From 1c8b7f9a2a51ba2a6d668c2cd4e4672ed6731166 Mon Sep 17 00:00:00 2001
From: Vitaly Chikunov <vt@altlinux.org>
Date: Wed, 3 Jun 2020 05:45:13 +0300
Subject: Add string option 'vko' for EVP_PKEY_CTRL_SET_VKO

Format: vko:<bit length>
Such as:
  vko:256 for VKO_256
  vko:512 for VKO_512
  vko:0   disable strict VKO mode, switch to other derive methods.
---
 gost_pmeth.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'gost_pmeth.c')

diff --git a/gost_pmeth.c b/gost_pmeth.c
index bceb50e..9c1d602 100644
--- a/gost_pmeth.c
+++ b/gost_pmeth.c
@@ -217,6 +217,19 @@ static int pkey_gost_ec_ctrl_str_common(EVP_PKEY_CTX *ctx,
     OPENSSL_free(tmp);
 
     return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_SET_IV, len, ukm_buf);
+  } else if (strcmp(type, vko_ctrl_string) == 0) {
+      int bits = atoi(value);
+      int vko_dgst_nid = 0;
+
+      if (bits == 256)
+	  vko_dgst_nid = NID_id_GostR3411_2012_256;
+      else if (bits == 512)
+	  vko_dgst_nid = NID_id_GostR3411_2012_512;
+      else if (bits != 0) {
+	  GOSTerr(GOST_F_PKEY_GOST_EC_CTRL_STR_COMMON, GOST_R_INVALID_DIGEST_TYPE);
+	  return 0;
+      }
+      return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_SET_VKO, vko_dgst_nid, NULL);
   }
   return -2;
 }
-- 
cgit v1.1