gbucchino/CryptoDit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3488933d1d
CryptoDit/audit/fips.c
gbucchino 3488933d1d remove unused variable
2026-02-18 16:05:24 +01:00

496 lines
14 KiB
C
Raw Blame History

#include <stdio.h>
#include <string.h>
#include "fips.h"
#include "../utils.h"
#include "../error.h"
/*
* SSL Format
* RSA PUBLIC KEY -> PKCS#1 format
* PUBLIC KEY -> PEM Format
*/
static int DEBUG = 0;
int fips(const char *pkey, struct audit_fips *st_audit_fips, struct keyinfo *st_keyinfo, const int type, const int is_pubkey){
int res;
if(type == TYPE_RSA){
/* If it's a pub key, we are going to analyse it */
if (is_pubkey == 1)
res = fips_pubkey_rsa(st_audit_fips, st_keyinfo, pkey);
else
res = fips_privkey_rsa(st_audit_fips, st_keyinfo, pkey);
}
else if (type == TYPE_X509){
if (openssl_version() == 1)
res = fips_x509_v1(st_audit_fips, st_keyinfo, pkey);
else
res = fips_x509_v3(st_audit_fips, st_keyinfo, pkey);
}
return res;
}
/*
* This function load public RSA key and make an audit on it
*/
static int fips_pubkey_rsa(struct audit_fips *st_audit_fips, struct keyinfo *st_keyinfo, const char *pkey) {
struct rsa *rsa;
size_t keysize;
int res;
/*
* Now, we check if the public certificate is compliant with FIPS
* The program check the length of the key, the exponent
*/
if (openssl_version() == 1)
res = loadkeys_rsa_v1(&rsa, pkey, &st_keyinfo->format);
else /* OpenSSL version 3 */
res = loadkeys_rsa_v3(&rsa, pkey, &st_keyinfo->format);
if (res > 0 || rsa == NULL){
printf("Failed to read the public key\n");
clean_rsa_st(rsa);
return res;
}
audit_rsa_keys(rsa, st_audit_fips, st_keyinfo, pkey);
// Clean
clean_rsa_st(rsa);
return 0;
}
/*
* This function audit RSA private key
*/
static int fips_privkey_rsa(struct audit_fips *st_audit_fips, struct keyinfo *st_keyinfo, const char *pkey) {
int res;
struct rsa *rsa = NULL;
if (openssl_version() == 1)
res = load_priv_rsa_keys_v1(&rsa, pkey);
else /* OpenSSL version 3 */
res = load_priv_rsa_keys_v3(&rsa, pkey);
if (res > 0){
printf("Failed to read the private key\n");
clean_rsa_st(rsa);
return res;
}
audit_rsa_keys(rsa, st_audit_fips, st_keyinfo, pkey);
// Clean
clean_rsa_st(rsa);
return 0;
}
/*
* If OpenSSL v3, we need tu use new OpenSSL functions for reading keys
*/
static int loadkeys_rsa_v3(struct rsa **rsa, const char *pkey, int *format){
*rsa = (struct rsa*)malloc(sizeof(struct rsa*));
if (*rsa == NULL){
if (DEBUG)
printf("Cannot malloc the structure\n");
return COMMON_ERR_MALLOC;
}
memset(*rsa, 0, sizeof(struct rsa*));
(*rsa)->bio = BIO_new(BIO_s_file());
if (BIO_read_filename((*rsa)->bio, pkey) == 0){
printf("Failed to read BIO\n");
return FIPS_ERR_READ_BIO;
}
#if OPENSSL_VERSION_NUMBER > 0x03000000f
(*rsa)->evp = PEM_read_bio_PUBKEY_ex((*rsa)->bio, NULL, NULL, NULL, NULL, NULL);
if ((*rsa)->evp == NULL){
return FIPS_ERR_LOAD_KEY;
}
//printf("Keysize: %d\n", EVP_PKEY_bits((*rsa)->evp));
(*rsa)->rsa = EVP_PKEY_get1_RSA((*rsa)->evp);
if ((*rsa)->rsa == NULL){
return FIPS_ERR_LOAD_RSA_KEY;
}
#endif
// Get the format of the key
*format = 0;
return 0;
