Table of content
 | |
| • | Table of Contents |
| • | Index |
| • | Reviews |
| • | Reader Reviews |
| • | Errata |
| Secure Programming Cookbook for C and C++ | ||
| By Matt Messier, John Viega | ||
| Publisher | : O'Reilly | |
| Pub Date | : July 2003 | |
| ISBN | : 0-596-00394-3 | |
| Pages | : 784 | |
| Copyright | |||||||||||||||||
| Foreword | |||||||||||||||||
| Preface | |||||||||||||||||
| More Than Just a Book | |||||||||||||||||
| We Can't Do It All | |||||||||||||||||
| Organization of This Book | |||||||||||||||||
| Recipe Compatibility | |||||||||||||||||
| Conventions Used in This Book | |||||||||||||||||
| Comments and Questions | |||||||||||||||||
| Acknowledgments | |||||||||||||||||
| Chapter 1. Safe Initialization | |||||||||||||||||
| Section 1.1. Sanitizing the Environment | |||||||||||||||||
| Section 1.2. Restricting Privileges on Windows | |||||||||||||||||
| Section 1.3. Dropping Privileges in setuid Programs | |||||||||||||||||
| Section 1.4. Limiting Risk with Privilege Separation | |||||||||||||||||
| Section 1.5. Managing File Descriptors Safely | |||||||||||||||||
| Section 1.6. Creating a Child Process Securely | |||||||||||||||||
| Section 1.7. Executing External Programs Securely | |||||||||||||||||
| Section 1.8. Executing External Programs Securely | |||||||||||||||||
| Section 1.9. Disabling Memory Dumps in the Event of a Crash | |||||||||||||||||
| Chapter 2. Access Control | |||||||||||||||||
| Section 2.1. Understanding the Unix Access Control Model | |||||||||||||||||
| Section 2.2. Understanding the Windows Access Control Model | |||||||||||||||||
| Section 2.3. Determining Whether a User Has Access to a File on Unix | |||||||||||||||||
| Section 2.4. Determining Whether a Directory Is Secure | |||||||||||||||||
| Section 2.5. Erasing Files Securely | |||||||||||||||||
| Section 2.6. Accessing File Information Securely | |||||||||||||||||
| Section 2.7. Restricting Access Permissions for New Files on Unix | |||||||||||||||||
| Section 2.8. Locking Files | |||||||||||||||||
| Section 2.9. Synchronizing Resource Access Across Processes on Unix | |||||||||||||||||
| Section 2.10. Synchronizing Resource Access Across Processes on Windows | |||||||||||||||||
| Section 2.11. Creating Files for Temporary Use | |||||||||||||||||
| Section 2.12. Restricting Filesystem Access on Unix | |||||||||||||||||
| Section 2.13. Restricting Filesystem and Network Access on FreeBSD | |||||||||||||||||
| Chapter 3. Input Validation | |||||||||||||||||
| Section 3.1. Understanding Basic Data Validation Techniques | |||||||||||||||||
| Section 3.2. Preventing Attacks on Formatting Functions | |||||||||||||||||
| Section 3.3. Preventing Buffer Overflows | |||||||||||||||||
| Section 3.4. Using the SafeStr Library | |||||||||||||||||
| Section 3.5. Preventing Integer Coercion and Wrap-Around Problems | |||||||||||||||||
| Section 3.6. Using Environment Variables Securely | |||||||||||||||||
| Section 3.7. Validating Filenames and Paths | |||||||||||||||||
| Section 3.8. Evaluating URL Encodings | |||||||||||||||||
| Section 3.9. Validating Email Addresses | |||||||||||||||||
| Section 3.10. Preventing Cross-Site Scripting | |||||||||||||||||
| Section 3.11. Preventing SQL Injection Attacks | |||||||||||||||||
| Section 3.12. Detecting Illegal UTF-8 Characters | |||||||||||||||||
| Section 3.13. Preventing File Descriptor Overflows When Using select( ) | |||||||||||||||||
| Chapter 4. Symmetric Cryptography Fundamentals | |||||||||||||||||
| Section 4.1. Representing Keys for Use in Cryptographic Algorithms | |||||||||||||||||
