FTPSBlackbox

Secure file transfer to and from network and remote file systems

FTPSBlackbox
  • Supported Platforms

  • .NET.NET

    Pure managed and integrated components, carefully optimized to achieve maximum performance comparable to native processor code. The .NET edition can be used on .NET and Mono server and desktop platforms, in ASP.NET applications, and on mobile devices.

  • .NETJava

    Highly integrated Java security library including numerous classes to enable support for a wide range of application-level protocols, security algorithms, and standards. You can use Java security libraries to develop software for desktop and server platforms, mobile devices, and Web applications.

  • .NETC++

    A shared library (.dll on Windows and .so on Linux / macOS) and set of C++ classes. Used in C++ applications for Windows, Linux, macOS, and iOS platforms. Supported compilers include Visual C++, MinGW, gcc, and Xcode.

  • .NETVCL

    Highly integrated and blazingly fast native Delphi (Pascal) components for building native Windows, Linux, and macOS applications. All components are native Delphi, have no third-party binaries or references, and no reliance on Windows CryptoAPI. Also includes Delphi components for building Android and iOS apps.

  • .NETPHP

    Integrated components for PHP scripts running on Linux and Windows servers.

Overview

Use FTPSBlackbox to create FTP and FTPS servers to securely access file systems located across the network and to transfer files to and from remote servers.

FTP/FTPS Server

Create your own server to handle incoming FTP/FTPS connections.

FTP/FTPS Client

Create your own client to handle outgoing FTP/FTPS connections.

Generic SSL/TLS Transport Classes

The FTP protocol is built on top of SSL/TLS, so all generic classes are included.

SSL/TLS and PKI Provides Strong Security

Unlike symmetric encryption, securing communications with SSL/TLS doesn't require that the sides know the shared secret (password/encryption key). Also, Public Key Security (PKI) lets each side examine authenticity of the other side and prevent man-in-the-middle attacks.

Easy-to-implement Security

The PKI infrastructure is a widely-used technology, so implementation and maintenance of SSL/TLS-based solutions with FTPBlackbox are quite simple tasks.

No External Dependencies

FTPSBlackbox includes its own implementation of SSL/TLS/DTLS protocol family and doesn't include any external code like OpenSSL, OpenSSH, etc.

Full Feature List

Client-side FTP/FTPS

  • Connect to existing FTP/FTPS servers using client-side classes for FTP and FTP-over-SSL (FTPS) protocols
  • Support for explicit and implicit TLS for increased connectivity and compatibility with various servers
  • Compression (MODE Z) support to save bandwidth and speed-up transfer
  • MLSD command support for easy parsing of directory listings
  • Support for files over four GB allows you to easily transfer large files
  • Custom commands can be sent for better control of server behavior
  • Full scope of file and directory commands defined by the protocol specification (create and delete directories, rename files etc.)
  • Batch operations for uploading, downloading, and deleting one or several files and directories with one call
  • Upload and download of any information represented as streams - disk files, in-memory streams, database records or any other custom streams
  • Overwrite, resume, append, and skip modes of file upload and download
  • Transfer resumption and partial transfers
  • Keep-alive during data transfer enables you to prevent the command channel from being closed by NATs and firewalls during transfer of large files over data channel
  • Support for Unicode file names via UTF8
  • Virtual file system support - provide access to existing file system or access your virtual file hierarchy
  • Support for FTP proxies and SOCKS and HTTP CONNECT (Web tunneling) proxies with various authentication mechanisms
  • Active and passive mode with optional adjustment of the server address in passive mode provide maximum connectivity when the client or the server (or both) are located behind a firewall
  • Flexible support for client- and server-side SSL/TLS authentication during data exchange allows deploying the classes to a custom PKI infrastructure
  • Bandwidth control to avoid overloading of slow networks
  • IPv6 and International Domain Names (IDN) support for maximum network connectivity
  • Support for custom DNS servers and DNSSEC for even more security and network stability
  • Port knocking support for advanced security

Server-side FTP/FTPS

  • Create your own FTP/FTPS server with server-side classes for FTP and FTP-over-SSL (FTPS) protocols
  • Virtual file system support lets you provide access to existing file system or create your virtual file hierarchies for each connected user
  • Support for explicit and implicit TLS for increased connectivity and compatibility with various clients
  • Active and passive mode
  • Compression support (MODE Z) lets you increase transfer speed and reduce network load
  • MLSD command support for easy parsing of directory listing
  • Support for Unicode file names via UTF8
  • Support for files over four GB to transfer large files easily
  • Custom commands to extend scope of services offered by the server
  • Transfer resumption and partial transfers helps you save network traffic and reduce transfer time
  • All standard file and directory commands are supported (create and delete directories, rename files, etc.)
  • Flexible support for client- and server-side SSL/TLS authentication during data exchange allows deploying the classes to a custom PKI infrastructure

SSL / TLS Features for Both Client and Server Implementations

  • Widest possible compatibility via support for modern TLS 1.2, TLS 1.1, TLS 1.0, SSL 3, and SSL 2
  • DTLS (Datagram TLS) protocol support secures your UDP-based communications
  • Flexible client- and server-side SSL/TLS authentication support during handshake allows deploying the classes to custom PKI infrastructure
  • User-controlled validation of certificates lets you build a custom PKI infrastructure or better control authentication in SSL/TLS
  • Built-in compression increases transfer speed and reduces network load
  • Optional resuming of TLS sessions in both client and server components. Both SSL sessions and TLS Stateless resumption are supported
  • Use of Cryptocards and USB Crypto Tokens for further protection of secret information (private and secret keys)
  • Authentication using OpenPGP keys and pre-shared keys (PSK) provides an alternative to PKI for in-house solutions
  • SRP (Secure Remote Password) cipher suites is another alternative to PKI for authentication
  • Standard and custom TLS extensions let you harness the power of the TLS specification and include additional information to the handshake, if necessary
  • With raw asymmetric keys for authentication (instead of X.509 certificates), you can avoid the necessity to deploy PKI infrastructure where it is not needed (in closed environments) and decrease handshake time
  • Possibility to secure any data channels (and not just TCP or UDP sockets) helps you secure any communication channel with TLS or DTLS
  • OCSP stapling support helps you reduce load on certificate authorities' OCSP servers during certificate validation
  • Certificates with key length from 512 to 16384 bits give you adequate security solutions for today and the future
  • Support for RSA, DSA, and DH public key algorithms and optional ECC-based cipher suites
  • Data encryption with Camellia, AES (128 to 256 bit), Triple DES (3DES), DES, ARCFOUR, and RC2 algorithms
  • Asynchronous operation mode lets you easily build synchronous and asynchronous applications