ProHoster > Blog > Utongi > Chiitiko chekushandisa Rutoken tekinoroji yekunyoresa uye kubvumidza vashandisi muhurongwa (chikamu 1)

Chiitiko chekushandisa Rutoken tekinoroji yekunyoresa uye kubvumidza vashandisi muhurongwa (chikamu 1)

Masikati akanaka Ndinoda kugovera ruzivo rwangu panyaya iyi.

Rutoken ndeye Hardware uye software mhinduro mumunda wehuchokwadi, kuchengetedzwa kweruzivo uye siginecha yemagetsi. Chaizvoizvo, iyi flash drive inogona kuchengetedza data rechokwadi rinoshandiswa nemushandisi kupinda muhurongwa.

Mumuenzaniso uyu, Rutoken EDS 2.0 inoshandiswa.

Kuti ushande neRutoken iyi unoda isa mutyairi pamahwindo.

Kune Windows, kuisa mutyairi mumwechete kunovimbisa kuti zvese zvinodiwa zvakaiswa kuitira kuti OS ione Rutoken yako uye inogona kushanda nayo.

Iwe unogona kutaurirana naRutoken nenzira dzakasiyana. Iwe unogona kuiwana kubva kudivi reseva rekushandisa, kana zvakananga kubva kudivi remutengi. Uyu muenzaniso unotarisa kudyidzana neRutoken kubva kudivi remutengi wechishandiso.

Mutengi chikamu chechishandiso chinopindirana nerutoken kuburikidza nerutoken plugin. Ichi chirongwa chinoiswa zvakasiyana pane yega yega browser. Kune Windows iwe unongoda kurodha uye kuisa iyo plugin, inowanikwa pane iyi link.

Ndizvozvo, ikozvino tinogona kutaurirana naRutoken kubva kudivi remutengi rekushandisa.

Uyu muenzaniso unokurukura zano rekuita mushandisi mvumo algorithm muhurongwa uchishandisa dambudziko-mhinduro chirongwa.

Hunhu hweiyo pfungwa ndeiyi inotevera:

  1. Mutengi anotumira chikumbiro chemvumo kune server.
  2. Sevha inopindura chikumbiro kubva kumutengi nekutumira tambo isina kurongeka.
  3. Mutengi anopeta tambo iyi neasina 32 bits.
  4. Mutengi anosaina tambo yakagamuchirwa nechitupa chayo.
  5. Mutengi anotumira meseji yakagamuchirwa yakavharidzirwa kune server.
  6. Sevha inosimbisa siginicha nekugamuchira meseji yepakutanga isina kunyorwa.
  7. Sevha inobvisa ekupedzisira 32 bits kubva kune yakagamuchirwa isina kunyorwa meseji.
  8. Sevha inofananidza mhedzisiro yakagamuchirwa nemeseji yakatumirwa pakukumbira mvumo.
  9. Kana mameseji akafanana, saka mvumo inoonekwa seyakabudirira.

Mune algorithm iri pamusoro pane chinhu chakadai sechitupa. Kune uyu muenzaniso, iwe unofanirwa kunzwisisa imwe cryptographic theory. PaHabre pane chinyorwa chikuru pamusoro penyaya iyi.

Mumuenzaniso uyu, tichashandisa asymmetric encryption algorithms. Kuti uite asymmetric algorithms, iwe unofanirwa kuve uine kiyi peya uye chitupa.

Makiyi maviri ane zvikamu zviviri: kiyi yakavanzika uye kiyi yeruzhinji. Kiyi yakavanzika, sekureva kwezita rayo, inofanira kuva yakavanzika. Isu tinoishandisa kuburitsa ruzivo. Kiyi yeruzhinji inogona kugoverwa kune chero munhu. Kiyi iyi inoshandiswa encrypt data. Nekudaro, chero mushandisi anogona encrypt data achishandisa iyo yeruzhinji kiyi, asi chete muridzi wekiyi yakavanzika anogona kudhirodha ruzivo urwu.

