Table of Contents

Foreword; Preface; More Than Just a Book; We Can't Do It All; Organization of This Book; Recipe Compatibility; Conventions Used in This Book; Comments and Questions; Acknowledgments; Chapter 1: Safe Initialization; 1.1 Sanitizing the Environment; 1.2 Restricting Privileges on Windows; 1.3 Dropping Privileges in setuid Programs; 1.4 Limiting Risk with Privilege Separation; 1.5 Managing File Descriptors Safely; 1.6 Creating a Child Process Securely; 1.7 Executing External Programs Securely; 1.8 Executing External Programs Securely; 1.9 Disabling Memory Dumps in the Event of a Crash; Chapter 2: Access Control; 2.1 Understanding the Unix Access Control Model; 2.2 Understanding the Windows Access Control Model; 2.3 Determining Whether a User Has Access to a File on Unix; 2.4 Determining Whether a Directory Is Secure; 2.5 Erasing Files Securely; 2.6 Accessing File Information Securely; 2.7 Restricting Access Permissions for New Files on Unix; 2.8 Locking Files; 2.9 Synchronizing Resource Access Across Processes on Unix; 2.10 Synchronizing Resource Access Across Processes on Windows; 2.11 Creating Files for Temporary Use; 2.12 Restricting Filesystem Access on Unix; 2.13 Restricting Filesystem and Network Access on FreeBSD; Chapter 3: Input Validation; 3.1 Understanding Basic Data Validation Techniques; 3.2 Preventing Attacks on Formatting Functions; 3.3 Preventing Buffer Overflows; 3.4 Using the SafeStr Library; 3.5 Preventing Integer Coercion and Wrap-Around Problems; 3.6 Using Environment Variables Securely; 3.7 Validating Filenames and Paths; 3.8 Evaluating URL Encodings; 3.9 Validating Email Addresses; 3.10 Preventing Cross-Site Scripting; 3.11 Preventing SQL Injection Attacks; 3.12 Detecting Illegal UTF-8 Characters; 3.13 Preventing File Descriptor Overflows When Using select(); Chapter 4: Symmetric Cryptography Fundamentals; 4.1 Representing Keys for Use in Cryptographic Algorithms; 4.2 Generating Random Symmetric Keys; 4.3 Representing Binary Keys (or Other Raw Data) as Hexadecimal; 4.4 Turning ASCII Hex Keys (or Other ASCII Hex Data) into Binary; 4.5 Performing Base64 Encoding; 4.6 Performing Base64 Decoding; 4.7 Representing Keys (or Other Binary Data) as English Text; 4.8 Converting Text Keys to Binary Keys; 4.9 Using Salts, Nonces, and Initialization Vectors; 4.10 Deriving Symmetric Keys from a Password; 4.11 Algorithmically Generating Symmetric Keys from One Base Secret; 4.12 Encrypting in a Single Reduced Character Set; 4.13 Managing Key Material Securely; 4.14 Timing Cryptographic Primitives; Chapter 5: Symmetric Encryption; 5.1 Deciding Whether to Use Multiple Encryption Algorithms; 5.2 Figuring Out Which Encryption Algorithm Is Best; 5.3 Selecting an Appropriate Key Length; 5.4 Selecting a Cipher Mode; 5.5 Using a Raw Block Cipher; 5.6 Using a Generic CBC Mode Implementation; 5.7 Using a Generic CFB Mode Implementation; 5.8 Using a Generic OFB Mode Implementation; 5.9 Using a Generic CTR Mode Implementation; 5.10 Using CWC Mode; 5.11 Manually Adding and Checking Cipher Padding; 5.12 Precomputing Keystream in OFB, CTR, CCM, or CWC Modes (or with Stream Ciphers); 5.13 Parallelizing Encryption and Decryption in Modes That Allow It (Without Breaking Compatibility); 5.14 Parallelizing Encryption and Decryption in Arbitrary Modes (Breaking Compatibility); 5.15 Performing File or Disk Encryption; 5.16 Using a High-Level, Error-Resistant Encryption and Decryption API; 5.17 Performing Block Cipher Setup (for CBC, CFB, OFB, and ECB Modes) in OpenSSL; 5.18 Using