Установка и работа КриптоПРО CSP v 4.* 5.*

Всем, Здравствуйте!

Вроде бы где-то здесь, в текущей мною созданной когда-то давно теме, про КриптоПРО, я видел ранее, что люди пытались и пытаются устанавливать, данную утилиту, не только в Calculate-linux. И конкретно в Gentoo. Однако, следов и результатов таковых установок(и багов) я почему-то не нашёл. Потому и пишу про свои вопросы, снова в моей же теме.
Но, уже не про установку в Calculate-linux. Но, про установку именно в Gentoo.

# emerge --info
Portage 3.0.67 (python 3.12.10-final-0, default/linux/amd64/23.0/desktop, gcc-14, glibc-2.40-r8, 6.12.21-gentoo-dist x86_64)
=================================================================
System uname: Linux-6.12.21-gentoo-dist-x86_64-Intel-R-_Core-TM-_i7-2670QM_CPU_@_2.20GHz-with-glibc2.40
KiB Mem:    16267928 total,   5077576 free
KiB Swap:   49151996 total,  49151996 free
Timestamp of repository gentoo: Tue, 15 Apr 2025 07:30:00 +0000
Head commit of repository gentoo: 12c295157c2ff82f3ca8fde82d1345f24e8abcf2
Head commit of repository EmilienMottet: f3403396cd6541e930193a36a3cf5f66cd4cf564

Head commit of repository gentoo-zh: 8f78f0c53708d0787f3cde579594681dae462b2f

Head commit of repository yandex: 18de89beac22e5f8ad7a52bae961a8f5b71cb8e4

sh bash 5.2_p37
ld GNU ld (Gentoo 2.44 p1) 2.44.0
app-misc/pax-utils:        1.3.8::gentoo
app-shells/bash:           5.2_p37::gentoo
dev-build/autoconf:        2.13-r8::gentoo, 2.72-r1::gentoo
dev-build/automake:        1.17-r1::gentoo
dev-build/cmake:           3.31.5::gentoo
dev-build/libtool:         2.5.4::gentoo
dev-build/make:            4.4.1-r100::gentoo
dev-build/meson:           1.7.0::gentoo
dev-lang/perl:             5.40.0-r1::gentoo
dev-lang/python:           3.12.10::gentoo, 3.13.3::gentoo
dev-lang/rust-bin:         1.84.1-r2::gentoo
llvm-core/clang:           19.1.7::gentoo
llvm-core/lld:             19.1.7::gentoo
llvm-core/llvm:            19.1.7::gentoo
sys-apps/baselayout:       2.17::gentoo
sys-apps/openrc:           0.56::gentoo
sys-apps/sandbox:          2.39::gentoo
sys-devel/binutils:        2.44::gentoo
sys-devel/binutils-config: 5.5.2::gentoo
sys-devel/gcc:             14.2.1_p20241221::gentoo
sys-devel/gcc-config:      2.12.1::gentoo
sys-kernel/linux-headers:  6.12::gentoo (virtual/os-headers)
sys-libs/glibc:            2.40-r8::gentoo
Repositories:

gentoo
    location: /var/db/repos/gentoo
    sync-type: rsync
    sync-uri: rsync://rsync.gentoo.org/gentoo-portage
    priority: -1000
    volatile: False
    sync-rsync-extra-opts: 
    sync-rsync-verify-jobs: 1
    sync-rsync-verify-metamanifest: yes
    sync-rsync-verify-max-age: 3

EmilienMottet
    location: /var/db/repos/EmilienMottet
    sync-type: git
    sync-uri: https://github.com/EmilienMottet/overlay.git
    masters: gentoo
    volatile: False

gentoo-zh
    location: /var/db/repos/gentoo-zh
    sync-type: git
    sync-uri: https://github.com/microcai/gentoo-zh.git
    masters: gentoo
    volatile: False

localrepo
    location: /var/db/repos/localrepo
    masters: gentoo
    volatile: False

yandex
    location: /var/db/repos/yandex
    sync-type: git
    sync-uri: https://github.com/yandex-gentoo/overlay.git
    masters: gentoo
    volatile: False

