@settitle PyGOST
@copying
-Copyright @copyright{} 2015-2016 @email{stargrave@@stargrave.org, Sergey Matveev}
+Copyright @copyright{} 2015-2018 @email{stargrave@@stargrave.org, Sergey Matveev}
@end copying
@node Top
@url{https://www.gnu.org/philosophy/pragmatic.html, copylefted}
@url{https://www.gnu.org/philosophy/free-sw.html, free software}:
licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GPLv3+}.
+You can read about GOST algorithms @url{http://gost.cypherpunks.ru/, more}.
Currently supported algorithms are:
@item various 28147-89-related S-boxes included
@item GOST R 34.11-94 hash function
(@url{https://tools.ietf.org/html/rfc5831.html, RFC 5831})
+@item GOST R 34.11-94 based @url{https://en.wikipedia.org/wiki/PBKDF2, PBKDF2} function
@item GOST R 34.11-2012 Стрибог (Streebog) hash function
(@url{https://tools.ietf.org/html/rfc6986.html, RFC 6986})
+@item GOST R 34.11-2012 based PBKDF2 function (Р 50.1.111-2016)
@item GOST R 34.10-2001
(@url{https://tools.ietf.org/html/rfc5832.html, RFC 5832})
public key signature function
(@url{https://tools.ietf.org/html/rfc7091.html, RFC 7091})
public key signature function
@item various 34.10 curve parameters included
-@item VKO 34.10-2001 Diffie-Hellman function
+@item VKO GOST R 34.10-2001 key agreement function
(@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357})
+@item VKO GOST R 34.10-2012 key agreement function
+ (@url{https://tools.ietf.org/html/rfc7836.html, RFC 7836})
@item 28147-89 and CryptoPro key wrapping
(@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357})
@item 28147-89 CryptoPro key meshing for CFB mode
(using GOST algorithms with X.509) compatibility helpers
@item GOST R 34.12-2015 128-bit block cipher Кузнечик (Kuznechik)
(@url{https://tools.ietf.org/html/rfc7801.html, RFC 7801})
-@item GOST R 34.13-2015 padding methods
+@item GOST R 34.12-2015 64-bit block cipher Магма (Magma)
+@item GOST R 34.13-2015 padding methods and block cipher modes of operation
+ (ECB, CTR, OFB, CBC, CFB, MAC)
@item PEP247-compatible hash/MAC functions
@end itemize
-Example X.509 compatible 34.10-2012 keypair generation, signing and
-verifying its signature:
+Example 34.10-2012 keypair generation, signing and verifying:
@verbatim
->>> from pygost import x509
->>> prv, pub = x509.keypair_gen(urandom(64), mode=2012)
->>> data = b'some data'
->>> signature = x509.sign(prv, data, mode=2012)
->>> x509.verify(pub, data, signature, mode=2012)
+>>> from pygost.gost3410 import CURVE_PARAMS
+>>> from pygost.gost3410 import GOST3410Curve
+>>> curve = GOST3410Curve(*CURVE_PARAMS["GostR3410_2012_TC26_ParamSetA"])
+>>> from os import urandom
+>>> prv_raw = urandom(32)
+>>> from pygost.gost3410 import prv_unmarshal
+>>> prv = prv_unmarshal(prv_raw)
+>>> from pygost.gost3410 import public_key
+>>> pub = public_key(curve, prv)
+>>> from pygost.gost3410 import pub_marshal
+>>> from pygost.utils import hexenc
+>>> print "Public key is:", hexenc(pub_marshal(pub))
+>>> from pygost import gost34112012256
+>>> data_for_signing = b"some data"
+>>> dgst = gost34112012256.new(data_for_signing).digest()
+>>> from pygost.gost3410 import sign
+>>> signature = sign(curve, prv, dgst, mode=2012)
+>>> from pygost.gost3410 import verify
+>>> verify(curve, pub, dgst, signature, mode=2012)
True
@end verbatim
@insertcopying
+@node News
+@unnumbered News
+
+@table @strong
+@item 3.8
+ @itemize
+ @item 34.11-2012 based PBKDF2 function added
+ @item 34.13-2015 does not require double blocksized IVs
+ @end itemize
+
+@item 3.7
+Fixed 34.13-2015 OFB bug with IVs longer than 2 blocks.
+
+@item 3.6
+Fixed source files installation during @command{setup.py install} invocation.
+
+@item 3.5
+Dummy release: added long description in package metadata.
+
+@item 3.4
+Small mypy stubs related fixes.
