База знаний
Установка КриптоПро CSP (Ubuntu) + eToken
Опубликовано on 2013-09-30 14:53

Для обеспечения работы с электронными ключами eToken понадобится установить драйвер (http://www.aladdin-rd.ru/support/downloads/etoken/).

Скачиваем драйвер eToken PKI Client 5.0 SP1 для Linux.

Устанавливаем драйвер:

root@ubuntu:~/Desktop# alien -kci '/home/qwer/Desktop/pkiclient-5.00.28-0.i386.rpm'

error: incorrect format: unknown tag

                dpkg --no-force-overwrite -i pkiclient_5.00.28-0_i386.deb

Selecting previously deselected package pkiclient.

(Reading database ... 128922 files and directories currently installed.)

Unpacking pkiclient (from pkiclient_5.00.28-0_i386.deb) ...

Setting up pkiclient (5.00.28-0) ...

 

Processing triggers for ureadahead ...

Processing triggers for libc-bin ...

ldconfig deferred processing now taking place

Устанавливаем КриптоПро CSP 3.6 (обязательные пакеты): 

root@ubuntu:~/Desktop/linux-ia32# alien -kci lsb-cprocsp-base-3.6.1-4.noarch.rpm

error: incorrect format: unknown tag

                dpkg --no-force-overwrite -i lsb-cprocsp-base_3.6.1-4_all.deb

Selecting previously deselected package lsb-cprocsp-base.

(Reading database ... 129507 files and directories currently installed.)

Unpacking lsb-cprocsp-base (from lsb-cprocsp-base_3.6.1-4_all.deb) ...

Setting up lsb-cprocsp-base (3.6.1-4) ...

 Adding system startup for /etc/init.d/cprocsp ...

   /etc/rc0.d/K49cprocsp -> ../init.d/cprocsp

   /etc/rc1.d/K49cprocsp -> ../init.d/cprocsp

   /etc/rc6.d/K49cprocsp -> ../init.d/cprocsp

   /etc/rc2.d/S11cprocsp -> ../init.d/cprocsp

   /etc/rc3.d/S11cprocsp -> ../init.d/cprocsp

   /etc/rc4.d/S11cprocsp -> ../init.d/cprocsp

   /etc/rc5.d/S11cprocsp -> ../init.d/cprocsp

 

Processing triggers for ureadahead ...

root@ubuntu:~/Desktop/linux-ia32# alien -kci lsb-cprocsp-rdr-3.6.1-4.i486.rpm

error: incorrect format: unknown tag

                dpkg --no-force-overwrite -i lsb-cprocsp-rdr_3.6.1-4_i386.deb

Selecting previously deselected package lsb-cprocsp-rdr.

(Reading database ... 129675 files and directories currently installed.)

Unpacking lsb-cprocsp-rdr (from lsb-cprocsp-rdr_3.6.1-4_i386.deb) ...

Setting up lsb-cprocsp-rdr (3.6.1-4) ...

Adding new reader:

Nick name: FLASH

Name device: FLASH

Succeeded, code:0x0

 

root@ubuntu:~/Desktop/linux-ia32# alien -kci lsb-cprocsp-capilite-3.6.1-4.i486.rpm

error: incorrect format: unknown tag

                dpkg --no-force-overwrite -i lsb-cprocsp-capilite_3.6.1-4_i386.deb

Selecting previously deselected package lsb-cprocsp-capilite.

(Reading database ... 129713 files and directories currently installed.)

Unpacking lsb-cprocsp-capilite (from lsb-cprocsp-capilite_3.6.1-4_i386.deb) ...

Setting up lsb-cprocsp-capilite (3.6.1-4) ...

 

root@ubuntu:~/Desktop/linux-ia32# alien -kci lsb-cprocsp-kc1-3.6.1-4.i486.rpm

error: incorrect format: unknown tag

                dpkg --no-force-overwrite -i lsb-cprocsp-kc1_3.6.1-4_i386.deb

Selecting previously deselected package lsb-cprocsp-kc1.

(Reading database ... 129761 files and directories currently installed.)

Unpacking lsb-cprocsp-kc1 (from lsb-cprocsp-kc1_3.6.1-4_i386.deb) ...

Setting up lsb-cprocsp-kc1 (3.6.1-4) ...

Устанавливаем модуль поддержки PCSC-считывателей (дополнительный пакет):

root@ubuntu:~/Desktop/linux-ia32# alien -kci cprocsp-rdr-pcsc-3.6.1-4.i486.rpm

error: incorrect format: unknown tag

                dpkg --no-force-overwrite -i cprocsp-rdr-pcsc_3.6.1-4_i386.deb

Selecting previously deselected package cprocsp-rdr-pcsc.

(Reading database ... 129772 files and directories currently installed.)

Unpacking cprocsp-rdr-pcsc (from cprocsp-rdr-pcsc_3.6.1-4_i386.deb) ...

Setting up cprocsp-rdr-pcsc (3.6.1-4) ...

