Skip to main content

gost_crypto/
lib.rs

1//! Pure-Rust GOST cryptography, compatible with the `RustCrypto` ecosystem.
2//!
3//! ## Algorithms
4//!
5//! | Algorithm | Type | Feature |
6//! |-----------|------|---------|
7//! | GOST 28147-89 | Block cipher (64-bit block, 256-bit key) | always |
8//! | GOST R 34.11-94 | Hash (256-bit, `CryptoPro` / Test param sets) | always |
9//! | CMAC / OMAC | MAC over GOST 28147-89 | `mac` |
10//! | GOST R 34.11-2012 (Streebog) | Hash 256 / 512-bit | `streebog` |
11//!
12//! ## Block cipher modes
13//!
14//! [`Gost28147`] implements [`cipher::BlockCipherEncrypt`] + [`cipher::BlockCipherDecrypt`]
15//! + [`cipher::KeyInit`], so standard `RustCrypto` mode crates work out of the box:
16//!
17//! ```toml
18//! # Cargo.toml
19//! [dependencies]
20//! gost-crypto = "0.2"
21//! cbc         = "0.1"
22//! cfb-mode    = "0.8"
23//! ofb         = "0.6"
24//! ```
25//!
26//! ```ignore
27//! use gost_crypto::Gost28147;
28//! use cbc::Encryptor;
29//! use cipher::{KeyIvInit, BlockEncryptMut, block_padding::Pkcs7};
30//!
31//! let enc = Encryptor::<Gost28147>::new(&key.into(), &iv.into());
32//! let ct = enc.encrypt_padded_vec_mut::<Pkcs7>(plaintext);
33//! ```
34//!
35//! ## CMAC (feature `mac`)
36//!
37//! ```toml
38//! gost-crypto = { version = "0.2", features = ["mac"] }
39//! ```
40//!
41//! ```ignore
42//! use gost_crypto::mac::Gost28147Mac;
43//! use digest::Mac;
44//! let mut mac = Gost28147Mac::new(&key.into());
45//! mac.update(b"message");
46//! let tag = mac.finalize().into_bytes();
47//! ```
48//!
49//! ## Streebog (feature `streebog`)
50//!
51//! ```toml
52//! gost-crypto = { version = "0.2", features = ["streebog"] }
53//! ```
54//!
55//! ```ignore
56//! use gost_crypto::streebog::{Streebog256, Streebog512};
57//! use digest::Digest;
58//! let hash = Streebog256::digest(b"hello");
59//! ```
60//!
61//! # Example
62//! ```rust
63//! use gost_crypto::{Gost341194, SBOX_CRYPTOPRO};
64//! use digest::Update;
65//!
66//! let mut h = Gost341194::new_with_sbox(&SBOX_CRYPTOPRO);
67//! Update::update(&mut h, b"hello");
68//! let result = h.finalize_bytes();
69//! assert_eq!(result.len(), 32);
70//! ```
71
72#![no_std]
73
74pub(crate) mod gost28147;
75pub(crate) mod gost341194;
76pub(crate) mod sbox;
77
78pub use gost28147::Gost28147;
79pub use gost341194::Gost341194;
80pub use sbox::{Sbox, SBOX_CRYPTOPRO, SBOX_TEST};
81
82/// CMAC/OMAC MAC over GOST 28147-89.
83///
84/// Enabled with feature `mac`.
85#[cfg(feature = "mac")]
86pub mod mac {
87    /// CMAC authenticator keyed with GOST 28147-89.
88    pub type Gost28147Mac = cmac::Cmac<super::Gost28147>;
89}
90
91/// GOST R 34.11-2012 (Streebog) hash, 256-bit and 512-bit variants.
92///
93/// Enabled with feature `streebog`. Re-exports the `streebog` crate.
94#[cfg(feature = "streebog")]
95pub use streebog;
96
97/// GOST R 34.12-2015 Kuznyechik (Grasshopper) block cipher, 128-bit block, 256-bit key.
98///
99/// Enabled with feature `kuznyechik`. Re-exports the `kuznyechik` crate.
100/// Implements `cipher::BlockCipherEncrypt + BlockCipherDecrypt + KeyInit`.
101#[cfg(feature = "kuznyechik")]
102pub use ::kuznyechik;
103
104/// HMAC over Streebog-256 and Streebog-512 (RFC 7836 §A.1).
105///
106/// Enabled with feature `hmac-streebog`.
107#[cfg(feature = "hmac-streebog")]
108pub mod hmac_streebog {
109    /// HMAC keyed with Streebog-256.
110    pub type HmacStreebog256 = hmac::Hmac<::streebog::Streebog256>;
111    /// HMAC keyed with Streebog-512.
112    pub type HmacStreebog512 = hmac::Hmac<::streebog::Streebog512>;
113}