Cryptopro csp trial version. Installation of cryptopro
CSP CryptoPro is a reliable commercial software tool designed to add and verify cryptographic protection on important documents and other files that require an electronic digital signature (EDS). The program is intended primarily for companies that have switched to electronic document management. Thanks to it, it is possible to ensure the legal validity of individual securities presented exclusively in digital form. In essence, a digital signature is a kind of analogue of a wet seal for physical documents.
This solution complies with all current GOSTs regulating information control and data integrity during transmission. To manage the security algorithms used, CSP CryptoPro provides a special manager, which is also responsible for setting other parameters of the program. In addition, the crypto provider’s kit includes tools that are responsible for “issuing” and verifying certificates. It also includes the CryptoPro Winlogon module. Its main task is to perform initial authentication of new users in the Windows environment. The operation of this component is based on the Kerberos V5 protocol, and authorization occurs after verifying the certificate of a USB token, smart card, or any other key media used in the enterprise. In general, the crypto provider allows you to use a variety of types of key media. For companies using relatively old computer equipment, there is even the possibility of using floppy disks in 3.5 format.
Based on the fact that this is an exclusively commercial software solution, it is easy to guess that it is paid. Although the developer CryptoPro kindly provides a demo version of his tool, which can only be used for the first thirty days. After this period, you will need to purchase a license.
Key Features
- contains tools for adding and verifying electronic digital signatures (EDS);
- can add and verify issued digital certificates;
- gives legal weight to electronic copies of documents;
- can perform authentication after verifying the certificate on the key medium;
- ensures control of the integrity of transmitted information;
- the algorithm used to generate hash sums and other algorithms used by the program fully comply with these GOSTs.
To protect transmitted data, the Information Portal croinform .ru uses a cryptographic information protection tool (CIPF) from the Crypto-Pro company. To install this software, follow a few simple steps.
Step 1. Download the CryptoPro CSP distribution kit (version 4.0)
To download the distribution, go to the CRYPTO-PRO website http://www.cryptopro.ru/
In the “Login” form, enter the following username information: MBKI , password: MBKI and click Login
The Download Center page opens. In the list of programs, select CryptoPro CSP (First in the list).
Select CryptoPro CSP distribution (version 4.0), which is suitable for your operating system. Save the file to disk.
Step 2. Installation of CryptoPro CSP (version 4.0)
Launch the distribution package of the CryptoPro CSP program downloaded in step 1. The “Installation Window” will appear on the screen. Select the recommended installation option, "Install (Recommended)."
A window will appear displaying the installation process of CryptoPro CSP.
After completing the installation process of CryptoPro CSP, you will receive a message.
A temporary license is valid for 30 days. After this period, the full package of CIPF functions stops working, but some of the information protection functions necessary to work with the Information Portal remain.
Cryptoprovider CryptoPro CSP is designed for:- ensuring the legal significance of documents for electronic document management, through the formation and verification of electronic signatures, according to Russian cryptographic standards GOST R 34.11-94/GOST R 34.11-2012 and GOST R 34.10-2001/GOST R 34.10-2012;
- encryption and imitation protection in accordance with GOST 28147-89 will guarantee the confidentiality and integrity of information;
- ensuring authenticity, imitation protection and confidentiality of TLS connections;
- protection against software modification and violation of its operating algorithms;
- management of key elements of the system, in accordance with the regulations on protective equipment.
Key media for CryptoPro CSP
CryptoPro CSP can be used in conjunction with many key media, but most often the Windows registry, flash drives and tokens are used as key media.
The most secure and convenient key media that is used in conjunction with CryptoPro CSP,are tokens. They allow you to conveniently and securely store your electronic signature certificates. Tokens are designed in such a way that even if stolen, no one will be able to use your certificate.