Binary Repositories:

gentoobinhost
    priority: 1
    sync-uri: https://distfiles.gentoo.org/releases/amd64/binpackages/23.0/x86-64

ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="*"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/config /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/sandbox.d"
CXXFLAGS="-O2 -pipe"
DISTDIR="/var/cache/distfiles"
ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GDK_PIXBUF_MODULE_FILE GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR XDG_STATE_HOME"
FCFLAGS="-O2 -pipe"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs binpkg-multi-instance buildpkg-live config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync merge-wait multilib-strict network-sandbox news parallel-fetch pid-sandbox pkgdir-index-trusted preserve-libs protect-owned qa-unresolved-soname-deps sandbox strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-O2 -pipe"
GENTOO_MIRRORS="http://gentoo-mirror.alexxy.name/ \     http://mirror.mephi.ru/gentoo-distfiles/ \     http://mirror.yandex.ru/gentoo-distfiles/"
LANG="ru_RU.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,-z,pack-relative-relocs"
LEX="flex"
MAKEOPTS="-j6"
PKGDIR="/var/cache/binpkgs"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
SHELL="/bin/bash"
USE="X a52 aac acl acpi alsa amd64 bluetooth branding bzip2 cairo cdda cdr cet crypt cups dbus dri dts dvd dvdr elogind encode exif flac gdbm gif gpm gtk gui iconv icu jpeg kf6compat lcms libnotify libtirpc lock mad mng mp3 mp4 mpeg multilib ncurses nls ogg opengl openmp openrc pam pango pcre pdf png policykit ppds qml qt5 qt6 readline sdl seccomp session sound spell ssl startup-notification svg test-rust thunar tiff truetype udev udisks unicode upower usb vorbis vulkan wayland wxwidgets x264 xattr xcb xft xml xv xvid zlib" ABI_X86="64" ADA_TARGET="gcc_14" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_anon authn_dbm authn_file authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir env expires ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx mmx mmxext pclmul popcnt sse sse2 sse3 sse4_1 sse4_2 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax navcom oceanserver oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 tsip tripmate tnt ublox" GUILE_SINGLE_TARGET="3-0" GUILE_TARGETS="3-0" INPUT_DEVICES="libinput synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz glk hd44780 lb216 lcdm001 mtxorb text" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php8-2" POSTGRES_TARGETS="postgres17" PYTHON_SINGLE_TARGET="python3_12" PYTHON_TARGETS="python3_12" RUBY_TARGETS="ruby32" VIDEO_CARDS="nouveau" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipp2p iface geoip fuzzy condition tarpit sysrq proto logmark ipmark dhcpmac delude chaos account"
Unset:  ADDR2LINE, AR, ARFLAGS, AS, ASFLAGS, CC, CCLD, CONFIG_SHELL, CPP, CPPFLAGS, CTARGET, CXX, CXXFILT, ELFEDIT, EMERGE_DEFAULT_OPTS, EXTRA_ECONF, F77FLAGS, FC, GCOV, GPROF, INSTALL_MASK, LC_ALL, LD, LFLAGS, LIBTOOL, LINGUAS, MAKE, MAKEFLAGS, NM, OBJCOPY, OBJDUMP, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PYTHONPATH, RANLIB, READELF, RUSTFLAGS, SIZE, STRINGS, STRIP, YACC, YFLAGS
cat /var/db/repos/localrepo/app-crypt/cprocsp/cprocsp-5.0.13300.ebuild

# Copyright 1999-2020 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $

EAPI=7
inherit rpm

DESCRIPTION="Cryptopro package"
HOMEPAGE="http://www.cryptopro.ru"
SRC_URI="amd64? ( linux-amd64.tgz )"

LICENSE="Cryptopro"
SLOT="0"
KEYWORDS="~amd64"
IUSE="+kc1 +gui_gtk +readers +cptools stunnel +pkcs11 +import_ca +plugin +certprop +ifd-rutokens"

