refactor: setup replacement default policies (#5464)

Author: lrstewart

tests/unit/s2n_policy_builder_test.c

@@ -0,0 +1,87 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+#include "tls/policy/s2n_policy_builder.h"
+
+#include "s2n_test.h"
+#include "testlib/s2n_testlib.h"
+
+int main(int argc, char **argv)
+{
+    BEGIN_TEST();
+
+    /* Test: s2n_security_policy_get */
+    {
+        /* Policies exist only for expected policy + version combinations */
+        for (size_t policy_i = 0; policy_i < UINT8_MAX; policy_i++) {
+            bool first_null_found = false;
+            uint64_t versions_found = 0;
+
+            for (size_t version_i = 0; version_i < UINT8_MAX; version_i++) {
+                const struct s2n_security_policy *policy = s2n_security_policy_get(policy_i, version_i);
+
+                /* Invalid policy or version values should be NULL */
+                if (version_i == 0 || policy_i == 0) {
+                    /* Versioning starts at 1 instead of 0.
+                     * We may want to later assign 0 a special meaning, like "none".
+                     */
+                    EXPECT_NULL_WITH_ERRNO(policy, S2N_ERR_INVALID_SECURITY_POLICY);
+                    continue;
+                } else if (policy_i >= S2N_MAX_DEFAULT_POLICIES) {
+                    EXPECT_NULL_WITH_ERRNO(policy, S2N_ERR_INVALID_SECURITY_POLICY);
+                    continue;
+                } else if (version_i >= S2N_MAX_POLICY_VERSIONS) {
+                    EXPECT_NULL_WITH_ERRNO(policy, S2N_ERR_INVALID_SECURITY_POLICY);
+                    continue;
+                }
+
+                if (policy) {
+                    /* The policy exists because the version is valid.
+                     * Versions should be contiguous. No previous gaps.
+                     */
+                    EXPECT_FALSE(first_null_found);
+                    versions_found++;
+                } else if (first_null_found) {
+                    /* If we've already found the first invalid version, all later
+                     * versions should be invalid too.
+                     */
+                    EXPECT_NULL_WITH_ERRNO(policy, S2N_ERR_INVALID_SECURITY_POLICY);
+                } else {
+                    /* We have found the first invalid version */
+                    first_null_found = true;
+                    EXPECT_NULL_WITH_ERRNO(policy, S2N_ERR_INVALID_SECURITY_POLICY);
+                }
+            }
+
+            if (policy_i > 0 && policy_i < S2N_MAX_DEFAULT_POLICIES) {
+                /* Each valid policy should have at least one valid version */
+                EXPECT_TRUE(versions_found > 0);
+                /* If we did't find the last valid version, we're not testing enough */
+                EXPECT_TRUE(first_null_found);
+            }
+        };
+
+        /* Check known good values.
+         * Note: don't add EVERY new version to this test. We should only test
+         * an interesting selection of inputs.
+         */
+        {
+            EXPECT_NOT_NULL(s2n_security_policy_get(S2N_POLICY_STRICT, S2N_STRICT_2025_08_20));
+            EXPECT_NOT_NULL(s2n_security_policy_get(S2N_POLICY_COMPATIBLE, S2N_COMPAT_2025_08_20));
+        }
+    };
+
+    END_TEST();
+}

tls/Makefile

@@ -25,22 +25,22 @@ BCS=$(addprefix $(BITCODE_DIR), $(BCS_1))
 
 .PHONY : all
 all: $(OBJS)
-	$(foreach subfolder, $(SUB_BUILDS), $(MAKE) -C $(subfolder))
+	$(foreach subfolder, $(SUB_BUILDS), $(MAKE) -C $(subfolder);)
 
 .PHONY : bc
 bc: $(BCS)
-	$(foreach subfolder, $(SUB_BUILDS), $(MAKE) -C $(subfolder) bc)
+	$(foreach subfolder, $(SUB_BUILDS), $(MAKE) -C $(subfolder) bc;)
 
 .PHONY : run-lcov
 run-lcov: lcov
-	$(foreach subfolder, $(SUB_BUILDS), $(MAKE) -C $(subfolder) lcov)
+	$(foreach subfolder, $(SUB_BUILDS), $(MAKE) -C $(subfolder) lcov;)
 
 .PHONY : indent
 indent: indentsource
-	$(foreach subfolder, $(SUB_BUILDS), ${MAKE} -C $(subfolder) indentsource)
+	$(foreach subfolder, $(SUB_BUILDS), ${MAKE} -C $(subfolder) indentsource;)
 
