WebCrypto GOST: Class: GostSign

Constructor

new GostSign(algorithm)

Gost R 34.10 universal object

References: http://tools.ietf.org/html/rfc6986 and http://tools.ietf.org/html/rfc5831

Normalized algorithm identifier common parameters:

name Algorithm name 'GOST R 34.10'
version Algorithm version
- 1994 - Old-style GOST R 34.10-94 ExpMod algorithm with GOST R 34.11-94 hash
- 2001 - GOST R 34.10-2001 Eliptic curve algorithm with old GOST R 34.11-94 hash
- 2012 - GOST R 34.10-2012 Eliptic curve algorithm with GOST R 34.11-12 hash, default mode
length Length of hash and signature. Key length == hash length for EC algorithms and 2 * hash length for ExpMod algorithm
- GOST R 34.10-256 - 256 bits digest, default mode
- GOST R 34.10-512 - 512 bits digest only for GOST R 34.11-2012 hash
mode Algorithm mode
- SIGN Digital signature mode (default)
- DH Diffie-Hellman key generation and key agreement mode
sBox Paramset sBox for GOST 34.11-94. Used only if version = 1994 or 2001

Supported algorithms, modes and parameters:

Sign/Verify mode (SIGN)
DeriveKey/DeriveBits mode (DH)
- CryptoOperationData ukm User key material. Default - random generated value
- CryptoOperationData public The peer's EC public key data
GenerateKey mode (SIGN and DH) version = 1994
- namedParam Paramset for key generation algorithm. If specified no additianal parameters required
Additional parameters, if namedParam not specified
- modulusLength Bit length of p (512 or 1024 bits). Default = 1024
- p CryptoOperationData Modulus, prime number, 2^(t-1)
- q CryptoOperationData Order of cyclic group, prime number, 2^254
- a CryptoOperationData Generator, integer, 1
GenerateKey mode (SIGN and DH) version = 2001 or 2012
- namedCurve Paramset for key generation algorithm. If specified no additianal parameters required
Additional EC parameters, if namedCurve not specified
- p CryptoOperationData Prime number - elliptic curve modulus
- a CryptoOperationData Coefficients a of the elliptic curve E
- b CryptoOperationData Coefficients b of the elliptic curve E
- q CryptoOperationData Prime number - order of cyclic group
- x CryptoOperationData Base point p x-coordinate
- y CryptoOperationData Base point p y-coordinate

Parameters:

Name	Type	Description
`algorithm`	AlgorithmIndentifier

Source:

gostSign.js, line 1845

Methods

deriveBits(baseKey, length) → {CryptoOperationData}

Algorithm name GOST R 34.10

The deriveBits method returns length bits on baseKey.

Parameters:

Name	Type	Description
`baseKey`	CryptoOperationData \| TypedArray	Key for deriviation
`length`	number	output bit-length

Source:

gostSign.js, line 1796

Returns:

result

Type: CryptoOperationData

deriveKey(baseKey) → {CryptoOperationData}

Algorithm name GOST R 34.10

The deriveKey method returns 256 bit Key encryption key on baseKey. This algorithm creates a key encryption key (KEK) using 64 bit UKM, the sender’s private key, and the recipient’s public key (or the reverse of the latter pair

Parameters:

Name	Type	Description
`baseKey`	CryptoOperationData \| TypedArray	Key for deriviation

Source:

gostSign.js, line 1820

Returns:

result

Type: CryptoOperationData

generateKey() → {Object}

Algorithm name GOST R 34.10

The generateKey method returns a new generated key pair using the specified AlgorithmIdentifier.

Source:

gostSign.js, line 1632

Returns:

Object with two CryptoOperationData members: privateKey and publicKey

Type: Object

generateMaskKey() → {Object}

Algorithm name GOST R 34.10 mode MASK

The generateMaskKey method returns a new generated key mask using for wrapping.

Source:

gostSign.js, line 1678

Returns:

Object with two CryptoOperationData members: privateKey and publicKey

Type: Object

sign(privateKey, data) → {CryptoOperationData}

Algorithm name GOST R 34.10

The sign method returns sign data generated with the supplied privateKey.

Parameters:

Name	Type	Description
`privateKey`	CryptoOperationData \| TypedArray	Private key
`data`	CryptoOperationData \| TypedArray	Data

Source:

gostSign.js, line 1497

Returns:

Signature

Type: CryptoOperationData

sign(publicKey, signature, data) → {boolean}

Algorithm name GOST R 34.10

The verify method returns signature verification for the supplied publicKey.

Parameters:

Name	Type	Description
`publicKey`	CryptoOperationData \| TypedArray	Public key
`signature`	CryptoOperationData \| TypedArray	Signature
`data`	CryptoOperationData \| TypedArray	Data

Source:

gostSign.js, line 1566

Returns:

Signature verified = true

Type: boolean

unwrap(baseKey, data) → {Object}

Algorithm name GOST R 34.10

Unwrap private key from private key and ukm (mask)

Parameters:

Name	Type	Description
`baseKey`	CryptoOperationData \| TypedArray	Unwrapping key
`data`	CryptoOperationData \| TypedArray	Wrapped key

Source:

gostSign.js, line 1703

Returns:

CryptoOperationData unwrapped privateKey

Type: Object

unwrap(baseKey, data) → {Object}

Algorithm name GOST R 34.10

Wrap private key with private key and ukm (mask)

Parameters:

Name	Type	Description
`baseKey`	CryptoOperationData \| TypedArray	Wrapping key
`data`	CryptoOperationData \| TypedArray	Key

Source:

gostSign.js, line 1728

Returns:

CryptoOperationData unwrapped privateKey

Type: Object

WebCrypto GOST Class: GostSign

Constructor

new GostSign(algorithm)

Parameters:

Methods

deriveBits(baseKey, length) → {CryptoOperationData}

Parameters:

Returns:

deriveKey(baseKey) → {CryptoOperationData}

Parameters:

Returns:

generateKey() → {Object}

Returns:

generateMaskKey() → {Object}

Returns:

sign(privateKey, data) → {CryptoOperationData}

Parameters:

Returns:

sign(publicKey, signature, data) → {boolean}

Parameters:

Returns:

unwrap(baseKey, data) → {Object}

Parameters:

Returns:

unwrap(baseKey, data) → {Object}

Parameters:

Returns: