Secure Programming Cookbook for C and C++

Recipes for Cryptography, Authentication, Input Validation & More

Larger Cover

Recipes for Cryptography, Authentication, Input Validation & More

By John Viega, Matt Messier

Publisher: O'Reilly Media

Released: July 2003

Pages: 792

Password sniffing, spoofing, buffer overflows, and denial of service: these are only a few of the attacks on today's computer systems and networks. At the root of this epidemic is poorly written, poorly tested, and insecure code that puts everyone at risk. Clearly, today's developers need help figuring out how to write code that attackers won't be able to exploit. But writing such code is surprisingly difficult.

Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code. It contains a wealth of solutions to problems faced by those who care about the security of their applications. It covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering. The rich set of code samples provided in the book's more than 200 recipes will help programmers secure the C and C++ programs they write for both Unix® (including Linux®) and Windows® environments. Readers will learn:

How to avoid common programming errors, such as buffer overflows, race conditions, and format string problems
How to properly SSL-enable applications
How to create secure channels for client-server communication without SSL
How to integrate Public Key Infrastructure (PKI) into applications
Best practices for using cryptography properly
Techniques and strategies for properly validating input to programs
How to launch programs securely
How to use file access mechanisms properly
Techniques for protecting applications from reverse engineering

The book's web site supplements the book by providing a place to post new recipes, including those written in additional languages like Perl, Java, and Python. Monthly prizes will reward the best recipes submitted by readers.

Secure Programming Cookbook for C and C++ is destined to become an essential part of any developer's library, a code companion developers will turn to again and again as they seek to protect their systems from attackers and reduce the risks they face in today's dangerous world.

