PUBKEY-PGP.asc | 33 --------------------------------- PUBKEY-SSH.pub | 2 +- PUBKEY-SSH.pub.asc | 13 +++++-------- README | 14 +++++++------- THANKS => doc/THANKS | 2 +- cmd/cer-selfsigned-example/main.go | 4 ++-- cmd/streebog256/main.go | 4 ++-- cmd/streebog512/main.go | 4 ++-- doc/.swgignore | 2 ++ doc/Download | 158 +++++++++++++++++++++++++++++++++++++++++++++++++++++ doc/FAQ | 23 +++++++++++++++++++++++ doc/INSTALL | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++++ doc/Integrity | 11 +++++++++++ doc/NEWS | 237 +++++++++++++++++++++++++++++++++++++++++++++++++++++ doc/index | 76 +++++++++++++++++++++++++++++++++++++++++++++++++++++ doc/mk-html | 18 ++++++++++++++++++ download.texi | 238 ----------------------------------------------------- faq.texi | 29 ----------------------------- go.mod | 2 +- gogost.go | 2 +- gost3410/vko2001.go | 4 ++-- gost3410/vko2012.go | 4 ++-- gost34112012256/hash.go | 2 +- gost34112012512/hash.go | 2 +- gost341194/hash.go | 2 +- gost341194/hash_test.go | 2 +- gost341194/pbkdf2_test.go | 2 +- gost341264/cipher.go | 2 +- install.texi | 94 ----------------------------------------------------- integrity.texi | 34 ---------------------------------- makedist | 125 ++++++++++++++++++++++------------------------------- mgm/mode_test.go | 4 ++-- mgm/mul128_test.go | 2 +- mgm/mul64_test.go | 2 +- news.texi | 274 ----------------------------------------------------- prfplus/gost.go | 4 ++-- www.texi | 100 ----------------------------------------------------- diff --git a/PUBKEY-PGP.asc b/PUBKEY-PGP.asc deleted file mode 100644 index ecb1db9544e86b73152b8a9f73e69b8f17351d68bf5b3ce2bccea3dd278bf2ee..0000000000000000000000000000000000000000 --- a/PUBKEY-PGP.asc +++ /dev/null @@ -1,33 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQENBFfXoXsBCADKKxVI2GjDU5f3L2Y2m9oz089viCwVkD0plf3Bo8yaAnyxp/an -EjTYQnfE2QQxbixKz2A+z/mfrFrJld3zM/rmu0WJxmEBb7J59j8uKa8DblxJuYJh -rWWhwzm8FSC2bITzF0dFSSXSF9xcM8CoRJOBeOzpVNPopKxXW94MgHw/xlXvjASn -cbLDKM2eFYXnWMRZsnrfVs87r8OoHxzDCWZ16/CjB5qspn5Yf7c/sXE2C5EIMJce -biiXcLTPxKG5B5Tncmsh9HA0CquGciftm34bJxTJSPkw/0B3ROyY7yadlud7XjLI -Ak2AP3y0AHgI4q4Q9YzPeotryG91hj6lii8jABEBAAG0J0dvR09TVCByZWxlYXNl -cyA8Z29nb3N0QGN5cGhlcnB1bmtzLnJ1PokBQAQTAQgAKgUCV9ehewIbAwwLCgkN -CAwHCwMEAQIHFQoJCAsDAgUWAgEDAAIeAQIXgAAKCRCCNDQ2aW/IWibQCADF59c2 -aKHVEqqm6tnyu0CFKuVWAikoss3DB8A3Vp1kLxOOoXcnSDMM1v+C6oGU7TDcobZ9 -zH2XZpnfj9MEZ5jypb2z+QlkPN7cJBOGvSJ8XpTt8E8/heyD40KS61VBNXgN3BZL -owKBcppwthSVRntjexHzn7ha4HE8j8ysypMBtsw7x+3iKZD4roHrYdp4ddOoZT1s -xLsNmmbUzln2ieCD/mMb8taVpFJhuAWH2o6HJTh31b/+T0AN3QL999AQcR93jF2U -o6/MJ0m3TzXHvUTnIOXCU7xlG464+6+rRACBbRlO3wa0WSdSeQSFIy1ienYxj63W -iXmU5IA05VS613JaiF4EEBEIAAYFAlfXoZcACgkQrhqBCeSYV+/Y1AD9Eg0+OMLb -8ygnl+v8XUQqsf7fCcELW3oadFMu0RhcDNQA/20GNbS0omsycQkqmxYMQLkWa5wx -4kzapQYmseDye0zyiHUEEBYKAB0WIQQSrTJonGYNQmln/XXLggVjIQetigUCYuo6 -rwAKCRDLggVjIQetirjSAP9kFrGmkKvNdFAcLQiKTq5LBG0vNxB7Heb6+Z3ijRA8 -uwEA1xYxoygWs+3wmMsaFSG8/Vln9FLKVYsqrf01/tYLOAu0J0dvR09TVCByZWxl -YXNlcyA8Z29nb3N0QGN5cGhlcnB1bmtzLnN1PokBTAQTAQoANhYhBM69EoIsRpwC -qBoEZ4I0NDZpb8haBQJmmTeHAhsDBAsJCgcCIgICFQoEFgIBAAIeBwIXgAAKCRCC -NDQ2aW/IWrYVB/933G4nD8oRom1oLxihxFsG6qkCVbYQv62XCCEIM7qMyd+dAIWK -sWFYgONeZssZt+XQhgwskXGDB/SaHvv3T0tFCcMbLqQsYVelkPkbdziX5+icdJQA -HIiAdkPVQJXXl9tp8vFhU6YDG26RgmFHSkRFFYdJr6u6oZg7QITsGsTdkXWDJWM+ -Ug/Gax1I6wLXVbHP7QMe8aXggPROSTuEniWTEOu1jaVBngeASUOOC2wHvShOKlmy -sLNOmqN6IQdZPCfoe31zkERngvCiWRt58SZ5tXT4+rulNRY/ZQdJzwO1ecmAXgJ2 -CV9b0UrZ614jUPsdgc1a6Cp6yibyvnIPGeTgiHUEEBYKAB0WIQQSrTJonGYNQmln -/XXLggVjIQetigUCZpk3lgAKCRDLggVjIQetipEEAQCTG7c47Pi2UJ5NXj8UKzed -EZwt5MnplqT1XFM28XvBngEAz4crG3JKYFQXE7ZJ+T36Tku9HqXK7MyNyF70+s13 -4wc= -=Suf2 ------END PGP PUBLIC KEY BLOCK----- diff --git a/PUBKEY-SSH.pub b/PUBKEY-SSH.pub index 8f1b4ed68bc759f84f84417bbefb149e620c2713d5fa81850e484fb64e115f2f..702eccb4b4e1d7b32dfa1678af6a22476efe25ba22045497997cd792dd1eba1f 100644 --- a/PUBKEY-SSH.pub +++ b/PUBKEY-SSH.pub @@ -1 +1 @@ -gogost@cypherpunks.su ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFvG43AG+jjkitddNu0Di9pyIN7bWIRymqO8AK3tiMY7 +gogost@stargrave.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFvG43AG+jjkitddNu0Di9pyIN7bWIRymqO8AK3tiMY7 diff --git a/PUBKEY-SSH.pub.asc b/PUBKEY-SSH.pub.asc index 45f02fcd385bc3959b85f87ffb7e0cd0a9448c140c8b0de1a95a84a157b2008d..ba1e87fe15b0a9e39b5469c01f637ab1ef84b0b58c0e28797709a839a49e24f3 100644 --- a/PUBKEY-SSH.pub.asc +++ b/PUBKEY-SSH.pub.asc @@ -1,11 +1,8 @@ -----BEGIN PGP SIGNATURE----- -iQFKBAABCgA0FiEEzr0SgixGnAKoGgRngjQ0NmlvyFoFAmaZOYsWHGdvZ29zdEBj -eXBoZXJwdW5rcy5ydQAKCRCCNDQ2aW/IWuFoB/wLsDQeYn1rfTX22kenVEyhLOtc -rHAMjIb5s1292J58MDDUKKQITc2v4vGxkz3h7V8ZV81QBJQdgYDgKgQOU8opLXsF -qhGWD1t+Nz3Ve4+SvHgUcEYxE+gp2yD1JzlGdmAsjRFVDdXc3ZKaP++EM0t4q/g4 -aLPq29zIoFfyVy0JQjxt30HQGjmZ5TgzkwoVtlknV24xG1gqkf1Td1aN+MzLrKjB -gFe9xjVhWunzcQsXoFLd2cwcyQtkVGsWguTIKpMgnaPzSicjFUk8jVE1MG1QYFFC -0pmDfC1KNtmC0bDFs1HoftQcH17YrgybZS89ehR3u5SK53PlLLkw+QG0mlNB -=ypei +iJEEABYKADkWIQTbL/jtRAp+lJhvt3bSI36ECQhstwUCab+5GRsUgAAAAAAEAA5t +YW51MiwyLjUrMS4xMiwyLDMACgkQ0iN+hAkIbLfPzAEA35gn35oHBTkQ5xd6O0JS +ip0XQXPOVhZvrfNB0EJlMEUA/1phMDnxPKo7oS1DCwzyqbe6AEalKWtuZhlwslWg +0rEA +=CkQt -----END PGP SIGNATURE----- diff --git a/README b/README index e9a660b9a0fb79cec254d06a4fc83d31dd3c0c1abc5d68a78e17b1595ccc8ab2..19df12685d498ed80c70ff9144cac9f90a898577044ab9dcda759293dd31de82 100644 --- a/README +++ b/README @@ -26,7 +26,7 @@ * PRF_IPSEC_PRFPLUS_GOSTR3411_2012_{256,512} and generic prf+ functions (Р 50.1.111-2016 with IKEv2 RFC 7296) Probably you could be interested in -Go's support of GOST TLS 1.3 (http://www.gostls13.cypherpunks.su/). +Go's support of GOST TLS 1.3 (http://www.gostls13.stargrave.org/). Known problems: @@ -38,8 +38,8 @@ import ( "crypto/rand" "io" - "go.cypherpunks.su/gogost/v6/gost3410" - "go.cypherpunks.su/gogost/v6/gost34112012256" + "go.stargrave.org/gogost/v7/gost3410" + "go.stargrave.org/gogost/v7/gost34112012256" ) func main() { data := []byte("data to be signed") @@ -60,12 +60,12 @@ } GoGOST is free software: see the file COPYING for copying conditions. -GoGOST'es home page is: http://www.gogost.cypherpunks.su/ -You can read about GOST algorithms more: http://www.gost.cypherpunks.su/ +GoGOST'es home page is: http://www.gogost.stargrave.org/ +You can read about GOST algorithms more: http://www.gost.stargrave.org/ Please send questions, bug reports and patches to -http://lists.cypherpunks.su/gost.html mailing list. +http://lists.stargrave.org/gost.html mailing list. Announcements also go to this mailing list. Development Git source code repository currently is located here: -http://www.git.cypherpunks.su/?p=gogost.git;a=summary +http://www.git.stargrave.org/?p=gogost.git;a=summary diff --git a/THANKS b/doc/THANKS rename from THANKS rename to doc/THANKS index 782a077ee5d59265baa74b4a709276322e28dd311d3a192b0bfd1ef5ec1b4f5c..da0ed98da09556e7318d2cb61485bc1238702f8f35fd9468006f95dd22ba8f36 100644 --- a/THANKS +++ b/doc/THANKS @@ -1,5 +1,5 @@ There are people deserving to be thanked for helping this project: -* Dmitry Eremin-Solenikov for his +* Dmitry Eremin-Solenikov for his suggestions of TK26 standards usage as a base point for serialized structures representation diff --git a/cmd/cer-selfsigned-example/main.go b/cmd/cer-selfsigned-example/main.go index c82e1c1893eb44bbe5d85cafae79c4bd7a3863bdad25849b6e3208b7fea37e67..86b74f23a2981fff9c3db4fe72db5f54447ecdb1a33b2723f5c4f38795e3cc60 100644 --- a/cmd/cer-selfsigned-example/main.go +++ b/cmd/cer-selfsigned-example/main.go @@ -17,8 +17,8 @@ // Example X.509 certificate issuing utility. package main import ( - "crypto/go.cypherpunks.su/gogost/v6/gost3410" - "crypto/go.cypherpunks.su/gogost/v6/gost34112012256" + "crypto/go.stargrave.org/gogost/v7/gost3410" + "crypto/go.stargrave.org/gogost/v7/gost34112012256" "crypto/rand" "crypto/x509" "crypto/x509/pkix" diff --git a/cmd/streebog256/main.go b/cmd/streebog256/main.go index 0bb740eb59d44d325109e10158521f622ec68fe9c5d7989e8b3b863fd3820242..2fcb270928bf0e82c8ec3bdb1351143ddcd51a125c3d2a1f782062dcae92ad2b 100644 --- a/cmd/streebog256/main.go +++ b/cmd/streebog256/main.go @@ -23,8 +23,8 @@ "fmt" "io" "os" - "go.cypherpunks.su/gogost/v6" - "go.cypherpunks.su/gogost/v6/gost34112012256" + "go.stargrave.org/gogost/v7" + "go.stargrave.org/gogost/v7/gost34112012256" ) var version = flag.Bool("version", false, "Print version information") diff --git a/cmd/streebog512/main.go