Main Page

Secure Programming Cookbook for C and C++
By Matt Messier, John Viega
Publisher: O'Reilly
Pub Date: July 2003
ISBN: 0-596-00394-3
Pages: 784

Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code for Unix® (including Linux®) and Windows® environments. This essential code companion covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering.

• Table of Contents
• Index
• Reviews
• Reader Reviews
• Errata
Secure Programming Cookbook for C and C++
By Matt Messier, John Viega
Publisher: O'Reilly
Pub Date: July 2003
ISBN: 0-596-00394-3
Pages: 784
      More Than Just a Book
      We Can't Do It All
      Organization of This Book
      Recipe Compatibility
      Conventions Used in This Book
      Comments and Questions
    Chapter 1.  Safe Initialization
      Section 1.1.  Sanitizing the Environment
      Section 1.2.  Restricting Privileges on Windows
      Section 1.3.  Dropping Privileges in setuid Programs
      Section 1.4.  Limiting Risk with Privilege Separation
      Section 1.5.  Managing File Descriptors Safely
      Section 1.6.  Creating a Child Process Securely
      Section 1.7.  Executing External Programs Securely
      Section 1.8.  Executing External Programs Securely
      Section 1.9.  Disabling Memory Dumps in the Event of a Crash
    Chapter 2.  Access Control
      Section 2.1.  Understanding the Unix Access Control Model
      Section 2.2.  Understanding the Windows Access Control Model
      Section 2.3.  Determining Whether a User Has Access to a File on Unix
      Section 2.4.  Determining Whether a Directory Is Secure
      Section 2.5.  Erasing Files Securely
      Section 2.6.  Accessing File Information Securely
      Section 2.7.  Restricting Access Permissions for New Files on Unix
      Section 2.8.  Locking Files
      Section 2.9.  Synchronizing Resource Access Across Processes on Unix
      Section 2.10.  Synchronizing Resource Access Across Processes on Windows
      Section 2.11.  Creating Files for Temporary Use
      Section 2.12.  Restricting Filesystem Access on Unix
      Section 2.13.  Restricting Filesystem and Network Access on FreeBSD
    Chapter 3.  Input Validation
      Section 3.1.  Understanding Basic Data Validation Techniques
      Section 3.2.  Preventing Attacks on Formatting Functions
      Section 3.3.  Preventing Buffer Overflows
      Section 3.4.  Using the SafeStr Library
      Section 3.5.  Preventing Integer Coercion and Wrap-Around Problems
      Section 3.6.  Using Environment Variables Securely
      Section 3.7.  Validating Filenames and Paths
      Section 3.8.  Evaluating URL Encodings
      Section 3.9.  Validating Email Addresses
      Section 3.10.  Preventing Cross-Site Scripting
      Section 3.11.  Preventing SQL Injection Attacks
      Section 3.12.  Detecting Illegal UTF-8 Characters
      Section 3.13.  Preventing File Descriptor Overflows When Using select( )
    Chapter 4.  Symmetric Cryptography Fundamentals
      Section 4.1.  Representing Keys for Use in Cryptographic Algorithms
      Section 4.2.  Generating Random Symmetric Keys
      Section 4.3.  Representing Binary Keys (or Other Raw Data) as Hexadecimal
      Section 4.4.  Turning ASCII Hex Keys (or Other ASCII Hex Data) into Binary
      Section 4.5.  Performing Base64 Encoding
      Section 4.6.  Performing Base64 Decoding
      Section 4.7.  Representing Keys (or Other Binary Data) as English Text
      Section 4.8.  Converting Text Keys to Binary Keys
      Section 4.9.  Using Salts, Nonces, and Initialization Vectors
      Section 4.10.  Deriving Symmetric Keys from a Password
      Section 4.11.  Algorithmically Generating Symmetric Keys from One Base Secret
      Section 4.12.  Encrypting in a Single Reduced Character Set
      Section 4.13.  Managing Key Material Securely
      Section 4.14.  Timing Cryptographic Primitives
    Chapter 5.  Symmetric Encryption
      Section 5.1.  Deciding Whether to Use Multiple Encryption Algorithms
      Section 5.2.  Figuring Out Which Encryption Algorithm Is Best
      Section 5.3.  Selecting an Appropriate Key Length
      Section 5.4.  Selecting a Cipher Mode
      Section 5.5.  Using a Raw Block Cipher
      Section 5.6.  Using a Generic CBC Mode Implementation
      Section 5.7.  Using a Generic CFB Mode Implementation
      Section 5.8.  Using a Generic OFB Mode Implementation
      Section 5.9.  Using a Generic CTR Mode Implementation
      Section 5.10.  Using CWC Mode
      Section 5.11.  Manually Adding and Checking Cipher Padding
      Section 5.12.  Precomputing Keystream in OFB, CTR, CCM, or CWC Modes (or with Stream Ciphers)
      Section 5.13.  Parallelizing Encryption and Decryption in Modes That Allow It (Without Breaking Compatibility)
      Section 5.14.  Parallelizing Encryption and Decryption in Arbitrary Modes (Breaking Compatibility)
