WebCrypto GOST Class: GostSign

GostSign

Constructor

new GostSign(algorithm)

Gost R 34.10 universal object

References: http://tools.ietf.org/html/rfc6986 and http://tools.ietf.org/html/rfc5831

Normalized algorithm identifier common parameters:
  • name Algorithm name 'GOST R 34.10'
  • version Algorithm version
    • 1994 - Old-style GOST R 34.10-94 ExpMod algorithm with GOST R 34.11-94 hash
    • 2001 - GOST R 34.10-2001 Eliptic curve algorithm with old GOST R 34.11-94 hash
    • 2012 - GOST R 34.10-2012 Eliptic curve algorithm with GOST R 34.11-12 hash, default mode
  • length Length of hash and signature. Key length == hash length for EC algorithms and 2 * hash length for ExpMod algorithm
    • GOST R 34.10-256 - 256 bits digest, default mode
    • GOST R 34.10-512 - 512 bits digest only for GOST R 34.11-2012 hash
  • mode Algorithm mode
    • SIGN Digital signature mode (default)
    • DH Diffie-Hellman key generation and key agreement mode
  • sBox Paramset sBox for GOST 34.11-94. Used only if version = 1994 or 2001
Supported algorithms, modes and parameters:
  • Sign/Verify mode (SIGN)
  • DeriveKey/DeriveBits mode (DH)
  • GenerateKey mode (SIGN and DH) version = 1994
    • namedParam Paramset for key generation algorithm. If specified no additianal parameters required
    Additional parameters, if namedParam not specified
  • GenerateKey mode (SIGN and DH) version = 2001 or 2012
    • namedCurve Paramset for key generation algorithm. If specified no additianal parameters required
    Additional EC parameters, if namedCurve not specified
Parameters:
Name Type Description
algorithm AlgorithmIndentifier
Source:

Methods

deriveBits(baseKey, length) → {CryptoOperationData}

Algorithm name GOST R 34.10

The deriveBits method returns length bits on baseKey.
Parameters:
Name Type Description
baseKey CryptoOperationData | TypedArray Key for deriviation
length number output bit-length
Source:
Returns:
result
Type
CryptoOperationData

deriveKey(baseKey) → {CryptoOperationData}

Algorithm name GOST R 34.10

The deriveKey method returns 256 bit Key encryption key on baseKey. This algorithm creates a key encryption key (KEK) using 64 bit UKM, the sender’s private key, and the recipient’s public key (or the reverse of the latter pair
Parameters:
Name Type Description
baseKey CryptoOperationData | TypedArray Key for deriviation
Source:
Returns:
result
Type
CryptoOperationData

generateKey() → {Object}

Algorithm name GOST R 34.10

The generateKey method returns a new generated key pair using the specified AlgorithmIdentifier.
Source:
Returns:
Object with two CryptoOperationData members: privateKey and publicKey
Type
Object

generateMaskKey() → {Object}

Algorithm name GOST R 34.10 mode MASK

The generateMaskKey method returns a new generated key mask using for wrapping.
Source:
Returns:
Object with two CryptoOperationData members: privateKey and publicKey
Type
Object

sign(privateKey, data) → {CryptoOperationData}

Algorithm name GOST R 34.10

The sign method returns sign data generated with the supplied privateKey.
Parameters:
Name Type Description
privateKey CryptoOperationData | TypedArray Private key
data CryptoOperationData | TypedArray Data
Source:
Returns:
Signature
Type
CryptoOperationData

sign(publicKey, signature, data) → {boolean}

Algorithm name GOST R 34.10

The verify method returns signature verification for the supplied publicKey.
Parameters:
Name Type Description
publicKey CryptoOperationData | TypedArray Public key
signature CryptoOperationData | TypedArray Signature
data CryptoOperationData | TypedArray Data
Source:
Returns:
Signature verified = true
Type
boolean

unwrap(baseKey, data) → {Object}

Algorithm name GOST R 34.10

Unwrap private key from private key and ukm (mask)
Parameters:
Name Type Description
baseKey CryptoOperationData | TypedArray Unwrapping key
data CryptoOperationData | TypedArray Wrapped key
Source:
Returns:
CryptoOperationData unwrapped privateKey
Type
Object

unwrap(baseKey, data) → {Object}

Algorithm name GOST R 34.10

Wrap private key with private key and ukm (mask)
Parameters:
Name Type Description
baseKey CryptoOperationData | TypedArray Wrapping key
data CryptoOperationData | TypedArray Key
Source:
Returns:
CryptoOperationData unwrapped privateKey
Type
Object