X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=install.texi;h=9af1f1ae460be9a70ef2035da05e4b52b7e12e07;hb=bdd673f985d78301d8d03b94ac603722348ec4f2;hp=0ef1621056b4c27a327bc9879c52b65ddfbeaa38;hpb=5cebc6fc16677fa449295a5afff018fd9f0a622c;p=gogost.git diff --git a/install.texi b/install.texi index 0ef1621..9af1f1a 100644 --- a/install.texi +++ b/install.texi @@ -5,22 +5,16 @@ Preferable way is to download tarball with the signature from website and, for example, run tests with benchmarks: @example -$ [fetch|wget] http://www.gogost.cypherpunks.ru/gogost-@value{VERSION}.tar.xz -$ [fetch|wget] http://www.gogost.cypherpunks.ru/gogost-@value{VERSION}.tar.xz.sig -$ gpg --verify gogost-@value{VERSION}.tar.xz.sig gogost-@value{VERSION}.tar.xz -$ xz --decompress --stdout gogost-@value{VERSION}.tar.xz | tar xf - +$ [fetch|wget] http://www.gogost.cypherpunks.ru/gogost-@value{VERSION}.tar.zst +$ [fetch|wget] http://www.gogost.cypherpunks.ru/gogost-@value{VERSION}.tar.zst.@{asc,sig@} +[verify signature] +$ zstd -d gogost-@value{VERSION}.tar.zst | tar xf - $ cd gogost-@value{VERSION} -$ redo all +$ go build -mod=vendor -o streebog256 ./cmd/streebog256 $ echo hello world | ./streebog256 f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d @end example -It uses @url{http://cr.yp.to/redo.html, redo} build system for that -examples. You can use either dozen of various implementations, or at -least minimalistic POSIX shell @command{contrib/do} (just replace -@command{redo} with @command{contrib/do} in the example above) included -in tarball. - @include download.texi And then you can include its source code in your project for example @@ -50,56 +44,47 @@ $ go run main.go f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d @end example -You @strong{have to} verify downloaded tarballs integrity and -authenticity to be sure that you retrieved trusted and untampered -software. @url{https://www.gnupg.org/, GNU Privacy Guard} is used -for that purpose. - -For the very first time it is necessary to get signing public key and -import it. It is provided below, but you should check alternative -resources. +@include integrity.texi -@verbatim -pub rsa2048/0x82343436696FC85A 2016-09-13 [SC] - CEBD 1282 2C46 9C02 A81A 0467 8234 3436 696F C85A -uid GoGOST releases -@end verbatim - -@itemize - -@item @url{https://lists.cypherpunks.ru/mailman/listinfo/gost, gost} maillist +GoGOST is also @command{go get}-able. For example to install +@command{streebog256} utility: -@item @example -$ gpg --auto-key-locate dane --locate-keys gogost at cypherpunks dot ru -$ gpg --auto-key-locate wkd --locate-keys gogost at cypherpunks dot ru +$ go install go.cypherpunks.ru/gogost/v5/cmd/streebog256@@latest @end example -@item -@verbatiminclude PUBKEY.asc +@code{go.cypherpunks.ru} uses @code{ca.cypherpunks.ru} X.509 CA +authority, that may complicate installation: -@end itemize +@itemize -GoGOST is also @command{go get}-able. For example to use -@command{streebog256} utility: +@item Go's default @code{proxy.golang.org} and @code{sum.golang.org} +services won't be able to verify @code{go.cypherpunks.ru}'s TLS +authenticity, because there are no common trust anchors. You can skip +their usage by setting @env{$GOPRIVATE=go.cypherpunks.ru}. + +@item You can (temporarily) override CA certificate bundle during installation: @example -$ go get go.cypherpunks.ru/gogost/cmd/streebog256 +$ [fetch|wget] http://www.ca.cypherpunks.ru/cert.pem +$ [fetch|wget] http://www.ca.cypherpunks.ru/cert.pem.@{asc,sig,minisig@} +$ gpg --auto-key-locate dane --locate-keys stargrave at stargrave dot org +$ gpg --auto-key-locate wkd --locate-keys stargrave at gnupg dot net +$ gpg --verify cert.pem.asc +$ SSL_CERT_FILE=`pwd`/cert.pem GIT_SSL_CAINFO=`pwd`/cert.pem go get \ + go.cypherpunks.ru/gogost/v5 @end example -If you have problems with @code{*.golang.org}'s inability to verify -authenticity of @code{go.cypherpunks.ru} TLS connection, then you can -disable their usage by setting @env{GOPRIVATE=go.cypherpunks.ru}. You -can override CA certificate file path with @env{SSL_CERT_FILE} and -@env{GIT_SSL_CAINFO} environment variables. - -Also you can use @code{replace} feature inside your @file{go.mod}, like: +@item You can unpack tarball somewhere and use @code{replace} command in +your local @file{go.mod}: @example require go.cypherpunks.ru/gogost/v5 v@value{VERSION} replace go.cypherpunks.ru/gogost/v5 => /path/to/gogost-@value{VERSION} @end example +@end itemize + You can obtain development source code with @command{git clone git://git.cypherpunks.ru/gogost.git} (also you can use @url{https://git.cypherpunks.ru/gogost.git}).