Purpose of CryptoPro CSP. Purpose CryptoPro CSP Cryptopro csp 4.0 trial version

CryptoPro CSP 5.0 is a new generation of cryptographic provider that develops three main product lines of CryptoPro: CryptoPro CSP (classic tokens and other passive storage of secret keys), CryptoPro FKN CSP / Rutoken CSP (unretrievable keys on tokens with secure messaging) and CryptoPro DSS (keys in the cloud).

All the advantages of the products of these lines are not only preserved, but also multiplied in CryptoPro CSP 5.0: the list of supported platforms and algorithms is wider, the performance is higher, and the user interface is more convenient. But the main thing is that work with all key carriers, including keys in the cloud, is now uniform. To transfer the application system in which the CryptoPro CSP of any version worked to support keys in the cloud or to new media with non-retrievable keys, no software rework is required - the access interface remains the same, and work with the key in the cloud will occur exactly the same in the same way as with the classic key carrier.

Purpose of CryptoPro CSP

Formation and verification electronic signature.
Ensuring confidentiality and integrity control of information through its encryption and imitation protection.
Ensuring the authenticity, confidentiality and imitation protection of connections using the , and protocols.
System and application integrity control software to protect it from unauthorized changes and violations of trusted functioning.

Supported Algorithms

In CryptoPro CSP 5.0, along with Russian ones, foreign cryptographic algorithms are implemented. Users can now use familiar key carriers to store RSA and ECDSA private keys.

Supported key storage technologies

Cloud token

In CryptoPro CSP 5.0, for the first time, it became possible to use keys stored on the CryptoPro DSS cloud service through the CryptoAPI interface. Now the keys stored in the cloud can be easily used by any user application, as well as by most Microsoft applications.

Media with non-removable keys and secure messaging

CryptoPro CSP 5.0 adds support for media with non-recoverable keys that implement the protocol SESPAKE, which allows you to perform authentication without transmitting the user's password in clear form, and to establish an encrypted channel for exchanging messages between the crypto provider and the carrier. An attacker in the channel between the carrier and the user's application can neither steal the password during authentication nor change the data being signed. When using such media, the problem of safe work with non-removable keys is completely solved.

Active, InfoCrypt, SmartPark and Gemalto companies have developed new secure tokens that support this protocol (SmartPark and Gemalto starting from version 5.0 R2).

Media with non-removable keys

Many users want to be able to work with non-retrievable keys, but not upgrade tokens to the FKN level. Especially for them, the provider has added support for popular key carriers Rutoken EDS 2.0, JaCarta-2 GOST and InfoCrypt VPN-Key-TLS.

List of manufacturers and models supported by CryptoPro CSP 5.0

List of manufacturers and models of media with non-recoverable keys supported by CryptoPro CSP 5.0

Company	Carrier
ISBC	Esmart Token GOST
Assets	Rutoken 2151
	Rutoken PINPad
	Rutoken EDS
	Rutoken EDS 2.0
	Rutoken EDS 2.0 2100
	Rutoken EDS 2.0 3000
	Rutoken EDS PKI
	Rutoken EDS 2.0 Flash
	Rutoken EDS 2.0 Bluetooth
	Rutoken EDS 2.0 Touch
	Smart card Rutoken 2151
	Smart card Rutoken EDS 2.0 2100
Aladdin R.D.	JaCarta-2 GOST
infocrypt	InfoCrypt Token++ TLS
infocrypt	InfoCrypt VPN-Key-TLS

Classic passive USB tokens and smart cards

Most users prefer fast, cheap and convenient key storage solutions. As a rule, preference is given to tokens and smart cards without cryptographic coprocessors. As in previous versions of the provider, CryptoPro CSP 5.0 retains support for all compatible media manufactured by Active, Aladdin R.D., Gemalto / SafeNet, Multisoft, NovaCard, Rosan, Alioth, MorphoKST and SmartPark.

In addition, of course, as before, methods for storing keys in Windows registry, hard drive, flash drives on all platforms.

List of manufacturers and models supported by CryptoPro CSP 5.0

List of manufacturers and models of classic passive USB tokens and smart cards supported by CryptoPro CSP 5.0

Company	Carrier
Alioth	SCOne Series (v5/v6)
gemalto	Optelio Contactless Dxx Rx
	Optelio Dxx FXR3 Java
	Optelio G257
	Optelio MPH150
ISBC	Esmart Token
ISBC	Esmart Token GOST
MorphoKST	MorphoKST
NovaCard	Cosmo
Rosan	G&D element V14 / V15
	G&D 3.45 / 4.42 / 4.44 / 4.45 / 4.65 / 4.80
	Kona 2200s / 251 / 151s / 261 / 2320
	Kona2 S2120s / C2304 / D1080
safenet	eToken Java Pro JC
	eToken 4100
	eToken 5100
	eToken 5110
	eToken 5105
	eToken 5205
Assets	Rutoken 2151
	Rutoken S
	Rutoken KP
	Rutoken Lite
	Rutoken EDS
	Rutoken EDS 2.0
	Rutoken EDS 2.0 3000
	Rutoken EDS Bluetooth
	Rutoken EDS Flash
	Smart card Rutoken 2151
	Smart card Rutoken Lite
	Smart card Rutoken EDS SC
	Smart card Rutoken EDS 2.0
Aladdin R.D.	JaCarta GOST
	JaCarta PKI
	JaCarta PRO
	JaCartaLT
	JaCarta-2 GOST
infocrypt	InfoCrypt Token++ Lite
Multisoft	MS_Key version 8 Angara
Multisoft	MS_Key ESMART version 5
SmartPark	master's
	R301 Foros
	Oscar
	Oscar 2
	Rutoken Master