- floppy disks 3.5";
- MPCOS-EMV processor cards and Russian smart cards (Oscar, RIK) using smart card readers that support the PC/SC protocol (GemPC Twin, Towitoko, Oberthur OCR126, etc.);
- Touch-Memory DS1993 - DS1996 tablets using Accord 4+ devices, Sobol electronic lock or Touch-Memory DALLAS tablet reader;
- electronic keys with USB interface;
- removable media with USB interface;
- Windows OS registry;
Digital signature certificate for CryptoPro CSP
CryptoPro CSP works correctly with all certificates issued in accordance with GOST requirements, and therefore with the majority of certificates issued by Certification Authorities in Russia.
In order to start using CryptoPro CSP, you will definitely need a digital signature certificate. If you have not yet purchased a digital signature certificate, we recommend that you purchase an electronic signature on this page.
Supported Windows Operating Systems
| CSP 3.6 | CSP 3.9 | CSP 4.0 | |
|---|---|---|---|
| Windows 2012 R2 | x64 | x64 | |
| Windows 8.1 | x86/x64 | x86/x64 | |
| Windows 2012 | x64 | x64 | x64 |
| Windows 8 | x86/x64 | x86/x64 | x86/x64 |
| Windows 2008 R2 | x64/iteanium | x64 | x64 |
| Windows 7 | x86/x64 | x86/x64 | x86/x64 |
| Windows 2008 | x86 / x64 / itanium | x86/x64 | x86/x64 |
| Windows Vista | x86/x64 | x86/x64 | x86/x64 |
| Windows 2003 R2 | x86 / x64 / itanium | x86/x64 | x86/x64 |
| Windows XP | x86/x64 | ||
| Windows 2003 | x86 / x64 / itanium | x86/x64 | x86/x64 |
| Windows 2000 | x86 |
Supported Algorithms
| CSP 3.6 | CSP 3.9 | CSP 4.0 | |
|---|---|---|---|
| GOST R 34.10-2012 Creating a signature | 512 / 1024 bit | ||
| GOST R 34.10-2012 Signature verification | 512 / 1024 bit | ||
| GOST R 34.10-2001 Creating a signature | 512 bit | 512 bit | 512 bit |
| GOST R 34.10-2001 Signature verification | 512 bit | 512 bit | 512 bit |
| GOST R 34.10-94 Creating a signature | 1024 bit* | ||
| GOST R 34.10-94 Signature verification | 1024 bit* | ||
| GOST R 34.11-2012 | 256 / 512 bit | ||
| GOST R 34.11-94 | 256 bit | 256 bit | 256 bit |
| GOST 28147-89 | 256 bit | 256 bit | 256 bit |
* - up to version CryptoPro CSP 3.6 R2 (build 3.6.6497 dated 2010-08-13) inclusive.
CryptoPro CSP license terms
When purchasing CryptoPro CSP, you receive a serial number, which you need to enter during the installation or configuration process of the program. The validity period of the key depends on the selected license. CryptoPro CSP can be distributed in two versions: with an annual or perpetual license.
Having purchased perpetual license, you will receive a CryptoPro CSP key, the validity of which will not be limited. If you buy an annual license, you will receive a serial number CryptoPro CSP, which will be valid for a year after purchase.
CryptoPro CSP has a certificate of conformity of the FSB of the Russian Federation
The CryptoPro Rutoken CSP solution is a joint development of the CryptoPro and Aktiv companies, which integrates the capabilities of the cryptoprovider CryptoPro CSP and Rutoken USB tokens. An important feature of FKN technology is the division of cryptographic power between the cryptoprovider CryptoPro CSP and Rutoken KP - a cryptographic USB token model specially adapted for FKN technology, made on the basis of Rutoken EDS.
Rutoken KP is used in FKN technology to generate key pairs, develop approval keys, carry out electronic signatures, etc. Performing these operations on board the token ensures the highest degree of safety of key information. Rutoken KP is used and supplied only as part of CryptoPro Rutoken CSP; this USB token is not distributed separately.
