Description

Secure Logger and Browser (SLaB) descriptions

There are four components associated with the Secure Logger and Browser:

  • The libLogger.a library used by the software code to encode/encrypt log messages
  • The Secure Vault to protect setup/configuration files
  • The browse executable to decode/decrypt log messages to readable log files
  • The Output Folder to store disk files

Software code (see Section [A] for an example) uses the libLogger.a library API functions to initialize, store, and save audit/log messages. Note that there are no header files. You only need to link your software code with the library.

  • The LoggerStartUp() initializes random access memory storage area structure and starts the logger.
  • The LoggerLogMsg() stores software code log message to random access memory storage area structure.
  • The LoggerSaveStorageAreaToFile() saves the current random access memory storage area structure to an encrypted disk file.
  • The LoggerShutDown() stops the logger and saves any messages in the random access memory storage area structure to an encrypted disk file.

The Secure Vault confidentially protects setup/configuration files in either a protected directory, protected container, or hardware protected device from unauthorized disclosure. In this example the Secure Vault is a protected directory that contains the following files:

  • The LoggerSetupFile.txt file contains defined log text message strings used by the software code. See Section [B] for an example.
  • The LoggerEncKey.txt and LoggerEncKeyIv.txt files contain AES keys used to encrypt log messages. See Section [C] for an example.
  • The Loggerpubkey.pem file contains the RSA public key to digitally sign encrypted log messages. See Section [D] for an example.
  • The Loggerprikey.pem file contains the corresponding RSA private key used to decrypt log messages. See Section [E] for an example.

The Output Folder contains the following files:

  • An encrypted file “02262020_15:02:09_001.efl” that contains the AES encrypted log messages.
  • An encrypted file “02262020_15:02:09_001.sfl” that contains a digital signature to ensure the integrity of the encrypted log file “02262020_15:02:09_001.efl”.
  • A decrypted log file “02262020_15:02:09_001.log” that contains readable log messages.

The browse executable converts encrypted log messages to a readable format stored in the log file “02262020_15:02:09_001.log”.

Section [F] shows how to compile the sample C software code and use the libLogger.a APIs to
encrypt log messages.

Section [G] shows how to compile the browse executable and use it to decrypt and store
readable log messages in a log file.

A. Example using the libLogger.a APIs in an application

The following sample C program my_application.c shows how to use all four Secure Logger APIs. Note that the third argument to LoggerLogMsg() is an integer value. This integer value is a replacement for the actual message text string. With this approach the string cannot be reverse engineered and extracted from the application executable. The string associated with the integer value is defined in the LoggerSetupFile.txt file as shown in section [B] below.

#include <stdio.h>
enum components { UI=1, LG=2, DB=3 };
enum severity { FATAL=1, INFO=2 };
main()
{
    LoggerStartUp(1);
    LoggerLogMsg(DB,FATAL,1, 102, 103, 104, 105, 106);
    LoggerLogMsg(LG,INFO,2, "Four");
    LoggerSaveStorageAreaToFile();
    LoggerLogMsg(UI,INFO,2, "MaxStringArgIs16");
    LoggerLogMsg(DB,INFO,4, 107, 108, "StringArgument06","StringArgument07", "StringArgument08");
    LoggerShutDown();
}

B. Example defining the LoggerSetupFile.txt configuration files

The following shows how to define the log message text strings used by the application in the LoggerSetupFile.txt file:

# Set LOGGER_OUTPUT_PATH to the location to save output files
LOGGER_OUTPUT_PATH=/home/…/…/Output

#** Define up to 3 component id/name **/
LOGGER_COMPONENT_START
1=UI
2=LG
3=DB
LOGGER_COMPONENT_END

#** Define up to 2 severity id/name **/
LOGGER_SEVERITY_START
1=FATAL14. 2=INFO
LOGGER_SEVERITY_END

#** Define up to 100 log messages id/string **/
LOGGER_MESSAGE_STRING_START
1=This message contains five integers=[%d, %d, %d, %d, %d]
2=This message contains one string=[%s]
3=This message contains two integers and three strings=[%d, %d, %s, %s, %s]
LOGGER_MESSAGE_STRING_END

The LoggerSetupFile.txt file must include:

  • Items 2: the full pathname for the Output Folder
  • Items 6-8: the components number and acronym that matches the sample C program Item 2: enum components { UI=1, LG=2, DB=3 };
  • Items 13,14: the severity levels number and acronym that matches the sample C program Item 3: enum severity { FATAL=1, INFO=2 };
  • Items 19-21: the message integer value and corresponding text string with control arguments that matche the sample C program Items 6-7 and 9-10.

