Other works we referred to in creating CryptoSys PKI.
[AES-WRAP]
AES Key Wrap Specification,
National Institute of Standards and Technology,
16 November 2001,
<http://csrc.nist.gov/groups/ST/toolkit/documents/kms/key-wrap.pdf>.
[AX931]
ANSI X9.31-1998
Digital Signatures using Reversible
Public Key Cryptography for the Financial Services Industry (rDSA),
Appendix A,
American National Standards Institute,
1998.
[BALE05]
Francesco Balena and Giuseppe Dimauro,
Practical Guidelines and Best Practices for Microsoft Visual Basic and Visual C# Developers,
Microsoft Press, 2005, ISBN 0735621721.
[BROW99]
Steve Brown,
Visual Basic Developer's Guide to the Win32 API,
Sybex, 1999.
[CHAN]
Mahesh Chand,
Tutorial: Creating C# Class Library (DLL) Using Visual Studio .NET,
<http://www.c-sharpcorner.com/2/pr12.asp> (accessed July 2006).
[CMSRSAKEM]
draft-ietf-smime-cms-rsa-kem-05.txt,
Use of the RSA-KEM Key Transport Algorithm in CMS,
J. Randall, B.Kaliski, September 2007.
[COHE99]
Aaron Cohen and Mike Woodring,
Win32 Multithreaded Programming,
O'Rielly, 1999.
[DEVIL]
Scott Berinato,
The Devil's Infosec Dictionary,
<http://www.csoonline.com/article/220527/the-devil-s-infosec-dictionary>, (accessed July 2010)
[DOWD06]
Mark Dowd, John McDonald and Justin Schuh,
The Art of Software Security Assessment,
Addison-Wesley, 2006.
[DUBU00]
Olivier Dubuisson,
ASN.1
Communication between Heterogeneous Systems,
<http://asn1.elibel.tm.fr/en/book/>
<http://www.oss.com/asn1/booksintro.html>,
June 2000.
[EDIFACT]
UN/EDIFACT Finance Group D6 SWG-F,
Recommended Practice For Message Flow And Security For Edifact Payments,
Version 2v03, 1 October 2000, <www.bsk.no/text/d6_rec_practices.pdf>, (accessed January 2009)
[FERG03]
Niels Ferguson and Bruce Schneier,
Practical Cryptography,
John Wiley, 2003.
[FERG10]
Niels Ferguson, Bruce Schneier and Tadayoshi Kohno,
Cryptography Engineering,
John Wiley, 2010.
[FIPS140]
Federal Information Processing Standards Publication
FIPS PUB 140-2 Security Requirements for Cryptographic Modules,
U.S. Department Of Commerce/National Institute of Standards and Technology,
<http://csrc.nist.gov/cryptval/140-2.htm>,
25 May 2001, Change Notice 1 (10 October 2001) and Change Notice 2 (3 December 2002).
[FIPS140IG]
Implementation Guidance for
FIPS PUB 140-1 and the Cryptographic
Module Validation Program,
U.S. Department Of Commerce/National Institute of Standards and Technology,
update 10 January 2002.
[FIPS140XC]
Federal Information Processing Standards Publication
FIPS PUB 140-2 Annex C: Approved Random Number Generators
for FIPS PUB 140-2,
U.S. Department Of Commerce/National Institute of Standards and Technology,
draft, 24 January 2007.
[FIPS180]
Federal Information Processing Standard,
FIPS PUB 180-2 Secure Hash Standard,
<http://csrc.nist.gov/CryptoToolkit/tkhash.html>, 1 August 2002.
[FIPS186]
Federal Information Processing Standard,
FIPS PUB 186-2 Digital Signature Standard (DSS),
U.S. Department of Commerce/National Institute of Standards and Technology, 27 January 2000
[FIPS197]
Federal Information Processing Standard,
FIPS PUB 197 Advanced Encryption Standard (AES),
U.S. Department of Commerce/National Institute of Standards and Technology, 26 November 2001
[FIPS198]
Federal Information Processing Standard,
FIPS PUB 198 The Keyed-Hash Message Authentication Code (HMAC),
U.S. Department of Commerce/National Institute of Standards and Technology, 6 March 2002
[GUTPFX]
Peter Gutmann,
PFX - How Not to Design a Crypto Protocol/Standard,
<http://www.cs.auckland.ac.nz/~pgut001/pubs/pfx.html>, (last accessed January 2007).
