From 107600dede989f0cc479b5a72c5f97e174307154 Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Tue, 1 Oct 2019 11:03:13 +0300 Subject: [PATCH 01/16] ESPTREE --- README | 1 + news.texi | 7 + .../gogost/gost34112012256/esptree.go | 60 ++++++ .../gogost/gost34112012256/esptree_test.go | 192 ++++++++++++++++++ www.texi | 1 + 5 files changed, 261 insertions(+) create mode 100644 src/cypherpunks.ru/gogost/gost34112012256/esptree.go create mode 100644 src/cypherpunks.ru/gogost/gost34112012256/esptree_test.go diff --git a/README b/README index fa05b90..2f37487 100644 --- a/README +++ b/README @@ -20,6 +20,7 @@ GOST is GOvernment STandard of Russian Federation (and Soviet Union). * GOST R 34.13-2015 padding methods * MGM AEAD mode for 64 and 128 bit ciphers * TLSTREE keyscheduling function +* ESPTREE keyscheduling function Known problems: diff --git a/news.texi b/news.texi index dc918f7..5569269 100644 --- a/news.texi +++ b/news.texi @@ -3,6 +3,13 @@ @table @strong +@anchor{Release 4.1} +@item 4.1 + @itemize + @item @code{ESPTREE} implementation + + @end itemize + @anchor{Release 4.0} @item 4.0 @itemize diff --git a/src/cypherpunks.ru/gogost/gost34112012256/esptree.go b/src/cypherpunks.ru/gogost/gost34112012256/esptree.go new file mode 100644 index 0000000..dceaeb7 --- /dev/null +++ b/src/cypherpunks.ru/gogost/gost34112012256/esptree.go @@ -0,0 +1,60 @@ +// GoGOST -- Pure Go GOST cryptographic functions library +// Copyright (C) 2015-2019 Sergey Matveev +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, version 3 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see . + +package gost34112012256 + +import ( + "crypto/subtle" +) + +type ESPTree struct { + keyRoot []byte + isPrev [5]byte + key []byte +} + +func NewESPTree(keyRoot []byte) *ESPTree { + key := make([]byte, len(keyRoot)) + copy(key, keyRoot) + t := &ESPTree{ + keyRoot: key, + key: make([]byte, Size), + } + t.isPrev[0] += 1 // invalidate cache + t.DeriveCached([]byte{0x00, 0x00, 0x00, 0x00, 0x00}) + return t +} + +func (t *ESPTree) DeriveCached(is []byte) ([]byte, bool) { + if len(is) != 1+2+2 { + panic("invalid i1+i2+i3 input") + } + if subtle.ConstantTimeCompare(t.isPrev[:], is) == 1 { + return t.key, true + } + kdf1 := NewKDF(t.keyRoot) + kdf2 := NewKDF(kdf1.Derive(t.key[:0], []byte("level1"), append([]byte{0}, is[0]))) + kdf3 := NewKDF(kdf2.Derive(t.key[:0], []byte("level2"), is[1:3])) + kdf3.Derive(t.key[:0], []byte("level3"), is[3:5]) + copy(t.isPrev[:], is) + return t.key, false +} + +func (t *ESPTree) Derive(is []byte) []byte { + keyDerived := make([]byte, Size) + key, _ := t.DeriveCached(is) + copy(keyDerived, key) + return keyDerived +} diff --git a/src/cypherpunks.ru/gogost/gost34112012256/esptree_test.go b/src/cypherpunks.ru/gogost/gost34112012256/esptree_test.go new file mode 100644 index 0000000..a5c50e6 --- /dev/null +++ b/src/cypherpunks.ru/gogost/gost34112012256/esptree_test.go @@ -0,0 +1,192 @@ +// GoGOST -- Pure Go GOST cryptographic functions library +// Copyright (C) 2015-2019 Sergey Matveev +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, version 3 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see . + +package gost34112012256 + +import ( + "bytes" + "testing" +) + +func TestESPTree(t *testing.T) { + t.Run("1", func(t *testing.T) { + espTree := NewESPTree([]byte{ + 0xB6, 0x18, 0x0C, 0x14, 0x5C, 0x51, 0x2D, 0xBD, + 0x69, 0xD9, 0xCE, 0xA9, 0x2C, 0xAC, 0x1B, 0x5C, + 0xE1, 0xBC, 0xFA, 0x73, 0x79, 0x2D, 0x61, 0xAF, + 0x0B, 0x44, 0x0D, 0x84, 0xB5, 0x22, 0xCC, 0x38, + }) + is := []byte{0x00, 0x00, 0x00, 0x00, 0x00} + got := espTree.Derive(is) + if bytes.Compare(got, []byte{ + 0x2F, 0xF1, 0xC9, 0x0E, 0xDE, 0x78, 0x6E, 0x06, + 0x1E, 0x17, 0xB3, 0x74, 0xD7, 0x82, 0xAF, 0x7B, + 0xD8, 0x80, 0xBD, 0x52, 0x7C, 0x66, 0xA2, 0xBA, + 0xDC, 0x3E, 0x56, 0x9A, 0xAB, 0x27, 0x1D, 0xA4, + }) != 0 { + t.FailNow() + } + if _, cached := espTree.DeriveCached(is); !cached { + t.FailNow() + } + }) + t.Run("2", func(t *testing.T) { + espTree := NewESPTree([]byte{ + 0xB6, 0x18, 0x0C, 0x14, 0x5C, 0x51, 0x2D, 0xBD, + 0x69, 0xD9, 0xCE, 0xA9, 0x2C, 0xAC, 0x1B, 0x5C, + 0xE1, 0xBC, 0xFA, 0x73, 0x79, 0x2D, 0x61, 0xAF, + 0x0B, 0x44, 0x0D, 0x84, 0xB5, 0x22, 0xCC, 0x38, + }) + is := []byte{0x00, 0x00, 0x01, 0x00, 0x01} + got := espTree.Derive(is) + if bytes.Compare(got, []byte{ + 0x9A, 0xBA, 0xC6, 0x57, 0x78, 0x18, 0x0E, 0x6F, + 0x2A, 0xF6, 0x1F, 0xB8, 0xD5, 0x71, 0x62, 0x36, + 0x66, 0xC2, 0xF5, 0x13, 0x0D, 0x54, 0xE2, 0x11, + 0x6C, 0x7D, 0x53, 0x0E, 0x6E, 0x7D, 0x48, 0xBC, + }) != 0 { + t.FailNow() + } + if _, cached := espTree.DeriveCached(is); !cached { + t.FailNow() + } + }) + t.Run("3", func(t *testing.T) { + espTree := NewESPTree([]byte{ + 0x5B, 0x50, 0xBF, 0x33, 0x78, 0x87, 0x02, 0x38, + 0xF3, 0xCA, 0x74, 0x0F, 0xD1, 0x24, 0xBA, 0x6C, + 0x22, 0x83, 0xEF, 0x58, 0x9B, 0xE6, 0xF4, 0x6A, + 0x89, 0x4A, 0xA3, 0x5D, 0x5F, 0x06, 0xB2, 0x03, + }) + is := []byte{0x00, 0x00, 0x00, 0x00, 0x00} + got := espTree.Derive(is) + if bytes.Compare(got, []byte{ + 0x25, 0x65, 0x21, 0xE2, 0x70, 0xB7, 0x4A, 0x16, + 0x4D, 0xFC, 0x26, 0xE6, 0xBF, 0x0C, 0xCA, 0x76, + 0x5E, 0x9D, 0x41, 0x02, 0x7D, 0x4B, 0x7B, 0x19, + 0x76, 0x2B, 0x1C, 0xC9, 0x01, 0xDC, 0xDE, 0x7F, + }) != 0 { + t.FailNow() + } + if _, cached := espTree.DeriveCached(is); !cached { + t.FailNow() + } + }) + t.Run("4", func(t *testing.T) { + espTree := NewESPTree([]byte{ + 0x5B, 0x50, 0xBF, 0x33, 0x78, 0x87, 0x02, 0x38, + 0xF3, 0xCA, 0x74, 0x0F, 0xD1, 0x24, 0xBA, 0x6C, + 0x22, 0x83, 0xEF, 0x58, 0x9B, 0xE6, 0xF4, 0x6A, + 0x89, 0x4A, 0xA3, 0x5D, 0x5F, 0x06, 0xB2, 0x03, + }) + is := []byte{0x00, 0x00, 0x01, 0x00, 0x01} + got := espTree.Derive(is) + if bytes.Compare(got, []byte{ + 0x20, 0xE0, 0x46, 0xD4, 0x09, 0x83, 0x9B, 0x23, + 0xF0, 0x66, 0xA5, 0x0A, 0x7A, 0x06, 0x5B, 0x4A, + 0x39, 0x24, 0x4F, 0x0E, 0x29, 0xEF, 0x1E, 0x6F, + 0x2E, 0x5D, 0x2E, 0x13, 0x55, 0xF5, 0xDA, 0x08, + }) != 0 { + t.FailNow() + } + if _, cached := espTree.DeriveCached(is); !cached { + t.FailNow() + } + }) + t.Run("5", func(t *testing.T) { + espTree := NewESPTree([]byte{ + 0x98, 0xBD, 0x34, 0xCE, 0x3B, 0xE1, 0x9A, 0x34, + 0x65, 0xE4, 0x87, 0xC0, 0x06, 0x48, 0x83, 0xF4, + 0x88, 0xCC, 0x23, 0x92, 0x63, 0xDC, 0x32, 0x04, + 0x91, 0x9B, 0x64, 0x3F, 0xE7, 0x57, 0xB2, 0xBE, + }) + is := []byte{0x00, 0x00, 0x00, 0x00, 0x00} + got := espTree.Derive(is) + if bytes.Compare(got, []byte{ + 0x98, 0xF1, 0x03, 0x01, 0x81, 0x0A, 0x04, 0x1C, + 0xDA, 0xDD, 0xE1, 0xBD, 0x85, 0xA0, 0x8F, 0x21, + 0x8B, 0xAC, 0xB5, 0x7E, 0x00, 0x35, 0xE2, 0x22, + 0xC8, 0x31, 0xE3, 0xE4, 0xF0, 0xA2, 0x0C, 0x8F, + }) != 0 { + t.FailNow() + } + if _, cached := espTree.DeriveCached(is); !cached { + t.FailNow() + } + }) + t.Run("6", func(t *testing.T) { + espTree := NewESPTree([]byte{ + 0x98, 0xBD, 0x34, 0xCE, 0x3B, 0xE1, 0x9A, 0x34, + 0x65, 0xE4, 0x87, 0xC0, 0x06, 0x48, 0x83, 0xF4, + 0x88, 0xCC, 0x23, 0x92, 0x63, 0xDC, 0x32, 0x04, + 0x91, 0x9B, 0x64, 0x3F, 0xE7, 0x57, 0xB2, 0xBE, + }) + is := []byte{0x00, 0x00, 0x00, 0x00, 0x01} + got := espTree.Derive(is) + if bytes.Compare(got, []byte{ + 0x02, 0xC5, 0x41, 0x87, 0x7C, 0xC6, 0x23, 0xF3, + 0xF1, 0x35, 0x91, 0x9A, 0x75, 0x13, 0xB6, 0xF8, + 0xA8, 0xA1, 0x8C, 0xB2, 0x63, 0x99, 0x86, 0x2F, + 0x50, 0x81, 0x4F, 0x52, 0x91, 0x01, 0x67, 0x84, + }) != 0 { + t.FailNow() + } + if _, cached := espTree.DeriveCached(is); !cached { + t.FailNow() + } + }) + t.Run("7", func(t *testing.T) { + espTree := NewESPTree([]byte{ + 0xD0, 0x65, 0xB5, 0x30, 0xFA, 0x20, 0xB8, 0x24, + 0xC7, 0x57, 0x0C, 0x1D, 0x86, 0x2A, 0xE3, 0x39, + 0x2C, 0x1C, 0x07, 0x6D, 0xFA, 0xDA, 0x69, 0x75, + 0x74, 0x4A, 0x07, 0xA8, 0x85, 0x7D, 0xBD, 0x30, + }) + is := []byte{0x00, 0x00, 0x00, 0x00, 0x00} + got := espTree.Derive(is) + if bytes.Compare(got, []byte{ + 0x4C, 0x61, 0x45, 0x99, 0xA0, 0xA0, 0x67, 0xF1, + 0x94, 0x87, 0x24, 0x0A, 0xE1, 0x00, 0xE1, 0xB7, + 0xEA, 0xF2, 0x3E, 0xDA, 0xF8, 0x7E, 0x38, 0x73, + 0x50, 0x86, 0x1C, 0x68, 0x3B, 0xA4, 0x04, 0x46, + }) != 0 { + t.FailNow() + } + if _, cached := espTree.DeriveCached(is); !cached { + t.FailNow() + } + }) + t.Run("8", func(t *testing.T) { + espTree := NewESPTree([]byte{ + 0xD0, 0x65, 0xB5, 0x30, 0xFA, 0x20, 0xB8, 0x24, + 0xC7, 0x57, 0x0C, 0x1D, 0x86, 0x2A, 0xE3, 0x39, + 0x2C, 0x1C, 0x07, 0x6D, 0xFA, 0xDA, 0x69, 0x75, + 0x74, 0x4A, 0x07, 0xA8, 0x85, 0x7D, 0xBD, 0x30, + }) + is := []byte{0x00, 0x00, 0x00, 0x00, 0x01} + got := espTree.Derive(is) + if bytes.Compare(got, []byte{ + 0xB4, 0xF3, 0xF9, 0x0D, 0xC4, 0x87, 