410/vko.go @@ -24,9 +24,9 @@ keyX, keyY, err := prv.C.Exp(prv.Key, pub.X, pub.Y) if err != nil { return nil, err } - ukm = ukm.Mul(ukm, prv.C.Co) - if ukm.Cmp(bigInt1) != 0 { - keyX, keyY, err = prv.C.Exp(ukm, keyX, keyY) + u := big.NewInt(0).Set(ukm).Mul(ukm, prv.C.Co) + if u.Cmp(bigInt1) != 0 { + keyX, keyY, err = prv.C.Exp(u, keyX, keyY) if err != nil { return nil, err } diff --git a/gost3410/vko2001_test.go b/gost3410/vko2001_test.go index f8f8456c8ac16b2d29251630b343fb8577b925fbc5ef05a4e12d88044887a53a..b44db1788f387bb5f6abff19ab9645ac3a3c86c9bb4fb8d521eedfb0287d0d35 100644 --- a/gost3410/vko2001_test.go +++ b/gost3410/vko2001_test.go @@ -18,6 +18,7 @@ import ( "bytes" "encoding/hex" + "math/big" "testing" "testing/quick" ) @@ -39,6 +40,26 @@ if bytes.Compare(kek1, kek2) != 0 { t.FailNow() } if bytes.Compare(kek1, kek) != 0 { + t.FailNow() + } +} + +func TestVKOUKMAltering(t *testing.T) { + c := CurveIdtc26gost34102012256paramSetA() + ukm := big.NewInt(1) + prv, err := NewPrivateKey(c, bytes.Repeat([]byte{0x12}, 32)) + if err != nil { + panic(err) + } + pub, err := prv.PublicKey() + if err != nil { + panic(err) + } + _, err = prv.KEK(pub, ukm) + if err != nil { + panic(err) + } + if ukm.Cmp(big.NewInt(1)) != 0 { t.FailNow() } } diff --git a/news.texi b/news.texi index 89b65b45993bf0ee72c8a2204c7c41feffece0b34844127e15eec24029c2221a..b8bb7af3d17b726149f845d31caf992f2c9bcedd974dcca13b0cfd7bfdb2cbf6 100644 --- a/news.texi +++ b/news.texi @@ -3,6 +3,11 @@ @unnumbered News @table @strong +@anchor{Release 5.1.0} +@item 5.1.0 + @code{gost3410/KEK*} functions do not alter @code{ukm} argument. + It is safe to reuse now. + @anchor{Release 5.0.0} @item 5.0.0 Backward incompatible remove of excess misleading @code{gost3410.Mode}