      Section 5.15.  Performing File or Disk Encryption
      Section 5.16.  Using a High-Level, Error-Resistant Encryption and Decryption API
      Section 5.17.  Performing Block Cipher Setup (for CBC, CFB, OFB, and ECB Modes) in OpenSSL
      Section 5.18.  Using Variable Key-Length Ciphers in OpenSSL
      Section 5.19.  Disabling Cipher Padding in OpenSSL in CBC Mode
      Section 5.20.  Performing Additional Cipher Setup in OpenSSL
      Section 5.21.  Querying Cipher Configuration Properties in OpenSSL
      Section 5.22.  Performing Low-Level Encryption and Decryption with OpenSSL
      Section 5.23.  Setting Up and Using RC4
      Section 5.24.  Using One-Time Pads
      Section 5.25.  Using Symmetric Encryption with Microsoft's CryptoAPI
      Section 5.26.  Creating a CryptoAPI Key Object from Raw Key Data
      Section 5.27.  Extracting Raw Key Data from a CryptoAPI Key Object
    Chapter 6.  Hashes and Message Authentication
      Section 6.1.  Understanding the Basics of Hashes and MACs
      Section 6.2.  Deciding Whether to Support Multiple Message Digests or MACs
      Section 6.3.  Choosing a Cryptographic Hash Algorithm
      Section 6.4.  Choosing a Message Authentication Code
      Section 6.5.  Incrementally Hashing Data
      Section 6.6.  Hashing a Single String
      Section 6.7.  Using a Cryptographic Hash
      Section 6.8.  Using a Nonce to Protect Against Birthday Attacks
      Section 6.9.  Checking Message Integrity
      Section 6.10.  Using HMAC
      Section 6.11.  Using OMAC (a Simple Block Cipher-Based MAC)
      Section 6.12.  Using HMAC or OMAC with a Nonce
      Section 6.13.  Using a MAC That's Reasonably Fast in Software and Hardware
      Section 6.14.  Using a MAC That's Optimized for Software Speed
      Section 6.15.  Constructing a Hash Function from a Block Cipher
      Section 6.16.  Using a Block Cipher to Build a Full-Strength Hash Function
      Section 6.17.  Using Smaller MAC Tags
      Section 6.18.  Making Encryption and Message Integrity Work Together
      Section 6.19.  Making Your Own MAC
      Section 6.20.  Encrypting with a Hash Function
      Section 6.21.  Securely Authenticating a MAC (Thwarting Capture Replay Attacks)
      Section 6.22.  Parallelizing MACs
    Chapter 7.  Public Key Cryptography
      Section 7.1.  Determining When to Use Public Key Cryptography
      Section 7.2.  Selecting a Public Key Algorithm
      Section 7.3.  Selecting Public Key Sizes
      Section 7.4.  Manipulating Big Numbers
      Section 7.5.  Generating a Prime Number (Testing for Primality)
      Section 7.6.  Generating an RSA Key Pair
      Section 7.7.  Disentangling the Public and Private Keys in OpenSSL
      Section 7.8.  Converting Binary Strings to Integers for Use with RSA
      Section 7.9.  Converting Integers into Binary Strings for Use with RSA
      Section 7.10.  Performing Raw Encryption with an RSA Public Key
      Section 7.11.  Performing Raw Decryption Using an RSA Private Key
      Section 7.12.  Signing Data Using an RSA Private Key
      Section 7.13.  Verifying Signed Data Using an RSA Public Key
      Section 7.14.  Securely Signing and Encrypting with RSA
      Section 7.15.  Using the Digital Signature Algorithm (DSA)
      Section 7.16.  Representing Public Keys and Certificates in Binary (DER Encoding)
      Section 7.17.  Representing Keys and Certificates in Plaintext (PEM Encoding)
    Chapter 8.  Authentication and Key Exchange
      Section 8.1.  Choosing an Authentication Method
      Section 8.2.  Getting User and Group Information on Unix
      Section 8.3.  Getting User and Group Information on Windows
      Section 8.4.  Restricting Access Based on Hostname or IP Address
      Section 8.5.  Generating Random Passwords and Passphrases
      Section 8.6.  Testing the Strength of Passwords
      Section 8.7.  Prompting for a Password
      Section 8.8.  Throttling Failed Authentication Attempts
      Section 8.9.  Performing Password-Based Authentication with crypt( )
      Section 8.10.  Performing Password-Based Authentication with MD5-MCF
      Section 8.11.  Performing Password-Based Authentication with PBKDF2
      Section 8.12.  Authenticating with PAM
      Section 8.13.  Authenticating with Kerberos
      Section 8.14.  Authenticating with HTTP Cookies
      Section 8.15.  Performing Password-Based Authentication and Key Exchange
      Section 8.16.  Performing Authenticated Key Exchange Using RSA
      Section 8.17.  Using Basic Diffie-Hellman Key Agreement
      Section 8.18.  Using Diffie-Hellman and DSA Together
      Section 8.19.  Minimizing the Window of Vulnerability When Authenticating Without a PKI
      Section 8.20.  Providing Forward Secrecy in a Symmetric System