0xFA, 0xB8, + 0xC4, 0xAF, 0xD0, 0xEB, 0x45, 0x49, 0xF2, 0xF0, + 0xE4, 0x36, 0x32, 0xB6, 0x79, 0x19, 0x37, 0x2E, + 0x1E, 0x96, 0x09, 0xEA, 0xF0, 0xB8, 0xE2, 0x28, + }) != 0 { + t.FailNow() + } + if _, cached := espTree.DeriveCached(is); !cached { + t.FailNow() + } + }) +} diff --git a/www.texi b/www.texi index 61d3165..116cf20 100644 --- a/www.texi +++ b/www.texi @@ -50,6 +50,7 @@ Currently supported algorithms are: @item GOST R 34.13-2015 padding methods @item MGM AEAD mode for 64 and 128 bit ciphers @item TLSTREE keyscheduling function +@item ESPTREE keyscheduling function @end itemize Please send questions, bug reports and patches to -- 2.44.0 From c07494bbd559b9d00f391e28cfd070e18afe9900 Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Wed, 2 Oct 2019 17:20:57 +0300 Subject: [PATCH 02/16] go.cypherpunks.ru namespace usage --- {src/cypherpunks.ru/gogost/cmd => cmd}/streebog256/main.go | 4 ++-- {src/cypherpunks.ru/gogost/cmd => cmd}/streebog512/main.go | 4 ++-- go.mod | 5 +++++ src/cypherpunks.ru/gogost/go.sum => go.sum | 4 ++-- src/cypherpunks.ru/gogost/gogost.go => gogost.go | 0 .../gogost/gost28147 => gost28147}/cbc_test.go | 0 {src/cypherpunks.ru/gogost/gost28147 => gost28147}/cfb.go | 0 .../gogost/gost28147 => gost28147}/cfb_test.go | 0 {src/cypherpunks.ru/gogost/gost28147 => gost28147}/cipher.go | 0 .../gogost/gost28147 => gost28147}/cipher_test.go | 0 {src/cypherpunks.ru/gogost/gost28147 => gost28147}/ctr.go | 0 .../gogost/gost28147 => gost28147}/ctr_test.go | 0 {src/cypherpunks.ru/gogost/gost28147 => gost28147}/ecb.go | 0 .../gogost/gost28147 => gost28147}/ecb_test.go | 0 {src/cypherpunks.ru/gogost/gost28147 => gost28147}/mac.go | 0 .../gogost/gost28147 => gost28147}/mac_test.go | 0 {src/cypherpunks.ru/gogost/gost28147 => gost28147}/sbox.go | 0 .../cypherpunks.ru/gogost/gost3410 => gost3410}/2001_test.go | 0 .../cypherpunks.ru/gogost/gost3410 => gost3410}/2012_test.go | 0 {src/cypherpunks.ru/gogost/gost3410 => gost3410}/curve.go | 0 {src/cypherpunks.ru/gogost/gost3410 => gost3410}/doc.go | 0 {src/cypherpunks.ru/gogost/gost3410 => gost3410}/edwards.go | 0 {src/cypherpunks.ru/gogost/gost3410 => gost3410}/params.go | 0 {src/cypherpunks.ru/gogost/gost3410 => gost3410}/private.go | 0 .../gogost/gost3410 => gost3410}/private_test.go | 0 {src/cypherpunks.ru/gogost/gost3410 => gost3410}/public.go | 0 {src/cypherpunks.ru/gogost/gost3410 => gost3410}/ukm.go | 0 {src/cypherpunks.ru/gogost/gost3410 => gost3410}/utils.go | 0 {src/cypherpunks.ru/gogost/gost3410 => gost3410}/vko.go | 0 {src/cypherpunks.ru/gogost/gost3410 => gost3410}/vko2001.go | 4 ++-- .../gogost/gost3410 => gost3410}/vko2001_test.go | 0 {src/cypherpunks.ru/gogost/gost3410 => gost3410}/vko2012.go | 4 ++-- .../gogost/gost3410 => gost3410}/vko2012_test.go | 0 .../gogost/gost34112012256 => gost34112012256}/esptree.go | 0 .../gost34112012256 => gost34112012256}/esptree_test.go | 0 .../gogost/gost34112012256 => gost34112012256}/hash.go | 2 +- .../gogost/gost34112012256 => gost34112012256}/hkdf_test.go | 0 .../gogost/gost34112012256 => gost34112012256}/kdf.go | 0 .../gogost/gost34112012256 => gost34112012256}/kdf_test.go | 0 .../gogost/gost34112012256 => gost34112012256}/tlstree.go | 0 .../gost34112012256 => gost34112012256}/tlstree_test.go | 0 .../gogost/gost34112012512 => gost34112012512}/hash.go | 2 +- {src/cypherpunks.ru/gogost/gost341194 => gost341194}/hash.go | 2 +- .../gogost/gost341194 => gost341194}/hash_test.go | 2 +- .../gogost/gost341194 => gost341194}/pbkdf2_test.go | 2 +- .../gogost/gost3412128 => gost3412128}/cipher.go | 0 .../gogost/gost3412128 => gost3412128}/cipher_test.go | 0 .../gogost/gost341264 => gost341264}/cipher.go | 2 +- .../gogost/gost341264 => gost341264}/cipher_test.go | 0 {src/cypherpunks.ru/gogost/gost3413 => gost3413}/padding.go | 0 .../gogost/internal => internal}/gost34112012/hash.go | 0 .../gogost/internal => internal}/gost34112012/hash_test.go | 0 .../gogost/internal => internal}/gost34112012/hmac_test.go | 0 {src/cypherpunks.ru/gogost/mgm => mgm}/mode.go | 0 {src/cypherpunks.ru/gogost/mgm => mgm}/mode_test.go | 4 ++-- {src/cypherpunks.ru/gogost/mgm => mgm}/mul.go | 0 {src/cypherpunks.ru/gogost/mgm => mgm}/mul_test.go | 4 ++-- {src/cypherpunks.ru/gogost/mgm => mgm}/slice.go | 0 src/cypherpunks.ru/gogost/go.mod | 5 ----- 59 files changed, 25 insertions(+), 25 deletions(-) rename {src/cypherpunks.ru/gogost/cmd => cmd}/streebog256/main.go (93%) rename {src/cypherpunks.ru/gogost/cmd => cmd}/streebog512/main.go (93%) create mode 100644 go.mod rename src/cypherpunks.ru/gogost/go.sum => go.sum (76%) rename src/cypherpunks.ru/gogost/gogost.go => gogost.go (100%) rename {src/cypherpunks.ru/gogost/gost28147 => gost28147}/cbc_test.go (100%) rename {src/cypherpunks.ru/gogost/gost28147 => gost28147}/cfb.go (100%) rename {src/cypherpunks.ru/gogost/gost28147 => gost28147}/cfb_test.go (100%) rename {src/cypherpunks.ru/gogost/gost28147 => gost28147}/cipher.go (100%) rename {src/cypherpunks.ru/gogost/gost28147 => gost28147}/cipher_test.go (100%) rename {src/cypherpunks.ru/gogost/gost28147 => gost28147}/ctr.go (100%) rename {src/cypherpunks.ru/gogost/gost28147 => gost28147}/ctr_test.go (100%) rename {src/cypherpunks.ru/gogost/gost28147 => gost28147}/ecb.go (100%) rename {src/cypherpunks.ru/gogost/gost28147 => gost28147}/ecb_test.go (100%) rename {src/cypherpunks.ru/gogost/gost28147 => gost28147}/mac.go (100%) rename {src/cypherpunks.ru/gogost/gost28147 => gost28147}/mac_test.go (100%) rename {src/cypherpunks.ru/gogost/gost28147 => gost28147}/sbox.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/2001_test.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/2012_test.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/curve.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/doc.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/edwards.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/params.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/private.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/private_test.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/public.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/ukm.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/utils.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/vko.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/vko2001.go (93%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/vko2001_test.go (100%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/vko2012.go (93%) rename {src/cypherpunks.ru/gogost/gost3410 => gost3410}/vko2012_test.go (100%) rename {src/cypherpunks.ru/gogost/gost34112012256 => gost34112012256}/esptree.go (100%) rename {src/cypherpunks.ru/gogost/gost34112012256 => gost34112012256}/esptree_test.go (100%) rename {src/cypherpunks.ru/gogost/gost34112012256 => gost34112012256}/hash.go (95%) rename {src/cypherpunks.ru/gogost/gost34112012256 => gost34112012256}/hkdf_test.go (100%) rename {src/cypherpunks.ru/gogost/gost34112012256 => gost34112012256}/kdf.go (100%) rename {src/cypherpunks.ru/gogost/gost34112012256 => gost34112012256}/kdf_test.go (100%) rename {src/cypherpunks.ru/gogost/gost34112012256 => gost34112012256}/tlstree.go (100%) rename {src/cypherpunks.ru/gogost/gost34112012256 => gost34112012256}/tlstree_test.go (100%) rename {src/cypherpunks.ru/gogost/gost34112012512 => gost34112012512}/hash.go (95%) rename {src/cypherpunks.ru/gogost/gost341194 => gost341194}/hash.go (99%) rename {src/cypherpunks.ru/gogost/gost341194 => gost341194}/hash_test.go (99%) rename {src/cypherpunks.ru/gogost/gost341194 => gost341194}/pbkdf2_test.go (98%) rename {src/cypherpunks.ru/gogost/gost3412128 => gost3412128}/cipher.go (100%) rename {src/cypherpunks.ru/gogost/gost3412128 => gost3412128}/cipher_test.go (100%) rename {src/cypherpunks.ru/gogost/gost341264 => gost341264}/cipher.go (98%) rename {src/cypherpunks.ru/gogost/gost341264 => gost341264}/cipher_test.go (100%) rename {src/cypherpunks.ru/gogost/gost3413 => gost3413}/padding.go (100%) rename {src/cypherpunks.ru/gogost/internal => internal}/gost34112012/hash.go (100%) rename {src/cypherpunks.ru/gogost/internal => internal}/gost34112012/hash_test.go (100%) rename {src/cypherpunks.ru/gogost/internal => internal}/gost34112012/hmac_test.go (100%) rename {src/cypherpunks.ru/gogost/mgm => mgm}/mode.go (100%) rename {src/cypherpunks.ru/gogost/mgm => mgm}/mode_test.go (98%) rename {src/cypherpunks.ru/gogost/mgm => mgm}/mul.go (100%) rename {src/cypherpunks.ru/gogost/mgm => mgm}/mul_test.go (94%) rename {src/cypherpunks.ru/gogost/mgm => mgm}/slice.go (100%) delete mode 100644 src/cypherpunks.ru/gogost/go.mod diff --git a/src/cypherpunks.ru/gogost/cmd/streebog256/main.go b/cmd/streebog256/main.go similarity index 93% rename from src/cypherpunks.ru/gogost/cmd/streebog256/main.go rename to cmd/streebog256/main.go index 55d1914..9722168 100644 --- a/src/cypherpunks.ru/gogost/cmd/streebog256/main.go +++ b/cmd/streebog256/main.go @@ -23,8 +23,8 @@ import ( "io" "os" - "cypherpunks.ru/gogost" - "cypherpunks.ru/gogost/gost34112012256" + "go.cypherpunks.ru/gogost/v4" + "go.cypherpunks.ru/gogost/v4/gost34112012256" ) var ( diff --git a/src/cypherpunks.ru/gogost/cmd/streebog512/main.go b/cmd/streebog512/main.go similarity index 93% rename from src/cypherpunks.ru/gogost/cmd/streebog512/main.go rename to cmd/streebog512/main.go index 24afe90..41d0c6a 100644 --- a/src/cypherpunks.ru/gogost/cmd/streebog512/main.go +++ b/cmd/streebog512/main.go @@ -23,8 +23,8 @@ import ( "io" "os" - "cypherpunks.ru/gogost" - "cypherpunks.ru/gogost/gost34112012512" + "go.cypherpunks.ru/gogost/v4" + "go.cypherpunks.ru/gogost/v4/gost34112012512" ) var ( diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..21dce95 --- /dev/null +++ b/go.mod @@ -0,0 +1,5 @@ +module go.cypherpunks.ru/gogost/v4 + +go 1.12 + +require golang.org/x/crypto v0.0.0-20191001170739-f9e2070545dc diff --git a/src/cypherpunks.ru/gogost/go.sum b/go.sum similarity index 76% rename from src/cypherpunks.ru/gogost/go.sum rename to go.sum index b75b87f..a95cc32 100644 --- a/src/cypherpunks.ru/gogost/go.sum +++ b/go.sum @@ -1,6 +1,6 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 h1:HuIa8hRrWRSrqYzx1qI49NNxhdi2PrY7gxVSq1JjLDc= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20191001170739-f9e2070545dc h1:KyTYo8xkh/2WdbFLUyQwBS0Jfn3qfZ9QmuPbok2oENE= +golang.org/x/crypto v0.0.0-20191001170739-f9e2070545dc/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= diff --git a/src/cypherpunks.ru/gogost/gogost.go b/gogost.go similarity index 100% rename from src/cypherpunks.ru/gogost/gogost.go rename to gogost.go diff --git a/src/cypherpunks.ru/gogost/gost28147/cbc_test.go b/gost28147/cbc_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost28147/cbc_test.go rename to gost28147/cbc_test.go diff --git a/src/cypherpunks.ru/gogost/gost28147/cfb.go b/gost28147/cfb.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost28147/cfb.go rename to gost28147/cfb.go diff --git a/src/cypherpunks.ru/gogost/gost28147/cfb_test.go b/gost28147/cfb_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost28147/cfb_test.go rename to gost28147/cfb_test.go diff --git a/src/cypherpunks.ru/gogost/gost28147/cipher.go b/gost28147/cipher.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost28147/cipher.go rename to gost28147/cipher.go diff --git a/src/cypherpunks.ru/gogost/gost28147/cipher_test.go b/gost28147/cipher_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost28147/cipher_test.go rename to gost28147/cipher_test.go diff --git a/src/cypherpunks.ru/gogost/gost28147/ctr.go b/gost28147/ctr.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost28147/ctr.go rename to gost28147/ctr.go diff --git a/src/cypherpunks.ru/gogost/gost28147/ctr_test.go b/gost28147/ctr_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost28147/ctr_test.go rename to gost28147/ctr_test.go diff --git a/src/cypherpunks.ru/gogost/gost28147/ecb.go b/gost28147/ecb.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost28147/ecb.go rename to gost28147/ecb.go diff --git a/src/cypherpunks.ru/gogost/gost28147/ecb_test.go b/gost28147/ecb_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost28147/ecb_test.go rename to gost28147/ecb_test.go diff --git a/src/cypherpunks.ru/gogost/gost28147/mac.go b/gost28147/mac.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost28147/mac.go rename to gost28147/mac.go diff --git a/src/cypherpunks.ru/gogost/gost28147/mac_test.go b/gost28147/mac_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost28147/mac_test.go rename to gost28147/mac_test.go diff --git a/src/cypherpunks.ru/gogost/gost28147/sbox.go b/gost28147/sbox.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost28147/sbox.go rename to gost28147/sbox.go diff --git a/src/cypherpunks.ru/gogost/gost3410/2001_test.go b/gost3410/2001_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/2001_test.go rename to gost3410/2001_test.go diff --git a/src/cypherpunks.ru/gogost/gost3410/2012_test.go b/gost3410/2012_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/2012_test.go rename to gost3410/2012_test.go diff --git a/src/cypherpunks.ru/gogost/gost3410/curve.go b/gost3410/curve.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/curve.go rename to gost3410/curve.go diff --git a/src/cypherpunks.ru/gogost/gost3410/doc.go b/gost3410/doc.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/doc.go rename to gost3410/doc.go diff --git a/src/cypherpunks.ru/gogost/gost3410/edwards.go b/gost3410/edwards.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/edwards.go rename to gost3410/edwards.go diff --git a/src/cypherpunks.ru/gogost/gost3410/params.go b/gost3410/params.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/params.go rename to gost3410/params.go diff --git a/src/cypherpunks.ru/gogost/gost3410/private.go b/gost3410/private.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/private.go rename to gost3410/private.go diff --git a/src/cypherpunks.ru/gogost/gost3410/private_test.go b/gost3410/private_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/private_test.go rename to gost3410/private_test.go diff --git a/src/cypherpunks.ru/gogost/gost3410/public.go b/gost3410/public.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/public.go rename to gost3410/public.go diff --git a/src/cypherpunks.ru/gogost/gost3410/ukm.go b/gost3410/ukm.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/ukm.go rename to gost3410/ukm.go diff --git a/src/cypherpunks.ru/gogost/gost3410/utils.go b/gost3410/utils.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/utils.go rename to gost3410/utils.go diff --git a/src/cypherpunks.ru/gogost/gost3410/vko.go b/gost3410/vko.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/vko.go rename to gost3410/vko.go diff --git a/src/cypherpunks.ru/gogost/gost3410/vko2001.go b/gost3410/vko2001.go similarity index 93% rename from src/cypherpunks.ru/gogost/gost3410/vko2001.go rename to gost3410/vko2001.go index 18fff3e..ed49d8f 100644 --- a/src/cypherpunks.ru/gogost/gost3410/vko2001.go +++ b/gost3410/vko2001.go @@ -19,8 +19,8 @@ import ( "errors" "math/big" - "cypherpunks.ru/gogost/gost28147" - "cypherpunks.ru/gogost/gost341194" + "go.cypherpunks.ru/gogost/v4/gost28147" + "go.cypherpunks.ru/gogost/v4/gost341194" ) // RFC 4357 VKO GOST R 34.10-2001 key agreement function. diff --git a/src/cypherpunks.ru/gogost/gost3410/vko2001_test.go b/gost3410/vko2001_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/vko2001_test.go rename to gost3410/vko2001_test.go diff --git a/src/cypherpunks.ru/gogost/gost3410/vko2012.go b/gost3410/vko2012.go similarity index 93% rename from src/cypherpunks.ru/gogost/gost3410/vko2012.go rename to gost3410/vko2012.go index 836d3a4..7a30b4e 100644 --- a/src/cypherpunks.ru/gogost/gost3410/vko2012.go +++ b/gost3410/vko2012.go @@ -18,8 +18,8 @@ package gost3410 import ( "math/big" - "cypherpunks.ru/gogost/gost34112012256" - "cypherpunks.ru/gogost/gost34112012512" + "go.cypherpunks.ru/gogost/v4/gost34112012256" + "go.cypherpunks.ru/gogost/v4/gost34112012512" ) // RFC 7836 VKO GOST R 34.10-2012 256-bit key agreement function. diff --git a/src/cypherpunks.ru/gogost/gost3410/vko2012_test.go b/gost3410/vko2012_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3410/vko2012_test.go rename to gost3410/vko2012_test.go diff --git a/src/cypherpunks.ru/gogost/gost34112012256/esptree.go b/gost34112012256/esptree.