+
+@item 3.3
+ @itemize
+ @item @code{GOST3412Kuz} renamed to @code{GOST3412Kuznechik}
+ @item @code{GOST3412Magma} implements GOST R 34.12-2015 Magma 64-bit
+ block cipher
+ @end itemize
+
+@item 3.2
+34.13-2015 block cipher modes of operation implementations.
+
+@item 3.1
+Fixed mypy stubs related to PEP247-successors.
+
+@item 3.0
+ @itemize
+ @item @code{gost3411_94} renamed to @code{gost341194}
+ @item @code{gost3411_2012} renamed and split to
+ @code{gost34112012256}, @code{gost34112012512}
+ @item @code{GOST34112012} split to
+ @code{GOST34112012256}, @code{GOST34112012512}
+ @item @code{gost3410.kek} moved to separate
+ @code{gost3410_vko.kek_34102001}
+ @item VKO GOST R 34.10-2012 appeared in @code{gost3410_vko},
+ with test vectors
+ @item 34.11-94 digest is reversed, to be compatible with HMAC and
+ PBKDF2 test vectors describe in TC26 documents
+ @item 34.11-94 PBKDF2 test vectors added
+ @item @code{gost3410.prv_unmarshal},
+ @code{gost3410.pub_marshal},
+ @code{gost3410.pub_unmarshal}
+ helpers added, removing the need of @code{x509} module at all
+ @item @code{gost3410.verify} requires @code{(pubX, pubY)} tuple,
+ instead of two separate @code{pubX}, @code{pubY} arguments
+ @item 34.11-94 based PBKDF2 function added
+ @end itemize
+
+@item 2.4
+Fixed 34.13 mypy stub.
+
+@item 2.3
+Typo and pylint fixes.
+
+@item 2.2
+GOST R 34.13-2015 padding methods
+
+@item 2.1
+Documentation and supplementary files refactoring.
+
+@item 2.0
+PEP-0247 compatible hashers and MAC.
+
+@item 1.0
+ @itemize
+ @item Ability to specify curve in pygost.x509 module
+ @item Ability to use 34.10-2012 in pygost.x509 functions
+ @end itemize
+
+ Renamed classes and modules:
+
+ @itemize
+ @item pygost.gost3410.SIZE_34100 -> pygost.gost3410.SIZE_3410_2001
+ @item pygost.gost3410.SIZE_34112 -> pygost.gost3410.SIZE_3410_2012
+ @item pygost.gost3411_12.GOST341112 -> pygost.gost3411_2012.GOST34112012
+ @end itemize
+
+@item 0.16
+34.10-2012 TC26 curve parameters.
+
+@item 0.15
+PEP-0484 static typing hints.
+
+@item 0.14
+34.10-2012 workability fix.
+
+@item 0.13
+Python3 compatibility.
+
+@item 0.11
+GOST R 34.12-2015 Кузнечик (Kuznechik) implementation.
+
+@item 0.10
+CryptoPro and GOST key wrapping, CryptoPro key meshing.
+@end table
+
@node Download
@unnumbered Download
Preferable way is to download tarball with the signature:
@verbatim
-% wget http://www.cypherpunks.ru/pygost/pygost-2.3.tar.xz
-% wget http://www.cypherpunks.ru/pygost/pygost-2.3.tar.xz.sig
-% gpg --verify pygost-2.3.tar.xz.sig pygost-2.3.tar.xz
-% xz -d < pygost-2.3.tar.xz | tar xf -
-% cd pygost-2.3
+% wget http://pygost.cypherpunks.ru/pygost-3.8.tar.xz
+% wget http://pygost.cypherpunks.ru/pygost-3.8.tar.xz.sig
+% gpg --verify pygost-3.8.tar.xz.sig pygost-3.8.tar.xz
+% xz -d < pygost-3.8.tar.xz | tar xf -
+% cd pygost-3.8
% python setup.py install
@end verbatim
@multitable {XXXXX} {XXXX KiB} {link sign} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}
@headitem Version @tab Size @tab Tarball @tab SHA256 checksum @tab Streebog-256 checksum
+@item 3.7 @tab 43 KiB
+@tab @url{pygost-3.7.tar.xz, link} @url{pygost-3.7.tar.xz.sig, sign}