C. Example defining LoggerEncKey.txt and LoggerEncKeyIv.txt files for AES key

The LoggerEncKey.txt and LoggerEncKeyIv.txt files contains the AES encryption keys for protecting the confidentiality of application log messages stored on disk. The LoggerEncKey.txt file:

B5D7961EDF1CED0134833146F9ADFBBEBB970D5319C0878997F4DFECBBECBEBF

The LoggerEncKeyIv.txt file:

3793BAE862C933AADED171C3AB48D259

D. Example defining the Loggerpubkey.pem file for RSA public key

The Loggerpubkey.pem files contains the RSA public key for protecting the confidentiality and ensuring the authenticity of sharing application log messages between the Secure Logger application and the Secure Browser user. The Loggerpubkey.pem file:

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQQ1y7ddw6WTkAdmAp6Usree3ZkY8jmlvJDHMsIHe/J4gpR5ehQfOuYLQCVquy8g/QK4/yEfGofK1Z2WebeMSpY2buaEsI43KAA0lJX3msmwe0kkKDf0kE+QNdXKEau6fz/Wd67zEmxU7KQNeYiHLEMNd0+hXOiABdvc5qkxHfZQIDAQAB
-----END PUBLIC KEY-----

E. Example defining the Loggerprikey.pem file for RSA private key

The Loggerprikey.pem files contains the corresponding RSA private key for protecting the confidentiality and ensuring the authenticity of sharing application log messages between the Secure Logger application and the Secure Browser user. This file should be accessible only by the Secure Browser user which will ensure that only that user can view the protect application log messages. The Loggerprikey.pem file:

-----BEGIN RSA PRIVATE KEY-----
MIICXwIBAAKBgQDQQ1y7ddw6WTkAdmAp6Usree3ZkY8jmlvJDHMsIHe/J4gpR5ehQfOuYLQCVquy8g/QK4/yEfGofK1Z2WebeMSpY2buaEsI43KAA0lJX3msmwe0kkKDf0kE+QNdXKEau6fz/Wd67zEmxU7KQNeYiHLEMNd0+hXOiABdvc5qkxHfZQIDAQABAoGBAJfWlPRjgJXV2RY6N/A2k8R11/CJDEgT0Rlqh0nDvipSwxX9iVJbiDM5c+REllgX3WmTaRY++OYzSBu6wqv6R746V/YBD0EIyacn0SlSS2ljeTz47tRxRZWvrXPPvR53XhsMS79brU5bIFMeD8/+KTNfUtFHLWz2a+T7be11X/d9AkEA9VkZ4plqKPauDoN1c0KUPFwbghP99htsw4b82ws/imSrdods0I9+oILBPhdr6j5Awww/ap4SlKX0d+lmImjPfwJBANlOFYns0q6/F7u7btiFfe1W10ABnbcHoors87XKvIQ8VQDCqgt374SKzuzM3HibytyAI17sJxBqHjmSezsqgxsCQQDfTyPyTXSEqFGwQBKsv9KwRZ17/bpPQJL0PG705/4DdrFhhs2R3qmAasJ8Q1EjuVm0rfcikZGT3qDua29crkz9AkEAlQsfbshGAKEEkDiQYGW+50iGvlndaKoN7Cd1SJzTDAetbaYWp2MNnuTt5DDmjrqcOvyQRgzHBlUige5cI0qXPQJBAKQ+dpjq4zco2glRjKLPTPmSP4hnMP32W1ukCsUisl/q6kfelhmEZsU9PGYpO6BGURpeKUyva+WZAjG3em69T48=
-----END RSA PRIVATE KEY-----

F. Compiling and executing the sample C program my_application.c using
libLogger.a

The following commands show how to compile the Secure Logger library (libLogger.a) with an application (i.e., my_application.c):

$ gcc my_application.c -o my_application -L. -lLogger -L. -lssl -lcrypto
$ my_application
$ ls $LOGGER_OUTPUT_PATH
03032020_16:55:49_001.efl 03032020_16:55:49_001.sfl
03032020_16:55:49_002.efl 03032020_16:55:49_002.sfl
LoggerEncKeyIv.txt.efl LoggerEncKey.txt.efl

Where the following files were generated by item-8 function call LoggerSaveStorageAreaToFile():
03032020_16:55:49_001.efl contains the encrypted log message file
03032020_16:55:49_001.sfl contains digitally signed hash for the encrypted log message file

Where the following files were generated by item-11 function call LoggerShutdown():
03032020_16:55:49_002.efl contains the encrypted log message file
03032020_16:55:49_002.sfl contains digitally signed hash for the encrypted log message file

Where the following files were generated as digitally signed AES keys by the RSA public
key:
LoggerEncKey.txt.efl and LoggerEncKeyIv.txt.efl contains the encrypted AES key

G. Executing the Secure Browser (i.e., browse) command:

$ browse -i 03032020_16:55:49_001.efl
$ ls $LOGGER_OUTPUT_PATH
03032020_16:55:49_001.log
$ cat 03032020_16:55:49_001.log
02/21/2020 11:09:16 [22237] [DB] [INFO] This message contains five integers=[102, 103, 104, 105, 106]
02/21/2020 11:09:16 [22237] [LG] [INFO] This message contains one string=[Four]
$
$ browse -i 03032020_16:55:49_002.efl
$ ls $LOGGER_OUTPUT_PATH
03032020_16:55:49_001.log 03032020_16:55:49_002.log
$ cat 03032020_16:55:49_002.log
02/21/2020 11:09:16 [22237] [UI] [INFO] This message contains one string=[MaxStringArgIs16]
02/21/2020 11:09:16 [22237] [DB] [INFO] This message contains two integers and three strings=[107, 108, StringArgument06, StringArgument07, StringArgument08]

Copyright 2013-2021 ISTECH.COM. All rights reserved. Patent Pending.