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost34112012256/esptree.go rename to gost34112012256/esptree.go diff --git a/src/cypherpunks.ru/gogost/gost34112012256/esptree_test.go b/gost34112012256/esptree_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost34112012256/esptree_test.go rename to gost34112012256/esptree_test.go diff --git a/src/cypherpunks.ru/gogost/gost34112012256/hash.go b/gost34112012256/hash.go similarity index 95% rename from src/cypherpunks.ru/gogost/gost34112012256/hash.go rename to gost34112012256/hash.go index 30e308b..f1f7e9b 100644 --- a/src/cypherpunks.ru/gogost/gost34112012256/hash.go +++ b/gost34112012256/hash.go @@ -20,7 +20,7 @@ package gost34112012256 import ( "hash" - "cypherpunks.ru/gogost/internal/gost34112012" + "go.cypherpunks.ru/gogost/v4/internal/gost34112012" ) const ( diff --git a/src/cypherpunks.ru/gogost/gost34112012256/hkdf_test.go b/gost34112012256/hkdf_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost34112012256/hkdf_test.go rename to gost34112012256/hkdf_test.go diff --git a/src/cypherpunks.ru/gogost/gost34112012256/kdf.go b/gost34112012256/kdf.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost34112012256/kdf.go rename to gost34112012256/kdf.go diff --git a/src/cypherpunks.ru/gogost/gost34112012256/kdf_test.go b/gost34112012256/kdf_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost34112012256/kdf_test.go rename to gost34112012256/kdf_test.go diff --git a/src/cypherpunks.ru/gogost/gost34112012256/tlstree.go b/gost34112012256/tlstree.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost34112012256/tlstree.go rename to gost34112012256/tlstree.go diff --git a/src/cypherpunks.ru/gogost/gost34112012256/tlstree_test.go b/gost34112012256/tlstree_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost34112012256/tlstree_test.go rename to gost34112012256/tlstree_test.go diff --git a/src/cypherpunks.ru/gogost/gost34112012512/hash.go b/gost34112012512/hash.go similarity index 95% rename from src/cypherpunks.ru/gogost/gost34112012512/hash.go rename to gost34112012512/hash.go index bdfd538..06e1a86 100644 --- a/src/cypherpunks.ru/gogost/gost34112012512/hash.go +++ b/gost34112012512/hash.go @@ -20,7 +20,7 @@ package gost34112012512 import ( "hash" - "cypherpunks.ru/gogost/internal/gost34112012" + "go.cypherpunks.ru/gogost/v4/internal/gost34112012" ) const ( diff --git a/src/cypherpunks.ru/gogost/gost341194/hash.go b/gost341194/hash.go similarity index 99% rename from src/cypherpunks.ru/gogost/gost341194/hash.go rename to gost341194/hash.go index 61d506c..e386ddd 100644 --- a/src/cypherpunks.ru/gogost/gost341194/hash.go +++ b/gost341194/hash.go @@ -21,7 +21,7 @@ import ( "encoding/binary" "math/big" - "cypherpunks.ru/gogost/gost28147" + "go.cypherpunks.ru/gogost/v4/gost28147" ) const ( diff --git a/src/cypherpunks.ru/gogost/gost341194/hash_test.go b/gost341194/hash_test.go similarity index 99% rename from src/cypherpunks.ru/gogost/gost341194/hash_test.go rename to gost341194/hash_test.go index bcd86c5..de5d988 100644 --- a/src/cypherpunks.ru/gogost/gost341194/hash_test.go +++ b/gost341194/hash_test.go @@ -22,7 +22,7 @@ import ( "testing" "testing/quick" - "cypherpunks.ru/gogost/gost28147" + "go.cypherpunks.ru/gogost/v4/gost28147" ) func TestHashInterface(t *testing.T) { diff --git a/src/cypherpunks.ru/gogost/gost341194/pbkdf2_test.go b/gost341194/pbkdf2_test.go similarity index 98% rename from src/cypherpunks.ru/gogost/gost341194/pbkdf2_test.go rename to gost341194/pbkdf2_test.go index 86ecea8..20c5c13 100644 --- a/src/cypherpunks.ru/gogost/gost341194/pbkdf2_test.go +++ b/gost341194/pbkdf2_test.go @@ -20,7 +20,7 @@ import ( "hash" "testing" - "cypherpunks.ru/gogost/gost28147" + "go.cypherpunks.ru/gogost/v4/gost28147" "golang.org/x/crypto/pbkdf2" ) diff --git a/src/cypherpunks.ru/gogost/gost3412128/cipher.go b/gost3412128/cipher.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3412128/cipher.go rename to gost3412128/cipher.go diff --git a/src/cypherpunks.ru/gogost/gost3412128/cipher_test.go b/gost3412128/cipher_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3412128/cipher_test.go rename to gost3412128/cipher_test.go diff --git a/src/cypherpunks.ru/gogost/gost341264/cipher.go b/gost341264/cipher.go similarity index 98% rename from src/cypherpunks.ru/gogost/gost341264/cipher.go rename to gost341264/cipher.go index 53a2792..f308080 100644 --- a/src/cypherpunks.ru/gogost/gost341264/cipher.go +++ b/gost341264/cipher.go @@ -17,7 +17,7 @@ package gost341264 import ( - "cypherpunks.ru/gogost/gost28147" + "go.cypherpunks.ru/gogost/v4/gost28147" ) const ( diff --git a/src/cypherpunks.ru/gogost/gost341264/cipher_test.go b/gost341264/cipher_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost341264/cipher_test.go rename to gost341264/cipher_test.go diff --git a/src/cypherpunks.ru/gogost/gost3413/padding.go b/gost3413/padding.go similarity index 100% rename from src/cypherpunks.ru/gogost/gost3413/padding.go rename to gost3413/padding.go diff --git a/src/cypherpunks.ru/gogost/internal/gost34112012/hash.go b/internal/gost34112012/hash.go similarity index 100% rename from src/cypherpunks.ru/gogost/internal/gost34112012/hash.go rename to internal/gost34112012/hash.go diff --git a/src/cypherpunks.ru/gogost/internal/gost34112012/hash_test.go b/internal/gost34112012/hash_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/internal/gost34112012/hash_test.go rename to internal/gost34112012/hash_test.go diff --git a/src/cypherpunks.ru/gogost/internal/gost34112012/hmac_test.go b/internal/gost34112012/hmac_test.go similarity index 100% rename from src/cypherpunks.ru/gogost/internal/gost34112012/hmac_test.go rename to internal/gost34112012/hmac_test.go diff --git a/src/cypherpunks.ru/gogost/mgm/mode.go b/mgm/mode.go similarity index 100% rename from src/cypherpunks.ru/gogost/mgm/mode.go rename to mgm/mode.go diff --git a/src/cypherpunks.ru/gogost/mgm/mode_test.go b/mgm/mode_test.go similarity index 98% rename from src/cypherpunks.ru/gogost/mgm/mode_test.go rename to mgm/mode_test.go index aedd59b..38d6ee9 100644 --- a/src/cypherpunks.ru/gogost/mgm/mode_test.go +++ b/mgm/mode_test.go @@ -22,8 +22,8 @@ import ( "testing" "testing/quick" - "cypherpunks.ru/gogost/gost3412128" - "cypherpunks.ru/gogost/gost341264" + "go.cypherpunks.ru/gogost/v4/gost3412128" + "go.cypherpunks.ru/gogost/v4/gost341264" ) func TestVector(t *testing.T) { diff --git a/src/cypherpunks.ru/gogost/mgm/mul.go b/mgm/mul.go similarity index 100% rename from src/cypherpunks.ru/gogost/mgm/mul.go rename to mgm/mul.go diff --git a/src/cypherpunks.ru/gogost/mgm/mul_test.go b/mgm/mul_test.go similarity index 94% rename from src/cypherpunks.ru/gogost/mgm/mul_test.go rename to mgm/mul_test.go index 7420859..9a08946 100644 --- a/src/cypherpunks.ru/gogost/mgm/mul_test.go +++ b/mgm/mul_test.go @@ -20,8 +20,8 @@ import ( "math/big" "testing" - "cypherpunks.ru/gogost/gost3412128" - "cypherpunks.ru/gogost/gost341264" + "go.cypherpunks.ru/gogost/v4/gost3412128" + "go.cypherpunks.ru/gogost/v4/gost341264" ) func BenchmarkMul64(b *testing.B) { diff --git a/src/cypherpunks.ru/gogost/mgm/slice.go b/mgm/slice.go similarity index 100% rename from src/cypherpunks.ru/gogost/mgm/slice.go rename to mgm/slice.go diff --git a/src/cypherpunks.ru/gogost/go.mod b/src/cypherpunks.ru/gogost/go.mod deleted file mode 100644 index 2876534..0000000 --- a/src/cypherpunks.ru/gogost/go.mod +++ /dev/null @@ -1,5 +0,0 @@ -module cypherpunks.ru/gogost - -go 1.12 - -require golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 -- 2.44.0 From 30588af8972ef366e0eb9a3e5aac799946de0e1a Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Thu, 3 Oct 2019 11:11:55 +0300 Subject: [PATCH 03/16] Prepare for release --- .gitmodules | 0 INSTALL | 34 +++++++++++++++++++--------------- NEWS | 8 ++++++++ VERSION | 2 +- common.mk | 9 +++++---- download.texi | 36 +++++++++++++++++++++--------------- makedist.sh | 24 +++++++++++++++++++----- news.texi | 6 ++++++ 8 files changed, 79 insertions(+), 40 deletions(-) delete mode 100644 .gitmodules diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index e69de29..0000000 diff --git a/INSTALL b/INSTALL index fedfbac..bf0b19c 100644 --- a/INSTALL +++ b/INSTALL @@ -1,28 +1,29 @@ Preferable way is to download tarball with the signature from official website and, for example, run tests with benchmarks: - % wget http://gogost.cypherpunks.ru/gogost-1.1.tar.xz - % wget http://gogost.cypherpunks.ru/gogost-1.1.tar.xz.sig - % gpg --verify gogost-1.1.tar.xz.sig gogost-1.1.tar.xz - % xz -d < gogost-1.1.tar.xz | tar xf - - % make -C gogost-1.1 all bench - % echo hello world | ./gogost-1.1/streebog256 + $ wget http://gogost.cypherpunks.ru/gogost-4.1.0.tar.xz + $ wget http://gogost.cypherpunks.ru/gogost-4.1.0.tar.xz.sig + $ gpg --verify gogost-4.1.0.tar.xz.sig gogost-4.1.0.tar.xz + $ xz -d < gogost-4.1.0.tar.xz | tar xf - + $ make -C gogost-4.1.0 all bench + $ echo hello world | ./gogost-4.1.0/streebog256 