View mode

🔐 Cosmian KMS — Cryptographic Posture Report¶

ℹ️ Auto-generated report — do not edit by hand

Last commit: 959a4414

To regenerate:

bash .github/scripts/audit/crypto_sensor.sh --repo-root .

🎯 Security Posture Scorecard¶

✅ None

Unmitigated CRITICAL

21 total CRITICAL

✅ None

Unmitigated HIGH

40 total HIGH

50%

PQC Readiness

asymmetric ops with PQC alternative

43%

FIPS Coverage

FIPS 140-3 approved algorithm refs

180

Zeroize References

key material cleared on drop

✅ No unmitigated CRITICAL or HIGH findings

All CRITICAL/HIGH hits are KMIP spec enum definitions (blocked at runtime by algorithm_policy.rs) or known-acceptable technical context. No immediate remediation required.

📊 Discovery Overview¶

📈 Risk Summary🔬 Algorithm Profile📦 Dependencies

Severity	Count	Context
🔴 CRITICAL	21	Broken algorithms (DES·MD5·RC4) — all KMIP spec enums, blocked at runtime
🟠 HIGH	40	Weak key sizes (RSA-1024·EC-P192) and deprecated SHA-1
🟡 MEDIUM	0	Medium-severity issues
🔵 LOW / ⚪ INFO	2185	Informational algorithm usage references

pie title Sensor findings by severity
"CRITICAL" : 21
"HIGH" : 40
"INFO" : 2185

Reference counts = source lines matching each algorithm pattern.

Algorithm	Category	FIPS 140-3	PQC	Refs
PKCS#11/HSM	HSM interface	❌	—	571
RSA	Asymmetric	✅	❌	246
Covercrypt (ABE)	Attribute-Based Encryption	❌	—	226
X.509 certificate	PKI / TLS	✅	—	203
ML-KEM (FIPS 203)	Post-Quantum KEM	✅	✅	167
SLH-DSA (FIPS 205)	Post-Quantum Signature	✅	—	158
EdDSA (Ed25519/Ed448)	Asymmetric	✅	❌	107
AES-GCM/GCM-SIV	Symmetric	✅	—	93
ML-DSA (FIPS 204)	Post-Quantum Signature	✅	—	50
Hybrid KEM	Classical + PQC	✅	✅	26
EC-P192	Asymmetric — WEAK KEY	❌	❌	19
EC (ECDSA/ECDH)	Asymmetric	✅	❌	15
DES/3DES	Symmetric — DEPRECATED	❌	—	15
SHA-1	Hash — deprecated for signing	❌	—	13
ChaCha20-Poly1305	Symmetric (non-FIPS)	❌	—	10
RSA-1024	Asymmetric — WEAK KEY	❌	❌	8
Argon2	KDF	❌	—	5
RC4	Symmetric — BROKEN	❌	—	5
MD5	Hash — BROKEN	❌	—	1

Deprecated entries in kmip_1_4/ are KMIP spec enum definitions — not active operations. Blocked at runtime by algorithm_policy.rs.

pie title Algorithm usage by category
"PKCS#11 / HSM" : 571
"Asymmetric (RSA)" : 246
"ABE (Covercrypt)" : 226
"TLS / X.509" : 203
"PQC (ML-KEM)" : 167
"PQC (SLH-DSA)" : 158
"Asymmetric (EdDSA)" : 107
"Symmetric (AES)" : 93
"PQC (ML-DSA)" : 50
"Asymmetric — weak" : 27
"PQC (Hybrid KEM)" : 26
"Asymmetric (EC)" : 15
"Symmetric (deprecated)" : 15
"Hash (deprecated)" : 13
"Symmetric (ChaCha20)" : 10
"KDF (Argon2)" : 5
"Symmetric (RC4)" : 5
"Hash (MD5)" : 1

Dependency	Description	Standard	Cargo.toml refs
`openssl (FIPS provider)`	openssl (FIPS provider)		76
`openssl`	OpenSSL 3.6 (FIPS provider)	FIPS 140-3	33
`x509-parser`	x509-parser	RFC 5280	5
`cosmian_crypto_core`	cosmian_crypto_core		5
`p256`	p256 (NIST P-256)	FIPS 186-5	3
`aes-gcm`	RustCrypto/aes-gcm-siv	RFC 8452	1
`argon2`	RustCrypto/argon2	RFC 9106	1
`cosmian_cover_crypt`	cosmian_cover_crypt		1
`k256`	k256 (secp256k1)		1
`rustls`	rustls (TLS)	RFC 8446	1
`ring`	ring (BoringSSL subset)		1

flowchart TD
    COSMIAN_KMS["Cosmian KMS"]
    COSMIAN_KMS --> OPENSSL__FIPS_PROVIDER_["openssl (FIPS provider)"]
    COSMIAN_KMS --> OPENSSL["OpenSSL (FIPS provider)"]
    COSMIAN_KMS --> X509_PARSER["x509-parser"]
    COSMIAN_KMS --> COSMIAN_CRYPTO_CORE["cosmian_crypto_core (KEM combiner)"]
    COSMIAN_KMS --> P256["p256 NIST P-256"]
    COSMIAN_KMS --> AES_GCM["RustCrypto/aes-gcm"]
    COSMIAN_KMS --> ARGON2["RustCrypto/argon2"]
    COSMIAN_KMS --> COSMIAN_COVER_CRYPT["cosmian_cover_crypt (ABE)"]
    COSMIAN_KMS --> K256["k256 secp256k1"]
    COSMIAN_KMS --> RUSTLS["rustls (TLS)"]
    COSMIAN_KMS --> RING["ring (BoringSSL subset)"]

⚡ Priority Remediation¶

✅ No actionable CRITICAL or HIGH findings

All 61 CRITICAL/HIGH hits are suppressed by KMIP runtime policy (algorithm_policy.rs deny-list) or confirmed-safe protocol context. No remediation required.