b/cmd/streebog512/main.go index 891c29f63fd78e22b5e9b025d5c9a517fc78b89708ca2216aa008f3b36d85196..25d58812a3a99cbeaa3dfae1276bcd39cd61242fea729f78c3503eb76452861f 100644 --- a/cmd/streebog512/main.go +++ b/cmd/streebog512/main.go @@ -23,8 +23,8 @@ "fmt" "io" "os" - "go.cypherpunks.su/gogost/v6" - "go.cypherpunks.su/gogost/v6/gost34112012512" + "go.stargrave.org/gogost/v7" + "go.stargrave.org/gogost/v7/gost34112012512" ) var version = flag.Bool("version", false, "Print version information") diff --git a/doc/.swgignore b/doc/.swgignore new file mode 100644 index 0000000000000000000000000000000000000000..48fec80ff512e112fc854405a8c73dcdc84986cdc4c5f293c6476d0b3cf46257 --- /dev/null +++ b/doc/.swgignore @@ -0,0 +1,2 @@ +^mk-html$ +^gogost.html/ diff --git a/doc/Download b/doc/Download new file mode 100644 index 0000000000000000000000000000000000000000..af6aecd9cfc9c808d32474926e385b77c567dbf778be677051c87572abd4b892 --- /dev/null +++ b/doc/Download @@ -0,0 +1,158 @@ +Look in .meta4 files for various other download links! +=> https://datatracker.ietf.org/doc/html/rfc5854 Metalink4 + +Release [NEWS]#6.1.0 | 2025-02-12 | 82 KiB + => gogost-6.1.0.tar.zst tar + => gogost-6.1.0.tar.zst.meta4 meta4 + +Release [NEWS]#6.0.2 | 2025-01-17 | 85 KiB + => gogost-6.0.2.tar.zst tar + => gogost-6.0.2.tar.zst.meta4 meta4 + +Release [NEWS]#6.0.1 | 2024-08-06 | 85 KiB + => gogost-6.0.1.tar.zst tar + => gogost-6.0.1.tar.zst.meta4 meta4 + +Release [NEWS]#6.0.0 | 2024-07-23 | 85 KiB + => gogost-6.0.0.tar.zst tar + => gogost-6.0.0.tar.zst.meta4 meta4 + +Release [NEWS]#5.15.0 | 2024-07-16 | 85 KiB + => gogost-5.15.0.tar.zst tar + => gogost-5.15.0.tar.zst.meta4 meta4 + +Release [NEWS]#5.14.1 | 2024-04-22 | 67 KiB + => gogost-5.14.1.tar.zst tar + => gogost-5.14.1.tar.zst.meta4 meta4 + +Release [NEWS]#5.14.0 | 2023-12-08 | 66 KiB + => gogost-5.14.0.tar.zst tar + => gogost-5.14.0.tar.zst.meta4 meta4 + +Release [NEWS]#5.13.0 | 2023-08-07 | 65 KiB + => gogost-5.13.0.tar.zst tar + => gogost-5.13.0.tar.zst.meta4 meta4 + +Release [NEWS]#5.12.0 | 2023-08-03 | 65 KiB + => gogost-5.12.0.tar.zst tar + => gogost-5.12.0.tar.zst.meta4 meta4 + +Release [NEWS]#5.11.0 | 2023-06-14 | 70 KiB + => gogost-5.11.0.tar.zst tar + => gogost-5.11.0.tar.zst.meta4 meta4 + +Release [NEWS]#5.10.0 | 2023-04-05 | 70 KiB + => gogost-5.10.0.tar.zst tar + => gogost-5.10.0.tar.zst.meta4 meta4 + +Release [NEWS]#5.9.1 | 2022-11-02 | 67 KiB + => gogost-5.9.1.tar.zst tar + => gogost-5.9.1.tar.zst.meta4 meta4 + +Release [NEWS]#5.9.0 | 2021-11-16 | 67 KiB + => gogost-5.9.0.tar.zst tar + => gogost-5.9.0.tar.zst.meta4 meta4 + +Release [NEWS]#5.8.0 | 2021-10-08 | 67 KiB + => gogost-5.8.0.tar.zst tar + => gogost-5.8.0.tar.zst.meta4 meta4 + +Release 5.7.1 | 2021-10-04 | 66 KiB + => gogost-5.7.1.tar.zst tar + => gogost-5.7.1.tar.zst.meta4 meta4 + +Release [NEWS]#5.7.0 | 2021-08-17 | 61 KiB + => gogost-5.7.0.tar.xz tar + => gogost-5.7.0.tar.xz.meta4 meta4 + +Release [NEWS]#5.6.0 | 2021-04-02 | 61 KiB + => gogost-5.6.0.tar.xz tar + => gogost-5.6.0.tar.xz.meta4 meta4 + +Release [NEWS]#5.5.0 | 2021-01-25 | 61 KiB + => gogost-5.5.0.tar.xz tar + => gogost-5.5.0.tar.xz.meta4 meta4 + +Release [NEWS]#5.4.0 | 2021-01-24 | 60 KiB + => gogost-5.4.0.tar.xz tar + => gogost-5.4.0.tar.xz.meta4 meta4 + +Release [NEWS]#5.3.0 | 2021-01-21 | 61 KiB + => gogost-5.3.0.tar.xz tar + => gogost-5.3.0.tar.xz.meta4 meta4 + +Release [NEWS]#5.2.0 | 2021-01-21 | 60 KiB + => gogost-5.2.0.tar.xz tar + => gogost-5.2.0.tar.xz.meta4 meta4 + +Release [NEWS]#5.1.1 | 2021-01-16 | 60 KiB + => gogost-5.1.1.tar.xz tar + => gogost-5.1.1.tar.xz.meta4 meta4 + +Release [NEWS]#5.1.0 | 2020-10-07 | 63 KiB + => gogost-5.1.0.tar.xz tar + => gogost-5.1.0.tar.xz.meta4 meta4 + +Release 5.0.2 | 2020-09-05 | 62 KiB + => gogost-5.0.2.tar.xz tar + => gogost-5.0.2.tar.xz.meta4 meta4 + +Release 5.0.1 | 2020-09-05 | 62 KiB + => gogost-5.0.1.tar.xz tar + => gogost-5.0.1.tar.xz.meta4 meta4 + +Release [NEWS]#5.0.0 | 2020-09-04 | 62 KiB + => gogost-5.0.0.tar.xz tar + => gogost-5.0.0.tar.xz.meta4 meta4 + +Release 4.3.1 | 2020-09-01 | 63 KiB + => gogost-4.3.1.tar.xz tar + => gogost-4.3.1.tar.xz.meta4 meta4 + +Release [NEWS]#4.3.0 | 2020-08-02 | 58 KiB + => gogost-4.3.0.tar.xz tar + => gogost-4.3.0.tar.xz.meta4 meta4 + +Release [NEWS]#4.2.4 | 2020-06-24 | 58 KiB + => gogost-4.2.4.tar.xz tar + => gogost-4.2.4.tar.xz.meta4 meta4 + +Release [NEWS]#4.2.3 | 2020-01-22 | 58 KiB + => gogost-4.2.3.tar.xz tar + => gogost-4.2.3.tar.xz.meta4 meta4 + +Release [NEWS]#4.2.2 | 2020-01-07 | 58 KiB + => gogost-4.2.2.tar.xz tar + => gogost-4.2.2.tar.xz.meta4 meta4 + +Release [NEWS]#4.2.1 | 2019-12-18 | 57 KiB + => gogost-4.2.1.tar.xz tar + => gogost-4.2.1.tar.xz.meta4 meta4 + +Release [NEWS]#4.2.0 | 2019-10-18 | 57 KiB + => gogost-4.2.0.tar.xz tar + => gogost-4.2.0.tar.xz.meta4 meta4 + +Release [NEWS]#4.1.0 | 2019-10-03 | 55 KiB + => gogost-4.1.0.tar.xz tar + => gogost-4.1.0.tar.xz.meta4 meta4 + +Release [NEWS]#4.0 | 2019-08-12 | 56 KiB + => gogost-4.0.tar.xz tar + => gogost-4.0.tar.xz.meta4 meta4 + +Release [NEWS]#3.0 | 2019-07-19 | 47 KiB + => gogost-3.0.tar.xz tar + => gogost-3.0.tar.xz.meta4 meta4 + +Release [NEWS]#2.0 | 2016-11-26 | 39 KiB + => gogost-2.0.tar.xz tar + => gogost-2.0.tar.xz.meta4 meta4 + +Release 1.2 | 2016-11-13 | 34 KiB + => gogost-1.2.tar.xz tar + => gogost-1.2.tar.xz.meta4 meta4 + +Release [NEWS]#1.1 | 2016-10-04 | 33 KiB + => gogost-1.1.tar.xz tar + => gogost-1.1.tar.xz.meta4 meta4 diff --git a/doc/FAQ b/doc/FAQ new file mode 100644 index 0000000000000000000000000000000000000000..b1ce4c43ac63895de27638440758024479bba2ba516f600ea1f1125f9e40bda3 --- /dev/null +++ b/doc/FAQ @@ -0,0 +1,23 @@ + My signature is not validated by other implementations. What is wrong? + ====================================================================== + +Try to reverse it (like sign[::-1] in Python). +Try to swap its halves (sign[len(sign)//2:] + sign[:len(sign)//2]). +Try to reverse its swapped halves too. + + It is GOST: do you expect serialization unification? + + My signature is *still* not validated by other implementations! + =============================================================== + +Try to reverse digest you are signing/verifying (dgst[::-1]). + + It is GOST: do you expect serialization unification? + + Everything above did not help me. Does GoGOST sucks? + ==================================================== + +No way! You still have not tried to reverse your binary private key, +public key and swap its halves. + + It is GOST: do you expect serialization unification? diff --git a/doc/INSTALL b/doc/INSTALL new file mode 100644 index 0000000000000000000000000000000000000000..7e784c47a7876501dbe8442a2003e6328ccc6494935464ab7044aa157d49da64 --- /dev/null +++ b/doc/INSTALL @@ -0,0 +1,69 @@ +Preferable way is to [Download] tarball with the signature from +website and, for example, run tests with benchmarks: + + $ v=7.0 + $ fetch http://www.gogost.stargrave.org/gogost-$v.tar.zst + $ fetch http://www.gogost.stargrave.org/gogost-$v.tar.zst.sig + [Integrity] verify + $ tar xf gogost-$v.tar.zst + $ cd gogost-$v + $ go build -o streebog256 ./cmd/streebog256 + $ echo hello world | ./streebog256 + f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d + +And then you can include its source code in your project for example +like this: + + $ mkdir -p myproj/vendor/go.stargrave.org/gogost + $ mv gogost-$v myproj/vendor/go.stargrave.org/gogost/v7 + $ cd myproj + $ cat >main.go < //www.ca.stargrave.org ca.stargrave.org +X.509 certificate authority. + +Go's default proxy.golang.org and sum.golang.org +services won't be able to verify go.stargrave.org's TLS +authenticity, because there are no common trust anchors. +You can skip their usage by setting $GOPRIVATE=go.stargrave.org. + +You can (temporarily) override CA bundle during installation with +$SSL_CERT_FILE environment variable. + +You can unpack tarball somewhere and use "replace" command in go.mod: + + require go.stargrave.org/gogost/v7 v$v + replace go.stargrave.org/gogost/v7 => /path/to/gogost-$v + +You can use Go's workspace feature: + + $ go work use /path/to/gogost-$v + +You can obtain development source code with + git clone git://git.stargrave.org/gogost.git +You can also use + anongit@master.git.stargrave.org:stargrave.org/gogost.git + anongit@slave.git.stargrave.org:stargrave.org/gogost.git + git://y.git.stargrave.org/gogost.git