CRPTOPRO CSP version 3.6 3.9 and 4.0. Purpose Cryptopro CSP.

Cryptopro CSP 5.0 - a new generation of cryptoproder, developing three main product line company Cryptopro: CSP cryptopro (classic tokens and other passive storage facilities), CSP cryptopro CSP / RUCOCEN CSP (unchecked keys on tokens with secure exchange messages) and cryptopro DSS (keys in the cloud).

All the advantages of these lines are not only saved, but also proves in CSP 5.0 cryptopro: wider a list of supported platforms and algorithms, higher speed, more conveniently user interface. But the main thing is to work with all key carriers, including the keys in the cloud, is now uniform. To transfer the application system in which the CSP cryptopro worked any of the versions, to support keys in the cloud or new media with the unacted keys, no processing of the access interface remains united, and working with the key in the cloud will occur exactly The same as with a classic key carrier.

Purpose Cryptopro CSP.

Formation and verification electronic signature.
Ensuring confidentiality and monitoring the integrity of information through its encryption and imitobracy.
Ensuring authenticity, confidentiality and imitobackers of connections on protocols, and.
Monitoring the integrity of the system and applied software To protect it from unauthorized changes and violations of trusted operation.

Supported algorithms

In CSP 5.0 cryptopro, along with Russian, foreign cryptographic algorithms were implemented. Now users have the ability to use the usual key carriers to store RSA and ECDSA secret keys.

Supported keys storage technologies

Cloud Tocken

In Cryptoprovider, CSP 5.0 cryptopro appeared the possibility of using keys stored on cloud service DSS cryptopro, through the CryptoAPI interface. Now the keys stored in the cloud can be easily used both by any user applications and most Microsoft applications.

Media with unchecked keys and protected messaging

CSP 5.0 Cryptopro added support for carriers with unacted keys implementing the protocol Sespakeallowing you to carry out authentication without passing the user password in the open form, and install the encrypted channel for exchanging messages between the cryptoprodder and the carrier. The violator, which is in the channel between the media and the user application, can neither steal the password when authentication nor replace the subscribed data. When using similar media, the problem of safe operation with unaccustomed keys is fully solved.

The company Active, Infocript, Smartpark and Gemalto have developed new protected tokens that support this protocol (smartpark and gemalto starting with version 5.0 R2).

Carriers with unacted keys

Many users want to be able to work with those unacted keys, but at the same time not to update the tokens to the FCN level. Especially for them to the provider added support for popular key carriers of Ructane EDP 2.0, Jacarta-2 GOST and InfoCrypt VPN-KEY-TLS.

List of manufacturers and models Supported cryptopro CSP 5.0

List of manufacturers and models of media with unacted keys supported CSP 5.0 cryptopro

Company	Carrier
ISBC.	Esmart Token Gost.
Assets	Routeen 2151.
	Rukenet Pinpad.
	Ructen EDP
	Ructen EDS 2.0
	Ructen EDS 2.0 2100
	Ructen EDS 2.0 3000
	Routeen EDS PKI
	Ructen EDS 2.0 Flash
	Ructoen EDS 2.0 Bluetooth
	Ructen EDS 2.0 Touch
	Smart Map Routeen 2151
	Smart Map Routeen EDS 2.0 2100
Aladdin RD	Jacarta-2 GOST
Infocript.	InfoCrypt Token ++ TLS
Infocript.	InfoCrypt VPN-KEY-TLS

Classic passive USB tokens and smart cards

Most users prefer quick, cheap and convenient key storage solutions. As a rule, preference is given to tokens and smart cards without cryptographic coprocessors. As in previous versions Provider, in CRPTOPRO CSP 5.0, the support of all compatible carriers of the company's production, Aladdin RD, Gemalto / Safenet, MultiSoft, Novacard, Rosan, Alioth, Morphokst and smartpark are preserved.

In addition, of course, as before, methods for storing keys in windows registry, on hard disk, on flash drives on all platforms.

List of manufacturers and models Supported cryptopro CSP 5.0

List of manufacturers and models of classic passive USB-tokens and smart cards supported CSP 5.0 cryptopro

