Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

packet-writing mode 

padding 

    CBC (Cipher Block Chaining) 

    plaintext, and 

pages 

Paget, Chris 

PAM (Pluggable Authentication Modules) 

    header files for 

    service names, usage of 

    support for 

parallelizing encryption and decryption 

    CTR API 

    in arbitrary modes 

    strategies 

parallelizing MACs 

parent and child processes

    PRNGs, reseeding in 

    using for privilege separation 

passwords

    authentication and key exchange with PAX and SAX 

        initialization 

        server setup 

    authentication with crypt( ) 

    prompting for 

    random generation of 

    symmetric keys, converting to 

    testing for strength 

PATH environment variable  2nd 

paths

    validating 

PAX (Public key Authenticated eXchange)  2nd 

    client side 

    server side 

PBKDF2 (Password-Based Key Derivation Function 2)  2nd 

    MCF encoding for 

    multiple key generation using 

    password verification 

    password-based authentication using 

pc_cipherq_decrypt( ) 

pc_next_varg( ) 

pclose( ) 

PEM (Privacy Enhanced Mail) format 

    BIO object-based functions 

    FILE object-based functions 

    header types 

    OpenSSL-supported encryption algorithms 

PEM_write_RSAPrivateKey( )  2nd 

PEM_writeDSAPrivateKey( ) 

percent (%) 

    in URL encodings 

perfect forward secrecy 

personal certificates 

PKCS #1 

PKCS #5 

    RSA web page 

PKI (public key infrastructure)  2nd  3rd 

    CAs (certification authorities) 

        root certificates and fingerprints 

    certificates  2nd 

        certificate hierarchies  2nd 

        certificate revocation lists  [See CRLs]

        certificate signing requests (CSRs) 

        code-signing certificates 

        key pair 

        obtaining 

        personal certificates 

        precedence of fields 

        purposes 

        revocation 

        self-signed certificates 

        SSL peer certificate verification 

        subjects and issuers 

        term of validity 

        using root certificates 

        verifying 

        web site certificates 

        whitelists, verification against 

        X.509 certificates  [See X.509 certificates]

    distinguished names 

    fingerprints 

        checking 

    hostname checking 

    OCSP (Online Certificate Status Protocol) 

        checking revocation status using OpenSSL 

    RAs (registration authorities) 

    root CA certificate revocation 

    X.509 certificates  [See X.509 certificates]

PKI Laboratory 

platforms

    Unix recipes 

    Windows recipes 

Pluggable Authentication Modules (PAM) 

PMAC 

Polk, Tim 

popen( )

    risks of 

    secure version 

POSIX times( ) function 

_POSIX_MEMLOCK_RANGE macro 

PostgreSQL, enabling SSL support 

PQconnectdb( ) 

precomputation attacks  [See dictionary attacks]

preventing buffer overflows 

preventing cross-site scripting 

preventing file descriptor overflows when using select( ) 

preventing format-string attacks 

preventing integer coercion and wrap-around problems 

preventing SQL injection attacks 

PRFs (pseudo-random functions) 

    HMAC-SHA1, implementation with 

prime numbers, generating 

    randomly 

printenv command (Unix) 

printf( ) 

printf( ) functions family 

priv_init( ) 

Privacy Enhanced Mail  [See PEM]

private CAs 

privilege separation 

privileges

    dropping in setuid programs 

    limiting risks of 

    restricting 

privman library (Unix) 

    functions 

    initialization 

PRNG_output( ) 

PRNGs (pseudo-random number generators)

    application-level generators, using 

    block ciphers, using as 

    cryptographic generators, usable output 

    cryptographic hash functions, using as 

    cryptographic vs. noncryptographic 

    OpenSSL, API in 

    output with identical seeds 

    proper usage of 

    refereed proof of security bounds 

    reseeding 

        compression of entropy-containing data 

        reasons for 

        seed size 

    reseeding in parent and child processes  2nd 

    stream ciphers compared to 

    stream ciphers, using as 

ProPolice 

pseudo-random functions  [See PRFs]

pseudo-random number generators  [See PRNGs]

pthread_cond_broadcast( ) 

pthread_cond_wait( ) 

ptrace debuggers, detecting 

public CAs 

public key cryptography 

    algorithms, selecting 

    BIGNUM  [See BIGNUM library]

    binary representation of public keys and certificates 

    digital signatures 

    DSA (Digital Signature Algorithm) 

    exchange keys 

    forward secrecy, ensuring 

    key exchange 

    key sizes, selecting 

        recommended lengths 

    keys and certificates, representing in plaintext (PEM encoding) 

    manipulating big numbers 

    means to establish trust, lack of 

    OpenSSL, disentangling public and private keys 

    prime numbers, generating or testing 

    Public Key Cryptography Standard #5 

    RSA  [See RSA algorithm]

    speed 

    third-party validation of public keys  2nd 

    uses for 

public key infrastructure  [See PKI]

PulseEvent( ) 

putenv( )  2nd 

    environment variables and 

pw_name 

pw_uid 

pwd.h file 

Related

Категории