diff --git a/doc/Integrity b/doc/Integrity new file mode 100644 index 0000000000000000000000000000000000000000..93047b69881ced3544d09fa31d4d7a68657fa6f4997e1d17dc527d791a5e352d --- /dev/null +++ b/doc/Integrity @@ -0,0 +1,11 @@ +You *have to* verify downloaded tarballs authenticity to be sure +that you retrieved trusted and untampered software. + + $ ssh-keygen -Y verify -f PUBKEY-SSH.pub -I gogost@stargrave.org -n file \ + -s gogost-$v.tar.zst.sig https://www.openssh.com/ OpenSSH .sig signature +=> PUBKEY-SSH.pub its public key +=> PUBKEY-SSH.pub.asc its LibrePGP signature +Its fingerprint: SHA256:u8X9rPDOhxpyzGs/IugbxXbDeOu/0AttKY+LGAvHBH0 diff --git a/doc/NEWS b/doc/NEWS new file mode 100644 index 0000000000000000000000000000000000000000..af6bf06e542efb2bd838ad1a259b435470daa021e41cf46cfd446eb8d3950135 --- /dev/null +++ b/doc/NEWS @@ -0,0 +1,237 @@ +A 7.0.0 +7.0.0 + Changed namespace because of domain expiration: + go.cypherpunks.su -> go.stargrave.org + +A 6.1.0 +6.1.0 + * Fixed workability with Go 1.24's subtle.XORBytes + * Go 1.24 is required now because of crypto/hkdf and crypto/pbkdf2 + +A 6.0.2 +6.0.2 + Minor trivial changes. + +A 6.0.1 +6.0.1 + Minor trivial changes. + +A 6.0.0 +6.0.0 + Changed namespace because of domain expiration: + go.cypherpunks.ru/gogost/v5 -> go.cypherpunks.su/gogost/v6 + +A 5.15.0 +5.15.0 + Optimised Streebog implementation with precalculated tables. + +A 5.14.1 +5.14.1 + * Forgotten Version raise + * Streebog-512 PBKDF2 test vectors + +A 5.14.0 +5.14.0 + 28147-89 and CryptoPro key wrapping support + => https://datatracker.ietf.org/doc/html/rfc4357.html RFC 4357 + +A 5.13.0 +5.13.0 + gost3410.NewPublicKeyLE, gost3410.PublicKey.RawLE, + gost3410.NewPublicKeyBE, gost3410.PublicKey.RawBE, + gost3410.NewPrivateKeyLE, gost3410.PrivateKey.RawLE, + gost3410.NewPrivateKeyBE, gost3410.PrivateKey.RawBE, + functions appeared, to simplify dealing with different + endianness keys serialisation. + gost3410.PublicKeyReverseDigest and + gost3410.PublicKeyReverseDigestAndSignature wrappers appeared. + +A 5.12.0 +5.12.0 + Updated dependencies. + +A 5.11.0 +5.11.0 + You can check if public key is on curve with + gost3410.Curve.Contains method now. + +A 5.10.0 +5.10.0 + * mgm.MGM.Open returns mgm.InvalidTag for failed authentication + * Example cmd/cer-dane-hash and cmd/cer-selfsigned-example + utilities appeared + +A 5.9.1 +5.9.1 + Updated and cleaned up go.sum. + +A 5.9.0 +5.9.0 + gost3410 is more thread-safe. + +A 5.8.0 +5.8.0 + Faster Kuznechik and ~3x faster Kuznechik-MGM. + +A 5.7.0 +5.7.0 + Go 1.17 requires gost3410.PublicKey to have Equal method. + +A 5.6.0 +5.6.0 + Add gost3410.CurveIdtc26gost341012512paramSetTest curve. More curve aliases: + CurveIdGostR34102001CryptoProAParamSet -> CurveIdtc26gost341012256paramSetB + CurveIdGostR34102001CryptoProBParamSet -> CurveIdtc26gost341012256paramSetC + CurveIdGostR34102001CryptoProCParamSet -> CurveIdtc26gost341012256paramSetD + CurveIdGostR34102001CryptoProXchAParamSet -> CurveIdGostR34102001CryptoProAParamSet + CurveIdGostR34102001CryptoProXchBParamSet -> CurveIdGostR34102001CryptoProCParamSet + CurveIdtc26gost34102012256paramSetA -> CurveIdtc26gost341012256paramSetA + CurveIdtc26gost34102012256paramSetB -> CurveIdtc26gost341012256paramSetB + CurveIdtc26gost34102012256paramSetC -> CurveIdtc26gost341012256paramSetC + CurveIdtc26gost34102012256paramSetD -> CurveIdtc26gost341012256paramSetD + CurveIdtc26gost34102012512paramSetTest -> CurveIdtc26gost341012512paramSetTest + CurveIdtc26gost34102012512paramSetA -> CurveIdtc26gost341012512paramSetA + CurveIdtc26gost34102012512paramSetB -> CurveIdtc26gost341012512paramSetB + CurveIdtc26gost34102012512paramSetC -> CurveIdtc26gost341012512paramSetC + +A 5.5.0 +5.5.0 + gost3410.PrivateKey is in gost3410.Curve.Q now. + That makes them more friendly with some implementations. + +A 5.4.0 +5.4.0 + Even slightly less allocations in Streebog. + +A 5.3.0 +5.3.0 + ~16x speedup of Streebog, ~15x speedup of Kuznechik. + +A 5.2.0 +5.2.0 + MGM does not panic when short (tagless) message is verified. + +A 5.1.1 +5.1.1 + Tarball uses vendoring, instead of GOPATH overriding. + As minimal Go version is 1.12 for a long time, it supports modules. + +A 5.1.0 +5.1.0 + gost3410/KEK* functions do not alter ukm argument. + It is safe to reuse now. + +A 5.0.0 +5.0.0 + Backward incompatible remove of excess misleading gost3410.Mode + from all related functions. Point/key sizes are determined by + looking at curve's parameters size. + +A 4.3.0 +4.3.0 + *Fixed* nasty bug with Edwards curves using in 34.10-VKO + functions: curve's cofactor has not been used. + +A 4.2.4 +4.2.4 + gost3410.PrivateKeyReverseDigest reversed digests and + PrivateKeyReverseDigestAndSignature with also reversed + signatures signers appeared for convenience. + +A 4.2.3 +4.2.3 + Panic on all possible hash Write errors. + +A 4.2.2 +4.2.2 + More 34.10-2012 test vectors. + +A 4.2.1 +4.2.1 + Dummy release. More nicer tarballs. + +A 4.2.0 +4.2.0 + * PRF_IPSEC_PRFPLUS_GOSTR3411_2012_{256,512} implementation + * Generic prf+ function (taken from IKEv2 (RFC 7296)) + +A 4.1.0 +4.1.0 + * ESPTREE/IKETREE implementation + * CurveIdtc26gost34102012256paramSetB, + CurveIdtc26gost34102012256paramSetC, + CurveIdtc26gost34102012256paramSetD curve aliases + * Forbid any later GNU GPL version autousage + (project's licence now is GNU GPLv3 only) + * Project now is "go get"-able and uses go.cypherpunks.ru namespace: + go get go.cypherpunks.ru/gogost + go get go.cypherpunks.ru/gogost/cmd/streebog{256,512} + +A 4.0 +4.0 + * Backward incompatible change: all keys passing to encryption + functions are slices now, not the fixed arrays. That heavily + simplifies the library usage + * Fix bug with overwriting IVs memory in gost28147.CFB*crypter + * TLSTREE, used in TLS 1.[23], implementation + * gost3410.KEK2012* can be used with any curves, not only 512-bit ones + * gost3410.PrivateKey satisfies crypto.Signer interface + * gost34112012* hashes satisfy encoding.Binary(Un)Marshaler + * Streebog256 HKDF test vectors + +A 3.0 +3.0 + * Multilinear Galois Mode (MGM) block cipher mode for + 64 and 128 bit ciphers + * KDF_GOSTR3411_2012_256 KDF + * 34.12-2015 64-bit block cipher Магма (Magma) + * Additional EAC 28147-89 Sbox + * 34.10-2012 TC26 twisted Edwards curve related parameters + * Coordinates conversion from twisted Edwards to Weierstrass + form and vice versa + * Fixed gost3410.PrivateKey's length validation + * Backward incompatible change: gost3410.NewCurve takes big.Int, + instead of encoded integers + * Backward incompatible Sbox and curves parameters renaming, to + comply with OIDs identifying them: + Gost2814789_TestParamSet -> SboxIdGost2814789TestParamSet + Gost28147_CryptoProParamSetA -> SboxIdGost2814789CryptoProAParamSet + Gost28147_CryptoProParamSetB -> SboxIdGost2814789CryptoProBParamSet + Gost28147_CryptoProParamSetC -> SboxIdGost2814789CryptoProCParamSet + Gost28147_CryptoProParamSetD -> SboxIdGost2814789CryptoProDParamSet + GostR3411_94_TestParamSet -> SboxIdGostR341194TestParamSet + Gost28147_tc26_ParamZ -> SboxIdtc26gost28147paramZ + GostR3411_94_CryptoProParamSet -> SboxIdGostR341194CryptoProParamSet + EACParamSet -> SboxEACParamSet + + CurveParamsGostR34102001cc -> CurveGostR34102001ParamSetcc + CurveParamsGostR34102001Test -> CurveIdGostR34102001TestParamSet + CurveParamsGostR34102001CryptoProA -> CurveIdGostR34102001CryptoProAParamSet + CurveParamsGostR34102001CryptoProB -> CurveIdGostR34102001CryptoProBParamSet + CurveParamsGostR34102001CryptoProC -> CurveIdGostR34102001CryptoProCParamSet + CurveParamsGostR34102001CryptoProXchA -> CurveIdGostR34102001CryptoProXchAParamSet + CurveParamsGostR34102001CryptoProXchB -> CurveIdGostR34102001CryptoProXchBParamSet + CurveParamsGostR34102012TC26ParamSetA -> CurveIdtc26gost341012512paramSetA + CurveParamsGostR34102012TC26ParamSetB -> CurveIdtc26gost341012512paramSetB + * Various additional test vectors + * go modules friendliness + +A 2.0 +2.0 + * 34.11-2012 is split on two different modules: + gost34112012256 and gost34112012512 + * 34.11-94's digest is reversed. Now it is compatible with TC26's + HMAC and PBKDF2 test vectors + * gogost-streebog is split to streebog256 and streebog512 + correspondingly by analogy with sha* utilities + * added VKO 34.10-2012 support with corresponding test vectors + * gost3410.DigestSizeX