Company	Carrier
Alioth.	SCONE SERIES (V5 / V6)
Gemalto.	Optelio Contactless DXX RX
	Optelio DXX FXR3 Java
	Optelio G257.
	Optelio MPH150.
ISBC.	Esmart Taken.
ISBC.	Esmart Token Gost.
Morphokst.	Morphokst.
Novacard	Cosmo.
Rosan	G & D Element V14 / V15
	G & D 3.45 / 4.42 / 4.44 / 4.45 / 4.65 / 4.80
	Kona 2200s / 251/151s / 261/2320
	Kona2 S2120S / C2304 / D1080
SafeNet.	etoken Java Pro JC
	etoken 4100.
	etoken 5100.
	etoken 5110
	etoken 5105.
	etoken 5205.
Assets	Routeen 2151.
	Ructen S.
	Ructen KP.
	Ructen Lite.
	Ructen EDP
	Ructen EDS 2.0
	Ructen EDS 2.0 3000
	Ructogen EDP bluetooth
	Ructen EDS Flash.
	Smart Map Routeen 2151
	Smart Map Routeen Lite
	Smart Map Routeen EDP SC
	Smart Map Routeen EDS 2.0
Aladdin RD	Jacarta Gost.
	Jacarta PKI
	Jacarta Pr.
	Jacarta Lt.
	Jacarta-2 GOST
Infocript.	InfoCrypt Token ++ Lite
MultiSoft	MS_KEY P.8 Angara
MultiSoft	MS_KEY Esmart isp.5.
Smartepark.	Master
	R301 Foros
	Oscar
	Oscar 2.
	Routeen Master

Cryptopro tools

The CSP 5.0 cryptopro appeared cross-platform (Windows / Linux / MacOS) graphics application - "Cryptopro Tools" ("Cryptopro Tools").

The main idea is to provide the ability to users conveniently solve typical tasks. All major functions are available in a simple interface - while we have implemented and mode for experienced usersopening additional features.

Using the cryptopro tools, container management tasks, smart cards and cryptoproker settings are solved, and we also added the ability to create and check the PKCS # 7 electronic signature.

Supported software

CRPTOPRO CSP allows you to quickly and safely use Russian cryptographic algorithms in the following standard applications:

office package Microsoft Office.;
mail server Microsoft Exchange. and client Microsoft Outlook.;
products Adobe Systems Inc.;
browsers Yandex.Browser, satellite, Internet Explorer. , Edge.;
means for forming and verifying signatures of applications Microsoft Authenticode.;
web servers Microsoft IIS., nginx, Apache.;
remote desktops Microsoft. Remote. Desktop. Services.;
Microsoft Active Directory..

Integration with a cryptopro platform

From the first release, support and compatibility with all our products are provided:

Cryptopro Uz;
UC services;
Cryptopro EDS;
Cryptopro ipsec;
Cryptopro EFS;
Cryptopro.net;
Cryptopro Java CSP.
Cryptopro Ngate.

Operating systems and hardware platforms

Traditionally, we work in unsurpassed wide spectrum Systems:

Microsoft Windows;
Mac OS;
Linux;
FreeBSD;
Solaris;
Android;
Sailfish OS.

hardware platforms:

Intel / AMD;
PowerPC;
MIPS (Baikal);
VLIW (Elbrus);
SPARC.

and virtual environments:

Microsoft Hyper-V
Vmware.
Oracle Virtual Box.
RHEV.

Supported different versions Cryptopro CSP.

To use CSP cryptopro with a license for workplace and server.

Interfaces for embedding

To embed into applications on all platforms, CSP cryptopro is available through standard interfaces for cryptographic drugs:

Microsoft CryptoAPI;
PKCS # 11;
Openssl Engine;
Java CSP (Java Cryptography Architecture)
Qt SSL.

Performance for every taste

Many years of development experience allows us to cover all solutions from miniature ARM cards, such as Raspberry PI, to multiprocessor servers based on Intel Xeon., AMD EPYC and POWERPC, well scaling performance.

Regulatory documents

Full list of regulatory documents

Algorithms, protocols and parameters defined in the following documents of the Russian standardization system are used in the cryptoprovider.
P 50.1.113-2016 " Information technology. Cryptographic protection information. Cryptographic algorithms associated with the use of electronic digital signature algorithms and hashing functions "(also see RFC 7836" Guidelines on the Cryptographic Algorithms to Accompany The Usage of Standards Gost R 34.10-2012 and Gost R 34.11-2012 ")
P 50.1.114-2016 "Information technology. Cryptographic information protection. The parameters of elliptical curves for cryptographic algorithms and protocols "(also see RFC 7836" Guidelines on the Cryptographic Algorithms to Accompany The Usage Of Standards Gost R 34.10-2012 and Gost R 34.11-2012 ")
P 50.1.111-2016 "Information technology. Cryptographic information protection. Password Protection of Key Information »
P 50.1.115-2016 "Information technology. Cryptographic information protection. Password-based outfitting protocol (also see RFC 8133 The Security Evaluated Standardized Password-Authenticated Key Exchange (Sespake) Protocol "
Methodical recommendations of TC 26 "Cryptographic Information Protection" "Using sets of encryption algorithms based on GOST 28147-89 for the transport level security protocol (TLS)"
Methodical recommendations of TC 26 "Cryptographic Information Protection" "Using Algorithms GOST 28147-89, GOST R 34.11 and GOST R 34.10 in cryptographic messages of CMS format"
Technical specification of TC 26 "Cryptographic Information Protection" "Use of GOST 28147-89, GOST R 34.11-2012 and GOST R 34.10-2012 in IKE and ISAKMP key exchange protocols"
Technical specification of TC 26 "Cryptographic Information Protection" "Using GOST 28147-89 when encrypted investments in IPSec ESP protocols"
Technical Specification of TC 26 "Cryptographic Information Protection" "Using Algorithms GOST R 34.10, GOST R 34.11 in the Certificate Profile and Certificate Review List (CRL) of the Open Keys Infrastructure X.509
Technical specification of TC 26 "Cryptographic Information Protection" "Expansion of PKCS # 11 for the use of Russian standards GOST R 34.10-2012 and GOST R 34.11-2012"

