- CBOR
- RFC 7049 Concise Binary Object Representation (CBOR)
- RFC 8949 Concise Binary Object Representation (CBOR)
- sdk/io/cbor/
- test/cbor/
- COSE
- RFC 8152 CBOR Object Signing and Encryption (COSE)
- RFC 8230 Using RSA Algorithms with CBOR Object Signing and Encryption (COSE) Messages
- RFC 8392 CBOR Web Token (CWT)
- RFC 8812 CBOR Object Signing and Encryption (COSE) and JSON Object Signing and Encryption (JOSE) Registrations for Web Authentication (WebAuthn) Algorithms
- RFC 9052 CBOR Object Signing and Encryption (COSE): Structures and Process
- RFC 9053 CBOR Object Signing and Encryption (COSE): Initial Algorithms
- RFC 9338 CBOR Object Signing and Encryption (COSE): Countersignatures
- sdk/crypto/cose/
- test/cose/
- JOSE
- RFC 7515 JSON Web Signature (JWS)
- RFC 7516 JSON Web Encryption (JWE)
- RFC 7517 JSON Web Key (JWK)
- RFC 7518 JSON Web Algorithms (JWA)
- RFC 7520 Examples of Protecting Content Using JSON Object Signing and Encryption (JOSE)
- RFC 8037 CFRG Elliptic Curve Diffie-Hellman (ECDH) and Signatures in JSON Object Signing and Encryption (JOSE)
- sdk/crypto/jose/
- test/jose/
- HTTP/1.1
- RFC 1945 Hypertext Transfer Protocol -- HTTP/1.0
- RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1
- RFC 2069 An Extension to HTTP : Digest Access Authentication
- RFC 2396 Uniform Resource Identifiers (URI): Generic Syntax
- RFC 2616 Hypertext Transfer Protocol -- HTTP/1.1
- RFC 2617 HTTP Authentication: Basic and Digest Access Authentication
- RFC 6749 OAuth 2.0
- RFC 6750 The OAuth 2.0 Authorization Framework: Bearer Token Usage
- RFC 7616 HTTP Digest Access Authentication
- sdk/net/http/
- test/httpserver1/
- test/httpauth/
- test/httptest/
- HTTP/2
- RFC 7541 HPACK: Header Compression for HTTP/2
- sdk/net/http/http2/
- test/hpack/
- test/httpserver2/
- RFC 7540 Hypertext Transfer Protocol Version 2 (HTTP/2)
- RFC 7838 HTTP Alternative Services
- RFC 9113 HTTP/2
- sdk/net/http/http2/
- sdk/net/tls/
- test/payload/
- test/hpack/
- test/httpaltsvc/
- test/httpserver2/
- RFC 7541 HPACK: Header Compression for HTTP/2
- HTTP/3
- RFC 9204 QPACK: Field Compression for HTTP/3
- BASE16, BASE64, BASE64URL
- RFC 4648 The Base16, Base32, and Base64 Data Encodings
- sdk/base/basic/
- test/encode/
- RFC 4648 The Base16, Base32, and Base64 Data Encodings
- HOTP, TOTP
- RFC 4226 HOTP: An HMAC-Based One-Time Password Algorithm
- RFC 6238 TOTP: Time-Based One-Time Password Algorithm
- sdk/crypto/basic/
- test/hash/
- Pattern Search
- KMP algorithm
- Trie
- Suffix Tree
- Ukkonen algorithm
- Aho-Corasick algorithm (wildcard)
- sdk/base/nostd/
- test/pattern/
- test/parser/
- Graph
- BFS, DFS, Djkstra
- sdk/base/nostd/
- test/graph/
- BFS, DFS, Djkstra
- Authenticode
- Digital Certificate verification (plugin_msi, plugin_cabinet excluded)
- sdk/crypto/authenticode/
- test/authenticode/
- Digital Certificate verification (plugin_msi, plugin_cabinet excluded)
-
OpenSSL
-
RFC 2144 The CAST-128 Encryption Algorithm (May 1997)
-
RFC 2612 The CAST-256 Encryption Algorithm (June 1999)
-
RFC 3217 Triple-DES and RC2 Key Wrapping (December 2001)
-
RFC 3394 Advanced Encryption Standard (AES) Key Wrap Algorithm (September 2002)
-
RFC 3610 Counter with CBC-MAC (CCM)
-
RFC 4615 The Advanced Encryption Standard-Cipher-based Message Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128) Algorithm for the Internet Key Exchange Protocol (IKE)