is renamed to gost3410.ModeX because it is + not related to digest size, but parameters and key sizes + * KEK functions take big.Int UKM value. Use NewUKM to unmarshal raw + binary UKM + +A 1.1 +1.1 + * gogost-streebog is able to use either 256 or 512 bits digest size + * 34.13-2015 padding methods + * 28147-89 CBC mode of operation diff --git a/doc/index b/doc/index new file mode 100644 index 0000000000000000000000000000000000000000..f4cf4f3b42379bc3d7f5886c60cbd84efb22f93366ee7b4e4d6747abf7fcf52e --- /dev/null +++ b/doc/index @@ -0,0 +1,76 @@ +GoGOST is pure Go GOST cryptographic functions library. +GOST is GOvernment STandard of Russian Federation (and Soviet Union). +=> https://www.gnu.org/philosophy/pragmatic.html It is copylefted +=> https://www.gnu.org/philosophy/free-sw.html free software +licenced under +=> https://www.gnu.org/licenses/gpl-3.0.html GPLv3 +You can read more +=> http://www.gost.stargrave.org/ about GOST algorithms. + +Currently supported algorithms are: + +* GOST 28147-89 block cipher with ECB, CNT (CTR), CFB, MAC, CBC modes + => https://datatracker.ietf.org/doc/html/rfc5830.html RFC 5830 + => https://datatracker.ietf.org/doc/html/rfc4357.html RFC 4357 +* various 28147-89-related S-boxes included +* GOST R 34.11-94 hash function + => https://datatracker.ietf.org/doc/html/rfc5831.html RFC 5831 +* GOST R 34.11-2012 Стрибог (Streebog) hash function + => https://datatracker.ietf.org/doc/html/rfc6986.html RFC 6986 +* GOST R 34.10-2001 signature + => https://datatracker.ietf.org/doc/html/rfc5832.html RFC 5832 +* GOST R 34.10-2012 signature + => https://datatracker.ietf.org/doc/html/rfc7091.html RFC 7091 +* various 34.10 curve parameters included +* Coordinates conversion from twisted Edwards to Weierstrass form + and vice versa +* VKO GOST R 34.10-2001 VKO key agreement function + => https://datatracker.ietf.org/doc/html/rfc4357.html RFC 4357 +* VKO GOST R 34.10-2012 VKO key agreement function + => https://datatracker.ietf.org/doc/html/rfc7836.html RFC 7836 +* KDF_GOSTR3411_2012_256 KDF function (ТК26 Р 50.1.113-2016) +* GOST R 34.12-2015 128-bit block cipher Кузнечик (Kuznechik) + => https://datatracker.ietf.org/doc/html/rfc7801.html RFC 7801 +* GOST R 34.12-2015 64-bit block cipher Магма (Magma) +* GOST R 34.13-2015 padding methods +* MGM AEAD mode for 64 and 128 bit ciphers + => https://datatracker.ietf.org/doc/html/rfc9058.html RFC 9058 +* TLSTREE keyscheduling function +* ESPTREE/IKETREE (IKE* is the same as ESP*) keyscheduling function +* PRF_IPSEC_PRFPLUS_GOSTR3411_2012_{256,512} and generic prf+ functions + (Р 50.1.111-2016 with IKEv2) + => https://datatracker.ietf.org/doc/html/rfc5831.html RFC 7296 + +Probably you could be interested in +=> //www.gostls13.stargrave.org/ Go's support of GOST TLS 1.3 + +Example 34.10-2012-256 keypair generation, signing and verifying: + + import ( + "crypto/rand" + "io" + "go.stargrave.org/gogost/v6/gost3410" + "go.stargrave.org/gogost/v6/gost34112012256" + ) + func main() { + data := []byte("data to be signed") + hasher := gost34112012256.New() + hasher.Write(data) + dgst := hasher.Sum(nil) + curve := gost3410.CurveIdtc26gost341012256paramSetB() + prvRaw := make([]byte, curve.PointSize()) + rand.Read(prvRaw) + prv, err := gost3410.NewPrivateKey(curve, prvRaw) + pub, err := prv.PublicKey() + pubRaw := pub.Raw() + sign, err := prv.Sign(rand.Reader, dgst, nil) + pub, err = gost3410.NewPublicKey(curve, pubRaw) + isValid, err := pub.VerifyDigest(dgst, sign) + if !isValid { panic("signature is invalid") } + } + +Please send questions, bug reports and patches to +=> http://lists.stargrave.org/gost.html gost mailing list +Announcements also go to this mailing list. + + [FAQ] [NEWS] [INSTALL] [THANKS] diff --git a/doc/mk-html b/doc/mk-html new file mode 100755 index 0000000000000000000000000000000000000000..3723323bdcec7c4beee72c47ae0d99f2687013ac1197d554f03a62453ee1b787 --- /dev/null +++ b/doc/mk-html @@ -0,0 +1,18 @@ +#!/bin/sh -e + +html=gogost.html +rm -f $html/*.html +SWG_DO_SRC=0 SWG_DO_BACKS=0 swg htmls $html +perl -i -npe 's#^.*$#<title>GoGOST#' $html/index.html +ln -f ../PUBKEY-* $html/ +( + cd $html + export ATOM_ID="34c4c603-9fa7-4441-a089-881d216d8638" + export NAME=GoGOST + export BASE_URL=http://www.gogost.stargrave.org + export AUTHOR_EMAIL=gogost@stargrave.org + ~/work/releases-feed/releases.atom.zsh +) +perl -i -npe 'print "\n" if /^<\/head>/' $html/Download.html +find $html -type d -exec chmod 755 {} + +find $html -type f -exec chmod 644 {} + diff --git a/download.texi b/download.texi deleted file mode 100644 index 5ef9cc02152f5a6a73b841c63519f18572590ef7606d42b5a9fbf11fe82162de..0000000000000000000000000000000000000000 --- a/download.texi +++ /dev/null @@ -1,238 +0,0 @@ -@multitable {XXXXX} {XXXX-XX-XX} {XXXX KiB} {meta4 tar pgp ssh} -@headitem Version @tab Date @tab Size @tab Tarball - -@item @ref{Release 6.1.0, 6.1.0} @tab 2025-02-12 @tab 82 KiB @tab -@url{gogost-6.1.0.tar.zst.meta4, meta4} -@url{gogost-6.1.0.tar.zst, tar} -@url{gogost-6.1.0.tar.zst.asc, pgp} -@url{gogost-6.1.0.tar.zst.sig, ssh} - -@item @ref{Release 6.0.2, 6.0.2} @tab 2025-01-17 @tab 85 KiB @tab -@url{gogost-6.0.2.tar.zst.meta4, meta4} -@url{gogost-6.0.2.tar.zst, tar} -@url{gogost-6.0.2.tar.zst.asc, pgp} -@url{gogost-6.0.2.tar.zst.sig, ssh} - -@item @ref{Release 6.0.1, 6.0.1} @tab 2024-08-06 @tab 85 KiB @tab -@url{gogost-6.0.1.tar.zst.meta4, meta4} -@url{gogost-6.0.1.tar.zst, tar} -@url{gogost-6.0.1.tar.zst.asc, pgp} -@url{gogost-6.0.1.tar.zst.sig, ssh} - -@item @ref{Release 6.0.0, 6.0.0} @tab 2024-07-23 @tab 85 KiB @tab -@url{gogost-6.0.0.tar.zst.meta4, meta4} -@url{gogost-6.0.0.tar.zst, tar} -@url{gogost-6.0.0.tar.zst.asc, pgp} -@url{gogost-6.0.0.tar.zst.sig, ssh} - -@item @ref{Release 5.15.0, 5.15.0} @tab 2024-07-16 @tab 85 KiB @tab -@url{gogost-5.15.0.tar.zst.meta4, meta4} -@url{gogost-5.15.0.tar.zst, tar} -@url{gogost-5.15.0.tar.zst.asc, pgp} -@url{gogost-5.15.0.tar.zst.sig, ssh} - -@item @ref{Release 5.14.1, 5.14.1} @tab 2024-04-22 @tab 67 KiB @tab -@url{gogost-5.14.1.tar.zst.meta4, meta4} -@url{gogost-5.14.1.tar.zst, tar} -@url{gogost-5.14.1.tar.zst.asc, pgp} -@url{gogost-5.14.1.tar.zst.sig, ssh} - -@item @ref{Release 5.14.0, 5.14.0} @tab 2023-12-08 @tab 66 KiB @tab -@url{gogost-5.14.0.tar.zst.meta4, meta4} -@url{gogost-5.14.0.tar.zst, tar} -@url{gogost-5.14.0.tar.zst.asc, pgp} -@url{gogost-5.14.0.tar.zst.sig, ssh} - -@item @ref{Release 5.13.0, 5.13.0} @tab 2023-08-07 @tab 65 KiB @tab -@url{gogost-5.13.0.tar.zst.meta4, meta4} -@url{gogost-5.13.0.tar.zst, tar} -@url{gogost-5.13.0.tar.zst.asc, pgp} -@url{gogost-5.13.0.tar.zst.sig, ssh} - -@item @ref{Release 5.12.0, 5.12.0} @tab 2023-08-03 @tab 65 KiB @tab -@url{gogost-5.12.0.tar.zst.meta4, meta4} -@url{gogost-5.12.0.tar.zst, tar} -@url{gogost-5.12.0.tar.zst.asc, pgp} -@url{gogost-5.12.0.tar.zst.sig, ssh} - -@item @ref{Release 5.11.0, 5.11.0} @tab 2023-06-14 @tab 70 KiB @tab -@url{gogost-5.11.0.tar.zst.meta4, meta4} -@url{gogost-5.11.0.tar.zst, tar} -@url{gogost-5.11.0.tar.zst.asc, pgp} -@url{gogost-5.11.0.tar.zst.sig, ssh} - -@item @ref{Release 5.10.0, 5.10.0} @tab 2023-04-05 @tab 70 KiB @tab -@url{gogost-5.10.0.tar.zst.meta4, meta4} -@url{gogost-5.10.0.tar.zst, tar} -@url{gogost-5.10.0.tar.zst.asc, pgp} -@url{gogost-5.10.0.tar.zst.sig, ssh} - -@item @ref{Release 5.9.1, 5.9.1} @tab 2022-11-02 @tab 67 KiB @tab -@url{gogost-5.9.1.tar.zst.meta4, meta4} -@url{gogost-5.9.1.tar.zst, tar} -@url{gogost-5.9.1.tar.zst.asc, pgp} -@url{gogost-5.9.1.tar.zst.sig, ssh} - -@item @ref{Release 5.9.0, 5.9.0} @tab 2021-11-16 @tab 67 KiB @tab -@url{gogost-5.9.0.tar.zst.meta4, meta4} -@url{gogost-5.9.0.tar.zst, tar} -@url{gogost-5.9.0.tar.zst.asc, pgp} -@url{gogost-5.9.0.tar.zst.sig, ssh} - -@item @ref{Release 5.8.0, 5.8.0} @tab 2021-10-08 @tab 67 KiB @tab -@url{gogost-5.8.0.tar.zst.meta4, meta4} -@url{gogost-5.8.0.tar.zst, tar} -@url{gogost-5.8.0.tar.zst.asc, pgp} -@url{gogost-5.8.0.tar.zst.sig, ssh} - -@item 5.7.1 @tab 2021-10-04 @tab 66 KiB @tab -@url{gogost-5.7.1.tar.zst.meta4, meta4} -@url{gogost-5.7.1.tar.zst, tar} -@url{gogost-5.7.1.tar.zst.asc, pgp} -@url{gogost-5.7.1.tar.zst.sig, ssh} - -@item @ref{Release 5.7.0, 5.7.0} @tab 2021-08-17 @tab 61 KiB @tab -@url{gogost-5.7.0.tar.xz.meta4, meta4} -@url{gogost-5.7.0.tar.xz, tar} -@url{gogost-5.7.0.tar.xz.asc, pgp} -@url{gogost-5.7.0.tar.xz.sig, ssh} - -@item @ref{Release 5.6.0, 5.6.0} @tab 