Ports Search

Poly1305-AES is a state-of-the-art secret-key message-authentication code suitable for a wide variety of applications. Poly1305-AES computes a 16-byte authenticator of a message of any length, using a 16-byte nonce (unique message number) and a 32-byte secret key. Attackers can't modify or forge messages if the message sender transmits an authenticator along with each message and the message receiver checks each authenticator. There's a mailing list for Poly1305-AES discussions. To subscribe, send an empty message to poly1305-subscribe@list.cr.yp.to.

Provides methods to manipulate and authenticate against standard Unix, SMB server, AuthUser (.htpasswd), AuthDigest (.htdigest), CVS pserver and custom formatted password files.

With PEAR::File_SMBPasswd you can maintain smbpasswd-files, usualy used by SAMBA.

HTML_Crypt provides methods to encrypt text, which can be later be decrypted using JavaScript on the client side. This is very useful to prevent spam robots collecting email addresses from your site, included is a method to add mailto links to the text being generated.

PScan is a C source code security scanner, which looks for misuse of libc functions which use varargs and printf-style formatting operators. In many situations these can cause security vulnerabilities in the application if it runs with privileges (setugid, or listening to a network socket, etc). An example of the kind of situation pscan looks for is the following: variable = "%s"; /* or malicious user input */ sprintf(buffer, variable); /* BAD! */

LiveUser is a set of classes for dealing with user authentication and permission management. Basically, there are three main elements that make up this package: * The LiveUser class * The Auth containers * The Perm containers Currently available are containers using: PEAR::DB, PEAR::MDB, PEAR::MDB2, PEAR::XML_Tree and PEAR::Auth.

LiveUser_Admin is meant to be used with the LiveUser package. It is composed of all the classes necessary to administrate data used by LiveUser.

This package provides an interface to the cracklib (libcrack) libraries that come standard on most Unix-like distributions. This allows you to check passwords against dictionaries of words to ensure some minimal level of password security. From the cracklib README CrackLib makes literally hundreds of tests to determine whether you've chosen a bad password. * It tries to generate words from your username and gecos entry to tries to match them against what you've chosen. * It checks for simplistic patterns. * It then tries to reverse-engineer your password into a dictionary word, and searches for it in your dictionary. - after all that, it's PROBABLY a safe(-ish) password. 8-)

CryptKit is a developer's toolkit implementing several of the most modern and efficient cryptographic algorithms.

cmd5checkpw is a checkpassword compatible authentication program that uses CRAM-MD5 authentication mode. It was designed primary to work with qmail but it can be used by any other program that knows how to use checkpassword compatible authentication.