| Section 4.2. Generating Random Symmetric Keys | |||||||||||||||||
| Section 4.3. Representing Binary Keys (or Other Raw Data) as Hexadecimal | |||||||||||||||||
| Section 4.4. Turning ASCII Hex Keys (or Other ASCII Hex Data) into Binary | |||||||||||||||||
| Section 4.5. Performing Base64 Encoding | |||||||||||||||||
| Section 4.6. Performing Base64 Decoding | |||||||||||||||||
| Section 4.7. Representing Keys (or Other Binary Data) as English Text | |||||||||||||||||
| Section 4.8. Converting Text Keys to Binary Keys | |||||||||||||||||
| Section 4.9. Using Salts, Nonces, and Initialization Vectors | |||||||||||||||||
| Section 4.10. Deriving Symmetric Keys from a Password | |||||||||||||||||
| Section 4.11. Algorithmically Generating Symmetric Keys from One Base Secret | |||||||||||||||||
| Section 4.12. Encrypting in a Single Reduced Character Set | |||||||||||||||||
| Section 4.13. Managing Key Material Securely | |||||||||||||||||
| Section 4.14. Timing Cryptographic Primitives | |||||||||||||||||
| Chapter 5. Symmetric Encryption | |||||||||||||||||
| Section 5.1. Deciding Whether to Use Multiple Encryption Algorithms | |||||||||||||||||
| Section 5.2. Figuring Out Which Encryption Algorithm Is Best | |||||||||||||||||
| Section 5.3. Selecting an Appropriate Key Length | |||||||||||||||||
| Section 5.4. Selecting a Cipher Mode | |||||||||||||||||
| Section 5.5. Using a Raw Block Cipher | |||||||||||||||||
| Section 5.6. Using a Generic CBC Mode Implementation | |||||||||||||||||
| Section 5.7. Using a Generic CFB Mode Implementation | |||||||||||||||||
| Section 5.8. Using a Generic OFB Mode Implementation | |||||||||||||||||
| Section 5.9. Using a Generic CTR Mode Implementation | |||||||||||||||||
| Section 5.10. Using CWC Mode | |||||||||||||||||
| Section 5.11. Manually Adding and Checking Cipher Padding | |||||||||||||||||
| Section 5.12. Precomputing Keystream in OFB, CTR, CCM, or CWC Modes (or with Stream Ciphers) | |||||||||||||||||
| Section 5.13. Parallelizing Encryption and Decryption in Modes That Allow It (Without Breaking Compatibility) | |||||||||||||||||
| Section 5.14. Parallelizing Encryption and Decryption in Arbitrary Modes (Breaking Compatibility) | |||||||||||||||||
| Section 5.15. Performing File or Disk Encryption | |||||||||||||||||
| Section 5.16. Using a High-Level, Error-Resistant Encryption and Decryption API | |||||||||||||||||
| Section 5.17. Performing Block Cipher Setup (for CBC, CFB, OFB, and ECB Modes) in OpenSSL | |||||||||||||||||
| Section 5.18. Using Variable Key-Length Ciphers in OpenSSL | |||||||||||||||||
| Section 5.19. Disabling Cipher Padding in OpenSSL in CBC Mode | |||||||||||||||||
| Section 5.20. Performing Additional Cipher Setup in OpenSSL | |||||||||||||||||
| Section 5.21. Querying Cipher Configuration Properties in OpenSSL | |||||||||||||||||
| Section 5.22. Performing Low-Level Encryption and Decryption with OpenSSL | |||||||||||||||||
| Section 5.23. Setting Up and Using RC4 | |||||||||||||||||
| Section 5.24. Using One-Time Pads | |||||||||||||||||
| Section 5.25. Using Symmetric Encryption with Microsoft's CryptoAPI | |||||||||||||||||
| Section 5.26. Creating a CryptoAPI Key Object from Raw Key Data | |||||||||||||||||
| Section 5.27. Extracting Raw Key Data from a CryptoAPI Key Object | |||||||||||||||||
| Chapter 6. Hashes and Message Authentication | |||||||||||||||||
| Section 6.1. Understanding the Basics of Hashes and MACs | |||||||||||||||||
| Section 6.2. Deciding Whether to Support Multiple Message Digests or MACs | |||||||||||||||||