CSP Cryptopro is a program to add and verify digital files. It adds and protects cryptographic files (electronic documents), in which there is a digital signature. The cryptopro has "WinLogon" for very important documents and third-party files that support a digital certificate.

CSP cryptopro applies in companies where there are documents in in electronic format. The program provides protection and legal force for valuable documents And paper in digital form. Data with a digital signature have a force as official documents.

CSP Cryptopro allows you to create digital protection and put a signature (certificate) for any document. This program is suitable for organizations with existing guests. It controls the data and structure of information. Management of security program algorithms is provided through a special manager.

You can configure CSP cryptopro and specify the level of protection and confidential documents. After setting up, some documents will be strictly confidential. The program is equipped with tools that give out and check security certificates. Using the WinLogon cryptopro module, you can register new users in operating system Windows.

WinLogon cryptopro works with support for the Kerberos V5 protocol. Input and data access is carried out after full verification of the media certificate of information in the organization.

The cryproproter provides protection of different digital data sources. In old organizations and companies use equipment to support diskettes. Cryptopro is created on a commercial basis with a paid license. Having installed the program, you use it 30 days, that is trial period. After that, you will have to buy a license.

Key features

Protection of a digital certificate, through check tools;
full check of digital documents and the relevance of the certificate;
electronic registration of documents on a legal basis;
access to the certificate on the main carrier and verification;
full control and verification of data after information transfer;
comparing the size of the document and other algorithms for work;
the program supports documents that are created according to this GOST;
full protection of digital documents and setting up the degree of protection;

Exchange in a full range of electronic commercial documents accompanying all stages of the order and supply of goods directly from customer accounting systems.

Complete control of the delivery process

Exchange of a full range of electronic documents in the FNS format, accompanying all stages of supplying and returning goods, mutual settlements directly from customer accounting systems.

Storage of electronic accounting documents.

The manufacturer places data on its goods and generates its sales channel for each distributor, fills its assortment and sets prices, provides distributors access to their personal account with personal product directories, price conditions.

Distributors form orders and sales reports, residues in binding to the agreed range.

Allows you to quickly and reliably synchronize product information in all sales channels: with trading networks, distributors, online stores, own retailed.

Processes and store logistics parameters, price conditions, consumer properties, media data and permits.

Instant registration of products formed products Formation and quenching of veterinary certificates directly at the time of shipment and acceptance of goods in binding to shipment documents

Monitoring and adjusting documents in real time

Accompanying the process of financing monetary requirements with the buyer's participation Requirements (factoring company or bank), a supplier of goods (creditor) and a buyer of goods (debtor).

Transparent and secure automated trilateral interaction of participants in factoring transaction, assignment and confirmation of the rights of money requirements.

A complete set of electronic documents accompanying factoring operations in EDI format and FTS

Balance and other financial indicators

Won and posted state contracts

Report to close risks in front of the FTS and the head

Affiliated persons, communication companies and their owners

Extract from EGRUL / EGRIP

Judicial claims, registry of unfair suppliers

Pick up and purchase tickets for the most favorable prices, place your booking of hotels, shuttle service, business documents, formed accounting reports

Convenient management of business trips and control of travel expenses within the organization

The possibility of post-payment, all expenses on business trips are collected in one account

Purchases 44-FZ, 223-FZ

Commercial trading, bankrupt auction

Jul / IP Registration, Cash

Reporting in government agencies, electronic document flow

State Portals and Public Services, Federal Customs Service, Egas FSrar

Electronic signature doctor

A comprehensive solution for preparing for mandatory marking of the product: an electronic signature issue for registration in the "honest sign" system, setting up account To work with the goods, exchange electronic documents With the corresponding marking code.