Free Cryptographic / Encryption Libraries and Source Code

Putty: Win32 SSH / SFTP Client with Source Code Putty is not a library, but a set of programs that implement Secure Shell access, Secure FTP (SFTP), Telnet, etc. Since it is open source, employing things like strong authentication and secure sessions, it may be a useful source of information for your own internet software. TurboPower LockBox This cross-platform toolkit supports Windows and Linux X11 applications (and possibly other Unix X11 environments as well). It contains components and routines for Delphi, Kylix and C++Builders that support data encryption. Algorithms supported include Blowfish, RSA, MD5, SHA-1, DES, triple-DES, Rijndael AES (Advanced Encryption Standard), etc. It also provides support for digitally signing messages with the standard Digital Signature Algorithm (DSA). LockBox is open source. OpenSSL If you are writing an application (browser, email, server, etc) that requires the use of either Secure Sockets Layer (SSL versions 2 or 3), or Transport Layer Security (TLS version 1), you can obtain this free open source "commercial-grade" OpenSSL library. The library allows you to add cryptographic functionality to your programs, apparently both server programs as well as SSL supporting clients. You can use it in both commercial and non-commercial programs. This is the successor to the well-known SSLeay library. (Trivia: in case you don't see the connection, OpenSSL = Open plus SSLeay minus eay where "eay" stands for Eric Young, probably his initials.) OpenSSH This is not a library but an open source suite of programs that support Secure Shell access (SSH), namely ssh (which replaces telnet and rlogin), scp (which replaces rcp and ftp), sftp (Secure FTP, which also replaces ftp), sftp-server, sshd (server-side), etc. Since the programs are open source, providing strong authentication and secure sessions, it may presumably provide the base for your implementation of SSH. It is supports a wide number of operating systems: OpenBSD, NetBSD, FreeBSD, AIX, HP-UX, IRIX, Linux, NeXT, SCO, SNI/Reliant Unix, Solaris, Digital Unix/Tru64/OSF, and Mac OS X. In SSH1 mode, the encryption algorithms supported include 3DES and Blowfish. In SSH2, 3DES, Blowfish, CAST128, Arcfour, and AES are supported. Network Security Services Used in Netscape and Mozilla products, NSS (Network Security Services a.k.a Netscape Security Services) allows you to develop security-enabled server applications that support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #8, PKCS #9, PKCS #10, PKCS #11, PKCS #12, S/MIME, X 509 v3 certificates, RSA, DSA, Triple DES, DES, RC2, RC4, SHA-1, MD2, MD5, etc. The software is released under the Mozilla Public License and the GNU General Public License. GnuPG: The GNU Privacy Guard This is not a library but a fully functioning program that functions as a replacement for PGP. Since the primary function of the software is encryption, you can probably extract the encryption source code (released under the GNU GPL) for your own application if you wish. Crypto++: C++ Class Library Of Cryptographic Schemes This free C++ class library is a class hierachy with an API defined by the base abstract classes. It handles a large number of cryptographic schemes (including public key cryptography) and cipher modes. In no particular order, here's a list of some stuff supported: RC6, MARS, Rijndael, Twofish, Serpent, IDEA, DES, Triple DES (DES-EDE2 and DES-EDE3), DESX (DES-XEX3), RC2, RC5, Blowfish, Diamond2, TEA, SAFER, 3-WAY, GOST, SHARK, CAST-128, Square, CBC padded, CBC ciphertext stealing (CTS), CFB, OFB, counter mode, ARC4, SEAL, WAKE, Sapphire, BlumBlumShub, RSA, DSA, ElGamal, Nyberg-Rueppel (NR), BlumGoldwasser, Rabin, Rabin-Williams (RW), LUC, LUCELG, Elliptic Curve Cryptosystems, PKCS#1 v2.0, OAEP, PSSR, IEEE P1363 EMSA2, Diffie-Hellman (DH), Unified Diffie-Hellman (DH2), Menezes-Qu-Vanstone (MQV), LUCDIF, SHA-1, MD2, MD5, HAVAL, RIPEMD-160, Tiger, MD5-MAC, HMAC, XOR-MAC, CBC-MAC, DMAC, Luby-Rackoff, MDC, ANSI X9.17 appendix C, PGP's RandPool (for pseudo random number generation, PRNG), Shamir's secret sharing and Rabin's information dispersal schemes, DEFLATE (the gzip/zip/unzip compression), 32 bit CRC, prime number generation and verification, etc. Platforms supported include Win32, Unix and Macintosh. Cryptlib Use this library to add encryption and authentication services to your program. You can choose from a multitude of encryption and authentication algorithms: Blowfish, DES, triple DES, IDEA, Skipjack, CAST, AES, RC2, RC4, RC5, RIPEMD-160, SHA hash algorithms, HMAC-MD5, HMAC-SHA, HMAC-RIPEMD-160 Mac algorithms, Diffie-Hellman, DSA, Elgamal, RSA public key encryption, etc. There is also support for high-level capabilities like certificate handling, a database interface, S/MIME (allowing you to encrypt and authenticate, for example, email), etc. It can even make use of external crypto devices like hardware crypto accelerators. The library comes with source code for Unix, Windows 95/98/NT/2000/XP, Windows 3.x, MSDOS, OS/2, BeOS, Macintosh, and Tandem, with adaptations for VM/CMS and MVS mainframe environments.