Technical specification

1. Feature list
2. Available editions
3. Supported platforms
4. Development tools

Feature list

Miss a feature? Tell us about your idea using Wish List.

Most features or PKIBlackbox are included into all SecureBlackbox packages and they don't require a separate license. Those features, that require a license for PKIBlackbox, SecureBlackbox Standard or SecureBlackbox Professional, are marked as such.

Certificates - SecureBlackbox includes support for certificates in X.509 (versions 1-3) format. The following features and operations are offered:

• support for key length from 512 to 16384 bits;
• support for RSA, DSA and DH keys;
• support for Elliptic Curve Cryptography (ECC) - ECDSA keys;
• support for both standard (predefined) and custom certificate extensions (as defined by X.509 v3);
• saving and loading of X.509 certificates in DER, PEM (base64-encoded DER), PKCS#7, PKCS#8 and PKCS#12 (PFX) formats;
• saving and loading of private keys in DER, PEM (base64-encoded DER), PKCS#12 (PFX) and PVK formats;
• generation of self-signed and CA-signed certificates (PKIBlackbox license is required);
• validation of certificate integrity;
• (optional) FIPS-compliant operation mode

Certificate requests - SecureBlackbox supports creation and use of Certificate Requests in PKCS#10 format. Namely, the following operations are supported:

• generation of certificate requests and corresponding private keys;
• saving and loading of certificate requests in DER and PEM (base64-encoded DER) formats;
• saving and loading of private keys in DER, PEM (base64-encoded DER) and PVK formats;
• generation of certificates from certificate requests

Certificate Revocation Lists - SecureBlackbox provids support for Certificate Revocation Lists (CRL) according to RFC 3280, including

• creation and modification of CRLs (PKIBlackbox license is required);
• support for CRL extensions and CRL Item extensions;
• saving and loading of CRLs in DER and PEM (base64-encoded DER) formats;
• checking of certificate presence in CRL

Certificate Storages - with SecureBlackbox you can keep certificates in certificate storages. Certificate Storage management includes

• support for in-memory, file-based and system (Windows CryptoAPI) certificate storages;
• support for Cryptocards and USB Crypto Tokens via PKCS#11 and CryptoAPI interfaces (PKIBlackbox license is required for PKCS#11 interface);
• powerful search by various criteria, including issuer, subject, dates, e-mails and more;
• saving and loading of storages in PKCS#7 and PKCS#12 (PFX) formats;
• validation of certificates against certificates contained in the storage;
• multithreaded access to certificate storages;
• for Windows Certificate Storage - access to per-user and system-wide storages;
• for Windows Certificate Storage - access to system, registry and LDAP storages

Data encryption and signing - PKIBlackbox lets you encrypt, sign, decrypt and verify various data using X.509 certificates and offers

• implementation of CMS specification (RFC 3852);
• implementation of CAdES specification (RFC 5126);
• data encryption and decryption using RSA certificates and AES (128 to 256 bit), Triple DES (3DES), ARCFOUR, RC2, DES algorithms;
• data signing and verification using ECDSA (ECC-based), RSA and DSA certificates and HMAC, SHA512, SHA384, SHA256, SHA1, MD5, MD2 algorithms;
• data timestamping and timestamp verification using TSP (Timestamp Protocol, RFC 3161). Both TSP client and TSP server are available.

Code signing - with PKIBlackbox you can sign your executables and libraries in PE format using MS Authenticode™ technology and verify the signatures. Code signing with MS Authenticode™ is available in VCL and .NET editions. Code signing requires PKIBlackbox license.

Miss a feature? Tell us about your idea using Wish List.

Available editions

PKIBlackbox is available in several editions for various software platforms.

.NET edition. This edition of PKIBlackbox includes pure managed components, carefully optimized to achieve maximum performance, comparable to native processor code.
.NET edition requires .NET Framework 4.0, .NET Framework 3.5, .NET Framework 3.0, .NET Framework 2.0, .NET Framework 1.1, Silverlight 4, Silverlight 3, Mono 2.0, Mono 1.0, .NET CF (Compact Framework) 3.5, .NET CF 2.0, .NET CF 1.0.
.NET edition can be used on ASP.NET server systems, Windows desktop systems, Windows Mobile PDAs, Silverlight-enabled browsers, on Linux and MacOS X systems with Mono installed.