Variable Key-Length Ciphers in OpenSSL; 5.19 Disabling Cipher Padding in OpenSSL in CBC Mode; 5.20 Performing Additional Cipher Setup in OpenSSL; 5.21 Querying Cipher Configuration Properties in OpenSSL; 5.22 Performing Low-Level Encryption and Decryption with OpenSSL; 5.23 Setting Up and Using RC4; 5.24 Using One-Time Pads; 5.25 Using Symmetric Encryption with Microsoft's CryptoAPI; 5.26 Creating a CryptoAPI Key Object from Raw Key Data; 5.27 Extracting Raw Key Data from a CryptoAPI Key Object; Chapter 6: Hashes and Message Authentication; 6.1 Understanding the Basics of Hashes and MACs; 6.2 Deciding Whether to Support Multiple Message Digests or MACs; 6.3 Choosing a Cryptographic Hash Algorithm; 6.4 Choosing a Message Authentication Code; 6.5 Incrementally Hashing Data; 6.6 Hashing a Single String; 6.7 Using a Cryptographic Hash; 6.8 Using a Nonce to Protect Against Birthday Attacks; 6.9 Checking Message Integrity; 6.10 Using HMAC; 6.11 Using OMAC (a Simple Block Cipher-Based MAC); 6.12 Using HMAC or OMAC with a Nonce; 6.13 Using a MAC That's Reasonably Fast in Software and Hardware; 6.14 Using a MAC That's Optimized for Software Speed; 6.15 Constructing a Hash Function from a Block Cipher; 6.16 Using a Block Cipher to Build a Full-Strength Hash Function; 6.17 Using Smaller MAC Tags; 6.18 Making Encryption and Message Integrity Work Together; 6.19 Making Your Own MAC; 6.20 Encrypting with a Hash Function; 6.21 Securely Authenticating a MAC (Thwarting Capture Replay Attacks); 6.22 Parallelizing MACs; Chapter 7: Public Key Cryptography; 7.1 Determining When to Use Public Key Cryptography; 7.2 Selecting a Public Key Algorithm; 7.3 Selecting Public Key Sizes; 7.4 Manipulating Big Numbers; 7.5 Generating a Prime Number (Testing for Primality); 7.6 Generating an RSA Key Pair; 7.7 Disentangling the Public and Private Keys in OpenSSL; 7.8 Converting Binary Strings to Integers for Use with RSA; 7.9 Converting Integers into Binary Strings for Use with RSA; 7.10 Performing Raw Encryption with an RSA Public Key; 7.11 Performing Raw Decryption Using an RSA Private Key; 7.12 Signing Data Using an RSA Private Key; 7.13 Verifying Signed Data Using an RSA Public Key; 7.14 Securely Signing and Encrypting with RSA; 7.15 Using the Digital Signature Algorithm (DSA); 7.16 Representing Public Keys and Certificates in Binary (DER Encoding); 7.17 Representing Keys and Certificates in Plaintext (PEM Encoding); Chapter 8: Authentication and Key Exchange; 8.1 Choosing an Authentication Method; 8.2 Getting User and Group Information on Unix; 8.3 Getting User and Group Information on Windows; 8.4 Restricting Access Based on Hostname or IP Address; 8.5 Generating Random Passwords and Passphrases; 8.6 Testing the Strength of Passwords; 8.7 Prompting for a Password; 8.8 Throttling Failed Authentication Attempts; 8.9 Performing Password-Based Authentication with crypt(); 8.10 Performing Password-Based Authentication with MD5-MCF; 8.11 Performing Password-Based Authentication with PBKDF2; 8.12 Authenticating with PAM; 8.13 Authenticating with Kerberos; 8.14 Authenticating with HTTP Cookies; 8.15 Performing Password-Based Authentication and Key Exchange; 8.16 Performing Authenticated Key Exchange Using RSA; 8.17 Using Basic Diffie-Hellman Key Agreement; 8.18 Using Diffie-Hellman and DSA Together; 8.19 Minimizing the Window of Vulnerability When Authenticating Without a PKI; 8.20 Providing Forward Secrecy in a Symmetric System; 8.21 Ensuring Forward Secrecy in a Public Key System; 8.22 Confirming Requests via