🚀 Post-Quantum Readiness¶

Score: 50% — 50% of asymmetric operations have a PQC alternative.

pie title PQC vs Classical asymmetric coverage
    "PQC-ready (ML-KEM, ML-DSA, SLH-DSA, Hybrid)" : 50
    "Classical-only (RSA, EC, EdDSA)" : 50

Standard	Algorithm	Status
FIPS 203	ML-KEM (CRYSTALS-Kyber)	✅
FIPS 204	ML-DSA (CRYSTALS-Dilithium)	✅
FIPS 205	SLH-DSA (SPHINCS+)	✅
CNSA 2.0	Hybrid KEM (classical + PQC)	✅
RFC 8032	EdDSA (Ed25519 / Ed448)	✅
FIPS 186-5	ECDH / ECDSA (P-256+)	✅

All four NIST PQC standards implemented

FIPS 203, 204, 205 and CNSA 2.0 Hybrid KEM are already deployed. The European Commission end-of-2026 inventory mandate is addressed.

🔒 FIPS 140-3 Compliance¶

Score: 43% of detected algorithm references are FIPS 140-3 approved.

The remaining 57% are:

Category	Reason
PKCS#11 / HSM	FIPS status depends on the certified HSM hardware
Covercrypt ABE	Attribute-based encryption — FIPS not applicable
ChaCha20-Poly1305	Non-FIPS builds only (`--features non-fips`)
KMIP 1.4 legacy enums	Type definitions — not active crypto operations

FIPS build mode

cargo build (without --features non-fips) exercises only FIPS 140-3 approved algorithms at runtime.

🛡️ Memory Safety — Zeroize Discipline¶

The sensor found 180 references to Zeroizing<T> / ZeroizeOnDrop across the codebase — automatic key-material zeroing on drop (CWE-316 mitigation).

Best practice implemented

All derived key material (HKDF, PBKDF2) and private key bytes are wrapped in Zeroizing<Vec<u8>> — secrets are scrubbed from memory when their scope ends.

🔍 How the Sensor Works¶

flowchart LR
    A["Discover\nScan Rust sources\n& Cargo.toml"] --> B["Analyze\nApply risk rules\nMatch KMIP context"]
    B --> C["Prioritize\nSeverity scoring\nMitigation tagging"]
    C --> D["Report\nCBOM & MkDocs\nJSON + Markdown"]
    D --> E["Monitor\nPre-commit hook\nCI integration"]
    style A fill:#f0f9ff,stroke:#0ea5e9
    style B fill:#fefce8,stroke:#eab308
    style C fill:#fff7ed,stroke:#f97316
    style D fill:#f0fdf4,stroke:#22c55e
    style E fill:#faf5ff,stroke:#a855f7

Layer	Tool	What it discovers
Source code	`scan_source.py`	Algorithm usage, deprecated primitives, weak keys, hardcoded material, PQC/zeroize
Dependency tree	`cdxgen` (OWASP CycloneDX)	Cryptographic library versions from `Cargo.lock`
CVE feed	`cargo audit` (RustSec)	Known vulnerabilities in crypto dependencies
Live TLS	`testssl.sh` (optional)	Cipher suites, certificate chain, TLS version

The sensor outputs a Cryptographic Bill of Materials (CBOM) in CycloneDX 1.6 format (see cbom/cbom.cdx.json).

▶️ How to Run¶

Full scan — source + CVE + CBOM (also updates this page)

bash .github/scripts/audit/crypto_sensor.sh --repo-root .
# With live TLS scan:
bash .github/scripts/audit/crypto_sensor.sh \\
    --repo-root . --server-url https://localhost:9998 --update-cbom

Source scanner only (fast, no network)

python3 .github/scripts/audit/scan_source.py \\
    --repo-root . --output /tmp/findings.json

Risk scorer + page regeneration

python3 .github/scripts/audit/risk_score.py \\
    --input /tmp/findings.json \\
    --output-json /tmp/risk_report.json \\
    --docs-output documentation/docs/certifications_and_compliance/audit/crypto_inventory.md

Output files are written to cbom/sensor/ (stable path — overwritten on each run):

File	Content
`findings.json`	Raw per-line source scanner findings
`risk_report.json`	Risk-scored findings + CVE data
`cargo_audit.json`	CVE advisory data
`dep_cbom.json`	Dependency-level CBOM (cdxgen)
`tls_report.txt`	TLS scan output (if `--server-url` was given)

CBOM (CycloneDX) — full CycloneDX 1.6 CBOM file
SBOM — software bill of materials
FIPS 140-3 — FIPS compliance details
Cryptographic algorithms — algorithm reference
Zeroization — memory-safety approach for key material
Security Audit (OWASP) — OWASP Top 10 audit
Multi-Framework Audit — NIST/CIS/ISO/OSSTMM audit