Merge branch 'master_orig'

ftomza · Jul 21, 2020 · b7d58e0 · b7d58e0
2 parents dc3e94a + 6c4284c
commit b7d58e0
Show file tree

Hide file tree

Showing 20 changed files with 106 additions and 52 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+module-name
diff --git a/Makefile b/Makefile
diff --git a/README b/README
@@ -24,6 +24,9 @@ GOST is GOvernment STandard of Russian Federation (and Soviet Union).
 * PRF_IPSEC_PRFPLUS_GOSTR3411_2012_{256,512} and generic prf+ functions
   (Р 50.1.111-2016 with IKEv2 RFC 7296)
 
+Probably you could be interested in
+Go's support of GOST TLS 1.3 (http://gostls13.cypherpunks.ru/).
+
 Known problems:
 
 * intermediate calculation values are not zeroed

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-4.2.3
+4.2.4
diff --git a/all.do b/all.do
@@ -0,0 +1 @@
+redo-ifchange streebog256 streebog512
diff --git a/bench.do b/bench.do
@@ -0,0 +1,3 @@
+redo-ifchange module-name
+exec >&2
+go test -benchmem -bench . `cat module-name`/...
diff --git a/clean.do b/clean.do
@@ -0,0 +1 @@
+rm -f module-name streebog256 streebog512
diff --git a/default.do b/default.do
@@ -0,0 +1,3 @@
+redo-ifchange module-name
+MOD=`cat module-name`
+go build -o $3 -ldflags "-X ${MOD}.Version=`cat VERSION`" ${MOD}/cmd/$1
diff --git a/download.texi b/download.texi
@@ -1,6 +1,11 @@
 @multitable {XXXXX} {XXXX-XX-XX} {XXXX KiB} {link sign} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}
 @headitem Version @tab Date @tab Size @tab Tarball @tab SHA256 checksum @tab Streebog-256 checksum
 
+@item @ref{Release 4.2.4, 4.2.4} @tab 2020-06-24 @tab 58 KiB
+@tab @url{gogost-4.2.4.tar.xz, link} @url{gogost-4.2.4.tar.xz.sig, sign}
+@tab @code{AB7716CB B1E67C5F 5F38B4F9 EEE2733E 931A0498 084AF7BC E816F961 16EB26AE}
+@tab @code{f3c198b616de3cf15626d7741bfed1dd927a7cc85a8b24d68f48f86d64417a8c}
+
 @item @ref{Release 4.2.3, 4.2.3} @tab 2020-01-22 @tab 58 KiB
 @tab @url{gogost-4.2.3.tar.xz, link} @url{gogost-4.2.3.tar.xz.sig, sign}
 @tab @code{0259919D 6C5F61CC BDAD40E8 52E94EA9 29C0A2C1 7C819158 445BA28E 6BA0B105}

diff --git a/go.mod b/go.mod
@@ -2,4 +2,4 @@ module github.com/ftomza/gogost
 
 go 1.12
 
-require golang.org/x/crypto v0.0.0-20191001170739-f9e2070545dc
+require golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9
diff --git a/go.sum b/go.sum
@@ -1,6 +1,6 @@
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20191001170739-f9e2070545dc h1:KyTYo8xkh/2WdbFLUyQwBS0Jfn3qfZ9QmuPbok2oENE=
-golang.org/x/crypto v0.0.0-20191001170739-f9e2070545dc/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 h1:vEg9joUBmeBcK9iSJftGNf3coIG4HqZElCPehJsfAYM=
+golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=

