Next: , Previous: , Up: GoGOST  

News

6.1.0
  • Fixed workability with Go 1.24’s subtle.XORBytes
  • Go 1.24 is required now because of crypto/hkdf and crypto/pbkdf2
6.0.2

Minor trivial changes.

6.0.1

Minor trivial changes.

6.0.0

Changed namespace because of domain expiration: 

go.cypherpunks.ru/gogost/v5 -> go.cypherpunks.su/gogost/v6
5.15.0

Optimised Streebog implementation with precalculated tables.

5.14.1
  • Forgotten Version raise
  • Streebog-512 PBKDF2 test vectors
5.14.0

28147-89 and CryptoPro key wrapping support (RFC 4357).

5.13.0
  • gost3410.NewPublicKeyLE, gost3410.PublicKey.RawLE, gost3410.NewPublicKeyBE, gost3410.PublicKey.RawBE, gost3410.NewPrivateKeyLE, gost3410.PrivateKey.RawLE, gost3410.NewPrivateKeyBE, gost3410.PrivateKey.RawBE, functions appeared, to simplify dealing with different endianness keys serialisation
  • gost3410.PublicKeyReverseDigest and gost3410.PublicKeyReverseDigestAndSignature wrappers appeared
5.12.0

Updated dependencies.

5.11.0

You can check if public key is on curve with gost3410.Curve.Contains method now.

5.10.0
  • mgm.MGM.Open returns mgm.InvalidTag for failed authentication
  • Example cmd/cer-dane-hash and cmd/cer-selfsigned-example utilities appeared
5.9.1

Updated and cleaned up go.sum.

5.9.0

gost3410 is more thread-safe.

5.8.0

Faster Kuznechik and ~3x faster Kuznechik-MGM.

5.7.0

Go 1.17 requires gost3410.PublicKey to have Equal method.

5.6.0
  • Add gost3410.CurveIdtc26gost341012512paramSetTest curve
  • More curve aliases: 
    CurveIdGostR34102001CryptoProAParamSet -> CurveIdtc26gost341012256paramSetB
CurveIdGostR34102001CryptoProBParamSet -> CurveIdtc26gost341012256paramSetC
CurveIdGostR34102001CryptoProCParamSet -> CurveIdtc26gost341012256paramSetD
CurveIdGostR34102001CryptoProXchAParamSet -> CurveIdGostR34102001CryptoProAParamSet
CurveIdGostR34102001CryptoProXchBParamSet -> CurveIdGostR34102001CryptoProCParamSet
CurveIdtc26gost34102012256paramSetA -> CurveIdtc26gost341012256paramSetA
CurveIdtc26gost34102012256paramSetB -> CurveIdtc26gost341012256paramSetB
CurveIdtc26gost34102012256paramSetC -> CurveIdtc26gost341012256paramSetC
CurveIdtc26gost34102012256paramSetD -> CurveIdtc26gost341012256paramSetD
CurveIdtc26gost34102012512paramSetTest -> CurveIdtc26gost341012512paramSetTest
CurveIdtc26gost34102012512paramSetA -> CurveIdtc26gost341012512paramSetA
CurveIdtc26gost34102012512paramSetB -> CurveIdtc26gost341012512paramSetB
CurveIdtc26gost34102012512paramSetC -> CurveIdtc26gost341012512paramSetC
5.5.0

gost3410.PrivateKey is in gost3410.Curve.Q now. That makes them more friendly with some implementations.

5.4.0

Even slightly less allocations in Streebog.

5.3.0

~16x speedup of Streebog, ~15x speedup of Kuznechik.

5.2.0

MGM does not panic when short (tagless) message is verified.

5.1.1

Tarball uses vendoring, instead of GOPATH overriding. As minimal Go version is 1.12 for a long time, it supports modules.

5.1.0

gost3410/KEK* functions do not alter ukm argument. It is safe to reuse now.

5.0.0

Backward incompatible remove of excess misleading gost3410.Mode from all related functions. Point/key sizes are determined by looking at curve’s parameters size.

4.3.0

Fixed nasty bug with Edwards curves using in 34.10-VKO functions: curve’s cofactor has not been used.

4.2.4

gost3410.PrivateKeyReverseDigest reversed digests and PrivateKeyReverseDigestAndSignature with also reversed signatures signers appeared for convenience.

4.2.3

Panic on all possible hash Write errors.

4.2.2

More 34.10-2012 test vectors.

4.2.1

Dummy release. More nicer tarballs.

