X-Git-Url: http://www.git.cypherpunks.ru/?p=pygost.git;a=blobdiff_plain;f=www.texi;h=1f87bc3e6a6437e495dafb1ced9c9962bd56cba1;hp=6c6f2dfa464352597914fa3050de967c52256915;hb=ac4d91064eb6bf5b2f5b17400565bcb93aea57a1;hpb=6bce22b26ce35bc23bc0bc420dc58efd4697d6bf diff --git a/www.texi b/www.texi index 6c6f2df..1f87bc3 100644 --- a/www.texi +++ b/www.texi @@ -3,7 +3,7 @@ @settitle PyGOST @copying -Copyright @copyright{} 2015-2018 @email{stargrave@@stargrave.org, Sergey Matveev} +Copyright @copyright{} 2015-2021 @email{stargrave@@stargrave.org, Sergey Matveev} @end copying @node Top @@ -14,8 +14,8 @@ GOST is GOvernment STandard of Russian Federation (and Soviet Union). It is @url{https://www.gnu.org/philosophy/pragmatic.html, copylefted} @url{https://www.gnu.org/philosophy/free-sw.html, free software}: -licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GPLv3+}. -You can read about GOST algorithms @url{http://gost.cypherpunks.ru/, more}. +licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GPLv3}. +You can read about GOST algorithms @url{http://www.gost.cypherpunks.ru/, more}. Currently supported algorithms are: @@ -38,13 +38,15 @@ Currently supported algorithms are: (@url{https://tools.ietf.org/html/rfc7091.html, RFC 7091}) public key signature function @item various 34.10 curve parameters included +@item Coordinates conversion from twisted Edwards to Weierstrass + form and vice versa @item VKO GOST R 34.10-2001 key agreement function (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357}) @item VKO GOST R 34.10-2012 key agreement function (@url{https://tools.ietf.org/html/rfc7836.html, RFC 7836}) @item 28147-89 and CryptoPro key wrapping (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357}) -@item 28147-89 CryptoPro key meshing for CFB mode +@item 28147-89 CryptoPro key meshing for CFB and CBC modes (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357}) @item @url{https://tools.ietf.org/html/rfc4491.html, RFC 4491} (using GOST algorithms with X.509) compatibility helpers @@ -53,17 +55,22 @@ Currently supported algorithms are: @item GOST R 34.12-2015 64-bit block cipher Магма (Magma) @item GOST R 34.13-2015 padding methods and block cipher modes of operation (ECB, CTR, OFB, CBC, CFB, MAC) +@item MGM AEAD mode for 64 and 128 bit ciphers + (@url{https://tools.ietf.org/html/rfc9058.html, RFC 9058}) +@item CTR-ACPKM, OMAC-ACPKM-Master modes of operation (Р 1323565.1.017-2018) +@item KExp15/KImp15 key export/import functions (Р 1323565.1.017-2018) +@item KDF_GOSTR3411_2012_256, KDF_TREE_GOSTR3411_2012_256 (Р 50.1.113-2016) +@item KEG export key generation function (Р 1323565.1.020-2018) @item PEP247-compatible hash/MAC functions @end itemize Example 34.10-2012 keypair generation, signing and verifying: -@verbatim ->>> from pygost.gost3410 import CURVE_PARAMS ->>> from pygost.gost3410 import GOST3410Curve ->>> curve = GOST3410Curve(*CURVE_PARAMS["GostR3410_2012_TC26_ParamSetA"]) +@example +>>> from pygost.gost3410 import CURVES +>>> curve = CURVES["id-tc26-gost-3410-12-512-paramSetA"] >>> from os import urandom ->>> prv_raw = urandom(32) +>>> prv_raw = urandom(64) >>> from pygost.gost3410 import prv_unmarshal >>> prv = prv_unmarshal(prv_raw) >>> from pygost.gost3410 import public_key @@ -71,260 +78,24 @@ Example 34.10-2012 keypair generation, signing and verifying: >>> from pygost.gost3410 import pub_marshal >>> from pygost.utils import hexenc >>> print "Public key is:", hexenc(pub_marshal(pub)) ->>> from pygost import gost34112012256 +>>> from pygost import gost34112012512 >>> data_for_signing = b"some data" ->>> dgst = gost34112012256.new(data_for_signing).digest() +>>> dgst = gost34112012512.new(data_for_signing).digest()[::-1] >>> from pygost.gost3410 import sign ->>> signature = sign(curve, prv, dgst, mode=2012) +>>> signature = sign(curve, prv, dgst) >>> from pygost.gost3410 import verify ->>> verify(curve, pub, dgst, signature, mode=2012) +>>> verify(curve, pub, dgst, signature) True -@end verbatim +@end example Please send questions, bug reports and patches to -@url{https://lists.cypherpunks.ru/mailman/listinfo/gost, gost} +@url{http://lists.cypherpunks.ru/gost.html, gost} mailing list. Announcements also go to this mailing list. @insertcopying -@node News -@unnumbered News - -@table @strong -@item 3.10 -Additional missing 34.11-* typing stubs. - -@item 3.9 -Add missing 34.11-2012 PBKDF2 typing stub. - -@item 3.8 - @itemize - @item 34.11-2012 based PBKDF2 function added - @item 34.13-2015 does not require double blocksized IVs - @end itemize - -@item 3.7 -Fixed 34.13-2015 OFB bug with IVs longer than 2 blocks. - -@item 3.6 -Fixed source files installation during @command{setup.py install} invocation. - -@item 3.5 -Dummy release: added long description in package metadata. - -@item 3.4 -Small mypy stubs related fixes. - -@item 3.3 - @itemize - @item @code{GOST3412Kuz} renamed to @code{GOST3412Kuznechik} - @item @code{GOST3412Magma} implements GOST R 34.12-2015 Magma 64-bit - block cipher - @end itemize - -@item 3.2 -34.13-2015 block cipher modes of operation implementations. - -@item 3.1 -Fixed mypy stubs related to PEP247-successors. - -@item 3.0 - @itemize - @item @code{gost3411_94} renamed to @code{gost341194} - @item @code{gost3411_2012} renamed and split to - @code{gost34112012256}, @code{gost34112012512} - @item @code{GOST34112012} split to - @code{GOST34112012256}, @code{GOST34112012512} - @item @code{gost3410.kek} moved to separate - @code{gost3410_vko.kek_34102001} - @item VKO GOST R 34.10-2012 appeared in @code{gost3410_vko}, - with test vectors - @item 34.11-94 digest is reversed, to be compatible with HMAC and - PBKDF2 test vectors describe in TC26 documents - @item 34.11-94 PBKDF2 test vectors added - @item @code{gost3410.prv_unmarshal}, - @code{gost3410.pub_marshal}, - @code{gost3410.pub_unmarshal} - helpers added, removing the need of @code{x509} module at all - @item @code{gost3410.verify} requires @code{(pubX, pubY)} tuple, - instead of two separate @code{pubX}, @code{pubY} arguments - @item 34.11-94 based PBKDF2 function added - @end itemize - -@item 2.4 -Fixed 34.13 mypy stub. - -@item 2.3 -Typo and pylint fixes. - -@item 2.2 -GOST R 34.13-2015 padding methods - -@item 2.1 -Documentation and supplementary files refactoring. - -@item 2.0 -PEP-0247 compatible hashers and MAC. - -@item 1.0 - @itemize - @item Ability to specify curve in pygost.x509 module - @item Ability to use 34.10-2012 in pygost.x509 functions - @end itemize - - Renamed classes and modules: - - @itemize - @item pygost.gost3410.SIZE_34100 -> pygost.gost3410.SIZE_3410_2001 - @item pygost.gost3410.SIZE_34112 -> pygost.gost3410.SIZE_3410_2012 - @item pygost.gost3411_12.GOST341112 -> pygost.gost3411_2012.GOST34112012 - @end itemize - -@item 0.16 -34.10-2012 TC26 curve parameters. - -@item 0.15 -PEP-0484 static typing hints. - -@item 0.14 -34.10-2012 workability fix. - -@item 0.13 -Python3 compatibility. - -@item 0.11 -GOST R 34.12-2015 Кузнечик (Kuznechik) implementation. - -@item 0.10 -CryptoPro and GOST key wrapping, CryptoPro key meshing. -@end table - -@node Download -@unnumbered Download - -No additional dependencies except Python 2.7/3.x interpreter are required. - -Preferable way is to download tarball with the signature: - -@verbatim -% wget http://pygost.cypherpunks.ru/pygost-3.8.tar.xz -% wget http://pygost.cypherpunks.ru/pygost-3.8.tar.xz.sig -% gpg --verify pygost-3.8.tar.xz.sig pygost-3.8.tar.xz -% xz -d < pygost-3.8.tar.xz | tar xf - -% cd pygost-3.8 -% python setup.py install -@end verbatim - -@multitable {XXXXX} {XXXX KiB} {link sign} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} -@headitem Version @tab Size @tab Tarball @tab SHA256 checksum @tab Streebog-256 checksum - -@item 3.10 @tab 44 KiB -@tab @url{pygost-3.10.tar.xz, link} @url{pygost-3.10.tar.xz.sig, sign} -@tab @code{8508C513 EBA78BA3 9D4BE5DA 42A2CE39 B0EB8998 9C9EBF20 5E100A1F B594AB10} -@tab @code{357fe05d52f1d30e0972a3b7fa381bdc84be45ebcc01e59d921c78d8e3a456c0} - -@item 3.9 @tab 44 KiB -@tab @url{pygost-3.9.tar.xz, link} @url{pygost-3.9.tar.xz.sig, sign} -@tab @code{EA734025 6A892D4C 6272E577 B773CADA 6D5DEAB5 651D82D0 4721F92C 068CCC10} -@tab @code{4302d934b9ccfbd63da4e3587eff322cbf6712fa45ffeb917fb831121a673dc9} - -@item 3.8 @tab 44 KiB -@tab @url{pygost-3.8.tar.xz, link} @url{pygost-3.8.tar.xz.sig, sign} -@tab @code{C8219F12 900B15D6 DA479157 BC48EE08 8BDF7FD0 548E02E4 16B44B6A 4A2FFDD3} -@tab @code{0ad60ab474171cb72aa7282a77e5a87a3b8c6f958a0d781504dde2f82e7b839a} - -@item 3.7 @tab 43 KiB -@tab @url{pygost-3.7.tar.xz, link} @url{pygost-3.7.tar.xz.sig, sign} -@tab @code{2BE1647A 2ED7C794 7B80EBFA 32EB71B1 2AA95711 71CAA0CE E8319BF7 17361E28} -@tab @code{b76ba4964a61b15a65be60c19d85063b88222fff881d9a9a8ff7dd8a07b2fc67} - -@item 3.6 @tab 43 KiB -@tab @url{pygost-3.6.tar.xz, link} @url{pygost-3.6.tar.xz.sig, sign} -@tab @code{37EA8A31 B308DBC6 B3229922 ABA0355F 46008BEC 2649BF98 11F62091 17BD94B3} -@tab @code{47495afde7218e5d01160800daa0f9c786f5c95579686b0ce5a37fb7550bc735} - -@item 3.5 @tab 43 KiB -@tab @url{pygost-3.5.tar.xz, link} @url{pygost-3.5.tar.xz.sig, sign} -@tab @code{14E504AE 81E74DDD 122E5BF1 0B9E25D7 82D51AB6 5ED43533 0BF276A4 8A7C7AA4} -@tab @code{eb2106523cf8ed1b462d7a0a57f771f94759047a7e0e5a0b96ee35b24293e264} - -@item 3.4 @tab 43 KiB -@tab @url{pygost-3.4.tar.xz, link} @url{pygost-3.4.tar.xz.sig, sign} -@tab @code{89715612 8A197071 AD7689FA 96F89304 19E42F76 87632309 B47E5FDE 1AD6126D} -@tab @code{e590ddc7485e6f99658f26ac23cd2266648f27efa584a33f93abec8b80e1771d} - -@item 3.3 @tab 41 KiB -@tab @url{pygost-3.3.tar.xz, link} @url{pygost-3.3.tar.xz.sig, sign} -@tab @code{D118F539 537CCD5D 9CCE850E DD8EFD8E ACDA9D6E 0C113A0F C575574A F4BD452A} -@tab @code{8400a3714b70dddfef03f6fe96325e73ac25db814d052a44dbd8f2ce5ddb05bb} - -@item 3.2 @tab 41 KiB -@tab @url{pygost-3.2.tar.xz, link} @url{pygost-3.2.tar.xz.sig, sign} -@tab @code{6779D1B1 A4E2B1C3 49CA39F8 425FC962 AF2ED133 BB495343 0F83764B E2624087} -@tab @code{0a39880ad00ca11d112fef096b81a42a85ce4e5b25c48d1f643858b1e0c520d6} - -@item 3.1 @tab 39 KiB -@tab @url{pygost-3.1.tar.xz, link} @url{pygost-3.1.tar.xz.sig, sign} -@tab @code{ACCCF1A9 F4B345FF 01595248 5B793DAC FCF71D1F 32A6ABCF 32042DDB 20897BC5} -@tab @code{823961b6c2a1abe83f6d828397002e68d711a08ce115f21ddff81a294882cd46} - -@item 3.0 @tab 39 KiB -@tab @url{pygost-3.0.tar.xz, link} @url{pygost-3.0.tar.xz.sig, sign} -@tab @code{0AB10703 6960962D 30BD1646 ACC8D44B E9CBD8A8 4F25DF25 91F26383 DE28875F} -@tab @code{ef4729df62b4f615a154a9c35ccffaf6bb614a23067f4dd49d2993ec93bb6665} - -@item 2.4 @tab 37 KiB -@tab @url{pygost-2.4.tar.xz, link} @url{pygost-2.4.tar.xz.sig, sign} -@tab @code{94D14E99 3CF63973 6C8E78D0 5EBD0838 09A47624 C05A9878 11136301 C0A07264} -@tab @code{b107b5ba043a2e4c30d9348e222b92218b8dff9d672964ffd04259c5261bc5a7} - -@item 2.3 @tab 37 KiB -@tab @url{pygost-2.3.tar.xz, link} @url{pygost-2.3.tar.xz.sig, sign} -@tab @code{FF2C7E78 F3677B45 EB472DC6 1837C72C 0BD72387 AB0A9DC7 AD88AD11 59589732} -@tab @code{42cfd0cdf357997a909a9114ca14391b4c5e8b62e298675f899b80a8a26d690f} - -@end multitable - -But also you can use PIP (@strong{no} authentication is performed!): - -@verbatim -% pip install pygost==3.7 -@end verbatim - -You @strong{have to} verify downloaded tarballs integrity and -authenticity to be sure that you retrieved trusted and untampered -software. @url{https://www.gnupg.org/, The GNU Privacy Guard} is used -for that purpose. - -For the very first time it is necessary to get signing public key and -import it. It is provided below, but you should check alternative -resources. - -@verbatim -pub rsa2048/0xE6FD1269CD0C009E 2016-09-13 - F55A 7619 3A0C 323A A031 0E6B E6FD 1269 CD0C 009E -uid PyGOST releases -@end verbatim - -@itemize - -@item @url{https://lists.cypherpunks.ru/mailman/listinfo/gost, gost} maillist - -@item -@verbatim -% gpg --keyserver hkp://keys.gnupg.net/ --recv-keys 0xE6FD1269CD0C009E -% gpg --auto-key-locate dane --locate-keys pygost at cypherpunks dot ru -% gpg --auto-key-locate wkd --locate-keys pygost at cypherpunks dot ru -% gpg --auto-key-locate pka --locate-keys pygost at cypherpunks dot ru -@end verbatim - -@item -@verbatiminclude PUBKEY.asc - -@end itemize - -You can obtain development source code by cloning -@url{http://git-scm.com/, Git} -@url{https://git.cypherpunks.ru/cgit.cgi/pygost.git/}. +@include faq.texi +@include news.texi +@include install.texi @bye