Index S

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

S/KEY 
S/KEY dictionary 
S/MIME email, certificates for 
SACL (system access control list) 
safe primes  2nd 
SafeStr library  2nd 
    functions and C equivalents 
SAFESTR_ALLOC( ) 
SAFESTR_CREATE( ) 
safestr_free( ) 
safestr_istrusted( ) 
safestr_reference( ) 
safestr_release( ) 
safestr_t type 
SAFESTR_TEMP( ) 
SAFESTR_TEMP_TRUSTED( ) 
salt 
    dictionary attacks, prevention with 
    hardening hash functions against birthday attacks 
sanitizing the environment 
SASL (Simple Authentication and Security Layer) 
saved user and group IDs 
SAX (Symmetric Authenticated eXchange)  2nd 
    client side 
    server-side 
Schneier, Bruce 
secure programming 
    web sites 
secure server certificates 
securely creating child processes 
securely signing and encrypting with RSA 
SecureZeroMemory( ) 
security
    authentication mechanisms, requirements 
    bit size of algorithms 
    function errors and 
    initialization and 
    weak vs. strong passwords 
security identifiers  [See SIDs]
Security Support Provider Interface (SSPI) 
seeds, random numbers 
select( )
    preventing file descriptor overflows 
    typical usage 
selecting a cipher mode 
selecting a public key algorithm 
selecting public key sizes 
self-signed certificates 
sequential nonces vs. random nonces 
Serpent  2nd 
    home page 
servers
    authentication without third-party 
    for network logging 
    SSL servers, creating 
    SSL servers, improving efficiency with caching 
session ID context 
session IDs 
    IP addresses as elements of 
    secure formats for 
session keys 
session timeout 
Set-Cookie headers 
SET_FN_PTR macro 
SET_VAR macro 
setegid( ) and seteuid( ) 
setgid( ) and setuid( ) 
    dropping privileges after use 
        drop order 
    privilege separation, limiting risk with 
setgroups( ) 
SetInformationJobObject( )  2nd 
setregid( ) 
setreuid( ) 
setrlimit( )  2nd  3rd 
SetThreadToken( ) 
Setuid Demystified 
setup_charset_map( ) 
setup_signal_handler( ) 
SHA-256, SHA-384, and SHA-512 algorithms 
SHA1 (Secure Hash Algorithm 1) 
    DSA standard and 
    key generation using 
    LION 
    OpenSSL API 
    whitening, using for 
Shamir, Adi 
shared locks 
shatter attacks, protecting Windows against 
ShellExecute( ), risks of 
shells, risks of environment variables 
shuffling fairly 
SID_AND_ATTRIBUTES structures 
SIDs (security identifiers)  2nd  3rd  4th  5th  6th 
    disabling or restricting 
sigaction( ) 
signal handling, perfoming properly 
    guidelines 
    program termination 
    writing signal handlers 
signal_was_caught( ) 
signed data types, unsuitability for key representation 
signing data using an RSA private key 
SIGTRAP 
Simple Authentication and Security Layer (SASL) 
Òsimple blobÓ format 
smc_encrypt utility 
SNOW stream cipher  2nd  3rd 
    home page 
snprintf( ) 
sockets 
    Entropy Gathering Daemon  [See EGD]
    interprocess communication, using for 
        loopback address 
    Unix domain sockets, authentication using 
SoftICE 
software protection 
