Welcome to cryptlib
cryptlib is a powerful security toolkit which allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. The high-level interface provides anyone with the ability to add strong security capabilities to an application in as little as half an hour, without needing to know any of the low-level details which make the encryption or authentication work. Because of this, cryptlib dramatically reduces the cost involved in adding security to new or existing applications.cryptlib provides a transparent and consistent interface to a number of widely-used security services and algorithms which are accessed through a straightforward, standardised interface with parameters such as the algorithm and key size being selectable by the user. Included as core components are implementations of the most popular encryption and authentication algorithms, Blowfish, CAST, DES, triple DES, IDEA, RC2, RC4, RC5, Safer, Safer-SK, and Skipjack conventional encryption, MD2, MD4, MD5, RIPEMD-160 and SHA hash algorithms, HMAC-MD5, HMAC-SHA, HMAC-RIPEMD-160, and MDC-2 MAC algorithms, and Diffie-Hellman, DSA, Elgamal, and RSA public-key encryption, with elliptic-curve encryption currently under development.
On top of the basic encryption services, cryptlib provides an extensive range of high-level capabilities including full X.509 certificate handling with support for all X.509v3 and IETF PKIX certificate features as well as support for SET, Microsoft AuthentiCode, S/MIME, and SSL client and server certificates, handling of certification requests and CRL's including automated checking of certificates against CRL's, creation and processing of PKCS #7 certificate chains, and a full range of certification authority (CA) functions. Alongside the certificate handling, cryptlib provides a sophisticated key database interface which allows the use of a wide range of key database types ranging from simple PGP keyrings through to commercial-grade RDBMS's and LDAP directories with optional SSL protection. To complement its key management capabilities, cryptlib provides a complete S/MIME implementation with full-strength encryption, allowing email, files, and EDI transactions to be authenticated with digital signatures and encrypted in an industry-standard format.
In addition to its built-in capabilities, cryptlib can make use of the crypto capabilities of a variety of external crypto devices such as hardware crypto accelerators, Fortezza cards, PKCS #11 devices, and crypto smart cards. The crypto device interface also provides a convenient general-purpose plug-in capability for adding new functionality which will be automatically used by cryptlib.
cryptlib is supplied as source code for Unix (static and shared libraries), DOS, Windows 3.x, Windows 95/98, Windows NT, OS/2, BeOS, and the Tandem environment, and also as 16- and 32-bit Windows DLL's.
Please click on the topics to the left for more information.
For a more extensive overview of cryptlibs capabilities as well as information on commercial use, there is a cryptlib brochure available in Adobe Acrobat format.