View mode

🔐 kms — Cryptographic Posture Report¶

ℹ️ Auto-generated report — do not edit by hand

Last commit: 70512c0b

To regenerate:

bash .mise/scripts/audit/crypto_sensor.sh --repo-root .

🎯 Security Posture Scorecard¶

✅ None

Unmitigated CRITICAL

21 total CRITICAL

1

Unmitigated HIGH

41 total HIGH

59%

PQC Readiness

asymmetric ops with PQC alternative

49%

FIPS Coverage

FIPS 140-3 approved algorithm refs

204

Zeroize References

key material cleared on drop

1 unmitigated HIGH finding(s) — review recommended

HIGH findings are not covered by a KMIP-spec mitigation. Review the Priority Remediation section below.

📊 Discovery Overview¶

📈 Risk Summary🔬 Algorithm Profile📦 Dependencies

Severity	Count	Context
🔴 CRITICAL	21	Broken algorithms (DES·MD5·RC4) — all KMIP spec enums, blocked at runtime
🟠 HIGH	41	Weak key sizes (RSA-1024·EC-P192) and deprecated SHA-1
🟡 MEDIUM	0	Medium-severity issues
🔵 LOW / ⚪ INFO	2449	Informational algorithm usage references

pie title Sensor findings by severity
"CRITICAL" : 21
"HIGH" : 41
"INFO" : 2449

Reference counts = source lines matching each algorithm pattern.

Algorithm	Category	FIPS 140-3	PQC	Refs
PKCS#11/HSM	HSM interface	❌	—	559
RSA	Asymmetric	✅	❌	248
X.509 certificate	PKI / TLS	✅	—	233
ML-KEM (FIPS 203)	Post-Quantum KEM	✅	✅	225
SLH-DSA (FIPS 205)	Post-Quantum Signature	✅	—	223
Covercrypt (ABE)	Attribute-Based Encryption	❌	—	197
ML-DSA (FIPS 204)	Post-Quantum Signature	✅	—	141
EdDSA (Ed25519/Ed448)	Asymmetric	✅	❌	141
AES-GCM/GCM-SIV	Symmetric	✅	—	66
Argon2	KDF	❌	—	26
Hybrid KEM	Classical + PQC	✅	✅	24
EC-P192	Asymmetric — WEAK KEY	❌	❌	20
EC (ECDSA/ECDH)	Asymmetric	✅	❌	15
DES/3DES	Symmetric — DEPRECATED	❌	—	15
SHA-1	Hash — deprecated for signing	❌	—	13
ChaCha20-Poly1305	Symmetric (non-FIPS)	❌	—	8
RSA-1024	Asymmetric — WEAK KEY	❌	❌	8
RC4	Symmetric — BROKEN	❌	—	5
SHA-2/SHA-3	Hash	✅	—	1
MD5	Hash — BROKEN	❌	—	1

Deprecated entries in kmip_1_4/ are KMIP spec enum definitions — not active operations. Blocked at runtime by algorithm_policy.rs.

pie title Algorithm usage by category
"PKCS#11 / HSM" : 559
"Asymmetric (RSA)" : 248
"TLS / X.509" : 233
"PQC (ML-KEM)" : 225
"PQC (SLH-DSA)" : 223
"ABE (Covercrypt)" : 197
"PQC (ML-DSA)" : 141
"Asymmetric (EdDSA)" : 141
"Symmetric (AES)" : 66
"Asymmetric — weak" : 28
"KDF (Argon2)" : 26
"PQC (Hybrid KEM)" : 24
"Asymmetric (EC)" : 15
"Symmetric (deprecated)" : 15
"Hash (deprecated)" : 13
"Symmetric (ChaCha20)" : 8
"Symmetric (RC4)" : 5
"Hash (SHA-2/3)" : 1
"Hash (MD5)" : 1

Dependency	Description	Standard	Cargo.toml refs
`openssl (FIPS provider)`	openssl (FIPS provider)		85
`openssl`	OpenSSL 3.6 (FIPS provider)	FIPS 140-3	34
`cosmian_crypto_core`	cosmian_crypto_core		5
`x509-parser`	x509-parser	RFC 5280	4
`p256`	p256 (NIST P-256)	FIPS 186-5	3
`rustls`	rustls (TLS)	RFC 8446	2
`aes-gcm`	RustCrypto/aes-gcm-siv	RFC 8452	1
`argon2`	RustCrypto/argon2	RFC 9106	1
`cosmian_cover_crypt`	cosmian_cover_crypt		1
`k256`	k256 (secp256k1)		1
`ring`	ring (BoringSSL subset)		1

flowchart TD
    KMS["kms"]
    KMS --> OPENSSL__FIPS_PROVIDER_["openssl (FIPS provider)"]
    KMS --> OPENSSL["OpenSSL (FIPS provider)"]
    KMS --> COSMIAN_CRYPTO_CORE["cosmian_crypto_core (KEM combiner)"]
    KMS --> X509_PARSER["x509-parser"]
    KMS --> P256["p256 NIST P-256"]
    KMS --> RUSTLS["rustls (TLS)"]
    KMS --> AES_GCM["RustCrypto/aes-gcm"]
    KMS --> ARGON2["RustCrypto/argon2"]
    KMS --> COSMIAN_COVER_CRYPT["cosmian_cover_crypt (ABE)"]
    KMS --> K256["k256 secp256k1"]
    KMS --> RING["ring (BoringSSL subset)"]

⚡ Priority Remediation¶

62 CRITICAL + HIGH total | 1 actionable | 61 suppressed by KMIP policy

#	Severity	Algorithm	File	Detail	Remediation
1	🟠 HIGH	`EC-P192`	`ttlv/enum_lookup.rs:200`	P-192 is below the 112-bit security level. Use P-256 or higher.	Upgrade to P-256 or higher curve.

