• Download cryptopro latest version 64-bit. Purpose of CryptoPro CSP. Supported key storage technologies

    After purchasing a license in our online store, you will receive an email in which you will find:

    • product license key
    • link to product distribution
    • link to user manual
    Since no one likes to read the user manual anyway (and you wouldn’t be reading this article if you had read the manual), we only need product license key And link to distribution.

    Step 1

    First you need to find out whether you have installed Cryptopro CSP earlier and if installed, what version?

    This can be done by carefully examining your Start menu: there should be an item CRYPTO-PRO, which has a program CryptoPro CSP.

    If you don’t find it, most likely you don’t have CryptoPRO installed, so feel free to go to.

    If you find it, run it CryptoPro CSP. There we see the General tab, where the license validity period and version number are indicated.

    If the version number matches the version you purchased (for example, if the window says 4.0.****, and you bought CryptoPro CSP 4.0, it means it matches), then you you don't have to reinstall the program, but simply enter the license key. How to do this - look at .

    Step 2

    You find out that the program is not installed. This means you need to download CryptoPro CSP and install it.

    Downloading it is not so easy: the crypto provider is a means of cryptographic information protection, which means its distribution is subject to registration with the relevant authorities. Therefore, you will need to follow the link that came to you in the letter or go to the CryptoPro website yourself using the link http://www.cryptopro.ru/downloads and select from the list of products CryptoPro CSP.

    You will see something like this:


    Click on the link " Pre-registration" and fill out a form from many fields. After filling out the form and registering, you will be required to agree to the license agreement, and then you will still have the opportunity to download the program distribution.

    At the time of publication, the distribution selection page looks like this:


    If you purchased the version CryptoPro CSP 3.6, then you will need to select a version R4- today it is the most functional.

    If you purchased a license for CryptoPro CSP 3.9 be careful: CryptoPro CSP 3.9 - certified version, but does not support Windows 10, CryptoPro CSP 3.9R2 - supports Windows 10, certification planned for Q4 2015

    If you bought version 4.0, then select CryptoPro CSP 4.0 accordingly (recommended for working with Windows 10, certification is planned for the third quarter of 2015).

    You will need to download this file:

    Step 3

    You have downloaded the installation file CryptoPro CSP, and now you will need to install the program itself. To do this, run the installation file; if we see a security warning, you need to allow the program to make changes on your computer. In the window that opens, click the button Install (recommended)

    Installation of the program takes place automatically within a few minutes and does not require user participation.


    All, installation complete.

    Step 4

    Now you need to enter the license key in a special window. You can get to it this way (the path may vary slightly depending on the version of the operating system):

    Start - Programs - CryptoPro - CryptoPro CSP.

    Then press the button Entering a license


    In the window that opens, fill in the fields in accordance with the received license.


    Step 5

    We rejoice! We have just installed a crypto provider. Not that hard, right?

    But you need to understand that CryptoPro CSP itself cannot do anything. The next step is to install (or simply configure) programs that will interact with CryptoPro CSP and solve your problems, be it electronic signature, encryption or something else.

    Usually, to carry out an electronic signature, they use or - they can be purchased from us in the online store. We tried to make the purchase as convenient as possible: electronic licenses are sent immediately after payment (even overnight), a large selection of payment methods.

    If you found the instructions useful - share it, you will find buttons for this right below the article.

    In the following instructions I will tell you how to install CryptoPro Office Signature , CryptoARM, how to work with tokens and so on.

    If you don’t want to miss our articles, subscribe to us on social networks! Links to our social media pages can be found at the very bottom of the screen.

    A cryptoprovider is a means of cryptoprotection of information (), without which use becomes impossible. is formed on the basis of cryptographic algorithms, and the implementation of these processes is possible only with the presence of CIPF. CryptoPro CSP is the most popular product on the Russian market of cryptographic utilities. Most electronic trading platforms, state information systems (UAIS FST, EGAIS, etc.) and regulatory authorities that accept reports via the Internet (Federal Tax Service, Social Insurance Fund, Pension Fund of Russia) work with this program.

    At the end of September 2019, two versions of CIPF are valid in the CRYPTO-PRO line - 4.0 and 5.0. Both programs are certified and provide a full range of capabilities for digital signature owners. In this article we will focus on, consider the functions and characteristics of the software, licensing features, installation and configuration procedures.

    We will help you obtain an electronic signature. Consultation 24 hours!

    Leave a request and get a consultation.

