WebCrypto GOST Class: GostCipher

GostCipher

Constructor

new GostCipher(algorithm)

GOST 28147-89 Encryption Algorithm

References http://tools.ietf.org/html/rfc5830

When keys and initialization vectors are converted to/from byte arrays, little-endian byte order is assumed.

Normalized algorithm identifier common parameters:
  • name Algorithm name 'GOST 28147' or 'GOST R 34.12'
  • version Algorithm version, number
    • 1989 Current version of standard
    • 2015 New draft version of standard
  • length Block length
    • 64 64 bits length (default)
    • 128 128 bits length (only for version 2015)
  • mode Algorithm mode, string
    • ES Encryption mode (default)
    • MAC "imitovstavka" (MAC) mode
    • KW Key wrapping mode
  • sBox Paramset sBox for GOST 28147-89, string. Used only if version = 1989
Supported algorithms, modes and parameters:
  • Encript/Decrypt mode (ES)
    • block Block mode, string. Default ECB
    • keyMeshing Key meshing mode, string. Default NO
    • padding Padding mode, string. Default NO for CFB and CTR modes, or ZERO for others
    • iv CryptoOperationData Initial vector with length of block. Default - zero block
  • Sign/Verify mode (MAC)
    • macLength Length of mac in bits (default - 32 bits)
    • iv CryptoOperationData Initial vector with length of block. Default - zero block
  • Wrap/Unwrap key mode (KW)
    • keyWrapping Mode of keywrapping, string. Default NO - standard GOST key wrapping
    • ukm CryptoOperationData User key material. Default - random generated value
Supported paramters values:
  • Block modes (parameter 'block')
    • ECB "prostaya zamena" (ECB) mode (default)
    • CFB "gammirovanie s obratnoj svyaziyu po shifrotekstu" (CFB) mode
    • OFB "gammirovanie s obratnoj svyaziyu po vyhodu" (OFB) mode
    • CTR "gammirovanie" (counter) mode
    • CBC Cipher-Block-Chaining (CBC) mode
  • Key meshing modes (parameter 'keyMeshing')
    • NO No key wrapping (default)
    • CP CryptoPor Key key meshing
  • Padding modes (parameter 'padding')
    • NO No padding only for CFB, OFB and CTR modes
    • PKCS5 PKCS#5 padding mode
    • ZERO Zero bits padding mode
    • RANDOM Random bits padding mode
    • BIT One bit padding mode
  • Wrapping key modes (parameter 'keyWrapping')
    • NO Ref. rfc4357 6.1 GOST 28147-89 Key wrapping
    • CP CryptoPro Key wrapping mode
    • SC SignalCom Key wrapping mode
Parameters:
Name Type Description
algorithm AlgorithmIndentifier WebCryptoAPI algorithm identifier
Source:

Methods

decrypt(k, d) → {CryptoOperationData}

Algorithm name GOST 28147-ECB

decryptECB (K, D) is D, decrypted with key K using GOST 28147/GOST R 34.13 in "prostaya zamena" (Electronic Codebook, ECB) mode.
Parameters:
Name Type Description
k CryptoOperationData 8x32 bits key
d CryptoOperationData 8 bits message
Source:
Returns:
result
Type
CryptoOperationData

decrypt(k, d, iv) → {CryptoOperationData}

Algorithm name GOST 28147-CFB

decryptCFB (IV, K, D) is D, decrypted with key K using GOST 28147/GOST R 34.13 in "gammirovanie s obratnoj svyaziyu po shifrotekstu" (Cipher Feedback, CFB) mode, and IV is used as the initialization vector.
Parameters:
Name Type Description
k CryptoOperationData 8x32 bits key
d CryptoOperationData 8 bits array with data
iv CryptoOperationData initial vector
Source:
Returns:
result
Type
CryptoOperationData

decrypt(k, d, iv) → {CryptoOperationData}

Algorithm name GOST 28147-OFB

encryptOFB/decryptOFB (IV, K, D) is D, encrypted with key K using GOST 28147/GOST R 34.13 in "gammirovanie s obratnoj svyaziyu po vyhodu" (Output Feedback, OFB) mode, and IV is used as the initialization vector.
Parameters:
Name Type Description
k CryptoOperationData 8x32 bits key
d CryptoOperationData 8 bits array with data
iv CryptoOperationData initial vector
Source:
Returns:
result
Type
CryptoOperationData

