This is a list of full-featured, source-available cryptographic libraries that I am aware of. I choose to list source-available libraries because building a security toolkit is hard, and making the source available makes it easier to find and fix problems. I suggest that new systems should be built with a library whose source is available to the public for inspection. If you know of a library that isn't here, please let me know. I also have a list of non-source available libraries that is not as detailed. All of these libraries have approximately the same crypto functions and encodings, which is to say that they all support AES, SHA-1, RSA, DH, and DSA. All seem to be reasonably well documented, although openssl is trailing a little. Choice of one over another is largely a matter of language and license.
- Adam Back maintains a list of openpgp stuff, including GPG and libraries.
OpenCL. C++. BSD license. Supports most of the common PK algorithms (RSA, DH, DSA, NR, RW). No ECC yet. Supports AES, SHA-1, DES, PSS, OAEP, etc. 30+ pages of documentation (in LaTeX).
BouncyCastle is a Java library that provides JCE 1.2.1, suitable for JDK 1.4/1.5 and the Sun JCE. Released under an open license. It is hosted at
http://www.bouncycastle.org/
The borZoi library is an ECC library, designed for ease of use and a minimum risk of security problems due to incorrect use. There's C++ and Java libraries, and a Java Hyperelliptic curve lib. Also some COM components, but those are not open source.
Catacomb. Written in C, not much documentation. LGPL license.
Cryptix is the older and more mature of the Java libraries. It is licensed under a Berkeley style license. It is hosted at
www.cryptix.org.
PureTLS is an implementation of TLS and SSL in Java, built on top of Cryptix.
Cryptlib is written in C, and has a non-commercial use license, with commercial terms available on the web site. It includes extensive self-tests and hardware support.
Cryptlib home page
Crypto++ is written in C++, and is mostly public domain files, although there are a few restrictions on the use of the collection. Crypto++ includes a set of ECC functions. The Crypto++ home page.
The FlexiProvider is a powerful toolkit for the Java Cryptography Architecture (JCA/JCE). It provides cryptographic modules that can be plugged into every application that is built on top of the JCA.
Includes RSA, Rijndael, hashes in the CoreProvider, also has a ECprovider, PKCS #11. LGPL and others.
GNU Crypto, part of the GNU project, released under the aegis of GNU, aims at providing
free, versatile, high-quality, and provably correct implementations of cryptographic primitives and tools in the Java programming language for use by programmers and end-users.
|