2 * PRF_IPSEC_PRFPLUS_GOSTR3411_2012_{256,512} implementation
3 * Generic prf+ function (taken from IKEv2) implementation
6 * ESPTREE/IKETREE implementation
7 * CurveIdtc26gost34102012256paramSetB, CurveIdtc26gost34102012256paramSetC,
8 CurveIdtc26gost34102012256paramSetD curve aliases
9 * Forbid any later GNU GPL version autousage
10 (project's licence now is GNU GPLv3 only)
11 * Project now is go get-able and uses go.cypherpunks.ru namespace:
12 go get go.cypherpunks.ru/gogost
13 go get go.cypherpunks.ru/gogost/cmd/streebog{256,512}
16 * Backward incompatible change: all keys passing to encryption
17 functions are slices now, not the fixed arrays. That heavily
18 simplifies the library usage
19 * Fix bug with overwriting IVs memory in gost28147.CFB*crypter
20 * TLSTREE, used in TLS 1.[23], implementation
21 * gost3410.KEK2012* can be used with any curves, not only 512-bit ones
22 * gost3410.PrivateKey satisfies crypto.Signer interface
23 * gost34112012* hashes satisfy encoding.Binary(Un)Marshaler
24 * Streebog256 HKDF test vectors
27 * Multilinear Galois Mode (MGM) block cipher mode for
28 64 and 128 bit ciphers
29 * KDF_GOSTR3411_2012_256 KDF
30 * 34.12-2015 64-bit block cipher Магма (Magma)
31 * Additional EAC 28147-89 Sbox
32 * 34.10-2012 TC26 twisted Edwards curve related parameters
33 * Coordinates conversion from twisted Edwards to Weierstrass
35 * Fixed gost3410.PrivateKey's length validation
36 * Backward incompatible change: gost3410.NewCurve takes big.Int,
37 instead of encoded integers
38 * Backward incompatible Sbox and curves parameters renaming, to
39 comply with OIDs identifying them:
41 Gost2814789_TestParamSet -> SboxIdGost2814789TestParamSet
42 Gost28147_CryptoProParamSetA -> SboxIdGost2814789CryptoProAParamSet
43 Gost28147_CryptoProParamSetB -> SboxIdGost2814789CryptoProBParamSet
44 Gost28147_CryptoProParamSetC -> SboxIdGost2814789CryptoProCParamSet
45 Gost28147_CryptoProParamSetD -> SboxIdGost2814789CryptoProDParamSet
46 GostR3411_94_TestParamSet -> SboxIdGostR341194TestParamSet
47 Gost28147_tc26_ParamZ -> SboxIdtc26gost28147paramZ
48 GostR3411_94_CryptoProParamSet -> SboxIdGostR341194CryptoProParamSet
49 EACParamSet -> SboxEACParamSet
51 CurveParamsGostR34102001cc -> CurveGostR34102001ParamSetcc
52 CurveParamsGostR34102001Test -> CurveIdGostR34102001TestParamSet
53 CurveParamsGostR34102001CryptoProA -> CurveIdGostR34102001CryptoProAParamSet
54 CurveParamsGostR34102001CryptoProB -> CurveIdGostR34102001CryptoProBParamSet
55 CurveParamsGostR34102001CryptoProC -> CurveIdGostR34102001CryptoProCParamSet
56 CurveParamsGostR34102001CryptoProXchA -> CurveIdGostR34102001CryptoProXchAParamSet
57 CurveParamsGostR34102001CryptoProXchB -> CurveIdGostR34102001CryptoProXchBParamSet
58 CurveParamsGostR34102012TC26ParamSetA -> CurveIdtc26gost341012512paramSetA
59 CurveParamsGostR34102012TC26ParamSetB -> CurveIdtc26gost341012512paramSetB
61 * Various additional test vectors
62 * go modules friendliness
65 * 34.11-2012 is split on two different modules: gost34112012256 and
67 * 34.11-94's digest is reversed. Now it is compatible with TC26's
68 HMAC and PBKDF2 test vectors
69 * gogost-streebog is split to streebog256 and streebog512
70 correspondingly by analogy with sha* utilities
71 * added VKO 34.10-2012 support with corresponding test vectors
72 * gost3410.DigestSizeX is renamed to gost3410.ModeX because it is
73 not related to digest size, but parameters and key sizes
74 * KEK functions take big.Int UKM value. Use NewUKM to unmarshal
78 * gogost-streebog is able to use either 256 or 512 bits digest size
79 * 34.13-2015 padding methods
80 * 28147-89 CBC mode of operation