decrypt(k, d, iv) → {CryptoOperationData}

Algorithm name GOST 28147-CTR

encryptCTR/decryptCTR (IV, K, D) is D, encrypted with key K using GOST 28147/GOST R 34.13 in "gammirovanie" (Counter Mode-CTR) mode, and IV is used as the initialization vector.
Parameters:
Name Type Description
k CryptoOperationData 8x32 bits key
d CryptoOperationData 8 bits array with data
iv CryptoOperationData initial vector
Source:
Returns:
result
Type
CryptoOperationData

decrypt(k, d, iv) → {CryptoOperationData}

Algorithm name GOST 28147-CBC

decryptCBC (IV, K, D) is D, decrypted with key K using GOST 28147/GOST R 34.13 in "Prostaya zamena s zatsepleniem" (Cipher-Block-Chaining, CBC) mode and IV is used as the initialization vector.
Parameters:
Name Type Description
k CryptoOperationData 8x32 bits key
d CryptoOperationData 8 bits array with data
iv CryptoOperationData initial vector
Source:
Returns:
result
Type
CryptoOperationData

encrypt(k, d, iv) → {CryptoOperationData}

Algorithm name GOST 28147-OFB

encryptOFB/decryptOFB (IV, K, D) is D, encrypted with key K using GOST 28147/GOST R 34.13 in "gammirovanie s obratnoj svyaziyu po vyhodu" (Output Feedback, OFB) mode, and IV is used as the initialization vector.
Parameters:
Name Type Description
k CryptoOperationData 8x32 bits key
d CryptoOperationData 8 bits array with data
iv CryptoOperationData 8x8 optional bits initial vector
Source:
Returns:
result
Type
CryptoOperationData

encrypt(k, d, iv) → {CryptoOperationData}

Algorithm name GOST 28147-CTR

encryptCTR/decryptCTR (IV, K, D) is D, encrypted with key K using GOST 28147/GOST R 34.13 in "gammirovanie" (Counter Mode-CTR) mode, and IV is used as the initialization vector.
Parameters:
Name Type Description
k CryptoOperationData 8x32 bits key
d CryptoOperationData 8 bits array with data
iv CryptoOperationData 8x8 optional bits initial vector
Source:
Returns:
result
Type
CryptoOperationData

encrypt(k, d) → {CryptoOperationData}

Algorithm name GOST 28147-ECB

encryptECB (K, D) is D, encrypted with key k using GOST 28147/GOST R 34.13 in "prostaya zamena" (Electronic Codebook, ECB) mode.
Parameters:
Name Type Description
k CryptoOperationData 8x32 bit key
d CryptoOperationData 8 bits message
Source:
Returns:
result
Type
CryptoOperationData

encrypt(k, d, iv) → {CryptoOperationData}

Algorithm name GOST 28147-CFB

encryptCFB (IV, K, D) is D, encrypted with key K using GOST 28147/GOST R 34.13 in "gammirovanie s obratnoj svyaziyu" (Cipher Feedback, CFB) mode, and IV is used as the initialization vector.
Parameters:
Name Type Description
k CryptoOperationData 8x32 bits key
d CryptoOperationData 8 bits array with data
iv CryptoOperationData initial vector
Source:
Returns:
result
Type
CryptoOperationData

encrypt(k, d, iv) → {CryptoOperationData}

Algorithm name GOST 28147-CBC

encryptCBC (IV, K, D) is D, encrypted with key K using GOST 28147/GOST R 34.13 in "Prostaya zamena s zatsepleniem" (Cipher-Block-Chaining, CBC) mode and IV is used as the initialization vector.
Parameters:
Name Type Description
k CryptoOperationData 8x32 bits key
d CryptoOperationData 8 bits array with data
iv CryptoOperationData initial vector
Source:
Returns:
result
Type
CryptoOperationData

generateKey() → {CryptoOperationData}

The generateKey method returns a new generated key.
Source:
Returns:
result
Type
CryptoOperationData

generateKey() → {CryptoOperationData}

Algorithm name GOST 28147-SCKW

SignalCom master key generation for wrapping
Source:
Returns:
result
Type
CryptoOperationData

sign(k, d, iv) → {CryptoOperationData}

signMAC (K, D, IV) is the 32-bit result of the GOST 28147/GOST R 34.13 in "imitovstavka" (MAC) mode, used with D as plaintext, K as key and IV as initialization vector. Note that the standard specifies its use in this mode only with an initialization vector of zero.
Parameters:
Name Type Description
k CryptoOperationData 8x32 bits key
d CryptoOperationData 8 bits array with data
iv CryptoOperationData initial vector
Source:
Returns:
result
Type
CryptoOperationData

