Preferable way is to download tarball with the signature:
@verbatim
-% wget http://pygost.cypherpunks.ru/pygost-3.8.tar.xz
-% wget http://pygost.cypherpunks.ru/pygost-3.8.tar.xz.sig
-% gpg --verify pygost-3.8.tar.xz.sig pygost-3.8.tar.xz
-% xz -d < pygost-3.8.tar.xz | tar xf -
-% cd pygost-3.8
+% wget http://pygost.cypherpunks.ru/pygost-3.13.tar.xz
+% wget http://pygost.cypherpunks.ru/pygost-3.13.tar.xz.sig
+% gpg --verify pygost-3.13.tar.xz.sig pygost-3.13.tar.xz
+% xz -d < pygost-3.13.tar.xz | tar xf -
+% cd pygost-3.13
% python setup.py install
@end verbatim
@multitable {XXXXX} {XXXX-XX-XX} {XXXX KiB} {link sign} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}
@headitem Version @tab Date @tab Size @tab Tarball @tab SHA256 checksum @tab Streebog-256 checksum
+@item @ref{Release 3.12, 3.12} @tab 2018-11-05 @tab 44 KiB
+@tab @url{pygost-3.12.tar.xz, link} @url{pygost-3.12.tar.xz.sig, sign}
+@tab @code{B4C70BD4 43DFD3E0 ED85D870 BBD1DA2D BB14C34B 6C3FC4DC E9E2A9F3 ABC650BF}
+@tab @code{e3eb6e554f72de50a81cdef53848df3d453fbe30f622436b797ada5ea96912c2}
+
@item @ref{Release 3.11, 3.11} @tab 2018-09-21 @tab 44 KiB
@tab @url{pygost-3.11.tar.xz, link} @url{pygost-3.11.tar.xz.sig, sign}
@tab @code{34C092B7 78778DD4 1587BD31 AC62E7E6 3C45CEB8 7B664293 CCCA66DB 21147835}
But also you can use PIP (@strong{no} authentication is performed!):
@verbatim
-% pip install pygost==3.7
+% pip install pygost==3.13
@end verbatim
You @strong{have to} verify downloaded tarballs integrity and