### Install gost-crypto Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Installs the gost-crypto library using go get. ```go go get github.com/rekurt/gost-crypto ``` -------------------------------- ### Example Output Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Demonstrates the expected output for a successful verification. ```text Output: valid: true ``` -------------------------------- ### Sign and Verify with gost-crypto Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Demonstrates generating a key pair, signing a message, and verifying the signature using gost-crypto. Ensures proper key management with Zeroize. ```go package main import ( "fmt" gostcrypto "github.com/rekurt/gost-crypto" ) func main() { priv, err := gostcrypto.GenerateKey(gostcrypto.CurveTC26_256_A) if err != nil { panic(err) } defer priv.Zeroize() sig, err := gostcrypto.Sign(priv, []byte("Hello, GOST!")) if err != nil { panic(err) } ok, err := gostcrypto.Verify(priv.PublicKey(), []byte("Hello, GOST!"), sig) if err != nil { panic(err) } fmt.Println("valid:", ok) // valid: true } ``` -------------------------------- ### LoadPrivKey Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Creates a GOST R 34.10-2012 private key from raw bytes. The raw bytes must be big-endian and match the key size for the curve. ```APIDOC ## LoadPrivKey ### Description Creates a GOST R 34.10-2012 private key from raw bytes. The raw bytes must be big-endian and exactly the key size for the curve (32 bytes for 256-bit curves, 64 bytes for 512-bit curves). ### Method N/A (Function signature provided) ### Signature `func LoadPrivKey(c Curve, raw []byte) (*PrivKey, error)` ### Parameters #### Input Parameters - **c** (Curve) - The curve associated with the private key. - **raw** ([]byte) - The raw private key bytes (big-endian). #### Return Values - (*PrivKey) - The loaded private key. - (error) - An error if loading the private key fails. ``` -------------------------------- ### Key Generation and Loading Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Provides functionality to generate new cryptographic key pairs or load existing private keys. ```APIDOC ## Key Generation and Loading ### Description Provides functionality to generate new cryptographic key pairs or load existing private keys. ### Functions #### GenerateKey * **Signature:** `func GenerateKey(c Curve) (*PrivKey, error)` * **Description:** Generates a new private key for the specified curve. * **Parameters:** * `c` (Curve) - The cryptographic curve to use for key generation. * **Returns:** * `*PrivKey` - The newly generated private key. * `error` - An error if key generation fails. #### LoadPrivKey * **Signature:** `func LoadPrivKey(c Curve, raw []byte) (*PrivKey, error)` * **Description:** Loads a private key from raw byte data for the specified curve. * **Parameters:** * `c` (Curve) - The cryptographic curve of the private key. * `raw` ([]byte) - The raw byte representation of the private key. * **Returns:** * `*PrivKey` - The loaded private key. * `error` - An error if loading the private key fails. ``` -------------------------------- ### Load GOST R 34.10-2012 Private Key Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Creates a GOST R 34.10-2012 private key from raw big-endian bytes. The byte slice must match the key size for the curve. ```go func LoadPrivKey(c Curve, raw []byte) (*PrivKey, error) ``` -------------------------------- ### Generate Key Pair and Sign Message Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Generates a new key pair using a specified curve and signs a message. Ensure to handle errors and zeroize the private key after use. ```go priv, err := gostcrypto.GenerateKey(gostcrypto.CurveTC26_256_A) if err != nil { log.Fatal(err) } defer priv.Zeroize() sig, err := gostcrypto.Sign(priv, []byte("Hello, GOST!")) if err != nil { log.Fatal(err) } ok, err := gostcrypto.Verify(priv.PublicKey(), []byte("Hello, GOST!"), sig) ``` -------------------------------- ### Agree Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Performs GOST VKO key agreement between a local private key and a remote peer's public key. The ukm (User Keying Material) is required and must be non-empty. This function is symmetric. ```APIDOC ## Agree ### Description Performs GOST VKO key agreement between a local private key and a remote peer's public key. The ukm (User Keying Material) is required and must be non-empty. Agree is symmetric. ### Method N/A (Function