Chapter 1 Safe Initialization
1. Sanitizing the Environment
2. Restricting Privileges on Windows
3. Dropping Privileges in setuid Programs
4. Limiting Risk with Privilege Separation
5. Managing File Descriptors Safely
6. Creating a Child Process Securely
7. Executing External Programs Securely
8. Executing External Programs Securely
9. Disabling Memory Dumps in the Event of a Crash
Chapter 2 Access Control
1. Understanding the Unix Access Control Model
2. Understanding the Windows Access Control Model
3. Determining Whether a User Has Access to a File on Unix
4. Determining Whether a Directory Is Secure
5. Erasing Files Securely
6. Accessing File Information Securely
7. Restricting Access Permissions for New Files on Unix
8. Locking Files
9. Synchronizing Resource Access Across Processes on Unix
10. Synchronizing Resource Access Across Processes on Windows
11. Creating Files for Temporary Use
12. Restricting Filesystem Access on Unix
13. Restricting Filesystem and Network Access on FreeBSD
Chapter 3 Input Validation
1. Understanding Basic Data Validation Techniques
2. Preventing Attacks on Formatting Functions
3. Preventing Buffer Overflows
4. Using the SafeStr Library
5. Preventing Integer Coercion and Wrap-Around Problems
6. Using Environment Variables Securely
7. Validating Filenames and Paths
8. Evaluating URL Encodings
9. Validating Email Addresses
10. Preventing Cross-Site Scripting
11. Preventing SQL Injection Attacks
12. Detecting Illegal UTF-8 Characters
13. Preventing File Descriptor Overflows When Using select( )
Chapter 4 Symmetric Cryptography Fundamentals
1. Representing Keys for Use in Cryptographic Algorithms
2. Generating Random Symmetric Keys
3. Representing Binary Keys (or Other Raw Data) as Hexadecimal
4. Turning ASCII Hex Keys (or Other ASCII Hex Data) into Binary
5. Performing Base64 Encoding
6. Performing Base64 Decoding
7. Representing Keys (or Other Binary Data) as English Text
8. Converting Text Keys to Binary Keys
9. Using Salts, Nonces, and Initialization Vectors
10. Deriving Symmetric Keys from a Password
11. Algorithmically Generating Symmetric Keys from One Base Secret
12. Encrypting in a Single Reduced Character Set
13. Managing Key Material Securely
14. Timing Cryptographic Primitives
Chapter 5 Symmetric Encryption
1. Deciding Whether to Use Multiple Encryption Algorithms
2. Figuring Out Which Encryption Algorithm Is Best
3. Selecting an Appropriate Key Length
4. Selecting a Cipher Mode
5. Using a Raw Block Cipher
6. Using a Generic CBC Mode Implementation
7. Using a Generic CFB Mode Implementation
8. Using a Generic OFB Mode Implementation
9. Using a Generic CTR Mode Implementation
10. Using CWC Mode
11. Manually Adding and Checking Cipher Padding
12. Precomputing Keystream in OFB, CTR, CCM, or CWC Modes (or with Stream Ciphers)
13. Parallelizing Encryption and Decryption in Modes That Allow It (Without Breaking Compatibility)
14. Parallelizing Encryption and Decryption in Arbitrary Modes (Breaking Compatibility)
15. Performing File or Disk Encryption
16. Using a High-Level, Error-Resistant Encryption and Decryption API
17. Performing Block Cipher Setup (for CBC, CFB, OFB, and ECB Modes) in OpenSSL
18. Using Variable Key-Length Ciphers in OpenSSL
19. Disabling Cipher Padding in OpenSSL in CBC Mode
20. Performing Additional Cipher Setup in OpenSSL
21. Querying Cipher Configuration Properties in OpenSSL
22. Performing Low-Level Encryption and Decryption with OpenSSL
23. Setting Up and Using RC4
24. Using One-Time Pads
25. Using Symmetric Encryption with Microsoft's CryptoAPI
26. Creating a CryptoAPI Key Object from Raw Key Data
27. Extracting Raw Key Data from a CryptoAPI Key Object
Chapter 6 Hashes and Message Authentication
1. Understanding the Basics of Hashes and MACs
2. Deciding Whether to Support Multiple Message Digests or MACs
3. Choosing a Cryptographic Hash Algorithm
4. Choosing a Message Authentication Code
5. Incrementally Hashing Data
6. Hashing a Single String
7. Using a Cryptographic Hash
8. Using a Nonce to Protect Against Birthday Attacks
9. Checking Message Integrity
10. Using HMAC
11. Using OMAC (a Simple Block Cipher-Based MAC)
12. Using HMAC or OMAC with a Nonce
13. Using a MAC That's Reasonably Fast in Software and Hardware
14. Using a MAC That's Optimized for Software Speed
15. Constructing a Hash Function from a Block Cipher
16. Using a Block Cipher to Build a Full-Strength Hash Function
17. Using Smaller MAC Tags
18. Making Encryption and Message Integrity Work Together
19. Making Your Own MAC
20. Encrypting with a Hash Function
21. Securely Authenticating a MAC (Thwarting Capture Replay Attacks)
22. Parallelizing MACs
Chapter 7 Public Key Cryptography
1. Determining When to Use Public Key Cryptography
2. Selecting a Public Key Algorithm
3. Selecting Public Key Sizes
4. Manipulating Big Numbers
5. Generating a Prime Number (Testing for Primality)
6. Generating an RSA Key Pair
7. Disentangling the Public and Private Keys in OpenSSL