REQUIRED_USE="gui_gtk? ( kc1 )
    readers? ( kc1 )
    cptools? ( kc1 )
    pkcs11? ( kc1 )
    import_ca? ( kc1 )
    plugin? ( gui_gtk )
"

DEPEND=" sys-apps/pcsc-tools
    sys-apps/pcsc-lite
    sys-apps/lsb-release
    app-crypt/ccid
    app-arch/rpm2targz
    app-alternatives/bzip2
    app-arch/rpm"

RDEPEND="${DEPEND}"

RESTRICT="mirror strip"

src_unpack () {
    unpack ${A}
    cd ${WORKDIR}
    rm -rf *
    mkdir ${S}
    cd ${S}

    SUFF="${PV}-7"

if use kc1; then
rpm_unpack lsb-cprocsp-kc1-64-${SUFF}.x86_64.rpm
rpm_unpack lsb-cprocsp-base-${SUFF}.noarch.rpm
rpm_unpack lsb-cprocsp-capilite-64-${SUFF}.x86_64.rpm
rpm_unpack lsb-cprocsp-rdr-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-curl-64-${SUFF}.x86_64.rpm
fi

if use gui_gtk; then
rpm_unpack cprocsp-rdr-gui-gtk-64-${SUFF}.x86_64.rpm
fi

if use readers; then
rpm_unpack cprocsp-rdr-pcsc-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-emv-64-${SUFF}.x86_64.rpm
#rpm_unpack cprocsp-rdr-inpaspot-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-kst-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-mskey-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-novacard-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-edoc-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-rutoken-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-cloud-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-cpfkc-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-infocrypt-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-rosan-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-cryptoki-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-esmart-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-jacarta-64-${SUFF}.x86_64.rpm
rpm_unpack cprocsp-rdr-relay-64-${SUFF}.x86_64.rpm
fi

if use cptools; then
rpm_unpack cprocsp-cptools-gtk-64-${SUFF}.x86_64.rpm
fi

if use pkcs11; then
rpm_unpack lsb-cprocsp-pkcs11-64-${SUFF}.x86_64.rpm
fi

if use import_ca; then
rpm_unpack lsb-cprocsp-ca-certs-${SUFF}.noarch.rpm
rpm_unpack lsb-cprocsp-import-ca-certs-${SUFF}.noarch.rpm
fi

if use plugin; then
for i in "${DISTDIR}"/cprocsp-pki-*-1.amd64.rpm; do
rpm_unpack "${i}"
done
fi

if use certprop; then
rpm_unpack cprocsp-certprop-64-${SUFF}.x86_64.rpm
fi

if use ifd-rutokens; then
rpm_unpack ifd-rutokens_1.0.4_1.x86_64.rpm
fi

rm ${S}/lib64/ld-lsb-x86-64.so.3
}

src_install() {
    cp -vR ${S}/* ${D}/
    rm -f ${D}/etc/init.d/cprocsp
    cp -f ${FILESDIR}/cprocsp ${D}/etc/init.d/cprocsp
}

pkg_postinst() {
    chmod -R 777 /var/opt/cprocsp
    touch /etc/debian_version
    echo "jessie/sid" > /etc/debian_version
    cp -f ${FILESDIR}/config64.ini /etc/opt/cprocsp/config64.ini
    cp -f ${FILESDIR}/license.ini /etc/opt/cprocsp/license.ini
    mkdir /var/opt/cprocsp && mkdir /var/opt/cprocsp/tmp
    if test -z "";then
	if ! grep -q '/opt/cprocsp/lib/amd64' /etc/ld.so.conf;then
	echo "/opt/cprocsp/lib/amd64" > /etc/ld.so.conf.d/cprocsp-lib-amd64.conf
        fi
        /sbin/ldconfig -f /etc/ld.so.conf
    fi
    /bin/bash ${FILESDIR}/addcerts.sh
    rc-update add cprocsp default
    /etc/init.d/cprocsp start
}

pkg_prerm ()  {
    /etc/init.d/cprocsp stop
    rc-update del cprocsp default
    rm -Rv /etc/init.d/cprocsp
    rm -Rv /etc/debian_version
#    rm -Rv /var/opt/cprocsp
    rm -Rv /etc/opt/cprocsp
}

Обращаю внимание, для тех, кто знаком с данным .ebuild, что я редактировал его, в двух частях:

Первая часть(прежде всего):

DEPEND=" sys-apps/pcsc-tools
    sys-apps/pcsc-lite
    sys-apps/lsb-release
    app-crypt/ccid
    app-arch/rpm2targz"

Убрав здесь app-arch/rpm2targz и/или в различных вариациях, изменив либо дополнив в этом блоке, наличие ещё пары пакетов (app-alternatives/bzip2 и app-arch/rpm). С помощью которых, я надеялся, корректно распаковать (linux-amd64.tgz) и соответственно, убрать ошибку, при установке данного пакета.
Однако, мои пробы корректировки .ebuild, так ни к чему положительному и не привели.
И как видно, в выхлопе из строки.

Manifest, успешно создаётся.

# ebuild /var/db/repos/localrepo/app-crypt/cprocsp/cprocsp-5.0.13300.ebuild digest
>>> Creating Manifest for /var/db/repos/localrepo/app-crypt/cprocsp

Однако, конечный(иснтересующий) пакет (app-crypt/cprocsp-5.0.13300).
Так и не устанавливается.

# emerge -a =app-crypt/cprocsp-5.0.13300::localrepo

These are the packages that would be merged, in order:

Calculating dependencies... done!
Dependency resolution took 3.68 s (backtrack: 0/20).

[ebuild  N    ~] app-crypt/cprocsp-5.0.13300  USE="certprop cptools gui_gtk ifd-rutokens import_ca kc1 pkcs11 plugin readers -stunnel" 

Would you like to merge these packages? [Yes/No] 

>>> Verifying ebuild manifests

>>> Emerging (1 of 1) app-crypt/cprocsp-5.0.13300::localrepo
 * linux-amd64.tgz BLAKE2B SHA512 size ;-) ...                                                 [ ok ]
>>> Unpacking source...
>>> Unpacking linux-amd64.tgz to /var/tmp/portage/app-crypt/cprocsp-5.0.13300/work
>>> Unpacking lsb-cprocsp-kc1-64-5.0.13300-7.x86_64.rpm to /var/tmp/portage/app-crypt/cprocsp-5.0.13300/work/cprocsp-5.0.13300
/usr/bin/rpm2tar: line 157: /var/tmp/portage/app-crypt/cprocsp-5.0.13300/distdir/lsb-cprocsp-kc1-64-5.0.13300-7.x86_64.rpm: No such file or directory
rpm2tar: error: unable to locate cpio offset (broken/unknown compression?)
tar: This does not look like a tar archive
tar: Exiting with failure status due to previous errors
 * ERROR: app-crypt/cprocsp-5.0.13300::localrepo failed (unpack phase):
 *   failure unpacking /var/tmp/portage/app-crypt/cprocsp-5.0.13300/distdir/lsb-cprocsp-kc1-64-5.0.13300-7.x86_64.rpm
 * 
 * Call stack:
 *               ebuild.sh, line 136:  Called src_unpack
 *             environment, line 363:  Called rpm_unpack 'lsb-cprocsp-kc1-64-5.0.13300-7.x86_64.rpm'
 *             environment, line 329:  Called assert 'failure unpacking /var/tmp/portage/app-crypt/cprocsp-5.0.13300/distdir/lsb-cprocsp-kc1-64-5.0.13300-7.x86_64.rpm'
 *   isolated-functions.sh, line  18:  Called die
 * The specific snippet of code:
 *   		[[ ${x} -eq 0 ]] || die "$@"
 * 
 * If you need support, post the output of `emerge --info '=app-crypt/cprocsp-5.0.13300::localrepo'`,
 * the complete build log and the output of `emerge -pqv '=app-crypt/cprocsp-5.0.13300::localrepo'`.
 * The complete build log is located at '/var/tmp/portage/app-crypt/cprocsp-5.0.13300/temp/build.log'.
 * The ebuild environment file is located at '/var/tmp/portage/app-crypt/cprocsp-5.0.13300/temp/environment'.
 * Working directory: '/var/tmp/portage/app-crypt/cprocsp-5.0.13300/work/cprocsp-5.0.13300'
 * S: '/var/tmp/portage/app-crypt/cprocsp-5.0.13300/work/cprocsp-5.0.13300'

