|
Установка КриптоПро CSP (Ubuntu) + eToken
Опубликовано on 2013-09-30 14:53
|
|
|
Для обеспечения работы с электронными ключами eToken понадобится установить драйвер (http://www.aladdin-rd.ru/support/downloads/etoken/). Скачиваем драйвер eToken PKI Client 5.0 SP1 для Linux. Устанавливаем драйвер: root@ubuntu:~/Desktop# alien -kci '/home/qwer/Desktop/pkiclient-5.00.28-0.i386.rpm' error: incorrect format: unknown tag dpkg --no-force-overwrite -i pkiclient_5.00.28-0_i386.deb Selecting previously deselected package pkiclient. (Reading database ... 128922 files and directories currently installed.) Unpacking pkiclient (from pkiclient_5.00.28-0_i386.deb) ... Setting up pkiclient (5.00.28-0) ...
Processing triggers for ureadahead ... Processing triggers for libc-bin ... ldconfig deferred processing now taking place Устанавливаем КриптоПро CSP 3.6 (обязательные пакеты): root@ubuntu:~/Desktop/linux-ia32# alien -kci lsb-cprocsp-base-3.6.1-4.noarch.rpm error: incorrect format: unknown tag dpkg --no-force-overwrite -i lsb-cprocsp-base_3.6.1-4_all.deb Selecting previously deselected package lsb-cprocsp-base. (Reading database ... 129507 files and directories currently installed.) Unpacking lsb-cprocsp-base (from lsb-cprocsp-base_3.6.1-4_all.deb) ... Setting up lsb-cprocsp-base (3.6.1-4) ... Adding system startup for /etc/init.d/cprocsp ... /etc/rc0.d/K49cprocsp -> ../init.d/cprocsp /etc/rc1.d/K49cprocsp -> ../init.d/cprocsp /etc/rc6.d/K49cprocsp -> ../init.d/cprocsp /etc/rc2.d/S11cprocsp -> ../init.d/cprocsp /etc/rc3.d/S11cprocsp -> ../init.d/cprocsp /etc/rc4.d/S11cprocsp -> ../init.d/cprocsp /etc/rc5.d/S11cprocsp -> ../init.d/cprocsp
Processing triggers for ureadahead ... root@ubuntu:~/Desktop/linux-ia32# alien -kci lsb-cprocsp-rdr-3.6.1-4.i486.rpm error: incorrect format: unknown tag dpkg --no-force-overwrite -i lsb-cprocsp-rdr_3.6.1-4_i386.deb Selecting previously deselected package lsb-cprocsp-rdr. (Reading database ... 129675 files and directories currently installed.) Unpacking lsb-cprocsp-rdr (from lsb-cprocsp-rdr_3.6.1-4_i386.deb) ... Setting up lsb-cprocsp-rdr (3.6.1-4) ... Adding new reader: Nick name: FLASH Name device: FLASH Succeeded, code:0x0
root@ubuntu:~/Desktop/linux-ia32# alien -kci lsb-cprocsp-capilite-3.6.1-4.i486.rpm error: incorrect format: unknown tag dpkg --no-force-overwrite -i lsb-cprocsp-capilite_3.6.1-4_i386.deb Selecting previously deselected package lsb-cprocsp-capilite. (Reading database ... 129713 files and directories currently installed.) Unpacking lsb-cprocsp-capilite (from lsb-cprocsp-capilite_3.6.1-4_i386.deb) ... Setting up lsb-cprocsp-capilite (3.6.1-4) ...
