Pure Python 2.7/3.x GOST cryptographic functions library.

GOST is GOvernment STandard of Russian Federation (and Soviet Union).

* GOST 28147-89 (RFC 5830) block cipher with ECB, CNT (CTR), CFB, MAC,
  CBC (RFC 4357) modes of operation
* various 28147-89-related S-boxes included
* GOST R 34.11-94 hash function (RFC 5831)
* GOST R 34.11-94 based PBKDF2 function
* GOST R 34.11-2012 Стрибог (Streebog) hash function (RFC 6986)
* GOST R 34.11-2012 based PBKDF2 function (Р 50.1.111-2016)
* GOST R 34.10-2001 (RFC 5832) public key signature function
* GOST R 34.10-2012 (RFC 7091) public key signature function
* various 34.10 curve parameters included
* Coordinates conversion from twisted Edwards to Weierstrass form and
  vice versa
* VKO GOST R 34.10-2001 key agreement function (RFC 4357)
* VKO GOST R 34.10-2012 key agreement function (RFC 7836)
* 28147-89 and CryptoPro key wrapping (RFC 4357)
* 28147-89 CryptoPro key meshing for CFB and CBC modes (RFC 4357)
* RFC 4491 (using GOST algorithms with X.509) compatibility helpers
* GOST R 34.12-2015 128-bit block cipher Кузнечик (Kuznechik) (RFC 7801)
* GOST R 34.12-2015 64-bit block cipher Магма (Magma)
* GOST R 34.13-2015 padding methods and block cipher modes of operation
  (ECB, CTR, OFB, CBC, CFB, MAC)
* PEP247-compatible hash/MAC functions

Known problems: low performance and non time-constant calculations.

Example 34.10-2012 keypair generation, signing and verifying:

    >>> from pygost.gost3410 import CURVES
    >>> curve = CURVES["id-tc26-gost-3410-12-512-paramSetA"]
    >>> from os import urandom
    >>> prv_raw = urandom(32)
    >>> from pygost.gost3410 import prv_unmarshal
    >>> prv = prv_unmarshal(prv_raw)
    >>> from pygost.gost3410 import public_key
    >>> pub = public_key(curve, prv)
    >>> from pygost.gost3410 import pub_marshal
    >>> from pygost.utils import hexenc
    >>> print "Public key is:", hexenc(pub_marshal(pub))
    >>> from pygost import gost34112012256
    >>> data_for_signing = b"some data"
    >>> dgst = gost34112012256.new(data_for_signing).digest()
    >>> from pygost.gost3410 import sign
    >>> signature = sign(curve, prv, dgst, mode=2012)
    >>> from pygost.gost3410 import verify
    >>> verify(curve, pub, dgst, signature, mode=2012)
    True

Other examples can be found in docstrings and unittests.
Example self-signed X.509 certificate creation can be found in
pygost/asn1schemas/cert-selfsigned-example.py.

PyGOST is free software: see the file COPYING for copying conditions.

PyGOST'es home page is: http://pygost.cypherpunks.ru/
You can read about GOST algorithms more: http://gost.cypherpunks.ru/

Please send questions, bug reports and patches to
https://lists.cypherpunks.ru/mailman/listinfo/gost
mailing list. Announcements also go to this mailing list.

Development Git source code repository currently is located here:
https://git.cypherpunks.ru/cgit.cgi/pygost.git/