База знаний
Установка КриптоПро CSP (Ubuntu) + Rutoken
Опубликовано on 2014-01-10 15:15

Для обеспечения работы с электронными ключами Rutoken понадобится установить драйвер.

Два варианта установки:

1)Скачать с сайта производителя - http://www.rutoken.ru/support/download/drivers-for-nix/

2)Установить из состава дистрибутива КриптоПро CSP - ifd-rutoken (при использовании КриптоПро CSP 3.6 R4 и выше).

Устанавливаем драйвер Рутокен:

root@ubuntu:# alien -kci ifd-rutokens_1.0.4_1.x86_64.rpm 
 dpkg --no-force-overwrite -i ifd-rutokens_1.0.4-1_amd64.deb
Selecting previously unselected package ifd-rutokens.
(Reading database ... 168853 files and directories currently installed.)
Unpacking ifd-rutokens (from ifd-rutokens_1.0.4-1_amd64.deb) ...
Setting up ifd-rutokens (1.0.4-1) ...

Минимальные требования к системе:

Для работы электронных идентификаторов Рутокен в deb-based системе должны быть установлены: библиотека libccid не ниже 1.3.11, пакеты pcscd и libpcsclite1.

Для работы в RPM-based системе должны быть установлены: пакеты ccid, pcscd и pcsc-lite.

Устанавливаем КриптоПро CSP 3.6 (обязательные пакеты):

 root@ubuntu:# alien -kci lsb-cprocsp-base-3.6.1-4.noarch.rpm 
 dpkg --no-force-overwrite -i lsb-cprocsp-base_3.6.1-4_all.deb
Selecting previously unselected package lsb-cprocsp-base.
(Reading database ... 147490 files and directories currently installed.)
Unpacking lsb-cprocsp-base (from lsb-cprocsp-base_3.6.1-4_all.deb) ...
Setting up lsb-cprocsp-base (3.6.1-4) ...


root@ubuntu:# alien -kci lsb-cprocsp-rdr-64-3.6.1-4.x86_64.rpm 
 dpkg --no-force-overwrite -i lsb-cprocsp-rdr-64_3.6.1-4_amd64.deb
Selecting previously unselected package lsb-cprocsp-rdr-64.
(Reading database ... 147658 files and directories currently installed.)
Unpacking lsb-cprocsp-rdr-64 (from lsb-cprocsp-rdr-64_3.6.1-4_amd64.deb) ...
Setting up lsb-cprocsp-rdr-64 (3.6.1-4) ...
Adding new reader:
Nick name: FLASH
Name device: FLASH
Succeeded, code:0x0


root@ubuntu:# alien -kci lsb-cprocsp-capilite-64-3.6.1-4.x86_64.rpm 
 dpkg --no-force-overwrite -i lsb-cprocsp-capilite-64_3.6.1-4_amd64.deb
Selecting previously unselected package lsb-cprocsp-capilite-64.
(Reading database ... 147696 files and directories currently installed.)
Unpacking lsb-cprocsp-capilite-64 (from lsb-cprocsp-capilite-64_3.6.1-4_amd64.deb) ...
Setting up lsb-cprocsp-capilite-64 (3.6.1-4) ...

root@ubuntu:# alien -kci lsb-cprocsp-kc1-64-3.6.1-4.x86_64.rpm 
 dpkg --no-force-overwrite -i lsb-cprocsp-kc1-64_3.6.1-4_amd64.deb
Selecting previously unselected package lsb-cprocsp-kc1-64.
(Reading database ... 147744 files and directories currently installed.)
Unpacking lsb-cprocsp-kc1-64 (from lsb-cprocsp-kc1-64_3.6.1-4_amd64.deb) ...
Setting up lsb-cprocsp-kc1-64 (3.6.1-4) ...

Устанавливаем модуль поддержки PCSC-считывателей (дополнительный пакет):

root@ubuntu:# alien -kci cprocsp-rdr-pcsc-64-3.6.1-4.x86_64.rpm 
dpkg --no-force-overwrite -i cprocsp-rdr-pcsc-64_3.6.1-4_amd64.deb
Selecting previously unselected package cprocsp-rdr-pcsc-64.
(Reading database ... 147806 files and directories currently installed.)
Unpacking cprocsp-rdr-pcsc-64 (from cprocsp-rdr-pcsc-64_3.6.1-4_amd64.deb) ...
Setting up cprocsp-rdr-pcsc-64 (3.6.1-4) ...