CryptoPro Tools

As part of CryptoPro CSP 5.0, a cross-platform (Windows / Linux / macOS) graphical application appeared - "CryptoPro Tools" ("CryptoPro Tools").

The main idea is to enable users to conveniently solve typical tasks. All major features are available in simple interface- at the same time, we also implemented a mode for experienced users that opens up additional possibilities.

With the help of CryptoPro Tools, the tasks of managing containers, smart cards and settings of crypto providers are solved, and we have also added the ability to create and verify a PKCS # 7 electronic signature.

Supported software

CryptoPro CSP allows you to quickly and securely use Russian cryptographic algorithms in the following standard applications:

office suite Microsoft office;
mail server Microsoft Exchange and client Microsoft Outlook;
products Adobe Systems Inc.;
browsers Yandex.Browser, Sputnik, Internet Explorer ,edge;
tool for generating and verifying application signatures Microsoft Authenticode;
web servers Microsoft IIS, nginx, Apache;
remote desktop tools Microsoft Remote Desktop Services;
Microsoft Active Directory.

Integration with the CryptoPro platform

From the very first release, support and compatibility with all our products is provided:

CryptoPro CA;
CA services;
CryptoPro EDS;
CryptoPro IPsec;
CryptoPro EFS;
CryptoPro.NET;
CryptoPro Java CSP.
CryptoPro NGate

Operating systems and hardware platforms

Traditionally, we work in an unsurpassed wide range of systems:

Microsoft Windows;
MacOS;
Linux;
FreeBSD;
solaris;
android;
SailfishOS.

hardware platforms:

Intel/AMD;
PowerPC;
MIPS (Baikal);
VLIW (Elbrus);
Sparc.

and virtual environments:

Microsoft Hyper-V
VMWare
Oracle VirtualBox
RHEV.

Supported by different versions of CryptoPro CSP.

To use CryptoPro CSP with a license for a workstation and a server.

Embedding Interfaces

For embedding in applications on all platforms, CryptoPro CSP is available through standard interfaces for cryptographic tools:

Microsoft Crypto API
PKCS#11;
OpenSSL engine;
Java CSP (Java Cryptography Architecture)
Qt SSL.

Performance for every taste

Years of development experience allows us to cover everything from miniature ARM boards such as Raspberry PI to multi-processor servers based on Intel Xeon, AMD EPYC and PowerPC, with excellent performance scaling.

Regulatory documents

Full list of regulatory documents

The crypto provider uses the algorithms, protocols and parameters defined in the following documents Russian system standardization:
R 50.1.113–2016 “Information technology. Cryptographic protection of information. Cryptographic Algorithms Accompanying the Application of Digital Signature Algorithms and Hashing Functions" (also see RFC 7836 "Guidelines on the Cryptographic Algorithms to Accompany the Usage of Standards GOST R 34.10-2012 and GOST R 34.11-2012")
R 50.1.114–2016 “Information technology. Cryptographic protection of information. Elliptic Curve Parameters for Cryptographic Algorithms and Protocols" (also see RFC 7836 "Guidelines on the Cryptographic Algorithms to Accompany the Usage of Standards GOST R 34.10-2012 and GOST R 34.11-2012")
R 50.1.111–2016 “Information technology. Cryptographic protection of information. Password protection of key information»
R 50.1.115–2016 “Information technology. Cryptographic protection of information. Shared Key Derivation Protocol with Password-Based Authentication" (also see RFC 8133 The Security Evaluated Standardized Password-Authenticated Key Exchange (SESPAKE) Protocol")
Guidelines TC 26 "Cryptographic information protection" "Using sets of encryption algorithms based on GOST 28147-89 for the transport layer security protocol (TLS)"
Guidelines TC 26 "Cryptographic information protection" "Use of algorithms GOST 28147-89, GOST R 34.11 and GOST R 34.10 in cryptographic messages of the CMS format"
Technical specification TC 26 "Cryptographic information protection" "Use of GOST 28147-89, GOST R 34.11-2012 and GOST R 34.10-2012 in the IKE and ISAKMP key exchange protocols"
Technical specification TC 26 "Cryptographic information protection" "Use of GOST 28147-89 when encrypting attachments in IPsec ESP protocols"
Technical specification TK 26 "Cryptographic information protection" "Use of algorithms GOST R 34.10, GOST R 34.11 in the certificate profile and certificate revocation list (CRL) infrastructure public keys X.509"
Technical specification TC 26 "Cryptographic information protection" "PKCS # 11 extension for the use of Russian standards GOST R 34.10-2012 and GOST R 34.11-2012"

Exchange of a full range of electronic commercial documents accompanying all stages of the order and delivery of goods, directly from the accounting systems of customers.

