GoGOST

GoGOST is pure Go GOST cryptographic functions library.
GOST is GOvernment STandard of Russian Federation (and Soviet Union).
=> It is copylefted
=> free software
licenced under
=> GPLv3
You can read more
=> about GOST algorithms.

Currently supported algorithms are:

* GOST 28147-89 block cipher with ECB, CNT (CTR), CFB, MAC, CBC modes
  => RFC 5830
  => RFC 4357
* various 28147-89-related S-boxes included
* GOST R 34.11-94 hash function
  => RFC 5831
* GOST R 34.11-2012 Стрибог (Streebog) hash function
  => RFC 6986
* GOST R 34.10-2001 signature
  => RFC 5832
* GOST R 34.10-2012 signature
  => RFC 7091
* various 34.10 curve parameters included
* Coordinates conversion from twisted Edwards to Weierstrass form
  and vice versa
* VKO GOST R 34.10-2001 VKO key agreement function
  => RFC 4357
* VKO GOST R 34.10-2012 VKO key agreement function
  => RFC 7836
* KDF_GOSTR3411_2012_256 KDF function (ТК26 Р 50.1.113-2016)
* GOST R 34.12-2015 128-bit block cipher Кузнечик (Kuznechik)
  => RFC 7801
* GOST R 34.12-2015 64-bit block cipher Магма (Magma)
* GOST R 34.13-2015 padding methods
* MGM AEAD mode for 64 and 128 bit ciphers
  => RFC 9058
* TLSTREE keyscheduling function
* ESPTREE/IKETREE (IKE* is the same as ESP*) keyscheduling function
* PRF_IPSEC_PRFPLUS_GOSTR3411_2012_{256,512} and generic prf+ functions
  (Р 50.1.111-2016 with IKEv2)
  => RFC 7296

Probably you could be interested in
=> Go's support of GOST TLS 1.3

Example 34.10-2012-256 keypair generation, signing and verifying:

    import (
        "crypto/rand"
        "io"
        "go.stargrave.org/gogost/v6/gost3410"
        "go.stargrave.org/gogost/v6/gost34112012256"
    )
    func main() {
        data := []byte("data to be signed")
        hasher := gost34112012256.New()
        hasher.Write(data)
        dgst := hasher.Sum(nil)
        curve := gost3410.CurveIdtc26gost341012256paramSetB()
        prvRaw := make([]byte, curve.PointSize())
        rand.Read(prvRaw)
        prv, err := gost3410.NewPrivateKey(curve, prvRaw)
        pub, err := prv.PublicKey()
        pubRaw := pub.Raw()
        sign, err := prv.Sign(rand.Reader, dgst, nil)
        pub, err = gost3410.NewPublicKey(curve, pubRaw)
        isValid, err := pub.VerifyDigest(dgst, sign)
        if !isValid { panic("signature is invalid") }
    }

Please send questions, bug reports and patches to
=> gost mailing list
Announcements also go to this mailing list.

                    [FAQ] [NEWS] [INSTALL] [THANKS]