# CryptoDit CryptoDit (short for Cryptography Audit). This program audit the cryptography modules. - The program check the speed for generating RSA/ECDSA key - Check if the RSA key are compliant with FIPS Key size, exponent, ownership, file permissions, etc.) - Check the entropy pool in the kernel with the eBPF technology ## Requirements The program use the library of OpenSSL for reading a certificate and eBPF for the entropy module. It's important to install the following package: * libssl-dev. * bpftool * clang-11 * libbpf-dev * gcc and gcc-multilib # Examples ## Speed test ``` $ ./cryptodit -m speed -type all Module: speed The generation of the RSA key 2048 bits took 116 ms The generation of the RSA key 4192 bits took 2218 ms The generation of the EC key secp256 took 1 ms ``` ## RSA public key compliance ``` $ ./cryptodit -m certificate -type rsa -pubin public.pem Module: certificate File information Filename: public.pem File size: 182 Permission: 644 Checking file ownerships compliance... Audit passed with success. The owner of the file isn't root. Checking file permissions compliance... The certificate has the correct permission for the owner. The group has the permission to manipulate the file. Should be removed. The other has the permission to manipulate the file. Should be removed. Checking FIPS compliance... Certificate information: Key size: 64 bytes (512) Exponent: 65537 Format RSA key: SPKI Exponent result: The exponent is correct, the FIPS compliance is respected. Keysize result: The key size is lower than 2048. The key should be at least 2048 bits. ``` ## X.509 compliance ``` $ ./cryptodit -m certificate -type x509 -pubin cert.pem ``` ## Entropy ``` $ sudo ./cryptodit -m entropy Module: entropy libbpf: elf: skipping unrecognized data section(8) .rodata.str1.1 proc: (openssl); pid: 85059 proc: (WebExtensions); pid: 4520 proc: (Privileged; pid: 4549 proc: (Isolated; pid: 82753 proc: (MainThread); pid: 85089 proc: (tracker-extract); pid: 85188 proc: (tracker-extract); pid: 85209 proc: (terminator); pid: 8774 proc: (python3); pid: 85231 ```