The LibPKI Project is aimed to provide an easy-to-use PKI library for PKI-enabled application development. The library provides the developer with all the needed functionality to manage certificates, from generation to validation. It helps developers integrate X509 digital certificates into their applications, and implement complex cryptographic operations with a few simple function calls using a high-level cryptographic API. The library constitutes the core of other OpenCA Labs Projects like the PRQP Server, the OCSP Responder, and the OpenCA-NG PKI.
Engine_pkcs11 is an implementation of an engine for OpenSSL. It can be loaded using code, config file, or command line and will pass any function call by openssl to a PKCS#11 module. Engine_pkcs11 is meant to be used with smart cards and software for using smart cards in PKCS#11 format, such as OpenSC. Originaly this engine was a part of OpenSC, until OpenSC was split into several small projects for improved flexibility.
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
Oink is a collaboration of backends for the Elsa C and C++ frontend. It aims to be industrial-strength for immediate utility in finding bugs, extensible for ease in adding backends, and composable for ease in combining existing ones. It computes expression-level and type-level data flow, and statement-level intra-procedural control flow (by delegating to Elsa). It's easy to get started by using the two demo backends that print graphs of these flows. It also comes with a client of the data flow analysis that does type qualifier inference: Cqual++, a C/C++ frontend for Cqual. Whole-program analyses may be attempted using the linker imitator.
The OpenCA OCSP Responder is an RFC 2560 compliant OCSPD responder. It can be used to verify the status of a certificate using OCSP clients (such as Mozilla/Netscape7). The Responder is actually included in the main OpenCA distribution package. It is also possible to install the daemon as a stand-alone application, in which case you will need a CRL (or access to an LDAP server where the CRL can be obtained).
SPF is a new strategy for preventing junk mail. The present SMTP standard for email allows anyone to forge anyone else's email address. SPF verifies that the Sender address of an email message matches (according to some policy) the client IP address that submitted it. libspf2 is a complete and robust implementation of SPF which provides support for many MTAs. Support for new MTAs is in progress.
plugdaemon is a load-balancing "plug" proxy. It allows you to forward TCP connections to one or multiple hosts, using load balancing or failover, and to route the connections through an HTTPS proxy. Access control is done by source interface or by originating IP. Outgoing connections can be bound to a specific IP address.