f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d And then you can include its source code in your project for example like this: - % mkdir -p myproj/src - % export GOPATH=$PWD/myproj - % cd myproj/src - % cat > main.go < main.go < Look in PUBKEY.asc file. - % gpg --auto-key-locate dane --locate-keys gogost at cypherpunks dot ru - % gpg --auto-key-locate wkd --locate-keys gogost at cypherpunks dot ru + $ gpg --auto-key-locate dane --locate-keys gogost at cypherpunks dot ru + $ gpg --auto-key-locate wkd --locate-keys gogost at cypherpunks dot ru diff --git a/NEWS b/NEWS index 9b82e8c..452e15a 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,11 @@ +4.1: + * ESPTREE implementation + * CurveIdtc26gost34102012256paramSetB, CurveIdtc26gost34102012256paramSetC, + CurveIdtc26gost34102012256paramSetD curve aliases + * Forbid any later GNU GPL version autousage + (project's licence now is GNU GPLv3 only) + * Project now is go-get-able: go get go.cypherpunks.ru/gogost/v4 + 4.0: * Backward incompatible change: all keys passing to encryption functions are slices now, not the fixed arrays. That heavily diff --git a/VERSION b/VERSION index 5186d07..7d5c902 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -4.0 +4.1 diff --git a/common.mk b/common.mk index e528f9a..c4bb97d 100644 --- a/common.mk +++ b/common.mk @@ -1,12 +1,13 @@ -LDFLAGS = -X cypherpunks.ru/gogost.Version=$(VERSION) +MOD = go.cypherpunks.ru/gogost/v4 +LDFLAGS = -X $(MOD).Version=$(VERSION) all: streebog256 streebog512 streebog256: - GOPATH=$(GOPATH) go build -ldflags "$(LDFLAGS)" cypherpunks.ru/gogost/cmd/streebog256 + GOPATH=$(GOPATH) go build -ldflags "$(LDFLAGS)" $(MOD)/cmd/streebog256 streebog512: - GOPATH=$(GOPATH) go build -ldflags "$(LDFLAGS)" cypherpunks.ru/gogost/cmd/streebog512 + GOPATH=$(GOPATH) go build -ldflags "$(LDFLAGS)" $(MOD)/cmd/streebog512 bench: - GOPATH=$(GOPATH) go test -benchmem -bench . cypherpunks.ru/gogost/... + GOPATH=$(GOPATH) go test -benchmem -bench . $(MOD)/... diff --git a/download.texi b/download.texi index e506a2a..390d3cc 100644 --- a/download.texi +++ b/download.texi @@ -5,12 +5,12 @@ Preferable way is to download tarball with the signature from website and, for example, run tests with benchmarks: @verbatim -% wget http://gogost.cypherpunks.ru/gogost-4.0.tar.xz -% wget http://gogost.cypherpunks.ru/gogost-4.0.tar.xz.sig -% gpg --verify gogost-4.0.tar.xz.sig gogost-4.0.tar.xz -% xz -d < gogost-4.0.tar.xz | tar xf - -% make -C gogost-4.0 all bench -% echo hello world | ./gogost-4.0/streebog256 +$ wget http://gogost.cypherpunks.ru/gogost-4.1.0.tar.xz +$ wget http://gogost.cypherpunks.ru/gogost-4.1.0.tar.xz.sig +$ gpg --verify gogost-4.1.0.tar.xz.sig gogost-4.1.0.tar.xz +$ xz -d < gogost-4.1.0.tar.xz | tar xf - +$ make -C gogost-4.1.0 all bench +$ echo hello world | ./gogost-4.1.0/streebog256 f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d @end verbatim @@ -18,17 +18,18 @@ And then you can include its source code in your project for example like this: @verbatim -% mkdir -p myproj/src -% export GOPATH=$PWD/myproj -% cd myproj/src -% cat > main.go < main.go < @item @verbatim -% gpg --auto-key-locate dane --locate-keys gogost at cypherpunks dot ru -% gpg --auto-key-locate wkd --locate-keys gogost at cypherpunks dot ru +$ gpg --auto-key-locate dane --locate-keys gogost at cypherpunks dot ru +$ gpg --auto-key-locate wkd --locate-keys gogost at cypherpunks dot ru @end verbatim @item diff --git a/makedist.sh b/makedist.sh index 6c79acc..2fbbc35 100755 --- a/makedist.sh +++ b/makedist.sh @@ -9,14 +9,28 @@ git clone . $tmp/gogost-$release cd $tmp/gogost-$release git checkout $release -crypto_path=src/cypherpunks.ru/gogost/vendor/golang.org/x/crypto -mkdir -p $crypto_path -( cd $cur/gopath/pkg/mod/golang.org/x/crypto@v0.0.0-20190701094942-4def268fd1a4 ; \ +mod_name=$(sed -n 's/^module //p' go.mod) +crypto_mod_path=$(sed -n 's#^require \(golang.org/x/crypto\) \(.*\)$#\1@\2#p' go.mod) +mkdir -p src/$mod_name +mv \ + gost28147 \ + gost3410 \ + gost34112012256 \ + gost34112012512 \ + gost341194 \ + gost3412128 \ + gost341264 \ + gost3413 \ + mgm \ + internal gogost.go go.mod go.sum src/$mod_name + +mkdir -p src/golang.org/x/crypto +( cd $GOPATH/pkg/mod/$crypto_mod_path ; \ tar cf - AUTHORS CONTRIBUTORS LICENSE PATENTS README.md pbkdf2 hkdf ) | - tar xfC - $crypto_path + tar xfC - src/golang.org/x/crypto find . -name .git -type d | xargs rm -fr -rm -f www* makedist* TODO +rm -f www* news.texi style.css makedist* TODO find . -type d -exec chmod 700 {} \; find . -type f -exec chmod 600 {} \; diff --git a/news.texi b/news.texi index 5569269..91449e2 100644 --- a/news.texi +++ b/news.texi @@ -7,6 +7,12 @@ @item 4.1 @itemize @item @code{ESPTREE} implementation + @item @code{CurveIdtc26gost34102012256paramSetB}, + @code{CurveIdtc26gost34102012256paramSetC}, + @code{CurveIdtc26gost34102012256paramSetD} curve aliases + @item Forbid any later GNU GPL version autousage + (project's licence now is GNU GPLv3 only) + @item Project now is go-get-able: @command{go get go.cypherpunks.ru/gogost/v4} @end itemize -- 2.44.0 From 124a11069e1ed7b617a740341d90d6a269bdd41b Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Thu, 3 Oct 2019 13:56:30 +0300 Subject: [PATCH 04/16] Work with v-prefixed versions --- makedist.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makedist.sh b/makedist.sh index 2fbbc35..18ccc41 100755 --- a/makedist.sh +++ b/makedist.sh @@ -7,7 +7,7 @@ release=$1 git clone . $tmp/gogost-$release cd $tmp/gogost-$release -git checkout $release +git checkout v$release mod_name=$(sed -n 's/^module //p' go.mod) crypto_mod_path=$(sed -n 's#^require \(golang.org/x/crypto\) \(.*\)$#\1@\2#p' go.mod) -- 2.44.0 From 9c077144213d28d7cdfa2d4383b0a3677458a2ea Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Thu, 3 Oct 2019 13:58:03 +0300 Subject: [PATCH 05/16] Include cmd in source code tree --- makedist.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makedist.sh b/makedist.sh index 18ccc41..5aa690f 100755 --- a/makedist.sh +++ b/makedist.sh @@ -22,7 +22,7 @@ mv \ gost341264 \ gost3413 \ mgm \ - internal gogost.go go.mod go.sum src/$mod_name + cmd internal gogost.go go.mod go.sum src/$mod_name mkdir -p src/golang.org/x/crypto ( cd $GOPATH/pkg/mod/$crypto_mod_path ; \ -- 2.44.0 From 208ade9f5eec08a8903b9c224449f3e5e652b1a2 Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Thu, 3 Oct 2019 15:05:04 +0300 Subject: [PATCH 06/16] No website related files in tarball --- makedist.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makedist.sh b/makedist.sh index 5aa690f..7ed9a15 100755 --- a/makedist.sh +++ b/makedist.sh @@ -30,7 +30,7 @@ mkdir -p src/golang.org/x/crypto tar xfC - src/golang.org/x/crypto find . -name .git -type d | xargs rm -fr -rm -f www* news.texi style.css makedist* TODO +rm -f *.texi www.mk style.css makedist* TODO find . -type d -exec chmod 700 {} \; find . -type f -exec chmod 600 {} \; -- 2.44.0 From ff7db92b63036f4a13b35a29808f7a2c84d51bd7 Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Thu, 3 Oct 2019 14:00:04 +0300 Subject: [PATCH 07/16] Download link for 4.1.0 release --- download.texi | 5 +++++ news.texi | 8 ++++---- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/download.texi b/download.texi index 390d3cc..cacd24b 100644 --- a/download.texi +++ b/download.texi @@ -51,6 +51,11 @@ $ go get go.cypherpunks.ru/gogost/cmd/streebog256 @multitable {XXXXX} {XXXX-XX-XX} {XXXX KiB} {link sign} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} @headitem Version @tab Date @tab Size @tab Tarball @tab SHA256 checksum @tab Streebog-256 checksum +@item @ref{Release 4.1.0, 4.1.0} @tab 2019-10-03 @tab 55 KiB +@tab @url{gogost-4.1.0.tar.xz, link} @url{gogost-4.1.0.tar.xz.sig, sign} +@tab @code{F2FEF2E0 ADEB5742 FA2B3338 64E8B91B 3CCAA97D 5BA62177 21E08A11 F1FA8133} +@tab @code{72e0d52aa25158ab1bb45e5498ce703b516c616b71101b74d5ee259f516c4e91} + @item @ref{Release 4.0, 4.0} @tab 2019-08-12 @tab 56 KiB @tab @url{gogost-4.0.tar.xz, link} @url{gogost-4.0.tar.xz.sig, sign} @tab @code{4899B930 2110C9A9 592821D6 B206146F 2A66FC5A 3DEE9D6E 11F5EA51 72FEE6E6} diff --git a/news.texi b/news.texi index 91449e2..8fde0ef 100644 --- a/news.texi +++ b/news.texi @@ -3,8 +3,8 @@ @table @strong -@anchor{Release 4.1} -@item 4.1 +@anchor{Release 4.1.0} +@item 4.1.0 @itemize @item @code{ESPTREE} implementation @item @code{CurveIdtc26gost34102012256paramSetB}, @@ -12,8 +12,8 @@ @code{CurveIdtc26gost34102012256paramSetD} curve