1

I am trying to use iTextSharp to generate PDF documents in my ASP.NET WebForms application using version 4.1.6, but it is throwing an exception on a staging server that has FIPS compliance turned on.

Does anyone know of a version of iTextSharp that is FIPS-compliant?

Karl Anderson
  • 34,606
  • 12
  • 65
  • 80
  • 1
    If you're dealing with FIPS you're probably dealing with very strong standards (or an tough server admin) and you might want to re-think 4.1.6 which isn't as free as everyone seems to think: http://www.lowagie.com/license. I'd also check out this discussion of 5.1.2 on FIPS: http://itext-general.2136553.n4.nabble.com/iTextSharp-5-1-2-and-FIPS-Compliance-td3990452.html – Chris Haas Nov 02 '13 at 14:56

2 Answers2

1

I recently needed to update some older iTextSharp code to be FIPS compliant -- I used iText 7 (basically the newest version of iTextSharp), which is FIPS compliant and generated PDFs fine on a FIPS enabled server.

Porting from iTextSharp to iText 7 wasn't very easy, mostly due to a lack of decent documentation but the update should get past any FIPS compliance issues.

As far as I can tell, the primary FIPS issue with iTextSharp is that it uses MD5, throwing exceptions (particularly on pdf.Close() events) since MD5 is not an approved FIPS hashing algorithm.

Nathan Beck
  • 1,152
  • 14
  • 23
0

This is actually more of a big comment rather than an answer. Sorry about that...

throwing an exception on a staging server that has FIPS compliance turned on FIPS validated cryptography enabled.

So, they have probably used HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy (Windows XP and Server 2003) or HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled (Vista and Server 2008) in effect.

Or, they may have done it by hand via How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll.

throwing an exception ...

Do you know what the exception is? If you know the exception, you might be able to hunt down its use in iTextSharp.

Generally speaking, all the FIPS approved algorithms and implementations are in System.Security.Cryptography and are non-managed. (More correctly, some System.Security.Cryptography classes are wrappers for CAPI calls because CAPI modules hold the validation).

So you might try finding cryptograhy not within System.Security.Cryptography; or within System.Security.Cryptography but using managed classes. For example, RijndaelManaged will get you in trouble here, and it will cause an expception.

EDIT: according to KB 811833, "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" security setting effects in Windows XP and in later versions of Windows:

Microsoft .NET Framework applications such as Microsoft ASP.NET only allow for using algorithm implementations that are certified by NIST to be FIPS 140 compliant. Specifically, the only cryptographic algorithm classes that can be instantiated are those that implement FIPS-compliant algorithms. The names of these classes end in "CryptoServiceProvider" or "Cng." Any attempt to create an instance of other cryptographic algorithm classes, such as classes with names ending in "Managed," cause an InvalidOperationException exception to occur.

I think you might simply be between a rock and a hard place:

$ grep -R MD5 * | grep -v "\.svn"
src/core/iTextSharp/text/ImgJBIG2.cs:                    this.globalHash = DigestAlgorithms.Digest("MD5", this.global);
src/core/iTextSharp/text/pdf/PdfSignatureAppearance.cs:            reference.Put(new PdfName("DigestMethod"), new PdfName("MD5"));
src/core/iTextSharp/text/pdf/PdfSignatureAppearance.cs:            reference.Put(new PdfName("DigestMethod"), new PdfName("MD5"));
src/core/iTextSharp/text/pdf/PdfEncryption.cs:    /** The message digest algorithm MD5 */
src/core/iTextSharp/text/pdf/PdfEncryption.cs:        md5 = DigestUtilities.GetDigest("MD5");
...
$ grep -R MD5 * | grep -v "\.svn" | wc -l
128

And:

$ grep -R SHA1 * | grep -v "\.svn"
src/core/iTextSharp/text/error_messages/nl.lng:support.only.sha1.hash.algorithm=Enkel ondersteuning voor SHA1 hash algoritme.
src/core/iTextSharp/text/error_messages/en.lng:support.only.sha1.hash.algorithm=Support only SHA1 hash algorithm.
src/core/iTextSharp/text/pdf/PdfName.cs:        public static readonly PdfName ADBE_PKCS7_SHA1 = new PdfName("adbe.pkcs7.sha1");
src/core/iTextSharp/text/pdf/PdfName.cs:        public static readonly PdfName ADBE_X509_RSA_SHA1 = new PdfName("adbe.x509.rsa_sha1");
src/core/iTextSharp/text/pdf/AcroFields.cs:            if (sub.Equals(PdfName.ADBE_X509_RSA_SHA1)) {
...
$ grep -R SHA1 * | grep -v "\.svn" | wc -l
188

MD5 shows up in 128 places and SHA-1 shows up in 188 places. Those algorithms are burrowed into that code, and its probably difficult to impossible to remove them.

You might have to build that on a server that allows weak/wounded ciphers because it appears MD5 and SHA1 might be part of the PDF specification (perhaps a PDF expert can help out here).

FIPS compliance turned on

A quick note about this. You either use validated cryptography, or you don't use validated cryptography. NIST and the DHS auditors are very precise about their use of these terms.

FIPS compliance, FIPS compliant, FIPS approved, FIPS enabled, FIPS <favorite word here> mean nothing. I'm aware that NIST and DHS pulled one vendor's network switches out of US Federal because the vendor's marketing department stated they were FIPS Compliant rather than stating they provided FIPS Validated cryptography.

jww
  • 97,681
  • 90
  • 411
  • 885
  • *MD5 and SHA1 might be part of the PDF specification (perhaps a PDF expert can help out here)* - for a complete support of the PDF specification both algorithms are required, both for security related (password hashing for encryption, document hashing for signing in some modes) and not security-related (checksums etc.) contexts. – mkl Feb 01 '14 at 08:52