[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
v0.2 SFL Interim Release

To: imc-sfl@xxxxxxx
Subject: v0.2 SFL Interim Release
From: jsp@xxxxxxxxxxxxx (John Pawling)
Date: Fri, 15 May 1998 16:53:47 -0400
Sender: owner-imc-sfl@xxxxxxx
All,

J.G. Van Dyke and Associates (VDA) has delivered the second interim release
(Version 0.2) of the S/MIME Freeware Library (SFL).  It has been
successfully tested with the Sun Solaris 2.6, MS Windows NT/95 and Linux
operating systems.  The SFL is a reference implementation of the IETF S/MIME
v3 CMS and ESS I-Ds.  We have made significant progress with the testing of 
the SFL.  The v0.2 SFL has been successfully used to sign,
verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA,
D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by
Government-furnished freeware.  The v0.2 SFL has also been used to sign,
verify, encrypt and decrypt CMS objects using the RSA suite of algorithms
provided by the RSA BSAFE library.  We were able to successfully encrypt and
decrypt (using 3DES) an envelopedData object that included copies of the
message key protected using Diffie-Hellman and RSA.  The SFL uses the SNACC 
ASN.1 Library to encode and decode CMS signedData and envelopedData objects.
The v0.2 SFL release includes: SFL High-level library; SFL Crypto++ Crypto
Token Interface Library (CTIL); BSAFE CTIL; VDA-enhanced GNU SNACC ASN.1
Compiler and Library; test drivers and test data.  

The v0.2 SFL release adds support for: authenticated attributes; ESS signed
receipts; local key encryption; encrypting private keys stored in PKCS#8
format using PKCS#5; signing/verifying multiple signerInfos in a signedData
object; revised CSM_List template class; enhanced test routines; bug fixes;
updated documents; BSAFE CTIL; and the capability to generate RSA
certificates.  

Although we have made significant progress with the development of the SFL,
this interim release of the SFL is NOT complete. We are still in the process
of developing and testing the SFL. Further releases will be provided (probably
on a montlky basis) as significant capabilities are added.  The SFL is being 
delivered incrementally to provide software as soon as possible to allow
developers
to: work with the API; begin integrating the SFL into their applications;
and to provide feedback to the ongoing SFL development process. The SFL
documents and software are still being developed and are subject to change.
The goal for completion of the SFL is June 1998. The stability of the S/MIME
v3 specifications is a prerequisite for meeting this delivery goal. 
  
Future releases will include: support for additional attributes; Fortezza
CTIL; additional helper functions; C API (in addition to C++ API); support
for other crypto libraries; and support for other operating systems.  The
SFL will be thoroughly tested and all memory leaks fixed.  Robustness
testing will be performed.  The SFL will be tested for interoperability with
S/MIME v2 and v3 products.  Other possible future enhancements include
support for Microsoft's CAPI and Open Group's Common Data Security
Architecture.  We will continue developing utilities to generate
certificates to be used as test data.

The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which
includes links to the SFL files stored on the VDA SFL Page
(http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza
Developer's S/MIME Page
(http://www.armadillo.huntsville.al.us/software/smime).  


The following SFL files are available at the Fortezza Developer's S/MIME
Page and VDA SFL Page:

1) Word 97 and Adobe Acrobat PDF files for the SFL Fact Sheet
(facsht.*), Software Design Description (SDD) (sfl_sdd.*), Application
Programming Interface (API) (sfl_api.*) and CTI API (cti_api.*) documents.
     
2) SFL Public License (ASCII text).
     
3) Compressed tar file containing SNACC ASN.1 Compiler and Library source
code that has
been enhanced by VDA to implement the Distinguished Encoding Rules.


The following SFL files are available at the Fortezza Developer's S/MIME Page:

SFL Hi-Level: 

1) Compressed tar file containing all source code except for CTILs.  This
includes: SFL
Hi-Level source code; VDA-enhanced SNACC ASN.1 Library source code;
SNACC-generated source code; makefiles; project files.

2) Zip file containing MS Windows NT/95 run time libraries for the SFL
Hi-Level library and SNACC ASN.1 library.


Crypto++ (a.k.a Free) CTIL:

1) Compressed tar file containing SFL Crypto++ CTIL source code, project
files and
makefiles.

2) Zip file containing MS Windows NT/95 run time library for Crypto++ CTIL.


BSAFE CTIL:

1) Compressed tar file containing SFL BSAFE CTIL source code, project files
and makefiles.

2) Zip file containing MS Windows NT/95 run time library for BSAFE CTIL.
  

TEST SW/DATA:

1) Compressed tar file containing test driver source code, sample CMS test
data and
test X.509 Certificates.  This file also includes test utilities to create
X.509 Certificates that each include a D-H, DSA or RSA public key.


Instructions for applying for an account on the Fortezza Developer's S/MIME
Page are available from that page.  An account is required to download the
SFL files from the Fortezza Developer's S/MIME Page due to U.S. export
restrictions.  See the U.S. Bureau of Export Administration's Commercial
Encryption Export Controls web site at http://www.bxa.doc.gov/encstart.htm
for more information regarding the U.S. export restrictions.  

All source code for the SFL is being provided at no cost and with no
financial limitations regarding its use and distribution. Organizations can
use the SFL without paying any royalties or licensing fees.  VDA is
developing the SFL under contract to the U.S. Government.  The U.S.
Government is furnishing the SFL software at no cost to the vendor subject
to the conditions of the "SFL Public License" available from the VDA SFL
Page and Fortezza Developer's S/MIME Page.
  
The SFL is composed of a high-level library that performs generic CMS and
ESS processing independent of the crypto algorithms used to protect a
specific object.  The SFL high-level library makes calls to an
algorithm-independent Crypto Token Interface API.  The underlying, external
crypto token libraries are not distributed as part of the SFL source code.
The application developer must independently obtain these libraries and then
link them with the SFL.  For example, the SFL uses the freeware Crypto++
library to provide 3DES, D-H and DSA.  To use the SFL with Crypto++ the
vendor must the Crypto++ freeware library from the Crypto++ Web Page
(http://www.eskimo.com/~weidai/cryptlib.html) and then compile it with the
SFL source code.  

The SFL software is developed to maximize portability to 32-bit operating
systems.  In the future, support may be added for the following operating
systems: Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and SCO ODT
3.0/5.0.

The IMC has established an SFL mail list which is used to: distribute
information regarding SFL releases; discuss SFL-related issues; and provide
a means for SFL users to provide feedback, comments, bug reports, etc.
Subscription information for the imc-sfl mailing list is at the IMC web site
listed above.

All comments regarding the SFL software and documents are welcome.  We
recommend that they be sent them to the imc-sfl mail list.  We will respond
to all messages on that list.

================================
John Pawling, jsp@xxxxxxxxxxxxx                             
J.G. Van Dyke & Associates, Inc.   
www.jgvandyke.com         
================================
Prev by Date: New restrictions on distributing the SFL
Next by Date: Win32 SNACC?
Previous by thread: New restrictions on distributing the SFL
Next by thread: Win32 SNACC?
Index(es):
- Date
- Thread