nettle: add support for GOST key derivation

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

1 files changed, 51 insertions, 0 deletions

diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index bfa6ae4372..42d540cb46 100644
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -417,6 +417,57 @@ dh_cleanup:
 			}
 			break;
 		}
+#if ENABLE_GOST
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+	{
+		struct ecc_scalar ecc_priv;
+		struct ecc_point ecc_pub;
+		const struct ecc_curve *curve;
+
+		out->data = NULL;
+
+		curve = get_supported_gost_curve(priv->curve);
+		if (curve == NULL)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+
+		if (nonce == NULL)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		ret = _gost_params_to_pubkey(pub, &ecc_pub, curve);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gost_params_to_privkey(priv, &ecc_priv, curve);
+		if (ret < 0) {
+			ecc_point_clear(&ecc_pub);
+			return gnutls_assert_val(ret);
+		}
+
+		out->size = 2 * gnutls_ecc_curve_get_size(priv->curve);
+		out->data = gnutls_malloc(out->size);
+		if (out->data == NULL) {
+			ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+			goto gost_cleanup;
+		}
+
+		out->size = gostdsa_vko(&ecc_priv, &ecc_pub,
+					nonce->size, nonce->data,
+					out->size, out->data);
+		if (out->size == 0)
+			ret = GNUTLS_E_INVALID_REQUEST;
+
+	      gost_cleanup:
+		ecc_point_clear(&ecc_pub);
+		ecc_scalar_zclear(&ecc_priv);
+		if (ret < 0)
+			goto cleanup;
+		break;
+	}
+#endif
 	default:
 		gnutls_assert();
 		ret = GNUTLS_E_INTERNAL_ERROR;