 .PHONY : clean
 clean: decruft
-	$(foreach subfolder, $(SUB_BUILDS), ${MAKE} -C $(subfolder) decruft)
+	$(foreach subfolder, $(SUB_BUILDS), ${MAKE} -C $(subfolder) decruft;)
 
 include ../s2n.mk

tls/policy/Makefile

@@ -0,0 +1,29 @@
+#
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License").
+# You may not use this file except in compliance with the License.
+# A copy of the License is located at
+#
+#  http://aws.amazon.com/apache2.0
+#
+# or in the "license" file accompanying this file. This file is distributed
+# on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+# express or implied. See the License for the specific language governing
+# permissions and limitations under the License.
+#
+
+SRCS=$(wildcard *.c)
+OBJS=$(SRCS:.c=.o)
+
+# We currently don't need any of these files
+# Update this list as necessary. See tls/Makefile.
+BCS=
+
+.PHONY : all
+all: $(OBJS)
+
+.PHONY : bc
+bc: $(BCS)
+
+include ../../s2n.mk

tls/policy/s2n_policy_builder.c

@@ -0,0 +1,128 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+#include "tls/policy/s2n_policy_builder.h"
+
+#include "tls/s2n_security_policies.h"
+
+/* clang-format off */
+S2N_INLINE_SECURITY_POLICY_V1(
+    default_policy_strict,
+    S2N_TLS13,
+    S2N_CIPHER_PREF_LIST(
+        &s2n_tls13_aes_128_gcm_sha256,
+        &s2n_tls13_aes_256_gcm_sha384,
+    ),
+    S2N_SIG_PREF_LIST(
+        &s2n_mldsa44,
+        &s2n_mldsa65,
+        &s2n_mldsa87,
+        &s2n_ecdsa_sha256,
+        &s2n_ecdsa_sha384,
+        &s2n_ecdsa_sha512,
+        &s2n_rsa_pss_pss_sha256,
+        &s2n_rsa_pss_pss_sha384,
+        &s2n_rsa_pss_pss_sha512,
+        &s2n_rsa_pss_rsae_sha256,
+        &s2n_rsa_pss_rsae_sha384,
+        &s2n_rsa_pss_rsae_sha512,
+    ),
+    S2N_CURVE_PREF_LIST(
+        &s2n_ecc_curve_secp256r1,
+        &s2n_ecc_curve_secp384r1,
+        &s2n_ecc_curve_secp521r1,
+    ),
+    S2N_KEM_PREF_LIST(
+        &s2n_secp256r1_mlkem_768,
+        &s2n_x25519_mlkem_768,
+        &s2n_secp384r1_mlkem_1024,
+    )
+);
+/* clang-format on */
+
+/* clang-format off */
+S2N_INLINE_SECURITY_POLICY_V1(
+    default_policy_compat,
+    S2N_TLS12,
+    S2N_CIPHER_PREF_LIST(
+        &s2n_tls13_aes_128_gcm_sha256,
+        &s2n_tls13_aes_256_gcm_sha384,
+        &s2n_tls13_chacha20_poly1305_sha256,
+        &s2n_ecdhe_ecdsa_with_aes_128_gcm_sha256,
+        &s2n_ecdhe_rsa_with_aes_128_gcm_sha256,
+        &s2n_ecdhe_ecdsa_with_aes_256_gcm_sha384,
+        &s2n_ecdhe_rsa_with_aes_256_gcm_sha384,
+        &s2n_ecdhe_ecdsa_with_chacha20_poly1305_sha256,
+        &s2n_ecdhe_rsa_with_chacha20_poly1305_sha256,
+        &s2n_ecdhe_ecdsa_with_aes_128_cbc_sha256,
+        &s2n_ecdhe_rsa_with_aes_128_cbc_sha256,
+        &s2n_ecdhe_ecdsa_with_aes_256_cbc_sha384,
+        &s2n_ecdhe_rsa_with_aes_256_cbc_sha384,
+    ),
+    S2N_SIG_PREF_LIST(
+        &s2n_mldsa44,
+        &s2n_mldsa65,
+        &s2n_mldsa87,
+        &s2n_ecdsa_sha256,
+        &s2n_ecdsa_sha384,
+        &s2n_ecdsa_sha512,
+        &s2n_rsa_pss_pss_sha256,
+        &s2n_rsa_pss_pss_sha384,
+        &s2n_rsa_pss_pss_sha512,
+        &s2n_rsa_pss_rsae_sha256,
+        &s2n_rsa_pss_rsae_sha384,
+        &s2n_rsa_pss_rsae_sha512,
+        &s2n_rsa_pkcs1_sha256,
+        &s2n_rsa_pkcs1_sha384,
+        &s2n_rsa_pkcs1_sha512,
+    ),
+    S2N_CURVE_PREF_LIST(
+        &s2n_ecc_curve_secp256r1,
+        &s2n_ecc_curve_x25519,
+        &s2n_ecc_curve_secp384r1,
+        &s2n_ecc_curve_secp521r1,
+    ),
+    S2N_KEM_PREF_LIST(
+        &s2n_secp256r1_mlkem_768,
+        &s2n_x25519_mlkem_768,
+        &s2n_secp384r1_mlkem_1024,
+    )
+);
+/* clang-format on */
+
+const struct s2n_security_policy *default_policies[S2N_MAX_DEFAULT_POLICIES][S2N_MAX_POLICY_VERSIONS] = {
+    [S2N_POLICY_STRICT] = {
+            [S2N_STRICT_2025_08_20] = &default_policy_strict,
+    },
+    [S2N_POLICY_COMPATIBLE] = {
+            [S2N_COMPAT_2025_08_20] = &default_policy_compat,
+    },
+};
+
+const struct s2n_security_policy *s2n_security_policy_get(s2n_policy_name policy, uint64_t version)
+{
+    /* The uint64_t cast here is required for some older compilers to avoid a
+     * "tautological-constant-out-of-range-compare" error. That error assumes
+     * "policy" will be a valid s2n_default_policy, but that is not guaranteed by
+     * the standard.
+     */
+    PTR_ENSURE((uint64_t) policy < S2N_MAX_DEFAULT_POLICIES, S2N_ERR_INVALID_SECURITY_POLICY);
+    PTR_ENSURE(version < S2N_MAX_POLICY_VERSIONS, S2N_ERR_INVALID_SECURITY_POLICY);
+
+    const struct s2n_security_policy *match = default_policies[policy][version];
+    PTR_ENSURE(match, S2N_ERR_INVALID_SECURITY_POLICY);
+
+    return match;
+}