signature provided) ### Signature `func Agree(priv *PrivKey, pub *PubKey, ukm []byte) ([]byte, error)` ### Parameters #### Input Parameters - **priv** (*PrivKey) - The local private key. - **pub** (*PubKey) - The remote peer's public key. - **ukm** ([]byte) - User Keying Material. Must be non-empty. #### Return Values - ([]byte) - The shared secret. - (error) - An error if the key agreement fails. ``` -------------------------------- ### Key Agreement Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Performs key agreement using GOST R 34.10-2012 ECDH. ```APIDOC ## Key Agreement ### Description Performs key agreement using GOST R 34.10-2012 ECDH. ### Function #### Agree * **Signature:** `func Agree(priv *PrivKey, pub *PubKey, ukm []byte) ([]byte, error)` * **Description:** Computes a shared secret using the private key of one party, the public key of the other party, and an optional User Keying Material (UKM). * **Parameters:** * `priv` (*PrivKey) - The private key of the local party. * `pub` (*PubKey) - The public key of the remote party. * `ukm` ([]byte) - Optional User Keying Material. * **Returns:** * `[]byte` - The computed shared secret. * `error` - An error if key agreement fails. ``` -------------------------------- ### VKO Key Agreement with gost-crypto Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Performs VKO (key agreement) between two parties using their private and public keys. Demonstrates that the shared secret is symmetric regardless of the order of agreement. ```go privA, _ := gostcrypto.GenerateKey(gostcrypto.CurveTC26_256_A) privB, _ := gostcrypto.GenerateKey(gostcrypto.CurveTC26_256_A) deffer privA.Zeroize() deffer privB.Zeroize() ukm := []byte{0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08} // Shared secret is symmetric: Agree(A, pubB) == Agree(B, pubA) secretAB, _ := gostcrypto.Agree(privA, privB.PublicKey(), ukm) secretBA, _ := gostcrypto.Agree(privB, privA.PublicKey(), ukm) // bytes.Equal(secretAB, secretBA) == true ``` -------------------------------- ### Kuznechik Encryption (AEAD) with gost-crypto Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Shows how to perform authenticated encryption using the Kuznechik block cipher in MGM mode. Requires a 32-byte key and generates a nonce for sealing plaintext. ```go import "github.com/rekurt/gost-crypto/pkg/gost3413" aead, _ := gost3413.NewMGMFromKey(key) // 32-byte key nonce := make([]byte, aead.NonceSize()) rand.Read(nonce) ciphertext := aead.Seal(nil, nonce, plaintext, additionalData) ``` -------------------------------- ### Retrieve All TC26 Curves Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Returns a slice containing all eight supported TC26 parameter sets. ```go func AllCurves() []Curve ``` -------------------------------- ### Verify Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Hashes a message using Streebog and verifies a GOST R 34.10-2012 signature. The hash size is automatically determined by the key's curve. ```APIDOC ## Verify ### Description Hashes msg with Streebog and verifies a GOST R 34.10-2012 signature. The hash size is chosen automatically based on the key's curve: Streebog-256 for 256-bit curves, Streebog-512 for 512-bit curves. ### Method N/A (Function signature provided) ### Signature `func Verify(pub *PubKey, msg, sig []byte) (bool, error)` ### Parameters #### Input Parameters - **pub** (*PubKey) - The public key to use for verification. - **msg** ([]byte) - The original message. - **sig** ([]byte) - The signature to verify. #### Return Values - (bool) - True if the signature is valid, false otherwise. - (error) - An error if verification fails. ``` -------------------------------- ### TC26 Parameter Set Constants Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Defines constants for TC26 parameter sets, re-exported from the pkg/gost3410 package. ```go const ( CurveTC26_256_A = gost3410.CurveTC26_256_A // id-tc26-gost-3410-2012-256-paramSetA CurveTC26_256_B = gost3410.CurveTC26_256_B // id-tc26-gost-3410-2012-256-paramSetB CurveTC26_256_C = gost3410.CurveTC26_256_C // id-tc26-gost-3410-2012-256-paramSetC CurveTC26_256_D = gost3410.CurveTC26_256_D // id-tc26-gost-3410-2012-256-paramSetD CurveTC26_512_A = gost3410.CurveTC26_512_A // id-tc26-gost-3410-2012-512-paramSetA CurveTC26_512_B = gost3410.CurveTC26_512_B // id-tc26-gost-3410-2012-512-paramSetB CurveTC26_512_C = gost3410.CurveTC26_512_C // id-tc26-gost-3410-2012-512-paramSetC CurveTC26_512_D = gost3410.CurveTC26_512_D // id-tc26-gost-3410-2012-512-paramSetD ) ``` -------------------------------- ### Verify Signature Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Verifies a signature against a public key and the original message. Handles potential errors during verification. ```go ok, err := gostcrypto.Verify(pub, []byte("Hello, GOST!"), sig) ``` -------------------------------- ### Sign and Verify Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Signs a message using a private key and verifies a signature using a public key. The hash function (Streebog-256 or Streebog-512) is automatically selected based on the key's curve size. ```APIDOC ## Sign and Verify ### Description Signs a message using a private key and verifies a signature using a public key. The hash function (Streebog-256 or Streebog-512) is automatically selected based on the key's curve size. ### Functions #### Sign * **Signature:** `func Sign(priv *PrivKey, msg []byte) ([]byte, error)` * **Description:** Signs the given message using the provided private key. * **Parameters:** * `priv` (*PrivKey) - The private key to use for signing. * `msg` ([]byte) - The message to sign. * **Returns:** * `[]byte` - The signature. * `error` - An error if signing fails. #### Verify * **Signature:** `func Verify(pub *PubKey, msg, sig []byte) (bool, error)` * **Description:** Verifies the given signature against the message using the provided public key. * **Parameters:** * `pub` (*PubKey) - The public key to use for verification. * `msg` ([]byte) - The original message. * `sig` ([]byte) - The signature to verify. * **Returns:** * `bool` - True if the signature is valid, false otherwise. * `error` - An error if verification fails. ``` -------------------------------- ### Hashing Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Provides functions to compute hash sums using Streebog-256 and Streebog-512 algorithms. ```APIDOC ## Hashing ### Description Provides functions to compute hash sums using Streebog-256 and Streebog-512 algorithms. ### Functions #### HashSum256 * **Signature:** `func HashSum256(data []byte) [32]byte` * **Description:** Computes the Streebog-256 hash of the input data. * **Parameters:** * `data` ([]byte) - The data to hash. * **Returns:** * `[32]byte` - The 32-byte hash sum. #### HashSum512 * **Signature:** `func HashSum512(data []byte) [64]byte` * **Description:** Computes the Streebog-512 hash of the input data. * **Parameters:** * `data` ([]byte) - The data to hash. * **Returns:** * `[64]byte` - The 64-byte hash sum. ``` -------------------------------- ### GOST VKO Key Agreement Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Performs GOST VKO key agreement. Requires a non-empty User Keying Material (ukm). The operation is symmetric. ```go func Agree(priv *PrivKey, pub *PubKey, ukm []byte) ([]byte, error) ``` -------------------------------- ### Sign Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Hashes a message using Streebog and signs it with GOST R 34.10-2012. The hash size is automatically determined by the key's curve. ```APIDOC ## Sign ### Description Hashes msg with Streebog and signs with GOST R 34.10-2012. The hash size is chosen automatically based on the key's curve: Streebog-256 for 256-bit curves, Streebog-512 for 512-bit curves. ### Method N/A (Function signature provided) ### Signature `func Sign(priv *PrivKey, msg []byte) ([]byte, error)` ### Parameters #### Input Parameters - **priv** (*PrivKey) - The private key to use for signing. - **msg** ([]byte) - The message to sign. #### Return Values - ([]byte) - The signature. - (error) - An error if signing fails. ``` -------------------------------- ### Curves Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Provides access to all standardized TC26 elliptic curve parameter sets. ```APIDOC ## Curves ### Description Provides access to all standardized TC26 elliptic curve parameter sets. ### Function #### AllCurves * **Signature:** `func AllCurves() []Curve` * **Description:** Returns a slice containing all 8 standardized TC26 elliptic curve parameter sets (4 for 256-bit and 4 for 512-bit). * **Returns:** * `[]Curve` - A slice of all supported `Curve` types. ``` -------------------------------- ### Sentinel Errors Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Re-exports sentinel errors from the pkg/gost3410 package for error handling. ```go var ( ErrUnknownCurve = gost3410.ErrUnknownCurve ErrPointNotOnCurve = gost3410.ErrPointNotOnCurve