WebCrypto GOST Class: GostDigest

GostDigest

Constructor

new GostDigest(algorithm)

GOST R 34.11 Algorithm

References: http://tools.ietf.org/html/rfc6986 and http://tools.ietf.org/html/rfc5831

Normalized algorithm identifier common parameters:
  • name Algorithm name 'GOST R 34.11'
  • version Algorithm version
    • 1994 old-style 256 bits digest based on GOST 28147-89
    • 2012 256 ro 512 bits digest algorithm "Streebog" GOST R 34.11-2012 (default)
  • length Digest length
    • 256 256 bits digest
    • 512 512 bits digest, valid only for algorithm "Streebog"
  • mode Algorithm mode
    • HASH simple digest mode (default)
    • HMAC HMAC algorithm based on GOST R 34.11
    • KDF Derive bits for KEK deversification
    • PBKDF2 Password based key dirivation algorithms PBKDF2 (based on HMAC)
    • PFXKDF Password based PFX key dirivation algorithms
    • CPKDF CpyptoPro Password based key dirivation algorithms
  • sBox Paramset sBox for GOST 28147-89. Used only if version = 1994
Supported algorithms, modes and parameters:
  • Digest HASH mode (default)
  • Sign/Verify HMAC modes parameters depends on version and length
    • version: 1994 HMAC parameters (B = 32, L = 32)
    • version: 2012, length: 256 HMAC parameters (B = 64, L = 32)
    • version: 2012, length: 512 HMAC parameters (B = 64, L = 64)
  • DeriveBits/DeriveKey KDF mode
  • DeriveBits/DeriveKey PBKDF2 mode
    • salt CryptoOperationData Random salt as input for HMAC algorithm
    • iterations Iteration count. GOST recomended value 1000 (default) or 2000
    • diversifier Deversifier, ID=1 - key material for performing encryption or decryption, ID=3 - integrity key for MACing
  • DeriveBits/DeriveKey PFXKDF mode
    • salt CryptoOperationData Random salt as input for HMAC algorithm
    • iterations Iteration count. GOST recomended value 1000 (default) or 2000
    • diversifier Deversifier, ID=1 - key material for performing encryption or decryption, ID=2 - IV (Initial Value) for encryption or decryption, ID=3 - integrity key for MACing
  • DeriveBits/DeriveKey CPKDF mode
    • salt CryptoOperationData Random salt as input for HMAC algorithm
    • iterations Iteration count. GOST recomended value 1000 (default) or 2000
Parameters:
Name Type Description
algorithm AlgorithmIdentifier WebCryptoAPI algorithm identifier
Source:

Methods

deriveBits(baseKey, length) → {ArrayBuffer}

Algorithm name GOST R 34.11-PFXKDF

Derive bits from password (PKCS12 mode)
  • algorithm.salt - random value, salt
  • algorithm.iterations - number of iterations
Parameters:
Name Type Description
baseKey ArrayBuffer password after UTF-8 decoding
length number output bit-length
Source:
Returns:
result
Type
ArrayBuffer

deriveBits(baseKey, length) → {ArrayBuffer}

Algorithm name GOST R 34.11-KDF

Derive bits for KEK deversification in 34.10-2012 algorithm KDF(KEK, UKM, label) = HMAC256 (KEK, 0x01|label|0x00|UKM|0x01|0x00) Default label = 0x26|0xBD|0xB8|0x78
Parameters:
Name Type Description
baseKey ArrayBuffer | TypedArray base key for deriviation
length number output bit-length
Source:
Returns:
result
Type
ArrayBuffer

deriveBits(baseKey, length) → {ArrayBuffer}

Algorithm name GOST R 34.11-PBKDF1

Derive bits from password
  • algorithm.salt - random value, salt
  • algorithm.iterations - number of iterations
Parameters:
Name Type Description
baseKey ArrayBuffer password after UTF-8 decoding
length number output bit-length
Source:
Returns:
result
Type
ArrayBuffer

deriveBits(baseKey, length) → {ArrayBuffer}

Algorithm name GOST R 34.11-PBKDF2

Derive bits from password
  • algorithm.salt - random value, salt
  • algorithm.iterations - number of iterations
Parameters:
Name Type Description
baseKey ArrayBuffer password after UTF-8 decoding
length number output bit-length
Source:
Returns:
result
Type
ArrayBuffer

deriveBits(baseKey, length) → {ArrayBuffer}

Algorithm name GOST R 34.11-CPKDF

Derive bits from password. CryptoPro algorithm
  • algorithm.salt - random value, salt
  • algorithm.iterations - number of iterations
Parameters:
Name Type Description
baseKey ArrayBuffer password after UTF-8 decoding
length number output bit-length
Source:
Returns:
result
Type
ArrayBuffer

deriveKey(baseKey) → {ArrayBuffer}

Algorithm name GOST R 34.11-KDF or GOST R 34.11-PBKDF2 or other

Derive key from derive bits subset
Parameters:
Name Type Description
baseKey ArrayBuffer
Source:
Returns:
Type
ArrayBuffer

digest(data) → {ArrayBuffer}

Algorithm name GOST R 34.11 or GOST R 34.11-12

http://tools.ietf.org/html/rfc6986 The digest method returns digest data in according to GOST R 4311-2012.
Size of digest also defines in algorithm name.
  • GOST R 34.11-256-12 - 256 bits digest
  • GOST R 34.11-512-12 - 512 bits digest
Parameters:
Name Type Description
data ArrayBuffer | TypedArray Data
Source:
Returns:
Digest of data
Type
ArrayBuffer

digest(data) → {ArrayBuffer}

Algorithm name GOST R 34.11-94

http://tools.ietf.org/html/rfc5831 The digest method returns digest data in according to GOST R 34.11-94.
Parameters:
Name Type Description
data ArrayBuffer | TypedArray Data
Source:
Returns:
Digest of data
Type
ArrayBuffer

digest(data) → {ArrayBuffer}

Algorithm name SHA-1

https://tools.ietf.org/html/rfc3174 The digest method returns digest data in according to SHA-1.
Parameters:
Name Type Description
data ArrayBuffer | TypedArray Data
Source:
Returns:
Digest of data
Type
ArrayBuffer

generateKey() → {ArrayBuffer}

Algorithm name GOST R 34.11-KDF

Simple generate key 256/512 bit random seed for derivation algorithms
Source:
Returns:
Generated key
Type
ArrayBuffer

sign(key, data)

Algorithm name GOST R 34.11-HMAC

HMAC with the specified hash function.
Parameters:
Name Type Description
key ArrayBuffer The key for HMAC.
data Hash Data
Source:

verify(key, signature, data) → {boolean}

Algorithm name GOST R 34.11-HMAC

Verify HMAC based on GOST R 34.11 hash
Parameters:
Name Type Description
key ArrayBuffer | TypedArray Key which used for HMAC generation
signature ArrayBuffer | TypedArray generated HMAC
data ArrayBuffer | TypedArray Data
Source:
Returns:
HMAC verified = true
Type
boolean