diff options
| author | robot-contrib <robot-contrib@yandex-team.com> | 2022-12-22 08:12:51 +0300 |
|---|---|---|
| committer | robot-contrib <robot-contrib@yandex-team.com> | 2022-12-22 08:12:51 +0300 |
| commit | 5e473ae99515dcc385d93e469a3b5bcce2a316e6 (patch) | |
| tree | 2069fa52e25be8cdc325780d273ddcff70b4fb8a /contrib/restricted/aws/s2n | |
| parent | fb9ac8a6a226ef5b6aa8fc8d58563d5e69680766 (diff) | |
| download | ydb-5e473ae99515dcc385d93e469a3b5bcce2a316e6.tar.gz | |
Update contrib/restricted/aws/s2n to 1.3.30
Diffstat (limited to 'contrib/restricted/aws/s2n')
33 files changed, 719 insertions, 522 deletions
diff --git a/contrib/restricted/aws/s2n/CMakeLists.darwin.txt b/contrib/restricted/aws/s2n/CMakeLists.darwin.txt index 8c122d8e34..d07abb6bd6 100644 --- a/contrib/restricted/aws/s2n/CMakeLists.darwin.txt +++ b/contrib/restricted/aws/s2n/CMakeLists.darwin.txt @@ -74,6 +74,7 @@ target_sources(restricted-aws-s2n PRIVATE ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/kyber_r3/kyber512r3_polyvec.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/kyber_r3/kyber512r3_reduce.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/kyber_r3/kyber512r3_symmetric-shake.c + ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/s2n_kyber_512_evp.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/s2n_pq.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/s2n_pq_random.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/stuffer/s2n_stuffer.c diff --git a/contrib/restricted/aws/s2n/CMakeLists.linux-aarch64.txt b/contrib/restricted/aws/s2n/CMakeLists.linux-aarch64.txt index 4a102973ee..c6eeac74d2 100644 --- a/contrib/restricted/aws/s2n/CMakeLists.linux-aarch64.txt +++ b/contrib/restricted/aws/s2n/CMakeLists.linux-aarch64.txt @@ -69,6 +69,7 @@ target_sources(restricted-aws-s2n PRIVATE ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/kyber_r3/kyber512r3_polyvec.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/kyber_r3/kyber512r3_reduce.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/kyber_r3/kyber512r3_symmetric-shake.c + ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/s2n_kyber_512_evp.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/s2n_pq.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/s2n_pq_random.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/stuffer/s2n_stuffer.c diff --git a/contrib/restricted/aws/s2n/CMakeLists.linux.txt b/contrib/restricted/aws/s2n/CMakeLists.linux.txt index 95c3540d4d..c1c1a63f71 100644 --- a/contrib/restricted/aws/s2n/CMakeLists.linux.txt +++ b/contrib/restricted/aws/s2n/CMakeLists.linux.txt @@ -76,6 +76,7 @@ target_sources(restricted-aws-s2n PRIVATE ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/kyber_r3/kyber512r3_polyvec.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/kyber_r3/kyber512r3_reduce.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/kyber_r3/kyber512r3_symmetric-shake.c + ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/s2n_kyber_512_evp.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/s2n_pq.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/pq-crypto/s2n_pq_random.c ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/stuffer/s2n_stuffer.c diff --git a/contrib/restricted/aws/s2n/README.md b/contrib/restricted/aws/s2n/README.md index a8e777075b..610960e0f9 100644 --- a/contrib/restricted/aws/s2n/README.md +++ b/contrib/restricted/aws/s2n/README.md @@ -19,7 +19,7 @@ git clone https://github.com/${YOUR_GITHUB_ACCOUNT_NAME}/s2n-tls.git cd s2n-tls # Pick an "env" line from the codebuild/codebuild.config file and run it, in this case choose the openssl-1.1.1 with GCC 9 build -S2N_LIBCRYPTO=openssl-1.1.1 BUILD_S2N=true TESTS=integration GCC_VERSION=9 +S2N_LIBCRYPTO=openssl-1.1.1 BUILD_S2N=true TESTS=integrationv2 GCC_VERSION=9 sudo codebuild/bin/s2n_install_test_dependencies.sh codebuild/bin/s2n_codebuild.sh diff --git a/contrib/restricted/aws/s2n/api/s2n.h b/contrib/restricted/aws/s2n/api/s2n.h index 90067edc2b..a1006caf44 100644 --- a/contrib/restricted/aws/s2n/api/s2n.h +++ b/contrib/restricted/aws/s2n/api/s2n.h @@ -119,8 +119,7 @@ extern "C" { * * @warning To avoid possible confusion, s2n_errno should be cleared after processing an error: `s2n_errno = S2N_ERR_T_OK` */ -S2N_API -extern __thread int s2n_errno; +S2N_API extern __thread int s2n_errno; /** * This function can be used instead of trying to resolve `s2n_errno` directly @@ -128,8 +127,7 @@ extern __thread int s2n_errno; * * @returns The address of the thread-local `s2n_errno` variable */ -S2N_API -extern int *s2n_errno_location(void); +S2N_API extern int *s2n_errno_location(void); /** * Used to help applications determine why an s2n-tls function failed. @@ -174,8 +172,7 @@ typedef enum { * @param error The error from s2n. Usually this is `s2n_errno`. * @returns An s2n_error_type */ -S2N_API -extern int s2n_error_get_type(int error); +S2N_API extern int s2n_error_get_type(int error); /** * An opaque configuration object, used by clients and servers for holding cryptographic certificates, keys and preferences. @@ -201,8 +198,7 @@ struct s2n_connection; * * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_crypto_disable_init(void); +S2N_API extern int s2n_crypto_disable_init(void); /** * Prevents S2N from installing an atexit handler, which allows safe shutdown of S2N from within a @@ -216,8 +212,7 @@ extern int s2n_crypto_disable_init(void); * * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_disable_atexit(void); +S2N_API extern int s2n_disable_atexit(void); /** * Fetches the OpenSSL version s2n-tls was compiled with. This can be used by applications to validate at runtime @@ -225,8 +220,7 @@ extern int s2n_disable_atexit(void); * * @returns the version number of OpenSSL that s2n-tls was compiled with */ -S2N_API -extern unsigned long s2n_get_openssl_version(void); +S2N_API extern unsigned long s2n_get_openssl_version(void); /** * Initializes the s2n-tls library and should be called once in your application, before any other s2n-tls @@ -236,8 +230,7 @@ extern unsigned long s2n_get_openssl_version(void); * * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_init(void); +S2N_API extern int s2n_init(void); /** * Cleans up any internal resources used by s2n-tls. This function should be called from each thread or process @@ -245,16 +238,14 @@ extern int s2n_init(void); * * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_cleanup(void); +S2N_API extern int s2n_cleanup(void); /** * Create a new s2n_config object. This object can (and should) be associated with many connection objects. * * @returns returns a new configuration object suitable for associating certs and keys. */ -S2N_API -extern struct s2n_config *s2n_config_new(void); +S2N_API extern struct s2n_config *s2n_config_new(void); /** * Frees the memory associated with an `s2n_config` object. @@ -262,8 +253,7 @@ extern struct s2n_config *s2n_config_new(void); * @param config The configuration object being freed * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_free(struct s2n_config *config); +S2N_API extern int s2n_config_free(struct s2n_config *config); /** * Frees the DH params associated with an `s2n_config` object. @@ -271,8 +261,7 @@ extern int s2n_config_free(struct s2n_config *config); * @param config The configuration object with DH params being freed * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_free_dhparams(struct s2n_config *config); +S2N_API extern int s2n_config_free_dhparams(struct s2n_config *config); /** * Frees the certificate chain and key associated with an `s2n_config` object. @@ -280,8 +269,7 @@ extern int s2n_config_free_dhparams(struct s2n_config *config); * @param config The configuration object with DH params being freed * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_free_cert_chain_and_key(struct s2n_config *config); +S2N_API extern int s2n_config_free_cert_chain_and_key(struct s2n_config *config); /** * Callback function type used to get the system time. @@ -353,8 +341,7 @@ typedef int (*s2n_cache_delete_callback)(struct s2n_connection *conn, void *, co * @param ctx An opaque pointer that the callback will be invoked with * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_wall_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx); +S2N_API extern int s2n_config_set_wall_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx); /** * Allows the caller to set a callback function that will be used to get @@ -368,8 +355,7 @@ extern int s2n_config_set_wall_clock(struct s2n_config *config, s2n_clock_time_n * @param ctx An opaque pointer that the callback will be invoked with * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_monotonic_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx); +S2N_API extern int s2n_config_set_monotonic_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx); /** * Translates an s2n_error code to a human readable string explaining the error. @@ -378,8 +364,7 @@ extern int s2n_config_set_monotonic_clock(struct s2n_config *config, s2n_clock_t * @param lang The language to explain the error code. Pass "EN" or NULL for English. * @returns The error string */ -S2N_API -extern const char *s2n_strerror(int error, const char *lang); +S2N_API extern const char *s2n_strerror(int error, const char *lang); /** * Translates an s2n_error code to a human readable string containing internal debug @@ -390,8 +375,7 @@ extern const char *s2n_strerror(int error, const char *lang); * @param lang The language to explain the error code. Pass "EN" or NULL for English. * @returns The error string */ -S2N_API -extern const char *s2n_strerror_debug(int error, const char *lang); +S2N_API extern const char *s2n_strerror_debug(int error, const char *lang); /** * Translates an s2n_error code to a human readable string. @@ -399,8 +383,7 @@ extern const char *s2n_strerror_debug(int error, const char *lang); * @param error The error code to explain. Usually this is s2n_errno * @returns The error string */ -S2N_API -extern const char *s2n_strerror_name(int error); +S2N_API extern const char *s2n_strerror_name(int error); /** * Opaque stack trace structure. @@ -412,8 +395,7 @@ struct s2n_stacktrace; * * @returns True if stack traces are enabled. False if they are disabled. */ -S2N_API -extern bool s2n_stack_traces_enabled(void); +S2N_API extern bool s2n_stack_traces_enabled(void); /** * Configures the s2n stack trace captures option. @@ -421,16 +403,14 @@ extern bool s2n_stack_traces_enabled(void); * @param newval Boolean to determine if stack traces should be enabled. True to enable them. False to disable them. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_stack_traces_enabled_set(bool newval); +S2N_API extern int s2n_stack_traces_enabled_set(bool newval); /** * Calculates the s2n stack trace. * * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_calculate_stacktrace(void); +S2N_API extern int s2n_calculate_stacktrace(void); /** * Prints the s2n stack trace to a file. The file descriptor is expected to be @@ -439,16 +419,14 @@ extern int s2n_calculate_stacktrace(void); * @param fptr A pointer to the file s2n-tls should write the stack trace to. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_print_stacktrace(FILE *fptr); +S2N_API extern int s2n_print_stacktrace(FILE *fptr); /** * Clean up the memory used to contain the stack trace. * * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_free_stacktrace(void); +S2N_API extern int s2n_free_stacktrace(void); /** * Export the s2n_stacktrace. @@ -456,8 +434,7 @@ extern int s2n_free_stacktrace(void); * @param trace A pointer to the s2n_stacktrace to fill. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_get_stacktrace(struct s2n_stacktrace *trace); +S2N_API extern int s2n_get_stacktrace(struct s2n_stacktrace *trace); /** * Allows the caller to set a callback function that will be used to store SSL @@ -468,8 +445,7 @@ extern int s2n_get_stacktrace(struct s2n_stacktrace *trace); * @param data An opaque context pointer that the callback will be invoked with. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_cache_store_callback(struct s2n_config *config, s2n_cache_store_callback cache_store_callback, void *data); +S2N_API extern int s2n_config_set_cache_store_callback(struct s2n_config *config, s2n_cache_store_callback cache_store_callback, void *data); /** * Allows the caller to set a callback function that will be used to retrieve SSL @@ -480,8 +456,7 @@ extern int s2n_config_set_cache_store_callback(struct s2n_config *config, s2n_ca * @param data An opaque context pointer that the callback will be invoked with. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_cache_retrieve_callback(struct s2n_config *config, s2n_cache_retrieve_callback cache_retrieve_callback, void *data); +S2N_API extern int s2n_config_set_cache_retrieve_callback(struct s2n_config *config, s2n_cache_retrieve_callback cache_retrieve_callback, void *data); /** * Allows the caller to set a callback function that will be used to delete SSL @@ -492,8 +467,7 @@ extern int s2n_config_set_cache_retrieve_callback(struct s2n_config *config, s2n * @param data An opaque context pointer that the callback will be invoked with. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_cache_delete_callback(struct s2n_config *config, s2n_cache_delete_callback cache_delete_callback, void *data); +S2N_API extern int s2n_config_set_cache_delete_callback(struct s2n_config *config, s2n_cache_delete_callback cache_delete_callback, void *data); /** * Called when `s2n_init` is executed. @@ -531,8 +505,7 @@ typedef int (*s2n_mem_free_callback)(void *ptr, uint32_t size); * @param mem_free_callback The s2n_mem_free_callback * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_mem_set_callbacks(s2n_mem_init_callback mem_init_callback, s2n_mem_cleanup_callback mem_cleanup_callback, +S2N_API extern int s2n_mem_set_callbacks(s2n_mem_init_callback mem_init_callback, s2n_mem_cleanup_callback mem_cleanup_callback, s2n_mem_malloc_callback mem_malloc_callback, s2n_mem_free_callback mem_free_callback); /** @@ -568,8 +541,7 @@ typedef int (*s2n_rand_mix_callback)(void *data, uint32_t size); * @param rand_mix_callback The s2n_rand_mix_callback * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_rand_set_callbacks(s2n_rand_init_callback rand_init_callback, s2n_rand_cleanup_callback rand_cleanup_callback, +S2N_API extern int s2n_rand_set_callbacks(s2n_rand_init_callback rand_init_callback, s2n_rand_cleanup_callback rand_cleanup_callback, s2n_rand_seed_callback rand_seed_callback, s2n_rand_mix_callback rand_mix_callback); /** @@ -628,8 +600,7 @@ typedef struct s2n_pkey s2n_cert_private_key; * * @returns A new object used to represent a certificate-chain/key pair */ -S2N_API -extern struct s2n_cert_chain_and_key *s2n_cert_chain_and_key_new(void); +S2N_API extern struct s2n_cert_chain_and_key *s2n_cert_chain_and_key_new(void); /** * Associates a certificate chain and private key with an `s2n_cert_chain_and_key` object. @@ -646,8 +617,7 @@ extern struct s2n_cert_chain_and_key *s2n_cert_chain_and_key_new(void); * * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_cert_chain_and_key_load_pem(struct s2n_cert_chain_and_key *chain_and_key, const char *chain_pem, const char *private_key_pem); +S2N_API extern int s2n_cert_chain_and_key_load_pem(struct s2n_cert_chain_and_key *chain_and_key, const char *chain_pem, const char *private_key_pem); /** * Associates a certificate chain and private key with an `s2n_cert_chain_and_key` object. @@ -664,8 +634,7 @@ extern int s2n_cert_chain_and_key_load_pem(struct s2n_cert_chain_and_key *chain_ * * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_cert_chain_and_key_load_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len, uint8_t *private_key_pem, uint32_t private_key_pem_len); +S2N_API extern int s2n_cert_chain_and_key_load_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len, uint8_t *private_key_pem, uint32_t private_key_pem_len); /** * Associates a public certificate chain with a `s2n_cert_chain_and_key` object. It does @@ -678,8 +647,7 @@ extern int s2n_cert_chain_and_key_load_pem_bytes(struct s2n_cert_chain_and_key * * * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_cert_chain_and_key_load_public_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len); +S2N_API extern int s2n_cert_chain_and_key_load_public_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len); /** * Frees the memory associated with an `s2n_cert_chain_and_key` object. @@ -687,8 +655,7 @@ extern int s2n_cert_chain_and_key_load_public_pem_bytes(struct s2n_cert_chain_an * @param cert_and_key The certificate chain and private key handle * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_cert_chain_and_key_free(struct s2n_cert_chain_and_key *cert_and_key); +S2N_API extern int s2n_cert_chain_and_key_free(struct s2n_cert_chain_and_key *cert_and_key); /** * Adds a context to the `s2n_cert_chain_and_key` object. @@ -697,8 +664,7 @@ extern int s2n_cert_chain_and_key_free(struct s2n_cert_chain_and_key *cert_and_k * @param ctx An opaque pointer to user supplied data. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_cert_chain_and_key_set_ctx(struct s2n_cert_chain_and_key *cert_and_key, void *ctx); +S2N_API extern int s2n_cert_chain_and_key_set_ctx(struct s2n_cert_chain_and_key *cert_and_key, void *ctx); /** * Get the user supplied context from the `s2n_cert_chain_and_key` object. @@ -706,8 +672,7 @@ extern int s2n_cert_chain_and_key_set_ctx(struct s2n_cert_chain_and_key *cert_an * @param cert_and_key The certificate chain and private key handle * @returns The user supplied pointer from s2n_cert_chain_and_key_set_ctx() */ -S2N_API -extern void *s2n_cert_chain_and_key_get_ctx(struct s2n_cert_chain_and_key *cert_and_key); +S2N_API extern void *s2n_cert_chain_and_key_get_ctx(struct s2n_cert_chain_and_key *cert_and_key); /** * Get the private key from the `s2n_cert_chain_and_key` object. @@ -715,8 +680,7 @@ extern void *s2n_cert_chain_and_key_get_ctx(struct s2n_cert_chain_and_key *cert_ * @param cert_and_key The certificate chain and private key handle * @returns A pointer to the `s2n_cert_private_key` */ -S2N_API -extern s2n_cert_private_key *s2n_cert_chain_and_key_get_private_key(struct s2n_cert_chain_and_key *cert_and_key); +S2N_API extern s2n_cert_private_key *s2n_cert_chain_and_key_get_private_key(struct s2n_cert_chain_and_key *cert_and_key); /** * Set the raw OCSP stapling data for a certificate chain. @@ -726,8 +690,7 @@ extern s2n_cert_private_key *s2n_cert_chain_and_key_get_private_key(struct s2n_c * @param length The length of the data bytes. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_cert_chain_and_key_set_ocsp_data(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length); +S2N_API extern int s2n_cert_chain_and_key_set_ocsp_data(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length); /** * Set the signed certificate timestamp (SCT) for a certificate chain. @@ -738,8 +701,7 @@ extern int s2n_cert_chain_and_key_set_ocsp_data(struct s2n_cert_chain_and_key *c * @param length The length of the data bytes. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_cert_chain_and_key_set_sct_list(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length); +S2N_API extern int s2n_cert_chain_and_key_set_sct_list(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length); /** * A callback function that is invoked if s2n-tls cannot resolve a conflict between @@ -764,8 +726,7 @@ typedef struct s2n_cert_chain_and_key *(*s2n_cert_tiebreak_callback)(struct s2n_ * * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_cert_tiebreak_callback(struct s2n_config *config, s2n_cert_tiebreak_callback cert_tiebreak_cb); +S2N_API extern int s2n_config_set_cert_tiebreak_callback(struct s2n_config *config, s2n_cert_tiebreak_callback cert_tiebreak_cb); /** * Associates a certificate chain and private key with an `s2n_config` object. @@ -781,8 +742,7 @@ extern int s2n_config_set_cert_tiebreak_callback(struct s2n_config *config, s2n_ * @param private_key_pem A byte array of a PEM encoded key. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure. */ -S2N_API -extern int s2n_config_add_cert_chain_and_key(struct s2n_config *config, const char *cert_chain_pem, const char *private_key_pem); +S2N_API extern int s2n_config_add_cert_chain_and_key(struct s2n_config *config, const char *cert_chain_pem, const char *private_key_pem); /** * The preferred method of associating a certificate chain and private key pair with an `s2n_config` object. @@ -801,8 +761,7 @@ extern int s2n_config_add_cert_chain_and_key(struct s2n_config *config, const ch * @param cert_key_pair The certificate chain and private key handle * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_add_cert_chain_and_key_to_store(struct s2n_config *config, struct s2n_cert_chain_and_key *cert_key_pair); +S2N_API extern int s2n_config_add_cert_chain_and_key_to_store(struct s2n_config *config, struct s2n_cert_chain_and_key *cert_key_pair); /** * Explicitly sets certificate chain and private key pairs to be used as defaults for each auth @@ -823,8 +782,7 @@ extern int s2n_config_add_cert_chain_and_key_to_store(struct s2n_config *config, * @param num_cert_key_pairs The amount of handles in cert_key_pairs * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_cert_chain_and_key_defaults(struct s2n_config *config, +S2N_API extern int s2n_config_set_cert_chain_and_key_defaults(struct s2n_config *config, struct s2n_cert_chain_and_key **cert_key_pairs, uint32_t num_cert_key_pairs); /** @@ -839,8 +797,7 @@ extern int s2n_config_set_cert_chain_and_key_defaults(struct s2n_config *config, * @param ca_dir A string for the directory of the CA PEM files. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_verification_ca_location(struct s2n_config *config, const char *ca_pem_filename, const char *ca_dir); +S2N_API extern int s2n_config_set_verification_ca_location(struct s2n_config *config, const char *ca_pem_filename, const char *ca_dir); /** * Adds a PEM to the trust store. This will allocate memory, and load PEM into the @@ -852,8 +809,7 @@ extern int s2n_config_set_verification_ca_location(struct s2n_config *config, co * @param pem The string value of the PEM certificate. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_add_pem_to_trust_store(struct s2n_config *config, const char *pem); +S2N_API extern int s2n_config_add_pem_to_trust_store(struct s2n_config *config, const char *pem); /** * Clear the trust store. @@ -867,8 +823,7 @@ extern int s2n_config_add_pem_to_trust_store(struct s2n_config *config, const ch * * @returns 0 on success and -1 on error */ -S2N_API -extern int s2n_config_wipe_trust_store(struct s2n_config *config); +S2N_API extern int s2n_config_wipe_trust_store(struct s2n_config *config); typedef enum { S2N_VERIFY_AFTER_SIGN_DISABLED, @@ -887,8 +842,7 @@ typedef enum { * However, this feature will significantly impact handshake latency. * Additionally, most libcrypto implementations already check for common errors in signatures. */ -S2N_API -extern int s2n_config_set_verify_after_sign(struct s2n_config *config, s2n_verify_after_sign mode); +S2N_API extern int s2n_config_set_verify_after_sign(struct s2n_config *config, s2n_verify_after_sign mode); /** * Set a custom send buffer size. @@ -912,8 +866,7 @@ extern int s2n_config_set_verify_after_sign(struct s2n_config *config, s2n_verif * @param size The desired custom buffer size. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_send_buffer_size(struct s2n_config *config, uint32_t size); +S2N_API extern int s2n_config_set_send_buffer_size(struct s2n_config *config, uint32_t size); /** * A callback function invoked (usually multiple times) during X.509 validation for each @@ -945,8 +898,7 @@ typedef uint8_t (*s2n_verify_host_fn)(const char *host_name, size_t host_name_le * @param data A user supplied opaque context to pass back to the callback * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_verify_host_callback(struct s2n_config *config, s2n_verify_host_fn, void *data); +S2N_API extern int s2n_config_set_verify_host_callback(struct s2n_config *config, s2n_verify_host_fn, void *data); /** * Toggles whether or not to validate stapled OCSP responses. @@ -960,8 +912,7 @@ extern int s2n_config_set_verify_host_callback(struct s2n_config *config, s2n_ve * @param check_ocsp The desired OCSP response check configuration * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_check_stapled_ocsp_response(struct s2n_config *config, uint8_t check_ocsp); +S2N_API extern int s2n_config_set_check_stapled_ocsp_response(struct s2n_config *config, uint8_t check_ocsp); /** * Turns off all X.509 validation during the negotiation phase of the connection. This should only @@ -970,8 +921,7 @@ extern int s2n_config_set_check_stapled_ocsp_response(struct s2n_config *config, * @param config The configuration object being updated * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_disable_x509_verification(struct s2n_config *config); +S2N_API extern int s2n_config_disable_x509_verification(struct s2n_config *config); /** * Sets the maximum allowed depth of a cert chain used for X509 validation. The default value is @@ -983,8 +933,7 @@ extern int s2n_config_disable_x509_verification(struct s2n_config *config); * @param max_depth The number of allowed certificates in the certificate chain * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_max_cert_chain_depth(struct s2n_config *config, uint16_t max_depth); +S2N_API extern int s2n_config_set_max_cert_chain_depth(struct s2n_config *config, uint16_t max_depth); /** * Associates a set of Diffie-Hellman parameters with an `s2n_config` object. @@ -994,8 +943,7 @@ extern int s2n_config_set_max_cert_chain_depth(struct s2n_config *config, uint16 * @param dhparams_pem A string containing the PEM encoded DH parameters. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_add_dhparams(struct s2n_config *config, const char *dhparams_pem); +S2N_API extern int s2n_config_add_dhparams(struct s2n_config *config, const char *dhparams_pem); /** * Sets the security policy that includes the cipher/kem/signature/ecc preferences and @@ -1003,8 +951,7 @@ extern int s2n_config_add_dhparams(struct s2n_config *config, const char *dhpara * * See the [USAGE-GUIDE.md](https://github.com/aws/s2n-tls/blob/main/docs/USAGE-GUIDE.md) for how to use security policies. */ -S2N_API -extern int s2n_config_set_cipher_preferences(struct s2n_config *config, const char *version); +S2N_API extern int s2n_config_set_cipher_preferences(struct s2n_config *config, const char *version); /** * Appends the provided application protocol to the preference list @@ -1015,8 +962,7 @@ extern int s2n_config_set_cipher_preferences(struct s2n_config *config, const ch * @param protocol A pointer to a byte array value * @param protocol_len The length of bytes that should be read from `protocol`. Note: this value cannot be 0, otherwise an error will be returned. */ -S2N_API -extern int s2n_config_append_protocol_preference(struct s2n_config *config, const uint8_t *protocol, uint8_t protocol_len); +S2N_API extern int s2n_config_append_protocol_preference(struct s2n_config *config, const uint8_t *protocol, uint8_t protocol_len); /** * Sets the application protocol preferences on an `s2n_config` object. @@ -1035,8 +981,7 @@ extern int s2n_config_append_protocol_preference(struct s2n_config *config, cons * @param protocol_count The size of the protocols list * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_protocol_preferences(struct s2n_config *config, const char *const *protocols, int protocol_count); +S2N_API extern int s2n_config_set_protocol_preferences(struct s2n_config *config, const char *const *protocols, int protocol_count); /** * Enum used to define the type, if any, of certificate status request @@ -1056,8 +1001,7 @@ typedef enum { * @param type The desired request status type * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_status_request_type(struct s2n_config *config, s2n_status_request_type type); +S2N_API extern int s2n_config_set_status_request_type(struct s2n_config *config, s2n_status_request_type type); /** * Enum to set Certificate Transparency Support level. @@ -1074,8 +1018,7 @@ typedef enum { * @param level The desired Certificate Transparency Support configuration * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_ct_support_level(struct s2n_config *config, s2n_ct_support_level level); +S2N_API extern int s2n_config_set_ct_support_level(struct s2n_config *config, s2n_ct_support_level level); /** * Sets whether or not a connection should terminate on receiving a WARNING alert from its peer. @@ -1099,8 +1042,7 @@ typedef enum { * @param alert_behavior The desired alert behavior. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_alert_behavior(struct s2n_config *config, s2n_alert_behavior alert_behavior); +S2N_API extern int s2n_config_set_alert_behavior(struct s2n_config *config, s2n_alert_behavior alert_behavior); /** * Sets the extension data in the `s2n_config` object for the specified extension. @@ -1115,8 +1057,7 @@ extern int s2n_config_set_alert_behavior(struct s2n_config *config, s2n_alert_be * @param data Data for the extension * @param length Length of the `data` buffer */ -S2N_API -extern int s2n_config_set_extension_data(struct s2n_config *config, s2n_tls_extension_type type, const uint8_t *data, uint32_t length); +S2N_API extern int s2n_config_set_extension_data(struct s2n_config *config, s2n_tls_extension_type type, const uint8_t *data, uint32_t length); /** * Allows the caller to set a TLS Maximum Fragment Length extension that will be used @@ -1131,8 +1072,7 @@ extern int s2n_config_set_extension_data(struct s2n_config *config, s2n_tls_exte * @param mfl_code The selected MFL size * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_send_max_fragment_length(struct s2n_config *config, s2n_max_frag_len mfl_code); +S2N_API extern int s2n_config_send_max_fragment_length(struct s2n_config *config, s2n_max_frag_len mfl_code); /** * Allows the server to opt-in to accept client's TLS maximum fragment length extension @@ -1144,8 +1084,7 @@ extern int s2n_config_send_max_fragment_length(struct s2n_config *config, s2n_ma * @param config The configuration object being updated * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_accept_max_fragment_length(struct s2n_config *config); +S2N_API extern int s2n_config_accept_max_fragment_length(struct s2n_config *config); /** * Sets the lifetime of the cached session state. The default value is 15 hours. @@ -1154,8 +1093,7 @@ extern int s2n_config_accept_max_fragment_length(struct s2n_config *config); * @param lifetime_in_secs The desired lifetime of the session state in seconds * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_session_state_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs); +S2N_API extern int s2n_config_set_session_state_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs); /** * Enable or disable session resumption using session ticket. @@ -1164,8 +1102,7 @@ extern int s2n_config_set_session_state_lifetime(struct s2n_config *config, uint * @param enabled The configuration object being updated. Set to 1 to enable. Set to 0 to disable. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_session_tickets_onoff(struct s2n_config *config, uint8_t enabled); +S2N_API extern int s2n_config_set_session_tickets_onoff(struct s2n_config *config, uint8_t enabled); /** * Enable or disable session caching. @@ -1177,8 +1114,7 @@ extern int s2n_config_set_session_tickets_onoff(struct s2n_config *config, uint8 * @param enabled The configuration object being updated. Set to 1 to enable. Set to 0 to disable. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_session_cache_onoff(struct s2n_config *config, uint8_t enabled); +S2N_API extern int s2n_config_set_session_cache_onoff(struct s2n_config *config, uint8_t enabled); /** * Sets how long a session ticket key will be in a state where it can be used for both encryption @@ -1189,8 +1125,7 @@ extern int s2n_config_set_session_cache_onoff(struct s2n_config *config, uint8_t * @param lifetime_in_secs The desired lifetime of decrypting and encrypting tickets in seconds * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_ticket_encrypt_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs); +S2N_API extern int s2n_config_set_ticket_encrypt_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs); /** * Sets how long a session ticket key will be in a state where it can used just for decryption of @@ -1202,8 +1137,7 @@ extern int s2n_config_set_ticket_encrypt_decrypt_key_lifetime(struct s2n_config * @param lifetime_in_secs The desired lifetime of decrypting and encrypting tickets in seconds * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_ticket_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs); +S2N_API extern int s2n_config_set_ticket_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs); /** * Adds session ticket key on the server side. It would be ideal to add new keys after every @@ -1218,8 +1152,7 @@ extern int s2n_config_set_ticket_decrypt_key_lifetime(struct s2n_config *config, * @param intro_time_in_seconds_from_epoch Time at which the session ticket key is introduced. If this is 0, then intro_time_in_seconds_from_epoch is set to now. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_add_ticket_crypto_key(struct s2n_config *config, const uint8_t *name, uint32_t name_len, +S2N_API extern int s2n_config_add_ticket_crypto_key(struct s2n_config *config, const uint8_t *name, uint32_t name_len, uint8_t *key, uint32_t key_len, uint64_t intro_time_in_seconds_from_epoch); /** * Sets user defined context on the `s2n_config` object. @@ -1228,8 +1161,7 @@ extern int s2n_config_add_ticket_crypto_key(struct s2n_config *config, const uin * @param ctx A pointer to the user defined ctx. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_ctx(struct s2n_config *config, void *ctx); +S2N_API extern int s2n_config_set_ctx(struct s2n_config *config, void *ctx); /** * Gets the user defined context from the `s2n_config` object. @@ -1239,8 +1171,7 @@ extern int s2n_config_set_ctx(struct s2n_config *config, void *ctx); * @param ctx A pointer to the user defined ctx. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_get_ctx(struct s2n_config *config, void **ctx); +S2N_API extern int s2n_config_get_ctx(struct s2n_config *config, void **ctx); /** * Used to declare connections as server or client type, respectively. @@ -1266,8 +1197,7 @@ typedef enum { * @param mode The desired connection type * @returns A s2n_connection handle */ -S2N_API -extern struct s2n_connection *s2n_connection_new(s2n_mode mode); +S2N_API extern struct s2n_connection *s2n_connection_new(s2n_mode mode); /** * Associates a configuration object with a connection. @@ -1276,8 +1206,7 @@ extern struct s2n_connection *s2n_connection_new(s2n_mode mode); * @param config The configuration object being associated * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_config(struct s2n_connection *conn, struct s2n_config *config); +S2N_API extern int s2n_connection_set_config(struct s2n_connection *conn, struct s2n_config *config); /** * Sets user defined context in `s2n_connection` object. @@ -1286,16 +1215,14 @@ extern int s2n_connection_set_config(struct s2n_connection *conn, struct s2n_con * @param ctx A pointer to the user defined context * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_ctx(struct s2n_connection *conn, void *ctx); +S2N_API extern int s2n_connection_set_ctx(struct s2n_connection *conn, void *ctx); /** * Gets user defined context from a `s2n_connection` object. * * @param conn The connection object that contains the desired context */ -S2N_API -extern void *s2n_connection_get_ctx(struct s2n_connection *conn); +S2N_API extern void *s2n_connection_get_ctx(struct s2n_connection *conn); /** * The callback function takes a s2n-tls connection as input, which receives the ClientHello @@ -1325,8 +1252,7 @@ typedef enum { * @param ctx A pointer to a user defined context that the Client Hello callback will be invoked with. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_client_hello_cb(struct s2n_config *config, s2n_client_hello_fn client_hello_callback, void *ctx); +S2N_API extern int s2n_config_set_client_hello_cb(struct s2n_config *config, s2n_client_hello_fn client_hello_callback, void *ctx); /** * Sets the callback execution mode. @@ -1337,8 +1263,7 @@ extern int s2n_config_set_client_hello_cb(struct s2n_config *config, s2n_client_ * @param cb_mode The desired callback mode * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_client_hello_cb_mode(struct s2n_config *config, s2n_client_hello_cb_mode cb_mode); +S2N_API extern int s2n_config_set_client_hello_cb_mode(struct s2n_config *config, s2n_client_hello_cb_mode cb_mode); /** * Marks the non-blocking callback as complete. Can be invoked from within the callback when @@ -1347,8 +1272,7 @@ extern int s2n_config_set_client_hello_cb_mode(struct s2n_config *config, s2n_cl * @param conn The connection object being updated * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_client_hello_cb_done(struct s2n_connection *conn); +S2N_API extern int s2n_client_hello_cb_done(struct s2n_connection *conn); /** * Must be invoked if any of the connection properties were changed on the basis of the server_name @@ -1357,8 +1281,7 @@ extern int s2n_client_hello_cb_done(struct s2n_connection *conn); * @param conn The connection object being updated * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_server_name_extension_used(struct s2n_connection *conn); +S2N_API extern int s2n_connection_server_name_extension_used(struct s2n_connection *conn); /** * Opaque client hello handle @@ -1374,8 +1297,7 @@ struct s2n_client_hello; * @param conn The connection object containing the client hello * @returns A handle to the s2n_client_hello structure holding the client hello message sent by the client during the handshake. NULL is returned if a Client Hello has not yet been received and parsed. */ -S2N_API -extern struct s2n_client_hello *s2n_connection_get_client_hello(struct s2n_connection *conn); +S2N_API extern struct s2n_client_hello *s2n_connection_get_client_hello(struct s2n_connection *conn); /** * Function to determine the size of the raw Client Hello buffer. @@ -1386,8 +1308,7 @@ extern struct s2n_client_hello *s2n_connection_get_client_hello(struct