ErrInvalidKeySize = gost3410.ErrInvalidKeySize ErrInvalidSignature = gost3410.ErrInvalidSignature ErrNilKey = gost3410.ErrNilKey ErrCurveMismatch = gost3410.ErrCurveMismatch ErrEmptyUKM = gost3410.ErrEmptyUKM ) ``` -------------------------------- ### Streebog-256 Hash Calculation Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Calculates the Streebog-256 digest of the provided data. ```go func HashSum256(data []byte) [32]byte ``` -------------------------------- ### GOST R 34.10-2012 Private Key Type Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Defines the PrivKey type for GOST R 34.10-2012 private keys. This is an alias for gost3410.PrivKey. ```go type PrivKey = gost3410.PrivKey ``` -------------------------------- ### GOST R 34.10-2012 Signature Generation Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Hashes a message using Streebog and signs it with GOST R 34.10-2012. The hash size is automatically selected based on the key's curve. ```go func Sign(priv *PrivKey, msg []byte) ([]byte, error) ``` -------------------------------- ### GenerateKey Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Generates a new GOST R 34.10-2012 key pair for the specified curve. ```APIDOC ## GenerateKey ### Description Generates a new GOST R 34.10-2012 key pair for the given curve. ### Method N/A (Function signature provided) ### Signature `func GenerateKey(c Curve) (*PrivKey, error)` ### Parameters #### Input Parameters - **c** (Curve) - The curve to generate the key pair for. #### Return Values - (*PrivKey) - The generated private key (which also contains the public key). - (error) - An error if key generation fails. ``` -------------------------------- ### Streebog-512 Hash Calculation Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Calculates the Streebog-512 digest of the provided data. ```go func HashSum512(data []byte) [64]byte ``` -------------------------------- ### GOST R 34.10-2012 Public Key Type Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Defines the PubKey type for GOST R 34.10-2012 public keys. This is an alias for gost3410.PubKey. ```go type PubKey = gost3410.PubKey ``` -------------------------------- ### Generate GOST R 34.10-2012 Key Pair Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Generates a new GOST R 34.10-2012 key pair for the specified curve. ```go func GenerateKey(c Curve) (*PrivKey, error) ``` -------------------------------- ### HashSum512 Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Calculates the Streebog-512 digest of the provided data. ```APIDOC ## HashSum512 ### Description Returns the Streebog-512 digest of data. ### Method N/A (Function signature provided) ### Signature `func HashSum512(data []byte) [64]byte` ### Parameters #### Input Parameters - **data** ([]byte) - The data to hash. #### Return Values - ([64]byte) - The 64-byte Streebog-512 digest. ``` -------------------------------- ### HashSum256 Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Calculates the Streebog-256 digest of the provided data. ```APIDOC ## HashSum256 ### Description Returns the Streebog-256 digest of data. ### Method N/A (Function signature provided) ### Signature `func HashSum256(data []byte) [32]byte` ### Parameters #### Input Parameters - **data** ([]byte) - The data to hash. #### Return Values - ([32]byte) - The 32-byte Streebog-256 digest. ``` -------------------------------- ### AllCurves Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Retrieves all eight supported TC26 parameter sets for GOST R 34.10-2012 curves. ```APIDOC ## AllCurves ### Description Returns all eight TC26 parameter sets. ### Method N/A (Function signature provided) ### Signature `func AllCurves() []Curve` ### Parameters None. ### Return Values - ([]Curve) - A slice containing all supported `Curve` types. ``` -------------------------------- ### GOST R 34.10-2012 Signature Verification Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Hashes a message using Streebog and verifies a GOST R 34.10-2012 signature. The hash size is automatically selected based on the key's curve. ```go func Verify(pub *PubKey, msg, sig []byte) (bool, error) ``` -------------------------------- ### TC26 Curve Type Definition Source: https://pkg.go.dev/github.com/rekurt/gost-crypto Defines the Curve type, which identifies a TC26 elliptic-curve parameter set. This is an alias for gost3410.Curve. ```go type Curve = gost3410.Curve ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.