Download ¶

Preferable way is to download tarball with the signature from website and, for example, run tests with benchmarks:

$ [fetch|wget] http://www.gogost.cypherpunks.su/gogost-6.1.0.tar.zst
$ [fetch|wget] http://www.gogost.cypherpunks.su/gogost-6.1.0.tar.zst.{asc,sig}
[verify signature]
$ tar xf gogost-6.1.0.tar.zst
$ cd gogost-6.1.0
$ go build -o streebog256 ./cmd/streebog256
$ echo hello world | ./streebog256
f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d

And then you can include its source code in your project for example like this:

$ mkdir -p myproj/vendor/go.cypherpunks.su/gogost
$ mv gogost-6.1.0 myproj/vendor/go.cypherpunks.su/gogost/v6
$ cd myproj
$ cat >main.go <<EOF
package main

import (
    "encoding/hex"
    "fmt"

    "go.cypherpunks.su/gogost/v6/gost34112012256"
)

func main() {
    h := gost34112012256.New()
    h.Write([]byte("hello world\n"))
    fmt.Println(hex.EncodeToString(h.Sum(nil)))
}
EOF
$ go run main.go
f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d

You have to verify downloaded tarballs authenticity to be sure that you retrieved trusted and untampered software. There are two options:

OpenPGP .asc signature

Use GNU Privacy Guard free software implementation. For the very first time it is necessary to get signing public key and import it. It is provided here, but you should check alternate resources.

pub   rsa2048/0x82343436696FC85A 2016-09-13
      CEBD 1282 2C46 9C02 A81A  0467 8234 3436 696F C85A
uid   GoGOST releases <gogost at cypherpunks dot su>

$ gpg --auto-key-locate dane --locate-keys gogost at cypherpunks dot su
$ gpg --auto-key-locate  wkd --locate-keys gogost at cypherpunks dot su

OpenSSH .sig signature

Public key and its OpenPGP signature made with the key above. Its fingerprint: SHA256:u8X9rPDOhxpyzGs/IugbxXbDeOu/0AttKY+LGAvHBH0.

$ ssh-keygen -Y verify -f PUBKEY-SSH.pub -I gogost@cypherpunks.su -n file \
    -s gogost-6.1.0.tar.zst.sig <gogost-6.1.0.tar.zst

GoGOST is also go get-able. For example to install streebog256 utility:

$ go install go.cypherpunks.su/gogost/v6/cmd/streebog256@latest

Aware that go.cypherpunks.su uses ca.cypherpunks.su X.509 certificate authority.

• Go’s default proxy.golang.org and sum.golang.org services won’t be able to verify go.cypherpunks.su’s TLS authenticity, because there are no common trust anchors. You can skip their usage by setting $GOPRIVATE=go.cypherpunks.su.
• You can (temporarily) override CA bundle during installation with $SSL_CERT_FILE environment variable.
• You can unpack tarball somewhere and use replace command in your local go.mod:

  require go.cypherpunks.su/gogost/v6 v6.1.0
  replace go.cypherpunks.su/gogost/v6 => /path/to/gogost-6.1.0
  

• You can use Go’s workspace feature:

  $ go work use /path/to/gogost-6.1.0
  

You can obtain development source code with git clone git://git.cypherpunks.su/gogost.git. You can also use anongit@master.git.stargrave.org:cypherpunks.su/gogost.git, anongit@slave.git.stargrave.org:cypherpunks.su/gogost.git, anongit@master.git.cypherpunks.su:cypherpunks.su/gogost.git, anongit@slave.git.cypherpunks.su:cypherpunks.su/gogost.git, git://git.stargrave.org/gogost.git, git://y.git.stargrave.org/gogost.git, git://y.git.cypherpunks.su/gogost.git URLs instead.

Previous: News, Up: GoGOST