}
static int loadkeys_rsa_v1(struct rsa **rsa, const char *pkey, int *format){
*rsa = (struct rsa*)malloc(sizeof(struct rsa*));
if (*rsa == NULL){
if (DEBUG)
printf("Cannot malloc the structure\n");
return COMMON_ERR_MALLOC;
}
memset(*rsa, 0, sizeof(struct rsa*));
(*rsa)->bio = BIO_new(BIO_s_file());
if(BIO_read_filename((*rsa)->bio, pkey) == 0){
printf("Failed to read BIO\n");
return FIPS_ERR_READ_BIO;
}
/*
* Works with PEM_read_RSAPublicKey, but when we try to read the file
* we cannot. This function "block" the access to the file
*/
/*rsa->rsa = PEM_read_RSAPublicKey(f, NULL, NULL, NULL); */
// Deprecated in OpenSSL v3
/*
* RSAPublicKey read publickey at the PEM format
* RSA_PUBKEY read publickey at the PKCS1 format
*/
(*rsa)->rsa = PEM_read_bio_RSAPublicKey((*rsa)->bio, NULL, NULL, NULL);
if ((*rsa)->rsa == NULL){
//print_error();
/*
* We need to reset or reseek the BIO, otherwise, we cannot read it
* https://docs.openssl.org/3.0/man3/BIO_ctrl/#synopsis
*/
//BIO_reset((*rsa)->bio); /* Works too */
BIO_seek((*rsa)->bio, 0);
(*rsa)->rsa = PEM_read_bio_RSA_PUBKEY((*rsa)->bio, NULL, NULL,NULL);
if ((*rsa)->rsa == NULL){
if (DEBUG)
printf("Cannot read the SPKI format of the public key\n");
return FIPS_ERR_LOAD_KEY;
}
*format = RSA_FORMAT_SPKI;
}
else
*format = RSA_FORMAT_PKCS1;
return 0;
}
/*
* This function load RSA Private key for OpenSSL v1
*/
static int load_priv_rsa_keys_v1(struct rsa **rsa, const char *pkey){
*rsa = (struct rsa*)malloc(sizeof(struct rsa*));
if (*rsa == NULL){
if (DEBUG)
printf("Cannot malloc the structure\n");
return COMMON_ERR_MALLOC;
}
(*rsa)->bio = BIO_new(BIO_s_file());
if ((*rsa)->bio == NULL){
if (DEBUG)
printf("Failed to create new BIO\n");
return FIPS_ERR_NEW_BIO;
}
if(BIO_read_filename((*rsa)->bio, pkey) == 0){
printf("Failed to read BIO\n");
return FIPS_ERR_READ_BIO;
}
(*rsa)->rsa = PEM_read_bio_RSAPrivateKey((*rsa)->bio, NULL, NULL, NULL);
if ((*rsa)->rsa == NULL){
if (DEBUG)
printf("Failed to read BIO RSAPrivateKey\n");
return FIPS_ERR_LOAD_RSA_PRIV_KEY;
}
return 0;
}
/*
* This function load RSA Private key for OpenSSL v3
*/
static int load_priv_rsa_keys_v3(struct rsa **rsa, const char *pkey){
*rsa = (struct rsa*)malloc(sizeof(struct rsa*));
if (*rsa == NULL){
if (DEBUG)
printf("Cannot malloc the structure\n");
return COMMON_ERR_MALLOC;
}
(*rsa)->bio = BIO_new(BIO_s_file());
if ((*rsa)->bio == NULL){
if (DEBUG)
printf("Failed to create new BIO\n");
return FIPS_ERR_NEW_BIO;
}
if(BIO_read_filename((*rsa)->bio, pkey) == 0){
printf("Failed to read BIO\n");
return FIPS_ERR_READ_BIO;
}
#if OPENSSL_VERSION_NUMBER > 0x03000000f
(*rsa)->evp = PEM_read_bio_PrivateKey_ex((*rsa)->bio, NULL, NULL, NULL, NULL, NULL);
if ((*rsa)->evp == NULL){
if (DEBUG)
printf("Failed to read BIO PrivateKey\n");
return FIPS_ERR_READ_BIO;
}
(*rsa)->rsa = EVP_PKEY_get1_RSA((*rsa)->evp);
if ((*rsa)->rsa == NULL)
return FIPS_ERR_LOAD_RSA_KEY;
#endif
return 0;
}
/*
* This function audit the RSA keys, both public and private
* For the audit, the function check the exponent (modulus) and the key size
*/
