EldoS | Feel safer!

Software components for data protection, secure storage and transfer

gost algorithms support

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
#24121
Posted: 03/15/2013 04:44:17
by Dmitry Sokolov (Basic support level)
Joined: 03/13/2013
Posts: 7

1. I am very sorry but The problem is that I develop programs that run on the client, while the server is using the systems, using technology CryptoPro or another certified manufacturer. I need them to understand each other.
In addition, certificates and key pairs should be produced on certified systems designed CryptoPro or another certified manufacturer.

2. There is the solution for exporting CryptoPro private keys, proof: http://soft.lissi.ru/docs/util/P12FromGostCSP.rar

3. How soon do you plan to test work of TElWin32CryptoProvider?

4. And what about decoding the result of TElMessageEncryptor?

Regards, Dmitry
#24122
Posted: 03/15/2013 05:18:27
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

1. Actually, that's not a good practice to generate private keys on server - usually they are generated on client side, and their public parts are sent to server for signing. However, you may have other reasons for that.
2. Thanks for the link. We will check it with all other stuff. As I told, when we were implementing GOST support there were no way to export/import private key from CryptoPro CSP. Things seems to be changed since that time.
3. I cannot say for sure since there are some other tasks in line. I think, in a week or two, but this is just an estimation.
4. Since it also requires working with CSP side we will check it with all other CSP-related stuff.
#24130
Posted: 03/15/2013 09:59:06
by Dmitry Sokolov (Basic support level)
Joined: 03/13/2013
Posts: 7

Hello!

Quote
Actually, that's not a good practice to generate private keys on server - usually they are generated on client side, and their public parts are sent to server for signing.
- I agree with you, I was wrong. I also would like to implement the functionality for key and certificate requests generation in my client applications. But I must generate certificates by means of the certified CA manufactured by CryptoPro (it's not in my will to change this).

So I still have hope? Then please answer the following set of questions:

1. Will I be able to create a key pair and certificate request with SecureBlackbox, and then issue a certificate using CryptoPro CA? How to do it?

2. Will I be able to verify the xmldsig signature formed by SecureBlackbox by means of CryptoPro CSP on the server side?

3. Will I be able to decrypt encrypted using SecureBlackbox file using CryptoPro?

Regards, Dmitry
#24132
Posted: 03/16/2013 05:53:20
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

1. Yes, you can generate GOST certificates and certificate requests, please check the CertificateDemo.
2. Yes.
3. Yes.

Reply

Statistics

Topic viewed 3163 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!