Электронный ключ eToken должен стоять в ПК, проверяем через list_pcsc:  

root@ubuntu:~/Desktop/linux-ia32# /opt/cprocsp/bin/ia32/list_pcsc

available reader: AKS ifdh 00 00

Добавляем считыватель:

root@ubuntu:~/Desktop/linux-ia32# /opt/cprocsp/sbin/ia32/cpconfig -hardware reader -add "AKS ifdh 00 00"

Adding new reader:

Nick name: AKS ifdh 00 00

Succeeded, code:0x0

Просмотр списка настроенных считывателей: 

root@ubuntu:~/Desktop/linux-ia32# /opt/cprocsp/sbin/ia32/cpconfig -hardware reader -view

 Nick name: AKS ifdh 00 00

Connect name:

Reader name: AKS ifdh 00 00

 

Nick name: FLASH

Connect name:

Reader name: FLASH

 

Nick name: HDIMAGE

Connect name:

Reader name: HDIMAGE

Устанавливаем модуль поддержки для etoken:

root@ubuntu:~# alien -kci '/home/qwer/Desktop/cprocsp-rdr-etoken_3.6.1-1.0.2-1.i386.rpm'

error: incorrect format: unknown tag

                dpkg --no-force-overwrite -i cprocsp-rdr-etoken-3.6.1_1.0.2-1_i386.deb

Selecting previously deselected package cprocsp-rdr-etoken-3.6.1.

(Reading database ... 129783 files and directories currently installed.)

Unpacking cprocsp-rdr-etoken-3.6.1 (from cprocsp-rdr-etoken-3.6.1_1.0.2-1_i386.deb) ...

Setting up cprocsp-rdr-etoken-3.6.1 (1.0.2-1) ...

Просмотр списка настроенных носителей:

root@ubuntu:~# /opt/cprocsp/sbin/ia32/cpconfig -hardware media -view

 

Nick name: eToken_JAVA_10B

Connect name:

Media name: etoken_java_10b

 

Nick name: eToken_JAVA_10

Connect name:

Media name: etoken_java_10

 

Nick name: eToken_PRO_M420B

Connect name:

Media name: etoken_pro_m420b

 

Nick name: eToken_PRO_M420

Connect name:

Media name: etoken_pro_m420

 

Nick name: eToken_PRO32

Connect name:

Media name: etoken_pro32

 

Nick name: eToken_PRO16

Connect name:

Media name: etoken_pro16

 

Nick name: TRUSTD

Connect name:

Media name: Magistra Debug

 

Nick name: TRUSTS

Connect name:

Media name: Magistra SocCard

 

Nick name: TRUST

Connect name:

Media name: Magistra

 

Nick name: OSCAR2

Connect name: KChannel

Media name: ?????

 

Nick name: OSCAR2

Connect name: CSP

Media name: ????? CSP 2.0

 

Nick name: OSCAR

Connect name:

Media name: ????

Для тестирования создадим самоподписанный сертификат с закрытым ключом:

root@ubuntu:/opt/cprocsp/bin/ia32# ./csptestf -keyset -newkeyset -makecert -cont '\\.\AKS ifdh 00 00\test' -keytype exchange

CSP (Type:75) v3.6.5364 KC1 Release Ver:3.6.7491 OS:Linux CPU:IA32 FastCode:READY:AVX.

AcquireContext: OK. HCRYPTPROV: 137091795

GetProvParam(PP_NAME): Crypto-Pro GOST R 34.10-2001 KC1 CSP

Container name: "test"

Exchange key is not available.

Attempting to create an exchange key...

Press keys...

[........................................]

CryptoPro CSP: Set pin-code on produced container "test".

Pin-code:

an exchange key created.

Self signed certificate created: E=test@cryptopro.ru, CN=test

Certificate stored in container.

Keys in container:

  exchange key

Total:

[ErrorCode: 0x00000000]

 

 

root@ubuntu:/opt/cprocsp/bin/ia32# /opt/cprocsp/bin/ia32/csptest -oid -general

CSP (Type:75) v3.6.5364 KC1 Release Ver:3.6.7491 OS:Linux CPU:IA32 FastCode:READY:AVX.

CryptAcquireContext succeeded.HCRYPTPROV: 154155347

Total:

[ErrorCode: 0x00000000]

root@ubuntu:/opt/cprocsp/bin/ia32# lsb_release -a

LSB Version:      core-2.0-ia32:core-2.0-noarch:core-3.0-ia32:core-3.0-noarch:core-3.1-ia32:core-3.1-noarch:core-3.2-ia32:core-3.2-noarch:core-4.0-ia32:core-4.0-noarch:cxx-3.0-ia32:cxx-3.0-noarch:cxx-3.1-ia32:cxx-3.1-noarch:cxx-3.2-ia32:cxx-3.2-noarch:cxx-4.0-ia32:cxx-4.0-noarch:graphics-2.0-ia32:graphics-2.0-noarch:graphics-3.0-ia32:graphics-3.0-noarch:graphics-3.1-ia32:graphics-3.1-noarch:graphics-3.2-ia32:graphics-3.2-noarch:graphics-4.0-ia32:graphics-4.0-noarch:printing-3.2-ia32:printing-3.2-noarch:printing-4.0-ia32:printing-4.0-noarch

Distributor ID:   Ubuntu

Description:       Ubuntu 10.04.1 LTS

Release:              10.04

Codename:        lucid

(15 vote(s))
Helpful
Not helpful

Коментарии (0)