aliases @item Forbid any later GNU GPL version autousage (project's licence now is GNU GPLv3 only) - @item Project now is go-get-able: @command{go get go.cypherpunks.ru/gogost/v4} - + @item Project now is @command{go get}-able: + @command{go get go.cypherpunks.ru/gogost/v4} @end itemize @anchor{Release 4.0} -- 2.44.0 From 1510f0036d4f2df6af3e7004b0d252ca6a851544 Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Thu, 3 Oct 2019 15:16:35 +0300 Subject: [PATCH 08/16] Corrected go get command examples --- NEWS | 6 ++++-- news.texi | 6 ++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/NEWS b/NEWS index 452e15a..5b13d25 100644 --- a/NEWS +++ b/NEWS @@ -1,10 +1,12 @@ -4.1: +4.1.0: * ESPTREE implementation * CurveIdtc26gost34102012256paramSetB, CurveIdtc26gost34102012256paramSetC, CurveIdtc26gost34102012256paramSetD curve aliases * Forbid any later GNU GPL version autousage (project's licence now is GNU GPLv3 only) - * Project now is go-get-able: go get go.cypherpunks.ru/gogost/v4 + * Project now is go get-able and uses go.cypherpunks.ru namespace: + go get go.cypherpunks.ru/gogost + go get go.cypherpunks.ru/gogost/cmd/streebog{256,512} 4.0: * Backward incompatible change: all keys passing to encryption diff --git a/news.texi b/news.texi index 8fde0ef..12acd2e 100644 --- a/news.texi +++ b/news.texi @@ -12,8 +12,10 @@ @code{CurveIdtc26gost34102012256paramSetD} curve aliases @item Forbid any later GNU GPL version autousage (project's licence now is GNU GPLv3 only) - @item Project now is @command{go get}-able: - @command{go get go.cypherpunks.ru/gogost/v4} + @item Project now is @command{go get}-able and uses + @code{go.cypherpunks.ru} namespace: + @command{go get go.cypherpunks.ru/gogost}, + @command{go get go.cypherpunks.ru/gogost/cmd/streebog@{256,512@}}. @end itemize @anchor{Release 4.0} -- 2.44.0 From 830040ac890e529af5f4b58574a6835d2b91e493 Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Thu, 3 Oct 2019 15:36:53 +0300 Subject: [PATCH 09/16] Let "hello world" string be the same in every example --- INSTALL | 4 ++-- download.texi | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/INSTALL b/INSTALL index bf0b19c..690ba98 100644 --- a/INSTALL +++ b/INSTALL @@ -28,12 +28,12 @@ like this: func main() { h := gost34112012256.New() - h.Write([]byte("hello world")) + h.Write([]byte("hello world\n")) fmt.Println(hex.EncodeToString(h.Sum(nil))) } EOF $ go run main.go - c600fd9dd049cf8abd2f5b32e840d2cb0e41ea44de1c155dcd88dc84fe58a855 + f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d GoGOST is also go-get-able. For example to use streebog256 utility: diff --git a/download.texi b/download.texi index cacd24b..bfdc5bc 100644 --- a/download.texi +++ b/download.texi @@ -34,12 +34,12 @@ import ( func main() { h := gost34112012256.New() - h.Write([]byte("hello world")) + h.Write([]byte("hello world\n")) fmt.Println(hex.EncodeToString(h.Sum(nil))) } EOF $ go run main.go -c600fd9dd049cf8abd2f5b32e840d2cb0e41ea44de1c155dcd88dc84fe58a855 +f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d @end verbatim GoGOST is also @command{go get}-able. For example to use -- 2.44.0 From 0cd98b2e4b70e33a24d79a6ceea6b39b1016e0bf Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Fri, 4 Oct 2019 16:10:45 +0300 Subject: [PATCH 10/16] Use UNKNOWN version by default --- gogost.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gogost.go b/gogost.go index 767e461..de5246b 100644 --- a/gogost.go +++ b/gogost.go @@ -2,5 +2,5 @@ package gogost var ( - Version string + Version string = "UNKNOWN" ) -- 2.44.0 From 1d33d2df82ec0580eedd7e9facb72c0e9096a37c Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Fri, 4 Oct 2019 16:11:05 +0300 Subject: [PATCH 11/16] Fix version --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 7d5c902..ee74734 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -4.1 +4.1.0 -- 2.44.0 From 7da9d112af869533c29ab19cee07013e94c8fac2 Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Tue, 8 Oct 2019 14:13:47 +0300 Subject: [PATCH 12/16] Mention CACert, GOPRIVATE and go.mod-replace during installation --- INSTALL | 20 ++++++++++++++++---- download.texi | 26 ++++++++++++++++++++------ 2 files changed, 36 insertions(+), 10 deletions(-) diff --git a/INSTALL b/INSTALL index 690ba98..06e6e67 100644 --- a/INSTALL +++ b/INSTALL @@ -35,10 +35,6 @@ like this: $ go run main.go f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d -GoGOST is also go-get-able. For example to use streebog256 utility: - - $ go get go.cypherpunks.ru/gogost/cmd/streebog256 - You have to verify downloaded tarballs integrity and authenticity to be sure that you retrieved trusted and untampered software. GNU Privacy Guard is used for that purpose. @@ -54,3 +50,19 @@ resources. Look in PUBKEY.asc file. $ gpg --auto-key-locate dane --locate-keys gogost at cypherpunks dot ru $ gpg --auto-key-locate wkd --locate-keys gogost at cypherpunks dot ru + +GoGOST is also go-get-able. For example to use streebog256 utility: + + $ go get go.cypherpunks.ru/gogost/cmd/streebog256 + +go.cypherpunks.ru uses CACert.org certificate authority, that is not +included by default in some operating system distributions and probably +you have to install it in your system, because "go get" uses HTTPS +connections. If you have issues using either sum.golang.org or +proxy.golang.org, then you can disable their usage with +GOPRIVATE=go.cypherpunks.ru/gogost environment variable. + +Also you can use "replace" feature inside your go.mod, like: + + require go.cypherpunks.ru/gogost/v4 v4.1.0 + replace go.cypherpunks.ru/gogost/v4 => /home/stargrave/gogost-4.1.0/src/go.cypherpunks.ru/gogost/v4 diff --git a/download.texi b/download.texi index bfdc5bc..0110f45 100644 --- a/download.texi +++ b/download.texi @@ -42,12 +42,6 @@ $ go run main.go f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d @end verbatim -GoGOST is also @command{go get}-able. For example to use -@command{streebog256} utility: -@verbatim -$ go get go.cypherpunks.ru/gogost/cmd/streebog256 -@end verbatim - @multitable {XXXXX} {XXXX-XX-XX} {XXXX KiB} {link sign} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} @headitem Version @tab Date @tab Size @tab Tarball @tab SHA256 checksum @tab Streebog-256 checksum @@ -113,6 +107,26 @@ $ gpg --auto-key-locate wkd --locate-keys gogost at cypherpunks dot ru @end itemize +GoGOST is also @command{go get}-able. For example to use +@command{streebog256} utility: +@verbatim +$ go get go.cypherpunks.ru/gogost/cmd/streebog256 +@end verbatim + +@code{go.cypherpunks.ru} uses @url{https://www.cacert.org/, CACert.org} +certificate authority, that is not included by default in some operating +system distributions and probably you have to install it in your system, +because @command{go get} uses HTTPS connections. If you have issues +using either @code{sum.golang.org} or @code{proxy.golang.org}, then you +can disable their usage with @env{GOPRIVATE=go.cypherpunks.ru/gogost} +environment variable. + +Also you can use @code{replace} feature inside your @file{go.mod}, like: +@verbatim +require go.cypherpunks.ru/gogost/v4 v4.1.0 +replace go.cypherpunks.ru/gogost/v4 => /home/stargrave/gogost-4.1.0/src/go.cypherpunks.ru/gogost/v4 +@end verbatim + You can obtain development source code by cloning @url{http://git-scm.com/, Git} @url{https://git.cypherpunks.ru/cgit.cgi/gogost.git/}. -- 2.44.0 From 7d43d5553eb4514fae95200be4033cbe6757b14f Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Wed, 9 Oct 2019 16:09:43 +0300 Subject: [PATCH 13/16] Direct link to Git repository --- download.texi | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/download.texi b/download.texi index 0110f45..e264247 100644 --- a/download.texi +++ b/download.texi @@ -127,6 +127,5 @@ require go.cypherpunks.ru/gogost/v4 v4.1.0 replace go.cypherpunks.ru/gogost/v4 => /home/stargrave/gogost-4.1.0/src/go.cypherpunks.ru/gogost/v4 @end verbatim -You can obtain development source code by cloning -@url{http://git-scm.com/, Git} -@url{https://git.cypherpunks.ru/cgit.cgi/gogost.git/}. +You can obtain development source code with +@command{git clone git://git.cypherpunks.ru/gogost.git}. -- 2.44.0 From 1072e0c400df930802a114c8f76b477ae934738b Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Fri, 18 Oct 2019 11:00:29 +0300 Subject: [PATCH 14/16] Mention IKETREE the same as ESPTREE --- README | 2 +- news.texi | 2 +- www.texi | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README b/README index 