This is a portable crypto library that exposes a restricted API that is secure by design, for use as a black-box building block in cryptographic protocols. Security and portability are emphasized over efficient (compact) encodings, but keeping the crypto overhead reasonably minimal is still a requirement. The API and implementation should encourage the use of best practices, and reduce the likelihood of common protocol design errors.Existing cryptographic libraries available in most languages typically expose raw crypto primitives (e.g., block ciphers with modes of operation, HMACs, digital signatures) that are often applied incorrectly in protocol design. While these libraries are "standards compliant", they do little or nothing to guide the protocol designer to produce secure protocol designs. Worse still, they leave ample room for implementations to introduce subtle security bugs such as timing attacks.