 |
cryptlib's application programming interface (API) serves as an interface to a
range of plug-in encryption modules which allow encryption algorithms to be
added in a fairly transparent manner, so that adding a new algorithm or
replacing an existing software implementation with custom encryption hardware
can be done without any trouble. The standardised API allows any of the
algorithms and modes supported by cryptlib to be used with a minimum of coding
effort.
|
|
cryptlib has been written to be as foolproof as possible. On initialization it
performs extensive self-testing against test data from encryption standards
documents, and the API's check each parameter and function call for errors
before any actions are performed, with error reporting down to the level of
individual parameters. In addition logical errors such as, for example, a key
exchange function being called in the wrong sequence, are checked for and
identified.
|
|
cryptlib is re-entrant and completely thread-safe, allowing it to be used with
multithreaded applications under Windows 95/98, Windows NT, OS/2, and versions
of Unix which support threading. Because it is thread-safe, lengthy cryptlib
operations can be run in the background if required while other processing is
performed in the foreground. In addition cryptlib itself is multithreaded so
that computationally intensive internal operations take place in the background
without impacting the performance of the calling application.
|
|
Most of the core algorithms used in cryptlib have been implemented in assembly
language in order to provide the maximum possible performance. These routines
provide an unprecedented level of performance, in some cases running faster
than expensive, specialised encryption hardware designed to perform the same
task. This means cryptlib can be used for high-bandwidth applications such as
video/audio encryption and online network and disk encryption without the need
to resort to expensive, hard-to-get encryption hardware.
|
|
cryptlibs powerful object management interface provides the ability to add
encryption and authentication capabilities to an application without needing to
know all the low-level details which make the encryption or authentication
work. The automatic object-management routines take care of encoding issues
and cross-platform portability problems, so that one or two function calls are
enough to communicate public-key encrypted data with all the associated
information and parameters needed to decrypt the data on the other side of a
communications channel, or to digitally sign a piece of data. This provides a
considerable advantage over other encryption toolkits which often require
hundreds of lines of code and the manipulation of complex encryption data
structures to perform the same task.
|
|