    anti-tampering techniques 
    bit and byte obfuscation 
        Obcode data types 
        Obcode library 
    checksum algorithms, detecting modification with 
        CRC32 algorithm 
    constant transforms on variables 
    costs 
        debugging difficulty 
        development time 
        maintainability 
    countering disassembly 
        function truncation 
        misalignment errors 
        using NULL bytes 
    crackers and their motivations 
    detecting debuggers 
        finding breakpoints 
        Unix 
        Windows 
    detecting SoftICE 
        function 0x43 of interrupt 0x68 
        int3 interface 
        ÒMelticeÓ technique 
    disguising Boolean values 
    function pointers, using 
    goals 
    hiding ASCII strings 
    merging scalar variables 
    obfuscating code 
        assembly-language, usage for 
        C program Òtest-and-branchÓ idiom 
        conditional expressions 
        shared library functions 
        test-for-zero operation 
        volatile keyword 
        vs.code maintainability 
    restructuring arrays 
        restructuring options 
    self-modifying code, using 
        build process complications 
        ELF executable files, code for encrypting 
        RC4 encryption 
    splitting variables 
    validation checks 
spc _ctr_decrypt( ) 
spc_accept( )  2nd 
spc_add_padding( ) 
spc_array_flat( ) 
spc_array_fold( ) 
spc_array_free( ) 
spc_array_get( ) 
spc_array_merge( ) 
spc_array_set( ) 
spc_array_split( ) 
spc_base64_encode( ) 
spc_bcprng_init( ) 
spc_bcprng_rand( ) 
spc_bin2words() 
SPC_BLOCK_SZ macro 
spc_cbc_decrypt( ) 
spc_cbc_decrypt_final( )  2nd 
spc_cbc_decrypt_init( ) 
spc_cbc_decrypt_update( )  2nd 
spc_cbc_encrypt_final( ) 
spc_cbc_encrypt_init( ) 
spc_cbc_encrypt_update( )  2nd  3rd 
spc_cert_filename( ) 
spc_cfb_decrypt( ) 
spc_cfb_decrypt_update( ) 
spc_cfb_encrypt( ) 
spc_cfb_encrypt_update( )  2nd 
spc_cfb_final( )  2nd 
spc_check_int3( ) 
SPC_CIPHERQ data type 
spc_cipherq_cleanup( ) 
spc_cipherq_decrypt( ) 
spc_cipherq_encrypt( )  2nd 
spc_cipherq_setup( ) 
spc_confirmation_create( ) 
spc_confirmation_receive( ) 
spc_connect( ) 
spc_connect_ssl( ) 
spc_cookie_decode( ) 
spc_cookie_encode( ) 
spc_cookie_init( ) 
spc_create_nonced_digest( ) 
spc_create_sslctx( )  2nd  3rd  4th 
    flags 
spc_create_x509store( ) 
spc_crypt_encrypt( ) 
spc_crypt_verify( ) 
spc_ctr_encrypt( ) 
spc_ctr_final( ) 
spc_ctr_update( )  2nd 
    keystream generation using 
SPC_DEBUGGER_PRESENT macro 
spc_decode_url( ) 
SPC_DECRYPT_INIT macro 
    AES, IDEA implementations 
SPC_DEFINE_DBG_SYM macro 
spc_delenv( ) 
SPC_DO_DECRYPT macro 
    block cipher implementations 
SPC_DO_ENCRYPT macro 
    block cipher implementations 
spc_double_mac( ) 
spc_drop_privileges( ) 
spc_email_isvalid( ) 
spc_enable_sessions( ) 
SPC_ENCRYPT_INIT macro 
    block cipher implementations 
spc_entropy( )  2nd 
    FIPS testing, using in 
spc_escape_html( ) 
spc_escape_sql( ) 
spc_extract_digest( ) 
spc_extract_nonce( ) 
spc_fd_free( ) 
spc_fd_setsize( ) 
spc_fd_wipe( ) 
spc_file_wipe( ) 
