Mission StatementTurboPower LockBox 3 is a FOSS Delphi Cryptographic Library, providing efficient private key encryption, public key encryption and hashing functions.
Main FeaturesThe main features of TPLB3 shall be:
- The user interface shall be clean and simple. For Ciphers and Hashes, two styles shall be provided: A component and an interface pointer.
- IV, salting of ciphers and signalling of IV's shall be managed and hidden from the developer-client.
- The main encryption functions shall be implemented in 100% native Delphi code. (TOpenSSL_Signatory component is the exception to the rule).
That is to say it shall not rely on links to third party libraries (at least as far as the core functionality is concerned).
- Supports Delphi/Pascal version:
- Delphi XE7; (platforms: Win 32-bit and Win 64-bit).
- Delphi 2010;
- Easy traceability to standards. Developers should be able to open cipher standards and open the respective implementing source code; put them side-by-side, and very quickly observer that one implements the other. The implementing source should borrow the style and symbols and the specifiying cipher standard.
- It shall be as easy as it can be to extend the library with new hashes and block ciphers.
- The selection, implementation and usage of ciphers shall be divorced from the chaining mode.
Important note about TurboPower LockBox 2TurboPower LockBox 3 IS NOT TurboPower LockBox 2 and the API is different.
TurboPower LockBox 2 was and is issued under MPL1.1. That has not changed.
TurboPower LockBox 3, from 3.0.0 to 3.1.0 was issued under LGPL3. LGPL is different to GPL. Please don't confuse it.
I have released LockBox 3.1.3 and onwards under a dual licensing scheme, much like SoftGems VirtualTrees. Users can choose to distribute it according to either the conditions of LGPL3 (*not* GPL, remember) or MPL1.1 .
LockBox 3 has no code in common with LockBox 2 and is a different library. The TurboPower LockBox 2 license has been fully respected. You are free to continue to use LockBox 2 as you have always done. It's MPL licensing has not and will never be changed.
LockBox 3 has the same core mission as LockBox 2. All of the main functions and features of Lockbox 2 are furnished in LockBox 3, but without copying a single line of code. The spirit of LockBox is its intended offering of features (AES, DES, 3DES, various chaining modes, MD5, SHA-1 and RSA). Because of this, it is right and proper that LockBox 3 is entitled "TurboPower LockBox 3". For various reasons relating to cryptographic integrity, if your project is in Delphi 2010 or later, I would recommend that you choose LB3 over LB2. However upgraders should be advised that the API is a lot different.
I also maintain Lockbox 2. Lockbox 2 continues to be offered and available on an MPL1.1 basis.
The LockBox forums are available for either Lockbox 2 or Lockbox 3 questions. The forums are activly managed.
Main functions and features of the two libraries.The main functions are:
|Function/Feature||TurboPower LockBox 2||TurboPower LockBox 3|
|3DES||yes||yes (both KO1 & KO2)|
|AES||Rijdnael, probably conforms||yes|
|RSA key sizes||128, 256, 512, 768, 1024||range 512 .. 4096|
|Chaining modes||ECB, CBC||ECB, CBC, CFB8, CFB, CTR, ECB, OFB, PCBC|
|RSA sign & verify (native code)||yes||yes|
|RSA sign & verify (OpenSSL wrapper)||no||yes for Win32 but marked experimental at this stage|
|SHA-2 family||no||yes, including the new SHA-512/224 & SHA-512/256|
|Win64 platform||no, but probably not too much work to adapt it.||yes|
|Bundled unit tests||no||yes, extensive set of test cases provided|
Grokk Your Cryptography Here!Caveat Emptor - For those upgrading from LB 3.4.1 or prior to LB 3.4.2 or post, please read the Caveat on the Grok page, linked below.
- Grok TurboPower LockBox - All about downloads and product acquisition.
- ReleaseHistory - The LB3 Project Release history.
What's new in 3.7.0 ?With 3.6.3 as the baseline, the 3.7.0 version delivers:
- Project heads for D10.1 Berlin, and XE8
- Added capability for clients to specify thier own IV for noncible block mode ciphers.
- Removed reliance on project settings for integer overflow.