2021-04-02 @tab 61 KiB @tab -@url{gogost-5.6.0.tar.xz.meta4, meta4} -@url{gogost-5.6.0.tar.xz, tar} -@url{gogost-5.6.0.tar.xz.asc, pgp} -@url{gogost-5.6.0.tar.xz.sig, ssh} - -@item @ref{Release 5.5.0, 5.5.0} @tab 2021-01-25 @tab 61 KiB @tab -@url{gogost-5.5.0.tar.xz.meta4, meta4} -@url{gogost-5.5.0.tar.xz, tar} -@url{gogost-5.5.0.tar.xz.asc, pgp} -@url{gogost-5.5.0.tar.xz.sig, ssh} - -@item @ref{Release 5.4.0, 5.4.0} @tab 2021-01-24 @tab 60 KiB @tab -@url{gogost-5.4.0.tar.xz.meta4, meta4} -@url{gogost-5.4.0.tar.xz, tar} -@url{gogost-5.4.0.tar.xz.asc, pgp} -@url{gogost-5.4.0.tar.xz.sig, ssh} - -@item @ref{Release 5.3.0, 5.3.0} @tab 2021-01-21 @tab 61 KiB @tab -@url{gogost-5.3.0.tar.xz.meta4, meta4} -@url{gogost-5.3.0.tar.xz, tar} -@url{gogost-5.3.0.tar.xz.asc, pgp} -@url{gogost-5.3.0.tar.xz.sig, ssh} - -@item @ref{Release 5.2.0, 5.2.0} @tab 2021-01-21 @tab 60 KiB @tab -@url{gogost-5.2.0.tar.xz.meta4, meta4} -@url{gogost-5.2.0.tar.xz, tar} -@url{gogost-5.2.0.tar.xz.asc, pgp} -@url{gogost-5.2.0.tar.xz.sig, ssh} - -@item @ref{Release 5.1.1, 5.1.1} @tab 2021-01-16 @tab 60 KiB @tab -@url{gogost-5.1.1.tar.xz.meta4, meta4} -@url{gogost-5.1.1.tar.xz, tar} -@url{gogost-5.1.1.tar.xz.asc, pgp} -@url{gogost-5.1.1.tar.xz.sig, ssh} - -@item @ref{Release 5.1.0, 5.1.0} @tab 2020-10-07 @tab 63 KiB @tab -@url{gogost-5.1.0.tar.xz.meta4, meta4} -@url{gogost-5.1.0.tar.xz, tar} -@url{gogost-5.1.0.tar.xz.asc, pgp} -@url{gogost-5.1.0.tar.xz.sig, ssh} - -@item 5.0.2 @tab 2020-09-05 @tab 62 KiB @tab -@url{gogost-5.0.2.tar.xz.meta4, meta4} -@url{gogost-5.0.2.tar.xz, tar} -@url{gogost-5.0.2.tar.xz.asc, pgp} -@url{gogost-5.0.2.tar.xz.sig, ssh} - -@item 5.0.1 @tab 2020-09-05 @tab 62 KiB @tab -@url{gogost-5.0.1.tar.xz.meta4, meta4} -@url{gogost-5.0.1.tar.xz, tar} -@url{gogost-5.0.1.tar.xz.asc, pgp} -@url{gogost-5.0.1.tar.xz.sig, ssh} - -@item @ref{Release 5.0.0, 5.0.0} @tab 2020-09-04 @tab 62 KiB @tab -@url{gogost-5.0.0.tar.xz.meta4, meta4} -@url{gogost-5.0.0.tar.xz, tar} -@url{gogost-5.0.0.tar.xz.asc, pgp} -@url{gogost-5.0.0.tar.xz.sig, ssh} - -@item 4.3.1 @tab 2020-09-01 @tab 63 KiB @tab -@url{gogost-4.3.1.tar.xz.meta4, meta4} -@url{gogost-4.3.1.tar.xz, tar} -@url{gogost-4.3.1.tar.xz.asc, pgp} -@url{gogost-4.3.1.tar.xz.sig, ssh} - -@item @ref{Release 4.3.0, 4.3.0} @tab 2020-08-02 @tab 58 KiB @tab -@url{gogost-4.3.0.tar.xz.meta4, meta4} -@url{gogost-4.3.0.tar.xz, tar} -@url{gogost-4.3.0.tar.xz.asc, pgp} -@url{gogost-4.3.0.tar.xz.sig, ssh} - -@item @ref{Release 4.2.4, 4.2.4} @tab 2020-06-24 @tab 58 KiB @tab -@url{gogost-4.2.4.tar.xz.meta4, meta4} -@url{gogost-4.2.4.tar.xz, tar} -@url{gogost-4.2.4.tar.xz.asc, pgp} -@url{gogost-4.2.4.tar.xz.sig, ssh} - -@item @ref{Release 4.2.3, 4.2.3} @tab 2020-01-22 @tab 58 KiB @tab -@url{gogost-4.2.3.tar.xz.meta4, meta4} -@url{gogost-4.2.3.tar.xz, tar} -@url{gogost-4.2.3.tar.xz.asc, pgp} -@url{gogost-4.2.3.tar.xz.sig, ssh} - -@item @ref{Release 4.2.2, 4.2.2} @tab 2020-01-07 @tab 58 KiB @tab -@url{gogost-4.2.2.tar.xz.meta4, meta4} -@url{gogost-4.2.2.tar.xz, tar} -@url{gogost-4.2.2.tar.xz.asc, pgp} -@url{gogost-4.2.2.tar.xz.sig, ssh} - -@item @ref{Release 4.2.1, 4.2.1} @tab 2019-12-18 @tab 57 KiB @tab -@url{gogost-4.2.1.tar.xz.meta4, meta4} -@url{gogost-4.2.1.tar.xz, tar} -@url{gogost-4.2.1.tar.xz.asc, pgp} -@url{gogost-4.2.1.tar.xz.sig, ssh} - -@item @ref{Release 4.2.0, 4.2.0} @tab 2019-10-18 @tab 57 KiB @tab -@url{gogost-4.2.0.tar.xz.meta4, meta4} -@url{gogost-4.2.0.tar.xz, tar} -@url{gogost-4.2.0.tar.xz.asc, pgp} -@url{gogost-4.2.0.tar.xz.sig, ssh} - -@item @ref{Release 4.1.0, 4.1.0} @tab 2019-10-03 @tab 55 KiB @tab -@url{gogost-4.1.0.tar.xz.meta4, meta4} -@url{gogost-4.1.0.tar.xz, tar} -@url{gogost-4.1.0.tar.xz.asc, pgp} -@url{gogost-4.1.0.tar.xz.sig, ssh} - -@item @ref{Release 4.0, 4.0} @tab 2019-08-12 @tab 56 KiB @tab -@url{gogost-4.0.tar.xz.meta4, meta4} -@url{gogost-4.0.tar.xz, tar} -@url{gogost-4.0.tar.xz.asc, pgp} -@url{gogost-4.0.tar.xz.sig, ssh} - -@item @ref{Release 3.0, 3.0} @tab 2019-07-19 @tab 47 KiB @tab -@url{gogost-3.0.tar.xz.meta4, meta4} -@url{gogost-3.0.tar.xz, tar} -@url{gogost-3.0.tar.xz.asc, pgp} -@url{gogost-3.0.tar.xz.sig, ssh} - -@item @ref{Release 2.0, 2.0} @tab 2016-11-26 @tab 39 KiB @tab -@url{gogost-2.0.tar.xz.meta4, meta4} -@url{gogost-2.0.tar.xz, tar} -@url{gogost-2.0.tar.xz.asc, pgp} -@url{gogost-2.0.tar.xz.sig, ssh} - -@item 1.2 @tab 2016-11-13 @tab 34 KiB @tab -@url{gogost-1.2.tar.xz.meta4, meta4} -@url{gogost-1.2.tar.xz, tar} -@url{gogost-1.2.tar.xz.asc, pgp} -@url{gogost-1.2.tar.xz.sig, ssh} - -@item @ref{Release 1.1, 1.1} @tab 2016-10-04 @tab 33 KiB @tab -@url{gogost-1.1.tar.xz.meta4, meta4} -@url{gogost-1.1.tar.xz, tar} -@url{gogost-1.1.tar.xz.asc, pgp} -@url{gogost-1.1.tar.xz.sig, ssh} - -@end multitable diff --git a/faq.texi b/faq.texi deleted file mode 100644 index a88ed51f860d15592d2ba3ae192462bb2b5d07fe64884c4a5501cecebcd0abc5..0000000000000000000000000000000000000000 --- a/faq.texi +++ /dev/null @@ -1,29 +0,0 @@ -@node FAQ -@unnumbered Frequently asked questions - -@set ItIsGOSTBaby It is GOST: do you expect serialization unification? - -@table @asis - -@item My signature is not validated by other implementations. What is wrong? - -Try to reverse it (like @code{sign[::-1]} in Python). -Try to swap its halves (@code{sign[len(sign)/2:] + sign[:len(sign)/2]}). -Try to reverse its swapped halves too. - -@value{ItIsGOSTBaby}! - -@item My signature is @strong{still} not validated by other implementations! - -Try to reverse digest you are signing/verifying (like @code{dgst[::-1]} in Python). - -@value{ItIsGOSTBaby}! - -@item Everything above did not help me. Does GoGOST sucks? - -No way! You still have not tried to reverse your binary private key, -public key and swap its halves. - -@value{ItIsGOSTBaby}! - -@end table diff --git a/go.mod b/go.mod index 18525aeffb1b1772cb3253a12674fda139b3a4a357632fa7827b6758d131d869..7016c85f5717eca9c7b1169741135eca7cf2ff708a0e2107bad907c9dcde3a10 100644 --- a/go.mod +++ b/go.mod @@ -1,3 +1,3 @@ -module go.cypherpunks.su/gogost/v6 +module go.stargrave.org/gogost/v7 go 1.24 diff --git a/gogost.go b/gogost.go index 78af35e3adc806e9fa34bd9bc81f046cfc512dcbf3bf0d907f01b72e4952e364..d4e5329c536006227c2d4abf5d9a14b0b842986b0ecce14f64def2369523ff7d 100644 --- a/gogost.go +++ b/gogost.go @@ -1,4 +1,4 @@ // Pure Go GOST cryptographic functions library. package gogost -const Version = "6.1.0" +const Version = "7.0.0" diff --git a/gost3410/vko2001.go b/gost3410/vko2001.go index a8ba3d8a0830298999c528c9f1c7e44e3270cf9650251f6fd3f1eb85bd84c268..9c369e563e715ca99bc590002f5ca3b5efc4bf39bc2b1355f023f19b415e3e54 100644 --- a/gost3410/vko2001.go +++ b/gost3410/vko2001.go @@ -20,8 +20,8 @@ "errors" "fmt" "math/big" - "go.cypherpunks.su/gogost/v6/gost28147" - "go.cypherpunks.su/gogost/v6/gost341194" + "go.stargrave.org/gogost/v7/gost28147" + "go.stargrave.org/gogost/v7/gost341194" ) // RFC 4357 VKO GOST R 34.10-2001 key agreement function. diff --git a/gost3410/vko2012.go b/gost3410/vko2012.go index c8f3e5560a7ffd039ab325768833b1b9d9b6876dd881aa0571eb9abcba526a5d..a963a2b6ab212f2ce37e93968af8958b7473c9184ec87475c467332c9a3b60be 100644 --- a/gost3410/vko2012.go +++ b/gost3410/vko2012.go @@ -19,8 +19,8 @@ import ( "fmt" "math/big" - "go.cypherpunks.su/gogost/v6/gost34112012256" - "go.cypherpunks.su/gogost/v6/gost34112012512" + "go.stargrave.org/gogost/v7/gost34112012256" + "go.stargrave.org/gogost/v7/gost34112012512" ) // RFC 7836 VKO GOST R 34.10-2012 256-bit key agreement function. diff --git a/gost34112012256/hash.go b/gost34112012256/hash.go index 2b561c333e3a2dec2e6f81346b3cad0ccd3969a4a42bab27b3a2cedeabfa8106..6e4891f69188da0c8c2622ccbbd76a1da832e016129000ac1d8642a51e3e91a5 100644 --- a/gost34112012256/hash.go +++ b/gost34112012256/hash.go @@ -20,7 +20,7 @@ import ( "hash" - "go.cypherpunks.su/gogost/v6/internal/gost34112012" + "go.stargrave.org/gogost/v7/internal/gost34112012" ) const ( diff --git a/gost34112012512/hash.go b/gost34112012512/hash.go index 35efab2e91ddad2f8ff8553324ba4b8717f0c21356370f018091847366d3525d..6e3d767f16c1dd916855a0aa67bc55a93629b9c92964c6cd1e1b284c3234ee45 100644 --- a/gost34112012512/hash.go +++ b/gost34112012512/hash.go @@ -20,7 +20,7 @@ import ( "hash" - "go.cypherpunks.su/gogost/v6/internal/gost34112012" + "go.stargrave.org/gogost/v7/internal/gost34112012" ) const ( diff --git a/gost341194/hash.go b/gost341194/hash.go index 