X-Git-Url: http://www.git.cypherpunks.ru/?p=pygost.git;a=blobdiff_plain;f=www.texi;h=1f87bc3e6a6437e495dafb1ced9c9962bd56cba1;hp=cb235c94c2f893a37c012429524bb05856842e7e;hb=ac4d91064eb6bf5b2f5b17400565bcb93aea57a1;hpb=079b0d530fb14139867a74f9a10456abbb144753 diff --git a/www.texi b/www.texi index cb235c9..1f87bc3 100644 --- a/www.texi +++ b/www.texi @@ -3,7 +3,7 @@ @settitle PyGOST @copying -Copyright @copyright{} 2015-2016 @email{stargrave@@stargrave.org, Sergey Matveev} +Copyright @copyright{} 2015-2021 @email{stargrave@@stargrave.org, Sergey Matveev} @end copying @node Top @@ -14,7 +14,8 @@ GOST is GOvernment STandard of Russian Federation (and Soviet Union). It is @url{https://www.gnu.org/philosophy/pragmatic.html, copylefted} @url{https://www.gnu.org/philosophy/free-sw.html, free software}: -licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GPLv3+}. +licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GPLv3}. +You can read about GOST algorithms @url{http://www.gost.cypherpunks.ru/, more}. Currently supported algorithms are: @@ -26,8 +27,10 @@ Currently supported algorithms are: @item various 28147-89-related S-boxes included @item GOST R 34.11-94 hash function (@url{https://tools.ietf.org/html/rfc5831.html, RFC 5831}) +@item GOST R 34.11-94 based @url{https://en.wikipedia.org/wiki/PBKDF2, PBKDF2} function @item GOST R 34.11-2012 Стрибог (Streebog) hash function (@url{https://tools.ietf.org/html/rfc6986.html, RFC 6986}) +@item GOST R 34.11-2012 based PBKDF2 function (Р 50.1.111-2016) @item GOST R 34.10-2001 (@url{https://tools.ietf.org/html/rfc5832.html, RFC 5832}) public key signature function @@ -35,109 +38,64 @@ Currently supported algorithms are: (@url{https://tools.ietf.org/html/rfc7091.html, RFC 7091}) public key signature function @item various 34.10 curve parameters included -@item VKO 34.10-2001 Diffie-Hellman function +@item Coordinates conversion from twisted Edwards to Weierstrass + form and vice versa +@item VKO GOST R 34.10-2001 key agreement function (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357}) +@item VKO GOST R 34.10-2012 key agreement function + (@url{https://tools.ietf.org/html/rfc7836.html, RFC 7836}) @item 28147-89 and CryptoPro key wrapping (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357}) -@item 28147-89 CryptoPro key meshing for CFB mode +@item 28147-89 CryptoPro key meshing for CFB and CBC modes (@url{https://tools.ietf.org/html/rfc4357.html, RFC 4357}) @item @url{https://tools.ietf.org/html/rfc4491.html, RFC 4491} (using GOST algorithms with X.509) compatibility helpers @item GOST R 34.12-2015 128-bit block cipher Кузнечик (Kuznechik) (@url{https://tools.ietf.org/html/rfc7801.html, RFC 7801}) -@item GOST R 34.13-2015 padding methods +@item GOST R 34.12-2015 64-bit block cipher Магма (Magma) +@item GOST R 34.13-2015 padding methods and block cipher modes of operation + (ECB, CTR, OFB, CBC, CFB, MAC) +@item MGM AEAD mode for 64 and 128 bit ciphers + (@url{https://tools.ietf.org/html/rfc9058.html, RFC 9058}) +@item CTR-ACPKM, OMAC-ACPKM-Master modes of operation (Р 1323565.1.017-2018) +@item KExp15/KImp15 key export/import functions (Р 1323565.1.017-2018) +@item KDF_GOSTR3411_2012_256, KDF_TREE_GOSTR3411_2012_256 (Р 50.1.113-2016) +@item KEG export key generation function (Р 1323565.1.020-2018) @item PEP247-compatible hash/MAC functions @end itemize -Example X.509 compatible 34.10-2012 keypair generation, signing and -verifying its signature: - -@verbatim ->>> from pygost import x509 ->>> prv, pub = x509.keypair_gen(urandom(64), mode=2012) ->>> data = b'some data' ->>> signature = x509.sign(prv, data, mode=2012) ->>> x509.verify(pub, data, signature, mode=2012) +Example 