2 @documentencoding UTF-8
6 Copyright @copyright{} 2015-2016 @email{stargrave@@stargrave.org, Sergey Matveev}
12 PyGOST is pure Python 2.7/3.x GOST cryptographic functions library.
13 GOST is GOvernment STandard of Russian Federation (and Soviet Union).
15 @url{https://www.gnu.org/philosophy/pragmatic.html, copylefted}
16 @url{https://www.gnu.org/philosophy/free-sw.html, free software}:
17 licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GPLv3+}.
19 Currently supported algorithms are:
22 @item GOST 28147-89 (@url{https://tools.ietf.org/html/rfc5830.html, RFC 5830})
23 block cipher with ECB, CNT (CTR), CFB, MAC,
24 CBC (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357})
26 @item various 28147-89-related S-boxes included
27 @item GOST R 34.11-94 hash function
28 (@url{https://tools.ietf.org/html/rfc5831.html, RFC 5831})
29 @item GOST R 34.11-2012 Стрибог (Streebog) hash function
30 (@url{https://tools.ietf.org/html/rfc6986.html, RFC 6986})
31 @item GOST R 34.10-2001
32 (@url{https://tools.ietf.org/html/rfc5832.html, RFC 5832})
33 public key signature function
34 @item GOST R 34.10-2012
35 (@url{https://tools.ietf.org/html/rfc7091.html, RFC 7091})
36 public key signature function
37 @item various 34.10 curve parameters included
38 @item VKO 34.10-2001 Diffie-Hellman function
39 (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357})
40 @item 28147-89 and CryptoPro key wrapping
41 (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357})
42 @item 28147-89 CryptoPro key meshing for CFB mode
43 (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357})
44 @item @url{https://tools.ietf.org/html/rfc4491.html, RFC 4491}
45 (using GOST algorithms with X.509) compatibility helpers
46 @item GOST R 34.12-2015 128-bit block cipher Кузнечик (Kuznechik)
47 (@url{https://tools.ietf.org/html/rfc7801.html, RFC 7801})
48 @item GOST R 34.13-2015 padding methods
49 @item PEP247-compatible hash/MAC functions
52 Example X.509 compatible 34.10-2012 keypair generation, signing and
53 verifying its signature:
56 >>> from pygost import x509
57 >>> prv, pub = x509.keypair_gen(urandom(64), mode=2012)
58 >>> data = b'some data'
59 >>> signature = x509.sign(prv, data, mode=2012)
60 >>> x509.verify(pub, data, signature, mode=2012)
64 Please send questions, bug reports and patches to
65 @url{https://lists.cypherpunks.ru/mailman/listinfo/gost, gost}
66 mailing list. Announcements also go to this mailing list.
73 No additional dependencies except Python 2.7/3.x interpreter are required.
75 Preferable way is to download tarball with the signature:
78 % wget http://www.cypherpunks.ru/pygost/pygost-2.3.tar.xz
79 % wget http://www.cypherpunks.ru/pygost/pygost-2.3.tar.xz.sig
80 % gpg --verify pygost-2.3.tar.xz.sig pygost-2.3.tar.xz
81 % xz -d < pygost-2.3.tar.xz | tar xf -
83 % python setup.py install
86 @multitable {XXXXX} {XXXX KiB} {link sign} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}
87 @headitem Version @tab Size @tab Tarball @tab SHA256 checksum @tab Streebog-256 checksum
90 @tab @url{pygost-2.3.tar.xz, link} @url{pygost-2.3.tar.xz.sig, sign}
91 @tab @code{FF2C7E78 F3677B45 EB472DC6 1837C72C 0BD72387 AB0A9DC7 AD88AD11 59589732}
92 @tab @code{42cfd0cdf357997a909a9114ca14391b4c5e8b62e298675f899b80a8a26d690f}
96 But also you can use PIP (@strong{no} authentication is performed!):
99 % pip install pygost==2.3
102 You @strong{have to} verify downloaded tarballs integrity and
103 authenticity to be sure that you retrieved trusted and untampered
104 software. @url{https://www.gnupg.org/, The GNU Privacy Guard} is used
107 For the very first time it it necessary to get signing public key and
108 import it. It is provided below, but you should check alternative
112 pub rsa2048/0xE6FD1269CD0C009E 2016-09-13
113 F55A 7619 3A0C 323A A031 0E6B E6FD 1269 CD0C 009E
114 uid PyGOST releases <pygost at cypherpunks dot ru>
119 @item @url{https://lists.cypherpunks.ru/mailman/listinfo/gost, gost} maillist
123 % gpg --keyserver hkp://keys.gnupg.net/ --recv-keys 0xE6FD1269CD0C009E
124 % gpg --auto-key-locate dane --locate-keys pygost at cypherpunks dot ru
125 % gpg --auto-key-locate wkd --locate-keys pygost at cypherpunks dot ru
126 % gpg --auto-key-locate pka --locate-keys pygost at cypherpunks dot ru
130 @verbatiminclude PUBKEY.asc
134 You can obtain development source code by cloning
135 @url{http://git-scm.com/, Git}
136 @url{https://git.cypherpunks.ru/cgit.cgi/pygost.git/, repository}.