The LibPKI Project is aimed to provide an easy-to-use PKI library for PKI enabled application development. The library provides the developer with all the needed functionalities to manage certificates, from generation to validation. The LibPKI Project enables developers with the possibility to implement complex cryptographic operations with a few simple function calls by implementing an high-level cryptographic API. The library constitutes the core of the OpenCA-NG Project, anyway we provide it as a separate package in order to encourage applications developers to use it in their packages.

As every available cryptographic package has its own advantages and drawbacks, a very high level library can prevent developers from making common errors when implementing quite complex functions (e.g. verification of digital certificates). Moreover availability of such a library will help application developers to easily build PKI-aware applications. Another interesting aspect to be considered is the productivity increase provided by the availability of libPKI. When switching from/to a different cryptographic library there is usually a learning period which (especially for OpenSSL) could be quite long. This leads to poor productivity initially and later difficulties should a change of the cryptographic provider be needed.

The libPKI design allows for the library to be linked against the preferred (or available) cryptographic library (e.g. OpenSSL, KMF, cryptlib, MS Crypto API, etc... ) at compile time once the low-level glue for the chosen library is provided.