Устанавливаем модуль поддержки Rutoken:

root@ubuntu:# alien -kci cprocsp-rdr-rutoken-64-3.6.1-4.x86_64.rpm 
dpkg --no-force-overwrite -i cprocsp-rdr-rutoken-64_3.6.1-4_amd64.deb
Selecting previously unselected package cprocsp-rdr-rutoken-64.
(Reading database ... 147817 files and directories currently installed.)
Unpacking cprocsp-rdr-rutoken-64 (from cprocsp-rdr-rutoken-64_3.6.1-4_amd64.deb) ...
Setting up cprocsp-rdr-rutoken-64 (3.6.1-4) ...

После подключения считывателя узнаём имя устройства:

root@ubuntu:# /opt/cprocsp/bin/amd64/list_pcsc 
available reader: Aktiv Co. Rutoken S 00 00

Добавляем считыватель:

root@ubuntu:# /opt/cprocsp/sbin/amd64/cpconfig -hardware reader -add 'Aktiv Co. Rutoken S 00 00'
Adding new reader:
Nick name: Aktiv Co. Rutoken S 00 00
Succeeded, code:0x0

Просмотр списка настроенных считывателей: 

root@ubuntu:# /opt/cprocsp/sbin/amd64/cpconfig -hardware reader -view

Nick name: Aktiv Co. Rutoken S 00 00
Connect name: 
Reader name: Aktiv Co. Rutoken S 00 00

Nick name: FLASH
Connect name: 
Reader name: FLASH

Nick name: HDIMAGE
Connect name: 
Reader name:HDIMAGE

Просмотр списка настроенных носителей:

root@ubuntu:# /opt/cprocsp/sbin/amd64/cpconfig -hardware media -view

Nick name: Rutoken
Connect name: 
Media name: Rutoken

Nick name: RutokenLite
Connect name: 
Media name: Rutoken lite

Nick name: RutokenECP
Connect name: 
Media name: Rutoken ECP

Nick name: TRUSTD
Connect name: 
Media name: Magistra Debug

Nick name: TRUSTS
Connect name: 
Media name: Magistra SocCard

Nick name: TRUST
Connect name: 
Media name: Magistra

Nick name: OSCAR2
Connect name: KChannel
Media name: �����

Nick name: OSCAR2
Connect name: CSP
Media name: ����� CSP 2.0

Nick name: OSCAR
Connect name: 
Media name: ����

Для тестирования создадим самоподписанный сертификат с закрытым ключом:

root@ubuntu:~# /opt/cprocsp/bin/amd64/csptestf -keyset -newkeyset -makecert -cont '\\.\Aktiv Co. Rutoken S 00 00\test1' -keytype exchange 
CSP (Type:75) v3.6.5364 KC1 Release Ver:3.6.7491 OS:Linux CPU:AMD64 FastCode:READY:AVX.
AcquireContext: OK. HCRYPTPROV: 17334691
GetProvParam(PP_NAME): Crypto-Pro GOST R 34.10-2001 KC1 CSP
Container name: "test1"
Exchange key is not available.
Attempting to create an exchange key...
Press keys...
[........................................]
CryptoPro CSP: Set pin-code on produced container "test1".
Pin-code:
an exchange key created.
Self signed certificate created: E=test@cryptopro.ru, CN=test1
Certificate stored in container.
Keys in container:
  exchange key
Total: 
[ErrorCode: 0x00000000]

 

root@ubuntu:~# lsb_release -a
LSB Version: core-2.0-amd64:core-2.0-noarch:core-3.0-amd64:core-3.0-noarch:core-3.1-amd64:core-3.1-noarch:core-3.2-amd64:core-3.2-noarch:core-4.0-amd64:core-4.0-noarch:cxx-3.0-amd64:cxx-3.0-noarch:cxx-3.1-amd64:cxx-3.1-noarch:cxx-3.2-amd64:cxx-3.2-noarch:cxx-4.0-amd64:cxx-4.0-noarch:graphics-2.0-amd64:graphics-2.0-noarch:graphics-3.0-amd64:graphics-3.0-noarch:graphics-3.1-amd64:graphics-3.1-noarch:graphics-3.2-amd64:graphics-3.2-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-3.2-amd64:printing-3.2-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID: Ubuntu
Description: Ubuntu 12.10
Release: 12.10
Codename: quantal

 

 





 

(10 vote(s))
Helpful
Not helpful

Коментарии (0)