67ab3dc6ea65b2c307abe123e8d8d9cfa693b60cf71bc1a1c10bb541c69d862a..a35f0bb6bc899d3b3ead9e08fd8d1cad8cd329d1f2b5e2feffa98a3cc00918eb 100644 --- a/gost341194/hash.go +++ b/gost341194/hash.go @@ -22,7 +22,7 @@ "crypto/subtle" "encoding/binary" "math/big" - "go.cypherpunks.su/gogost/v6/gost28147" + "go.stargrave.org/gogost/v7/gost28147" ) const ( diff --git a/gost341194/hash_test.go b/gost341194/hash_test.go index eae0b430439b2699dced8c4c206d6cbfdcf653351c92628f32edbbf4a41cd315..53cfa60417744d0ec6f0d49591a481d0206c1e1014572c5fccba143e75157cd6 100644 --- a/gost341194/hash_test.go +++ b/gost341194/hash_test.go @@ -22,7 +22,7 @@ "hash" "testing" "testing/quick" - "go.cypherpunks.su/gogost/v6/gost28147" + "go.stargrave.org/gogost/v7/gost28147" ) func TestHashInterface(t *testing.T) { diff --git a/gost341194/pbkdf2_test.go b/gost341194/pbkdf2_test.go index b3318b662cb114a4574e130075e4f6700f2b4f90e523f44ab80b774e46c8aaed..4544556ed368191564cc0c3ebcfa508be37149950a63d407f6da0980ede46ebc 100644 --- a/gost341194/pbkdf2_test.go +++ b/gost341194/pbkdf2_test.go @@ -21,7 +21,7 @@ "crypto/pbkdf2" "hash" "testing" - "go.cypherpunks.su/gogost/v6/gost28147" + "go.stargrave.org/gogost/v7/gost28147" ) func PBKDF2Hash() hash.Hash { diff --git a/gost341264/cipher.go b/gost341264/cipher.go index b469fa70ac3bbcfcb4176895e80c8b7fad565234f3ed04572d5c7b0013a5d17b..bb0e3b404217041ed63b8e8e11ddeaf5ea68c2755197b1e77a66907efc8332da 100644 --- a/gost341264/cipher.go +++ b/gost341264/cipher.go @@ -17,7 +17,7 @@ // GOST R 34.12-2015 64-bit (Магма (Magma)) block cipher. package gost341264 import ( - "go.cypherpunks.su/gogost/v6/gost28147" + "go.stargrave.org/gogost/v7/gost28147" ) const ( diff --git a/install.texi b/install.texi deleted file mode 100644 index 774bfd63a9cdc7eb6747a4e873a9515dc7755978e2c9ead405fd9054f2269690..0000000000000000000000000000000000000000 --- a/install.texi +++ /dev/null @@ -1,94 +0,0 @@ -@node Download -@unnumbered Download - -Preferable way is to download tarball with the signature from -website and, for example, run tests with benchmarks: - -@example -$ [fetch|wget] http://www.gogost.cypherpunks.su/gogost-@value{VERSION}.tar.zst -$ [fetch|wget] http://www.gogost.cypherpunks.su/gogost-@value{VERSION}.tar.zst.@{asc,sig@} -[verify signature] -$ tar xf gogost-@value{VERSION}.tar.zst -$ cd gogost-@value{VERSION} -$ go build -o streebog256 ./cmd/streebog256 -$ echo hello world | ./streebog256 -f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d -@end example - -@include download.texi - -And then you can include its source code in your project for example -like this: - -@example -$ mkdir -p myproj/vendor/go.cypherpunks.su/gogost -$ mv gogost-@value{VERSION} myproj/vendor/go.cypherpunks.su/gogost/v6 -$ cd myproj -$ cat >main.go < /path/to/gogost-@value{VERSION} -@end example - -@item You can use Go's workspace feature: - -@example -$ go work use /path/to/gogost-@value{VERSION} -@end example - -@end itemize - -You can obtain development source code with -@command{git clone git://git.cypherpunks.su/gogost.git}. -You can also use -@code{anongit@@master.git.stargrave.org:cypherpunks.su/gogost.git}, -@code{anongit@@slave.git.stargrave.org:cypherpunks.su/gogost.git}, -@code{anongit@@master.git.cypherpunks.su:cypherpunks.su/gogost.git}, -@code{anongit@@slave.git.cypherpunks.su:cypherpunks.su/gogost.git}, -@url{git://git.stargrave.org/gogost.git}, -@url{git://y.git.stargrave.org/gogost.git}, -@url{git://y.git.cypherpunks.su/gogost.git} URLs instead. diff --git a/integrity.texi b/integrity.texi deleted file mode 100644 index f4706ac1a4af1e9030d4c547ee5247d7aefe1d106162f140598cdc91c4b42a37..0000000000000000000000000000000000000000 --- a/integrity.texi +++ /dev/null @@ -1,34 +0,0 @@ -You @strong{have to} verify downloaded tarballs authenticity to be sure -that you retrieved trusted and untampered software. There are two options: - -@table @asis - -@item @url{https://www.openpgp.org/, OpenPGP} @file{.asc} signature - Use @url{https://www.gnupg.org/, GNU Privacy Guard} free software - implementation. - For the very first time it is necessary to get signing public key and - import it. It is provided @url{PUBKEY-PGP.asc, here}, but you should - check alternate resources. - -@verbatim -pub rsa2048/0x82343436696FC85A 2016-09-13 - CEBD 1282 2C46 9C02 A81A 0467 8234 3436 696F C85A -uid GoGOST releases -@end verbatim - -@example -$ gpg --auto-key-locate dane --locate-keys gogost@@cypherpunks.su -$ gpg --auto-key-locate wkd --locate-keys gogost@@cypherpunks.su -@end example - -@item @url{https://www.openssh.com/, OpenSSH} @file{.sig} signature - @url{PUBKEY-SSH.pub, Public key} and its OpenPGP - @url{PUBKEY-SSH.pub.asc, signature} made with the key above. - Its fingerprint: @code{SHA256:u8X9rPDOhxpyzGs/IugbxXbDeOu/0AttKY+LGAvHBH0}. - -@example -$ ssh-keygen -Y verify -f PUBKEY-SSH.pub -I gogost@@cypherpunks.su -n file \ - -s gogost-@value{VERSION}.tar.zst.sig VERSION -cat >download.texi <$texi <$texi <$texi <VERSION +mv doc/FAQ doc/INSTALL doc/NEWS doc/THANKS . +rm -r .git doc makedist version find . -type d -exec chmod 755 {} + find . -type f -exec chmod 644 {} + chmod +x bench cd .. -detpax gogost-"$release" >gogost-"$release".tar -zstd -22 --ultra -v gogost-"$release".tar -tarball=gogost-"$release".tar.zst -ssh-keygen -Y sign -f ~/.ssh/sign/gogost@cypherpunks.su -n file $tarball -gpg --armor --detach-sign --sign --local-user 82343436696FC85A $tarball -meta4ra-create -fn "$tarball" -mtime "$tarball" \ - -sig-pgp "$tarball".asc -sig-ssh "$tarball".sig \ - http://www.gogost.cypherpunks.su/"$tarball" \ - http://y.www.gogost.cypherpunks.su/"$tarball" <"$tarball" >"$tarball".meta4 +detpax gogost-"$release" >gogost-$release.tar +zstd -22 --ultra -v gogost-$release.tar +tarball=gogost-$release.tar.zst +ssh-keygen -Y sign -f ~/.ssh/sign/gogost@stargrave.org -n file $tarball +meta4ra-create -fn $tarball -mtime $tarball -sig-ssh $tarball.sig \ + "1|ru|http://www.gogost.stargrave.org/$tarball" \ + "2|ru|http://msk.www.gogost.stargrave.org/$tarball" \ + "2|ru|http://spb.www.gogost.stargrave.org/$tarball" \ + "3|ru|https://www.gogost.stargrave.org/$tarball" \ + "4|ru|https://msk.www.gogost.stargrave.org/$tarball" \ + "4|ru|https://spb.www.gogost.stargrave.org/$tarball" \ + "5|ru|http://y.www.gogost.stargrave.org/$tarball" \ + "5|ru|http://[322:3bd:cc26:9545:b00b:721f:6b97:1a3e]/$tarball" \ + "6|ru|sftp://anonwww@msk.www.stargrave.org/gogost.stargrave.org/$tarball" \ + "6|ru|sftp://anonwww@spb.www.stargrave.org/gogost.stargrave.org/$tarball" \ + <$tarball >$tarball.meta4 +meta4ra-create -add $tarball.meta4 -fn $tarball.sig -hashers "" \ + "1|ru|http://www.gogost.stargrave.org/$tarball.sig" \ + "2|ru|http://msk.www.gogost.stargrave.org/$tarball.sig" \ + "2|ru|http://spb.www.gogost.stargrave.org/$tarball.sig" \ + "3|ru|https://www.gogost.stargrave.org/$tarball.sig" \ + "4|ru|https://msk.www.gogost.stargrave.org/$tarball.sig" \ + "4|ru|https://spb.www.gogost.stargrave.org/$tarball.sig" \ + "5|ru|http://y.www.gogost.stargrave.org/$tarball.sig" \ + "5|ru|http://[322:3bd:cc26:9545:b00b:721f:6b97:1a3e]/$tarball.sig" \ + "6|ru|sftp://anonwww@msk.www.stargrave.org/gogost.stargrave.org/$tarball.sig" \ + "6|ru|sftp://anonwww@spb.www.stargrave.org/gogost.stargrave.org/$tarball.sig" \ + <$tarball.sig >$tarball.meta4_ +mv $tarball.meta4_ $tarball.meta4 size=$(( $(stat -f %z $tarball) / 1024 )) release_date=$(date "+%Y-%m-%d") cat < gogost-$release.tar.zst tar + => gogost-$release.tar.zst.meta4 meta4 EOF + +mv $tmp/$tarball $tmp/$tarball.sig $tmp/$tarball.meta4 $cur/doc/gogost.html/ cat <8 ------------------------ -GoGOST'es home page is: http://www.gogost.cypherpunks.su/ - -Source code and its signature for that version can be found here: +GoGOST'es home page is: http://www.gogost.stargrave.org/ - http://www.gogost.cypherpunks.su/gogost-${release}.tar.zst ($size KiB) - http://www.gogost.cypherpunks.su/gogost-${release}.tar.zst.{asc,sig} +URLs to source code, its checksums and signatures can be found in an +attached Metalink4 file. -OpenPGP key: CEBD 1282 2C46 9C02 A81A 0467 8234 3436 696F C85A - GoGOST releases OpenSSH key: SHA256:u8X9rPDOhxpyzGs/IugbxXbDeOu/0AttKY+LGAvHBH0 Please send questions regarding the use of GoGOST, bug reports and patches -to mailing list: http://lists.cypherpunks.su/gost.html +to mailing list: http://lists.stargrave.org/gost.html EOF +echo mutt -s \"[EN] GoGOST $release release announcement\" \ + gost@lists.stargrave.org \ + -a $cur/doc/gogost.html/$tarball.meta4 cat <8 ------------------------ -Домашняя страница GoGOST: http://www.gogost.cypherpunks.su/ +Домашняя страница GoGOST: http://www.gogost.stargrave.org/ -Исходный код и его подпись для этой версии могут быть найдены здесь: - - http://www.gogost.cypherpunks.su/gogost-${release}.tar.zst ($size KiB) - http://www.gogost.cypherpunks.su/gogost-${release}.tar.zst.