- Conversion of unit test from the Dunit framework to the much better Dunit-m framework.
What's new in 3.6.3 ?With 3.6.2 as the baseline, the 3.6.3 version delivers:
- Updated read-me for XE7
- Modernise string and tbytes treatment in demo.
- Hardened Blowfish self-test for D2009 compiler.
What's new in 3.6.2 ?With 3.6.0 as the baseline, the 3.6.2 version delivers:
- Fix for non-unicode compilers (D2010 and earlier) THash.HashString() function. Wrapped BeginHash/EndHash around HashString().
- Includes package heads for Delphi XE7.
- Migrated hosting to GitHub.
What's new in 3.6.0 ?With 3.5.0 as the baseline, the 3.6.0 version delivers:
- Support for all compilers from Delphi 7 and up (although only package heads for D2010 and XE6 written at the moment).
- Support for Win32, Win64, Android, iOS, and OS X.
- A new include, TPLB3.Common.Inc, is included from all source files and defines conditionals used throughout the code base.
- Renamed uTPLb_D7Compatibility.pas to TPLB3.Compatibility.pas and added code needed by other compilers.
- Replaced legacy and platform-specific types (e.g. AnsiString, UTF8String, DWORD, etc.) with cross-platform types required by the next-generation mobile compilers.
- Implemented TStringHelper for platform-agnostic string manipulation, which resolves differences between 1-based strings in the legacy compilers and 0-based strings in the next-generation compilers.
- Functions that operate on strings now accept an Encoding parameter. I've kept this optional for backwards compatibility, but it should be made mandatory at some point in the future.
- Marked the following as deprecated in favor of new encoding-agnostic functions: TCodec.EncryptAnsistring, TCodec.DecryptAnsistring, TCodec.EncryptUtf8string, TCodec.DecryptUtf8string, THash.Hashutf8string, TStreamUtils.Stream_to_utf8string, TStreamUtils.utf8string_to_stream.
- Removed the ComponentPlatformsAttribute declaration from components (all except TOpenSSL), since they now work on all platforms.
- Added non-assembler fallback Pascal code to TRandom for use on mobile platforms.
- TNoncibleDecryptor now supports the OnSetIV event, like its encryptor counterpart.
What's new in 3.5.0 ?With 3.4.0 as the baseline, the 3.5.0 version delivers:
- Migrated code repository from SourceForge to GoogleCode
- Renamed unit suffix from uTPlb_ to TPLB3.
- Replaced most references to AnsiString, to Utf8String
- Added support for XE6, Win32 and Win62
- Removed support for all other compilers (other than XE6 and D2010). The return of support for other compilers will be coming soon.
- Removed the automated installer.
What's new in 3.4.0 ?With 3.3.0 as the baseline, the 3.4.0 version delivers:
- An OpenSSL wrapper for RSA functions, which include:
- Generate key pair
- Load/Save public/private keys in PEM format
- Sign and Verify
- Only works with a fairly recent version of libeay32.dll, namely, at least version 126.96.36.199 is required.
- Demo program enhanced to include demo of the OpenSSL wrapper.
- Optional UTF-8 password for TCodec with UNICODE enabled compilers.
- Delphi XE, XE2 support
- Win 64 platform support
- Installer support extended for Delphi XE, XE2
- Fixed bug in TRandomStream.Initialize() for the Delphi 7 compiler.
Limitations and known defects in 3.4.0 include
- DUnit test cases not yet covering the OpenSSL wrapper
- DUnit test cases not yet covering the 3DES Keying Option 2
- The installer not yet tested for Delphi XE nor Delphi XE2
- The Delphi XE project head may be versioned 3.3.0.X instead of 3.4.0
- Saving/Loading private keys from the TOpenSSL_Signatory component in encrypted format, not yet working. For now, save your private keys in the clear, and add your own encryption if required.
- Help wiki pages not yet updated for the OpenSSL wrapper component.
What is in the pipeline ?
- Merging with the Embarcadero maintained fork of the Lockbox3 library (and GetIt) on Git.
TurboPower LockBox 3 Help
The LockBox 3 help home page can be found here. Please be patient as the online help is still under construction.