Free digital signature library in Delphi

3
votes

Are there any free libraries that implement digital signature? I need it to work in Delphi 2010 and to be portable. By portable I mean that the library implements the actual algorithms, rather than uses Windows API.

TurboPower LockBox doesn't work for me: here's an expalantion.

3
delphicryptographydigital-signature
I'm not sure if it was tlockbox, but one free Delphi library created very low quality key-pairs. This once again shows that it's a good idea to use well reviewed code like OpenSSL for crypto.CodesInChaos
The bug in Lockbox 3 has been fixed. It should work for you now. I presume that CodeInChaos is referring to Lockbox 2. Lockbox 3 goes to a lot of effort to create high quality key-pairs.Sean B. Durkin
Looked into the code again. Seems to be LockBox 2.07. And the problem is that(on windows) the PRNG is seeded with the current time in a way that obtains about 16 bits of entropy / 60000 distinct seeds. And thus only about 60000 distinct RSA keys are created for each set of settings. On Linux it's slightly better(but still broken) with 32 bits of entropy from /dev/random.CodesInChaos
Agreed about LB2. LB3 does things differently. You can choose between providing your own PRNG seed (and a demo program is provided to show how to get a true random seed with 64 bits of entropy), or use the default means, which is to call the MS CryptAPI (Microsoft Base Cryptographic Provider)'s CryptGenRandom function. If not available, then the RDTSC instruction will be used. This should give close to 64 bits of entropy. I agree, 32 bits of entropy is a completely broken implementation.Sean B. Durkin

3 Answers

4
votes

OpenSSL should work. It's free and runs on many different platforms. It isn't a "Delphi" library but rather just an API, but it could be called from a Delphi application.

2
votes

You've got a free and fast implementation available at http://sourceforge.net/projects/openstrsecii

I'm not sure it will work as is with Delphi 2010...

OpenSSL is a great project, and you've got a Delphi use at http://www.ararat.cz/synapse/doku.php/public:howto:sslplugin

1
votes

Not exactly free, but signing functions of our SecureBlackbox product need just any license for any package, and prices for some packages are below $100.

Note, that for this price you get quite extensive functionality that covers PKCS#1 and PKCS#7 signing and encryption using RSA, DSA (signing only) and Elliptic Curves, as well as symmetric encryption, extensive certificate support and much more.

Alternatively you can use interface to OpenSSL, which also offers wide range of functions and is free. However, it's API is far from easy to understand, and as with any free software, support is questionable.