4 Preferable way is to download tarball with the signature from
5 website and, for example, run tests with benchmarks:
8 $ [fetch|wget] http://www.gogost.cypherpunks.ru/gogost-@value{VERSION}.tar.zst
9 $ [fetch|wget] http://www.gogost.cypherpunks.ru/gogost-@value{VERSION}.tar.zst.asc
10 $ gpg --verify gogost-@value{VERSION}.tar.zst.asc gogost-@value{VERSION}.tar.zst
11 $ zstd --decompress --stdout gogost-@value{VERSION}.tar.zst | tar xf -
12 $ cd gogost-@value{VERSION}
13 $ go build -mod=vendor -o streebog256 ./cmd/streebog256
14 $ echo hello world | ./streebog256
15 f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d
18 @include download.texi
20 And then you can include its source code in your project for example
24 $ mkdir -p myproj/vendor/go.cypherpunks.ru/gogost
25 $ mv gogost-@value{VERSION} myproj/vendor/go.cypherpunks.ru/gogost/v5
34 "go.cypherpunks.ru/gogost/v5/gost34112012256"
38 h := gost34112012256.New()
39 h.Write([]byte("hello world\n"))
40 fmt.Println(hex.EncodeToString(h.Sum(nil)))
44 f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d
47 You @strong{have to} verify downloaded tarballs integrity and
48 authenticity to be sure that you retrieved trusted and untampered
49 software. @url{https://www.gnupg.org/, GNU Privacy Guard} is used
52 For the very first time it is necessary to get signing public key and
53 import it. It is provided below, but you should check alternative
57 pub rsa2048/0x82343436696FC85A 2016-09-13 [SC]
58 CEBD 1282 2C46 9C02 A81A 0467 8234 3436 696F C85A
59 uid GoGOST releases <gogost at cypherpunks dot ru>
64 @item @url{http://lists.cypherpunks.ru/gost.html, gost} maillist
68 $ gpg --auto-key-locate dane --locate-keys gogost at cypherpunks dot ru
69 $ gpg --auto-key-locate wkd --locate-keys gogost at cypherpunks dot ru
73 @verbatiminclude PUBKEY.asc
77 GoGOST is also @command{go get}-able. For example to install
78 @command{streebog256} utility:
81 $ go install go.cypherpunks.ru/gogost/v5/cmd/streebog256@@latest
84 @code{go.cypherpunks.ru} uses @code{ca.cypherpunks.ru} X.509 CA
85 authority, that may complicate installation:
89 @item Go's default @code{proxy.golang.org} and @code{sum.golang.org}
90 services won't be able to verify @code{go.cypherpunks.ru}'s TLS
91 authenticity, because there are no common trust anchors. You can skip
92 their usage by setting @env{$GOPRIVATE=go.cypherpunks.ru}.
94 @item You can (temporarily) override CA certificate bundle during installation:
97 $ [fetch|wget] http://www.ca.cypherpunks.ru/cert.pem
98 $ [fetch|wget] http://www.ca.cypherpunks.ru/cert.pem.asc
99 $ gpg --auto-key-locate dane --locate-keys stargrave at stargrave dot org
100 $ gpg --auto-key-locate wkd --locate-keys stargrave at gnupg dot net
101 $ gpg --verify cert.pem.asc
102 $ SSL_CERT_FILE=`pwd`/cert.pem GIT_SSL_CAINFO=`pwd`/cert.pem go get \
103 go.cypherpunks.ru/gogost/v5
106 @item You can unpack tarball somewhere and use @code{replace} command in
107 your local @file{go.mod}:
110 require go.cypherpunks.ru/gogost/v5 v@value{VERSION}
111 replace go.cypherpunks.ru/gogost/v5 => /path/to/gogost-@value{VERSION}
116 You can obtain development source code with
117 @command{git clone git://git.cypherpunks.ru/gogost.git}
118 (also you can use @url{https://git.cypherpunks.ru/gogost.git}).