ipfw2shield is a DShield client for ipfw logs, i.e., it inspects
the firewall logs and can mail security reports to dshield.org
The Courier Authentication Library is a generic authentication API used
for two purposes:
1. Read the name of a mail account. Determine the local account's home
directory, and system userid and groupid.
2. Read an account name, and a password. If valid, determine the
account's home directory, system userid, and groupid.
DES, Blowfish, AES, TEA, SHA1, MD5, RSA, BubbleBabble, Hexdump, Support for
Word128, Word192 and Word256 and Beyond, PKCS5 Padding, Various Encryption
Modes e.g. Cipher Block Chaining all in one package, with HUnit and
QuickCheck tests, and examples.
Cryptographically secure RNGs.
This library implements the RSA encryption and signature algorithms for
arbitrarily-sized ByteStrings. While the implementations work, they are
not necessarily the fastest ones on the planet. Particularly key generation.
The algorithms included are based of RFC 3447, or the Public-Key Cryptography
Standard for RSA, version 2.1 (a.k.a, PKCS#1 v2.1).
This library implements the SHA suite of message digest functions, according
to NIST FIPS 180-2 (with the SHA-224 addendum), as well as the SHA-based
HMAC routines. The functions have been tested against most of the NIST
and RFC test vectors for the various functions. While some attention has
been paid to performance, these do not presently reach the speed of
well-tuned libraries, like OpenSSL.
Certificates and Key reader/writer. At the moment only X509 certificate
and unencrypted private key are supported, but will include PGP
certificate and pkcs8 private keys.
Fast AES cipher implementation with advanced mode of operations. The modes
of operations available are ECB (Electronic code book), CBC (Cipher block
chaining), CTR (Counter), XTS (XEX with ciphertext stealing), GCM (Galois
Counter Mode). The AES implementation uses AES-NI when available (on x86
and x86-64 architecture), but fallback gracefully to a software C
implementation. The software implementation uses S-Boxes, which might
suffer for cache timing issues. However do notes that most other known
software implementations, including very popular one (openssl, gnutls)
also uses same implementation. If it matters for your case, you should
make sure you have AES-NI available, or you'll need to use a different
implementation.
Blowfish cipher primitives.
Camellia block cipher primitives.