diff --git a/tests/policy_snapshot/snapshots/20260219 b/tests/policy_snapshot/snapshots/20260219 new file mode 100644 index 00000000000..f7c1263680d --- /dev/null +++ b/tests/policy_snapshot/snapshots/20260219 @@ -0,0 +1,18 @@ +min version: TLS1.3 +rules: +- Perfect Forward Secrecy: yes +- FIPS 140-3 (2019): yes +cipher suites: +- TLS_AES_256_GCM_SHA384 +signature schemes: +- mldsa87 +curves: +certificate preferences apply locally +certificate signature schemes: +- mldsa87 +certificate keys: +- mldsa_87 +pq: +- revision: 5 +- kem groups: +-- MLKEM1024 diff --git a/tests/policy_snapshot/snapshots/20260220 b/tests/policy_snapshot/snapshots/20260220 new file mode 100644 index 00000000000..8326d886c82 --- /dev/null +++ b/tests/policy_snapshot/snapshots/20260220 @@ -0,0 +1,24 @@ +min version: TLS1.2 +rules: +- Perfect Forward Secrecy: yes +- FIPS 140-3 (2019): yes +cipher suites: +- TLS_AES_256_GCM_SHA384 +- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 +- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 +signature schemes: +- mldsa87 +- ecdsa_sha384 +- rsa_pss_pss_sha384 +- rsa_pss_rsae_sha384 +- rsa_pkcs1_sha384 +curves: +- secp384r1 +certificate signature schemes: +- mldsa87 +- ecdsa_sha384 +- rsa_pkcs1_sha384 +pq: +- revision: 5 +- kem groups: +-- MLKEM1024 diff --git a/tests/policy_snapshot/snapshots/20260513 b/tests/policy_snapshot/snapshots/20260513 new file mode 100644 index 00000000000..f570797bc0a --- /dev/null +++ b/tests/policy_snapshot/snapshots/20260513 @@ -0,0 +1,42 @@ +min version: TLS1.3 +rules: +- Perfect Forward Secrecy: yes +- FIPS 140-3 (2019): yes +cipher suites: +- TLS_AES_256_GCM_SHA384 +signature schemes: +- mldsa87 +- ecdsa_sha256 +- ecdsa_sha384 +- ecdsa_sha512 +- rsa_pss_pss_sha256 +- rsa_pss_pss_sha384 +- rsa_pss_pss_sha512 +- rsa_pss_rsae_sha256 +- rsa_pss_rsae_sha384 +- rsa_pss_rsae_sha512 +- rsa_pkcs1_sha256 +- rsa_pkcs1_sha384 +- rsa_pkcs1_sha512 +curves: +- secp384r1 +certificate signature schemes: +- mldsa87 +- rsa_pss_pss_sha256 +- rsa_pss_pss_sha384 +- rsa_pss_pss_sha512 +- rsa_pss_rsae_sha256 +- rsa_pss_rsae_sha384 +- rsa_pss_rsae_sha512 +- rsa_pkcs1_sha256 +- rsa_pkcs1_sha384 +- rsa_pkcs1_sha512 +- legacy_rsa_sha224 +- ecdsa_sha256 +- ecdsa_sha384 +- ecdsa_sha512 +- legacy_ecdsa_sha224 +pq: +- revision: 5 +- kem groups: +-- MLKEM1024 diff --git a/tests/unit/s2n_security_policies_test.c b/tests/unit/s2n_security_policies_test.c index d55df43754e..75cf818cf46 100644 --- a/tests/unit/s2n_security_policies_test.c +++ b/tests/unit/s2n_security_policies_test.c @@ -15,6 +15,7 @@ #include "tls/s2n_security_policies.h" +#include "crypto/s2n_mldsa.h" #include "crypto/s2n_pq.h" #include "crypto/s2n_rsa_pss.h" #include "s2n_test.h" @@ -994,6 +995,17 @@ int main(int argc, char **argv) /* 20250211 > 20250414 (with p-384 cert only) */ EXPECT_OK(s2n_test_security_policies_compatible(&security_policy_20250211, "20250414", ecdsa_sha384_chain_and_key)); + + /* 20250414 > 20260513 (with either p-256 or p-384 cert) */ + EXPECT_OK(s2n_test_security_policies_compatible(&security_policy_20250414, "20260513", ecdsa_sha384_chain_and_key)); + EXPECT_OK(s2n_test_security_policies_compatible(&security_policy_20250414, "20260513", ecdsa_sha256_chain_and_key)); + + /* 20260513 also supports ML-DSA-87 certs */ + if (s2n_mldsa_is_supported()) { + DEFER_CLEANUP(struct s2n_cert_chain_and_key *mldsa87_chain_and_key = NULL, s2n_cert_chain_and_key_ptr_free); + EXPECT_SUCCESS(s2n_test_cert_chain_and_key_new(&mldsa87_chain_and_key, S2N_MLDSA87_CERT, S2N_MLDSA87_KEY)); + EXPECT_OK(s2n_test_security_policies_compatible(&security_policy_20260513, "20260513", mldsa87_chain_and_key)); + } }; }; }; diff --git a/tls/s2n_security_policies.c b/tls/s2n_security_policies.c index 0d124609099..e6d04bb2817 100644 --- a/tls/s2n_security_policies.c +++ b/tls/s2n_security_policies.c @@ -1335,6 +1335,7 @@ const struct s2n_security_policy security_policy_20251117 = { .strongly_preferred_groups = &cnsa_1_strong_preference, }; +/* strict CNSA 2.0 policy */ const struct s2n_security_policy security_policy_20260219 = { .minimum_protocol_version = S2N_TLS13, .cipher_preferences = &cipher_preferences_20250211, @@ -1350,6 +1351,7 @@ const struct s2n_security_policy security_policy_20260219 = { }, }; +/* CNSA 1.0 - 2.0 interop policy */ const struct s2n_security_policy security_policy_20260220 = { .minimum_protocol_version = S2N_TLS12, .cipher_preferences = &cipher_preferences_20260220, @@ -1363,6 +1365,20 @@ const struct s2n_security_policy security_policy_20260220 = { }, }; +/* 20250414 with pure MLKEM1024 and ML-DSA-87 added, compatible with CNSA 2.0 */ +const struct s2n_security_policy security_policy_20260513 = { + .minimum_protocol_version = S2N_TLS13, + .cipher_preferences = &cipher_preferences_20250211, + .kem_preferences = &kem_preferences_pq_tls_1_3_cnsa2_2026_02, + .signature_preferences = &s2n_signature_preferences_20260513, + .certificate_signature_preferences = &s2n_certificate_signature_preferences_20260514, + .ecc_preferences = &s2n_ecc_preferences_20210816, + .rules = { + [S2N_PERFECT_FORWARD_SECRECY] = true, + [S2N_FIPS_140_3] = true, + }, +}; + const struct s2n_security_policy security_policy_20260520 = { .minimum_protocol_version = S2N_TLS10, .cipher_preferences = &cipher_preferences_20260520, @@ -1675,6 +1691,9 @@ struct s2n_security_policy_selection security_policy_selection[] = { { .version = "20251116", .security_policy = &security_policy_20251116, .ecc_extension_required = 0, .pq_kem_extension_required = 0 }, /* the same as 20251114, but without any SHA1 HMAC ciphers */ { .version = "20251117", .security_policy = &security_policy_20251117, .ecc_extension_required = 0, .pq_kem_extension_required = 0 }, + { .version = "20260219", .security_policy = &security_policy_20260219, .ecc_extension_required = 0, .pq_kem_extension_required = 0 }, + { .version = "20260220", .security_policy = &security_policy_20260220, .ecc_extension_required = 0, .pq_kem_extension_required = 0 }, + { .version = "20260513", .security_policy = &security_policy_20260513, .ecc_extension_required = 0, .pq_kem_extension_required = 0 }, { .version = "20260520", .security_policy = &security_policy_20260520, .ecc_extension_required = 0, .pq_kem_extension_required = 0 }, { .version = "20260520_gcm", .security_policy = &security_policy_20260520_gcm, .ecc_extension_required = 0, .pq_kem_extension_required = 0 }, { .version = "20260521", .security_policy = &security_policy_20260521, .ecc_extension_required = 0, .pq_kem_extension_required = 0 }, diff --git a/tls/s2n_security_policies.h b/tls/s2n_security_policies.h index 4d22ae0119b..2dc439fcafb 100644 --- a/tls/s2n_security_policies.h +++ b/tls/s2n_security_policies.h @@ -203,6 +203,7 @@ extern const struct s2n_security_policy security_policy_20250429; extern const struct s2n_security_policy security_policy_20251013; extern const struct s2n_security_policy security_policy_20260219; extern const struct s2n_security_policy security_policy_20260220; +extern const struct s2n_security_policy security_policy_20260513; extern