2f37487..d3208ba 100644 --- a/README +++ b/README @@ -20,7 +20,7 @@ GOST is GOvernment STandard of Russian Federation (and Soviet Union). * GOST R 34.13-2015 padding methods * MGM AEAD mode for 64 and 128 bit ciphers * TLSTREE keyscheduling function -* ESPTREE keyscheduling function +* ESPTREE/IKETREE (IKE* is the same as ESP*) keyscheduling function Known problems: diff --git a/news.texi b/news.texi index 12acd2e..7e09a27 100644 --- a/news.texi +++ b/news.texi @@ -6,7 +6,7 @@ @anchor{Release 4.1.0} @item 4.1.0 @itemize - @item @code{ESPTREE} implementation + @item @code{ESPTREE}/@code{IKETREE} implementation @item @code{CurveIdtc26gost34102012256paramSetB}, @code{CurveIdtc26gost34102012256paramSetC}, @code{CurveIdtc26gost34102012256paramSetD} curve aliases diff --git a/www.texi b/www.texi index 116cf20..efacc32 100644 --- a/www.texi +++ b/www.texi @@ -50,7 +50,7 @@ Currently supported algorithms are: @item GOST R 34.13-2015 padding methods @item MGM AEAD mode for 64 and 128 bit ciphers @item TLSTREE keyscheduling function -@item ESPTREE keyscheduling function +@item ESPTREE/IKETREE (IKE* is the same as ESP*) keyscheduling function @end itemize Please send questions, bug reports and patches to -- 2.44.0 From ce6c45e481a59d843a3b9caab55608c738aac2f4 Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Fri, 18 Oct 2019 10:59:08 +0300 Subject: [PATCH 15/16] PRF_IPSEC_PRFPLUS_GOSTR3411_2012_{256,512} --- INSTALL | 18 +++++----- NEWS | 6 +++- VERSION | 2 +- download.texi | 18 +++++----- makedist.sh | 1 + news.texi | 8 +++++ prfplus/gost.go | 46 +++++++++++++++++++++++++ prfplus/gost_test.go | 81 ++++++++++++++++++++++++++++++++++++++++++++ prfplus/plus.go | 47 +++++++++++++++++++++++++ 9 files changed, 207 insertions(+), 20 deletions(-) create mode 100644 prfplus/gost.go create mode 100644 prfplus/gost_test.go create mode 100644 prfplus/plus.go diff --git a/INSTALL b/INSTALL index 06e6e67..22565ef 100644 --- a/INSTALL +++ b/INSTALL @@ -1,19 +1,19 @@ Preferable way is to download tarball with the signature from official website and, for example, run tests with benchmarks: - $ wget http://gogost.cypherpunks.ru/gogost-4.1.0.tar.xz - $ wget http://gogost.cypherpunks.ru/gogost-4.1.0.tar.xz.sig - $ gpg --verify gogost-4.1.0.tar.xz.sig gogost-4.1.0.tar.xz - $ xz -d < gogost-4.1.0.tar.xz | tar xf - - $ make -C gogost-4.1.0 all bench - $ echo hello world | ./gogost-4.1.0/streebog256 + $ wget http://gogost.cypherpunks.ru/gogost-4.2.0.tar.xz + $ wget http://gogost.cypherpunks.ru/gogost-4.2.0.tar.xz.sig + $ gpg --verify gogost-4.2.0.tar.xz.sig gogost-4.2.0.tar.xz + $ xz -d < gogost-4.2.0.tar.xz | tar xf - + $ make -C gogost-4.2.0 all bench + $ echo hello world | ./gogost-4.2.0/streebog256 f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d And then you can include its source code in your project for example like this: $ mkdir -p myproj/src - $ cp -r gogost-4.1.0/src/go.cypherpunks.ru myproj/src + $ cp -r gogost-4.2.0/src/go.cypherpunks.ru myproj/src $ export GOPATH=$PWD/myproj $ cd myproj/src $ cat > main.go < /home/stargrave/gogost-4.1.0/src/go.cypherpunks.ru/gogost/v4 + require go.cypherpunks.ru/gogost/v4 v4.2.0 + replace go.cypherpunks.ru/gogost/v4 => /home/stargrave/gogost-4.2.0/src/go.cypherpunks.ru/gogost/v4 diff --git a/NEWS b/NEWS index 5b13d25..1723442 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,9 @@ +4.2.0: + * PRF_IPSEC_PRFPLUS_GOSTR3411_2012_{256,512} implementation + * Generic prf+ function (taken from IKEv2) implementation + 4.1.0: - * ESPTREE implementation + * ESPTREE/IKETREE implementation * CurveIdtc26gost34102012256paramSetB, CurveIdtc26gost34102012256paramSetC, CurveIdtc26gost34102012256paramSetD curve aliases * Forbid any later GNU GPL version autousage diff --git a/VERSION b/VERSION index ee74734..6aba2b2 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -4.1.0 +4.2.0 diff --git a/download.texi b/download.texi index e264247..fde8fda 100644 --- a/download.texi +++ b/download.texi @@ -5,12 +5,12 @@ Preferable way is to download tarball with the signature from website and, for example, run tests with benchmarks: @verbatim -$ wget http://gogost.cypherpunks.ru/gogost-4.1.0.tar.xz -$ wget http://gogost.cypherpunks.ru/gogost-4.1.0.tar.xz.sig -$ gpg --verify gogost-4.1.0.tar.xz.sig gogost-4.1.0.tar.xz -$ xz -d < gogost-4.1.0.tar.xz | tar xf - -$ make -C gogost-4.1.0 all bench -$ echo hello world | ./gogost-4.1.0/streebog256 +$ wget http://gogost.cypherpunks.ru/gogost-4.2.0.tar.xz +$ wget http://gogost.cypherpunks.ru/gogost-4.2.0.tar.xz.sig +$ gpg --verify gogost-4.2.0.tar.xz.sig gogost-4.2.0.tar.xz +$ xz -d < gogost-4.2.0.tar.xz | tar xf - +$ make -C gogost-4.2.0 all bench +$ echo hello world | ./gogost-4.2.0/streebog256 f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d @end verbatim @@ -19,7 +19,7 @@ like this: @verbatim $ mkdir -p myproj/src -$ cp -r gogost-4.1.0/src/go.cypherpunks.ru myproj/src +$ cp -r gogost-4.2.0/src/go.cypherpunks.ru myproj/src $ export GOPATH=$PWD/myproj $ cd myproj/src $ cat > main.go < /home/stargrave/gogost-4.1.0/src/go.cypherpunks.ru/gogost/v4 +require go.cypherpunks.ru/gogost/v4 v4.2.0 +replace go.cypherpunks.ru/gogost/v4 => /home/stargrave/gogost-4.2.0/src/go.cypherpunks.ru/gogost/v4 @end verbatim You can obtain development source code with diff --git a/makedist.sh b/makedist.sh index 7ed9a15..879a373 100755 --- a/makedist.sh +++ b/makedist.sh @@ -22,6 +22,7 @@ mv \ gost341264 \ gost3413 \ mgm \ + prfplus \ cmd internal gogost.go go.mod go.sum src/$mod_name mkdir -p src/golang.org/x/crypto diff --git a/news.texi b/news.texi index 7e09a27..01fb655 100644 --- a/news.texi +++ b/news.texi @@ -3,6 +3,14 @@ @table @strong +@anchor{Release 4.2.0} +@item 4.2.0 + @itemize + @item @code{PRF_IPSEC_PRFPLUS_GOSTR3411_2012_@{256,512@}} implementation + @item Generic @code{prf+} function (taken from IKEv2 + (@url{https://tools.ietf.org/html/rfc5831.html, RFC 7296})) + @end itemize + @anchor{Release 4.1.0} @item 4.1.0 @itemize diff --git a/prfplus/gost.go b/prfplus/gost.go new file mode 100644 index 0000000..659b5b4 --- /dev/null +++ b/prfplus/gost.go @@ -0,0 +1,46 @@ +// GoGOST -- Pure Go GOST cryptographic functions library +// Copyright (C) 2015-2019 Sergey Matveev +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, version 3 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see . + +// PRF_IPSEC_PRFPLUS_GOSTR3411_2012_{256,512} as defined in R 50.1.113-2016. +package prfplus + +import ( + "crypto/hmac" + "hash" + + "go.cypherpunks.ru/gogost/v4/gost34112012256" + "go.cypherpunks.ru/gogost/v4/gost34112012512" +) + +type PRFIPsecPRFPlusGOSTR34112012 struct{ h hash.Hash } + +func NewPRFIPsecPRFPlusGOSTR34112012256(key []byte) PRFForPlus { + return PRFIPsecPRFPlusGOSTR34112012{hmac.New(gost34112012256.New, key)} +} + +func NewPRFIPsecPRFPlusGOSTR34112012512(key []byte) PRFForPlus { + return PRFIPsecPRFPlusGOSTR34112012{hmac.New(gost34112012512.New, key)} +} + +func (prf PRFIPsecPRFPlusGOSTR34112012) BlockSize() int { + return prf.h.Size() +} + +func (prf PRFIPsecPRFPlusGOSTR34112012) Derive(salt []byte) []byte { + prf.h.Write(salt) + sum := prf.h.Sum(nil) + prf.h.Reset() + return sum +} diff --git a/prfplus/gost_test.go b/prfplus/gost_test.go new file mode 100644 index 0000000..300d76c --- /dev/null +++ b/prfplus/gost_test.go @@ -0,0 +1,81 @@ +// GoGOST -- Pure Go GOST cryptographic functions library +// Copyright (C) 2015-2019 Sergey Matveev +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, version 3 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see . + +package prfplus + +import ( + "bytes" + "testing" +) + +func TestPRFIPsecPRFPlusGOSTR34112012256(t *testing.T) { + prf := NewPRFIPsecPRFPlusGOSTR34112012256([]byte{ + 0xC9, 0xA9, 0xA7, 0x73, 0x20, 0xE2, 0xCC, 0x55, + 0x9E, 0xD7, 0x2D, 0xCE, 0x6F, 0x47, 0xE2, 0x19, + 0x2C, 0xCE, 0xA9, 0x5F, 0xA6, 0x48, 0x67, 0x05, + 0x82, 0xC0, 0x54, 0xC0, 0xEF, 0x36, 0xC2, 0x21, + }) + dst := make([]byte, 64) + PRFPlus(prf, dst, []byte{ + 0x01, 0x26, 0xBD, 0xB8, 0x78, 0x00, 0x1D, 0x80, + 0x60, 0x3C, 0x85, 0x44, 0xC7, 0x27, 0x01, 0x00, + }) + if bytes.Compare(dst, []byte{ + 0x2D, 0xE5, 0xEE, 0x84, 0xE1, 0x3D, 0x7B, 0xE5, + 0x36, 0x16, 0x67, 0x39, 0x13, 0x37, 0x0A, 0xB0, + 0x54, 0xC0, 0x74, 0xB7, 0x9B, 0x69, 0xA8, 0xA8, + 0x46, 0x82, 0xA9, 0xF0, 0x4F, 0xEC, 0xD5, 0x87, + 0x29, 0xF6, 0x0D, 0xDA, 0x45, 0x7B, 0xF2, 0x19, + 0xAA, 0x2E, 0xF9, 0x5D, 0x7A, 0x59, 0xBE, 0x95, + 0x4D, 0xE0, 0x08, 0xF4, 0xA5, 0x0D, 