BSAFEeay is a free, public domain implementation of RSA Data Security's BSAFE API, using the SSLeay crypto library. BSAFEeay was developed based on the BSAFE API spec as found in public domain code such as SETREF.

PLEASE NOTE: Tim Hudson and Eric Young, the authors of SSLeay, are NOT responsible in any way for this code. The extension "eay" was chosen because SSLeay is used to implement BSAFEeay. Any questions or comments should be directed SOLELY to bsafeeay@cypherpunks.to. This notice has been added at the request of Tim Hudson and Eric Young due to the apparent misconception that they authored this code.

Please read the BSAFEeay FAQ:

• The BSAFEeay FAQ

On this page:

• Implemented Algorithm Info types
• Implemented Key Info types
• Implemented APIs
• Known Problems
• Download
• Contact the Authors

Currently BSAFEeay is about 50% implemented (by count of algorithm types supported, the set of functions is much closer to 100% done), however enough is implemented so that SETREF will compile and run. The implemented stuff is:

• Single DES
• RSA, except key generation
• SHA1
• MD5
• All combinations of RSA, MD5, and SHA1 (i.e. PKCS #11)
• Diffie-Hellman, except parameter generation
• PKCS #5 password based encryption (both MD5 and SHA1)

The Algorithm Info types fully implemented are:

• AI_DES_CBC_IV8
• AI_DES_CBCPadIV8
• AI_DES_CBCPadBER
• AI_MD5
• AI_MD5_BER
• AI_MD5WithDES_CBCPad
• AI_MD5WithDES_CBCPadBER
• AI_MD5WithRSAEncryption
• AI_MD5WithRSAEncryptionBER
• AI_SHA1
• AI_SHA1_BER
• AI_SHA1WithDES_CBCPad
• AI_SHA1WithDES_CBCPadBER
• AI_SHA1WithRSAEncryption
• AI_SHA1WithRSAEncryptionBER
• AI_RSAPublic
• AI_PKCS_RSAPublic
• AI_PKCS_RSAPublicBER
• AI_RSAPrivate
• AI_PKCS_RSAPrivate
• AI_PKCS_RSAPrivateBER
• AI_DHKeyAgree
• AI_MD5Random

The Key Info types fully implemented are:

• KI_Item
• KI_DES8
• KI_8Byte
• KI_RSAPublic
• KI_RSAPublicBER
• KI_PKCS_RSAPrivate
• KI_PKCS_RSAPrivateBER

Implemented APIs:

• B_CreateAlgorithmObject
• B_DestroyAlgorithmObject
• B_SetAlgorithmInfo
• B_GetAlgorithmInfo
• B_CreateKeyObject
• B_DestroyKeyObject
• B_SetKeyInfo
• B_GetKeyInfo
• B_DigestInit
• B_DigestUpdate
• B_DigestFinal
• B_RandomInit
• B_RandomUpdate
• B_GenerateRandomBytes
• B_KeyAgreeInit
• B_KeyAgreePhase1
• B_KeyAgreePhase2
• B_EncryptInit
• B_EncryptUpdate
• B_EncryptFinal
• B_DecryptInit
• B_DecryptUpdate
• B_DecryptFinal
• B_SignInit
• B_SignUpdate
• B_SignFinal
• B_VerifyInit
• B_VerifyUpdate
• B_VerifyFinal
• B_IntegerBits

KNOWN PROBLEMS:

This is a _very_ alpha code release. That said, everything above should work. The following are known problems, bugs, and improvements to make:

• Memory management is not complete, so B_Destroy* probably will not free all that it should.
• BER encoded RSA keys are currently assumed to be 1024 bit keys. Anything else will not work, and may choke horribly.
• B_GetKeyInfo only works for KI_RSAPublic.
• Anything not on the above lists will not work.
• B_Digest* handling of MD5_CTX and SHA_CTX structs leaves alot to be desired.
• Error codes are nearly nonexistent. -1 prevails.

There are some places for major improvements, which will be completed soon. Report bugs to bsafeeay@cypherpunks.to.

Downloading BSAFEeay:

Visit the download page:

• Download BSAFEeay

Contact the Authors:

The authors can be reached at bsafeeay@cypherpunks.to. Comments, suggestions, and bug reports are welcome. Get the authors' PGP public key here .