Add FTP and FTP-over-SSL client functions to your Windows application
FTPS (FTP-over-SSL) lets you download and upload files, create and delete files and directories, check directory structure and more. And all these operations can be performed over secure SSL / TLS tunnel.
SSLBlackbox includes a client-side component, which implements FTP (RFC 959) and FTP-over-SSL (RFC 2228) protocols for secure file transfer.
SSLBlackbox (ActiveX edition, part of SecureBlackbox software product) is a collection of ActiveX controls for FTP and FTPS support in your C++, Visual Basic, VBScript and VBA applications.
Why choose SSLBlackbox
- With SSLBlackbox you have complete control over the data being sent;
- SSLBlackbox offers you support for both FTP and FTP-over-SSL in both explicit and implicit modes;
- You can use GZip compression to speed-up download and reduce network traffic;
- Unlike CryptoAPI-based implementations of FTPS, SSLBlackbox offers support for the latest versions and features of SSL / TLS protocols such as AES and Camellia Cipher Suites, TLS extensions and more;
- Free individual or public support is available from the very beginning of your evaluation and development
Main features
- client-side component for FTP (RFC 959) and FTPS (RFC 2228) protocols;
- support for explicit and implicit SSL/TLS
;
- compression (MODE Z) support ;
- support for files over 4 Gb ;
- support for Cryptocards and USB Crypto Tokens ;
- royalty-free license ;
- free individual technical support
SSLBlackbox can be used separately or in one cost-saving SecureBlackbox package. You can use SecureBlackbox with Visual C++ (VC), Visual Basic (VB 6), Delphi, VBScript, Visual Basic for Applications or any other development tool that supports ActiveX controls or dynamically-linked libraries (DLLs). You can even use SecureBlackbox in .NET applications!
Download SecureBlackbox (ActiveX edition), which includes SSLBlackbox package
Compression gives an additional level of security and lets you increase transfer speed significantly and reduce the network load and storage space requirements. Synchronous operation mode gives you a linear programming approach without complicated callback functions. This approach saves your development time and reduces the number of errors.Asynchronous operation mode, on the other hand, gives you flexibility and complete control over your application communications.
Synchronous operation mode gives you a linear programming approach without complicated callback functions. This approach saves your development time and reduces the number of errors. Simple SecureBlackbox components can be used for reliable data transfer no matter what type of proxy or firewall is used to protect the network. You can process huge files and not be bound by restrictions of 32-bit environments. This feature works on both 32-bit and 64-bit systems without any limitations. Cryptographic hardware gains more and more popularity every day. If your software deals with X.509 certificates or PKI in general (RSA keys etc.), it is time to support cryptocards and USB tokens. SecureBlackbox was written from the ground up by EldoS Corporation developers. It doesn't use third-party code to implement it's cryptographic functions. This means that you are not bound by CryptoAPI or OpenSSL version when you need to use certain algorithm.At the same time it's possible to plug third-party security libraries and hardware modules by utilizing the pluggable architecture of SecureBlackbox. No royalties means the licensing procedure which is clear and easy to understand and manage. Pay for the license once and use it for development and deployment with no other payments. We provide free technical support via web-based Forum and HelpDesk. Support is available for everyone, and the requests from clients who purchased a license are given priority. Also you can use our extensive knowledgebase. With SSLBlackbox you get not just SSL support, but also feature-rich components for PKI support. This includes creation and management of X.509 certificates, certificate requests and CRLs, PKI-based data encryption and signing operations, digital timestamping and more.
You don't need a separate solution to generate and manage your certificates.