{asc,sig} +Ссылки на исходный код, его контрольные суммы и подписи могут быть +найдены в приложенном Metalink4 файле. -OpenPGP ключ: CEBD 1282 2C46 9C02 A81A 0467 8234 3436 696F C85A - GoGOST releases OpenSSH ключ: SHA256:u8X9rPDOhxpyzGs/IugbxXbDeOu/0AttKY+LGAvHBH0 Пожалуйста, все вопросы касающиеся использования GoGOST, отчёты об ошибках и патчи отправляйте в gost почтовую рассылку: -http://lists.cypherpunks.su/gost.html +http://lists.stargrave.org/gost.html EOF +echo mutt -s \"[RU] Состоялся релиз GoGOST $release\" \ + gost@lists.stargrave.org \ + -a $cur/doc/gogost.html/$tarball.meta4 -mv $tmp/$tarball $tmp/"$tarball".asc $tmp/"$tarball".sig $tmp/"$tarball".meta4 $cur/gogost.html/ rm -fr $tmp diff --git a/mgm/mode_test.go b/mgm/mode_test.go index 5d5d7293523f3bfba5668c3597091ed0b9128692d596f2c54f380a1d9693a23b..8c879232e09b1ed4590d209cb256dbb3cd99edabfdcd367169619cdb4a915795 100644 --- a/mgm/mode_test.go +++ b/mgm/mode_test.go @@ -22,8 +22,8 @@ "crypto/rand" "testing" "testing/quick" - "go.cypherpunks.su/gogost/v6/gost3412128" - "go.cypherpunks.su/gogost/v6/gost341264" + "go.stargrave.org/gogost/v7/gost3412128" + "go.stargrave.org/gogost/v7/gost341264" ) func TestVector(t *testing.T) { diff --git a/mgm/mul128_test.go b/mgm/mul128_test.go index da124089d5d5821489401d650b1fc68063efd5bb8e4d6fe67609b5af44cc6de5..f7661ac266fe74eaf4ab516bcd6b11bf330fa6fd9f9f5d263a4929d6a40d8836 100644 --- a/mgm/mul128_test.go +++ b/mgm/mul128_test.go @@ -19,7 +19,7 @@ import ( "crypto/rand" "testing" - "go.cypherpunks.su/gogost/v6/gost3412128" + "go.stargrave.org/gogost/v7/gost3412128" ) func BenchmarkMul128(b *testing.B) { diff --git a/mgm/mul64_test.go b/mgm/mul64_test.go index a98141a8987978dc0c23d53029ee1aa12fd1c2913e344dcb0c34b51bcd0f5106..2e2b0147486d102cb8fb379e32c7eac5f2cca677eab8b9e9c09decac0d1f3c45 100644 --- a/mgm/mul64_test.go +++ b/mgm/mul64_test.go @@ -19,7 +19,7 @@ import ( "crypto/rand" "testing" - "go.cypherpunks.su/gogost/v6/gost341264" + "go.stargrave.org/gogost/v7/gost341264" ) func BenchmarkMul64(b *testing.B) { diff --git a/news.texi b/news.texi deleted file mode 100644 index d9862e28782a739977ebfde8435d0112d9a6594690cecd6e00da5df55e4230c2..0000000000000000000000000000000000000000 --- a/news.texi +++ /dev/null @@ -1,274 +0,0 @@ -@node News -@unnumbered News - -@table @strong - -@anchor{Release 6.1.0} -@item 6.1.0 - @itemize - @item Fixed workability with Go 1.24's @code{subtle.XORBytes} - @item Go 1.24 is required now because of - @code{crypto/hkdf} and @code{crypto/pbkdf2} - @end itemize - -@anchor{Release 6.0.2} -@item 6.0.2 -Minor trivial changes. - -@anchor{Release 6.0.1} -@item 6.0.1 -Minor trivial changes. - -@anchor{Release 6.0.0} -@item 6.0.0 -Changed namespace because of domain expiration: -@verbatim -go.cypherpunks.ru/gogost/v5 -> go.cypherpunks.su/gogost/v6 -@end verbatim - -@anchor{Release 5.15.0} -@item 5.15.0 -Optimised Streebog implementation with precalculated tables. - -@anchor{Release 5.14.1} -@item 5.14.1 - @itemize - @item Forgotten @code{Version} raise - @item Streebog-512 PBKDF2 test vectors - @end itemize - -@anchor{Release 5.14.0} -@item 5.14.0 -28147-89 and CryptoPro key wrapping support -(@url{https://datatracker.ietf.org/doc/html/rfc4357.html, RFC 4357}). - -@anchor{Release 5.13.0} -@item 5.13.0 - @itemize - @item - @code{gost3410.NewPublicKeyLE}, @code{gost3410.PublicKey.RawLE}, - @code{gost3410.NewPublicKeyBE}, @code{gost3410.PublicKey.RawBE}, - @code{gost3410.NewPrivateKeyLE}, @code{gost3410.PrivateKey.RawLE}, - @code{gost3410.NewPrivateKeyBE}, @code{gost3410.PrivateKey.RawBE}, - functions appeared, to simplify dealing with different endianness - keys serialisation - @item - @code{gost3410.PublicKeyReverseDigest} and - @code{gost3410.PublicKeyReverseDigestAndSignature} wrappers appeared - @end itemize - -@anchor{Release 5.12.0} -@item 5.12.0 -Updated dependencies. - -@anchor{Release 5.11.0} -@item 5.11.0 -You can check if public key is on curve with -@code{gost3410.Curve.Contains} method now. - -@anchor{Release 5.10.0} -@item 5.10.0 - @itemize - @item @code{mgm.MGM.Open} returns @code{mgm.InvalidTag} for failed authentication - @item Example @file{cmd/cer-dane-hash} and - @file{cmd/cer-selfsigned-example} utilities appeared - @end itemize - -@anchor{Release 5.9.1} -@item 5.9.1 -Updated and cleaned up @file{go.sum}. - -@anchor{Release 5.9.0} -@item 5.9.0 -@code{gost3410} is more thread-safe. - -@anchor{Release 5.8.0} -@item 5.8.0 -Faster Kuznechik and ~3x faster Kuznechik-MGM. - -@anchor{Release 5.7.0} -@item 5.7.0 -Go 1.17 requires @code{gost3410.PublicKey} to have @code{Equal} method. - -@anchor{Release 5.6.0} -@item 5.6.0 - @itemize - @item Add @code{gost3410.CurveIdtc26gost341012512paramSetTest} curve - @item More curve aliases: -@verbatim -CurveIdGostR34102001CryptoProAParamSet -> CurveIdtc26gost341012256paramSetB -CurveIdGostR34102001CryptoProBParamSet -> CurveIdtc26gost341012256paramSetC -CurveIdGostR34102001CryptoProCParamSet -> CurveIdtc26gost341012256paramSetD -CurveIdGostR34102001CryptoProXchAParamSet -> CurveIdGostR34102001CryptoProAParamSet -CurveIdGostR34102001CryptoProXchBParamSet -> CurveIdGostR34102001CryptoProCParamSet -CurveIdtc26gost34102012256paramSetA -> CurveIdtc26gost341012256paramSetA -CurveIdtc26gost34102012256paramSetB -> CurveIdtc26gost341012256paramSetB -CurveIdtc26gost34102012256paramSetC -> CurveIdtc26gost341012256paramSetC -CurveIdtc26gost34102012256paramSetD -> CurveIdtc26gost341012256paramSetD -CurveIdtc26gost34102012512paramSetTest -> CurveIdtc26gost341012512paramSetTest -CurveIdtc26gost34102012512paramSetA -> CurveIdtc26gost341012512paramSetA -CurveIdtc26gost34102012512paramSetB -> CurveIdtc26gost341012512paramSetB -CurveIdtc26gost34102012512paramSetC -> CurveIdtc26gost341012512paramSetC -@end verbatim - @end itemize - -@anchor{Release 5.5.0} -@item 5.5.0 - @code{gost3410.PrivateKey} is in @code{gost3410.Curve.Q} now. That - makes them more friendly with some implementations. - -@anchor{Release 5.4.0} -@item 5.4.0 - Even slightly less allocations in Streebog. - -@anchor{Release 5.3.0} -@item 5.3.0 - ~16x speedup of Streebog, ~15x speedup of Kuznechik. - -@anchor{Release 5.2.0} -@item 5.2.0 - MGM does not panic when short (tagless) message is verified. - -@anchor{Release 5.1.1} -@item 5.1.1 - Tarball uses vendoring, instead of @env{GOPATH} overriding. - As minimal Go version is 1.12 for a long time, it supports modules. - -@anchor{Release 5.1.0} -@item 5.1.0 - @code{gost3410/KEK*} functions do not alter @code{ukm} argument. - It is safe to reuse now. - -@anchor{Release 5.0.0} -@item 5.0.0 - Backward incompatible remove of excess misleading @code{gost3410.Mode} - from all related functions. Point/key sizes are determined by - looking at curve's parameters size. - -@anchor{Release 4.3.0} -@item 4.3.0 - @strong{Fixed} nasty bug with Edwards curves using in 34.10-VKO - functions: curve's cofactor has not been used. - -@anchor{Release 4.2.4} -@item 4.2.4 - @code{gost3410.PrivateKeyReverseDigest} reversed digests and - @code{PrivateKeyReverseDigestAndSignature} with also reversed signatures - signers appeared for convenience. - -@anchor{Release 4.2.3} -@item 4.2.3 - Panic on all possible hash @code{Write} errors. - -@anchor{Release 4.2.2} -@item 4.2.2 - More 34.10-2012 test vectors. - -@anchor{Release 4.2.1} -@item 4.2.1 - Dummy release. More nicer tarballs. - -@anchor{Release 4.2.0} -@item 4.2.0 - @itemize - @item @code{PRF_IPSEC_PRFPLUS_GOSTR3411_2012_@{256,512@}} implementation - @item Generic @code{prf+} function (taken from IKEv2 - (@url{https://datatracker.ietf.org/doc/html/rfc5831.html, RFC 7296})) - @end itemize - -@anchor{Release 4.1.0} -@item 4.1.0 - @itemize - @item @code{ESPTREE}/@code{IKETREE} implementation - @item @code{CurveIdtc26gost34102012256paramSetB}, - @code{CurveIdtc26gost34102012256paramSetC}, - @code{CurveIdtc26gost34102012256paramSetD} curve aliases - @item Forbid any later GNU GPL version autousage - (project's licence now is GNU GPLv3 only) - @item Project now is @command{go get}-able and uses - @code{go.cypherpunks.ru} namespace: - @command{go get go.cypherpunks.ru/gogost}, - @command{go get go.cypherpunks.ru/gogost/cmd/streebog@{256,512@}} - @end itemize - -@anchor{Release 4.0} -@item 4.0 - @itemize - @item Backward incompatible change: all keys passing to encryption - functions are slices now, not the fixed arrays. That heavily - simplifies the library usage - @item Fix bug with overwriting IVs memory in @code{gost28147.CFB*crypter} - @item @code{TLSTREE}, used in TLS 1.