Cryptlib

Last updated
cryptlib
Developer(s) Peter Gutmann
Initial release1995 (1995)
Stable release 3.4.8 (2025;0 years ago (2025) [1] ) [±]
Repository
Written in C
Type Security library
License Sleepycat (Berkeley Database) License [2] [3]
Website github.com/cryptlib/cryptlib OOjs UI icon edit-ltr-progressive.svg

cryptlib is an open-source cross-platform software security toolkit library. It is distributed under the Sleepycat License, [2] a free software license compatible with the GNU General Public License. [3] Alternatively, cryptlib is available under a proprietary license for those preferring to use it under proprietary terms. [4]

Contents

Features

cryptlib is a security toolkit library that allows programmers to incorporate encryption and authentication services to software. It provides a high-level interface, so that strong security capabilities can be added to an application without needing to know many of the low-level details of encryption or authentication algorithms. Extensive documentation in the form of a 400+ page programming manual is available. [5]

At the highest level, cryptlib provides implementations of complete security services such as S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, SCVP, RTCS, OCSP, and other security operations such as secure timestamping. Since cryptlib uses industry-standard X.509, S/MIME, PGP/OpenPGP, and SSH/SSL/TLS data formats, the resulting encrypted or signed data can be easily transported to other systems and processed there, and cryptlib itself runs on many operating systems—all Windows versions and most Unix/Linux systems. This allows email, files, and EDI transactions to be authenticated with digital signatures and encrypted in an industry-standard format.[ citation needed ]

cryptlib provides other capabilities including full X.509/PKIX certificate handling (all X.509 versions from X.509v1 to X.509v4) with support for SET, Microsoft AuthentiCode, Identrus, SigG, S/MIME, SSL, and Qualified certificates, PKCS #7 certificate chains, handling of certification requests and CRLs (certificate revocation lists) including automated checking of certificates against CRLs and online checking using RTCS and OCSP, and issuing and revoking certificates using CMP and SCEP. It also implements a full range of certification authority (CA) functions provides complete CMP, SCEP, RTCS, and OCSP server implementations to handle online certificate enrolment/issue/revocation and certificate status checking. Alongside the certificate handling, it provides a sophisticated key storage interface that allows the use of a wide range of key database types ranging from PKCS #11 devices, PKCS #15 key files, and PGP/OpenPGP key rings to commercial-grade RDBMS and LDAP directories with optional SSL protection.[ citation needed ]

cryptlib can make use of the cryptographic capabilities of a variety of external cryptographic devices such as hardware cryptographic accelerators, Fortezza cards, PKCS #11 devices, hardware security modules (HSMs), and cryptographic smart cards. It can be used with a variety of cryptography devices that have received FIPS 140 or ITSEC/Common Criteria certification. The cryptographic device interface also provides a general-purpose plug-in capability for adding new functionality that can be used by cryptlib.

cryptlib is written in C and supports BeOS, DOS, IBM MVS, Mac OS X, OS/2, Tandem, a variety of Unix versions (including AIX, Digital Unix, DGUX, FreeBSD/NetBSD/OpenBSD, HP-UX, IRIX, Linux, MP-RAS, OSF/1, QNX, SCO UnixWare, Solaris, SunOS, Ultrix, and UTS4), VM/CMS, Windows 3.x, Windows 95/98/ME, Windows CE/PocketPC/SmartPhone and Windows NT/2000/XP/Vista. It is designed to be portable to other embedded system environments. It is available as a standard DLL. Language bindings are available for C / C++, C# / .NET, Delphi, [6] Java, Python, and Visual Basic (VB).

Algorithm support

Ciphers
AlgorithmKey sizeBlock size
AES 128/192/256128
Blowfish 44864
CAST-128 12864
ChaCha20 128 / 2568
DES [7] 5664
Triple DES 112 / 16864
IDEA [8] 12864
RC2 [9] 102464
RC4 [9] 20488
Hashes
AlgorithmDigest size
MD5 [7] 128
SHA-1 160
SHA-2 256 / 384 / 512
MACs
AlgorithmKey sizeDigest size
HMAC-MD5 128128
HMAC-SHA-1 160160
HMAC-SHA-2 256256 / 384 / 512
Poly1305 128128
Public-key
AlgorithmKey size
Diffie–Hellman 4096
DSA 4096
ECDSA 256 / 384 521
ECDH 256 / 384 / 521
Elgamal 4096
RSA 4096

Release History

See also

References

  1. Gutmann, Peter (May 1, 2025). "cryptlib". Github. Retrieved 2025-08-02.
  2. 1 2 "Security FAQ". Archived from the original on 2018-06-29. Retrieved 2018-11-02.
  3. 1 2 "License list". Archived from the original on 2009-07-16. Retrieved 2018-11-02.
  4. "Enterprise cryptlib". Archived from the original on 2011-06-08. Retrieved 2025-03-31.
  5. cryptlib user manual
  6. "Cryptlib AddOn's for Delphi programmers". cryptlib.sogot.de. Archived from the original on 2008-03-17. Retrieved 2008-04-07.
  7. 1 2 Disabled by default due to its insecurity
  8. Disabled by default due to it being patented
  9. 1 2 Disabled by default due to it being obsolete
  10. "cryptlib 3.4.8". 2025-05-01. Retrieved 2025-08-02.
  11. Gutmann, Peter (August 21, 2018). "cryptlib 3.4.4 update 1 released" (Mailing list). Retrieved 2019-08-07.
  12. Gutmann, Peter (January 10, 2018). "cryptlib 3.4.4 released" (Mailing list). Retrieved 2019-08-07.
  13. Gutmann, Peter (March 25, 2016). "cryptlib 3.4.3 released" (Mailing list). Retrieved 2019-08-07.
  14. Gutmann, Peter (December 17, 2012). "cryptlib 3.4.2 released" (Mailing list). Retrieved 2019-08-07.
  15. Gutmann, Peter (July 27, 2011). "cryptlib 3.4.1 released" (Mailing list). Retrieved 2019-08-07.
  16. Gutmann, Peter (October 6, 2010). "cryptlib 3.4.0 released" (Mailing list). Retrieved 2019-08-07.
  17. Gutmann, Peter (July 3, 2008). "cryptlib 3.3.2 released" (Mailing list). Retrieved 2019-08-07.
  18. Gutmann, Peter (February 1, 2007). "cryptlib 3.3.1 released" (Mailing list). Retrieved 2019-08-07.
  19. Gutmann, Peter (September 13, 2006). "cryptlib 3.3 released" (Mailing list). Retrieved 2019-08-07.
  20. Gutmann, Peter (August 29, 2006). "cryptlib 3.2.3a released" (Mailing list). Retrieved 2019-08-07.
  21. Gutmann, Peter (July 10, 2006). "cryptlib 3.2.3 released" (Mailing list). Retrieved 2019-08-07.
  22. Gutmann, Peter (September 6, 2005). "cryptlib 3.2.2 released" (Mailing list). Retrieved 2019-08-07.
  23. Gutmann, Peter (August 9, 2005). "cryptlib 3.2.1 released" (Mailing list). Retrieved 2019-08-07.
  24. Gutmann, Peter (April 18, 2005). "cryptlib 3.2 released" (Mailing list). Retrieved 2019-08-07.
  25. Gutmann, Peter (December 13, 2003). "cryptlib 3.1 released" (Mailing list). Retrieved 2019-08-07.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.