With the wide choice of encryption, authentication and key exchange algorithms supported by SSLBlackbox, you will be able to meet the security requirements and get compatibility with the wide choice of differently configured servers and clients. With SSLBlackbox you can secure not just common TCP communications, but also UDP-based data transfer or other message-based transfer protocols. This lets you secure the whole new class of communications, such as audio and video delivery over internet, various message-based distributed protocols etc. The widest possible protocol support lets you get all that you can from SSL / TLS and that your software is compatible with the widest choice of client and server software. SSL session resumption speeds up subsequent session initiation and reduces server and network load. Resumption is supported by many SSL / TLS clients and servers. Validation of the other party's certificate is usually much more than just verifying the cryptographic signature. Correct validation includes verification of validity of the certificate and all of it's issuer certficates, sometimes using CRLs (certificate revocation lists) and requests to the issuer servers using OCSP protocol. With SSLBlackbox you can build your own verification procedures easily. Usually only the server is authenticated during SSL / TLS handshake. But the situations when the client needs to authenticate itself using X.509 certificate become more and more often. Unfortunately most SSL/TLS and HTTPS or FTPS components don't provide support for client-side authentication.SSLBlackbox provides full support for client-side certificate authentication in it's server-side and client-side components.
Cryptographic hardware gains more and more popularity every day. If your software deals with X.509 certificates or PKI in general (RSA keys etc.), it is time to support cryptocards and USB tokens. Most SSL/TLS and HTTPS or FTPS components can't use the certificate with a private key stored on a cryptocard or USB token.SSLBlackbox is fully capable to use the cryptographic hardware (which doesn't export the private key) for SSL authentication of both clients and servers.
Originally SSL protocol used X.509 certificate for authenticating servers and clients. This type of authentication remains the most popular now. However various security needs and hardware limitations caused introduction of the alternative authentication methods. They are pre-shared key authentication (it can be named "password-based") and OpenPGP-based authentication (using OpenPGP keys instead of X.509 certificates).Each of the alternative authentication methods has it's own strengths and usage scenarios. SSLBlackbox provides full support for these new authentication methods.
TLS extensions are used to extend functionality of the TLS communication, transfer additional information and provide better service to the parties. SSL / TLS protocol offers the number of very useful features, which don't actually require TCP transport. The protocol can be used with any low-level transport protocols, and SecureBlackbox makes this possible. With the wide choice of encryption, authentication and key exchange algorithms supported by SSLBlackbox, you will be able to meet the security requirements and get compatibility with the wide choice of differently configured servers and clients. SSLBlackbox supports the keys of any length, used in modern computing. If you need more strength, you can generate and use 4096-bit keys without problems. Application-level protocols, such as HTTP, FTP and SMTP, can work in two modes - explicit and implicit. In implicit mode first SSL connection is established, then protocol connection is carried over the protected channel. In explicit mode the TLS connection parameters are negotiated using the command on the protocol level.SSLBlackbox supports implicit and explicit modes in FTP and SMTP client components. This lets you connect to greater number of servers which use SSL/TLS.
Originally FTP didn't specify the format, in which directory listing must be transferred. This produced the huge variety of directory listing (over 400 formats).MLST command has been added to FTP recently. Specification for this command describes the exact format of the listing. The exact format makes it possible to easily parse the directory listing.
As SSLBlackbox supports this command, you don't need to deal with the variety of the listing formats.
In some cases it is necessary to send a custom command, not defined in FTP protocol specification, but supported by the server. With SSLBlackbox this is possible to do. Most FTP servers support REST command, but not all clients are able to properly use this support. With SSLBlackbox you can transfer parts of the files.If the transfer is interrupted you can always resume it. And if you need to upload or download only a part of the file, you can transfer the needed part without the need to process the whole file.
While not very popular ourdays, FTP proxy servers are sometimes used. They are necessary when the client application is behind the firewall, but needs access to the outside world. Not all FTP clients support FTP proxies. With SSLBlackbox FTP proxies are not a problem. Some FTP servers are placed behind the firewall. When you connect to them in passive mode, they give you their LAN IP address for the data channel. With most clients such behaviour leads to impossibility to transfer the data. But not with SSLBlackbox, whose FTP component can detect such situation and adjust the address automatically, letting you successfully transfer the data.