with the help of the utility in off-line mode with the further certification request (RSA Laboratories. PKCS #10: Certification Request Syntax Standard).

- The length of the digital signature should not surpass the length of the digital signature on the 512-bit key RSA.

That's why the library is applied for GOST 34.310-95, DSTU 4145-2002 and GOST 34.311, as well as for 512-bit RSA, SHA-1 (MD5).

Distribution of the signed certificates is carried out in the format PKCS#7 (RSA Laboratories. PKCS #10: Cryptographic Message Syntax Standard).

The main functions that are essential for signing/verifying the digital signature are:

RENEW_ZAH() - updates the open keys tables, creates and expands backup copies and reviews open keys tables;

INIT_ZAH() - performs the key system initializing. This function call is obligatory on every working place (PC) before signing/verifying the digital signature;

CLOSE_ZAH() - performs the key system de-initializing. This function call is obligatory after finishing work with the software module of signing/verifying the digital signature;

RSA_ZAH() - this is the function of signing/verifying the digital signature.

The certificate review utility allows controlling the certificates availability and terms of use both in the center and in the regions (from the point of view of its users):

Key Distribution Center (KDC) is assigned for receiving certificates and placing them into the local table of certificates both in the center and in the regions (from the point of view of their/its users):