diff --git a/gost3410/private.go b/gost3410/private.go
@@ -119,3 +119,38 @@ func (prv *PrivateKey) Public() crypto.PublicKey {
 	}
 	return pub
 }
+
+type PrivateKeyReverseDigest struct {
+	Prv *PrivateKey
+}
+
+func (prv *PrivateKeyReverseDigest) Public() crypto.PublicKey {
+	return prv.Prv.Public()
+}
+
+func (prv *PrivateKeyReverseDigest) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error) {
+	d := make([]byte, len(digest))
+	copy(d, digest)
+	reverse(d)
+	return prv.Prv.Sign(rand, d, opts)
+}
+
+type PrivateKeyReverseDigestAndSignature struct {
+	Prv *PrivateKey
+}
+
+func (prv *PrivateKeyReverseDigestAndSignature) Public() crypto.PublicKey {
+	return prv.Prv.Public()
+}
+
+func (prv *PrivateKeyReverseDigestAndSignature) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error) {
+	d := make([]byte, len(digest))
+	copy(d, digest)
+	reverse(d)
+	sign, err := prv.Prv.Sign(rand, d, opts)
+	if err != nil {
+		return sign, err
+	}
+	reverse(sign)
+	return sign, err
+}
diff --git a/install.texi b/install.texi
@@ -1,7 +1,7 @@
 @node Download
 @unnumbered Download
 
-@set VERSION 4.2.3
+@set VERSION 4.2.4
 
 Preferable way is to download tarball with the signature from
 website and, for example, run tests with benchmarks:
@@ -11,11 +11,22 @@ $ [fetch|wget] http://gogost.cypherpunks.ru/gogost-@value{VERSION}.tar.xz
 $ [fetch|wget] http://gogost.cypherpunks.ru/gogost-@value{VERSION}.tar.xz.sig
 $ gpg --verify gogost-@value{VERSION}.tar.xz.sig gogost-@value{VERSION}.tar.xz
 $ xz --decompress --stdout gogost-@value{VERSION}.tar.xz | tar xf -
-$ make -C gogost-@value{VERSION} all bench
-$ echo hello world | gogost-@value{VERSION}/streebog256
+$ cd gogost-@value{VERSION}
+$ redo bench
+$ redo all
+$ echo hello world | ./streebog256
 f72018189a5cfb803dbe1f2149cf554c40093d8e7f81c21e08ac5bcd09d9934d
 @end example
 
+It uses @url{http://cr.yp.to/redo.html, redo} build system for that
+examples. You can use either dozen of various implementations, or at
+least minimalistic POSIX shell @code{apenwarr/do}:
+
+@example
+$ [fetch|wget] https://github.com/apenwarr/redo/raw/master/minimal/do
+$ mv do redo ; chmod +x redo
+@end example
+
 @include download.texi
 
 And then you can include its source code in your project for example
@@ -83,13 +94,11 @@ GoGOST is also @command{go get}-able. For example to use
 $ go get go.cypherpunks.ru/gogost/cmd/streebog256
 @end example
 
-@code{go.cypherpunks.ru} uses @url{https://www.cacert.org/, CACert.org}
-certificate authority, that is not included by default in some operating
-system distributions and probably you have to install it in your system,
-because @command{go get} uses HTTPS connections. If you have issues
-using either @code{sum.golang.org} or @code{proxy.golang.org}, then you
-can disable their usage with @env{GOPRIVATE=go.cypherpunks.ru/gogost}
-environment variable.
+@code{go.cypherpunks.ru} uses @url{http://ca.cypherpunks.ru/, ca.cypherpunks.ru}
+certificate authority. If you have issues using either
+@code{sum.golang.org} or @code{proxy.golang.org}, then you can disable
+their usage with @env{GOPRIVATE=go.cypherpunks.ru/gogost} environment
+variable.
 
