Статус: Новичок
Группы: Участники
Зарегистрирован: 08.05.2026(UTC) Сообщений: 3  Откуда: Москва
|
Автор: Русев Андрей  Код:"C:\Program Files\Crypto Pro\CSP\csptest.exe" -keyset -verifyco
"C:\Program Files\Crypto Pro\CSP\csptest.exe" -tlsc -server lkipgost2.nalog.ru -nosave -v -nocheck
C:\Windows\system32>"C:\Program Files\Crypto Pro\CSP\csptest.exe" -keyset -verifyco
CSP (Type:80) v5.0.10014 KC1 Release Ver:5.0.13800 OS:Windows CPU:IA32 FastCode:READY:SSSE3. DISABLED:AESNI;
AcquireContext: OK. HCRYPTPROV: 2446392
GetProvParam(PP_NAME): Crypto-Pro GOST R 34.10-2012 Cryptographic Service Provider
Total: SYS: 0,000 sec USR: 0,000 sec UTC: 0,031 sec
[ErrorCode: 0x00000000]
C:\Windows\system32>"C:\Program Files\Crypto Pro\CSP\csptest.exe" -tlsc -server lkipgost2.nalog.ru -nosave -v -nocheck
12 algorithms supported:
Algid Class OID
[00] 0x660e 0x6000
[01] 0x6610 0x6000
[02] 0x6801 0x6000 1.2.840.113549.3.4 (rc4)
[03] 0x6603 0x6000 1.2.840.113549.3.7 (3des)
[04] 0x6601 0x6000 1.3.14.3.2.7 (des)
[05] 0x8003 0x8000 1.2.840.113549.2.5 (md5)
[06] 0x8004 0x8000 1.3.14.3.2.26 (sha1)
[07] 0x2400 0x2000 1.2.840.113549.1.1.1 (RSA)
[08] 0xaa02 0xa000 1.2.840.113549.1.9.16.3.5 (ESDH)
[09] 0xae06 0xa000
[10] 0x2200 0x2000 1.2.840.10040.4.1 (DSA)
[11] 0x2203 0x2000
Cipher strengths: 128..256
Supported protocols: 0xa0:
Secure Sockets Layer 3.0 client side
Transport Layer Security 1.0 client side
dwProtocolMask: 0x800e2aaa
Record version: 3.1
Protocol version: 3.1
ClientHello: RecordLayer: TLS, Len: 121
SessionId: (empty)
Cipher Suites: (00 2f) (00 35) (00 05) (00 0a) (c0 13) (c0 14) (c0 09) (c0 0a) (00 32) (00 38) (00 13) (00 04) (ff 85) (00 81)
126 bytes of handshake data sent
1460 bytes of handshake data received
Handshake extra buffer: 1370 bytes
3877 bytes of handshake data received
557 bytes of handshake data received
Server requested new credentials!
Trying to create new credential
Issuers: 0, Length: 0 bytes
Client certificate:
Valid : 27.02.2025 18:37:13 - 27.02.2026 18:37:13 (UTC). Expired or not yet valid
Issuer : C=RU, O=CREDIT BANK OF MOSCOW, CN=MKB-ISSUING-GOST-CA1
**** Error 0x8009030e returned by AcquireCredentialsHandle
Client certificate:
Valid : 05.05.2026 16:27:53 - 05.08.2027 16:37:53 (UTC)
Issuer : INNLE=7707329152, E=uc@tax.gov.ru, OGRN=1047707030513, C=RU
PrivKey: 05.05.2026 16:27:53 - 05.08.2027 16:27:53 (UTC)
new schannel credential created
20 algorithms supported:
Algid Class OID
[00] 0x661e 0x6000 1.2.643.2.2.21 (GOST 28147-89)
[01] 0x6631 0x6000 1.2.643.7.1.1.5.2.1 (GOST R 34.12-2015 Kuznyechik CTR-ACPKM)
[02] 0x6630 0x6000 1.2.643.7.1.1.5.1.1 (GOST R 34.12-2015 Magma CTR-ACPKM)
[03] 0x801e 0x8000 1.2.643.2.2.9 (GOST R 34.11-94)
[04] 0x8021 0x8000 1.2.643.7.1.1.2.2 (GOST R 34.11-2012 256 bit)
[05] 0x801f 0x8000
[06] 0x803d 0x8000
[07] 0x803c 0x8000
[08] 0x2e23 0x2000 1.2.643.2.2.19 (GOST R 34.10-2001)
[09] 0x2e49 0x2000 1.2.643.7.1.1.1.1 (GOST R 34.10-2012 256 bit)
[10] 0x2e3d 0x2000 1.2.643.7.1.1.1.2 (GOST R 34.10-2012 512 bit)
[11] 0x660e 0x6000
[12] 0x6610 0x6000
[13] 0x6603 0x6000 1.2.840.113549.3.7 (3des)
[14] 0x8004 0x8000 1.3.14.3.2.26 (sha1)
[15] 0x800c 0x8000
[16] 0x800d 0x8000
[17] 0x800e 0x8000
[18] 0x2400 0x2000 1.2.840.113549.1.1.1 (RSA)
[19] 0xae06 0xa000
Cipher strengths: 128..256
Supported protocols: 0xa80:
Transport Layer Security 1.0 client side
Transport Layer Security 1.1 client side
Transport Layer Security 1.2 client side
dwProtocolMask: 0x800e2aaa
4711 bytes of handshake data sent
31 bytes of handshake data received
Handshake was successful
SECPKG_ATTR_SESSION_INFO: Reuse: 0, SessionId: 111a0907360315fd24bd344f774f9d98ce77f0459e672008c15bba32c454f8cd
