PGP Corporation Logo
select United States productsPurchasedownloadssupportpartnersnewsroomcompanycareerscontact
.
.
/ Home / Solutions / PGP SDK / PGP SDK
.
Solutions
Overview
PGP Encryption Platform
PGP Universal Server
PGP Universal Gateway Email
PGP Whole Disk Encryption
PGP Endpoint
PGP NetShare
PGP Desktop Email
PGP Mobile
PGP Command Line
PGP® Support Package for BlackBerry®
PGP Desktop Home
PGP SDK
PGP SDK
SDK Pricing
SDK Request Form
FIPS Validation
Product Packages
PGP Global Directory
Upgrades & Licensing
Feature Request Form
PGP Glossary
  
PGP SDK
.

PGP Software Development Kit (SDK)

The PGP SDK allows developers to integrate comprehensive and mature PGP security technologies into their software.

The PGP SDK 3.0 includes a wide range of field-tested and standards-based encryption, digital signature, and encoding algorithms as well as a variety of secure network protocol implementations. The PGP SDK offers developers the same core crypto that is at the heart of other PGP products.

PGP SDK Licensing

The PGP SDK is available under several licenses.

  • The PGP SDK Weak-Link License
    Developers who create generally available software, shareware, or freeware and wish to link their product to a licensed desktop version of a PGP solution can use the SDK via the cost-free weak-link license. In this case, the developer does not ship any PGP libraries with the software, but is able to take advantage of the PGP libraries if they are present. Note: The PGP SDK weak-link license does not grant redistribution rights for any PGP software and is not for internal corporate use. For more information, click here.

  • PGP SDK Internal Desktop Use License
    Customers of PGP Desktop Professional or PGP Desktop Home can license the PGP SDK 3.0 to integrate with internally developed desktop applications. This SDK license requires the prior license of a PGP Desktop product on each desktop running the internally deployed desktop application. Customers wishing to integrate with server applications must use the PGP Internal Server License (PGP Command Line). For more information, click here. To purchase, click here.

    The PGP SDK Internal Desktop Use is subject to United States federal government export controls. Please provide the information requested in the SDK Request Form. Note: It is important that customers use proper legal names of all individuals and corporate entities to expedite granting of export clearance.

  • PGP SDK Internal Server License
    The PGP SDK Internal Server License is available for enterprises that want to use the SDK to automate PGP functions from within their internally developed applications. The PGP SDK is an alternative to the PGP Command Line product and is a C interface to the PGP .dlls.

    Licensing and pricing are dependent on and somewhat limited by use, so please specify your intention when sending your inquiry. For more information, click here.
  • PGP OEM Developers
    Developers who want to integrate PGP technologies into their products' feature set can be licensed to ship PGP SDK libraries with their products. With the ease of use of the PGP SDK, world-class branding, and competitive licensing options, adding security to a product offering has never been easier or more economical. For more information, click here.

PGP SDK: Technical Specifications

The PGP SDK is a C interface to the PGP crypto and key management libraries.

The PGP SDK supports the following operating systems:

  • Windows Vista (all 32-bit editions)
  • Windows Server 2003 SP1
  • Windows XP SP2 (32-bit and 64-bit editions)
  • Windows 2000 SP4
  • HP-UX 11i or above (PA-RISC only)
  • IBM AIX 5.2 or above
  • Red Hat Enterprise Linux 3.0 or above (x86 only)
  • Fedora Core 3 and above (x86_64)
  • Solaris 9 and 10 (SPARC only)
  • Mac OS X 10.4 or above (Universal Binary)

The PGP SDK provides the following core functions:

  • Local Key Management
    • Create, import, export, sign, & check validity of keys
    • Keyring management, such as adding, removing, & searching for keys
  • Ciphering and Authentication
    • Encrypt, decrypt, sign, & verify
  • Keyserver Access
    • Send, search for, & receive keys from a keyserver
  • User Interface
    • Provide a platform-local user interface for common PGP functions
  • Secure Network Protocols
    • TLS, IPSec, & SECSH
  • Random number generation
  • Big number management

The PGP SDK supports the following algorithms:

  • Ciphers
    • IDEA
    • TripleDES
    • CAST5
    • AES (128-, 182-, and 256-bit key lengths)
    • Twofish (256-bit key length)
  • Hashes
    • MD5
    • SHA-1
    • RIPEMD160
    • SHA-2 (256-, 384-, and 512-bit key lengths)
  • Public Key Algorithms
    • RSA
    • Diffie-Hellman
    • DSA

PGP SDK: Frequently Asked Questions (FAQ)

What key management functions are available from the PGP SDK?
The PGP SDK provides access to key management functions that allow applications to create, sign, add, remove, search for, and check the validity of keys on disk-based or in-memory keyrings. It also includes functions for checking and setting key property values according to the PGP "Web of Trust" model as well as functions that import and export keys to files and buffers.

The PGP SDK also provides access to functions that support communication with HTTP and LDAP keyservers and that allow developers to search for, add, disable, and delete keys on those servers. In addition, the PGP SDK includes functions for connecting to secure severs using Transport Layer Security (TLS, a protocol based on SSL).

Do I have to use a key from a key certificate when encrypting?
No. Your alternative is to use our conventional encryption option to encrypt data to a passphrase instead of a PGP key. Practically speaking, PGP keys exist only in the form of key certificates.

Can I use the PGP SDK to generate keys or do I need a keyserver for that?
Yes. You can generate a keypair with PGP API calls available in the PGP SDK. Key generation is generally a client-based operation, not a server-based operation, and PGP Corporation's Keyserver product does not generate keys. In the PGP scheme, a keyserver is just a central repository of keys for management and control. When a user generates a public key and then wants to publish it, he or she submits it to a keyserver.

Can I encrypt to more than one key?
Yes. You can encrypt data to any number of keys using the APIs available in the PGP SDK.

Is it possible to encrypt on one platform, say Windows 2000, and decrypt on another, say Solaris?
Yes. The PGP cryptosystem is completely platform-independent. Data encrypted on any platform can be decrypted on any other platform as long as the recipient's correct public key is used for the encryption.

Does the PGP SDK include a random number generator?
The PGP SDK includes functions to generate and manage a pool of random numbers seeded from keystrokes and mouse movements and provides both cryptographically strong pseudo-random numbers and true random numbers based on external events. The PGP SDK internal pseudo-random number generator (RNG) is based on ANSI X9.17.

Does the PGP SDK support Microsoft Visual Basic?
No. The PGP SDK does not currently support Visual Basic (VB). You will need to write an appropriate wrapper layer to use the PGP libraries from VB.

Does the PGP SDK support Java?
No. The PGP SDK does not currently support Java.

For additional information about licensing the PGP SDK via either the weak-link license or as an OEM, please click here.

 .
.

"The PGP® Encryption Platform is solid technology with an open architecture that has been scrutinized by industry experts. It has a very good reputation and fulfills all our requirements."

Chris Leach, Chief Information Security Officer (CISO), ACS

.
.