 Also you can use @code{replace} feature inside your @file{go.mod}, like:
 

diff --git a/makedist.sh b/makedist.sh
@@ -5,11 +5,12 @@ tmp=$(mktemp -d)
 release=$1
 [ -n "$release" ]
 
+redo-ifchange module-name streebog256
+mod_name=`cat module-name`
 git clone . $tmp/gogost-$release
 cd $tmp/gogost-$release
 git checkout v$release
 
-mod_name=$(sed -n 's/^module //p' go.mod)
 crypto_mod_path=$(sed -n 's#^require \(golang.org/x/crypto\) \(.*\)$#\1@\2#p' go.mod)
 mkdir -p src/$mod_name
 mv \
@@ -25,14 +26,18 @@ mv \
     prfplus \
     cmd internal gogost.go go.mod go.sum src/$mod_name
 
+rm module-name.do clean.do
+echo $mod_name > module-name
+find . -name "*.do" -exec perl -i -npe "s/^go/GOPATH=\`pwd\` go/" {} \;
+
 mkdir -p src/golang.org/x/crypto
 ( cd $GOPATH/pkg/mod/$crypto_mod_path ; \
     tar cf - AUTHORS CONTRIBUTORS LICENSE PATENTS README.md pbkdf2 hkdf ) |
     tar xfC - src/golang.org/x/crypto
 
 cat > download.texi <<EOF
 You can obtain releases source code prepared tarballs on
-@url{http://gocheese.cypherpunks.ru/}.
+@url{http://gogost.cypherpunks.ru/}.
 EOF
 
 texi=$(mktemp)
@@ -65,7 +70,7 @@ EOF
 makeinfo --plaintext -o FAQ $texi
 
 find . -name .git -type d | xargs rm -fr
-rm -f *.texi www.mk style.css makedist.sh TODO
+rm -f *.texi www.do style.css makedist.sh TODO .gitignore
 
 find . -type d -exec chmod 755 {} \;
 find . -type f -exec chmod 644 {} \;

diff --git a/module-name.do b/module-name.do
@@ -0,0 +1,2 @@
+redo-ifchange go.mod
+sed -n 's/^module //p' < go.mod
diff --git a/news.texi b/news.texi
@@ -3,6 +3,12 @@
 
 @table @strong
 
+@anchor{Release 4.2.4}
+@item 4.2.4
+    @code{gost3410.PrivateKeyReverseDigest} reversed digests and
+    @code{PrivateKeyReverseDigestAndSignature} with also reversed signatures
+    signers appeared for convenience.
+
 @anchor{Release 4.2.3}
 @item 4.2.3
     Panic on all possible hash @code{Write} errors.

diff --git a/style.css b/style.css
@@ -7,5 +7,5 @@ body {
 h1, h2, h3, h4 { text-align: center }
 h1, h2, h3, h4, strong { color: #900090 }
 pre { background-color: #CCCCCC }
-table, th, td { border: 1px solid black }
+table, th, td { border: 1px solid black ; border-collapse: collapse }
 --></style>
diff --git a/www.do b/www.do
@@ -0,0 +1,11 @@
+rm -f gogost.html/*.html
+${MAKEINFO:-makeinfo} --html \
+    --set-customization-variable EXTRA_HEAD='<link rev="made" href="mailto:webmaster@cypherpunks.ru">' \
+    --set-customization-variable CSS_LINES="`cat style.css`" \
+    --set-customization-variable SHOW_TITLE=0 \
+    --set-customization-variable USE_ACCESSKEY=0 \
+    --set-customization-variable DATE_IN_HEADER=1 \
+    --set-customization-variable TOP_NODE_UP_URL=index.html \
+    --set-customization-variable CLOSE_QUOTE_SYMBOL=\" \
+    --set-customization-variable OPEN_QUOTE_SYMBOL=\" \
+    -o gogost.html www.texi
diff --git a/www.mk b/www.mk
diff --git a/www.texi b/www.texi
@@ -56,6 +56,9 @@ Currently supported algorithms are:
     @url{https://tools.ietf.org/html/rfc5831.html, RFC 7296})
 @end itemize
 
+Probably you could be interested in
+@url{//gostls13.cypherpunks.ru/, Go's support of GOST TLS 1.3}.
+
 Please send questions, bug reports and patches to
 @url{https://lists.cypherpunks.ru/mailman/listinfo/gost, gost}
 mailing list. Announcements also go to this mailing list.