      Section 8.21.  Ensuring Forward Secrecy in a Public Key System
      Section 8.22.  Confirming Requests via Email
    Chapter 9.  Networking
      Section 9.1.  Creating an SSL Client
      Section 9.2.  Creating an SSL Server
      Section 9.3.  Using Session Caching to Make SSL Servers More Efficient
      Section 9.4.  Securing Web Communication on Windows Using the WinInet API
      Section 9.5.  Enabling SSL without Modifying Source Code
      Section 9.6.  Using Kerberos Encryption
      Section 9.7.  Performing Interprocess Communication Using Sockets
      Section 9.8.  Performing Authentication with Unix Domain Sockets
      Section 9.9.  Performing Session ID Management
      Section 9.10.  Securing Database Connections
      Section 9.11.  Using a Virtual Private Network to Secure Network Connections
      Section 9.12.  Building an Authenticated Secure Channel Without SSL
    Chapter 10.  Public Key Infrastructure
      Section 10.1.  Understanding Public Key Infrastructure (PKI)
      Section 10.2.  Obtaining a Certificate
      Section 10.3.  Using Root Certificates
      Section 10.4.  Understanding X.509 Certificate Verification Methodology
      Section 10.5.  Performing X.509 Certificate Verification with OpenSSL
      Section 10.6.  Performing X.509 Certificate Verification with CryptoAPI
      Section 10.7.  Verifying an SSL Peer's Certificate
      Section 10.8.  Adding Hostname Checking to Certificate Verification
      Section 10.9.  Using a Whitelist to Verify Certificates
      Section 10.10.  Obtaining Certificate Revocation Lists with OpenSSL
      Section 10.11.  Obtaining CRLs with CryptoAPI
      Section 10.12.  Checking Revocation Status via OCSP with OpenSSL
    Chapter 11.  Random Numbers
      Section 11.1.  Determining What Kind of Random Numbers to Use
      Section 11.2.  Using a Generic API for Randomness and Entropy
      Section 11.3.  Using the Standard Unix Randomness Infrastructure
      Section 11.4.  Using the Standard Windows Randomness Infrastructure
      Section 11.5.  Using an Application-Level Generator
      Section 11.6.  Reseeding a Pseudo-Random Number Generator
      Section 11.7.  Using an Entropy Gathering Daemon-Compatible Solution
      Section 11.8.  Getting Entropy or Pseudo-Randomness Using EGADS
      Section 11.9.  Using the OpenSSL Random Number API
      Section 11.10.  Getting Random Integers
      Section 11.11.  Getting a Random Integer in a Range
      Section 11.12.  Getting a Random Floating-Point Value with Uniform Distribution
      Section 11.13.  Getting Floating-Point Values with Nonuniform Distributions
      Section 11.14.  Getting a Random Printable ASCII String
      Section 11.15.  Shuffling Fairly
      Section 11.16.  Compressing Data with Entropy into a Fixed-Size Seed
      Section 11.17.  Getting Entropy at Startup
      Section 11.18.  Statistically Testing Random Numbers
      Section 11.19.  Performing Entropy Estimation and Management
      Section 11.20.  Gathering Entropy from the Keyboard
      Section 11.21.  Gathering Entropy from Mouse Events on Windows
      Section 11.22.  Gathering Entropy from Thread Timings
      Section 11.23.  Gathering Entropy from System State
    Chapter 12.  Anti-Tampering
      Section 12.1.  Understanding the Problem of Software Protection
      Section 12.2.  Detecting Modification
      Section 12.3.  Obfuscating Code
      Section 12.4.  Performing Bit and Byte Obfuscation
      Section 12.5.  Performing Constant Transforms on Variables
      Section 12.6.  Merging Scalar Variables
      Section 12.7.  Splitting Variables
      Section 12.8.  Disguising Boolean Values
      Section 12.9.  Using Function Pointers
      Section 12.10.  Restructuring Arrays
      Section 12.11.  Hiding Strings
      Section 12.12.  Detecting Debuggers
      Section 12.13.  Detecting Unix Debuggers
      Section 12.14.  Detecting Windows Debuggers
      Section 12.15.  Detecting SoftICE
      Section 12.16.  Countering Disassembly
      Section 12.17.  Using Self-Modifying Code
    Chapter 13.  Other Topics
      Section 13.1.  Performing Error Handling
      Section 13.2.  Erasing Data from Memory Securely
      Section 13.3.  Preventing Memory from Being Paged to Disk
      Section 13.4.  Using Variable Arguments Properly
      Section 13.5.  Performing Proper Signal Handling
      Section 13.6.  Protecting against Shatter Attacks on Windows
      Section 13.7.  Guarding Against Spawning Too Many Threads
      Section 13.8.  Guarding Against Creating Too Many Network Sockets
      Section 13.9.  Guarding Against Resource Starvation Attacks on Unix
      Section 13.10.  Guarding Against Resource Starvation Attacks on Windows
      Section 13.11.  Following Best Practices for Audit Logging