-
Notifications
You must be signed in to change notification settings - Fork 0
CSPTest утилита для тестирования СКЗИ КриптоПРО из командной строки
Утилита для тестирования СКЗИ КриптоПРО из командной строки
Входит в состав установки КриптоПРО - находится в папке "C:\Program Files\Crypto Pro\CSP". Отдельной лицензии не требуется - в отличие от CryptCP.
csptest.exe [global options] [mode] [options]
CSPTEST program:
select [global options] from:
-help print this help
-notime do not show time elapsed
-pause Wait for keyboard input after completion so that
you may check memory and other resources usage
-reboot Call DestroyCSProvider() of last used CSP at exit
Services (cryptsrv*, HSM, etc) not affected
-stack <mode> Set stack usage measure mode:
0 - No check, 1 - Only check,
2 - Only log, 3 - Check and log
select [mode] from:
-lowenc low level encryption/decryption test
-sfenc simplified level message encryption/decryption test
-lowsign low level message signing test
Use '-lowsign -repeat NN' instead!
-sfsign simplified level message signing/verifying test
-cmssfsign simplified level message signing/verifying test (deprecated)
-ipsec ipsec tests
-defprov default provider manipulations
-property certificate obtain/install property for secret key linking
-hash get hash of the file
-certkey change provider name in certificate secret key link
-absorb absorbs all certs from containers with secret key linking
-tlss start tls server
-tlsc start tls client
-certlic cert license info
-rc verify pkcs#10/certificate signature
-certprop show certificate properties
-sfse simplified level message SignedAndEnveloped test
-oid oid info/set/get
-passwd set/change password
-keycopy copy container
-keyset create (open) keyset
-card Card readers information
-enum CSP parameters enumeration
-perf Performance tests
-speed Speed tests and optimal function mask setting
csptest.exe -sfsign [<command>] [<options>]
CSPTEST generate PKCS#7 Signed message
using CAPI simplified message functions
<commands>:
-sign Sign data from input filename
-verify Verify signature on data specified by input filename
-help Print this help
<options>:
-in <file> Input filename to be signed or verified
-out <file> Output PKCS#7 filename
-my <DName> Cert from CURRENT_USER store (DName or thumbprint)
to process data
-MY <DName> Cert from LOCAL_MACHINE store (DName or thumbprint)
to process data
-password <PIN> Use PIN to open container
-detached Deal with detached signature
-add Add sender certificate to PKCS#7
-signature <file> Detached signature file
-alg <hashalg> Hash algorithm: SHA1, MD5, MD2,
GOST12_256, GOST12_512, GOST94_256. If not specified,
alg will be picked automatically.
-ask Acquire csp context using my cert (default: none)
-base64 Input/output with base64<->DER conversion
-addsigtime Add signing time attribute
-cades_strict Strict signingCertificateV2 attribute generation
-cades_disable Disable signingCertificateV2 attribute generation
-display_content Data to be displayed on Carrier/Reader is embedded in message content
-silent Do not display any user interface
-req_compliant Preview file before sign/verify and check certificate chain (works only with '-detached' option)
"C:\Program Files\Crypto Pro\CSP\csptest.exe" -sfsign -sign -in %1 -out %1.sig -my 1423e1c2a6f8b6dda59f5ec62d2bd8567f1559ab -password 12345678 -add -addsigtime
"C:\Program Files\Crypto Pro\CSP\csptest.exe" -sfsign -sign -in %1 -out %1.sig -my 1423e1c2a6f8b6dda59f5ec62d2bd8567f1559ab -password 12345678 -detached -add -base64 -addsigtime
"C:\Program Files\Crypto Pro\CSP\csptest.exe" -sfsign -verify -in %1 -out %~n1 -my 1423e1c2a6f8b6dda59f5ec62d2bd8567f1559ab
"C:\Program Files\Crypto Pro\CSP\csptest.exe" -sfsign -verify -signature %1 -in %~n1 -my 1423e1c2a6f8b6dda59f5ec62d2bd8567f1559ab -detached
или
"C:\Program Files\Crypto Pro\CSP\csptest.exe" -sfsign -verify -in %1 -signature %1.sig -my 1423e1c2a6f8b6dda59f5ec62d2bd8567f1559ab -detached
csptest.exe -sfenc [<command>] [<options>]
CSPTEST generate PKCS#7 Signed message
using CAPI simplified message functions
<commands>:
-encrypt Encrypt input file
-decrypt Decrypt enveloped file, specified by input filename
Default context always used with decryption
-help Print this help
<options>:
-in <file> Input filename to be encrypted or decrypted
-out <file> Output PKCS#7 filename
-my <DName> Cert from CURRENT_USER store (DName or thumbprint)
to process data
-MY <DName> Cert from LOCAL_MACHINE store (DName or thumbprint)
to process data. If certificate not specified,
default provider will be used
-password <PIN> Use PIN as password on container
-base64 Input/output with base64<->DER conversion
-cert <DName> Cert from CURRENT_USER store (DName or thumbprint)
-CERT <DName> Cert from LOCAL_MACHINE store (DName or thumbprint)
-ask Acquire context using my cert (default: none)
-alg <name> Encryption algorithm to be used. Default: GOST
Additional: RC2, RC4, DES, 3DES
-silent Do not display any user interface
"C:\Program Files\Crypto Pro\CSP\csptest.exe" -sfenc -encrypt -in %1 -out %1.enc -cert 1423e1c2a6f8b6dda59f5ec62d2bd8567f1559ab -cert 1423e1c2a6f8b6dda59f5ec62d2bd8567f1559ab
"C:\Program Files\Crypto Pro\CSP\csptest.exe" -sfenc -decrypt -in %1 -out %~n1 -my 1423e1c2a6f8b6dda59f5ec62d2bd8567f1559ab -password 12345678