Do any replacements for CryptoAPI exist for Windows?

views:

118

answers:

+2 Q:

Do any replacements for CryptoAPI exist for Windows?

I am having major problems with cryptoAPI, and was wondering do you get any 3rd party / better solutions for windows?

Main problem I have with CryptoAPI is that its not OS independent enough. I can't find the right balance in my code to get stuff to work on Windows 2003 and Windows 2008+.

What I essentially want to achieve can be read about here. This is my only use for Cryptography at this stage.

+1 A:

CryptoAPI is a pain to use properly, if you are having problems, can I suggest Crypto++ ? The documentation isn't the best, but I've found it to be very powerful.

Without knowing more about what you are trying to achieve I can't be more help I'm afraid.

Konrad 2010-04-27 09:54:06

Do you think it could be used to strip a file of its certificate and just get to the text tile?

JL 2010-04-27 09:55:31

It certainly has the relevant methods, but I've mostly used it for the algorythm implementations so I can't say for sure I'm afraid.

Konrad 2010-04-27 09:56:58

+1 A:

Botan library - very nice library
gnu-tls/libgcrypt

Artyom 2010-04-27 10:17:51

+2 A:

Try Bouncy Castle, it's available in C# & Java: http://www.bouncycastle.org/

Quite a few vendors in our space use it in production.

Doobi 2010-04-27 10:52:43

Looks great, do you think it can tackle this problem - http://stackoverflow.com/questions/2720276/how-to-use-crypto-to-extract-the-textual-information-in-a-file

JL 2010-04-27 11:12:22

I'm afraid I can't answer that directly.

Doobi 2010-04-27 11:54:10

The question being tagged C/C++, this would require some interfacing...

Matthieu M. 2010-04-27 15:03:10

+1 A:

I could recommend OpenSSL http://www.openssl.org/. It is not only for SSL area, but for cryptography in whole. It has open source code. This fact can be very useful in some sinuations. It can be used also for Windows. Some compiled binaries for Windows you can find on http://www.slproweb.com/products/Win32OpenSSL.html.

Oleg 2010-04-27 13:13:45

I tried open SSL, but couldn't find a way to decode a CMS encoded file. What I want to do is here : http://stackoverflow.com/questions/2720276/how-to-use-crypto-to-extract-the-textual-information-in-a-file, couldn't find any way yet to do this easily using openSSL, but if you know how to please share.

JL 2010-04-27 13:38:51

I am sure that you find all you needed inside the code. Download the code from http://www.openssl.org/source/ and look at example from openssl-1.0.0\demos\sign or inside openssl-1.0.0\openssl-1.0.0\crypto\pkcs7 directories. You can use a command line utility http://www.openssl.org/docs/apps/openssl.html to see the possibilities of OpenSSL lirary. I recomend also look at http://www.madboa.com/geek/openssl/

Oleg 2010-04-27 13:57:35

Crypto++ is amazing in power, but suffers from its complexity and a lack of automation/documentation. It also suffers from a lack of debugging I think, when the check does not work, it just does not work, but you're given little hints as to what could cause the failure...

Anyway, since you are using C++, may I suggest Google Keyczar ?

It's meant to be easy to use, with safe defaults, yet allows customization.
It comes up with a complete Key Management system, which Crypto++ does not feature and which is complicated enough to code by oneself.
It's open source too, so the code can be audited.
It's portable even outside of the Windows environment.

I haven't, unfortunately, used it myself. I am currently stuck with Crypto++. But if I had the opportunity to choose right now, I think I'd invest time to experiment with Keyczar.

Matthieu M. 2010-04-27 15:02:31

ansaurus

tags:

views:

answers:

Do any replacements for CryptoAPI exist for Windows?

related questions