VCL edition. Blazingly fast native Delphi (Pascal) components for building native Windows and Linux applications. Usable with Delphi, C++ Builder or FreePascal (Win32 or x64, Linux/x86 or Linux/x64).
VCL edition works on any computer with Windows 98 and later or with Linux kernel 2.4 and later.

ActiveX/DLL edition. ActiveX controls and Dynamically-Linked Libraries are useable with virtually any development tool, which supports ActiveX or DLLs. This includes ASP web pages, Visual Basic 6 applications, native C/C++ applications for Windows, shell and server-side scripts.
ActiveX/DLL edition works on any computer with Windows 98 and later.

Supported platforms

• Windows:
  • Windows 2008 R2 Server (32-bit, 64-bit AMD64 and 64-bit Itanium)
  • Windows 7 (32-bit, 64-bit AMD64 and 64-bit Itanium)
  • Windows 2008 Server (32-bit, 64-bit AMD64 and 64-bit Itanium)
  • Windows Vista (32-bit, 64-bit AMD64 and 64-bit Itanium)
  • Windows 2003 Server (32-bit, 64-bit AMD64 and 64-bit Itanium)
  • Windows XP (32-bit, 64-bit AMD64 and 64-bit Itanium)
  • Windows 2000
• Silverlight:
  • Silverlight 4
  • Silverlight 3
• Microsoft .NET Framework:
  • .NET 4.0 (32-bit, 64-bit AMD64 and 64-bit Itanium)
  • .NET 3.5 (32-bit, 64-bit AMD64 and 64-bit Itanium)
  • .NET 3.0 (32-bit, 64-bit AMD64 and 64-bit Itanium)
  • .NET 2.0 (32-bit, 64-bit AMD64 and 64-bit Itanium)
  • .NET 1.1 (32-bit)
• .NET Compact Framework:
  • .NET CF 3.5
  • .NET CF 2.0
  • .NET CF 1.0
• Mono:
  • MONO 2.0
  • MONO 1.0
• Linux:
  • Linux distributions with kernel version 2.6 or later on x86 and x64 platforms

Development tools

Various editions of PKIBlackbox are used with different development tools:

.NET edition of PKIBlackbox can be used with

• MS Visual Studio 2010
• MS Visual Studio 2008
• MS Visual Studio 2005
• MS Visual Studio .NET 2003
• CodeGear RAD Studio 2010 (Delphi Prism)
• CodeGear RAD Studio 2009 (Delphi Prism)
• Borland Developer Studio 2006 (C# Builder personality)
• Borland Delphi 2005 (C# Builder personality)
• Borland Delphi 8
• Borland C# Builder
• MONO development tools

VCL edition of PKIBlackbox is offered for

• CodeGear RAD Studio 2010 (Delphi/Win32 and C++Builder personalities)
• CodeGear C++Builder 2010
• CodeGear Delphi 2010
• CodeGear RAD Studio 2009 (Delphi/Win32 and C++Builder personalities)
• CodeGear C++Builder 2009
• CodeGear Delphi 2009
• CodeGear RAD Studio 2007 (Delphi/Win32 and C++Builder personalities)
• CodeGear C++Builder 2007
• CodeGear Delphi 2007
• Borland Developer Studio 2006 (Delphi/Win32 and C++Builder personalities)
• Borland Delphi 2005 (Delphi/Win32 personality)
• Borland Delphi 4-7
• FreePascal 2.0.2 or later (Win32 and Linux / x86)

DLL/ActiveX edition can be used with

• MS Visual Basic 6 (ActiveX only)
• MS Visual C++ 6.0 (ActiveX and DLL)
• JScript and VBScript (ActiveX, not all controls)
• MS Visual Studio .NET and MS Visual Studio .NET 2003 via COM interop. Not recommended, use .NET edition instead
• Development tools, which support DLLs (DLL version of PKIBlackbox only)

Miss a feature? Tell us about your idea using Wish List.