4.2.0
  • PRF_IPSEC_PRFPLUS_GOSTR3411_2012_{256,512} implementation
  • Generic prf+ function (taken from IKEv2 (RFC 7296))
4.1.0
  • ESPTREE/IKETREE implementation
  • CurveIdtc26gost34102012256paramSetB, CurveIdtc26gost34102012256paramSetC, CurveIdtc26gost34102012256paramSetD curve aliases
  • Forbid any later GNU GPL version autousage (project’s licence now is GNU GPLv3 only)
  • Project now is go get-able and uses go.cypherpunks.ru namespace: go get go.cypherpunks.ru/gogost, go get go.cypherpunks.ru/gogost/cmd/streebog{256,512}
4.0
  • Backward incompatible change: all keys passing to encryption functions are slices now, not the fixed arrays. That heavily simplifies the library usage
  • Fix bug with overwriting IVs memory in gost28147.CFB*crypter
  • TLSTREE, used in TLS 1.[23], implementation
  • gost3410.KEK2012* can be used with any curves, not only 512-bit ones
  • gost3410.PrivateKey satisfies crypto.Signer interface
  • gost34112012* hashes satisfy encoding.Binary(Un)Marshaler
  • Streebog256 HKDF test vectors
3.0
  • Multilinear Galois Mode (MGM) block cipher mode for 64 and 128 bit ciphers
  • KDF_GOSTR3411_2012_256 KDF
  • 34.12-2015 64-bit block cipher Магма (Magma)
  • Additional EAC 28147-89 Sbox
  • 34.10-2012 TC26 twisted Edwards curve related parameters
  • Coordinates conversion from twisted Edwards to Weierstrass form and vice versa
  • Fixed gost3410.PrivateKey’s length validation
  • Backward incompatible change: gost3410.NewCurve takes big.Int, instead of encoded integers
  • Backward incompatible Sbox and curves parameters renaming, to comply with OIDs identifying them: 
    Gost2814789_TestParamSet       -> SboxIdGost2814789TestParamSet
Gost28147_CryptoProParamSetA   -> SboxIdGost2814789CryptoProAParamSet
Gost28147_CryptoProParamSetB   -> SboxIdGost2814789CryptoProBParamSet
Gost28147_CryptoProParamSetC   -> SboxIdGost2814789CryptoProCParamSet
Gost28147_CryptoProParamSetD   -> SboxIdGost2814789CryptoProDParamSet
GostR3411_94_TestParamSet      -> SboxIdGostR341194TestParamSet
Gost28147_tc26_ParamZ          -> SboxIdtc26gost28147paramZ
GostR3411_94_CryptoProParamSet -> SboxIdGostR341194CryptoProParamSet
EACParamSet                    -> SboxEACParamSet

CurveParamsGostR34102001cc            -> CurveGostR34102001ParamSetcc
CurveParamsGostR34102001Test          -> CurveIdGostR34102001TestParamSet
CurveParamsGostR34102001CryptoProA    -> CurveIdGostR34102001CryptoProAParamSet
CurveParamsGostR34102001CryptoProB    -> CurveIdGostR34102001CryptoProBParamSet
CurveParamsGostR34102001CryptoProC    -> CurveIdGostR34102001CryptoProCParamSet
CurveParamsGostR34102001CryptoProXchA -> CurveIdGostR34102001CryptoProXchAParamSet
CurveParamsGostR34102001CryptoProXchB -> CurveIdGostR34102001CryptoProXchBParamSet
CurveParamsGostR34102012TC26ParamSetA -> CurveIdtc26gost341012512paramSetA
CurveParamsGostR34102012TC26ParamSetB -> CurveIdtc26gost341012512paramSetB
  • Various additional test vectors
  • go modules friendliness
2.0
  • 34.11-2012 is split on two different modules: gost34112012256 and gost34112012512
  • 34.11-94’s digest is reversed. Now it is compatible with TC26’s HMAC and PBKDF2 test vectors
  • gogost-streebog is split to streebog256 and streebog512 correspondingly by analogy with sha* utilities
  • added VKO 34.10-2012 support with corresponding test vectors
  • gost3410.DigestSizeX is renamed to gost3410.ModeX because it is not related to digest size, but parameters and key sizes
  • KEK functions take big.Int UKM value. Use NewUKM to unmarshal raw binary UKM
1.1
  • gogost-streebog is able to use either 256 or 512 bits digest size
  • 34.13-2015 padding methods
  • 28147-89 CBC mode of operation

Next: Download, Previous: Frequently asked questions, Up: GoGOST