🚀 Post-Quantum Readiness¶

Score: 59% — 59% of asymmetric operations have a PQC alternative.

pie title PQC vs Classical asymmetric coverage
    "PQC-ready (ML-KEM, ML-DSA, SLH-DSA, Hybrid)" : 59
    "Classical-only (RSA, EC, EdDSA)" : 41

Standard	Algorithm	Status
FIPS 203	ML-KEM (CRYSTALS-Kyber)	✅
FIPS 204	ML-DSA (CRYSTALS-Dilithium)	✅
FIPS 205	SLH-DSA (SPHINCS+)	✅
CNSA 2.0	Hybrid KEM (classical + PQC)	✅
RFC 8032	EdDSA (Ed25519 / Ed448)	✅
FIPS 186-5	ECDH / ECDSA (P-256+)	✅

All four NIST PQC standards implemented

FIPS 203, 204, 205 and CNSA 2.0 Hybrid KEM are already deployed. The European Commission end-of-2026 inventory mandate is addressed.

🔒 FIPS 140-3 Compliance¶

Score: 49% of detected algorithm references are FIPS 140-3 approved.

The remaining 51% are:

Category	Reason
PKCS#11 / HSM	FIPS status depends on the certified HSM hardware
Covercrypt ABE	Attribute-based encryption — FIPS not applicable
ChaCha20-Poly1305	Non-FIPS builds only (`--features non-fips`)
KMIP 1.4 legacy enums	Type definitions — not active crypto operations

FIPS build mode

cargo build (without --features non-fips) exercises only FIPS 140-3 approved algorithms at runtime.

🛡️ Memory Safety — Zeroize Discipline¶

The sensor found 204 references to Zeroizing<T> / ZeroizeOnDrop across the codebase — automatic key-material zeroing on drop (CWE-316 mitigation).

Best practice implemented

All derived key material (HKDF, PBKDF2) and private key bytes are wrapped in Zeroizing<Vec<u8>> — secrets are scrubbed from memory when their scope ends.

🔍 How the Sensor Works¶

flowchart LR
    A["Discover\nScan Rust sources\n& Cargo.toml"] --> B["Analyze\nApply risk rules\nMatch KMIP context"]
    B --> C["Prioritize\nSeverity scoring\nMitigation tagging"]
    C --> D["Report\nCBOM & MkDocs\nJSON + Markdown"]
    D --> E["Monitor\nPre-commit hook\nCI integration"]
    style A fill:#f0f9ff,stroke:#0ea5e9
    style B fill:#fefce8,stroke:#eab308
    style C fill:#fff7ed,stroke:#f97316
    style D fill:#f0fdf4,stroke:#22c55e
    style E fill:#faf5ff,stroke:#a855f7

Layer	Tool	What it discovers
Source code	`scan_source.py`	Algorithm usage, deprecated primitives, weak keys, hardcoded material, PQC/zeroize
Dependency tree	`cdxgen` (OWASP CycloneDX)	Cryptographic library versions from `Cargo.lock`
CVE feed	`cargo audit` (RustSec)	Known vulnerabilities in crypto dependencies
Live TLS	`testssl.sh` (optional)	Cipher suites, certificate chain, TLS version

The sensor outputs a Cryptographic Bill of Materials (CBOM) in CycloneDX 1.6 format (see cbom/cbom.cdx.json).

▶️ How to Run¶

Full scan — source + CVE + CBOM (also updates this page)

bash .mise/scripts/audit/crypto_sensor.sh --repo-root .
# With live TLS scan:
bash .mise/scripts/audit/crypto_sensor.sh \\
    --repo-root . --server-url https://localhost:9998 --update-cbom

Source scanner only (fast, no network)

python3 .mise/scripts/audit/scan_source.py \\
    --repo-root . --output /tmp/findings.json

Risk scorer + page regeneration

python3 .mise/scripts/audit/risk_score.py \\
    --input /tmp/findings.json \\
    --output-json /tmp/risk_report.json \\
    --docs-output documentation/docs/certifications_and_compliance/audit/crypto_inventory.md

Output files are written to cbom/sensor/ (stable path — overwritten on each run):

File	Content
`findings.json`	Raw per-line source scanner findings
`risk_report.json`	Risk-scored findings + CVE data
`cargo_audit.json`	CVE advisory data
`dep_cbom.json`	Dependency-level CBOM (cdxgen)
`tls_report.txt`	TLS scan output (if `--server-url` was given)

CBOM (CycloneDX) — full CycloneDX 1.6 CBOM file
SBOM — software bill of materials
FIPS 140-3 — FIPS compliance details
Cryptographic algorithms — algorithm reference
Zeroization — memory-safety approach for key material
Security Audit (OWASP) — OWASP Top 10 audit
Multi-Framework Audit — NIST/CIS/ISO/OSSTMM audit