    CIPF CryptoPro version 4.0: characteristics and functionality

    State portals and trading platforms that accept information from users post on their websites requirements and instructions for working with electronic documents. In addition to , there is another popular crypto provider on the market - VipNet CSP. But some organizations (for example, Rosreestr) limit users’ choices and specify in the requirements the mandatory use of CryptoPro CSP. When issuing CEDS certificates, certification authorities also most often use CryptoPro, so if the user installs another crypto provider on the PC, errors may occur when creating the digital signature.

    Software functions

    CryptoPro software is systematically updated and improved. Latest certified build version (3-Base version). All current updates can be tracked on the developer’s official website in the “Certificates” section.

    The crypto provider has been certified by the FSB. This means that it can be used to create an electronic signature and encrypt data in accordance with the Federal Law-63.

    CIPF performs the following functions:

    • gives legal force to digital files certified by the CEDS;
    • prevents data compromise using modern cryptographic encryption and imitation protection tools;
    • guarantees the authenticity and immutability of electronic files;
    • supports the official authorization of private entrepreneurs and legal entities on Internet platforms and web portals of government bodies.

    Without a crypto provider, the user will not be able to participate in electronic document management (EDF) and perform the following operations:

    • remote ;
    • sending reporting documentation to Rosstat, Pension Fund and other government agencies;
    • interaction with information services, AIS State Order, GIS Housing and Communal Services, etc.;
    • bank transfers and other financial transactions where CEDS are needed;
    • submitting an online application for participation in auctions under Federal Laws No. 223 and No. 44;
    • support of bankruptcy proceedings;
    • interaction with participants in corporate electronic document flow.

    From January 1, 2019, all CAs issue electronic certificates according to the new standard (GOST R 34.10-2012). The software fully complies with this standard and supports new cryptographic protection algorithms.

    • System requirements for installing software

      To fully use all the functionality of the crypto provider, all that remains is to install certificates in the PC registry. As a rule, CAs issue certificates on key flash media; in rare cases, they are sent to the owner’s email.

      The certificate is installed in the “Service” section of the CryptoPro program. It is recommended to perform this procedure in accordance with the instructions from the developer. As a result, the certificate should be saved in the “Personal” folder.

      At the final stage, save the root certificate (RC), which is available for download on the CA website. This document is saved in the Trusted folder. The CS performs an important function in e-document flow - it confirms that the certificate was obtained from an accredited CA.

    CIPF(a cryptographic information protection tool) “CryptoPro CSP” is an independent OS module designed to perform various cryptographic operations, such as electronic signature, encryption, and imitation protection. The functioning of the vast majority of encryption software products is impossible without a crypto provider, and signing electronic signature documents is also impossible.

    The functionality of the CryptoPro CSP module is that it:

    • allows you to submit reports electronically to various government agencies;
    • ensures participation in electronic trading;
    • organizes legally significant document flow;
    • protects confidential information at the time of its transmission.
    Module "CryptoPro CSP" developed by CRYPTO-PRO, a company that is one of the leaders in the information security market. At this time, 5 versions of the CryptoPro CSP module have been released, the difference between which lies in the following parameters: the operating system in which the program operates; supported cryptographic algorithms; validity periods of certificates issued by competent authorities. The development company has posted a table on its official Internet resource with a detailed comparison of all current versions of the CryptoPro CSP module. On this website, the development company has posted information about current certificates.

    How to install "CryptoPro 4.0"

    The latest current version of the CryptoPro CSP module is the fourth, which operates on the basis of new signature algorithms in accordance with GOST R 34.10-2012. “CryptoPro CSP 4.0” can run on Windows 10. At this time, this module is not certified, but the developer company plans to certify the 4th version of its product in the very near future.
    The following is a description of how how to install “CryptoPro 4.0”.
    The official Internet resource of the development company "CRYPTO-PRO" upon completion of preliminary registration provides the opportunity to download files, distributions, updates, etc. of the CryptoPro CSP program.

    Once registration is complete, a page with a license agreement will appear. You must read its terms and conditions and then, if you agree with them, click on “I agree.” Next you will be taken to the file download page.

    In order to download the distribution, you must first select “CryptoPro CSP 4.0 for Windows and UNIX (uncertified)”, and then in the link that appears with information about the checksum, left-click on “CryptoPro CSP 4.0 for Windows”.

    How to install CryptoPro 4.0. When the download is complete, you need to run the newly downloaded program file “CSPSetup.exe”. In the security warning window that opens, in order to allow the program to make changes to the computer, you need to click on the “Yes” button. In the next window that opens, select “Install (recommended).”


    The installation of the CryptoPro CSP 4.0 module will begin, which will take a few seconds.