Chitupa igwaro remagetsi rine ruzivo nezve mushandisi muridzi wechitupa, pamwe nekiyi yeruzhinji. Nechitupa, mushandisi anogona kusaina chero data uye kuitumira kune server, iyo inogona kusimbisa siginecha uye decrypt iyo data.

Kuti unyatso kusaina meseji ine chitupa, unofanirwa kuigadzira nemazvo. Kuti uite izvi, peya kiyi inotanga kugadzirwa paRutoken, uye ipapo chitupa chinofanira kubatanidzwa kune kiyi yeruzhinji yeiyi kiyi mbiri. Chitupa chinofanira kunge chine kiyi yeruzhinji iyo iri paRutoken, izvi zvakakosha. Kana isu tikangogadzira peya kiyi uye chitupa ipapo padivi remutengi wechishandiso, saka sevha ingadaro sei kubvarura iyi meseji yakavharidzirwa? Mushure mezvose, hapana chaanoziva nezve maviri kiyi kana chitupa.

Kana iwe ukanyura zvakadzama munyaya iyi, unogona kuwana ruzivo runonakidza paInternet. Pane zvimwe zviremera zvezvitupa zvatinovimba nazvo zviri pachena. Izvi zviremera zvitupa zvinogona kuburitsa zvitupa kune vashandisi; vanoisa zvitupa izvi pane yavo server. Mushure meizvi, kana mutengi asvika sevha iyi, anoona ichi chitupa, uye anoona kuti chakapihwa nechiremera chetifiketi, zvinoreva kuti sevha iyi inogona kuvimbwa nayo. Pane zvakare ruzivo rwakawanda paInternet nezve nzira yekumisa zvese nemazvo. Somuenzaniso, unogona kutanga neizvi.

Kana tikadzokera kuchinetso chedu, mhinduro yacho inoratidzika kuva iri pachena. Iwe unofanirwa kugadzira yako wega certification centre. Asi izvi zvisati zvaitika, iwe unofanirwa kufunga kuti ndechipi chikonzero nzvimbo yetifiketi inofanira kuburitsa chitupa kumushandisi, nekuti hapana chaanoziva nezvazvo. (Semuenzaniso, zita rake rokutanga, zita rekupedzisira, nezvimwewo) Pane chinhu chakadaro chinonzi chikumbiro chetifiketi. Rumwe ruzivo nezve chiyero ichi chinogona kuwanikwa, semuenzaniso, paWikipedia ru.wikipedia.org/wiki/PKCS
Tichashandisa shanduro 1.7 - PKCS#10.

Ngatitsanangure algorithm yekugadzira chitupa paRutoken (yekutanga sosi: zvinyorwa):

  1. Isu tinogadzira peya kiyi pamutengi uye toichengeta paRutoken. (kuchengetedza kunoitika otomatiki)
  2. Isu tinogadzira chikumbiro chetifiketi pamutengi.
  3. Kubva kumutengi tinotumira chikumbiro ichi kune server.
  4. Kana isu tikagashira chikumbiro chetifiketi pane server, isu tinoburitsa chitupa kubva kune yedu certification chiremera.
  5. Isu tinotumira ichi chitupa kumutengi.
  6. Isu tinochengetedza chitupa cheRutoken pamutengi.
  7. Chitupa chinofanirwa kusungirirwa kune kiyi peya yakagadzirwa padanho rekutanga.

Iye zvino zvinova pachena kuti sevha ichakwanisa sei kubvisa siginecha yemutengi, sezvo iyo pachayo yakapa chitupa kwaari.

Muchikamu chinotevera, tichanyatso tarisisa maitiro ekumisikidza chiremera chako chetifiketi zvichibva pane yakazara-yakazara yakavhurika-sosi cryptography raibhurari yakavhurikaSSL.

Source: www.habr.com

Voeg