docs: Content updates.

.trivyignore.yaml

@@ -0,0 +1 @@
+

content/learning/tls/ecdh.md

@@ -0,0 +1,38 @@
+---
+title: Elliptic Curve Diffie-Hellman (ECDH)
+description: ✅ Secure key exchange
+layout: learn-single
+
+tls_part: key-exchange
+
+learn_more:
+  - text: 'Diffie-Hellman problem'
+    url: https://en.wikipedia.org/wiki/Diffie–Hellman_problem
+    source: Wikipedia
+
+  # - text: ''
+  #   url:
+  #   source:
+
+---
+
+## Summary
+
+The [Diffie-Hellman] key exchange is a cryptographic method enabling two parties to establish a shared secret key over an insecure channel. The shared secret is calculated by each party using their private key and the other party’s public key, resulting in a value that is difficult to compute without knowledge of both private integers.
+
+This approach is the foundation of all modern-day [public-key cryptography]. It also forms the basis of [Forward secrecy] in TLS connections.
+
+The newer [elliptic-curve][ECC] (ECDHE) key exchange algorithms are more secure and should be strongly preferred.
+
+## Information
+
+| Field     | Value              |
+|-----------|--------------------|
+| Kind      | {{% param-kind %}} |
+| Invented  |                    |
+| Ephemeral | _No_               |
+
+[Diffie-Hellman]: https://en.wikipedia.org/wiki/Diffie–Hellman_key_exchange
+[ECC]: https://en.wikipedia.org/wiki/Elliptic-curve_cryptography
+[Forward secrecy]: https://en.wikipedia.org/wiki/Forward_secrecy
+[public-key cryptography]: https://en.wikipedia.org/wiki/Public-key_cryptography

content/learning/tls/gost-r.md

@@ -1,53 +1,52 @@
 ---
-title: GOST R
+title: GOST R (Kuznyechik, Magma)
 description: ❌ Insecure specification
 layout: learn-single
 
-tls_part: encryption-algo
+aliases:
+  - /learning/tls/gostr341112
+  - /learning/tls/kuznyechik
+  - /learning/tls/magma
 
 learn_more:
-  - text: 'Official English-Language Camellia Homepage'
-    url: https://info.isl.ntt.co.jp/crypt/eng/camellia/
-    source: NTT
+  - text: 'GOST 28147-89: Encryption, Decryption, and Message Authentication Code (MAC) Algorithms'
+    url: https://datatracker.ietf.org/doc/html/rfc5830
 
-  - text: 'A Description of the Camellia Encryption Algorithm'
-    url: https://datatracker.ietf.org/doc/html/rfc3713
-    source: IETF
+  - text: 'GOST R 34.12-2015: Block Cipher "Kuznyechik"'
+    url: https://datatracker.ietf.org/doc/html/rfc7801
 
-  - text: 'Addition of the Camellia Cipher Suites to Transport Layer Security (TLS)'
-    url: https://datatracker.ietf.org/doc/html/rfc6367
-    source: IETF
+  - text: 'GOST R 34.12-2015: Block Cipher "Magma"'
+    url: https://datatracker.ietf.org/doc/html/rfc8891
 
-  - text: 'Camellia source code'
-    url: https://embeddedsw.net/Cipher_Reference_Home.html#CAMELLIA
+  - text: 'Magma: GOST (block cipher)'
+    url: https://en.wikipedia.org/wiki/GOST_(block_cipher)
+    source: Wikipedia
+
+  - text: 'Kuznyechik: GOST (block cipher)'
+    url: https://en.wikipedia.org/wiki/Kuznyechik
+    source: Wikipedia
+
+  - text: 'GOST R 34.11-1994 Hash Function'
+    url: https://en.wikipedia.org/wiki/GOST_(hash_function)
+    source: Wikipedia
+
+  - text: 'GOST R 34.11-2012 Hash Function'
+    url: https://en.wikipedia.org/wiki/Streebog
+    source: Wikipedia
 
 ---
 
 ## Summary
 
-[Camellia] is a symmetric key block cipher developed by _Mitsubishi Electric_ and _NTT of Japan_, approved for use by [ISO/IEC][ISO 18033-3], [NESSIE], and [CRYPTREC].
+[GOST] is a set of international technical standards maintained by the Euro-Asian Council for Standardization, Metrology, and Certification. Originally developed by the Soviet Union, GOST standards cover various industries and are adopted by several CIS countries. They were declassified in 1994.
 
-It is considered a modern, safe cipher with security levels comparable to [AES]({{% relref "AES" %}}). Camellia has been adopted in various security libraries, protocols, and applications, including TLS, IPsec, Kerberos, and OpenPGP.
-
-It became an international standard in [ISO 18033-3].
+[GOST R] is a set of encryption standards for use by the government of the Russian Federation, and has **NOT** been accepted as an international standard. Its security has **NOT** proven and its use is **NOT** recommended by the IETF.
 
 ## Information
 
-| Field        | Value                                                         |
-|--------------|---------------------------------------------------------------|
-| Kind         | {{% param-kind %}}                                            |
-| Invented     | 2000                                                          |
-| Cracked      | -                                                             |
-| Ephemeral    | _Yes_                                                         |
-| Related tech | [IPsec], [Kerberos], [PGP], [PKCS #11], [S/MIME], [VeraCrypt] |
-
-[Camellia]: https://en.wikipedia.org/wiki/Camellia_(cipher)
-[CRYPTREC]: https://en.wikipedia.org/wiki/CRYPTREC
-[IPsec]: https://en.wikipedia.org/wiki/IPsec
-[ISO 18033-3]: https://www.iso.org/standard/54531.html
-[Kerberos]: https://en.wikipedia.org/wiki/Kerberos_(protocol)
-[NESSIE]: https://en.wikipedia.org/wiki/NESSIE
-[PGP]: https://pgpkeys.org/docs/pgpfaq.html#HDPK
-[PKCS #11]: https://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/pkcs11-curr-v2.40.html
-[S/MIME]: https://datatracker.ietf.org/doc/html/rfc8551
-[VeraCrypt]: https://en.wikipedia.org/wiki/VeraCrypt
+| Field    | Value |
+|----------|-------|
+| Invented | 1970s |
+
+[GOST]: https://en.wikipedia.org/wiki/GOST
+[GOST R]: https://en.wikipedia.org/wiki/GOST#GOST_R

list.txt

@@ -1,26 +1,17 @@
-gost-r
-
 # Kex
-eccpwd
-ecdh
-ecdhe
-krb5
-psk
-srp
-
+ecdh.md
+ecdhe.md
 
 # Enc
-CCM
-CHACHA20-POLY1305
-GCM
-IDEA
-KUZNYECHIK
-MAGMA
-SM4
+ccm.md
+chacha20-poly1305.md
+gcm.md
+idea.md
+sm4.md
 
 # Hash
-MD5
-SHA
-SHA256
-SHA384
-SM3
+md5.md
+sha.md
+sha256.md
+sha384.md
+sm3.md