X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=gost_ec_keyx.c;h=503d80ba173a3a8e592e66733dfdc16c9e85f851;hb=b0129fa19b2d53c99f9c958ea7fdd2c77e14c1a4;hp=409d8e19e07a480c2bb545fe4cdc12b3d62589c0;hpb=06eb03a547f646080830d2cd5572844e19909b97;p=openssl-gost%2Fengine.git

diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c
index 409d8e1..503d80b 100644
--- a/gost_ec_keyx.c
+++ b/gost_ec_keyx.c
@@ -553,7 +553,7 @@ static int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
     int ret = 0;
     unsigned char expkeys[64];
     EVP_PKEY *eph_key = NULL;
-    int pkey_nid = EVP_PKEY_base_id(eph_key);
+    int pkey_nid = EVP_PKEY_base_id(priv);
     int mac_nid = NID_undef;
     int iv_len = 0;
 
@@ -584,7 +584,17 @@ static int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
     }
 
     eph_key = X509_PUBKEY_get(pst->ephem_key);
+/*
+ * TODO beldmit
+   1.  Checks the next three conditions fulfilling and terminates the
+   connection with fatal error if not.
+
+   o  Q_eph is on the same curve as server public key;
+
+   o  Q_eph is not equal to zero point;
 
+   o  q * Q_eph is not equal to zero point.
+*/
     if (gost_keg(data->shared_ukm, pkey_nid,
                  EC_KEY_get0_public_key(EVP_PKEY_get0(eph_key)),
                  EVP_PKEY_get0(priv), expkeys) <= 0) {