OPENSOURCE SECURITY AND IDENTITY MANAGEMENT SOLUTIONS
Get the New version Now!
The LibPKI Project is aimed to provide an easy-to-use PKI library for PKI enabled application development. The library provides the developer with all the needed functionalities to manage certificates, from generation to validation. The LibPKI Project enables developers with the possibility to implement complex cryptographic operations with a few simple function calls by implementing an high-level cryptographic API. The library constitutes the core of the OpenCA-NG Project, anyway we provide it as a separate package in order to encourage applications developers to use it in their packages.
As every available cryptographic package has its own advantages and drawbacks, a very high level library can prevent developers from making common errors when implementing quite complex functions (e.g. verification of digital certificates). Moreover availability of such a library will help application developers to easily build PKI-aware applications. Another interesting aspect to be considered is the productivity increase provided by the availability of libPKI. When switching from/to a different cryptographic library there is usually a learning period which (especially for OpenSSL) could be quite long. This leads to poor productivity initially and later difficulties should a change of the cryptographic provider be needed.
The libPKI design allows for the library to be linked against the preferred (or available) cryptographic library (e.g. OpenSSL, KMF, cryptlib, MS Crypto API, etc... ) at compile time once the low-level glue for the chosen library is provided.
LibPKI v0.6.7 (Papocchio)
by #madwolf @ 17.02.2012
The new version (v0.6.7/Papocchio) of LibPKI is available. Major changes over v0.6.5 are: fixed OCSP response initialization, added support for DNS url for retrieving DNS records via the simple URL_* interface, added initial support for Lightweight Internet Revocation Tokens (LIRTs) Download the new version for your system in the LibPKI download pages.
LibPKI v0.6.5 (Hope)
by #madwolf @ 03.06.2011
The new version (v0.6.5/Hope) of LibPKI is available. Major changes over v0.6.4 are: fixed a key-encoding error in OpenSSL, added new pki-siginfo tool to ease signature info gathering for X509 objs, added PKI_X509_KEYPAIR_get_curve() to get curve related to an EC key, added possibility to load any type of X509 objects by using PKI_X509_get() with PKI_DATATYPE_ANY as a type, fixed an error when setting the signature algorithm in PKI_X509_CERT_new(), enhanced support for ECDSA key management. Download the new version for your system in the LibPKI download pages.
LibPKI v0.6.4 (Broadway)
by #madwolf @ 15.02.2011
The new version (v0.6.4/Broadway) of LibPKI is available. Major changes over v0.6.3 are: fixed HTTP code (memory allocation error), enhanced command-line tool for CRL manipulation (pki-crl). Download the new version for your system in the LibPKI download pages.
LibPKI v0.6.3 (Viper)
by #madwolf @ 10.02.2011
The new version (Viper/v0.6.3) of LibPKI is available. Major changes over v0.6.1 are: extended support for ECDSA (via profile/keyParams in profile configuration files), fixed linker issues on Solaris, added pki-cert command line tool, fixed ocsp library code. Download the new version for your system in the LibPKI download pages.
by madwolf @ 19.11.2010
Due to a bug in Firefox (memory management), you should update the LibPKI to the new version of LibPKI (v0.6.1). If you are not planning on running an OCSP server, the fix is not required.
LibPKI v0.6.0 (Turkey)
by #madwolf @ 17.11.2010
The new version (Turkey/v0.6.0) of LibPKI is available. Major changes over v0.5.1 are: support for IPv6 in network calls, fixes for URL parsing and PKI_SSL_* interface enhancements. Get the new version for your system in the LibPKI download pages.
LibPKI v0.5.1 (Zoiberg)
by #madwolf @ 02.09.2010
The new version (Zoiberg/v0.5.1) of LibPKI is available. Major changes over v0.5.0 are: better support for OS independent Thread Management together with thread synchronization primitives (mutexes, condition variables, and r/w locks, LDAP interface fixes. Get the new version for your system in the download pages.
by #madwolf @ 27.08.2010
The new version (lulu/v0.5.0) of LibPKI is available for download. Many changes to the library and bug fixing over the old version. In particular: added support for different OSes (initial support for Win port), added PKI_SSL and support for easy SSL/TLS management, added support for Win LDAP API, added support for 64bit architectures, added safe URL encoding for HTTP GET protocol, added platform-independed thread management.
by #madwolf @ 24.03.2010
The new version (tiger/v0.4.1) of LibPKI is available for download. Many changes to the library and bug fixing over the old version. In particular: increased support for PRQP from IETF (draft-ietf-pkix-prqp-04.txt), extended support for PKCS#11 devices, added simple OCSP request/responses managing functionalities, introduced a new PKI_MSG interface for managing interactions between applications and CAs, added the PKI_X509 interface for generalized X509 objects management.
by #madwolf @ 19.04.2009The new version (tiger/v0.3.0) of LibPKI is available for download. Many changes to the library and bug fixing over the old version. In particular: added support for Cross Certificate Pair (for bridge PKI support) via pki-xpair tool, updated the PRQP module to the last specs from IETF (draft-ietf-pkix-prqp-03.txt), added full support for PKCS#11 devices, a new pki-tool allows user to easily manage their PKI TOKENs (eg., generate keys, sign requests, sign certificates, etc.).
by #madwolf @ 16.01.2009The new version (shark/v0.2.0) of LibPKI is available for download. Many changes to the library and bug fixing over the old version. In particular: a new graphical installer for different distributions (Linux/Fedora, Linux/Ubuntu, MacOS X/Darwin, etc.), updated the PRQP module to the last specs from IETF (draft-ietf-pkix-prqp-02.txt), fixed support for multi threaded applications (dynamic and static threads initialization for OpenSSL/ENGINE), fixed support for nChipher devices, updated PKCS11 driver (added Slot Interface and Slot info retrieval functionalities)