[23], implementation - @item @code{gost3410.KEK2012*} can be used with any curves, not only 512-bit ones - @item @code{gost3410.PrivateKey} satisfies @code{crypto.Signer} interface - @item @code{gost34112012*} hashes satisfy @code{encoding.Binary(Un)Marshaler} - @item Streebog256 HKDF test vectors - @end itemize - -@anchor{Release 3.0} -@item 3.0 - @itemize - @item Multilinear Galois Mode (MGM) block cipher mode for - 64 and 128 bit ciphers - @item @code{KDF_GOSTR3411_2012_256} KDF - @item 34.12-2015 64-bit block cipher Магма (Magma) - @item Additional EAC 28147-89 Sbox - @item 34.10-2012 TC26 twisted Edwards curve related parameters - @item Coordinates conversion from twisted Edwards to Weierstrass - form and vice versa - @item Fixed @code{gost3410.PrivateKey}'s length validation - @item Backward incompatible change: @code{gost3410.NewCurve} takes - @code{big.Int}, instead of encoded integers - @item Backward incompatible Sbox and curves parameters renaming, to - comply with OIDs identifying them: -@verbatim -Gost2814789_TestParamSet -> SboxIdGost2814789TestParamSet -Gost28147_CryptoProParamSetA -> SboxIdGost2814789CryptoProAParamSet -Gost28147_CryptoProParamSetB -> SboxIdGost2814789CryptoProBParamSet -Gost28147_CryptoProParamSetC -> SboxIdGost2814789CryptoProCParamSet -Gost28147_CryptoProParamSetD -> SboxIdGost2814789CryptoProDParamSet -GostR3411_94_TestParamSet -> SboxIdGostR341194TestParamSet -Gost28147_tc26_ParamZ -> SboxIdtc26gost28147paramZ -GostR3411_94_CryptoProParamSet -> SboxIdGostR341194CryptoProParamSet -EACParamSet -> SboxEACParamSet - -CurveParamsGostR34102001cc -> CurveGostR34102001ParamSetcc -CurveParamsGostR34102001Test -> CurveIdGostR34102001TestParamSet -CurveParamsGostR34102001CryptoProA -> CurveIdGostR34102001CryptoProAParamSet -CurveParamsGostR34102001CryptoProB -> CurveIdGostR34102001CryptoProBParamSet -CurveParamsGostR34102001CryptoProC -> CurveIdGostR34102001CryptoProCParamSet -CurveParamsGostR34102001CryptoProXchA -> CurveIdGostR34102001CryptoProXchAParamSet -CurveParamsGostR34102001CryptoProXchB -> CurveIdGostR34102001CryptoProXchBParamSet -CurveParamsGostR34102012TC26ParamSetA -> CurveIdtc26gost341012512paramSetA -CurveParamsGostR34102012TC26ParamSetB -> CurveIdtc26gost341012512paramSetB -@end verbatim - @item Various additional test vectors - @item go modules friendliness - @end itemize - -@anchor{Release 2.0} -@item 2.0 - @itemize - @item 34.11-2012 is split on two different modules: - @code{gost34112012256} and @code{gost34112012512} - @item 34.11-94's digest is reversed. Now it is compatible with TC26's - HMAC and PBKDF2 test vectors - @item @code{gogost-streebog} is split to @code{streebog256} and - @code{streebog512} correspondingly by analogy with sha* utilities - @item added VKO 34.10-2012 support with corresponding test vectors - @item @code{gost3410.DigestSizeX} is renamed to - @code{gost3410.ModeX} because it is not related to digest size, - but parameters and key sizes - @item KEK functions take @code{big.Int} UKM value. Use @code{NewUKM} - to unmarshal raw binary UKM - @end itemize - -@anchor{Release 1.1} -@item 1.1 - @itemize - @item gogost-streebog is able to use either 256 or 512 bits digest size - @item 34.13-2015 padding methods - @item 28147-89 CBC mode of operation - @end itemize - -@end table diff --git a/prfplus/gost.go b/prfplus/gost.go index ca9d65918c0f85e965ebcc95170a2e50d0d7dffecefe444bc06569783884a61c..29cc8fdd2f3de380508c5fe47251e42a24d0f97db457c1a042a43fab7ccf3248 100644 --- a/prfplus/gost.go +++ b/prfplus/gost.go @@ -20,8 +20,8 @@ import ( "crypto/hmac" "hash" - "go.cypherpunks.su/gogost/v6/gost34112012256" - "go.cypherpunks.su/gogost/v6/gost34112012512" + "go.stargrave.org/gogost/v7/gost34112012256" + "go.stargrave.org/gogost/v7/gost34112012512" ) type PRFIPsecPRFPlusGOSTR34112012 struct{ h hash.Hash } diff --git a/www.texi b/www.texi deleted file mode 100644 index 9db838315280ce53020f0de0e0f33d1fad81e466a3f7eef11551596da7ea7255..0000000000000000000000000000000000000000 --- a/www.texi +++ /dev/null @@ -1,100 +0,0 @@ -\input texinfo -@documentencoding UTF-8 -@settitle GoGOST - -@copying -Copyright @copyright{} 2015-2026 @email{stargrave@@stargrave.org, Sergey Matveev} -@end copying - -@node Top -@top GoGOST - -Pure Go GOST cryptographic functions library. -GOST is GOvernment STandard of Russian Federation (and Soviet Union). -It is -@url{https://www.gnu.org/philosophy/pragmatic.html, copylefted} -@url{https://www.gnu.org/philosophy/free-sw.html, free software}: -licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GPLv3}. -You can read about GOST algorithms @url{http://www.gost.cypherpunks.su/, more}. - -Currently supported algorithms are: - -@itemize -@item GOST 28147-89 (@url{https://datatracker.ietf.org/doc/html/rfc5830.html, RFC 5830}) - block cipher with ECB, CNT (CTR), CFB, MAC, - CBC (@url{https://datatracker.ietf.org/doc/html/rfc4357.html, RFC 4357}) - modes of operation -@item various 28147-89-related S-boxes included -@item GOST R 34.11-94 hash function - (@url{https://datatracker.ietf.org/doc/html/rfc5831.html, RFC 5831}) -@item GOST R 34.11-2012 Стрибог (Streebog) hash function - (@url{https://datatracker.ietf.org/doc/html/rfc6986.html, RFC 6986}) -@item GOST R 34.10-2001 - (@url{https://datatracker.ietf.org/doc/html/rfc5832.html, RFC 5832}) - public key signature function -@item GOST R 34.10-2012 - (@url{https://datatracker.ietf.org/doc/html/rfc7091.html, RFC 7091}) - public key signature function -@item various 34.10 curve parameters included -@item Coordinates conversion from twisted Edwards to Weierstrass - form and vice versa -@item VKO GOST R 34.10-2001 key agreement function - (@url{https://datatracker.ietf.org/doc/html/rfc4357.html, RFC 4357}) -@item VKO GOST R 34.10-2012 key agreement function - (@url{https://datatracker.ietf.org/doc/html/rfc7836.html, RFC 7836}) -@item @code{KDF_GOSTR3411_2012_256} KDF function - (@url{https://datatracker.ietf.org/doc/html/rfc7836.html, RFC 7836}) -@item GOST R 34.12-2015 128-bit block cipher Кузнечик (Kuznechik) - (@url{https://datatracker.ietf.org/doc/html/rfc7801.html, RFC 7801}) -@item GOST R 34.12-2015 64-bit block cipher Магма (Magma) -@item GOST R 34.13-2015 padding methods -@item MGM AEAD mode for 64 and 128 bit ciphers - (@url{https://datatracker.ietf.org/doc/html/rfc9058.html, RFC 9058}) -@item TLSTREE keyscheduling function -@item ESPTREE/IKETREE (IKE* is the same as ESP*) keyscheduling function -@item @code{PRF_IPSEC_PRFPLUS_GOSTR3411_2012_@{256,512@}} and generic - @code{prf+} functions (Р 50.1.111-2016 with IKEv2 - @url{https://datatracker.ietf.org/doc/html/rfc5831.html, RFC 7296}) -@end itemize - -Probably you could be interested in -@url{//www.gostls13.cypherpunks.su/, Go's support of GOST TLS 1.3}. - -Example 34.10-2012-256 keypair generation, signing and verifying: - -@verbatim -import ( - "crypto/rand" - "io" - "go.cypherpunks.su/gogost/v6/gost3410" - "go.cypherpunks.su/gogost/v6/gost34112012256" -) -func main() { - data := []byte("data to be signed") - hasher := gost34112012256.New() - hasher.Write(data) - dgst := hasher.Sum(nil) - curve := gost3410.CurveIdtc26gost341012256paramSetB() - prvRaw := make([]byte, curve.PointSize()) - rand.Read(prvRaw) - prv, err := gost3410.NewPrivateKey(curve, prvRaw) - pub, err := prv.PublicKey() - pubRaw := pub.Raw() - sign, err := prv.Sign(rand.Reader, dgst, nil) - pub, err = gost3410.NewPublicKey(curve, pubRaw) - isValid, err := pub.VerifyDigest(dgst, sign) - if !isValid { panic("signature is invalid") } -} -@end verbatim - -Please send questions, bug reports and patches to -@url{http://lists.cypherpunks.su/gost.html, gost} -mailing list. Announcements also go to this mailing list. - -@insertcopying - -@include faq.texi -@include news.texi -@include install.texi - -@bye