0x50, 0x4D, + 0xBD, 0xB6, 0x90, 0xBE, 0x68, 0x06, 0x01, 0x53, + }) != 0 { + t.FailNow() + } +} + +func TestPRFIPsecPRFPlusGOSTR34112012512(t *testing.T) { + prf := NewPRFIPsecPRFPlusGOSTR34112012512([]byte{ + 0xC9, 0xA9, 0xA7, 0x73, 0x20, 0xE2, 0xCC, 0x55, + 0x9E, 0xD7, 0x2D, 0xCE, 0x6F, 0x47, 0xE2, 0x19, + 0x2C, 0xCE, 0xA9, 0x5F, 0xA6, 0x48, 0x67, 0x05, + 0x82, 0xC0, 0x54, 0xC0, 0xEF, 0x36, 0xC2, 0x21, + }) + dst := make([]byte, 128) + PRFPlus(prf, dst, []byte{ + 0x01, 0x26, 0xBD, 0xB8, 0x78, 0x00, 0x1D, 0x80, + 0x60, 0x3C, 0x85, 0x44, 0xC7, 0x27, 0x01, 0x00, + }) + if bytes.Compare(dst, []byte{ + 0x5D, 0xA6, 0x71, 0x43, 0xA5, 0xF1, 0x2A, 0x6D, + 0x6E, 0x47, 0x42, 0x59, 0x6F, 0x39, 0x24, 0x3F, + 0xCC, 0x61, 0x57, 0x45, 0x91, 0x5B, 0x32, 0x59, + 0x10, 0x06, 0xFF, 0x78, 0xA2, 0x08, 0x63, 0xD5, + 0xF8, 0x8E, 0x4A, 0xFC, 0x17, 0xFB, 0xBE, 0x70, + 0xB9, 0x50, 0x95, 0x73, 0xDB, 0x00, 0x5E, 0x96, + 0x26, 0x36, 0x98, 0x46, 0xCB, 0x86, 0x19, 0x99, + 0x71, 0x6C, 0x16, 0x5D, 0xD0, 0x6A, 0x15, 0x85, + 0x48, 0x34, 0x49, 0x5A, 0x43, 0x74, 0x6C, 0xB5, + 0x3F, 0x0A, 0xBA, 0x3B, 0xC4, 0x6E, 0xBC, 0xF8, + 0x77, 0x3C, 0xA6, 0x4A, 0xD3, 0x43, 0xC1, 0x22, + 0xEE, 0x2A, 0x57, 0x75, 0x57, 0x03, 0x81, 0x57, + 0xEE, 0x9C, 0x38, 0x8D, 0x96, 0xEF, 0x71, 0xD5, + 0x8B, 0xE5, 0xC1, 0xEF, 0xA1, 0xAF, 0xA9, 0x5E, + 0xBE, 0x83, 0xE3, 0x9D, 0x00, 0xE1, 0x9A, 0x5D, + 0x03, 0xDC, 0xD6, 0x0A, 0x01, 0xBC, 0xA8, 0xE3, + }) != 0 { + t.FailNow() + } +} diff --git a/prfplus/plus.go b/prfplus/plus.go new file mode 100644 index 0000000..84ce70c --- /dev/null +++ b/prfplus/plus.go @@ -0,0 +1,47 @@ +// GoGOST -- Pure Go GOST cryptographic functions library +// Copyright (C) 2015-2019 Sergey Matveev +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, version 3 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see . + +package prfplus + +type PRFForPlus interface { + BlockSize() int + Derive(salt []byte) []byte +} + +// prf+ function as defined in RFC 7296 (IKEv2) +func PRFPlus(prf PRFForPlus, dst, salt []byte) { + in := make([]byte, prf.BlockSize()+len(salt)+1) + in[len(in)-1] = byte(0x01) + copy(in[prf.BlockSize():], salt) + copy(in[:prf.BlockSize()], prf.Derive(in[prf.BlockSize():])) + copy(dst, in[:prf.BlockSize()]) + n := len(dst) / prf.BlockSize() + if n == 0 { + return + } + if n*prf.BlockSize() != len(dst) { + n++ + } + n-- + out := dst[prf.BlockSize():] + for i := 0; i < n; i++ { + in[len(in)-1] = byte(i + 2) + copy(in[:prf.BlockSize()], prf.Derive(in)) + copy(out, in[:prf.BlockSize()]) + if i+1 != n { + out = out[prf.BlockSize():] + } + } +} -- 2.44.0 From 0da4d634ac5368d024489baf4bdd5d422b84dd84 Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Fri, 18 Oct 2019 15:57:26 +0300 Subject: [PATCH 16/16] Slightly more descriptive errors --- gost28147/mac.go | 4 ++-- gost3410/curve.go | 4 ++-- gost3410/private.go | 5 +++-- gost3410/public.go | 11 +++++++---- gost3410/vko2001.go | 2 +- internal/gost34112012/hash.go | 8 +++++--- mgm/mode.go | 6 +++--- 7 files changed, 23 insertions(+), 17 deletions(-) diff --git a/gost28147/mac.go b/gost28147/mac.go index bcfd52c..b49bc7d 100644 --- a/gost28147/mac.go +++ b/gost28147/mac.go @@ -42,10 +42,10 @@ type MAC struct { // following ones are fed to Write function. func (c *Cipher) NewMAC(size int, iv []byte) (*MAC, error) { if size == 0 || size > 8 { - return nil, errors.New("Invalid tag size") + return nil, errors.New("gogost/gost28147: invalid tag size") } if len(iv) != BlockSize { - return nil, errors.New("iv length is not equal to blocksize") + return nil, errors.New("gogost/gost28147: len(iv) != 8") } m := MAC{c: c, size: size, iv: iv} n2, n1 := block2nvs(iv) diff --git a/gost3410/curve.go b/gost3410/curve.go index 47f964b..b5fa052 100644 --- a/gost3410/curve.go +++ b/gost3410/curve.go @@ -79,7 +79,7 @@ func NewCurve(p, q, a, b, x, y, e, d *big.Int) (*Curve, error) { r2.Mod(r2, c.P) c.pos(r2) if r1.Cmp(r2) != 0 { - return nil, errors.New("Invalid curve parameters") + return nil, errors.New("gogost/gost3410: invalid curve parameters") } if e != nil && d != nil { c.E = e @@ -131,7 +131,7 @@ func (c *Curve) add(p1x, p1y, p2x, p2y *big.Int) { func (c *Curve) Exp(degree, xS, yS *big.Int) (*big.Int, *big.Int, error) { if degree.Cmp(zero) == 0 { - return nil, nil, errors.New("Bad degree value") + return nil, nil, errors.New("gogost/gost3410: zero degree value") } dg := big.NewInt(0).Sub(degree, bigInt1) tx := big.NewInt(0).Set(xS) diff --git a/gost3410/private.go b/gost3410/private.go index 045c818..231f45e 100644 --- a/gost3410/private.go +++ b/gost3410/private.go @@ -18,6 +18,7 @@ package gost3410 import ( "crypto" "errors" + "fmt" "io" "math/big" ) @@ -30,7 +31,7 @@ type PrivateKey struct { func NewPrivateKey(curve *Curve, mode Mode, raw []byte) (*PrivateKey, error) { if len(raw) != int(mode) { - return nil, errors.New("Invalid private key length") + return nil, fmt.Errorf("gogost/gost3410: len(key) != %d", mode) } key := make([]byte, int(mode)) for i := 0; i < len(key); i++ { @@ -38,7 +39,7 @@ func NewPrivateKey(curve *Curve, mode Mode, raw []byte) (*PrivateKey, error) { } k := bytes2big(key) if k.Cmp(zero) == 0 { - return nil, errors.New("Zero private key") + return nil, errors.New("gogost/gost3410: zero private key") } return &PrivateKey{curve, mode, k}, nil } diff --git a/gost3410/public.go b/gost3410/public.go index 08e1414..de2d858 100644 --- a/gost3410/public.go +++ b/gost3410/public.go @@ -16,7 +16,7 @@ package gost3410 import ( - "errors" + "fmt" "math/big" ) @@ -30,7 +30,7 @@ type PublicKey struct { func NewPublicKey(curve *Curve, mode Mode, raw []byte) (*PublicKey, error) { key := make([]byte, 2*int(mode)) if len(raw) != len(key) { - return nil, errors.New("Invalid public key length") + return nil, fmt.Errorf("gogost/gost3410: len(key) != %d", len(key)) } for i := 0; i < len(key); i++ { key[i] = raw[len(raw)-i-1] @@ -54,11 +54,14 @@ func (pub *PublicKey) Raw() []byte { func (pub *PublicKey) VerifyDigest(digest, signature []byte) (bool, error) { if len(signature) != 2*int(pub.Mode) { - return false, errors.New("Invalid signature length") + return false, fmt.Errorf("gogost/gost3410: len(signature) != %d", 2*int(pub.Mode)) } s := bytes2big(signature[:pub.Mode]) r := bytes2big(signature[pub.Mode:]) - if r.Cmp(zero) <= 0 || r.Cmp(pub.C.Q) >= 0 || s.Cmp(zero) <= 0 || s.Cmp(pub.C.Q) >= 0 { + if r.Cmp(zero) <= 0 || + r.Cmp(pub.C.Q) >= 0 || + s.Cmp(zero) <= 0 || + s.Cmp(pub.C.Q) >= 0 { return false, nil } e := bytes2big(digest) diff --git a/gost3410/vko2001.go b/gost3410/vko2001.go index ed49d8f..c950280 100644 --- a/gost3410/vko2001.go +++ b/gost3410/vko2001.go @@ -27,7 +27,7 @@ import ( // UKM is user keying material, also called VKO-factor. func (prv *PrivateKey) KEK2001(pub *PublicKey, ukm *big.Int) ([]byte, error) { if prv.Mode != Mode2001 { - return nil, errors.New("KEK2001 can not be used in Mode2012") + return nil, errors.New("gogost/gost3410: KEK2001 can not be used in Mode2012") } key, err := prv.KEK(pub, ukm) if err != nil { diff --git a/internal/gost34112012/hash.go b/internal/gost34112012/hash.go index 5f6b707..2c1b4b9 100644 --- a/internal/gost34112012/hash.go +++ b/internal/gost34112012/hash.go @@ -21,6 +21,7 @@ import ( "bytes" "encoding/binary" "errors" + "fmt" ) const ( @@ -426,11 +427,12 @@ func (h *Hash) MarshalBinary() (data []byte, err error) { } func (h *Hash) UnmarshalBinary(data []byte) error { - if len(data) < len(MarshaledName)+1+8+3*BlockSize { - return errors.New("too short data") + expectedLen := len(MarshaledName) + 1 + 8 + 3*BlockSize + if len(data) < expectedLen { + return fmt.Errorf("gogost/internal/gost34112012: len(data) != %d", expectedLen) } if !bytes.HasPrefix(data, []byte(MarshaledName)) { - return errors.New("no hash name prefix") + return errors.New("gogost/internal/gost34112012: no hash name prefix") } idx := len(MarshaledName) h.size = int(data[idx]) diff --git a/mgm/mode.go b/mgm/mode.go index fdbfa42..7857968 100644 --- a/mgm/mode.go +++ b/mgm/mode.go @@ -61,10 +61,10 @@ type MGM struct { func NewMGM(cipher cipher.Block, tagSize int) (cipher.AEAD, error) { blockSize := cipher.BlockSize() if !(blockSize == 8 || blockSize == 16) { - return nil, errors.New("MGM supports only 64/128 blocksizes") + return nil, errors.New("gogost/mgm: only 64/128 blocksizes allowed") } if tagSize < 4 || tagSize > blockSize { - return nil, errors.New("invalid tag size") + return nil, errors.New("gogost/mgm: invalid tag size") } mgm := MGM{ maxSize: uint64(1<