WebCrypto GOST Namespace: gostEngine

gostEngine

Object implements dedicated Web Workers and provide a simple way to create and run GOST cryptographic algorithms in background thread. Object provide interface to GOST low-level cryptogric classes:
Source:

Members

(static) onmessage

Method called when SubtleCrypto calls its own postMessage() method with data parameter: algorithm, method and arg.
Call method execute and postMessage() results to onmessage event handler in the main process.
If error occured onerror event handler executed in main process.
Source:

Methods

(static) execute(algorithm, method, args) → {CryptoOperationData|Key|KeyPair|boolean}

gostEngine.execute(algorithm, method, args) Entry point to execution all low-level GOST cryptographic methods
  • Determine the appropriate engine for a given execution method
  • Create cipher object for determineted engine
  • Execute method of cipher with given args
Parameters:
Name Type Description
algorithm AlgorithmIndentifier Algorithm identifier
method string Crypto method for execution
args Array Method arguments (keys, data, additional parameters)
Source:
Returns:
Result of method execution
Type
CryptoOperationData | Key | KeyPair | boolean

(static) getGostCipher(algorithm) → {GostCipher}

gostEngine.getGostCipher(algorithm) returns GOST 28147 / GOST R 34.12 cipher instance

GOST 28147-89 / GOST R 34.12-15 Encryption Algorithm

When keys and initialization vectors are converted to/from byte arrays, little-endian byte order is assumed.

Normalized algorithm identifier common parameters:
  • name Algorithm name 'GOST 28147' or 'GOST R 34.12'
  • version Algorithm version, number
    • 1989 Current version of standard
    • 2015 New draft version of standard
  • length Block length
    • 64 64 bits length (default)
    • 128 128 bits length (only for version 2015)
  • mode Algorithm mode, string
    • ES Encryption mode (default)
    • MAC "imitovstavka" (MAC) mode
    • KW Key wrapping mode
    • MASK Key mask mode
  • sBox Paramset sBox for GOST 28147-89, string. Used only if version = 1989
Supported algorithms, modes and parameters:
  • Encript/Decrypt mode (ES)
    • block Block mode, string. Default ECB
    • keyMeshing Key meshing mode, string. Default NO
    • padding Padding mode, string. Default NO for CFB and CTR modes, or ZERO for others
    • iv CryptoOperationData Initial vector with length of block. Default - zero block
  • Sign/Verify mode (MAC)
    • macLength Length of mac in bits (default - 32 bits)
    • iv CryptoOperationData Initial vector with length of block. Default - zero block
  • Wrap/Unwrap key mode (KW)
    • keyWrapping Mode of keywrapping, string. Default NO - standard GOST key wrapping
    • ukm CryptoOperationData User key material. Default - random generated value
  • Wrap/Unwrap key mode (MASK)
Supported paramters values:
  • Block modes (parameter 'block')
    • ECB "prostaya zamena" (ECB) mode (default)
    • CFB "gammirovanie s obratnoj svyaziyu" (64-bit CFB) mode
    • CTR "gammirovanie" (counter) mode
    • CBC Cipher-Block-Chaining (CBC) mode
  • Key meshing modes (parameter 'keyMeshing')
    • NO No key wrapping (default)
    • CP CryptoPor Key key meshing
  • Padding modes (parameter 'padding')
    • NO No padding only for CFB and CTR modes
    • PKCS5 PKCS#5 padding mode
    • ZERO Zero bits padding mode
    • RANDOM Random bits padding mode
  • Wrapping key modes (parameter 'keyWrapping')
    • NO Ref. rfc4357 6.1 GOST 28147-89 Key wrapping
    • CP CryptoPro Key wrapping mode
    • SC SignalCom Key wrapping mode
Parameters:
Name Type Description
algorithm AlgorithmIndentifier Algorithm identifier
Source:
Returns:
Instance of GostCipher
Type
GostCipher