    After installing the CryptoPro CSP 4.0 module on your computer, you can start working with it.

    Memo:
    • according to the terms of the license agreement, there is a limitation on the period of use of the demo version of CryptoPro CSP 4.0, which is 90 days from the moment of direct installation of the product;
    • The demo version of the CryptoPro CSP 4.0 module is provided only during the initial installation of the product; if installed again, the program will not work in demo mode.
    Information about the type of license and its validity period is posted in the CryptoPro CSP application. In the Windows 10 operating system, it is most convenient to use the application search, for which you need to click on the “Magnifying Glass” icon, which is located next to “Start”, and then select “Classic application “CryptoPro CSP”.

    A new “CryptoPro CSP” window will appear, where in the “General” tab information about the license is located (serial number, not fully specified; owner’s name; name of organization; license type: client or service; validity period; when the initial installation was carried out, etc.) d.). Here you can purchase a license online and enter its serial number.

    The CryptoPro CSP 4.0 module operates during the entire license period. If your current license has expired, you must purchase the right to a new one. This can be done at any convenient time. The license key (i.e. its serial number) is sent to the specified email address immediately after payment is received.
    To enter a new serial number, you must click on “Enter license”. A window will open in which in the “Serial number” item you should indicate the purchased license key and then click on “Ok”.

    After completing all installation stages, the CryptoPro CSP 4.0 program is completely ready for use.

    CryptoPro CSP 5.0 is a new generation of crypto provider, developing three main product lines of the CryptoPro company: CryptoPro CSP (classic tokens and other passive storage of secret keys), CryptoPro FKN CSP/Rutoken CSP (unretrievable keys on tokens with secure messaging) and CryptoPro DSS (keys in the cloud).

    All the advantages of products from these lines are not only preserved, but also multiplied in CryptoPro CSP 5.0: the list of supported platforms and algorithms is wider, performance is higher, and the user interface is more convenient. But the main thing is that working with all key media, including keys in the cloud, is now uniform. To transfer the application system in which CryptoPro CSP of any version worked to support keys in the cloud or to new media with non-removable keys, no software reworking will be required - the access interface remains the same, and work with the key in the cloud will occur exactly the same in the same way as with the classic key carrier.

    Purpose of CryptoPro CSP

    • Generating and verifying an electronic signature.
    • Ensuring confidentiality and monitoring the integrity of information through its encryption and imitation protection.
    • Ensuring authenticity, confidentiality and imitational protection of connections using the and protocols.
    • Monitoring the integrity of system and application software to protect it from unauthorized changes and violations of trusted functioning.

    Supported Algorithms

    In CryptoPro CSP 5.0, along with Russian ones, foreign cryptographic algorithms are implemented. Now users have the opportunity to use familiar key media to store RSA and ECDSA private keys.

    Supported key storage technologies

    Cloud token

    In the cryptoprovider CryptoPro CSP 5.0, for the first time, it became possible to use keys stored on the CryptoPro DSS cloud service through the CryptoAPI interface. Now keys stored in the cloud can be easily used by any user applications, as well as most Microsoft applications.

    Media with non-retrievable keys and secure messaging

    CryptoPro CSP 5.0 adds support for media with non-retrievable keys that implement the protocol SESPAKE, allowing authentication without transmitting the user’s password in clear text, and establishing an encrypted channel for the exchange of messages between the crypto provider and the carrier. An attacker located in the channel between the medium and the user's application can neither steal the authentication password nor replace the signed data. When using such media, the problem of secure work with non-removable keys is completely solved.

    Companies Active, InfoCrypt, SmartPark and Gemalto have developed new secure tokens that support this protocol (SmartPark and Gemalto starting from version 5.0 R2).

    Media with non-removable keys

    Many users want to be able to work with non-retrievable keys, but not upgrade tokens to the FKN level. Especially for them, the provider has added support for the popular key carriers Rutoken EDS 2.0, JaCarta-2 GOST and InfoCrypt VPN-Key-TLS.