[GUTX509]
Peter Gutmann,
X.509 Style Guide, <http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt>, Oct 2000.
[HANS97]
David R. Hanson,
C Interfaces and Implementations,
Addison-Wesley, 1997.
[HMAC]
RFC 2104 HMAC: Keyed-Hashing for Message
Authentication, Krawczyk, Bellare and Canetti, February 1997.
[HOWA02]
Michael Howard and David LeBlanc,
Writing Secure Code,
Microsoft Press, 2002.
[ISO18033-2]
ISO/IEC 18033-2:2006,
Information technology - Security techniques - Encryption algorithms - Part 2: Asymmetric ciphers,
Ed. Victor Shoup, 2006.
The final committee draft version FCD 18033-2, dated December 2004, is available at
<http://www.shoup.net/iso/std6.pdf>.
[ISO8601]
ISO 8601:1988(E),
Data elements and interchange formats - Information interchange - Representation of dates and times,
1988
(actually we just cribbed this reference from W3C's
Date and Time Formats,
<http://www.w3.org/TR/NOTE-datetime>, Misha Wolf and Charles Wicksteed, Sept 1997).
[KALI-ASN]
Burton S Kaliski, Jr,
A Layman's Guide to a Subset of ASN.1, BER and DER, RSA Laboratories Technical Note, Nov 1993.
[KELS98]
John Kelsey, Bruce Schneier, David Wagner, Chris Hall,
Cryptanalytic Attacks on Pseudorandom Number Generators, March 1998,
available from
<http://www.schneier.com/paper-prngs.html>.
[KUHN]
Markus Kuhn,
UTF-8 and Unicode FAQ for Unix/Linux,
<http://www.cl.cam.ac.uk/~mgk25/unicode.html>,
(accessed August 2006).
[LARM99]
Prof John Larmouth,
ASN.1 Complete,
<http://www.oss.com/asn1/larmouth.html>,
Open Systems Solutions, 1999.
[MENE97]
Menezes, van Oorschot and Vanstone,
Handbook of Applied Cryptography,
CRC Press LLC, 1997.
[NISPOM]
DOD 5220.22-M,
National Industry Security Program Operating Manual (NISPOM),
US Department of Defense, January 1995.
[SIEM99]
Siemens Financial Services,
Electronic Signing of PAYMUL Messages,
autack.doc, April 1999, <crg.tbg5-finance.org/migs/Autack.doc> (accessed January 2009).
[PETZ99]
Charles Petzold,
Programming Windows, 5th edition,
Microsoft Press, 1999.
[PKCS7]
PKCS #7,
Cryptographic Message Syntax Standard,
RSA Laboratories, Version 1.5, Nov 1993 (RFC 2315).
[PKCS7-EXT]
RSA Laboratories Technical Note,
Extensions and Revisions to PKCS #7,
Burton S. Kaliski Jr. and Kevin W. Kingdon, May 1997.
[PKIX-ASN1]
draft-ietf-smime-new-asn1--07.txt,
New ASN.1 Modules for CMS and S/MIME,
P. Hoffman and J. Schaad, AUgust 2009.
[PKIX-MAP]
Internet Draft,
PKIX Roadmap,
IETF-PKIX Working Group,
<http://tools.ietf.org/html/draft-ietf-pkix-roadmap-09>,
July 2002.
[RICH99]
Jeffrey Richter,
Programming Applications for Microsoft Windows, 4th edition,
Microsoft Press, 1999.
[RFC1319]
RFC 1319,
The MD2 Message-Digest Algorithm, B. Kaliski, RSA Data Security, Inc., April 1992.
[RFC1321]
RFC 1321,
The MD5 Message-Digest Algorithm, R. Rivest, RSA Data Security, Inc., April 1992.