In the new version of CryptoPro Rutoken CSP, in addition to Rutoken KP, there is support for the standard Rutoken EDS 2.0 model for generating and securely storing key pairs and CryptoPro CSP containers. Key information is stored on Rutoken EDS 2.0 without the possibility of retrieving it. The use of Rutoken EDS 2.0 as part of CryptoPro Rutoken CSP provides an optimal solution configuration in terms of cost and capabilities for cases where increased requirements for the level of protection of communication channels with the key carrier are not imposed.
The CryptoPro Rutoken CSP solution is the successor to the CryptoPro CSP CIPF and supports all its capabilities. It is also fully integrated into the public key infrastructure based on the CryptoPro CA certification center.
Purpose
CIPF CryptoPro Rutoken CSP is intended for use in Russian PKI systems, in systems of legally significant electronic document management and in other information systems that use digital signature technologies. Including:
- in client-bank systems when signing payment orders;
- in secure document management systems;
- in reporting collection systems for electronic submission;
- in government and management bodies at the federal and regional levels;
- in all other cases where it is necessary to ensure increased protection of user keys.
Possibilities
- Supports all functionality CIPF CryptoPro CSP 3.9 .
- Provides full integration with PKI infrastructure based on CryptoPro CA.
- Also works with the standard model Rutoken EDS 2.0.
- Using the hardware resources of Rutoken KP or Rutoken EDS 2.0, the following cryptographic operations are performed:
- generation of key pairs GOST R 34.10-2001;
- generation of an electronic signature in accordance with GOST R 34.10-2001;
- Diffie-Hellman negotiation key calculation (RFC 4357).
- Provides secure storage and use of private keys inside the key media without the possibility of retrieval.
Functional key carrier
The FKN architecture implements a fundamentally new approach to ensuring the secure use of key information stored on hardware media.
In addition to forming an electronic signature and generating encryption keys directly in the microprocessor, the key carrier can effectively resist attacks related to the substitution of a hash value or signature in a communication channel.
Main advantages of FKN
- The possibility of replacing the signature in the exchange protocol is excluded; the electronic signature is generated in parts: first in the key medium, then finally in the CSP software part.
- Generation of electronic signature keys and approval keys, as well as creation of an electronic signature within the Federal Computer Science Department.
- Transmitting a hash value over a secure channel that eliminates the possibility of substitution.
- Once the container is created, the user's key is not stored either in the key container or in the crypto provider's memory, and is not used explicitly in cryptographic transformations.
- Enhanced data protection when transmitted over an open channel due to the use of mutual authentication of the key carrier and the software component using the original protocol based on the EKE (electronic key exchange) procedure. In this case, it is not the PIN code that is transmitted, but a point on the elliptic curve.
- Increased privacy of private keys.
- The key can be generated by FKN or loaded externally.
- Performing cryptographic operations on elliptic curves directly with the key carrier, supporting Russian electronic signatures.
To install the system without an installation disk, you must download and install all the component distributions from this manual. The installation must be performed with local administrator rights.
Installation of CIPF CryptoPro CSP
Download and install the CryptoPro CSP distribution according to the purchased license.
Open the CryptoPro CSP program and enter the license serial number. Depending on your computer, this can be done in different ways:
Installing the RuToken driver
Download and install components for working with RuToken media. (if certificates are stored on flash media, skip this step). When installing components, disconnect RuToken from your computer.
Installing Capicom
Installing Certification Authority certificates
Download and install Certification Authority certificates
Browser installation and configuration
The system works in the following browsers: Internet Explorer version no lower than 11, Mozilla Firefox, Google Chrome, Yandex Browser, Opera.
For installation .
For Internet Explorer to work correctly with the Kontur.Extern system, you must run the utility to configure the browser.
You can also configure the browser manually. To do this, use this.
To install other browsers, contact your system administrator.
Installing Adobe Reader
Download and install Adobe Reader. Use the link to the official Adobe website. To begin installation, you must select the operating system version and language.
Installing a shortcut
For ease of login, save to your desktop. After installation is complete, you must restart your computer. Before you start working in the reporting system, do not forget to install a signing certificate. Use the instructions for installing a personal certificate.
Installation completed