34.10-2012 keypair generation, signing and verifying: + +@example +>>> from pygost.gost3410 import CURVES +>>> curve = CURVES["id-tc26-gost-3410-12-512-paramSetA"] +>>> from os import urandom +>>> prv_raw = urandom(64) +>>> from pygost.gost3410 import prv_unmarshal +>>> prv = prv_unmarshal(prv_raw) +>>> from pygost.gost3410 import public_key +>>> pub = public_key(curve, prv) +>>> from pygost.gost3410 import pub_marshal +>>> from pygost.utils import hexenc +>>> print "Public key is:", hexenc(pub_marshal(pub)) +>>> from pygost import gost34112012512 +>>> data_for_signing = b"some data" +>>> dgst = gost34112012512.new(data_for_signing).digest()[::-1] +>>> from pygost.gost3410 import sign +>>> signature = sign(curve, prv, dgst) +>>> from pygost.gost3410 import verify +>>> verify(curve, pub, dgst, signature) True -@end verbatim +@end example Please send questions, bug reports and patches to -@url{https://lists.cypherpunks.ru/mailman/listinfo/gost, gost} +@url{http://lists.cypherpunks.ru/gost.html, gost} mailing list. Announcements also go to this mailing list. @insertcopying -@node Download -@unnumbered Download - -No additional dependencies except Python 2.7/3.x interpreter are required. - -Preferable way is to download tarball with the signature: - -@verbatim -% wget http://www.cypherpunks.ru/pygost/pygost-2.3.tar.xz -% wget http://www.cypherpunks.ru/pygost/pygost-2.3.tar.xz.sig -% gpg --verify pygost-2.3.tar.xz.sig pygost-2.3.tar.xz -% xz -d < pygost-2.3.tar.xz | tar xf - -% cd pygost-2.3 -% python setup.py install -@end verbatim - -@multitable {XXXXX} {XXXX KiB} {link sign} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} -@headitem Version @tab Size @tab Tarball @tab SHA256 checksum @tab Streebog-256 checksum - -@item 2.4 @tab 37 KiB -@tab @url{pygost-2.4.tar.xz, link} @url{pygost-2.4.tar.xz.sig, sign} -@tab @code{94D14E99 3CF63973 6C8E78D0 5EBD0838 09A47624 C05A9878 11136301 C0A07264} -@tab @code{b107b5ba043a2e4c30d9348e222b92218b8dff9d672964ffd04259c5261bc5a7} - -@item 2.3 @tab 37 KiB -@tab @url{pygost-2.3.tar.xz, link} @url{pygost-2.3.tar.xz.sig, sign} -@tab @code{FF2C7E78 F3677B45 EB472DC6 1837C72C 0BD72387 AB0A9DC7 AD88AD11 59589732} -@tab @code{42cfd0cdf357997a909a9114ca14391b4c5e8b62e298675f899b80a8a26d690f} - -@end multitable - -But also you can use PIP (@strong{no} authentication is performed!): - -@verbatim -% pip install pygost==2.3 -@end verbatim - -You @strong{have to} verify downloaded tarballs integrity and -authenticity to be sure that you retrieved trusted and untampered -software. @url{https://www.gnupg.org/, The GNU Privacy Guard} is used -for that purpose. - -For the very first time it it necessary to get signing public key and -import it. It is provided below, but you should check alternative -resources. - -@verbatim -pub rsa2048/0xE6FD1269CD0C009E 2016-09-13 - F55A 7619 3A0C 323A A031 0E6B E6FD 1269 CD0C 009E -uid PyGOST releases -@end verbatim - -@itemize - -@item @url{https://lists.cypherpunks.ru/mailman/listinfo/gost, gost} maillist - -@item -@verbatim -% gpg --keyserver hkp://keys.gnupg.net/ --recv-keys 0xE6FD1269CD0C009E -% gpg --auto-key-locate dane --locate-keys pygost at cypherpunks dot ru -% gpg --auto-key-locate wkd --locate-keys pygost at cypherpunks dot ru -% gpg --auto-key-locate pka --locate-keys pygost at cypherpunks dot ru -@end verbatim - -@item -@verbatiminclude PUBKEY.asc - -@end itemize - -You can obtain development source code by cloning -@url{http://git-scm.com/, Git} -@url{https://git.cypherpunks.ru/cgit.cgi/pygost.git/, repository}. +@include faq.texi +@include news.texi +@include install.texi @bye