    List of manufacturers and models supported by CryptoPro CSP 5.0

    List of manufacturers and models of media with non-removable keys supported by CryptoPro CSP 5.0
    Company Carrier
    ISBC Esmart Token GOST
    Assets Rutoken 2151
    Rutoken PINPad
    Rutoken EDS
    Rutoken EDS 2.0
    Rutoken EDS 2.0 2100
    Rutoken EDS 2.0 3000
    Rutoken EDS PKI
    Rutoken EDS 2.0 Flash
    Rutoken EDS 2.0 Bluetooth
    Rutoken EDS 2.0 Touch
    Smart card Rutoken 2151
    Smart card Rutoken EDS 2.0 2100
    Aladdin R.D. JaCarta-2 GOST
    Infocrypt InfoCrypt Token++ TLS
    InfoCrypt VPN-Key-TLS

    Classic passive USB tokens and smart cards

    Most users prefer fast, cheap and convenient key storage solutions. As a rule, preference is given to tokens and smart cards without cryptographic coprocessors. As in previous versions of the provider, CryptoPro CSP 5.0 retains support for all compatible media produced by the companies Active, Aladdin R.D., Gemalto/SafeNet, Multisoft, NovaCard, Rosan, Alioth, MorphoKST and SmartPark.

    In addition, of course, as before, methods for storing keys in the Windows registry, on a hard drive, on flash drives on all platforms are supported.

    List of manufacturers and models supported by CryptoPro CSP 5.0

    List of manufacturers and models of classic passive USB tokens and smart cards supported by CryptoPro CSP 5.0
    Company Carrier
    Alioth SCOne Series (v5/v6)
    Gemalto Optelio Contactless Dxx Rx
    Optelio Dxx FXR3 Java
    Optelio G257
    Optelio MPH150
    ISBC Esmart Token
    Esmart Token GOST
    MorphoKST MorphoKST
    NovaCard Cosmo
    Rosan G&D element V14 / V15
    G&D 3.45 / 4.42 / 4.44 / 4.45 / 4.65 / 4.80
    Kona 2200s / 251 / 151s / 261 / 2320
    Kona2 S2120s/C2304/D1080
    SafeNet eToken Java Pro JC
    eToken 4100
    eToken 5100
    eToken 5110
    eToken 5105
    eToken 5205
    Assets Rutoken 2151
    Rutoken S
    Rutoken KP
    Rutoken Lite
    Rutoken EDS
    Rutoken EDS 2.0
    Rutoken EDS 2.0 3000
    Rutoken EDS Bluetooth
    Rutoken EDS Flash
    Smart card Rutoken 2151
    Smart card Rutoken Lite
    Smart card Rutoken EDS SC
    Smart card Rutoken EDS 2.0
    Aladdin R.D. JaCarta GOST
    JaCarta PKI
    JaCarta PRO
    JaCarta LT
    JaCarta-2 GOST
    Infocrypt InfoCrypt Token++ lite
    Multisoft MS_Key isp.8 Hangar
    MS_Key ESMART use.5
    SmartPark Master's degree
    R301 Foros
    Oscar
    Oscar 2
    Magister's Rutoken

    CryptoPro Tools

    As part of CryptoPro CSP 5.0, a cross-platform (Windows/Linux/macOS) graphical application appeared - “CryptoPro Tools”.

    The main idea is to provide users with the opportunity to conveniently solve common problems. All basic functions are available in a simple interface - at the same time, we have also implemented a mode for advanced users, which opens up additional opportunities.

    Using CryptoPro Tools, the tasks of managing containers, smart cards and crypto provider settings are solved, and we have also added the ability to create and verify a PKCS#7 electronic signature.

    Supported Software

    CryptoPro CSP allows you to quickly and securely use Russian cryptographic algorithms in the following standard applications:

    • office suite Microsoft Office;
    • mail server Microsoft Exchange and client Microsoft Outlook;
    • products Adobe Systems Inc.;
    • browsers Yandex.Browser, Sputnik, Internet Explorer,Edge;
    • application signature generation and verification tool Microsoft Authenticode;
    • web servers Microsoft IIS, nginx, Apache;
    • Remote Desktop Tools Microsoft Remote Desktop Services;
    • Microsoft Active Directory.

    Integration with the CryptoPro platform

    From the very first release, support and compatibility with all our products are provided:

    • CryptoPro CA;
    • CA Services;
    • CryptoPro EDS;
    • CryptoPro IPsec;
    • CryptoPro EFS;
    • CryptoPro.NET;
    • CryptoPro Java CSP.
    • CryptoPro NGate

    Operating systems and hardware platforms

    Traditionally, we work in an unrivaledly wide range of systems:

    • Microsoft Windows;
    • Mac OS;
    • Linux;
    • FreeBSD;
    • Solaris;
    • Android;
    • Sailfish OS.

    hardware platforms:

    • Intel/AMD;
    • PowerPC;
    • MIPS (Baikal);
    • VLIW (Elbrus);
    • Sparc.

    and virtual environments:

    • Microsoft Hyper-V
    • VMWare
    • Oracle Virtual Box
    • RHEV.