8. Converting Binary Strings to Integers for Use with RSA
9. Converting Integers into Binary Strings for Use with RSA
10. Performing Raw Encryption with an RSA Public Key
11. Performing Raw Decryption Using an RSA Private Key
12. Signing Data Using an RSA Private Key
13. Verifying Signed Data Using an RSA Public Key
14. Securely Signing and Encrypting with RSA
15. Using the Digital Signature Algorithm (DSA)
16. Representing Public Keys and Certificates in Binary (DER Encoding)
17. Representing Keys and Certificates in Plaintext (PEM Encoding)
Chapter 8 Authentication and Key Exchange
1. Choosing an Authentication Method
2. Getting User and Group Information on Unix
3. Getting User and Group Information on Windows
4. Restricting Access Based on Hostname or IP Address
5. Generating Random Passwords and Passphrases
6. Testing the Strength of Passwords
7. Prompting for a Password
8. Throttling Failed Authentication Attempts
9. Performing Password-Based Authentication with crypt( )
10. Performing Password-Based Authentication with MD5-MCF
11. Performing Password-Based Authentication with PBKDF2
12. Authenticating with PAM
13. Authenticating with Kerberos
14. Authenticating with HTTP Cookies
15. Performing Password-Based Authentication and Key Exchange
16. Performing Authenticated Key Exchange Using RSA
17. Using Basic Diffie-Hellman Key Agreement
18. Using Diffie-Hellman and DSA Together
19. Minimizing the Window of Vulnerability When Authenticating Without a PKI
20. Providing Forward Secrecy in a Symmetric System
21. Ensuring Forward Secrecy in a Public Key System
22. Confirming Requests via Email
Chapter 9 Networking
1. Creating an SSL Client
2. Creating an SSL Server
3. Using Session Caching to Make SSL Servers More Efficient
4. Securing Web Communication on Windows Using the WinInet API
5. Enabling SSL without Modifying Source Code
6. Using Kerberos Encryption
7. Performing Interprocess Communication Using Sockets
8. Performing Authentication with Unix Domain Sockets
9. Performing Session ID Management
10. Securing Database Connections
11. Using a Virtual Private Network to Secure Network Connections
12. Building an Authenticated Secure Channel Without SSL
Chapter 10 Public Key Infrastructure
1. Understanding Public Key Infrastructure (PKI)
2. Obtaining a Certificate
3. Using Root Certificates
4. Understanding X.509 Certificate Verification Methodology
5. Performing X.509 Certificate Verification with OpenSSL
6. Performing X.509 Certificate Verification with CryptoAPI
7. Verifying an SSL Peer's Certificate
8. Adding Hostname Checking to Certificate Verification
9. Using a Whitelist to Verify Certificates
10. Obtaining Certificate Revocation Lists with OpenSSL
11. Obtaining CRLs with CryptoAPI
12. Checking Revocation Status via OCSP with OpenSSL
Chapter 11 Random Numbers
1. Determining What Kind of Random Numbers to Use
2. Using a Generic API for Randomness and Entropy
3. Using the Standard Unix Randomness Infrastructure
4. Using the Standard Windows Randomness Infrastructure
5. Using an Application-Level Generator
6. Reseeding a Pseudo-Random Number Generator
7. Using an Entropy Gathering Daemon-Compatible Solution
8. Getting Entropy or Pseudo-Randomness Using EGADS
9. Using the OpenSSL Random Number API
10. Getting Random Integers
11. Getting a Random Integer in a Range
12. Getting a Random Floating-Point Value with Uniform Distribution
13. Getting Floating-Point Values with Nonuniform Distributions
14. Getting a Random Printable ASCII String
15. Shuffling Fairly
16. Compressing Data with Entropy into a Fixed-Size Seed
17. Getting Entropy at Startup
18. Statistically Testing Random Numbers
19. Performing Entropy Estimation and Management
20. Gathering Entropy from the Keyboard
21. Gathering Entropy from Mouse Events on Windows
22. Gathering Entropy from Thread Timings
23. Gathering Entropy from System State
Chapter 12 Anti-Tampering
1. Understanding the Problem of Software Protection
2. Detecting Modification
3. Obfuscating Code
4. Performing Bit and Byte Obfuscation
5. Performing Constant Transforms on Variables
6. Merging Scalar Variables
7. Splitting Variables
8. Disguising Boolean Values
9. Using Function Pointers
10. Restructuring Arrays
11. Hiding Strings
12. Detecting Debuggers
13. Detecting Unix Debuggers
14. Detecting Windows Debuggers
15. Detecting SoftICE
16. Countering Disassembly
17. Using Self-Modifying Code
Chapter 13 Other Topics
1. Performing Error Handling
2. Erasing Data from Memory Securely
3. Preventing Memory from Being Paged to Disk
4. Using Variable Arguments Properly
5. Performing Proper Signal Handling
6. Protecting against Shatter Attacks on Windows
7. Guarding Against Spawning Too Many Threads
8. Guarding Against Creating Too Many Network Sockets
9. Guarding Against Resource Starvation Attacks on Unix
10. Guarding Against Resource Starvation Attacks on Windows
11. Following Best Practices for Audit Logging