Full control of the goods delivery process

Exchange of a full range of electronic documents in the format of the Federal Tax Service, accompanying all stages of the delivery and return of goods, mutual settlements, directly from the accounting systems of customers.

Storage of electronic accounting documents.

The manufacturer posts data about its products and forms its own sales channel for each distributor, fills it with a range and sets prices, provides distributors with access to their personal account with personal product catalogs, price conditions.

Distributors form orders and reports on sales, balances in relation to the agreed assortment.

Allows you to quickly and reliably synchronize information about products in all sales channels: with retail chains, distributors, online stores, and your own retail.

Processes and stores logistics parameters, price conditions, consumer properties, media data and permits.

Instant registration of batches of manufactured products Formation and cancellation of veterinary certificates directly at the time of shipment and acceptance of goods in relation to shipping documents

Monitor and correct documents in real time

Support in the process of financing monetary claims with the participation of the buyer of the claim (factoring company or bank), the supplier of the goods (creditor) and the buyer of the goods (debtor).

Transparent and safe automated tripartite interaction of participants in a factoring transaction, assignment and confirmation of the rights of a monetary claim.

A complete set of electronic documents accompanying factoring transactions in EDI and FTS formats

Balance sheet and other financial indicators

Won and placed government contracts

Report for closing risks to the Federal Tax Service and the head

Affiliates, connections of companies and their owners

EXTRACT FROM USRLE/EGRIP

Lawsuits, register of unscrupulous suppliers

Select and purchase tickets at the best prices, book hotels, transfers, travel documents, generate accounting reports

Convenient travel management and control of travel expenses within the organization

Possibility of post-payment, all travel expenses are collected in one invoice

Procurement 44-FZ, 223-FZ

Commercial auctions, bankruptcy auctions

Registration of legal entities / individual entrepreneurs, cash desks

Reporting to government agencies, electronic document management

State portals and public services, federal customs service, EGAIS FSRAR

Doctor's electronic signature

A comprehensive solution for preparing for mandatory labeling of goods: issuing an electronic signature for registration in the Chestny ZNAK system, setting up an accounting system for working with goods, exchanging electronic documents with the appropriate marking code.

To protect the transmitted data on the Information Portal croinform.ru, a tool is used cryptographic protection information (CIPF) of the Crypto-Pro company. To install this software, follow a few simple steps.

Step 1. Downloading the CryptoPro CSP distribution (version 4.0)

To download the distribution kit, go to the CRYPTO-PRO website http://www.cryptopro.ru/

In the Login form, enter the following username: MBKI , password: MBKI and click Login

The Download Center page opens. In the list of programs, select CryptoPro CSP (First in the list).

Choose distribution kit CryptoPro CSP (version 4.0), which is suitable for your operating system. Save the file to disk.

Step 2. Installing CryptoPro CSP (version 4.0)

Run the distribution kit of the CryptoPro CSP program downloaded at step 1. The "Installation window" will appear on the screen. Select the recommended installation option, "Install (recommended)".

A window will appear showing the CryptoPro CSP installation process.

After the CryptoPro CSP installation process is completed, you will receive a message.

The temporary license is valid for 30 days. After this period, the full package of CIPF functions ceases to work, however, some of the information protection functions necessary for working with the Information Portal remain.

CSP CryptoPro is a program for adding and verifying digital files. It adds and protects cryptographic files (electronic documents) that have a digital signature. CryptoPro has "Winlogon" for very sensitive documents and third party files that support a digital certificate.

CSP CryptoPro is used in companies where there are documents in in electronic format. The program provides protection and legal force for valuable documents and papers in digital form. Digitally signed data is as valid as official documents.

CSP CryptoPro allows you to create digital protection and put a signature (certificate) on any document. This program is suitable for organizations with valid GOSTs. It controls the data and the structure of information. Management of security program algorithms is provided through a special manager.

You can set up CSP CryptoPro and specify the level of protection and confidentiality of documents. Once configured, some documents will be strictly confidential. The program is equipped with tools that issue and verify security certificates. Using the CryptoPro Winlogon module, you can register new users in operating system Windows.

CryptoPro Winlogon works with Kerberos V5 protocol support. Login and access to data is carried out after a full verification of the certificate of the information carrier located in the organization.

Cryproprovider provides protection for various sources of digital data. Older organizations and companies use floppy support equipment. CryptoPro was created on a commercial basis with a paid license. After installing the program, you use it for 30 days, that is, a trial period. After that, you will have to buy a license.

Key Features

Protection of a digital certificate, through verification tools;
full verification of digital documents and the relevance of the certificate;
electronic registration of documents on a legal basis;
access to the certificate on the main carrier and its verification;
full control and verification of data after the transfer of information;
comparison of document size and other algorithms for work;
the program supports documents that are created in accordance with these GOSTs;
full protection of digital documents and setting the degree of protection;