>>> Failed to emerge app-crypt/cprocsp-5.0.13300, Log file:

>>>  '/var/tmp/portage/app-crypt/cprocsp-5.0.13300/temp/build.log'

 * Messages for package app-crypt/cprocsp-5.0.13300:

 * ERROR: app-crypt/cprocsp-5.0.13300::localrepo failed (unpack phase):
 *   failure unpacking /var/tmp/portage/app-crypt/cprocsp-5.0.13300/distdir/lsb-cprocsp-kc1-64-5.0.13300-7.x86_64.rpm
 * 
 * Call stack:
 *               ebuild.sh, line 136:  Called src_unpack
 *             environment, line 363:  Called rpm_unpack 'lsb-cprocsp-kc1-64-5.0.13300-7.x86_64.rpm'
 *             environment, line 329:  Called assert 'failure unpacking /var/tmp/portage/app-crypt/cprocsp-5.0.13300/distdir/lsb-cprocsp-kc1-64-5.0.13300-7.x86_64.rpm'
 *   isolated-functions.sh, line  18:  Called die
 * The specific snippet of code:
 *   		[[ ${x} -eq 0 ]] || die "$@"
 * 
 * If you need support, post the output of `emerge --info '=app-crypt/cprocsp-5.0.13300::localrepo'`,
 * the complete build log and the output of `emerge -pqv '=app-crypt/cprocsp-5.0.13300::localrepo'`.
 * The complete build log is located at '/var/tmp/portage/app-crypt/cprocsp-5.0.13300/temp/build.log'.
 * The ebuild environment file is located at '/var/tmp/portage/app-crypt/cprocsp-5.0.13300/temp/environment'.
 * Working directory: '/var/tmp/portage/app-crypt/cprocsp-5.0.13300/work/cprocsp-5.0.13300'
 * S: '/var/tmp/portage/app-crypt/cprocsp-5.0.13300/work/cprocsp-5.0.13300'

Как видно, ошибка, на которую ругается система, это:

rpm2tar: error: unable to locate cpio offset (broken/unknown compression?)
tar: This does not look like a tar archive
tar: Exiting with failure status due to previous errors

И вторая часть корректировки .ebuild

И по мнению других коллег по Gentoo, выяснилось, что строка:

mv linux-amd64/* ${DISTDIR}

В блоке:

src_unpack () {
    unpack ${A}
    cd ${WORKDIR}
    rm -rf *
    mkdir ${S}
    cd ${S}

Во всяком случае и именно для Gentoo - является лишней. И подлежит удалению.
И вместе с тем, надлежит использовать rpm2tar для файлов, которые необходимо переместить. Правда сказать я так и не понял каким конкретно образом.

Так же дополню, что исходник скачивается с сайта разработчика www.cryptopro.ru. Непосредственно в директорию:

# ls -l /var/cache/distfiles/linux-amd64.tgz 
-rwxrwxrwx 1 sgd sgd 31845074 апр  5 16:03 /var/cache/distfiles/linux-amd64.tgz

Прошу помощи в установке утилиты, теперь уже в Gentoo.

Давеча выкатили дистрибутив СКЗИ промежуточной версии “5.0.13455”, в составе дистрибутива заявлен плагин версии “2.0.15400” и расширение v3-манифеста версии “1.3.3” (браузер “Chromium-Gost” также периодически обновляется, крайняя версия “135.0.7049.85”):

Добрый день.
С указанной Вами крайней версией “Chromium-Gost”, теперь не только в Calculate-linux, всё хорошо. Но, и в Gentoo.

А вот то, что касается, моего предыдущего поста, непосредственно с СКЗИ Крипто ПРО. Как видно пока не очень.
Поможете с установкой, теперь уже в Gentoo ?
И / или не Ваш профиль ?