SECPKG_ATTR_CIPHER_INFO: Version: 1
SECPKG_ATTR_CIPHER_INFO: Protocol: 301
SECPKG_ATTR_CIPHER_INFO: CipherSuite: ff85, TLS_GOSTR341112_256_WITH_28147_CNT_IMIT
SECPKG_ATTR_CIPHER_INFO: BaseCipherSuite: ff85
SECPKG_ATTR_CIPHER_INFO: Cipher: GOST 28147-89, Len: 256, BlockLen: 1
SECPKG_ATTR_CIPHER_INFO: Hash: GR 34.11-2012 256, Len: 256
SECPKG_ATTR_CIPHER_INFO: Exchange: GOST DH 34.10-2012 256, MinLen: 512, MaxLen: 512
SECPKG_ATTR_CIPHER_INFO: Certificate: GR 34.10-2012 256, KeyType: 23
SECPKG_ATTR_CONNECTION_INFO: Protocol: 0x80 (TLS 1.0)
SECPKG_ATTR_CONNECTION_INFO: Cipher: 0x661e (GOST 28147-89)
SECPKG_ATTR_CONNECTION_INFO: Cipher strength: 256
SECPKG_ATTR_CONNECTION_INFO: Hash: 0x8021 (GOST R 34.11-2012 (256))
SECPKG_ATTR_CONNECTION_INFO: Hash strength: 256
SECPKG_ATTR_CONNECTION_INFO: Exch: 0xaa47 (GOST R 34.10-2012 (256) Ephemeral)
SECPKG_ATTR_CONNECTION_INFO: Key exchange strength: 512
SECPKG_ATTR_KEY_INFO: KeySize: 256
SECPKG_ATTR_KEY_INFO: SignatureAlgorithm: 0x2e49, Name: GOST R 34.11 2012 256
SECPKG_ATTR_KEY_INFO: EncryptAlgorithm: 0x661e, Name: GOST 28147-89
SECPKG_ATTR_NAMES: INNLE=7707329152, OGRN=1047707030513, C=RU
SECPKG_ATTR_PACKAGE_INFO: fCapabilities: 0x107B3
SECPKG_ATTR_PACKAGE_INFO: wVersion: 1
SECPKG_ATTR_PACKAGE_INFO: wRPCID: 65535
SECPKG_ATTR_PACKAGE_INFO: cbMaxToken: 16379
SECPKG_ATTR_PACKAGE_INFO: Name: CryptoPro SSP
SECPKG_ATTR_PACKAGE_INFO: Comment: CryptoPro Security Package
Server certificate:
Subject: INNLE=7707329152, OGRN=1047707030513, C=RU
Valid : 03.02.2026 08:21:00 - 03.05.2027 08:31:00 (UTC)
Issuer : INNLE=7707329152, E=uc@tax.gov.ru, OGRN=1047707030513, C=RU
PrivKey: 03.02.2026 08:20:59 - 03.05.2027 08:20:59 (UTC)
CA subject: INNLE=7707329152, E=uc@tax.gov.ru, OGRN=1047707030513, C=RU
CA issuer : E=dit@digital.gov.ru, C=RU, S=77 Москва
CA subject: E=dit@digital.gov.ru, C=RU, S=77 Москва
CA issuer : E=dit@digital.gov.ru, C=RU, S=77 Москва
SECPKG_ATTR_STREAM_SIZES: Header: 5, Trailer: 4, MaxMessage: 16384
SECPKG_ATTR_STREAM_SIZES: Buffers: 4, BlockSize: 1
SECPKG_ATTR_SIZES: MaxToken: 16384
SECPKG_ATTR_SIZES: MaxSignature: 4
SECPKG_ATTR_SIZES: BlockSize: 1
SECPKG_ATTR_SIZES: SecurityTrailer: 9
HTTP request: GET / HTTP/1.1
User-Agent: Webclient
Accept:*/*
Host: lkipgost2.nalog.ru
Connection: close
Sending plaintext: 98 bytes
116 bytes of application data sent
368 bytes of (encrypted) application data received
Decrypted data: 348 bytes
Extra data: 11 bytes
Context expired: OK if file is completely downloaded
Reply status: HTTP/1.1 301 Moved Permanently
E:\branches\CSP_5_0r4y\branches\CSP_5_0r4y_0\CSP\samples\csptest\WebClient.c:303
0:Bad HTTP status.
Error 0x0:
HttpsGetFile: 0x0000012d
E:\branches\CSP_5_0r4y\branches\CSP_5_0r4y_0\CSP\samples\csptest\WebClient.c:126
1:Error fetching file from server.
Error 0x12d: An invalid oplock acknowledgment was received by the system.
Total: SYS: 0,047 sec USR: 0,234 sec UTC: 24,981 sec
[ErrorCode: 0x0000012d]
Сделал, только обрезал личные данные из полей сертификатов Автор: Русев Андрей Плюс к этому включить максимальное журналирование для модуля SSP: в админской консоли Код:reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Crypto Pro\Cryptography\CurrentVersion\Debug" /v ssp /t REG_DWORD /d 0x1f000001 /f
Потом перезагрузить, попробовать подключиться в Яндекс Браузере и пислать журнал Windows в виде evtx-файла – на вкладке Приложение (Application) - правой кнопкой и "Save All Events As...". Добавил журнал в виде зипа, без него не влез в загрузчик  nalog.zip (1,157kb) загружен 0 раз(а).Отредактировано пользователем 15 мая 2026 г. 20:29:08(UTC)
| Причина: Не указана
|
