Programming interface

cryptlib's application programming interface (API) serves as an interface to a range of plug-in encryption modules which allow encryption algorithms to be added in a fairly transparent manner, so that adding a new algorithm or replacing an existing software implementation with custom encryption hardware can be done without any trouble. The standardised API allows any of the algorithms and modes supported by cryptlib to be used with a minimum of coding effort.
cryptlib has been written to be as foolproof as possible. On initialization it performs extensive self-testing against test data from encryption standards documents, and the API's check each parameter and function call for errors before any actions are performed, with error reporting down to the level of individual parameters. In addition logical errors such as, for example, a key exchange function being called in the wrong sequence, are checked for and identified.
cryptlib is re-entrant and completely thread-safe, allowing it to be used with multithreaded applications under Windows 95/98, Windows NT, OS/2, and versions of Unix which support threading. Because it is thread-safe, lengthy cryptlib operations can be run in the background if required while other processing is performed in the foreground. In addition cryptlib itself is multithreaded so that computationally intensive internal operations take place in the background without impacting the performance of the calling application.
Most of the core algorithms used in cryptlib have been implemented in assembly language in order to provide the maximum possible performance. These routines provide an unprecedented level of performance, in some cases running faster than expensive, specialised encryption hardware designed to perform the same task. This means cryptlib can be used for high-bandwidth applications such as video/audio encryption and online network and disk encryption without the need to resort to expensive, hard-to-get encryption hardware.
cryptlibs powerful object management interface provides the ability to add encryption and authentication capabilities to an application without needing to know all the low-level details which make the encryption or authentication work. The automatic object-management routines take care of encoding issues and cross-platform portability problems, so that one or two function calls are enough to communicate public-key encrypted data with all the associated information and parameters needed to decrypt the data on the other side of a communications channel, or to digitally sign a piece of data. This provides a considerable advantage over other encryption toolkits which often require hundreds of lines of code and the manipulation of complex encryption data structures to perform the same task.


cryptlib Information / Peter Gutmann / pgut001@cs.auckland.ac.nz
Information last updated 21 May 1999