Colophon

Title:

Secure Programming Cookbook for C and C++

By:

John Viega, Matt Messier

Publisher:

O'Reilly Media

Formats:

Print
Ebook
Safari Books Online

Print:

July 2003

Ebook:

February 2009

Pages:

792

Print ISBN:

978-0-596-00394-4

| ISBN 10:

0-596-00394-3

Ebook ISBN:

978-0-596-10389-7

| ISBN 10:

0-596-10389-1

John Viega

John Viega, Founder and Chief Scientist of Secure Software (www.securesoftware.com), is a well-known security expert, and coauthor of Building Secure Software (Addison-Wesley) and Network Security with OpenSSL (O'Reilly). John is responsible for numerous software security tools, and is the original author of Mailman, the GNU mailing list manager. He holds a B.A. and M.S. in Computer Science from the University of Virginia. Mr. Viega is also an Adjunct Professor of Computer Science at Virginia Tech (Blacksburg, VA) and a Senior Policy Researcher at the Cyberspace Policy Institute, and he serves on the Technical Advisory Board for the Open Web Applications Security Project. He also founded a Washington, D.C. area security interest group that conducts monthly lectures presented by leading experts in the field. He is the author or coauthor of nearly 80 technical publications, including numerous refereed research papers and trade articles.

View John Viega's full profile page.
Matt Messier

Matt Messier, Director of Engineering at Secure Software, is a security authority who has been programming for nearly two decades. Besides coauthoring Network Security with OpenSSL, Matt coauthored the Safe C String Library, RATS, and EGADS, an Entropy Gathering and Distribution System used for securely seeding pseudo-random number generators. Prior to joining Secure Software, Matt worked for IBM and Lotus, on source and assembly level debugging techniques, and operating system concepts.

View Matt Messier's full profile page.

Colophon

Our look is the result of reader comments, our own experimentation, and feedback from distribution channels. Distinctive covers complement our distinctive approach to technical topics, breathing personality and life into potentially dry subjects. The animal on the cover of Secure Programming Cookbook for C and C++ is a crested porcupine. Crested porcupines (Hystrix cristata) are the largest porcupines on earth. Adults can weigh as much as 50 pounds, and their average length is between 25 and 30 inches. They have been known to live over 20 years while in captivity.

The crested porcupine is covered with black bristly fur. But running down the top of its head and neck is a crest of white bristly hairs that give way to an array of black and white spines that cover the animal's back, sides, and short tail. The short spines on the tail are hollow, which makes them rattle when shaken.

Highly adaptable creatures, crested porcupines can live in forests, plantations, rocky or mountainous areas, as well as deserts. They are found in Italy, Sicily, and along the Mediterranean coast of Africa as far south as Tanzania and northern Congo. They they shelter in caves, rock crevices, aardvark holes, or burrows they dig themselves. These burrows are often extensive and can be used for many years.

Crested porcupines live in monogamous pairs and form family groups sharing complex burrows. They are nocturnal and forage at night, moving along tracks or roads. They will often travel up to nine miles per night in search of food. They primarily eat roots, bark, and fallen fruit, but have a fondness, too, for cultivated root crops such as cassava, potatoes, and carrots. Although they are vegetarians, porcupine burrows are often littered with bones. They gnaw on the bones to sharpen their incisor teeth and to obtain calcium.

At birth, crested porcupines weigh only three percent of their mother's weight. When born, the young porcupine's quills are white and soft, although they start to become hard within hours. Their eyes are open and incisors are already crowning shortly after birth. After only one week, their spines begin to harden and, although small, they leave the nest.

When threatened, the crested porcupine raises and fans its quills to create the illusion of greater size. The crested porcupine will then stamp its feet, click its teeth, and growl or hiss while vibrating specialized quills that produce a characteristic rattle. The "rattle quills" on the end of the tail are hollow and open at the end, thus producing the most noise. If an enemy persists, the porcupine runs backward until it rams its attacker. Such attacks have been known to kill lions, leopards, hyenas, and humans-- and these predators have often been found with porcupine quills lodged in their throats. New quills grow in to replace lost ones.

Porcupine quills have long been a favorite ornament and good luck charm in Africa. The hollow rattle quills serve as musical instruments and were once used as containers for gold dust. Darren Kelly was the production editor, and Leanne Soylemez was the copyeditor for Secure Programming Cookbook for C and C++. Derek Di Matteo, Reg Aubry, Claire Cloutier, and Jane Ellin provided quality control. John Bickelhaupt wrote the index. Jamie Peppard, Reg Aubry, Judy Hoer, and Mary Agner provided production support.

Emma Colby designed the cover of this book, based on a series design by Edie Freedman. The cover image is a 19th-century engraving from the Dover Pictorial Archive. Emma Colby produced the cover layout with QuarkXPress 4.1 using Adobe's ITC Garamond font.