unwrapKey(kek, data) → {CryptoOperationData}

Algorithm name GOST 28147-KW

This algorithm decrypts GOST 28147-89 CEK with a GOST 28147 KEK. Ref. rfc4357 6.2 GOST 28147-89 Key Unwrap
Parameters:
Name Type Description
kek type Key encryption key
data type Content encryption key
Source:
Returns:
result
Type
CryptoOperationData

unwrapKey(kek, data) → {CryptoOperationData}

Algorithm name GOST 28147-CPKW

This algorithm encrypts GOST 28147-89 CEK with a GOST 28147 KEK. Ref. rfc4357 6.4 CryptoPro Key Unwrap
Parameters:
Name Type Description
kek CryptoOperationData Key encryption key
data CryptoOperationData Encrypted content encryption keu
Source:
Returns:
result Decrypted content encryption keu
Type
CryptoOperationData

unwrapKey(kek, cek) → {CryptoOperationData}

Algorithm name GOST 28147-SCKW

SignalCom Key UnWrapping algorithm
Parameters:
Name Type Description
kek CryptoOperationData concatination of files mk.db3 + masks.db3 or clear kek
cek CryptoOperationData wrapping key - file kek.opq
Source:
Returns:
result
Type
CryptoOperationData

unwrapKey(mask, key) → {CryptoOperationData}

Algorithm name GOST 28147-CPKW

This algorithm unwrap key mask
Parameters:
Name Type Description
mask CryptoOperationData The mask
key CryptoOperationData The masked key
Source:
Returns:
result The key
Type
CryptoOperationData

verify(k, m, d, iv) → {boolen}

verifyMAC (K, M, D, IV) the 32-bit result verification of the GOST 28147/GOST R 34.13 in "imitovstavka" (MAC) mode, used with D as plaintext, K as key and IV as initialization vector. Note that the standard specifies its use in this mode only with an initialization vector of zero.
Parameters:
Name Type Description
k CryptoOperationData 8x32 bits key
m CryptoOperationData 8 bits array with signature
d CryptoOperationData 8 bits array with data
iv CryptoOperationData 8x8 optional bits initial vector
Source:
Returns:
MAC verified = true
Type
boolen

wrapKey(kek, cek) → {CryptoOperationData}

Algorithm name GOST 28147-KW

This algorithm encrypts GOST 28147-89 CEK with a GOST 28147/GOST R 34.13 KEK. Ref. rfc4357 6.1 GOST 28147-89 Key Wrap Note: This algorithm MUST NOT be used with a KEK produced by VKO GOST R 34.10-94, because such a KEK is constant for every sender-recipient pair. Encrypting many different content encryption keys on the same constant KEK may reveal that KEK.
Parameters:
Name Type Description
kek CryptoOperationData Key encryption key
cek CryptoOperationData Content encryption key
Source:
Returns:
Encrypted cek
Type
CryptoOperationData

wrapKey(kek, cek) → {CryptoOperationData}

Algorithm name GOST 28147-CPKW

This algorithm encrypts GOST 28147-89 CEK with a GOST 28147 KEK. It can be used with any KEK (e.g., produced by VKO GOST R 34.10-94 or VKO GOST R 34.10-2001) because a unique UKM is used to diversify the KEK. Ref. rfc4357 6.3 CryptoPro Key Wrap
Parameters:
Name Type Description
kek CryptoOperationData Key encryption key
cek CryptoOperationData Content encryption key
Source:
Returns:
Encrypted cek
Type
CryptoOperationData

wrapKey(kek, cek) → {CryptoOperationData}

Algorithm name GOST 28147-SCKW

SignalCom Key Wrapping algorithm
Parameters:
Name Type Description
kek CryptoOperationData clear kek or concatination of mk.db3 + masks.db3
cek CryptoOperationData key for wrapping
Source:
Returns:
wrapped key - file kek.opq
Type
CryptoOperationData

wrapKey(mask, key) → {CryptoOperationData}

Algorithm name GOST 28147-MASK

This algorithm wrap key mask
Parameters:
Name Type Description
mask CryptoOperationData The mask
key CryptoOperationData The key
Source:
Returns:
The masked key
Type
CryptoOperationData