The LibPKI Project is aimed to provide an easy-to-use PKI library for PKI-enabled application development. The library provides the developer with all the needed functionality to manage certificates, from generation to validation. It helps developers integrate X509 digital certificates into their applications, and implement complex cryptographic operations with a few simple function calls using a high-level cryptographic API. The library constitutes the core of other OpenCA Labs Projects like the PRQP Server, the OCSP Responder, and the OpenCA-NG PKI.
The OpenCA Project is a collaborative effort to develop a robust, full-featured and Open Source out-of-the-box Certification Authority implementing the most used protocols with full-strength cryptography world-wide. OpenCA is based on many Open-Source Projects. Among the supported software is OpenLDAP, OpenSSL, Apache Project, Apache mod_ssl.
RealMe is a software suite that uses an image-based public key infrastructure (PKI) that embeds cryptographic information in a digital image and then exchanges pieces of that image between a user and a Web application to accomplish a strong, bi-directional multi-factor authentication. This technology combines steganography with applied cryptography, and results in a secure yet low-cost solution for Web sites that exchange confidential information with their users.
SignPDF is a simple command line application to sign a PDF document. It can sign a PDF document with a valid certificate, encrypt/protect a PDF document, and timestamp a PDF document (optional feature). A JKS keystore with a cert signed by your desired CA is mandatory for use. The tsa_url of a timestamp server can be used to timestamp your documents. The signed PDF file is signed and protected with allowed restrictions to printing, content copying, and content copying for accessibility. By default, SignPDF creates a configuration file at ~/.signpdf, which can be edited for further use.
TimeGT is powerful life and task management software that keeps data in sync using a secure server. It offers numerous ways to organize tasks, ideas, and notes. It will suit a wide range of time management techniques used by different people. The following filters are available and can be used in any combination: a project tree of arbitrary depth; task life-cycle supporting Timing folders (supports GTD method); any number of Tags added to a task and used for filtering; and a Start and Due dates based Horizon filter. It keeps tasks up-to-date between any number of computers. Tasks are mediated through the dedicated secure Sync server, and are protected when they travel over the Internet (RSA of adequate length is used). Information is accessible everywhere.
XCA is an interface for managing RSA and DSA keys, certificates, certificate signing requests, revocation lists and templates. It uses the OpenSSL and Qt4 libraries. Certificates and requests can be created and signed and many x509v3 extensions can be added. XCA supports multiple root and intermediate Certificate authorities. The CAs can be used to create CRLs and extend certificates. The following file-formats are supported: PEM, DER, PKCS#7, PKCS#8, PKCS#10, PKCS#12, and SPKAC.
ecca-proxy is a Web proxy server that transparently handles Eccentric Authentication key and certificate management. Eccentric Authentication is a protocol designed to make using client certificates easy, secure, and private. The proxy handles the difficult cryptographic details and provides an easy to use interface to the user.
nsLight PKI is a CGI script that uses OpenSSL to provide Public Key Infrastructure operations. Its features include key ceremony workflow for initialization, requesting of certificates in centralized mode (PKCS#12 generation), certificate view and revocation,CRL generation (at revocation time and once a day by cron job), certificate expiration notifications, and UTF-8 support. It has built-in support for RSA/SHA-1/3DES and GOST R 34.10-2001, GOST 28147-89, and GOST R 34.11-94, the cryptographic provider being OpenSSL 1.0. The script is used both as Web-based interface and cron task.