X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=install.texi;h=891ac9dcfd0dac81a3793378984f9fb7f28333db;hb=7cc9f15ef1a21bc6d42302a65a29453f0914502b;hp=fec94ebcfe5ecdc1ffa32af76d555eafe82e1626;hpb=eb3c28c5170bd08b047cba754ae18eb268c227b6;p=gogost.git diff --git a/install.texi b/install.texi index fec94eb..891ac9d 100644 --- a/install.texi +++ b/install.texi @@ -6,9 +6,9 @@ website and, for example, run tests with benchmarks: @example $ [fetch|wget] http://www.gogost.cypherpunks.ru/gogost-@value{VERSION}.tar.zst -$ [fetch|wget] http://www.gogost.cypherpunks.ru/gogost-@value{VERSION}.tar.zst.asc -$ gpg --verify gogost-@value{VERSION}.tar.zst.asc gogost-@value{VERSION}.tar.zst -$ zstd --decompress --stdout gogost-@value{VERSION}.tar.zst | tar xf - +$ [fetch|wget] http://www.gogost.cypherpunks.ru/gogost-@value{VERSION}.tar.zst.@{asc,sig@} +[verify signature] +$ zstd -d gogost-@value{VERSION}.tar.zst | tar xf - $ cd gogost-@value{VERSION} $ go build -mod=vendor -o streebog256 ./cmd/streebog256 $ echo hello world | ./streebog256 @@ -44,35 +44,7 @@ $ go run main.go f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d @end example -You @strong{have to} verify downloaded tarballs integrity and -authenticity to be sure that you retrieved trusted and untampered -software. @url{https://www.gnupg.org/, GNU Privacy Guard} is used -for that purpose. - -For the very first time it is necessary to get signing public key and -import it. It is provided below, but you should check alternative -resources. - -@verbatim -pub rsa2048/0x82343436696FC85A 2016-09-13 [SC] - CEBD 1282 2C46 9C02 A81A 0467 8234 3436 696F C85A -uid GoGOST releases -@end verbatim - -@itemize - -@item @url{http://lists.cypherpunks.ru/gost.html, gost} maillist - -@item -@example -$ gpg --auto-key-locate dane --locate-keys gogost at cypherpunks dot ru -$ gpg --auto-key-locate wkd --locate-keys gogost at cypherpunks dot ru -@end example - -@item -@verbatiminclude PUBKEY.asc - -@end itemize +@include integrity.texi GoGOST is also @command{go get}-able. For example to install @command{streebog256} utility: @@ -81,8 +53,8 @@ GoGOST is also @command{go get}-able. For example to install $ go install go.cypherpunks.ru/gogost/v5/cmd/streebog256@@latest @end example -@code{go.cypherpunks.ru} uses @code{ca.cypherpunks.ru} X.509 CA -authority, that may complicate installation: +Aware that @code{go.cypherpunks.ru} uses +@url{//www.ca.cypherpunks.ru, ca.cypherpunks.ru} X.509 certificate authority. @itemize @@ -91,17 +63,8 @@ services won't be able to verify @code{go.cypherpunks.ru}'s TLS authenticity, because there are no common trust anchors. You can skip their usage by setting @env{$GOPRIVATE=go.cypherpunks.ru}. -@item You can (temporarily) override CA certificate bundle during installation: - -@example -$ [fetch|wget] http://www.ca.cypherpunks.ru/cert.pem -$ [fetch|wget] http://www.ca.cypherpunks.ru/cert.pem.asc -$ gpg --auto-key-locate dane --locate-keys stargrave at stargrave dot org -$ gpg --auto-key-locate wkd --locate-keys stargrave at gnupg dot net -$ gpg --verify cert.pem.asc -$ SSL_CERT_FILE=`pwd`/cert.pem GIT_SSL_CAINFO=`pwd`/cert.pem go get \ - go.cypherpunks.ru/gogost/v5 -@end example +@item You can (temporarily) override CA bundle during installation with +@env{$SSL_CERT_FILE} environment variable. @item You can unpack tarball somewhere and use @code{replace} command in your local @file{go.mod}: