From xs4all!Leiden.NL.net!sun4nl!EU.net!howland.reston.ans.net!vixen.cso.uiuc.edu!news.uoregon.edu!waikato!auckland.ac.nz!news Fri May 10 17:27:21 1996 Path: xs4all!Leiden.NL.net!sun4nl!EU.net!howland.reston.ans.net!vixen.cso.uiuc.edu!news.uoregon.edu!waikato!auckland.ac.nz!news From: pgut001@cs.auckland.ac.nz (Peter Gutmann) Newsgroups: sci.crypt,alt.security.pgp,comp.security.misc Subject: Free encryption library for Unix/DOS/Windows released Followup-To: sci.crypt Date: 9 May 1996 14:22:37 GMT Organization: University of Auckland Lines: 45 Sender: pgut001@cs.auckland.ac.nz (Peter Gutmann) Message-ID: <4msv3d$gph@net.auckland.ac.nz> NNTP-Posting-Host: kiwi.cs.auckland.ac.nz X-Newsreader: NN version 6.5.0 #4 (NOV) Xref: xs4all sci.crypt:32991 alt.security.pgp:51273 comp.security.misc:23715 Version 1.10 of the cryptlib encryption library is now available as ftp://garbo.uwasa.fi/pc/security/crypl110.zip. This encryption library provides a universal interface to a number of conventional and public-key encryption algorithms. The library currently supports encryption algorithms MDC/SHS (CFB mode), DES, triple DES, IDEA, RC2, RC5, SAFER, SAFER-SK, Blowfish, and Blowfish-SK (all in ECB, CBC, CFB, OFB, and PCBC modes) and RC4, and hash algorithms MD4, MD5, and SHA. All routines are accessed through a single standardised interface with parameters such as algorithm, mode and key size being selectable by the user. The library is supplied as source code for Unix, DOS, Windows, and the Amiga, and also as 16- and 32-bit Windows DLL's. The design goal for the library was to create an easy-to-use, standardised interface to a number of popular encryption algorithms. Like the standard C file I/O libraries which work with FILE objects, this library works with an "encryption context" of type CRYPT_CONTEXT. To encrypt data, you create an encryption context, load a user key into it, en/decrypt data, and destroy it when you've finished. This concept lends itself to implementation either as a C++ class or as C routines. The library implements a security perimeter around the encryption functions, with encryption contexts consisting of an arbitrary handle referring to (hidden) data held within the library. No outside access to state variables or keying information is possible, provided the underlying OS provides some form of memory protection. The library has been written to be as idiot-proof as possible. On initialization it performs extensive self-testing against test data from encryption standards documents, and the API's check each parameter and function call for errors before any actions are performed, with error reporting down to the level of individual parameters. The library API serves as an interface to a range of plug-in encryption modules which allow encryption algorithms to be added in a fairly transparent manner. The standardised API allows any of the algorithms and modes supported by the library to be used with a minimum of coding effort. As such the main function of the library is to provide a standard, portable, easy-to-use interface between the underlying encryption routines and the user software. All code is plain ANSI C, with no machine or OS-specific functions or calls being used. The library is free for any use (including commercial) with a few minor restrictions as explained in the docs. Peter.