static void audit_rsa_keys(struct rsa *rsa, struct audit_fips *st_audit_fips, struct keyinfo *st_keyinfo, const char *pkey){
int res;
st_keyinfo->keysize = RSA_size(rsa->rsa);
st_keyinfo->algo = ALGO_RSA;
// The return value is a const, shouldn't be freed
const BIGNUM *e = RSA_get0_e(rsa->rsa);
char *exponent = BN_bn2dec(e);
//free(exponent);
OPENSSL_free(exponent);
/* Exponent has been set up, we can check it */
res = check_exponent(e, st_audit_fips->audit_exponent.result, &st_keyinfo->exponent);
/*
* Audit the key size. For a better security, the key size is at least 2048 bits
*/
if (st_keyinfo->keysize * 8 < 2048){
sprintf(st_audit_fips->audit_keysize.result, "The key size is lower than 2048. The key should be at least 2048 bits.");
st_audit_fips->audit_keysize.audit = FALSE;
}
else{
sprintf(st_audit_fips->audit_keysize.result, "The key size is upper or equal than 2048. The audit is passed with success.");
st_audit_fips->audit_keysize.audit = TRUE;
}
}
/*
* In this function, we are going to check the exponent
* For testing if the exponent is odd or even, we apply a modulo 2 on the exponent
* If the result is 1, means the key has a remainder and the key is odd, if the result is 0, the exponent is even.
* Regarding to the FIPS 186-5, the exponent must be odd.
* The function check also the size of the exponent.
* When the key has been generated with OpenSSL, by default the exponent is 65537.
* The exponent e size must be 2 ** 16 < e < 2 ** 256
*/
static int check_exponent(const BIGNUM *e, char *buf, unsigned long *exponent){
BIGNUM *rem = BN_new(), *a = BN_new(), *m = BN_new();
char nExponent[4];
BN_CTX *ctx;
char *r;
int error = 0;
sprintf(nExponent, "%d", 2);
BN_dec2bn(&m, nExponent);
//BN_mod(rem, e, m);
ctx = BN_CTX_new();
BN_div(NULL, rem, e, m, ctx);
//r = malloc(4);
r = BN_bn2dec(rem);
//printf("%s\n", r);
/*
* According to the FIPS 186-5, the exponent size must be 2 ** 16 < e < 2 ** 256
* The exponent must be odd too
*/
char *exp = BN_bn2dec(e);
*exponent = (char2dec(exp[0]) * 10000) + (char2dec(exp[1]) * 1000) + (char2dec(exp[2])* 100) + (char2dec(exp[3]) * 10) + (char2dec(exp[4]));
// printf("Exp: %lu\n", exp);
if (strcmp(r, "0") == 0){
strncpy(buf, "The exponent is even, should be odd", BUF_SIZE_AUDIT);
error += 1;
}
// Check the exponent size
double minSize = pow(2, 16);
double maxSize = pow(2, 256);
if (*exponent < minSize || *exponent > maxSize){
strncpy(buf, "The exponent size is not correct. The minimum size is 2 ** 16 and maximum size 2 ** 256.", BUF_SIZE_AUDIT);
error += 1;
}
// If no error
if (error == 0)
strncpy(buf, "The exponent is correct, the FIPS compliance is respected.", BUF_SIZE_AUDIT);
// Cleaning
free(r);
BN_free(rem);
BN_free(a);
BN_free(m);
BN_CTX_free(ctx);
OPENSSL_free(exp);
return 0;
}
/*
* This function load X509 certificate for OpenSSL v1
*/
static int fips_x509_v1(struct audit_fips *st_audit_fips, struct keyinfo *st_keyinfo, const char *pkey){
struct rsa *rsa = (struct rsa*)malloc(sizeof(struct rsa*));
if (rsa == NULL){
if (DEBUG)
printf("Cannot malloc the structure\n");