    Supported by different versions of CryptoPro CSP.

    To use CryptoPro CSP with a license for a workstation and a server.

    Interfaces for embedding

    For integration into applications on all platforms, CryptoPro CSP is available through standard interfaces for cryptographic tools:

    • Microsoft CryptoAPI;
    • PKCS#11;
    • OpenSSL engine;
    • Java CSP (Java Cryptography Architecture)
    • Qt SSL.

    Performance for every taste

    Years of development experience allows us to cover all solutions from miniature ARM boards such as Raspberry PI to multiprocessor servers based on Intel Xeon, AMD EPYC and PowerPC, with excellent performance scaling.

    Regulatory documents

    Complete list of regulatory documents

    • The crypto provider uses algorithms, protocols and parameters defined in the following documents of the Russian standardization system:
    • R 50.1.113–2016 “Information technology. Cryptographic information protection. Cryptographic algorithms accompanying the use of electronic digital signature algorithms and hashing functions" (also see RFC 7836 "Guidelines on the Cryptographic Algorithms to Accompany the Usage of Standards GOST R 34.10-2012 and GOST R 34.11-2012")
    • R 50.1.114–2016 “Information technology. Cryptographic information protection. Elliptic curve parameters for cryptographic algorithms and protocols" (also see RFC 7836 "Guidelines on the Cryptographic Algorithms to Accompany the Usage of Standards GOST R 34.10-2012 and GOST R 34.11-2012")
    • R 50.1.111–2016 “Information technology. Cryptographic information protection. Password protection of key information"
    • R 50.1.115–2016 “Information technology. Cryptographic information protection. "Shared Key Generation Protocol with Password Authentication" (also see RFC 8133 The Security Evaluated Standardized Password-Authenticated Key Exchange (SESPAKE) Protocol ")
    • Methodological recommendations TC 26 “Cryptographic information protection” “Use of sets of encryption algorithms based on GOST 28147-89 for the transport layer security protocol (TLS)”
    • Methodological recommendations TC 26 “Cryptographic information protection” “Use of GOST 28147-89, GOST R 34.11 and GOST R 34.10 algorithms in cryptographic messages in CMS format”
    • Technical specification TC 26 “Cryptographic information protection” “Use of GOST 28147-89, GOST R 34.11-2012 and GOST R 34.10-2012 in the IKE and ISAKMP key exchange protocols”
    • Technical specification TC 26 “Cryptographic information protection” “Use of GOST 28147-89 when encrypting attachments in IPsec ESP protocols”
    • Technical specification TC 26 “Cryptographic information protection” “Use of GOST R 34.10, GOST R 34.11 algorithms in the certificate profile and certificate revocation list (CRL) of the X.509 public key infrastructure”
    • Technical specification TC 26 “Cryptographic information protection” “Extension of PKCS#11 for the use of Russian standards GOST R 34.10-2012 and GOST R 34.11-2012”

    CSP CryptoPro is a reliable commercial software tool designed to add and verify cryptographic protection on important documents and other files that require an electronic digital signature (EDS). The program is intended primarily for companies that have switched to electronic document management. Thanks to it, it is possible to ensure the legal validity of individual securities presented exclusively in digital form. In essence, a digital signature is a kind of analogue of a wet seal for physical documents.

    This solution complies with all current GOSTs regulating information control and data integrity during transmission. To manage the security algorithms used, CSP CryptoPro provides a special manager, which is also responsible for setting other parameters of the program. In addition, the crypto provider’s kit includes tools that are responsible for “issuing” and verifying certificates. It also includes the CryptoPro Winlogon module. Its main task is to perform initial authentication of new users in the Windows environment. The operation of this component is based on the Kerberos V5 protocol, and authorization occurs after verifying the certificate of a USB token, smart card, or any other key media used in the enterprise. In general, the crypto provider allows you to use a variety of types of key media. For companies using relatively old computer equipment, there is even the possibility of using floppy disks in 3.5 format.

    Based on the fact that this is an exclusively commercial software solution, it is easy to guess that it is paid. Although the developer CryptoPro kindly provides a demo version of his tool, which can only be used for the first thirty days. After this period, you will need to purchase a license.

    Key Features

    • contains tools for adding and verifying electronic digital signatures (EDS);
    • can add and verify issued digital certificates;
    • gives legal weight to electronic copies of documents;
    • can perform authentication after verifying the certificate on the key medium;
    • ensures control of the integrity of transmitted information;
    • the algorithm used to generate hash sums and other algorithms used by the program fully comply with these GOSTs.
    Read more: