From a6cd961afc593b3fce8a636a9e5e1c1753c08105 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Tue, 4 Jul 2017 12:15:25 +0300 Subject: [PATCH] Building HOWTO. --- README.gost | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/README.gost b/README.gost index 3a48d95..888ba3f 100644 --- a/README.gost +++ b/README.gost @@ -6,16 +6,25 @@ without changing its core. If OpenSSL is compiled with dynamic engine support, new algorithms can be added even without recompilation of OpenSSL and applications which use it. +COMPILING AND INSTALLATION + +This engine is a drop-in replacement of the GOST engine included in openssl +1.0.2. The original version does not support GOST2012 algorithms. To compile +it, you MUST apply the required patches (from the patches/ folder) to the +openssl 1.0.2 source tree and copy all files from the current directory to the +openssl/engines/ccgost folder. After that you will be able to configure and +build openssl using standard options. + ALGORITHMS SUPPORTED -GOST R 34.10-94 and GOST R 34.10-2001 - digital signature algorithms. +GOST R 34.10-2001 and GOST R 34.10-2012 - digital signature algorithms. Also support key exchange based on public keys. See RFC 4357 for details of VKO key exchange algorithm. These algorithms use 256 bit private keys. Public keys are 1024 bit for 94 and 512 bit for 2001 (which is elliptic-curve based). Key exchange algorithms (VKO R 34.10) are supported on these keys too. -GOST R 34.11-94 Message digest algorithm. 256-bit hash value +GOST R 34.11-2012 Message digest algorithm. 256-bit hash value GOST 28147-89 - Symmetric cipher with 256-bit key. Various modes are defined in the standard, but only CFB and CNT modes are implemented -- 2.39.2