const struct s2n_security_policy security_policy_20260520; extern const struct s2n_security_policy security_policy_20260520_gcm; extern const struct s2n_security_policy security_policy_20260521; diff --git a/tls/s2n_signature_scheme.c b/tls/s2n_signature_scheme.c index 95473d32676..91e02e03209 100644 --- a/tls/s2n_signature_scheme.c +++ b/tls/s2n_signature_scheme.c @@ -877,3 +877,65 @@ const struct s2n_signature_preferences s2n_certificate_signature_preferences_202 .count = s2n_array_len(s2n_cert_sig_scheme_pref_list_20260220), .signature_schemes = s2n_cert_sig_scheme_pref_list_20260220, }; + +/* 20240501 with ML-DSA-87 added */ +const struct s2n_signature_scheme* const s2n_sig_scheme_pref_list_20260513[] = { + /* CNSA 2.0 */ + &s2n_mldsa87, + + /* ECDSA */ + &s2n_ecdsa_sha256, + &s2n_ecdsa_sha384, + &s2n_ecdsa_sha512, + + /* RSA-PSS */ + &s2n_rsa_pss_pss_sha256, + &s2n_rsa_pss_pss_sha384, + &s2n_rsa_pss_pss_sha512, + + /* RSA */ + &s2n_rsa_pss_rsae_sha256, + &s2n_rsa_pss_rsae_sha384, + &s2n_rsa_pss_rsae_sha512, + + /* Legacy RSA with PKCS1 */ + &s2n_rsa_pkcs1_sha256, + &s2n_rsa_pkcs1_sha384, + &s2n_rsa_pkcs1_sha512, +}; + +const struct s2n_signature_preferences s2n_signature_preferences_20260513 = { + .count = s2n_array_len(s2n_sig_scheme_pref_list_20260513), + .signature_schemes = s2n_sig_scheme_pref_list_20260513, +}; + +/* 20201110 with ML-DSA-87 added */ +const struct s2n_signature_scheme* const s2n_sig_scheme_pref_list_20260514[] = { + /* CNSA 2.0 */ + &s2n_mldsa87, + + /* RSA PSS */ + &s2n_rsa_pss_pss_sha256, + &s2n_rsa_pss_pss_sha384, + &s2n_rsa_pss_pss_sha512, + &s2n_rsa_pss_rsae_sha256, + &s2n_rsa_pss_rsae_sha384, + &s2n_rsa_pss_rsae_sha512, + + /* RSA PKCS1 */ + &s2n_rsa_pkcs1_sha256, + &s2n_rsa_pkcs1_sha384, + &s2n_rsa_pkcs1_sha512, + &s2n_rsa_pkcs1_sha224, + + /* ECDSA */ + &s2n_ecdsa_sha256, + &s2n_ecdsa_sha384, + &s2n_ecdsa_sha512, + &s2n_ecdsa_sha224, +}; + +const struct s2n_signature_preferences s2n_certificate_signature_preferences_20260514 = { + .count = s2n_array_len(s2n_sig_scheme_pref_list_20260514), + .signature_schemes = s2n_sig_scheme_pref_list_20260514, +}; diff --git a/tls/s2n_signature_scheme.h b/tls/s2n_signature_scheme.h index fbeb7c00145..8906f4860d2 100644 --- a/tls/s2n_signature_scheme.h +++ b/tls/s2n_signature_scheme.h @@ -96,12 +96,14 @@ extern const struct s2n_signature_preferences s2n_signature_preferences_20250821 extern const struct s2n_signature_preferences s2n_signature_preferences_20251113; extern const struct s2n_signature_preferences s2n_signature_preferences_20260219; extern const struct s2n_signature_preferences s2n_signature_preferences_20260220; +extern const struct s2n_signature_preferences s2n_signature_preferences_20260513; extern const struct s2n_signature_preferences s2n_signature_preferences_default_fips; extern const struct s2n_signature_preferences s2n_signature_preferences_null; extern const struct s2n_signature_preferences s2n_signature_preferences_test_all_fips; extern const struct s2n_signature_preferences s2n_signature_preferences_all; extern const struct s2n_signature_preferences s2n_signature_preferences_20250813; +extern const struct s2n_signature_preferences s2n_certificate_signature_preferences_20260514; extern const struct s2n_signature_preferences s2n_certificate_signature_preferences_20260220; extern const struct s2n_signature_preferences s2n_certificate_signature_preferences_20251113; extern const struct s2n_signature_preferences s2n_certificate_signature_preferences_20250512;