| Section 6.3. Choosing a Cryptographic Hash Algorithm | |||||||||||||||||
| Section 6.4. Choosing a Message Authentication Code | |||||||||||||||||
| Section 6.5. Incrementally Hashing Data | |||||||||||||||||
| Section 6.6. Hashing a Single String | |||||||||||||||||
| Section 6.7. Using a Cryptographic Hash | |||||||||||||||||
| Section 6.8. Using a Nonce to Protect Against Birthday Attacks | |||||||||||||||||
| Section 6.9. Checking Message Integrity | |||||||||||||||||
| Section 6.10. Using HMAC | |||||||||||||||||
| Section 6.11. Using OMAC (a Simple Block Cipher-Based MAC) | |||||||||||||||||
| Section 6.12. Using HMAC or OMAC with a Nonce | |||||||||||||||||
| Section 6.13. Using a MAC That's Reasonably Fast in Software and Hardware | |||||||||||||||||
| Section 6.14. Using a MAC That's Optimized for Software Speed | |||||||||||||||||
| Section 6.15. Constructing a Hash Function from a Block Cipher | |||||||||||||||||
| Section 6.16. Using a Block Cipher to Build a Full-Strength Hash Function | |||||||||||||||||
| Section 6.17. Using Smaller MAC Tags | |||||||||||||||||
| Section 6.18. Making Encryption and Message Integrity Work Together | |||||||||||||||||
| Section 6.19. Making Your Own MAC | |||||||||||||||||
| Section 6.20. Encrypting with a Hash Function | |||||||||||||||||
| Section 6.21. Securely Authenticating a MAC (Thwarting Capture Replay Attacks) | |||||||||||||||||
| Section 6.22. Parallelizing MACs | |||||||||||||||||
| Chapter 7. Public Key Cryptography | |||||||||||||||||
| Section 7.1. Determining When to Use Public Key Cryptography | |||||||||||||||||
| Section 7.2. Selecting a Public Key Algorithm | |||||||||||||||||
| Section 7.3. Selecting Public Key Sizes | |||||||||||||||||
| Section 7.4. Manipulating Big Numbers | |||||||||||||||||
| Section 7.5. Generating a Prime Number (Testing for Primality) | |||||||||||||||||
| Section 7.6. Generating an RSA Key Pair | |||||||||||||||||
| Section 7.7. Disentangling the Public and Private Keys in OpenSSL | |||||||||||||||||
| Section 7.8. Converting Binary Strings to Integers for Use with RSA | |||||||||||||||||
| Section 7.9. Converting Integers into Binary Strings for Use with RSA | |||||||||||||||||
| Section 7.10. Performing Raw Encryption with an RSA Public Key | |||||||||||||||||
| Section 7.11. Performing Raw Decryption Using an RSA Private Key | |||||||||||||||||
| Section 7.12. Signing Data Using an RSA Private Key | |||||||||||||||||
| Section 7.13. Verifying Signed Data Using an RSA Public Key | |||||||||||||||||
| Section 7.14. Securely Signing and Encrypting with RSA | |||||||||||||||||
| Section 7.15. Using the Digital Signature Algorithm (DSA) | |||||||||||||||||
| Section 7.16. Representing Public Keys and Certificates in Binary (DER Encoding) | |||||||||||||||||
| Section 7.17. Representing Keys and Certificates in Plaintext (PEM Encoding) | |||||||||||||||||
| Chapter 8. Authentication and Key Exchange | |||||||||||||||||
| Section 8.1. Choosing an Authentication Method | |||||||||||||||||
| Section 8.2. Getting User and Group Information on Unix | |||||||||||||||||
| Section 8.3. Getting User and Group Information on Windows | |||||||||||||||||
| Section 8.4. Restricting Access Based on Hostname or IP Address | |||||||||||||||||
| Section 8.5. Generating Random Passwords and Passphrases | |||||||||||||||||
| Section 8.6. Testing the Strength of Passwords | |||||||||||||||||
| Section 8.7. Prompting for a Password | |||||||||||||||||
| Section 8.8. Throttling Failed Authentication Attempts | |||||||||||||||||
| Section 8.9. Performing Password-Based Authentication with crypt( ) | |||||||||||||||||