tls/policy/s2n_policy_builder.h

@@ -0,0 +1,21 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+#pragma once
+
+#include "tls/policy/s2n_policy_feature.h"
+
+#define S2N_MAX_DEFAULT_POLICIES 3
+#define S2N_MAX_POLICY_VERSIONS  10

tls/policy/s2n_policy_feature.h

@@ -0,0 +1,101 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+#pragma once
+
+#include <s2n.h>
+
+struct s2n_security_policy;
+
+/**
+ * Security policy definitions for common use cases.
+ * These policies are versioned, with updates added as new versions.
+ */
+typedef enum {
+    /**
+     * A security policy that supports a wide variety of common options.
+     * It is intended for use cases where the peer in a connection is unknown,
+     * but assumed reasonably modern and standard.
+     * If you are unsure which policy to choose, this is a safe choice.
+     */
+    S2N_POLICY_COMPATIBLE = 1,
+    /**
+     * A security policy that supports a narrow selection of the most preferred options.
+     * It is intended for use cases where the peer is known to support that narrow
+     * selection of options, usually because the same owner maintains both the clients
+     * and servers involved in connections.
+     */
+    S2N_POLICY_STRICT,
+} s2n_policy_name;
+
+typedef enum {
+    /**
+     * Supports only TLS1.3.
+     * Supports post-quantum key exchange (MLKEM) and signatures (MLDSA).
+     * Supports MLDSA, EC, and RSA certificates.
+     * Supports only AES-GCM encryption.
+     * Supports p256, p384, and p521 named groups.
+     * Supports only SHA256 and higher signatures.
+     * Supports only RSA-PSS padding for RSA signatures.
+     * Supports forward secrecy.
+     */
+    S2N_STRICT_2025_08_20 = 1,
+} s2n_strict_policy_version;
+
+typedef enum {
+    /**
+     * Supports TLS1.2 and TLS1.3.
+     * Supports post-quantum key exchange (MLKEM) and signatures (MLDSA).
+     * Supports MLDSA, EC, and RSA certificates.
+     * Supports AES-GCM, AES-CBC, and ChaChaPoly encryption.
+     * Supports p256, x25519, p384, and p521 named groups.
+     * Supports only SHA256 and higher signatures.
+     * Supports forward secrecy.
+     */
+    S2N_COMPAT_2025_08_20 = 1,
+} s2n_compat_policy_version;
+
+/**
+ * Retrieves a security policy by name and version.
+ *
+ * @param policy The s2n_policy_name defining a policy.
+ * @param version The specific version of the policy.
+ * @returns A static library security policy
+ */
+const struct s2n_security_policy *s2n_security_policy_get(s2n_policy_name policy, uint64_t version);
+
+/**
+ * Sets the security policy on the config.
+ *
+ * "security policies" were previously known as "cipher preferences".
+ * See `s2n_config_set_cipher_preferences`.
+ *
+ * @param config The config object being updated
+ * @param policy The security policy being set
+ * @returns S2N_SUCCESS on success. S2N_FAILURE on failure
+ */
+int s2n_config_set_security_policy(struct s2n_config *config, const struct s2n_security_policy *policy);
+
+/**
+ * Sets an override security policy on the connection.
+ *
+ * "security policies" were previously known as "cipher preferences".
+ * See `s2n_connection_set_cipher_preferences`.
+ *
+ * @param conn The connection object being updated
+ * @param policy The security policy being set
+ * @returns S2N_SUCCESS on success. S2N_FAILURE on failure
+ */
+int s2n_connection_set_security_policy(struct s2n_connection *conn, const struct s2n_security_policy *policy);