[RFC1421]
RFC 1421,
Privacy Enhancement for Internet Electronic Mail,
J. Linn, February 1993.
[RFC1423]
RFC 1423,
Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers,
D. Balenson, February 1993.
[RFC2202]
RFC 2202,
Test Cases for HMAC-MD5 and HMAC-SHA-1,
P. Cheng and R. Glenn, September 1997.
[RFC2279]
RFC 2279,
UTF-8, a transformation format of ISO 10646,
F. Yergeau, January 1998.
[RFC2898]
RFC 2898,
PKCS #5: Password-Based Cryptography Specification Version 2.0,
B. Kaliski, RSA Laboratories, September 2000.
[RFC3217]
RFC 3217,
Triple-DES and RC2 Key Wrapping,
R. Housley, December 2001.
[RFC3394]
RFC 3394,
Advanced Encryption Standard (AES) Key Wrap Algorithm,
J. Schaad and R. Housley, September 2002.
[RFC3537]
RFC 3537,
HMAC Key Wrap,
J. Schaad and R. Housley, May 2003.
[RFC3560]
RFC 3560,
Use of the RSAES-OAEP Key Transport Algorithm in
the Cryptographic Message Syntax (CMS),
R. Housley, July 2003.
[RFC4086]
RFC 4086,
Randomness Requirements for Security,
D. Eastlake et al, June 2005.
[RFC4231]
RFC 4231,
Identifiers and Test Vectors for HMAC-SHA-224, HMAC-SHA-256,
HMAC-SHA-384, and HMAC-SHA-512,
M. Nystrom, December 2005.
[RFC4648]
RFC 4648,
The Base16, Base32, and Base64 Data Encodings,
S. Josefsson, October 2006.
[RFC5750]
RFC 5750,
Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Certificate Handling,
B. Ramsdell, January 2010 (Obsoletes RFC3850).
[SCHN96]
Bruce Schneier,
Applied Cryptography - Protocols, Algorithms and Source Code in C,
2nd edition, John Wiley, 1996.
[SEAC05]
Robert C. Seacord,
Secure Coding in C and C++,
Addison-Wesley, 2005.
[SIMO97]
Richard J Simon,
Windows NT Win32 API SuperBible,
Waite Group Press, 1997.
[SP80020]
NIST Special Publication 800-20,
Modes of Operation Validation System for the Triple Data
Encryption Algorithm (TMOVS): Requirements and Procedures,
National Institute of Standards and Technology, April 2000.
[SP80038A]
NIST Special Publication 800-38A,
Recommendation for Block Cipher Modes of Operation,
National Institute of Standards and Technology, December 2001.
[SP80057]
NIST Special Publication 800-57,
Recommendation for Key Management - Part 1: General,
National Institute of Standards and Technology, DRAFT, April, 2005.
[SP80067]
NIST Special Publication 800-67,
Recommendation for the Triple
Data Encryption Algorithm
(TDEA) Block Cipher,
National Institute of Standards and Technology, Version 1.1, Revised May 2008.
[STAL]
William Stallings,
Cryptography and Network Security: Principles and Practice,
4th edition, Prentice Hall, 2006.
[VIEG02]
John Viega and Gary McGraw,
Building Secure Software,
Addison-Wesley, 2002.
[VIEG03]
John Viega and Matt Messier,
Secure Programming Cookbook for C and C++,
O'Reilly, 2003.
[X208]
CCITT Recommendation X.208: Specification of Abstract
Syntax Notation One (ASN.1), 1988.
[X209]
CCITT Recommendation X.209: Specification of Basic
Encoding Rules for Abstract Syntax Notation One (ASN.1),
1988.
[XKMS]
W3C Recommendation,
XML Key Management Specification (XKMS 2.0),
<http://www.w3.org/TR/xkms2/>, 28 June 2005.
[XMLSIG]
W3C Recommendation,
XML-Signature Syntax and Processing,
<http://www.w3.org/TR/xmldsig-core/>, 12 February 2002.