+@tab @code{2BE1647A 2ED7C794 7B80EBFA 32EB71B1 2AA95711 71CAA0CE E8319BF7 17361E28}
+@tab @code{b76ba4964a61b15a65be60c19d85063b88222fff881d9a9a8ff7dd8a07b2fc67}
+
+@item 3.6 @tab 43 KiB
+@tab @url{pygost-3.6.tar.xz, link} @url{pygost-3.6.tar.xz.sig, sign}
+@tab @code{37EA8A31 B308DBC6 B3229922 ABA0355F 46008BEC 2649BF98 11F62091 17BD94B3}
+@tab @code{47495afde7218e5d01160800daa0f9c786f5c95579686b0ce5a37fb7550bc735}
+
+@item 3.5 @tab 43 KiB
+@tab @url{pygost-3.5.tar.xz, link} @url{pygost-3.5.tar.xz.sig, sign}
+@tab @code{14E504AE 81E74DDD 122E5BF1 0B9E25D7 82D51AB6 5ED43533 0BF276A4 8A7C7AA4}
+@tab @code{eb2106523cf8ed1b462d7a0a57f771f94759047a7e0e5a0b96ee35b24293e264}
+
+@item 3.4 @tab 43 KiB
+@tab @url{pygost-3.4.tar.xz, link} @url{pygost-3.4.tar.xz.sig, sign}
+@tab @code{89715612 8A197071 AD7689FA 96F89304 19E42F76 87632309 B47E5FDE 1AD6126D}
+@tab @code{e590ddc7485e6f99658f26ac23cd2266648f27efa584a33f93abec8b80e1771d}
+
+@item 3.3 @tab 41 KiB
+@tab @url{pygost-3.3.tar.xz, link} @url{pygost-3.3.tar.xz.sig, sign}
+@tab @code{D118F539 537CCD5D 9CCE850E DD8EFD8E ACDA9D6E 0C113A0F C575574A F4BD452A}
+@tab @code{8400a3714b70dddfef03f6fe96325e73ac25db814d052a44dbd8f2ce5ddb05bb}
+
+@item 3.2 @tab 41 KiB
+@tab @url{pygost-3.2.tar.xz, link} @url{pygost-3.2.tar.xz.sig, sign}
+@tab @code{6779D1B1 A4E2B1C3 49CA39F8 425FC962 AF2ED133 BB495343 0F83764B E2624087}
+@tab @code{0a39880ad00ca11d112fef096b81a42a85ce4e5b25c48d1f643858b1e0c520d6}
+
+@item 3.1 @tab 39 KiB
+@tab @url{pygost-3.1.tar.xz, link} @url{pygost-3.1.tar.xz.sig, sign}
+@tab @code{ACCCF1A9 F4B345FF 01595248 5B793DAC FCF71D1F 32A6ABCF 32042DDB 20897BC5}
+@tab @code{823961b6c2a1abe83f6d828397002e68d711a08ce115f21ddff81a294882cd46}
+
+@item 3.0 @tab 39 KiB
+@tab @url{pygost-3.0.tar.xz, link} @url{pygost-3.0.tar.xz.sig, sign}
+@tab @code{0AB10703 6960962D 30BD1646 ACC8D44B E9CBD8A8 4F25DF25 91F26383 DE28875F}
+@tab @code{ef4729df62b4f615a154a9c35ccffaf6bb614a23067f4dd49d2993ec93bb6665}
+
+@item 2.4 @tab 37 KiB
+@tab @url{pygost-2.4.tar.xz, link} @url{pygost-2.4.tar.xz.sig, sign}
+@tab @code{94D14E99 3CF63973 6C8E78D0 5EBD0838 09A47624 C05A9878 11136301 C0A07264}
+@tab @code{b107b5ba043a2e4c30d9348e222b92218b8dff9d672964ffd04259c5261bc5a7}
+
@item 2.3 @tab 37 KiB
@tab @url{pygost-2.3.tar.xz, link} @url{pygost-2.3.tar.xz.sig, sign}
@tab @code{FF2C7E78 F3677B45 EB472DC6 1837C72C 0BD72387 AB0A9DC7 AD88AD11 59589732}
But also you can use PIP (@strong{no} authentication is performed!):
@verbatim
-% pip install pygost==2.3
+% pip install pygost==3.7
@end verbatim
You @strong{have to} verify downloaded tarballs integrity and
software. @url{https://www.gnupg.org/, The GNU Privacy Guard} is used
for that purpose.
-For the very first time it it necessary to get signing public key and
+For the very first time it is necessary to get signing public key and
import it. It is provided below, but you should check alternative
resources.
You can obtain development source code by cloning
@url{http://git-scm.com/, Git}
-@url{https://git.cypherpunks.ru/cgit.cgi/pygost.git/, repository}.
+@url{https://git.cypherpunks.ru/cgit.cgi/pygost.git/}.
@bye