spc_fips_monobit( ) 
spc_fips_poker( ) 
spc_fips_runs( ) 
spc_fork( ) 
spc_gather_keyboard_entropy( ) 
spc_get_credentials( ) 
spc_getenv( ) 
spc_getsession( ) 
spc_group_ismember( ) 
spc_hex2bin( ) 
SPC_HMAC_Init( ) 
spc_host_check( ) 
spc_host_init( ) 
spc_incremental_hmac( ) 
spc_is_safedir( ) 
SPC_KEY_SCHED macro 
spc_keygen( )  2nd  3rd 
spc_krb5_cleanup( ) 
spc_krb5_client( ), client-side authentication using Kerberos 
spc_krb5_decrypt( ) 
spc_krb5_encrypt( ) 
spc_krb5_isdes( ) 
spc_krb5_server( ), server-side authentication using Kerberos 
spc_lion_decrypt( ) 
spc_lion_encrypt( ) 
spc_listen( ) 
spc_lock_file( ) 
spc_lookup_key( )  2nd  3rd 
spc_mac127( ) 
spc_mac127_init( ) 
spc_make_derived_key( ) 
spc_make_fd_nonblocking( ) 
spc_md5_encrypt( ) 
spc_md5_verify( ) 
spc_mdc2_final( ) 
spc_mdc2_init( ) 
spc_mdc2_oneblock( ) 
spc_mdc2_update( ) 
spc_memcpy( ) 
spc_memmove( ) 
spc_memset( ) 
spc_memzero( ), key deletion using 
spc_mprng_init( ) 
spc_mprng_rand( ) 
spc_next_varg( ) 
spc_ocspresult_t spc_verify_via_ocsp( ) 
spc_ofb_decrypt( ) 
spc_ofb_encrypt( ) 
spc_ofb_final( ) 
spc_ofb_update( )  2nd  3rd 
spc_omac_final( )  2nd 
spc_omac_update( )  2nd 
spc_omac1_init( )  2nd 
spc_OMAC1_nonced( ) 
spc_omac2_init( ) 
spc_omc_update( ) 
spc_pam_login( ) 
spc_pam_logout( ) 
spc_pbkdf2( ) 
    arguments 
spc_pbkdf2_encrypt( ) 
spc_pbkdf2_verify( ) 
spc_pctr_do_odd( ) 
spc_pctr_setup( )  2nd 
SPC_PIPE object 
spc_popen( ) 
spc_print_hex() 
spc_putenv( ) 
spc_rand( )  2nd  3rd 
    getting random integers using 
    HMAC-SHA1 pseudo-random number generator 
    OpenSSL PRNG, usage in 
    RC4 as a PRNG 
spc_rand_add_entropy( ) 
spc_rand_init( ) 
spc_rand_range( ) 
    random integer in a range, generation with 
    shuffling using 
spc_rand_real( ) 
spc_rand_uint( ) 
spc_read_password( ) 
spc_reconnect( ) 
spc_remember_cert( ) 
spc_remember_key( ) 
spc_remove_padding( ) 
spc_restore_privileges( ) 
spc_rsrclimit( ) 
spc_sanitize_environment( ) 
spc_sanitize_files( ) 
spc_send_credentials( ) 
spc_smc_decrypt( ) 
spc_socket_accept( ) 
spc_socket_close( ) 
spc_socket_recvfrom( ) 
spc_socket_sendto( ) 
spc_socketpool_close( ) 
spc_socketpool_init( ) 
spc_socketpool_setlimit( ) 
spc_ssock_client_send( ) 
spc_ssock_t object
    erasure 
    initialization 
SPC_TEST_BOOL macro 
spc_threadpool_cleanup( ) 
spc_threadpool_init( ) 
spc_threadpool_schedule( )  2nd 
spc_throttle( ) 
spc_trap_detect( ) 
spc_unix_connect( ) 
spc_unix_server( ) 
SPC_USE_DBG_SYM macro 
spc_user_getname( ) 
spc_utf8_isvalid( ) 
spc_verify_callback( ) 
spc_verify_cert( ) 
spc_verify_cert_hostname( ) 
spc_verify_nonced_digest( ) 
spc_verify_via_ocsp( ) 
spc_verifyandmaybesave_callback( ) 
spc_words2bin() 
spc_x509store_addusecert( ) 
spc_x509store_clearflags( ) 
spc_x509store_setcafile( ) 
spc_x509store_setcallback( ) 
spc_x509store_setcapath( )  2nd 
spc_x509store_setcrlfile( ) 
spc_x509store_setflags( ) 
spc_x509store_setusecertfile( ) 
spc_x509store_t objects  2nd 
SpcDecrypt( ) 
SpcEncrypt( ) 
SpcExportKeyData( ) 
SpcFingerPrintCert( ) 
SpcGatherKeyboardEntropy( )  2nd 
