From 5ac660854747ff0f06fa598fd6130e0f7c5757db Mon Sep 17 00:00:00 2001
From: Victor Wagner <wagner@atlas-card.ru>
Date: Mon, 2 Mar 2015 17:10:41 +0300
Subject: [PATCH] Fixed setting MAC context options. Added setting 'ukm'
 options for derive of GOST 2001 keys (this option cannot be set via ctrl_str,
 only by numeric control command, so have to be handled special way)

---
 ctypescrypto/mac.py  |  2 +-
 ctypescrypto/pkey.py | 11 +++++++++--
 setup.py             |  2 +-
 3 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/ctypescrypto/mac.py b/ctypescrypto/mac.py
index e5e8f55..48ade09 100644
--- a/ctypescrypto/mac.py
+++ b/ctypescrypto/mac.py
@@ -65,7 +65,7 @@ class MAC(Digest):
 		if self.digest_type is None:
 			self.digest_type=DigestType(Oid(libcrypto.EVP_MD_type(libcrypto.EVP_MD_CTX_md(self.ctx))))
 		for (name,val) in kwargs.items():
-			if EVP_PKEY_CTX_ctrl_str(ctx,name,val)<=0:
+			if libcrypto.EVP_PKEY_CTX_ctrl_str(pctx,name,val)<=0:
 				raise DigestError("Unable to set mac parameter")
 		self.digest_size = self.digest_type.digest_size()
 		self.block_size = self.digest_type.block_size()
diff --git a/ctypescrypto/pkey.py b/ctypescrypto/pkey.py
index 510ffca..c9d252a 100644
--- a/ctypescrypto/pkey.py
+++ b/ctypescrypto/pkey.py
@@ -129,9 +129,14 @@ class PKey(object):
 			raise PKeyError("Initailizing derive context")
 		if libcrypto.EVP_PKEY_derive_init(ctx)<1:
 			raise PKeyError("derive_init")
-		self._configure_context(self,ctx,kwargs)
+
+		
+		self._configure_context(self,ctx,kwargs,["ukm"])
 		if libcrypto.EVP_PKEY_derive_set_peer(ctx,peerkey.key)<=0:
 			raise PKeyError("Cannot set peer key")
+		if ukm in kwargs:
+			 if libcrypto.EVP_PKEY_CTX_ctrl(ctx,-1,1<<10,8,0,kwargs[ukm])<=0:
+			 	raise PKeyError("Cannot set UKM")
 		keylen=c_long(0)
 		if libcrypto.EVP_PKEY_derive(ctx,None,byref(keylen))<=0:
 			raise PKeyError("computing shared key length")
@@ -262,7 +267,9 @@ libcrypto.EVP_PKEY_asn1_get0_info.argtypes=(POINTER(c_int),POINTER(c_int),POINTE
 libcrypto.EVP_PKEY_cmp.restype=c_int
 libcrypto.EVP_PKEY_cmp.argtypes=(c_void_p,c_void_p)
 libcrypto.EVP_PKEY_CTX_ctrl_str.restype=c_int
-libcrypto.EVP_PKEY_CTX_ctrl_str.argtypes=(c_void_p,)
+libcrypto.EVP_PKEY_CTX_ctrl_str.argtypes=(c_void_p,c_void_p,c_void_p)
+libcrypto.EVP_PKEY_CTX_ctrl.restype=c_int
+libcrypto.EVP_PKEY_CTX_ctrl.argtypes=(c_void_p,c_int,c_int,c_int,c_int,c_void_p)
 libcrypto.EVP_PKEY_CTX_free.argtypes=(c_void_p,)
 libcrypto.EVP_PKEY_CTX_new.restype=c_void_p
 libcrypto.EVP_PKEY_CTX_new.argtypes=(c_void_p,c_void_p)
diff --git a/setup.py b/setup.py
index 634f049..8f62662 100644
--- a/setup.py
+++ b/setup.py
@@ -33,7 +33,7 @@ class MyTests(distutils.cmd.Command):
 
 setup(
 	name="ctypescrypto",
-	version="0.2.6",
+	version="0.2.7",
 	description="CTypes-based interface for some OpenSSL libcrypto features",
 	author="Victor Wagner",
 	author_email="vitus@wagner.pp.ru",
-- 
2.39.2