David Futato designed the interior layout. This book was converted by Joe Wizda to FrameMaker 5.5.6 with a format conversion tool created by Erik Ray, Jason McIntosh, Neil Walls, and Mike Sierra, which uses Perl and XML technologies. The text font is Linotype Birka; the heading font is Adobe Myriad Condensed; and the code font is LucasFont's TheSans Mono Condensed. The illustrations that appear in the book were produced by Robert Romano and Jessamyn Read using Macromedia Free-Hand 9 and Adobe Photoshop 6. The tip and warning icons were drawn by Christopher Bing. This colophon was written by Darren Kelly.

Description

Table of Contents

Product Details

About the Author

Colophon

Recommended for You

Recently Viewed

Linux Security Cookbook

By Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes

June 2003

Ebook: $31.99

Print & Ebook: $43.99

Print: $39.99

Essential Blogging

Selecting and Using Weblog Tools

By Cory Doctorow, Rael Dornfest, Scott Johnson, Shelley Powers, Benjamin Trott, Mena G. Trott

August 2002

Print: $39.99

Java Extreme Programming Cookbook

By Eric M. Burke, Brian M. Coyner

March 2003

Print: $34.95

Customer Reviews

REVIEW SNAPSHOT®

by PowerReviews

oreilly Secure Programming Cookbook for C and C++

5.0

(based on 3 reviews)

Reviews

Reviewed by 3 customers

Sort by

Displaying reviews 1-3

1/7/2007

(2 of 2 customers found this review helpful)

5.0

Packed with useful information

By mdh

from Undisclosed

Comments about oreilly Secure Programming Cookbook for C and C++:

Some years later, this is still one of the best books I've ever purchased, along with the first revision of the Camel Book which got me well on my way to competently pumping out decent Perl code, this book really helped me get a footing with regard to writing competent encryption code using OpenSSL. Most common tasks you'll need to perform using SSL are covered, and that's only about 1/3 of the book's content. It also delves rather deeply into lower level cryptographic development as well as other security solutions for C programmers.

It goes beyond just programming, too. In terms and code examples that a competent C programmer can understand, it makes clear just what the myriad acronyms you'll run into while working with encryption code, how they function, how they interact to create code that provides a given amount of security and trust, and most importantly how to implement them in a way that your needs are met.

If you are a C programmer, you should read and have this book around. If you write code that deals with user input, authentication, cryptographic, or network communications, it's practically a must.

I'm hoping for a second edition some time. Some coverage of code auditing tools might be interesting, that field has developed a lot over the past years since this book was released. OpenSSL has progressed a bunch, too, and some more in-depth specifics (such as web functionality, maybe even coverage of common GUI toolkits like GTK, Qt, etc) would be just wonderful, as well.

C is far from dead. I've been using C for the past 11 years, and it's still the language I use more than any other.

9/22/2006

(1 of 1 customers found this review helpful)

5.0

Good and hard core

By Anonymous

from Undisclosed

Comments about oreilly Secure Programming Cookbook for C and C++:

Although the code examples are written in C, if you are a serious programmer in C/C++ or Java, the recipes in this book offer very valuable information now how to write not only secure programs, but good programs. I have seen many run-of-the-mill programs that are written without the least security concept (How many time have you encountered a program that needs to write to a system folder for no apparent reason, thus requiring the end-user to have unnecssary elevated rights on the system folder?)

8/4/2003

(1 of 1 customers found this review helpful)

5.0

Secure Programming Cookbook for C and C++ Review

By netmask

from Undisclosed

Comments about oreilly Secure Programming Cookbook for C and C++:

I hadn't anticipated the heavy amount of crypto related chapters in this book. I honestly had only read about the input validation, avoiding overflows, and access control portions. It turns out it covers those areas plus a wide range of crypto related code. It goes over the fundamentals of Symmetric Crypto in great detail, from simple base64 encoding to parallelizing Encryption and decryption in arbitrary modes. All of the crypto related portions of this book are very clear. I highly recommend this book if you are doing any kind of crypto, whether it's simply encrypting a password, a file, or setting up a socket based secure communication tunnel.

The Networking chapter is a very good reference section for creating SSL clients and servers, as well as using kerberos or securing your connections to your database. There is almost 80 pages of information related to generating random numbers and data from using /dev/random to gathering entropy from Mouse Evens on Win32.