Email; Chapter 9: Networking; 9.1 Creating an SSL Client; 9.2 Creating an SSL Server; 9.3 Using Session Caching to Make SSL Servers More Efficient; 9.4 Securing Web Communication on Windows Using the WinInet API; 9.5 Enabling SSL without Modifying Source Code; 9.6 Using Kerberos Encryption; 9.7 Performing Interprocess Communication Using Sockets; 9.8 Performing Authentication with Unix Domain Sockets; 9.9 Performing Session ID Management; 9.10 Securing Database Connections; 9.11 Using a Virtual Private Network to Secure Network Connections; 9.12 Building an Authenticated Secure Channel Without SSL; Chapter 10: Public Key Infrastructure; 10.1 Understanding Public Key Infrastructure (PKI); 10.2 Obtaining a Certificate; 10.3 Using Root Certificates; 10.4 Understanding X.509 Certificate Verification Methodology; 10.5 Performing X.509 Certificate Verification with OpenSSL; 10.6 Performing X.509 Certificate Verification with CryptoAPI; 10.7 Verifying an SSL Peer's Certificate; 10.8 Adding Hostname Checking to Certificate Verification; 10.9 Using a Whitelist to Verify Certificates; 10.10 Obtaining Certificate Revocation Lists with OpenSSL; 10.11 Obtaining CRLs with CryptoAPI; 10.12 Checking Revocation Status via OCSP with OpenSSL; Chapter 11: Random Numbers; 11.1 Determining What Kind of Random Numbers to Use; 11.2 Using a Generic API for Randomness and Entropy; 11.3 Using the Standard Unix Randomness Infrastructure; 11.4 Using the Standard Windows Randomness Infrastructure; 11.5 Using an Application-Level Generator; 11.6 Reseeding a Pseudo-Random Number Generator; 11.7 Using an Entropy Gathering Daemon-Compatible Solution; 11.8 Getting Entropy or Pseudo-Randomness Using EGADS; 11.9 Using the OpenSSL Random Number API; 11.10 Getting Random Integers; 11.11 Getting a Random Integer in a Range; 11.12 Getting a Random Floating-Point Value with Uniform Distribution; 11.13 Getting Floating-Point Values with Nonuniform Distributions; 11.14 Getting a Random Printable ASCII String; 11.15 Shuffling Fairly; 11.16 Compressing Data with Entropy into a Fixed-Size Seed; 11.17 Getting Entropy at Startup; 11.18 Statistically Testing Random Numbers; 11.19 Performing Entropy Estimation and Management; 11.20 Gathering Entropy from the Keyboard; 11.21 Gathering Entropy from Mouse Events on Windows; 11.22 Gathering Entropy from Thread Timings; 11.23 Gathering Entropy from System State; Chapter 12: Anti-Tampering; 12.1 Understanding the Problem of Software Protection; 12.2 Detecting Modification; 12.3 Obfuscating Code; 12.4 Performing Bit and Byte Obfuscation; 12.5 Performing Constant Transforms on Variables; 12.6 Merging Scalar Variables; 12.7 Splitting Variables; 12.8 Disguising Boolean Values; 12.9 Using Function Pointers; 12.10 Restructuring Arrays; 12.11 Hiding Strings; 12.12 Detecting Debuggers; 12.13 Detecting Unix Debuggers; 12.14 Detecting Windows Debuggers; 12.15 Detecting SoftICE; 12.16 Countering Disassembly; 12.17 Using Self-Modifying Code; Chapter 13: Other Topics; 13.1 Performing Error Handling; 13.2 Erasing Data from Memory Securely; 13.3 Preventing Memory from Being Paged to Disk; 13.4 Using Variable Arguments Properly; 13.5 Performing Proper Signal Handling; 13.6 Protecting against Shatter Attacks on Windows; 13.7 Guarding Against Spawning Too Many Threads; 13.8 Guarding Against Creating Too Many Network Sockets; 13.9 Guarding Against Resource Starvation Attacks on Unix; 13.10 Guarding Against Resource Starvation Attacks on Windows; 13.11 Following Best Practices for Audit Logging; Colophon;