return COMMON_ERR_MALLOC;
}
memset(rsa, 0, sizeof(struct rsa*));
rsa->bio = BIO_new(BIO_s_file());
if (BIO_read_filename(rsa->bio, pkey) == 0){
printf("Failed to read BIO\n");
return FIPS_ERR_READ_BIO;
}
X509 *x = PEM_read_bio_X509(rsa->bio, NULL, 0, NULL);
if (x == NULL){
printf("Failed to read the X509 certificate\n");
clean_rsa_st(rsa);
return FIPS_ERR_LOAD_X509;
}
EVP_PKEY *evp = X509_get_pubkey(x);
if (evp == NULL){
printf("Failed to get public certificate\n");
X509_free(x);
return FIPS_ERR_LOAD_RSA_KEY;
}
rsa->rsa = EVP_PKEY_get1_RSA(evp);
if (rsa->rsa == NULL){
X509_free(x);
EVP_PKEY_free(evp);
return FIPS_ERR_LOAD_RSA_KEY;
}
// We have the RSA key, we can audit it
audit_rsa_keys(rsa, st_audit_fips, st_keyinfo, pkey);
X509_free(x);
EVP_PKEY_free(evp);
clean_rsa_st(rsa);
return 0;
}
/*
* This function load X509 certificate for OpenSSL v3
*/
static int fips_x509_v3(struct audit_fips *st_audit_fips, struct keyinfo *st_keyinfo, const char *pkey){
struct rsa *rsa = (struct rsa*)malloc(sizeof(struct rsa*));
if (rsa == NULL){
if (DEBUG)
printf("Cannot malloc the structure\n");
return COMMON_ERR_MALLOC;
}
memset(rsa, 0, sizeof(struct rsa*));
rsa->bio = BIO_new(BIO_s_file());
if (BIO_read_filename(rsa->bio, pkey) == 0){
printf("Failed to read BIO\n");
return FIPS_ERR_READ_BIO;
}
#if OPENSSL_VERSION_NUMBER > 0x03000000f
rsa->evp = NULL; // Otherwise, I have a seg fault during clean rsa st
X509 *x = PEM_read_bio_X509(rsa->bio, NULL, 0, NULL);
if (x == NULL){
printf("Failed to read the X509 certificate\n");
clean_rsa_st(rsa);
return FIPS_ERR_LOAD_X509;
}
rsa->evp = X509_get_pubkey(x);
if (rsa->evp == NULL){
printf("Failed to get public certificate\n");
X509_free(x);
return FIPS_ERR_LOAD_RSA_KEY;
}
rsa->rsa = EVP_PKEY_get1_RSA(rsa->evp);
if (rsa->rsa == NULL){
X509_free(x);
return FIPS_ERR_LOAD_RSA_KEY;
}
#endif
/*
* TODO: Need to identify public-key cryptosystem: RSA or EC
*/
// We have the RSA key, we can audit it
audit_rsa_keys(rsa, st_audit_fips, st_keyinfo, pkey);
#if OPENSSL_VERSION_NUMBER > 0x03000000f
X509_free(x);
#endif
clean_rsa_st(rsa);
return 0;
}
/*
* This function clean the RSA structure
*/
static void clean_rsa_st(struct rsa *rsa){
if (DEBUG)
printf("\nCleaning RSA\n");
if (rsa == NULL)
return;
if (rsa->bio != NULL)
BIO_free(rsa->bio);
if (openssl_version() == 3){
#if OPENSSL_VERSION_NUMBER > 0x03000000f
if (rsa->evp != NULL)
EVP_PKEY_free(rsa->evp);
#endif
}
if (rsa->rsa != NULL)
RSA_free(rsa->rsa);
free(rsa);
rsa = NULL;
}
/*
* Return 1 if the version is upper than 1 and less than 3
* Return 3 for the version v3
*/
static int openssl_version(){
unsigned long version = OPENSSL_VERSION_NUMBER;
if (DEBUG)
printf("OpenSSL Version: %lx\n", version);
if (version <= 0x03000000f)
return 1;
if (version >= 0x03000000f)
return 3;
}
/*
* In case we have an error with OpenSSL librairy, we can print the error message
*/
static void print_error(){
unsigned long err = ERR_get_error();
char b[256];
ERR_error_string(err, b);
printf("%s\n", b);
}
Reference in New Issue View Git Blame Copy Permalink