\input texinfo
@documentencoding UTF-8
@settitle PyGOST

@copying
Copyright @copyright{} 2015-2016 @email{stargrave@@stargrave.org, Sergey Matveev}
@end copying

@node Top
@top PyGOST

PyGOST is pure Python 2.7/3.x GOST cryptographic functions library.
GOST is GOvernment STandard of Russian Federation (and Soviet Union).
It is
@url{https://www.gnu.org/philosophy/pragmatic.html, copylefted}
@url{https://www.gnu.org/philosophy/free-sw.html, free software}:
licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GPLv3+}.
You can read about GOST algorithms @url{http://www.cypherpunks.ru/gost/, more}.

Currently supported algorithms are:

@itemize
@item GOST 28147-89 (@url{https://tools.ietf.org/html/rfc5830.html, RFC 5830})
    block cipher with ECB, CNT (CTR), CFB, MAC,
    CBC (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357})
    modes of operation
@item various 28147-89-related S-boxes included
@item GOST R 34.11-94 hash function
    (@url{https://tools.ietf.org/html/rfc5831.html, RFC 5831})
@item GOST R 34.11-2012 Стрибог (Streebog) hash function
    (@url{https://tools.ietf.org/html/rfc6986.html, RFC 6986})
@item GOST R 34.10-2001
    (@url{https://tools.ietf.org/html/rfc5832.html, RFC 5832})
    public key signature function
@item GOST R 34.10-2012
    (@url{https://tools.ietf.org/html/rfc7091.html, RFC 7091})
    public key signature function
@item various 34.10 curve parameters included
@item VKO 34.10-2001 Diffie-Hellman function
    (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357})
@item 28147-89 and CryptoPro key wrapping
    (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357})
@item 28147-89 CryptoPro key meshing for CFB mode
    (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357})
@item @url{https://tools.ietf.org/html/rfc4491.html, RFC 4491}
    (using GOST algorithms with X.509) compatibility helpers
@item GOST R 34.12-2015 128-bit block cipher Кузнечик (Kuznechik)
    (@url{https://tools.ietf.org/html/rfc7801.html, RFC 7801})
@item GOST R 34.13-2015 padding methods
@item PEP247-compatible hash/MAC functions
@end itemize

Example X.509 compatible 34.10-2012 keypair generation, signing and
verifying its signature:

@verbatim
>>> from pygost import x509
>>> prv, pub = x509.keypair_gen(urandom(64), mode=2012)
>>> data = b'some data'
>>> signature = x509.sign(prv, data, mode=2012)
>>> x509.verify(pub, data, signature, mode=2012)
True
@end verbatim

Please send questions, bug reports and patches to
@url{https://lists.cypherpunks.ru/mailman/listinfo/gost, gost}
mailing list. Announcements also go to this mailing list.

@insertcopying

@node Download
@unnumbered Download

No additional dependencies except Python 2.7/3.x interpreter are required.

Preferable way is to download tarball with the signature:

@verbatim
% wget http://www.cypherpunks.ru/pygost/pygost-2.3.tar.xz
% wget http://www.cypherpunks.ru/pygost/pygost-2.3.tar.xz.sig
% gpg --verify pygost-2.3.tar.xz.sig pygost-2.3.tar.xz
% xz -d < pygost-2.3.tar.xz | tar xf -
% cd pygost-2.3
% python setup.py install
@end verbatim

@multitable {XXXXX} {XXXX KiB} {link sign} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}
@headitem Version @tab Size @tab Tarball @tab SHA256 checksum @tab Streebog-256 checksum

@item 2.4 @tab 37 KiB
@tab @url{pygost-2.4.tar.xz, link} @url{pygost-2.4.tar.xz.sig, sign}
@tab @code{94D14E99 3CF63973 6C8E78D0 5EBD0838 09A47624 C05A9878 11136301 C0A07264}
@tab @code{b107b5ba043a2e4c30d9348e222b92218b8dff9d672964ffd04259c5261bc5a7}

@item 2.3 @tab 37 KiB
@tab @url{pygost-2.3.tar.xz, link} @url{pygost-2.3.tar.xz.sig, sign}
@tab @code{FF2C7E78 F3677B45 EB472DC6 1837C72C 0BD72387 AB0A9DC7 AD88AD11 59589732}
@tab @code{42cfd0cdf357997a909a9114ca14391b4c5e8b62e298675f899b80a8a26d690f}

@end multitable

But also you can use PIP (@strong{no} authentication is performed!):

@verbatim
% pip install pygost==2.3
@end verbatim

You @strong{have to} verify downloaded tarballs integrity and
authenticity to be sure that you retrieved trusted and untampered
software. @url{https://www.gnupg.org/, The GNU Privacy Guard} is used
for that purpose.

For the very first time it it necessary to get signing public key and
import it. It is provided below, but you should check alternative
resources.

@verbatim
pub   rsa2048/0xE6FD1269CD0C009E 2016-09-13
      F55A 7619 3A0C 323A A031  0E6B E6FD 1269 CD0C 009E
uid   PyGOST releases <pygost at cypherpunks dot ru>
@end verbatim

@itemize

@item @url{https://lists.cypherpunks.ru/mailman/listinfo/gost, gost} maillist

@item
@verbatim
% gpg --keyserver hkp://keys.gnupg.net/ --recv-keys 0xE6FD1269CD0C009E
% gpg --auto-key-locate dane --locate-keys pygost at cypherpunks dot ru
% gpg --auto-key-locate wkd --locate-keys pygost at cypherpunks dot ru
% gpg --auto-key-locate pka --locate-keys pygost at cypherpunks dot ru
@end verbatim

@item
@verbatiminclude PUBKEY.asc

@end itemize

You can obtain development source code by cloning
@url{http://git-scm.com/, Git}
@url{https://git.cypherpunks.ru/cgit.cgi/pygost.git/, repository}.

@bye