| Section 8.10. Performing Password-Based Authentication with MD5-MCF | |||||||||||||||||
| Section 8.11. Performing Password-Based Authentication with PBKDF2 | |||||||||||||||||
| Section 8.12. Authenticating with PAM | |||||||||||||||||
| Section 8.13. Authenticating with Kerberos | |||||||||||||||||
| Section 8.14. Authenticating with HTTP Cookies | |||||||||||||||||
| Section 8.15. Performing Password-Based Authentication and Key Exchange | |||||||||||||||||
| Section 8.16. Performing Authenticated Key Exchange Using RSA | |||||||||||||||||
| Section 8.17. Using Basic Diffie-Hellman Key Agreement | |||||||||||||||||
| Section 8.18. Using Diffie-Hellman and DSA Together | |||||||||||||||||
| Section 8.19. Minimizing the Window of Vulnerability When Authenticating Without a PKI | |||||||||||||||||
| Section 8.20. Providing Forward Secrecy in a Symmetric System | |||||||||||||||||
| Section 8.21. Ensuring Forward Secrecy in a Public Key System | |||||||||||||||||
| Section 8.22. Confirming Requests via Email | |||||||||||||||||
| Chapter 9. Networking | |||||||||||||||||
| Section 9.1. Creating an SSL Client | |||||||||||||||||
| Section 9.2. Creating an SSL Server | |||||||||||||||||
| Section 9.3. Using Session Caching to Make SSL Servers More Efficient | |||||||||||||||||
| Section 9.4. Securing Web Communication on Windows Using the WinInet API | |||||||||||||||||
| Section 9.5. Enabling SSL without Modifying Source Code | |||||||||||||||||
| Section 9.6. Using Kerberos Encryption | |||||||||||||||||
| Section 9.7. Performing Interprocess Communication Using Sockets | |||||||||||||||||
| Section 9.8. Performing Authentication with Unix Domain Sockets | |||||||||||||||||
| Section 9.9. Performing Session ID Management | |||||||||||||||||
| Section 9.10. Securing Database Connections | |||||||||||||||||
| Section 9.11. Using a Virtual Private Network to Secure Network Connections | |||||||||||||||||
| Section 9.12. Building an Authenticated Secure Channel Without SSL | |||||||||||||||||
| Chapter 10. Public Key Infrastructure | |||||||||||||||||
| Section 10.1. Understanding Public Key Infrastructure (PKI) | |||||||||||||||||
| Section 10.2. Obtaining a Certificate | |||||||||||||||||
| Section 10.3. Using Root Certificates | |||||||||||||||||
| Section 10.4. Understanding X.509 Certificate Verification Methodology | |||||||||||||||||
| Section 10.5. Performing X.509 Certificate Verification with OpenSSL | |||||||||||||||||
| Section 10.6. Performing X.509 Certificate Verification with CryptoAPI | |||||||||||||||||
| Section 10.7. Verifying an SSL Peer's Certificate | |||||||||||||||||
| Section 10.8. Adding Hostname Checking to Certificate Verification | |||||||||||||||||
| Section 10.9. Using a Whitelist to Verify Certificates | |||||||||||||||||
| Section 10.10. Obtaining Certificate Revocation Lists with OpenSSL | |||||||||||||||||
| Section 10.11. Obtaining CRLs with CryptoAPI | |||||||||||||||||
| Section 10.12. Checking Revocation Status via OCSP with OpenSSL | |||||||||||||||||
| Chapter 11. Random Numbers | |||||||||||||||||
| Section 11.1. Determining What Kind of Random Numbers to Use | |||||||||||||||||
| Section 11.2. Using a Generic API for Randomness and Entropy | |||||||||||||||||
| Section 11.3. Using the Standard Unix Randomness Infrastructure | |||||||||||||||||
| Section 11.4. Using the Standard Windows Randomness Infrastructure | |||||||||||||||||
| Section 11.5. Using an Application-Level Generator | |||||||||||||||||
| Section 11.6. Reseeding a Pseudo-Random Number Generator | |||||||||||||||||