-
RFC 4772 Security Implications of Using the Data Encryption Standard (DES) (December 2006)
-
RFC 5649 Advanced Encryption Starndard (AES) Key Wrap with Padding Algorithm (September 2009)
-
RFC 5794 A Description of the ARIA Encryption Algorithm (March 2010)
-
RFC 5869 HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
-
RFC 6070 PKCS #5: Password-Based Key Derivation Function 2 (PBKDF2) Test Vectors
-
RFC 7539 ChaCha20 and Poly1305 for IETF Protocols
-
RFC 7914 The scrypt Password-Based Key Derivation Function
-
RFC 8017 PKCS #1: RSA Cryptography Specifications Version 2.2
-
RFC 8439 ChaCha20 and Poly1305 for IETF Protocols
-
RFC 9106 Argon2 Memory-Hard Function for Password Hashing and Proof-of-Work Applications
-
Authenticated Encryption with AES-CBC and HMAC-SHA
- sdk/crypto/basic/
- sdk/crypto/crypto/
- test/crypto/
- test/kdf/
-
RFC 2104 HMAC: Keyed-Hashing for Message Authentication
-
RFC 4231 HMAC-SHA Identifiers and Test Vectors December 2005
-
RFC 4493 The AES-CMAC Algorithm
-
RFC 6979 Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)
-
NIST CAVP (Cryptographic Algorithm Validation Program) ECDSA
- sdk/crypto/basic/
- sdk/crypto/crypto/
- test/hash/
- test/sign/
-
RFC 4347 Datagram Transport Layer Security
-
RFC 6347 Datagram Transport Layer Security Version 1.2
-
RFC 7301 Transport Layer Security (TLS) Application-Layer Protocol Negotiation Extension
-
RFC 8446 The Transport Layer Security (TLS) Protocol Version 1.3
-
RFC 8448 Example Handshake Traces for TLS 1.3
-
RFC 8996 Deprecating TLS 1.0 and TLS 1.1
-
RFC 9147 The Datagram Transport Layer Security (DTLS) Protocol Version 1.3
- sdk/net/tls/
- test/tlsserver/
- test/dtlsserver/
- sdk/net/tls1/
- test/tls1/
-
-
Compression
- RFC 1951 DEFLATE Compressed Data Format Specification version 1.3
- RFC 1952 GZIP file format specification version 4.3
- Accept-Encoding, Content-Encoding
-
JOSE
- RFC 7638 3.1. Example JWK Thumbprint Computation
- test/jose/
- RFC 7638 3.1. Example JWK Thumbprint Computation
-
IEEE 754
- half/single/double precision floating point
- test/ieee754/
- half/single/double precision floating point
- HTTP/1.1
- RFC 2817 Upgrading to TLS Within HTTP/1.1
- HTTP/3
- RFC 9000 QUIC: A UDP-Based Multiplexed and Secure Transport
- RFC 9001 Using TLS to Secure QUIC
- RFC 9002 QUIC Loss Detection and Congestion Control
- RFC 9114 HTTP/3
- RFC 9368 Compatible Version Negotiation for QUIC
- TLS
- RFC 2246 The TLS Protocol Version 1.0
- RFC 5246 The Transport Layer Security (TLS) Protocol Version 1.2
- RFC 6066 Transport Layer Security (TLS) Extensions: Extension Definitions
- RFC 7301 Transport Layer Security (TLS) Application-Layer Protocol Negotiation Extension
- RFC 7520 Using Raw Public Keys in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)
- RFC 7685 A Transport Layer Security (TLS) ClientHello Padding Extension
- RFC 7919 Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS)
- RFC 8422 Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Versions 1.2 and Earlier
- RFC 8446 The Transport Layer Security (TLS) Protocol Version 1.3
- ASN.1
- ITU-T X.680-X.699
- X.680-X.693 : Information Technology - Abstract Syntax Notation One (ASN.1) & ASN.1 encoding rules
- Recommendation X.680-X.693 (02/21)
- ASN.1 (Abstract Syntax Notation One) is the international standard for representing data types and structures.
