Cryptlib

Cryptlib is a comprehensive security toolbox, developed and maintained by Peter Gutmann.

This cryptographic library is the foundation of the Crypto Bone Project. The Crypto Bone's basic components rely on the symmetric encryption framework that Cryptlib provides to store secret information and to produce encrypted messages in the OpenPGP message format.

Peter Gutmann's Description of Cryptlib

"Cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. The high-level interface provides anyone with the ability to add strong security capabilities to an application in as little as half an hour, without needing to know any of the low-level details that make the encryption or authentication work. Because of this, cryptlib dramatically reduces the cost involved in adding security to new or existing applications.

At the highest level, cryptlib provides implementations of complete security services such as S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure time-stamping. Since cryptlib uses industry-standard X.509, S/MIME, PGP/OpenPGP, and SSH/SSL/TLS data formats, the resulting encrypted or signed data can be easily transported to other systems and processed there, and cryptlib itself runs on virtually any operating system - cryptlib doesn't tie you to a single system. This allows email, files and EDI transactions to be authenticated with digital signatures and encrypted in an industry-standard format."

Fedora

With the adoption of the Crypto Bone Project as a separate package in Fedora, Cryptlib has now been accepted into a popular Linux distribution.
As the Crypto Bone uses only a small fraction of Cryptlib's features, a substantially reduced library (libclr.so.3.4.3) was created for private use by the cryptobone package for Fedora.

On the other hand, the comprehensive, original Cryptlib with all its functionality is also available as a separate package in Fedora from version 23 to bleeding edge rawhide. In additon to Fedora, RedHat Enterprise Linux can use Cryptlib via the EPEL-7 release. Primary processor architectures which avail of the shared library are x86_64, i686 and armv7hl.

So using Cryptlib with newer Fedora or RedHat releases is as easy as typing:

dnf install cryptlib*

Virtually any project can be based on Cryptlib as it supports a number of programming languages, including C/C++, Java, Perl and Python.

The license which is used in Fedora is the OSI approved open source Sleepycat license, that you'll find here.

The Cryptlib Hub

It is quite challenging to create a RPM or DEB package that can run on a number of different Linux distributions, because language bindings use certain versions of system libraries to work properly. Nevertheless I tried to produce these general Cryptlib packages for modern Linux distributions that are available from this download page:

THE CRYPTLIB HUB

Comprehensive Cryptlib packages prepared to run on
various modern Linux distributions

Documentation: How to get started

Peter Gutmann has writen an excellent 374 page manual for Cryptlib.

This manual provides code examples in C, Java, Python and other languages and detailed descriptions of the cryptlib security architecture, including the explanation of its high-, medium- and low-level interface. All information needed to add security services to existing applications is easily accessible with this manual.

The manual has a very liberal copyright notice, that allows commercial use under the condition that this extraordinary work isn't distributed for a fee.

Unfortunately, due to this use restriction it cannot be included in the Fedora distribution as a documentation package. But the good news is, that you can download this excellent manual as a PDF file from Peter's web page.

If you refer to the numerous code examples, you will be able to use Cryptlib in your own (commercial) projects quite easily.

Please contact me, if you need a helping hand to base your project on Cryptlib.