The one chapter I didn't expect to see here that was quite good was Chapter 12, Anti-Tampering. This chapter goes over obfuscating your code, detecting binary modifications, disguising boolean values, etc. It even shows you how to detect SoftICE and other debuggers, which can be useful for attempting to block people from cracking your commercial software. Although, I believe all attempts end up being rather futile when someone is determined enough.

This book really is a must for anyone who is programming. If not just for the basics of protecting yourself from overflows and validating input and environment variables, than definitely for the extremely well written sections on crypto. This book has earned a permanent spot next to K&R and UNP on my desk.

Displaying reviews 1-3

Save a Tree - Go Digital what is this?

Ebook: $59.99

Formats: APK, DAISY, ePub, Mobi, PDF

Print & Ebook: $82.49

Print: $74.99

Safari Books Online - Read now >

Chapter 1 Safe Initialization

Sanitizing the Environment

Restricting Privileges on Windows

Dropping Privileges in setuid Programs

Limiting Risk with Privilege Separation

Managing File Descriptors Safely

Creating a Child Process Securely

Executing External Programs Securely

Executing External Programs Securely

Disabling Memory Dumps in the Event of a Crash

Chapter 2 Access Control

Understanding the Unix Access Control Model

Understanding the Windows Access Control Model

Determining Whether a User Has Access to a File on Unix

Determining Whether a Directory Is Secure

Erasing Files Securely

Accessing File Information Securely

Restricting Access Permissions for New Files on Unix

Locking Files

Synchronizing Resource Access Across Processes on Unix

Synchronizing Resource Access Across Processes on Windows

Creating Files for Temporary Use

Restricting Filesystem Access on Unix

Restricting Filesystem and Network Access on FreeBSD

Chapter 3 Input Validation

Understanding Basic Data Validation Techniques

Preventing Attacks on Formatting Functions

Preventing Buffer Overflows

Using the SafeStr Library

Preventing Integer Coercion and Wrap-Around Problems

Using Environment Variables Securely

Validating Filenames and Paths

Evaluating URL Encodings

Validating Email Addresses

Preventing Cross-Site Scripting

Preventing SQL Injection Attacks

Detecting Illegal UTF-8 Characters

Preventing File Descriptor Overflows When Using select( )

Chapter 4 Symmetric Cryptography Fundamentals

Representing Keys for Use in Cryptographic Algorithms

Generating Random Symmetric Keys

Representing Binary Keys (or Other Raw Data) as Hexadecimal

Turning ASCII Hex Keys (or Other ASCII Hex Data) into Binary

Performing Base64 Encoding

Performing Base64 Decoding

Representing Keys (or Other Binary Data) as English Text

Converting Text Keys to Binary Keys

Using Salts, Nonces, and Initialization Vectors

Deriving Symmetric Keys from a Password

Algorithmically Generating Symmetric Keys from One Base Secret

Encrypting in a Single Reduced Character Set

Managing Key Material Securely

Timing Cryptographic Primitives

Chapter 5 Symmetric Encryption

Deciding Whether to Use Multiple Encryption Algorithms

Figuring Out Which Encryption Algorithm Is Best

Selecting an Appropriate Key Length

Selecting a Cipher Mode

Using a Raw Block Cipher

Using a Generic CBC Mode Implementation

Using a Generic CFB Mode Implementation

Using a Generic OFB Mode Implementation

Using a Generic CTR Mode Implementation

Using CWC Mode

Manually Adding and Checking Cipher Padding

Precomputing Keystream in OFB, CTR, CCM, or CWC Modes (or with Stream Ciphers)

Parallelizing Encryption and Decryption in Modes That Allow It (Without Breaking Compatibility)

Parallelizing Encryption and Decryption in Arbitrary Modes (Breaking Compatibility)

Performing File or Disk Encryption

Using a High-Level, Error-Resistant Encryption and Decryption API

Performing Block Cipher Setup (for CBC, CFB, OFB, and ECB Modes) in OpenSSL

Using Variable Key-Length Ciphers in OpenSSL

Disabling Cipher Padding in OpenSSL in CBC Mode

Performing Additional Cipher Setup in OpenSSL

Querying Cipher Configuration Properties in OpenSSL

Performing Low-Level Encryption and Decryption with OpenSSL

Setting Up and Using RC4

Using One-Time Pads

Using Symmetric Encryption with Microsoft's CryptoAPI

Creating a CryptoAPI Key Object from Raw Key Data