(static) getGostDigest(algorithm) → {GostDigest}

gostEngine.getGostDigest(algorithm) returns GOST R 34.11 cipher instance

Normalized algorithm identifier common parameters:
  • name Algorithm name 'GOST R 34.11'
  • version Algorithm version
    • 1994 old-style 256 bits digest based on GOST 28147-89
    • 2012 256 ro 512 bits digest algorithm "Streebog" GOST R 34.11-2012 (default)
  • length Digest length
    • 256 256 bits digest
    • 512 512 bits digest, valid only for algorithm "Streebog"
  • mode Algorithm mode
    • HASH simple digest mode (default)
    • HMAC HMAC algorithm based on GOST R 34.11
    • KDF Derive bits for KEK deversification
    • PBKDF2 Password based key dirivation algorithms PBKDF2 (based on HMAC)
    • PFXKDF PFX key dirivation algorithms PFXKDF
    • CPKDF CryptoPro Password based key dirivation algorithms
  • sBox Paramset sBox for GOST 28147-89. Used only if version = 1994
Supported algorithms, modes and parameters:
  • Digest HASH mode (default)
  • Sign/Verify HMAC modes parameters depends on version and length
    • version: 1994 HMAC parameters (B = 32, L = 32)
    • version: 2012, length: 256 HMAC parameters (B = 64, L = 32)
    • version: 2012, length: 512 HMAC parameters (B = 64, L = 64)
  • DeriveBits/DeriveKey KDF mode
  • DeriveBits/DeriveKey PBKDF2 mode
    • salt CryptoOperationData Random salt as input for HMAC algorithm
    • iterations Iteration count. GOST recomended value 1000 (default) or 2000
  • DeriveBits/DeriveKey PFXKDF mode
    • salt CryptoOperationData Random salt as input for HMAC algorithm
    • iterations Iteration count. GOST recomended value 1000 (default) or 2000
    • diversifier Deversifier, ID=1 - key material for performing encryption or decryption, ID=2 - IV (Initial Value) for encryption or decryption, ID=3 - integrity key for MACing
  • DeriveBits/DeriveKey CPKDF mode
    • salt CryptoOperationData Random salt as input for HMAC algorithm
    • iterations Iteration count. GOST recomended value 1000 (default) or 2000
Parameters:
Name Type Description
algorithm AlgorithmIndentifier Algorithm identifier
Source:
Returns:
Instance of GostDigest
Type
GostDigest

(static) getGostSign(algorithm) → {GostSign}

gostEngine.getGostSign(algorithm) returns GOST R 34.10 cipher instance

Normalized algorithm identifier common parameters:
  • name Algorithm name 'GOST R 34.10'
  • version Algorithm version
    • 1994 - Old-style GOST R 34.10-94 ExpMod algorithm with GOST R 34.11-94 hash
    • 2001 - GOST R 34.10-2001 Eliptic curve algorithm with old GOST R 34.11-94 hash
    • 2012 - GOST R 34.10-2012 Eliptic curve algorithm with GOST R 34.11-12 hash, default mode
  • length Length of hash and signature. Key length == hash length for EC algorithms and 2 * hash length for ExpMod algorithm
    • GOST R 34.10-256 - 256 bits digest, default mode
    • GOST R 34.10-512 - 512 bits digest only for GOST R 34.11-2012 hash
  • mode Algorithm mode
    • SIGN Digital signature mode (default)
    • DH Diffie-Hellman key generation and key agreement mode
    • MASK Key mask mode
  • sBox Paramset sBox for GOST 34.11-94. Used only if version = 1994 or 2001
Supported algorithms, modes and parameters:
  • Sign/Verify mode (SIGN)
  • Wrap/Unwrap mode (MASK)
  • DeriveKey/DeriveBits mode (DH)
  • GenerateKey mode (SIGN and DH and MASK) version = 1994
    • namedParam Paramset for key generation algorithm. If specified no additianal parameters required
    Additional parameters, if namedParam not specified
  • GenerateKey mode (SIGN and DH and MASK) version = 2001 or 2012
    • namedCurve Paramset for key generation algorithm. If specified no additianal parameters required
    Additional EC parameters, if namedCurve not specified
Parameters:
Name Type Description
algorithm AlgorithmIndentifier Algorithm identifier
Source:
Returns:
Instance of GostSign
Type
GostSign