- ITU-T X.680 ISO/IEC 8824-1 Abstract Syntax Notation One (ASN.1): Specification of basic notation
- ITU-T X.681 ISO/IEC 8824-2 Abstract Syntax Notation One (ASN.1): Information object specification
- ITU-T X.682 ISO/IEC 8824-3 Abstract Syntax Notation One (ASN.1): Constraint specification
- ITU-T X.683 ISO/IEC 8824-4 Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 specifications
- ITU-T X.690 ISO/IEC 8825-1 ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)
- ITU-T X.691 ISO/IEC 8825-2 ASN.1 encoding rules: Specification of Packed Encoding Rules (PER)
- ITU-T X.692 ISO/IEC 8825-3 ASN.1 encoding rules: Specification of Encoding Control Notation (ECN)
- ITU-T X.693 ISO/IEC 8825-4 ASN.1 encoding rules: XML Encoding Rules (XER)
- X.680-X.693 : Information Technology - Abstract Syntax Notation One (ASN.1) & ASN.1 encoding rules
- ITU-T X.680-X.699
- Neural Networks / Machine Learning
- sketch repository (private, spin off, in progress)
- Compression
- RFC 7932 Brotli Compressed Data Format
- RFC 8478 Zstandard Compression and the application/zstd Media Type
- RFC 8878 Zstandard Compression and the 'application/zstd' Media Type
- COSE
- RFC 8778 Use of the HSS/LMS Hash-Based Signature Algorithm with CBOR Object Signing and Encryption (COSE)
- RFC 9021 Use of the Walnut Digital Signature Algorithm with CBOR Object Signing and Encryption (COSE)
- RFC 9054 CBOR Object Signing and Encryption (COSE): Hash Algorithms
- RFC 9360 CBOR Object Signing and Encryption (COSE): Header Parameters for Carrying and Referencing X.509 Certificates
- platform support - mingw, linux
- ubuntu
- source env.ubuntu && install_packages
- MINGW64
- source env.mingw64 && install_packages
- packages to install
- gcc, g++, binutils, cmake, gdb
- openssl-devel jansson-devel zlib-devel unixodbc (MINGW)
- openssl-devel jansson zlib-devel unixodbc-devel (Rocky/CentOS/RHEL)
- libssl-dev libjansson-dev zlib1g-dev unixodbc-dev (ubuntu)
- valgrind (linux)
- clang-tools-extra
- ubuntu
- build script
- cd hotplace
- ./make.sh debug pch
- os support (x64)
- tested
- RHEL 7 and newer, (including CentOS, Rocky Linux)
- ubuntu 20.04 and newer
- mingw x64
- Fedora Core release 4 (Stentz) w/ custom toolchain (GCC 4.8)
- tested
-
important
- openssl 1.1.1 or newer
- RSA-OAEP-256
- Ed25519 Ed448 X25519 X448
- sha3
- openssl 3.0, 3.1
- EVP_CIPHER_fetch/EVP_CIPHER_free, EVP_MD_fetch/EVP_MD_free
- truncated sha ("sha2-512/224", "sha2-512/256")
- failed to load PEM file containing HMAC private key
- openssl 3.2
- argon2d, argon2i, argon2id
- custom build required in RHEL (RHEL, centos, rocky) and older version
- -fPIC required
- algoritm test, random SEGV, ctr_update SEGV (older linux), ...
- openssl 1.1.1 or newer
-
how to custom build
- build custom openssl (example)
- install perl
- $ sudo yum install perl
- install perl
- cd thirdparty ; ./make.sh
- build custom openssl (example)
- build custom jansson (example)
- see https://github.com/akheron/jansson
- cd thirdparty ; ./make.sh
- toolchain dependencies
- cmake (2.8.10.2)
- perl (5.10.0)
- m4 (1.4.13)
- autoconf (2.65)
- automake (1.16.4)
- libtool (1.5.2)
- make (3.80)
- gmp (4.3.2)
- mpfr (2.4.2)
- mpc (1.0.3)
- isl (0.10)
- binutils (2.18)
- gcc (4.8.5)