| Section 11.7. Using an Entropy Gathering Daemon-Compatible Solution | |||||||||||||||||
| Section 11.8. Getting Entropy or Pseudo-Randomness Using EGADS | |||||||||||||||||
| Section 11.9. Using the OpenSSL Random Number API | |||||||||||||||||
| Section 11.10. Getting Random Integers | |||||||||||||||||
| Section 11.11. Getting a Random Integer in a Range | |||||||||||||||||
| Section 11.12. Getting a Random Floating-Point Value with Uniform Distribution | |||||||||||||||||
| Section 11.13. Getting Floating-Point Values with Nonuniform Distributions | |||||||||||||||||
| Section 11.14. Getting a Random Printable ASCII String | |||||||||||||||||
| Section 11.15. Shuffling Fairly | |||||||||||||||||
| Section 11.16. Compressing Data with Entropy into a Fixed-Size Seed | |||||||||||||||||
| Section 11.17. Getting Entropy at Startup | |||||||||||||||||
| Section 11.18. Statistically Testing Random Numbers | |||||||||||||||||
| Section 11.19. Performing Entropy Estimation and Management | |||||||||||||||||
| Section 11.20. Gathering Entropy from the Keyboard | |||||||||||||||||
| Section 11.21. Gathering Entropy from Mouse Events on Windows | |||||||||||||||||
| Section 11.22. Gathering Entropy from Thread Timings | |||||||||||||||||
| Section 11.23. Gathering Entropy from System State | |||||||||||||||||
| Chapter 12. Anti-Tampering | |||||||||||||||||
| Section 12.1. Understanding the Problem of Software Protection | |||||||||||||||||
| Section 12.2. Detecting Modification | |||||||||||||||||
| Section 12.3. Obfuscating Code | |||||||||||||||||
| Section 12.4. Performing Bit and Byte Obfuscation | |||||||||||||||||
| Section 12.5. Performing Constant Transforms on Variables | |||||||||||||||||
| Section 12.6. Merging Scalar Variables | |||||||||||||||||
| Section 12.7. Splitting Variables | |||||||||||||||||
| Section 12.8. Disguising Boolean Values | |||||||||||||||||
| Section 12.9. Using Function Pointers | |||||||||||||||||
| Section 12.10. Restructuring Arrays | |||||||||||||||||
| Section 12.11. Hiding Strings | |||||||||||||||||
| Section 12.12. Detecting Debuggers | |||||||||||||||||
| Section 12.13. Detecting Unix Debuggers | |||||||||||||||||
| Section 12.14. Detecting Windows Debuggers | |||||||||||||||||
| Section 12.15. Detecting SoftICE | |||||||||||||||||
| Section 12.16. Countering Disassembly | |||||||||||||||||
| Section 12.17. Using Self-Modifying Code | |||||||||||||||||
| Chapter 13. Other Topics | |||||||||||||||||
| Section 13.1. Performing Error Handling | |||||||||||||||||
| Section 13.2. Erasing Data from Memory Securely | |||||||||||||||||
| Section 13.3. Preventing Memory from Being Paged to Disk | |||||||||||||||||
| Section 13.4. Using Variable Arguments Properly | |||||||||||||||||
| Section 13.5. Performing Proper Signal Handling | |||||||||||||||||
| Section 13.6. Protecting against Shatter Attacks on Windows | |||||||||||||||||
| Section 13.7. Guarding Against Spawning Too Many Threads | |||||||||||||||||
| Section 13.8. Guarding Against Creating Too Many Network Sockets | |||||||||||||||||
| Section 13.9. Guarding Against Resource Starvation Attacks on Unix | |||||||||||||||||
| Section 13.10. Guarding Against Resource Starvation Attacks on Windows | |||||||||||||||||
| Section 13.11. Following Best Practices for Audit Logging | |||||||||||||||||
| Colophon | |||||||||||||||||
| Index | |||||||||||||||||
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
ISBN: 0596003943
EAN: 2147483647
EAN: 2147483647
Year: 2005
Pages: 266
Pages: 266
Authors: John Viega, Matt Messier