1 Preferable way is to download tarball with the signature from official
2 website and, for example, run tests with benchmarks:
4 $ wget http://gogost.cypherpunks.ru/gogost-4.1.0.tar.xz
5 $ wget http://gogost.cypherpunks.ru/gogost-4.1.0.tar.xz.sig
6 $ gpg --verify gogost-4.1.0.tar.xz.sig gogost-4.1.0.tar.xz
7 $ xz -d < gogost-4.1.0.tar.xz | tar xf -
8 $ make -C gogost-4.1.0 all bench
9 $ echo hello world | ./gogost-4.1.0/streebog256
10 f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d
12 And then you can include its source code in your project for example
16 $ cp -r gogost-4.1.0/src/go.cypherpunks.ru myproj/src
17 $ export GOPATH=$PWD/myproj
26 "go.cypherpunks.ru/gogost/v4/gost34112012256"
30 h := gost34112012256.New()
31 h.Write([]byte("hello world"))
32 fmt.Println(hex.EncodeToString(h.Sum(nil)))
36 c600fd9dd049cf8abd2f5b32e840d2cb0e41ea44de1c155dcd88dc84fe58a855
38 GoGOST is also go-get-able. For example to use streebog256 utility:
40 $ go get go.cypherpunks.ru/gogost/cmd/streebog256
42 You have to verify downloaded tarballs integrity and authenticity to be
43 sure that you retrieved trusted and untampered software. GNU Privacy
44 Guard is used for that purpose.
46 For the very first time it is necessary to get signing public key and
47 import it. It is provided below, but you should check alternative
50 pub rsa2048/0x82343436696FC85A 2016-09-13 [SC]
51 CEBD 1282 2C46 9C02 A81A 0467 8234 3436 696F C85A
52 uid GoGOST releases <gogost at cypherpunks dot ru>
54 Look in PUBKEY.asc file.
55 $ gpg --auto-key-locate dane --locate-keys gogost at cypherpunks dot ru
56 $ gpg --auto-key-locate wkd --locate-keys gogost at cypherpunks dot ru