root@ubuntu:~/Desktop/linux-ia32# alien -kci lsb-cprocsp-kc1-3.6.1-4.i486.rpm error: incorrect format: unknown tag dpkg --no-force-overwrite -i lsb-cprocsp-kc1_3.6.1-4_i386.deb Selecting previously deselected package lsb-cprocsp-kc1. (Reading database ... 129761 files and directories currently installed.) Unpacking lsb-cprocsp-kc1 (from lsb-cprocsp-kc1_3.6.1-4_i386.deb) ... Setting up lsb-cprocsp-kc1 (3.6.1-4) ... Устанавливаем модуль поддержки PCSC-считывателей (дополнительный пакет): root@ubuntu:~/Desktop/linux-ia32# alien -kci cprocsp-rdr-pcsc-3.6.1-4.i486.rpm error: incorrect format: unknown tag dpkg --no-force-overwrite -i cprocsp-rdr-pcsc_3.6.1-4_i386.deb Selecting previously deselected package cprocsp-rdr-pcsc. (Reading database ... 129772 files and directories currently installed.) Unpacking cprocsp-rdr-pcsc (from cprocsp-rdr-pcsc_3.6.1-4_i386.deb) ... Setting up cprocsp-rdr-pcsc (3.6.1-4) ... Электронный ключ eToken должен стоять в ПК, проверяем через list_pcsc: root@ubuntu:~/Desktop/linux-ia32# /opt/cprocsp/bin/ia32/list_pcsc available reader: AKS ifdh 00 00 Добавляем считыватель: root@ubuntu:~/Desktop/linux-ia32# /opt/cprocsp/sbin/ia32/cpconfig -hardware reader -add "AKS ifdh 00 00" Adding new reader: Nick name: AKS ifdh 00 00 Succeeded, code:0x0 Просмотр списка настроенных считывателей: root@ubuntu:~/Desktop/linux-ia32# /opt/cprocsp/sbin/ia32/cpconfig -hardware reader -view Nick name: AKS ifdh 00 00 Connect name: Reader name: AKS ifdh 00 00
Nick name: FLASH Connect name: Reader name: FLASH
Nick name: HDIMAGE Connect name: Reader name: HDIMAGE Устанавливаем модуль поддержки для etoken: root@ubuntu:~# alien -kci '/home/qwer/Desktop/cprocsp-rdr-etoken_3.6.1-1.0.2-1.i386.rpm' error: incorrect format: unknown tag dpkg --no-force-overwrite -i cprocsp-rdr-etoken-3.6.1_1.0.2-1_i386.deb Selecting previously deselected package cprocsp-rdr-etoken-3.6.1. (Reading database ... 129783 files and directories currently installed.) Unpacking cprocsp-rdr-etoken-3.6.1 (from cprocsp-rdr-etoken-3.6.1_1.0.2-1_i386.deb) ... Setting up cprocsp-rdr-etoken-3.6.1 (1.0.2-1) ... Просмотр списка настроенных носителей: root@ubuntu:~# /opt/cprocsp/sbin/ia32/cpconfig -hardware media -view
Nick name: eToken_JAVA_10B Connect name: Media name: etoken_java_10b
Nick name: eToken_JAVA_10 Connect name: Media name: etoken_java_10
Nick name: eToken_PRO_M420B Connect name: Media name: etoken_pro_m420b
Nick name: eToken_PRO_M420 Connect name: Media name: etoken_pro_m420
Nick name: eToken_PRO32 Connect name: Media name: etoken_pro32
Nick name: eToken_PRO16 Connect name: Media name: etoken_pro16
Nick name: TRUSTD Connect name: Media name: Magistra Debug
Nick name: TRUSTS Connect name: Media name: Magistra SocCard
Nick name: TRUST Connect name: Media name: Magistra
Nick name: OSCAR2 Connect name: KChannel Media name: ?????
Nick name: OSCAR2 Connect name: CSP Media name: ????? CSP 2.0
Nick name: OSCAR Connect name: Media name: ???? Для тестирования создадим самоподписанный сертификат с закрытым ключом: root@ubuntu:/opt/cprocsp/bin/ia32# ./csptestf -keyset -newkeyset -makecert -cont '\\.\AKS ifdh 00 00\test' -keytype exchange CSP (Type:75) v3.6.5364 KC1 Release Ver:3.6.7491 OS:Linux CPU:IA32 FastCode:READY:AVX. AcquireContext: OK. HCRYPTPROV: 137091795 GetProvParam(PP_NAME): Crypto-Pro GOST R 34.10-2001 KC1 CSP Container name: "test" Exchange key is not available. Attempting to create an exchange key... Press keys... [........................................] CryptoPro CSP: Set pin-code on produced container "test". Pin-code: an exchange key created. Self signed certificate created: E=test@cryptopro.ru, CN=test Certificate stored in container. Keys in container: exchange key Total: [ErrorCode: 0x00000000]
root@ubuntu:/opt/cprocsp/bin/ia32# /opt/cprocsp/bin/ia32/csptest -oid -general CSP (Type:75) v3.6.5364 KC1 Release Ver:3.6.7491 OS:Linux CPU:IA32 FastCode:READY:AVX. CryptAcquireContext succeeded.HCRYPTPROV: 154155347 Total: [ErrorCode: 0x00000000] root@ubuntu:/opt/cprocsp/bin/ia32# lsb_release -a LSB Version: core-2.0-ia32:core-2.0-noarch:core-3.0-ia32:core-3.0-noarch:core-3.1-ia32:core-3.1-noarch:core-3.2-ia32:core-3.2-noarch:core-4.0-ia32:core-4.0-noarch:cxx-3.0-ia32:cxx-3.0-noarch:cxx-3.1-ia32:cxx-3.1-noarch:cxx-3.2-ia32:cxx-3.2-noarch:cxx-4.0-ia32:cxx-4.0-noarch:graphics-2.0-ia32:graphics-2.0-noarch:graphics-3.0-ia32:graphics-3.0-noarch:graphics-3.1-ia32:graphics-3.1-noarch:graphics-3.2-ia32:graphics-3.2-noarch:graphics-4.0-ia32:graphics-4.0-noarch:printing-3.2-ia32:printing-3.2-noarch:printing-4.0-ia32:printing-4.0-noarch Distributor ID: Ubuntu Description: Ubuntu 10.04.1 LTS Release: 10.04 Codename: lucid | |
 (21 vote(s)) Helpful Not helpful |