SpcGatherMouseEntropy( )  2nd 
SpcGetCertCRLURL( ) 
SpcGetCryptContext( ) 
SpcGetExportableContext( )  2nd 
SpcImportKeyData( )  2nd 
SpcIncrementalHMAC( ) 
SpcLockResource( ) 
SpcLookupCACert( )  2nd 
SpcLookupName( ) 
SpcLookupSid( ) 
SpcMakeTempFile( ) 
SpcNewStoreForCert( ) 
SpcPBKDF2( ) 
SpcResolvePath( ) 
SpcRetrieveCRL( ) 
SpcSetIV( ) 
SpcUnlockResource( ) 
SpcVerifyCert( ) 
SpcVerifyCertHostName( ) 
SpcWipeFile( ) 
SPLIT_VAR macro 
spoofing of hostnames, IP addresses 
sprintf( ) 
SQL injection attacks 
SRP (Secure Remote Password) 
SSL (Secure Sockets Layer) 
    clients, creating 
    database connections, securing with 
        MySQL 
        PostgreSQL 
    servers, creating 
    session caching 
    session caching modes 
    sessions vs. connections 
    tunnels 
    verifying a peerÕs certificate 
SSL_accept( ) 
SSL_CTX objects  2nd 
    flagging and modes 
SSL_CTX_set_cipher_list( ) 
SSL_CTX_set_verify( ) 
SSL_SESSION objects 
SSL_SESSION_free( ) 
SSLv2 protocol, insecurity of 
SSPI (Security Support Provider Interface) 
stack-smashing attacks 
    preventive technologies 
StackGuard 
stat( ) 
station-to-station protocol 
stdarg.h file 
stdin, stdout, and stderr file descriptors 
Stevens, W. Richard 
str, input to spc_words2bin( ) 
strcpy( ) 
strdup( ) 
stream ciphers  2nd  3rd 
    precomputing keystream for 
    PRNGs compared to 
    using as PRNGs 
        RC4 
strings of random ASCII characters, getting 
strlcat( ) 
strlcpy( ) 
strncpy( )  2nd 
strsafe.h 
Stunnel 
    accept and connect keys 
    certificate and verification limitations 
    client mode, enabling 
    configuration file 
    server mode, enabling 
    Version 4.00 changes in configuration controls 
surreptitious forwarding attacks 
symmetric cryptography 
    algorithms 
        choosing 
        noncommercial, patent-free implementations 
        speed 
        supporting multiple 
    cipher modes 
        CBC (Cipher Block Chaining)  2nd 
        CCM (CTR plus CBC-MAC) mode 
        CFB (Cipher Feedback) mode  2nd 
        CTR (counter)  2nd 
        CWC (Carter-Wegman + CTR)  2nd 
        ECB (Electronic Code Book)  2nd 
        OCB (Offset Codebook) mode 
        OFB (Output Feedback) mode  2nd 
        selecting 
    CryptoAPI key objects, creating from symmetric keys 
    keys
        extraction from CryptoAPI key objects 
        generating from one secret 
        length 
        length of configurable ciphers 
        length of public keys, compared to 
        passwords, conversion to 
    providing forward secrecy 
    random data, effective usage 
    shared secrets 
    stream ciphers 
symmetric encryption algorithms 
symmetric primitives 
synchronization of resource access 
    across processes
        Unix 
        Windows 
syslog utility 
syslog( ) 
syslog-ng 
system access control list (SACL) 
system( ), risks of 



Secure Programming Cookbook for C and C++
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
ISBN: 0596003943
EAN: 2147483647
Year: 2005
Pages: 266

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net