s2n_conne * @param ch The Client Hello handle * @returns The size of the ClientHello message received by the server */ -S2N_API -extern ssize_t s2n_client_hello_get_raw_message_length(struct s2n_client_hello *ch); +S2N_API extern ssize_t s2n_client_hello_get_raw_message_length(struct s2n_client_hello *ch); /** * Copies `max_length` bytes of the ClientHello message into the `out` buffer. @@ -1404,8 +1325,7 @@ extern ssize_t s2n_client_hello_get_raw_message_length(struct s2n_client_hello * * @param max_length The size of out in bytes * @returns The number of copied bytes */ -S2N_API -extern ssize_t s2n_client_hello_get_raw_message(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length); +S2N_API extern ssize_t s2n_client_hello_get_raw_message(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length); /** * Function to determine the size of the Client Hello cipher suites. @@ -1414,8 +1334,7 @@ extern ssize_t s2n_client_hello_get_raw_message(struct s2n_client_hello *ch, uin * @param ch The Client Hello handle * @returns the number of bytes the cipher_suites takes on the ClientHello message received by the server */ -S2N_API -extern ssize_t s2n_client_hello_get_cipher_suites_length(struct s2n_client_hello *ch); +S2N_API extern ssize_t s2n_client_hello_get_cipher_suites_length(struct s2n_client_hello *ch); /** * Copies into the `out` buffer `max_length` bytes of the cipher_suites on the ClientHello. @@ -1425,8 +1344,7 @@ extern ssize_t s2n_client_hello_get_cipher_suites_length(struct s2n_client_hello * @param max_length The size of out in bytes * @returns The number of copied bytes */ -S2N_API -extern ssize_t s2n_client_hello_get_cipher_suites(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length); +S2N_API extern ssize_t s2n_client_hello_get_cipher_suites(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length); /** * Function to determine the size of the Client Hello extensions. @@ -1435,8 +1353,7 @@ extern ssize_t s2n_client_hello_get_cipher_suites(struct s2n_client_hello *ch, u * @param ch The Client Hello handle * @returns the number of bytes the extensions take in the ClientHello message received by the server */ -S2N_API -extern ssize_t s2n_client_hello_get_extensions_length(struct s2n_client_hello *ch); +S2N_API extern ssize_t s2n_client_hello_get_extensions_length(struct s2n_client_hello *ch); /** * Copies into the `out` buffer `max_length` bytes of the extensions in the ClientHello. @@ -1446,8 +1363,7 @@ extern ssize_t s2n_client_hello_get_extensions_length(struct s2n_client_hello *c * @param max_length The size of out in bytes * @returns The number of copied bytes */ -S2N_API -extern ssize_t s2n_client_hello_get_extensions(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length); +S2N_API extern ssize_t s2n_client_hello_get_extensions(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length); /** * Query the ClientHello message received by the server. Use this function to allocate the `out` buffer for @@ -1457,8 +1373,7 @@ extern ssize_t s2n_client_hello_get_extensions(struct s2n_client_hello *ch, uint * @param extension_type Indicates the desired extension * @returns The number of bytes the given extension type takes */ -S2N_API -extern ssize_t s2n_client_hello_get_extension_length(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type); +S2N_API extern ssize_t s2n_client_hello_get_extension_length(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type); /** * Copies into the `out` buffer `max_length` bytes of a given extension type on the ClientHello @@ -1471,8 +1386,7 @@ extern ssize_t s2n_client_hello_get_extension_length(struct s2n_client_hello *ch * @param max_length The size of `out`. * @returns The number of copied bytes */ -S2N_API -extern ssize_t s2n_client_hello_get_extension_by_id(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type, uint8_t *out, uint32_t max_length); +S2N_API extern ssize_t s2n_client_hello_get_extension_by_id(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type, uint8_t *out, uint32_t max_length); /** * Used to check if a particular extension exists in the client hello. @@ -1483,8 +1397,7 @@ extern ssize_t s2n_client_hello_get_extension_by_id(struct s2n_client_hello *ch, * @param extension_iana The iana value of the extension * @param exists A pointer that will be set to whether or not the extension exists */ -S2N_API -extern int s2n_client_hello_has_extension(struct s2n_client_hello *ch, uint16_t extension_iana, bool *exists); +S2N_API extern int s2n_client_hello_has_extension(struct s2n_client_hello *ch, uint16_t extension_iana, bool *exists); /** * Get the the ClientHello session id length in bytes @@ -1495,8 +1408,7 @@ extern int s2n_client_hello_has_extension(struct s2n_client_hello *ch, uint16_t * @param out_length An out pointer. s2n will set it's value to the size of the session_id in bytes. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_client_hello_get_session_id_length(struct s2n_client_hello *ch, uint32_t *out_length); +S2N_API extern int s2n_client_hello_get_session_id_length(struct s2n_client_hello *ch, uint32_t *out_length); /** * Copies up to `max_length` bytes of the ClientHello session_id into the `out` buffer and stores the number of copied bytes in `out_length`. @@ -1513,8 +1425,7 @@ extern int s2n_client_hello_get_session_id_length(struct s2n_client_hello *ch, u * @param max_length The size of `out`. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_client_hello_get_session_id(struct s2n_client_hello *ch, uint8_t *out, uint32_t *out_length, uint32_t max_length); +S2N_API extern int s2n_client_hello_get_session_id(struct s2n_client_hello *ch, uint8_t *out, uint32_t *out_length, uint32_t max_length); /** * Sets the file descriptor for a s2n connection. @@ -1527,8 +1438,7 @@ extern int s2n_client_hello_get_session_id(struct s2n_client_hello *ch, uint8_t * @param fd The new file descriptor * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_fd(struct s2n_connection *conn, int fd); +S2N_API extern int s2n_connection_set_fd(struct s2n_connection *conn, int fd); /** * Sets the file descriptor for the read channel of an s2n connection. @@ -1541,8 +1451,7 @@ extern int s2n_connection_set_fd(struct s2n_connection *conn, int fd); * @param readfd The new read file descriptor * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_read_fd(struct s2n_connection *conn, int readfd); +S2N_API extern int s2n_connection_set_read_fd(struct s2n_connection *conn, int readfd); /** * Sets the assigned file descriptor for the write channel of an s2n connection. @@ -1552,8 +1461,7 @@ extern int s2n_connection_set_read_fd(struct s2n_connection *conn, int readfd); * @param writefd The new write file descriptor * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_write_fd(struct s2n_connection *conn, int writefd); +S2N_API extern int s2n_connection_set_write_fd(struct s2n_connection *conn, int writefd); /** * Gets the assigned file descriptor for the read channel of an s2n connection. @@ -1562,8 +1470,7 @@ extern int s2n_connection_set_write_fd(struct s2n_connection *conn, int writefd) * @param readfd pointer to place the used file descriptor. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_get_read_fd(struct s2n_connection *conn, int *readfd); +S2N_API extern int s2n_connection_get_read_fd(struct s2n_connection *conn, int *readfd); /** * Gets the assigned file descriptor for the write channel of an s2n connection. @@ -1572,8 +1479,7 @@ extern int s2n_connection_get_read_fd(struct s2n_connection *conn, int *readfd); * @param writefd pointer to place the used file descriptor. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_get_write_fd(struct s2n_connection *conn, int *writefd); +S2N_API extern int s2n_connection_get_write_fd(struct s2n_connection *conn, int *writefd); /** * Indicates to s2n that the connection is using corked IO. @@ -1583,8 +1489,7 @@ extern int s2n_connection_get_write_fd(struct s2n_connection *conn, int *writefd * @param conn The connection object being updated * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_use_corked_io(struct s2n_connection *conn); +S2N_API extern int s2n_connection_use_corked_io(struct s2n_connection *conn); /** * Function pointer for a user provided send callback. @@ -1606,8 +1511,7 @@ typedef int s2n_send_fn(void *io_context, const uint8_t *buf, uint32_t len); * @param ctx A user provided context that the callback will be invoked with * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_recv_ctx(struct s2n_connection *conn, void *ctx); +S2N_API extern int s2n_connection_set_recv_ctx(struct s2n_connection *conn, void *ctx); /** * Set a context containing anything needed in the send callback function (for example, @@ -1619,8 +1523,7 @@ extern int s2n_connection_set_recv_ctx(struct s2n_connection *conn, void *ctx); * @param ctx A user provided context that the callback will be invoked with * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_send_ctx(struct s2n_connection *conn, void *ctx); +S2N_API extern int s2n_connection_set_send_ctx(struct s2n_connection *conn, void *ctx); /** * Configure a connection to use a recv callback to receive data. @@ -1633,8 +1536,7 @@ extern int s2n_connection_set_send_ctx(struct s2n_connection *conn, void *ctx); * @param recv A recv callback function pointer * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_recv_cb(struct s2n_connection *conn, s2n_recv_fn recv); +S2N_API extern int s2n_connection_set_recv_cb(struct s2n_connection *conn, s2n_recv_fn recv); /** * Configure a connection to use a send callback to send data. @@ -1647,8 +1549,7 @@ extern int s2n_connection_set_recv_cb(struct s2n_connection *conn, s2n_recv_fn r * @param send A send callback function pointer * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_send_cb(struct s2n_connection *conn, s2n_send_fn send); +S2N_API extern int s2n_connection_set_send_cb(struct s2n_connection *conn, s2n_send_fn send); /** * Change the behavior of s2n-tls when sending data to prefer high throughput. @@ -1659,8 +1560,7 @@ extern int s2n_connection_set_send_cb(struct s2n_connection *conn, s2n_send_fn s * @param conn The connection object being updated * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_prefer_throughput(struct s2n_connection *conn); +S2N_API extern int s2n_connection_prefer_throughput(struct s2n_connection *conn); /** * Change the behavior of s2n-tls when sending data to prefer low latency. @@ -1671,8 +1571,7 @@ extern int s2n_connection_prefer_throughput(struct s2n_connection *conn); * @param conn The connection object being updated * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_prefer_low_latency(struct s2n_connection *conn); +S2N_API extern int s2n_connection_prefer_low_latency(struct s2n_connection *conn); /** * Configure the connection to free IO buffers when they are not currently in use. @@ -1685,8 +1584,7 @@ extern int s2n_connection_prefer_low_latency(struct s2n_connection *conn); * @param enabled Set to `true` if dynamic buffers are enabled; `false` if disabled * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_dynamic_buffers(struct s2n_connection *conn, bool enabled); +S2N_API extern int s2n_connection_set_dynamic_buffers(struct s2n_connection *conn, bool enabled); /** * Changes the behavior of s2n-tls when sending data to initially prefer records @@ -1704,8 +1602,7 @@ extern int s2n_connection_set_dynamic_buffers(struct s2n_connection *conn, bool * @param timeout_threshold Reset record size back to a single segment after threshold seconds of inactivity * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_dynamic_record_threshold(struct s2n_connection *conn, uint32_t resize_threshold, uint16_t timeout_threshold); +S2N_API extern int s2n_connection_set_dynamic_record_threshold(struct s2n_connection *conn, uint32_t resize_threshold, uint16_t timeout_threshold); /** * Sets the callback to use for verifying that a hostname from an X.509 certificate is trusted. @@ -1720,8 +1617,7 @@ extern int s2n_connection_set_dynamic_record_threshold(struct s2n_connection *co * @param data Opaque pointer to data that the verify host function will be invoked with * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_verify_host_callback(struct s2n_connection *conn, s2n_verify_host_fn host_fn, void *data); +S2N_API extern int s2n_connection_set_verify_host_callback(struct s2n_connection *conn, s2n_verify_host_fn host_fn, void *data); /** * Used to opt-out of s2n-tls's built-in blinding. Blinding is a @@ -1749,16 +1645,14 @@ typedef enum { * @param blinding The desired blinding mode for the connection * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_blinding(struct s2n_connection *conn, s2n_blinding blinding); +S2N_API extern int s2n_connection_set_blinding(struct s2n_connection *conn, s2n_blinding blinding); /** * Query the connection object for the configured blinding delay. * @param conn The connection object being updated * @returns the number of nanoseconds an application using self-service blinding should pause before calling close() or shutdown(). */ -S2N_API -extern uint64_t s2n_connection_get_delay(struct s2n_connection *conn); +S2N_API extern uint64_t s2n_connection_get_delay(struct s2n_connection *conn); /** * Sets the cipher preference override for the s2n_connection. Calling this function is not necessary @@ -1768,8 +1662,7 @@ extern uint64_t s2n_connection_get_delay(struct s2n_connection *conn); * @param version The human readable string representation of the security policy version. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_cipher_preferences(struct s2n_connection *conn, const char *version); +S2N_API extern int s2n_connection_set_cipher_preferences(struct s2n_connection *conn, const char *version); /** * Appends the provided application protocol to the preference list @@ -1781,8 +1674,7 @@ extern int s2n_connection_set_cipher_preferences(struct s2n_connection *conn, co * @param protocol_len The length of bytes that should be read from `protocol`. Note: this value cannot be 0, otherwise an error will be returned. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_append_protocol_preference(struct s2n_connection *conn, const uint8_t *protocol, uint8_t protocol_len); +S2N_API extern int s2n_connection_append_protocol_preference(struct s2n_connection *conn, const uint8_t *protocol, uint8_t protocol_len); /** * Sets the protocol preference override for the s2n_connection. Calling this function is not necessary unless you want @@ -1793,8 +1685,7 @@ extern int s2n_connection_append_protocol_preference(struct s2n_connection *conn * @param protocol_count The number of protocols contained in protocols * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_protocol_preferences(struct s2n_connection *conn, const char *const *protocols, int protocol_count); +S2N_API extern int s2n_connection_set_protocol_preferences(struct s2n_connection *conn, const char *const *protocols, int protocol_count); /** * Sets the server name for the connection. @@ -1809,8 +1700,7 @@ extern int s2n_connection_set_protocol_preferences(struct s2n_connection *conn, * @warning `server_name` must be a NULL terminated string. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_set_server_name(struct s2n_connection *conn, const char *server_name); +S2N_API extern int s2n_set_server_name(struct s2n_connection *conn, const char *server_name); /** * Query the connection for the selected server name. @@ -1821,8 +1711,7 @@ extern int s2n_set_server_name(struct s2n_connection *conn, const char *server_n * @param conn The connection object being queried * @returns The server name associated with a connection, or NULL if none is found. */ -S2N_API -extern const char *s2n_get_server_name(struct s2n_connection *conn); +S2N_API extern const char *s2n_get_server_name(struct s2n_connection *conn); /** * Query the connection for the selected application protocol. @@ -1830,8 +1719,7 @@ extern const char *s2n_get_server_name(struct s2n_connection *conn); * @param conn The connection object being queried * @returns The negotiated application protocol for a `s2n_connection`. In the event of no protocol being negotiated, NULL is returned. */ -S2N_API -extern const char *s2n_get_application_protocol(struct s2n_connection *conn); +S2N_API extern const char *s2n_get_application_protocol(struct s2n_connection *conn); /** * Query the connection for a buffer containing the OCSP response. @@ -1840,8 +1728,7 @@ extern const char *s2n_get_application_protocol(struct s2n_connection *conn); * @param length A pointer that is set to the certificate transparency response buffer's size * @returns A pointer to the OCSP response sent by a server during the handshake. If no status response is received, NULL is returned. */ -S2N_API -extern const uint8_t *s2n_connection_get_ocsp_response(struct s2n_connection *conn, uint32_t *length); +S2N_API extern const uint8_t *s2n_connection_get_ocsp_response(struct s2n_connection *conn, uint32_t *length); /** * Query the connection for a buffer containing the Certificate Transparency response. @@ -1850,8 +1737,7 @@ extern const uint8_t *s2n_connection_get_ocsp_response(struct s2n_connection *co * @param length A pointer that is set to the certificate transparency response buffer's size * @returns A pointer to the certificate transparency response buffer. */ -S2N_API -extern const uint8_t *s2n_connection_get_sct_list(struct s2n_connection *conn, uint32_t *length); +S2N_API extern const uint8_t *s2n_connection_get_sct_list(struct s2n_connection *conn, uint32_t *length); /** * Used in non-blocking mode to indicate in which direction s2n-tls became blocked on I/O before it @@ -1873,8 +1759,7 @@ typedef enum { * @param blocked A pointer which will be set to the blocked status. * @returns S2N_SUCCESS if the handshake completed. S2N_FAILURE if the handshake encountered an error or is blocked. */ -S2N_API -extern int s2n_negotiate(struct s2n_connection *conn, s2n_blocked_status *blocked); +S2N_API extern int s2n_negotiate(struct s2n_connection *conn, s2n_blocked_status *blocked); /** * Writes and encrypts `size` of `buf` data to the associated connection. s2n_send() will return the number of bytes @@ -1902,8 +1787,7 @@ extern int s2n_negotiate(struct s2n_connection *conn, s2n_blocked_status *blocke * @param blocked A pointer which will be set to the blocked status, as in s2n_negotiate() * @returns The number of bytes written, and may indicate a partial write */ -S2N_API -extern ssize_t s2n_send(struct s2n_connection *conn, const void *buf, ssize_t size, s2n_blocked_status *blocked); +S2N_API extern ssize_t s2n_send(struct s2n_connection *conn, const void *buf, ssize_t size, s2n_blocked_status *blocked); /** * Works in the same way as s2n_sendv_with_offset() except that the latter's `offs` parameter is implicitly assumed to be 0. @@ -1916,8 +1800,7 @@ extern ssize_t s2n_send(struct s2n_connection *conn, const void *buf, ssize_t si * @param blocked A pointer which will be set to the blocked status, as in s2n_negotiate() * @returns The number of bytes written, and may indicate a partial write. */ -S2N_API -extern ssize_t s2n_sendv(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, s2n_blocked_status *blocked); +S2N_API extern ssize_t s2n_sendv(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, s2n_blocked_status *blocked); /** * Works in the same way as s2n_send() except that it accepts vectorized buffers. Will return the number of bytes written, and may indicate a partial write. Partial writes are possible not just for non-blocking I/O, but also for connections aborted while active. @@ -1949,8 +1832,7 @@ extern ssize_t s2n_sendv(struct s2n_connection *conn, const struct iovec *bufs, * @param blocked A pointer which will be set to the blocked status, as in s2n_negotiate() * @returns The number of bytes written, and may indicate a partial write. */ -S2N_API -extern ssize_t s2n_sendv_with_offset(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, ssize_t offs, s2n_blocked_status *blocked); +S2N_API extern ssize_t s2n_sendv_with_offset(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, ssize_t offs, s2n_blocked_status *blocked); /** * Decrypts and reads **size* to `buf` data from the associated @@ -1976,8 +1858,7 @@ extern ssize_t s2n_sendv_with_offset(struct s2n_connection *conn, const struct i * @param blocked A pointer which will be set to the blocked status, as in s2n_negotiate() * @returns number of bytes read. 0 if the connection was shutdown by peer. */ -S2N_API -extern ssize_t s2n_recv(struct s2n_connection *conn, void *buf, ssize_t size, s2n_blocked_status *blocked); +S2N_API extern ssize_t s2n_recv(struct s2n_connection *conn, void *buf, ssize_t size, s2n_blocked_status *blocked); /** * Allows users of s2n-tls to peek inside the data buffer of an s2n-tls connection to see if there more data to be read without actually reading it. @@ -1990,8 +1871,7 @@ extern ssize_t s2n_recv(struct s2n_connection *conn, void *buf, ssize_t size, s2 * @param conn A pointer to the s2n_connection object * @returns The number of bytes that can be read from the connection */ -S2N_API -extern uint32_t s2n_peek(struct s2n_connection *conn); +S2N_API extern uint32_t s2n_peek(struct s2n_connection *conn); /** * Wipes and releases buffers and memory allocated during the TLS handshake. @@ -2001,8 +1881,7 @@ extern uint32_t s2n_peek(struct s2n_connection *conn); * @param conn A pointer to the s2n_connection object * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_free_handshake(struct s2n_connection *conn); +S2N_API extern int s2n_connection_free_handshake(struct s2n_connection *conn); /** * Wipes and free the `in` and `out` buffers associated with a connection. @@ -2013,8 +1892,7 @@ extern int s2n_connection_free_handshake(struct s2n_connection *conn); * @param conn A pointer to the s2n_connection object * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_release_buffers(struct s2n_connection *conn); +S2N_API extern int s2n_connection_release_buffers(struct s2n_connection *conn); /** * Wipes an existing connection and allows it to be reused. Erases all data associated with a connection including @@ -2026,8 +1904,7 @@ extern int s2n_connection_release_buffers(struct s2n_connection *conn); * @param conn A pointer to the s2n_connection object * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_wipe(struct s2n_connection *conn); +S2N_API extern int s2n_connection_wipe(struct s2n_connection *conn); /** * Frees the memory associated with an s2n_connection @@ -2038,8 +1915,7 @@ extern int s2n_connection_wipe(struct s2n_connection *conn); * @param conn A pointer to the s2n_connection object * @returns 0 on success. -1 on failure */ -S2N_API -extern int s2n_connection_free(struct s2n_connection *conn); +S2N_API extern int s2n_connection_free(struct s2n_connection *conn); /** * Attempts a closure at the TLS layer. Does not close the underlying transport. This call may block in either direction. @@ -2056,8 +1932,7 @@ extern int s2n_connection_free(struct s2n_connection *conn); * @param blocked A pointer which will be set to the blocked status, as in s2n_negotiate() * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_shutdown(struct s2n_connection *conn, s2n_blocked_status *blocked); +S2N_API extern int s2n_shutdown(struct s2n_connection *conn, s2n_blocked_status *blocked); /** * Used to declare what type of client certificate authentication to use. @@ -2077,8 +1952,7 @@ typedef enum { * @param client_auth_type A pointer to a client auth policy. This will be updated to the s2n_config value. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_get_client_auth_type(struct s2n_config *config, s2n_cert_auth_type *client_auth_type); +S2N_API extern int s2n_config_get_client_auth_type(struct s2n_config *config, s2n_cert_auth_type *client_auth_type); /** * Sets whether or not a Client Certificate should be required to complete the TLS Connection. @@ -2090,8 +1964,7 @@ extern int s2n_config_get_client_auth_type(struct s2n_config *config, s2n_cert_a * @param client_auth_type The client auth policy for the connection * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_client_auth_type(struct s2n_config *config, s2n_cert_auth_type client_auth_type); +S2N_API extern int s2n_config_set_client_auth_type(struct s2n_config *config, s2n_cert_auth_type client_auth_type); /** * Gets Client Certificate authentication method the s2n_connection object is using. @@ -2100,8 +1973,7 @@ extern int s2n_config_set_client_auth_type(struct s2n_config *config, s2n_cert_a * @param client_auth_type A pointer to a client auth policy. This will be updated to the s2n_connection value. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_get_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type *client_auth_type); +S2N_API extern int s2n_connection_get_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type *client_auth_type); /** * Sets whether or not a Client Certificate should be required to complete the TLS Connection. @@ -2113,8 +1985,7 @@ extern int s2n_connection_get_client_auth_type(struct s2n_connection *conn, s2n_ * @param client_auth_type The client auth policy for the connection * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type client_auth_type); +S2N_API extern int s2n_connection_set_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type client_auth_type); /** * Gets the client certificate chain and places it in the `der_cert_chain_out` buffer. `cert_chain_len` is updated @@ -2127,8 +1998,7 @@ extern int s2n_connection_set_client_auth_type(struct s2n_connection *conn, s2n_ * @param cert_chain_len A pointer to a uint32_t. This will be updated to match the size of the buffer `der_cert_chain_out` points to. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_get_client_cert_chain(struct s2n_connection *conn, uint8_t **der_cert_chain_out, uint32_t *cert_chain_len); +S2N_API extern int s2n_connection_get_client_cert_chain(struct s2n_connection *conn, uint8_t **der_cert_chain_out, uint32_t *cert_chain_len); /** * Sets the initial number of session tickets to send after a >=TLS1.3 handshake. The default value is one ticket. @@ -2137,8 +2007,7 @@ extern int s2n_connection_get_client_cert_chain(struct s2n_connection *conn, uin * @param num The number of session tickets that will be sent. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_config_set_initial_ticket_count(struct s2n_config *config, uint8_t num); +S2N_API extern int s2n_config_set_initial_ticket_count(struct s2n_config *config, uint8_t num); /** * Increases the number of session tickets to send after a >=TLS1.3 handshake. @@ -2147,8 +2016,7 @@ extern int s2n_config_set_initial_ticket_count(struct s2n_config *config, uint8_ * @param num The number of additional session tickets to send. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_add_new_tickets_to_send(struct s2n_connection *conn, uint8_t num); +S2N_API extern int s2n_connection_add_new_tickets_to_send(struct s2n_connection *conn, uint8_t num); /** * Returns the number of session tickets issued by the server. @@ -2162,8 +2030,7 @@ extern int s2n_connection_add_new_tickets_to_send(struct s2n_connection *conn, u * @param num The number of additional session tickets sent. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_get_tickets_sent(struct s2n_connection *conn, uint16_t *num); +S2N_API extern int s2n_connection_get_tickets_sent(struct s2n_connection *conn, uint16_t *num); /** * Sets the keying material lifetime for >=TLS1.3 session tickets so that one session doesn't get re-used ad infinitum. @@ -2173,8 +2040,7 @@ extern int s2n_connection_get_tickets_sent(struct s2n_connection *conn, uint16_t * @param lifetime_in_secs Lifetime of keying material in seconds. * @returns S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -extern int s2n_connection_set_server_keying_material_lifetime(struct s2n_connection *conn, uint32_t lifetime_in_secs); +S2N_API extern int s2n_connection_set_server_keying_material_lifetime(struct s2n_connection *conn, uint32_t lifetime_in_secs); struct s2n_session_ticket; @@ -2206,8 +2072,7 @@ typedef int (*s2n_session_ticket_fn)(struct s2n_connection *conn, void *ctx, str * @param callback The function that should be called when the callback is triggered. * @param ctx The context to be passed when the callback is called. */ -S2N_API -extern int s2n_config_set_session_ticket_cb(struct s2n_config *config, s2n_session_ticket_fn callback, void *ctx); +S2N_API extern int s2n_config_set_session_ticket_cb(struct s2n_config *config, s2n_session_ticket_fn callback, void *ctx); /** * Gets the length of the session ticket from a session ticket object. @@ -2215,8 +2080,7 @@ extern int s2n_config_set_session_ticket_cb(struct s2n_config *config, s2n_sessi * @param ticket Pointer to the session ticket object. * @param data_len Pointer to be set to the length of the session ticket on success. */ -S2N_API -extern int s2n_session_ticket_get_data_len(struct s2n_session_ticket *ticket, size_t *data_len); +S2N_API extern int s2n_session_ticket_get_data_len(struct s2n_session_ticket *ticket, size_t *data_len); /** * Gets the session ticket data from a session ticket object. @@ -2229,8 +2093,7 @@ extern int s2n_session_ticket_get_data_len(struct s2n_session_ticket *ticket, si * @param max_data_len Maximum length of data that can be written to the 'data' pointer. * @param data Pointer to where the session ticket data will be stored. */ -S2N_API -extern int s2n_session_ticket_get_data(struct s2n_session_ticket *ticket, size_t max_data_len, uint8_t *data); +S2N_API extern int s2n_session_ticket_get_data(struct s2n_session_ticket *ticket, size_t max_data_len, uint8_t *data); /** * Gets the lifetime in seconds of the session ticket from a session ticket object. @@ -2238,8 +2101,7 @@ extern int s2n_session_ticket_get_data(struct s2n_session_ticket *ticket, size_t * @param ticket Pointer to the session ticket object. * @param session_lifetime Pointer to a variable where the lifetime of the session ticket will be stored. */ -S2N_API -extern int s2n_session_ticket_get_lifetime(struct s2n_session_ticket *ticket, uint32_t *session_lifetime); +S2N_API extern int s2n_session_ticket_get_lifetime(struct s2n_session_ticket *ticket, uint32_t *session_lifetime); /** * De-serializes the session state and updates the connection accordingly. @@ -2250,8 +2112,7 @@ extern int s2n_session_ticket_get_lifetime(struct s2n_session_ticket *ticket, ui * * @returns The number of copied bytes */ -S2N_API -extern int s2n_connection_set_session(struct s2n_connection *conn, const uint8_t *session, size_t length); +S2N_API extern int s2n_connection_set_session(struct s2n_connection *conn, const uint8_t *session, size_t length); /** * Serializes the session state from connection and copies into the `session` buffer and returns the number of copied bytes @@ -2266,8 +2127,7 @@ extern int s2n_connection_set_session(struct s2n_connection *conn, const uint8_t * * @returns The number of copied bytes */ -S2N_API -extern int s2n_connection_get_session(struct s2n_connection *conn, uint8_t *session, size_t max_length); +S2N_API extern int s2n_connection_get_session(struct s2n_connection *conn, uint8_t *session, size_t max_length); /** * Retrieves a hint from the server indicating how long this ticket's lifetime is. @@ -2280,8 +2140,7 @@ extern int s2n_connection_get_session(struct s2n_connection *conn, uint8_t *sess * * @returns The session ticket lifetime hint in seconds from the server or -1 when session ticket was not used for resumption. */ -S2N_API -extern int s2n_connection_get_session_ticket_lifetime_hint(struct s2n_connection *conn); +S2N_API extern int s2n_connection_get_session_ticket_lifetime_hint(struct s2n_connection *conn); /** * Use this to query the serialized session state size before copying it into a buffer. @@ -2290,8 +2149,7 @@ extern int s2n_connection_get_session_ticket_lifetime_hint(struct s2n_connection * * @returns number of bytes needed to store serialized session state */ -S2N_API -extern int s2n_connection_get_session_length(struct s2n_connection *conn); +S2N_API extern int s2n_connection_get_session_length(struct s2n_connection *conn); /** * Gets the latest session id's length from the connection. @@ -2302,8 +2160,7 @@ extern int s2n_connection_get_session_length(struct s2n_connection *conn); * * @returns The latest session id length from the connection. Session id length will be 0 for TLS versions >= TLS1.3 as stateful session resumption has not yet been implemented in TLS1.3. */ -S2N_API -extern int s2n_connection_get_session_id_length(struct s2n_connection *conn); +S2N_API extern int s2n_connection_get_session_id_length(struct s2n_connection *conn); /** * Gets the latest session id from the connection, copies it into the `session_id` buffer, and returns the number of copied bytes. @@ -2318,8 +2175,7 @@ extern int s2n_connection_get_session_id_length(struct s2n_connection *conn); * * @returns The number of copied bytes. */ -S2N_API -extern int s2n_connection_get_session_id(struct s2n_connection *conn, uint8_t *session_id, size_t max_length); +S2N_API extern int s2n_connection_get_session_id(struct s2n_connection *conn, uint8_t *session_id, size_t max_length); /** * Check if the connection was resumed from an earlier handshake. @@ -2328,8 +2184,7 @@ extern int s2n_connection_get_session_id(struct s2n_connection *conn, uint8_t *s * * @returns returns 1 if the handshake was abbreviated, otherwise returns 0 */ -S2N_API -extern int s2n_connection_is_session_resumed(struct s2n_connection *conn); +S2N_API extern int s2n_connection_is_session_resumed(struct s2n_connection *conn); /** * Check is the connection is OCSP stapled. @@ -2338,8 +2193,7 @@ extern int s2n_connection_is_session_resumed(struct s2n_connection *conn); * * @returns 1 if OCSP response was sent (if connection is in S2N_SERVER mode) or received (if connection is in S2N_CLIENT mode) during handshake, otherwise it returns 0. */ -S2N_API -extern int s2n_connection_is_ocsp_stapled(struct s2n_connection *conn); +S2N_API extern int s2n_connection_is_ocsp_stapled(struct s2n_connection *conn); /** * TLS Signature Algorithms - RFC 5246 7.4.1.4.1 @@ -2379,8 +2233,7 @@ typedef enum { * * @returns S2N_SUCCESS on success. S2N_FAILURE if bad parameters are received. */ -S2N_API -extern int s2n_connection_get_selected_signature_algorithm(struct s2n_connection *conn, s2n_tls_signature_algorithm *chosen_alg); +S2N_API extern int s2n_connection_get_selected_signature_algorithm(struct s2n_connection *conn, s2n_tls_signature_algorithm *chosen_alg); /** * Get the connection's selected digest algorithm. @@ -2390,8 +2243,7 @@ extern int s2n_connection_get_selected_signature_algorithm(struct s2n_connection * * @returns S2N_SUCCESS on success. S2N_FAILURE if bad parameters are received. */ -S2N_API -extern int s2n_connection_get_selected_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg); +S2N_API extern int s2n_connection_get_selected_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg); /** * Get the client certificate's signature algorithm. @@ -2401,8 +2253,7 @@ extern int s2n_connection_get_selected_digest_algorithm(struct s2n_connection *c * * @returns S2N_SUCCESS on success. S2N_FAILURE if bad parameters are received. */ -S2N_API -extern int s2n_connection_get_selected_client_cert_signature_algorithm(struct s2n_connection *conn, s2n_tls_signature_algorithm *chosen_alg); +S2N_API extern int s2n_connection_get_selected_client_cert_signature_algorithm(struct s2n_connection *conn, s2n_tls_signature_algorithm *chosen_alg); /** * Get the client certificate's digest algorithm. @@ -2412,8 +2263,7 @@ extern int s2n_connection_get_selected_client_cert_signature_algorithm(struct s2 * * @returns S2N_SUCCESS on success. S2N_FAILURE if bad parameters are received. */ -S2N_API -extern int s2n_connection_get_selected_client_cert_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg); +S2N_API extern int s2n_connection_get_selected_client_cert_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg); /** * Get the certificate used during the TLS handshake @@ -2428,16 +2278,14 @@ extern int s2n_connection_get_selected_client_cert_digest_algorithm(struct s2n_c * * @returns NULL if the certificate selection phase of the handshake has not completed or if a certificate was not requested by the peer */ -S2N_API -extern struct s2n_cert_chain_and_key *s2n_connection_get_selected_cert(struct s2n_connection *conn); +S2N_API extern struct s2n_cert_chain_and_key *s2n_connection_get_selected_cert(struct s2n_connection *conn); /** * @param chain_and_key A pointer to the s2n_cert_chain_and_key object being read. * @param cert_length This return value represents the length of the s2n certificate chain `chain_and_key`. * @returns the length of the s2n certificate chain `chain_and_key`. */ -S2N_API -extern int s2n_cert_chain_get_length(const struct s2n_cert_chain_and_key *chain_and_key, uint32_t *cert_length); +S2N_API extern int s2n_cert_chain_get_length(const struct s2n_cert_chain_and_key *chain_and_key, uint32_t *cert_length); /** * Returns the certificate `out_cert` present at the index `cert_idx` of the certificate chain `chain_and_key`. @@ -2457,8 +2305,7 @@ extern int s2n_cert_chain_get_length(const struct s2n_cert_chain_and_key *chain_ * @param out_cert A pointer to the output s2n_cert `out_cert` present at the index `cert_idx` of the certificate chain `chain_and_key`. * @param cert_idx The certificate index for the requested certificate within the s2n certificate chain. */ -S2N_API -extern int s2n_cert_chain_get_cert(const struct s2n_cert_chain_and_key *chain_and_key, struct s2n_cert **out_cert, const uint32_t cert_idx); +S2N_API extern int s2n_cert_chain_get_cert(const struct s2n_cert_chain_and_key *chain_and_key, struct s2n_cert **out_cert, const uint32_t cert_idx); /** * Returns the s2n certificate in DER format along with its length. @@ -2485,8 +2332,7 @@ extern int s2n_cert_chain_get_cert(const struct s2n_cert_chain_and_key *chain_an * @param out_cert_der A pointer to the output buffer which will hold the s2n certificate `cert` in DER format. * @param cert_length This return value represents the length of the certificate. */ -S2N_API -extern int s2n_cert_get_der(const struct s2n_cert *cert, const uint8_t **out_cert_der, uint32_t *cert_length); +S2N_API extern int s2n_cert_get_der(const struct s2n_cert *cert, const uint8_t **out_cert_der, uint32_t *cert_length); /** * Returns the validated peer certificate chain as a `s2n_cert_chain_and_key` opaque object. @@ -2498,8 +2344,7 @@ extern int s2n_cert_get_der(const struct s2n_cert *cert, const uint8_t **out_cer * @param conn A pointer to the s2n_connection object being read. * @param cert_chain The returned validated peer certificate chain `cert_chain` retrieved from the s2n connection. */ -S2N_API -extern int s2n_connection_get_peer_cert_chain(const struct s2n_connection *conn, struct s2n_cert_chain_and_key *cert_chain); +S2N_API extern int s2n_connection_get_peer_cert_chain(const struct s2n_connection *conn, struct s2n_cert_chain_and_key *cert_chain); /** * Returns the length of the DER encoded extension value of the ASN.1 X.509 certificate extension. @@ -2508,8 +2353,7 @@ extern int s2n_connection_get_peer_cert_chain(const struct s2n_connection *conn, * @param oid A null-terminated cstring that contains the OID of the X.509 certificate extension to be read. * @param ext_value_len This return value contains the length of DER encoded extension value of the ASN.1 X.509 certificate extension. */ -S2N_API -extern int s2n_cert_get_x509_extension_value_length(struct s2n_cert *cert, const uint8_t *oid, uint32_t *ext_value_len); +S2N_API extern int s2n_cert_get_x509_extension_value_length(struct s2n_cert *cert, const uint8_t *oid, uint32_t *ext_value_len); /** * Returns the DER encoding of an ASN.1 X.509 certificate extension value, it's length and a boolean critical. @@ -2522,8 +2366,7 @@ extern int s2n_cert_get_x509_extension_value_length(struct s2n_cert *cert, const * When used as an output parameter, `ext_value_len` holds the actual length of the DER encoding of the ASN.1 X.509 certificate extension value returned. * @param critical This return value contains the boolean value for `critical`. */ -S2N_API -extern int s2n_cert_get_x509_extension_value(struct s2n_cert *cert, const uint8_t *oid, uint8_t *ext_value, uint32_t *ext_value_len, bool *critical); +S2N_API extern int s2n_cert_get_x509_extension_value(struct s2n_cert *cert, const uint8_t *oid, uint8_t *ext_value, uint32_t *ext_value_len, bool *critical); /** * Returns the UTF8 String length of the ASN.1 X.509 certificate extension data. @@ -2532,8 +2375,7 @@ extern int s2n_cert_get_x509_extension_value(struct s2n_cert *cert, const uint8_ * @param extension_len represents the length of the input buffer `extension_data`. * @param utf8_str_len This return value contains the UTF8 String length of the ASN.1 X.509 certificate extension data. */ -S2N_API -extern int s2n_cert_get_utf8_string_from_extension_data_length(const uint8_t *extension_data, uint32_t extension_len, uint32_t *utf8_str_len); +S2N_API extern int s2n_cert_get_utf8_string_from_extension_data_length(const uint8_t *extension_data, uint32_t extension_len, uint32_t *utf8_str_len); /** * Returns the UTF8 String representation of the DER encoded ASN.1 X.509 certificate extension data. @@ -2546,8 +2388,7 @@ extern int s2n_cert_get_utf8_string_from_extension_data_length(const uint8_t *ex * When used as an input parameter, the caller must use this parameter to convey the maximum length of `out_data`. * When used as an output parameter, `out_len` holds the actual length of UTF8 String returned. */ -S2N_API -extern int s2n_cert_get_utf8_string_from_extension_data(const uint8_t *extension_data, uint32_t extension_len, uint8_t *out_data, uint32_t *out_len); +S2N_API extern int s2n_cert_get_utf8_string_from_extension_data(const uint8_t *extension_data, uint32_t extension_len, uint8_t *out_data, uint32_t *out_len); /** * Pre-shared key (PSK) Hash Algorithm - RFC 8446 Section-2.2 @@ -2570,16 +2411,14 @@ struct s2n_psk; * * @returns struct s2n_psk* Returns a pointer to the newly created external PSK object. */ -S2N_API -struct s2n_psk *s2n_external_psk_new(void); +S2N_API struct s2n_psk *s2n_external_psk_new(void); /** * Frees the memory associated with the external PSK object. * * @param psk Pointer to the PSK object to be freed. */ -S2N_API -int s2n_psk_free(struct s2n_psk **psk); +S2N_API int s2n_psk_free(struct s2n_psk **psk); /** * Sets the identity for a given external PSK object. @@ -2598,8 +2437,7 @@ int s2n_psk_free(struct s2n_psk **psk); * @param identity The identity in raw bytes format to be copied. * @param identity_size The length of the PSK identity being set. */ -S2N_API -int s2n_psk_set_identity(struct s2n_psk *psk, const uint8_t *identity, uint16_t identity_size); +S2N_API int s2n_psk_set_identity(struct s2n_psk *psk, const uint8_t *identity, uint16_t identity_size); /** * Sets the out-of-band/externally provisioned secret for a given external PSK object. @@ -2617,8 +2455,7 @@ int s2n_psk_set_identity(struct s2n_psk *psk, const uint8_t *identity, uint16_t * @param secret The secret in raw bytes format to be copied. * @param secret_size The length of the pre-shared secret being set. */ -S2N_API -int s2n_psk_set_secret(struct s2n_psk *psk, const uint8_t *secret, uint16_t secret_size); +S2N_API int s2n_psk_set_secret(struct s2n_psk *psk, const uint8_t *secret, uint16_t secret_size); /** * Sets the hash algorithm for a given external PSK object. The supported PSK hash @@ -2627,8 +2464,7 @@ int s2n_psk_set_secret(struct s2n_psk *psk, const uint8_t *secret, uint16_t secr * @param psk A pointer to the external PSK object to be updated with the PSK hash algorithm. * @param hmac The PSK hash algorithm being set. */ -S2N_API -int s2n_psk_set_hmac(struct s2n_psk *psk, s2n_psk_hmac hmac); +S2N_API int s2n_psk_set_hmac(struct s2n_psk *psk, s2n_psk_hmac hmac); /** * Appends a PSK object to the list of PSKs supported by the s2n connection. @@ -2639,8 +2475,7 @@ int s2n_psk_set_hmac(struct s2n_psk *psk, s2n_psk_hmac hmac); * @param conn A pointer to the s2n_connection object that contains the list of PSKs supported. * @param psk A pointer to the `s2n_psk` object to be appended to the list of PSKs on the s2n connection. */ -S2N_API -int s2n_connection_append_psk(struct s2n_connection *conn, struct s2n_psk *psk); +S2N_API int s2n_connection_append_psk(struct s2n_connection *conn, struct s2n_psk *psk); /** * The list of PSK modes supported by s2n-tls for TLS versions >= TLS1.3. @@ -2660,8 +2495,7 @@ typedef enum { * @param config A pointer to the s2n_config object being updated. * @param mode The PSK mode to be set. */ -S2N_API -int s2n_config_set_psk_mode(struct s2n_config *config, s2n_psk_mode mode); +S2N_API int s2n_config_set_psk_mode(struct s2n_config *config, s2n_psk_mode mode); /** * Sets the PSK mode on the s2n connection object. @@ -2671,8 +2505,7 @@ int s2n_config_set_psk_mode(struct s2n_config *config, s2n_psk_mode mode); * @param conn A pointer to the s2n_connection object being updated. * @param mode The PSK mode to be set. */ -S2N_API -int s2n_connection_set_psk_mode(struct s2n_connection *conn, s2n_psk_mode mode); +S2N_API int s2n_connection_set_psk_mode(struct s2n_connection *conn, s2n_psk_mode mode); /** * Gets the negotiated PSK identity length from the s2n connection object. The negotiated PSK @@ -2685,8 +2518,7 @@ int s2n_connection_set_psk_mode(struct s2n_connection *conn, s2n_psk_mode mode); * @param conn A pointer to the s2n_connection object that successfully negotiated a PSK connection. * @param identity_length The length of the negotiated PSK identity. */ -S2N_API -int s2n_connection_get_negotiated_psk_identity_length(struct s2n_connection *conn, uint16_t *identity_length); +S2N_API int s2n_connection_get_negotiated_psk_identity_length(struct s2n_connection *conn, uint16_t *identity_length); /** * Gets the negotiated PSK identity from the s2n connection object. @@ -2704,8 +2536,7 @@ int s2n_connection_get_negotiated_psk_identity_length(struct s2n_connection *con * @param max_identity_length The maximum length for the PSK identity. If the negotiated psk_identity length is * greater than this `max_identity_length` value an error will be returned. */ -S2N_API -int s2n_connection_get_negotiated_psk_identity(struct s2n_connection *conn, uint8_t *identity, uint16_t max_identity_length); +S2N_API int s2n_connection_get_negotiated_psk_identity(struct s2n_connection *conn, uint8_t *identity, uint16_t max_identity_length); struct s2n_offered_psk; @@ -2719,16 +2550,14 @@ struct s2n_offered_psk; * * @returns struct s2n_offered_psk* Returns a pointer to the newly created offered PSK object. */ -S2N_API -struct s2n_offered_psk *s2n_offered_psk_new(void); +S2N_API struct s2n_offered_psk *s2n_offered_psk_new(void); /** * Frees the memory associated with the `s2n_offered_psk` object. * * @param psk A pointer to the `s2n_offered_psk` object to be freed. */ -S2N_API -int s2n_offered_psk_free(struct s2n_offered_psk **psk); +S2N_API int s2n_offered_psk_free(struct s2n_offered_psk **psk); /** * Gets the PSK identity and PSK identity length for a given offered PSK object. @@ -2737,8 +2566,7 @@ int s2n_offered_psk_free(struct s2n_offered_psk **psk); * @param identity The PSK identity being obtained. * @param size The length of the PSK identity being obtained. */ -S2N_API -int s2n_offered_psk_get_identity(struct s2n_offered_psk *psk, uint8_t **identity, uint16_t *size); +S2N_API int s2n_offered_psk_get_identity(struct s2n_offered_psk *psk, uint8_t **identity, uint16_t *size); struct s2n_offered_psk_list; @@ -2754,8 +2582,7 @@ struct s2n_offered_psk_list; * @param psk_list A pointer to the offered PSK list being read. * @returns bool A boolean value representing whether an offered psk object is present next in line in the offered PSK list. */ -S2N_API -bool s2n_offered_psk_list_has_next(struct s2n_offered_psk_list *psk_list); +S2N_API bool s2n_offered_psk_list_has_next(struct s2n_offered_psk_list *psk_list); /** * Obtains the next offered PSK object from the list of offered PSKs. Use `s2n_offered_psk_list_has_next` @@ -2764,8 +2591,7 @@ bool s2n_offered_psk_list_has_next(struct s2n_offered_psk_list *psk_list); * @param psk_list A pointer to the offered PSK list being read. * @param psk A pointer to the next offered PSK object being obtained. */ -S2N_API -int s2n_offered_psk_list_next(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk); +S2N_API int s2n_offered_psk_list_next(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk); /** * Returns the offered PSK list to its original read state. @@ -2775,8 +2601,7 @@ int s2n_offered_psk_list_next(struct s2n_offered_psk_list *psk_list, struct s2n_ * * @param psk_list A pointer to the offered PSK list being reread. */ -S2N_API -int s2n_offered_psk_list_reread(struct s2n_offered_psk_list *psk_list); +S2N_API int s2n_offered_psk_list_reread(struct s2n_offered_psk_list *psk_list); /** * Chooses a PSK from the offered PSK list to be used for the connection. @@ -2817,8 +2642,7 @@ typedef int (*s2n_psk_selection_callback)(struct s2n_connection *conn, void *con * @param cb The function that should be called when the callback is triggered. * @param context A pointer to a context for the caller to pass state to the callback, if needed. */ -S2N_API -int s2n_config_set_psk_selection_callback(struct s2n_config *config, s2n_psk_selection_callback cb, void *context); +S2N_API int s2n_config_set_psk_selection_callback(struct s2n_config *config, s2n_psk_selection_callback cb, void *context); /** * Get the number of bytes the connection has received. @@ -2826,8 +2650,7 @@ int s2n_config_set_psk_selection_callback(struct s2n_config *config, s2n_psk_sel * @param conn A pointer to the connection * @returns return the number of bytes received by s2n-tls "on the wire" */ -S2N_API -extern uint64_t s2n_connection_get_wire_bytes_in(struct s2n_connection *conn); +S2N_API extern uint64_t s2n_connection_get_wire_bytes_in(struct s2n_connection *conn); /** * Get the number of bytes the connection has transmitted out. @@ -2835,8 +2658,7 @@ extern uint64_t s2n_connection_get_wire_bytes_in(struct s2n_connection *conn); * @param conn A pointer to the connection * @returns return the number of bytes transmitted out by s2n-tls "on the wire" */ -S2N_API -extern uint64_t s2n_connection_get_wire_bytes_out(struct s2n_connection *conn); +S2N_API extern uint64_t s2n_connection_get_wire_bytes_out(struct s2n_connection *conn); /** * Access the protocol version supported by the client. @@ -2847,8 +2669,7 @@ extern uint64_t s2n_connection_get_wire_bytes_out(struct s2n_connection *conn); * @param conn A pointer to the connection * @returns returns the highest protocol version supported by the client */ -S2N_API -extern int s2n_connection_get_client_protocol_version(struct s2n_connection *conn); +S2N_API extern int s2n_connection_get_client_protocol_version(struct s2n_connection *conn); /** * Access the protocol version supported by the server. @@ -2859,8 +2680,7 @@ extern int s2n_connection_get_client_protocol_version(struct s2n_connection *con * @param conn A pointer to the connection * @returns Returns the highest protocol version supported by the server */ -S2N_API -extern int s2n_connection_get_server_protocol_version(struct s2n_connection *conn); +S2N_API extern int s2n_connection_get_server_protocol_version(struct s2n_connection *conn); /** * Access the protocol version selected for the connection. @@ -2871,8 +2691,7 @@ extern int s2n_connection_get_server_protocol_version(struct s2n_connection *con * @param conn A pointer to the connection * @returns The protocol version actually negotiated by the handshake */ -S2N_API -extern int s2n_connection_get_actual_protocol_version(struct s2n_connection *conn); +S2N_API extern int s2n_connection_get_actual_protocol_version(struct s2n_connection *conn); /** * Access the client hello protocol version for the connection. @@ -2883,8 +2702,7 @@ extern int s2n_connection_get_actual_protocol_version(struct s2n_connection *con * @param conn A pointer to the connection * @returns The protocol version used to send the initial client hello message. */ -S2N_API -extern int s2n_connection_get_client_hello_version(struct s2n_connection *conn); +S2N_API extern int s2n_connection_get_client_hello_version(struct s2n_connection *conn); /** * Check if Client Auth was used for a connection. @@ -2893,8 +2711,7 @@ extern int s2n_connection_get_client_hello_version(struct s2n_connection *conn); * @returns 1 if the handshake completed and Client Auth was negotiated during then * handshake. */ -S2N_API -extern int s2n_connection_client_cert_used(struct s2n_connection *conn); +S2N_API extern int s2n_connection_client_cert_used(struct s2n_connection *conn); /** * A function that provides a human readable string of the cipher suite that was chosen @@ -2909,8 +2726,7 @@ extern int s2n_connection_client_cert_used(struct s2n_connection *conn); * @param conn A pointer to the connection * @returns A string indicating the cipher suite negotiated by s2n in OpenSSL format. */ -S2N_API -extern const char *s2n_connection_get_cipher(struct s2n_connection *conn); +S2N_API extern const char *s2n_connection_get_cipher(struct s2n_connection *conn); /** * Returns the IANA value for the connection's negotiated cipher suite. @@ -2927,8 +2743,7 @@ extern const char *s2n_connection_get_cipher(struct s2n_connection *conn); * @param second A pointer to a single byte, which will be updated with the second byte in the registered IANA value. * @returns A POSIX error signal. If an error was returned, the values contained in `first` and `second` should be considered invalid. */ -S2N_API -extern int s2n_connection_get_cipher_iana_value(struct s2n_connection *conn, uint8_t *first, uint8_t *second); +S2N_API extern int s2n_connection_get_cipher_iana_value(struct s2n_connection *conn, uint8_t *first, uint8_t *second); /** * Function to check if the cipher used by current connection is supported by the current @@ -2937,8 +2752,7 @@ extern int s2n_connection_get_cipher_iana_value(struct s2n_connection *conn, uin * @param version A string representing the security policy to check against. * @returns 1 if the connection satisfies the cipher suite. 0 if the connection does not satisfy the cipher suite. -1 if there is an error. */ -S2N_API -extern int s2n_connection_is_valid_for_cipher_preferences(struct s2n_connection *conn, const char *version); +S2N_API extern int s2n_connection_is_valid_for_cipher_preferences(struct s2n_connection *conn, const char *version); /** * Function to get the human readable elliptic curve name for the connection. @@ -2946,8 +2760,7 @@ extern int s2n_connection_is_valid_for_cipher_preferences(struct s2n_connection * @param conn A pointer to the s2n connection * @returns A string indicating the elliptic curve used during ECDHE key exchange. The string "NONE" is returned if no curve was used. */ -S2N_API -extern const char *s2n_connection_get_curve(struct s2n_connection *conn); +S2N_API extern const char *s2n_connection_get_curve(struct s2n_connection *conn); /** * Function to get the human readable KEM name for the connection. @@ -2955,8 +2768,7 @@ extern const char *s2n_connection_get_curve(struct s2n_connection *conn); * @param conn A pointer to the s2n connection * @returns A human readable string for the KEM group. If there is no KEM configured returns "NONE" */ -S2N_API -extern const char *s2n_connection_get_kem_name(struct s2n_connection *conn); +S2N_API extern const char *s2n_connection_get_kem_name(struct s2n_connection *conn); /** * Function to get the human readable KEM group name for the connection. @@ -2964,8 +2776,7 @@ extern const char *s2n_connection_get_kem_name(struct s2n_connection *conn); * @param conn A pointer to the s2n connection * @returns A human readable string for the KEM group. If the connection is < TLS1.3 or there is no KEM group configured returns "NONE" */ -S2N_API -extern const char *s2n_connection_get_kem_group_name(struct s2n_connection *conn); +S2N_API extern const char *s2n_connection_get_kem_group_name(struct s2n_connection *conn); /** * Function to get the alert that caused a connection to close. s2n-tls considers all @@ -2974,8 +2785,7 @@ extern const char *s2n_connection_get_kem_group_name(struct s2n_connection *conn * @param conn A pointer to the s2n connection * @returns The TLS alert code that caused a connection to be shut down */ -S2N_API -extern int s2n_connection_get_alert(struct s2n_connection *conn); +S2N_API extern int s2n_connection_get_alert(struct s2n_connection *conn); /** * Function to return the last TLS handshake type that was processed. The returned format is a human readable string. @@ -2983,16 +2793,14 @@ extern int s2n_connection_get_alert(struct s2n_connection *conn); * @param conn A pointer to the s2n connection * @returns A human-readable handshake type name, e.g. "NEGOTIATED|FULL_HANDSHAKE|PERFECT_FORWARD_SECRECY" */ -S2N_API -extern const char *s2n_connection_get_handshake_type_name(struct s2n_connection *conn); +S2N_API extern const char *s2n_connection_get_handshake_type_name(struct s2n_connection *conn); /** * Function to return the last TLS message that was processed. The returned format is a human readable string. * @param conn A pointer to the s2n connection * @returns The last message name in the TLS state machine, e.g. "SERVER_HELLO", "APPLICATION_DATA". */ -S2N_API -extern const char *s2n_connection_get_last_message_name(struct s2n_connection *conn); +S2N_API extern const char *s2n_connection_get_last_message_name(struct s2n_connection *conn); /** * Opaque async private key operation handle @@ -3040,8 +2848,7 @@ typedef int (*s2n_async_pkey_fn)(struct s2n_connection *conn, struct s2n_async_p * @param config Config to set the callback * @param fn The function that should be called for each private key operation */ -S2N_API -extern int s2n_config_set_async_pkey_callback(struct s2n_config *config, s2n_async_pkey_fn fn); +S2N_API extern int s2n_config_set_async_pkey_callback(struct s2n_config *config, s2n_async_pkey_fn fn); /** * Performs a private key operation using the given private key. @@ -3055,8 +2862,7 @@ extern int s2n_config_set_async_pkey_callback(struct s2n_config *config, s2n_asy * @param key The private key used for the operation. It can be extracted from * `conn` through the `s2n_connection_get_selected_cert` and `s2n_cert_chain_and_key_get_private_key` calls */ -S2N_API -extern int s2n_async_pkey_op_perform(struct s2n_async_pkey_op *op, s2n_cert_private_key *key); +S2N_API extern int s2n_async_pkey_op_perform(struct s2n_async_pkey_op *op, s2n_cert_private_key *key); /** * Finalizes a private key operation and unblocks the connection. @@ -3071,8 +2877,7 @@ extern int s2n_async_pkey_op_perform(struct s2n_async_pkey_op *op, s2n_cert_priv * @param op An opaque object representing the private key operation * @param conn The connection associated with the operation that should be unblocked */ -S2N_API -extern int s2n_async_pkey_op_apply(struct s2n_async_pkey_op *op, struct s2n_connection *conn); +S2N_API extern int s2n_async_pkey_op_apply(struct s2n_async_pkey_op *op, struct s2n_connection *conn); /** * Frees the opaque structure representing a private key operation. @@ -3083,8 +2888,7 @@ extern int s2n_async_pkey_op_apply(struct s2n_async_pkey_op *op, struct s2n_conn * * @param op An opaque object representing the private key operation */ -S2N_API -extern int s2n_async_pkey_op_free(struct s2n_async_pkey_op *op); +S2N_API extern int s2n_async_pkey_op_free(struct s2n_async_pkey_op *op); /** * Configures whether or not s2n-tls will perform potentially expensive validation of @@ -3093,8 +2897,7 @@ extern int s2n_async_pkey_op_free(struct s2n_async_pkey_op *op); * @param config Config to set the validation mode for * @param mode What level of validation to perform */ -S2N_API -extern int s2n_config_set_async_pkey_validation_mode(struct s2n_config *config, s2n_async_pkey_validation_mode mode); +S2N_API extern int s2n_config_set_async_pkey_validation_mode(struct s2n_config *config, s2n_async_pkey_validation_mode mode); /** * Returns the type of the private key operation. @@ -3102,8 +2905,7 @@ extern int s2n_config_set_async_pkey_validation_mode(struct s2n_config *config, * @param op An opaque object representing the private key operation * @param type A pointer to be set to the type */ -S2N_API -extern int s2n_async_pkey_op_get_op_type(struct s2n_async_pkey_op *op, s2n_async_pkey_op_type *type); +S2N_API extern int s2n_async_pkey_op_get_op_type(struct s2n_async_pkey_op *op, s2n_async_pkey_op_type *type); /** * Returns the size of the input to the private key operation. @@ -3111,8 +2913,7 @@ extern int s2n_async_pkey_op_get_op_type(struct s2n_async_pkey_op *op, s2n_async * @param op An opaque object representing the private key operation * @param data_len A pointer to be set to the size */ -S2N_API -extern int s2n_async_pkey_op_get_input_size(struct s2n_async_pkey_op *op, uint32_t *data_len); +S2N_API extern int s2n_async_pkey_op_get_input_size(struct s2n_async_pkey_op *op, uint32_t *data_len); /** * Returns the input to the private key operation. @@ -3130,8 +2931,7 @@ extern int s2n_async_pkey_op_get_input_size(struct s2n_async_pkey_op *op, uint32 * @param data A pointer to a buffer to copy the input into * @param data_len The maximum size of the `data` buffer */ -S2N_API -extern int s2n_async_pkey_op_get_input(struct s2n_async_pkey_op *op, uint8_t *data, uint32_t data_len); +S2N_API extern int s2n_async_pkey_op_get_input(struct s2n_async_pkey_op *op, uint8_t *data, uint32_t data_len); /** * Sets the output of the private key operation. @@ -3144,8 +2944,7 @@ extern int s2n_async_pkey_op_get_input(struct s2n_async_pkey_op *op, uint8_t *da * @param data A pointer to a buffer containing the output * @param data_len The size of the `data` buffer */ -S2N_API -extern int s2n_async_pkey_op_set_output(struct s2n_async_pkey_op *op, const uint8_t *data, uint32_t data_len); +S2N_API extern int s2n_async_pkey_op_set_output(struct s2n_async_pkey_op *op, const uint8_t *data, uint32_t data_len); /** * Callback function for handling key log events @@ -3185,8 +2984,7 @@ typedef int (*s2n_key_log_fn)(void *ctx, struct s2n_connection *conn, uint8_t *l * @param callback The function that should be called for each secret log entry * @param ctx The context to be passed when the callback is called */ -S2N_API -extern int s2n_config_set_key_log_cb(struct s2n_config *config, s2n_key_log_fn callback, void *ctx); +S2N_API extern int s2n_config_set_key_log_cb(struct s2n_config *config, s2n_key_log_fn callback, void *ctx); /** * s2n_config_enable_cert_req_dss_legacy_compat adds a dss cert type in the server certificate request when being called. @@ -3194,8 +2992,7 @@ extern int s2n_config_set_key_log_cb(struct s2n_config *config, s2n_key_log_fn c * Please DO NOT call this api unless you know you actually need legacy DSS certificate type compatibility * @param config Config to enable legacy DSS certificates for */ -S2N_API -extern int s2n_config_enable_cert_req_dss_legacy_compat(struct s2n_config *config); +S2N_API extern int s2n_config_enable_cert_req_dss_legacy_compat(struct s2n_config *config); /** * Sets the maximum bytes of early data the server will accept. diff --git a/contrib/restricted/aws/s2n/api/unstable/crl.h b/contrib/restricted/aws/s2n/api/unstable/crl.h index 149dd84697..aafd141517 100644 --- a/contrib/restricted/aws/s2n/api/unstable/crl.h +++ b/contrib/restricted/aws/s2n/api/unstable/crl.h @@ -55,8 +55,7 @@ typedef int (*s2n_crl_lookup_callback)(struct s2n_crl_lookup *lookup, void *cont * @param context Context to be passed to the callback function. * @return S2N_SUCCESS on success, S2N_FAILURE on failure */ -S2N_API -int s2n_config_set_crl_lookup_cb(struct s2n_config *config, s2n_crl_lookup_callback callback, void *context); +S2N_API int s2n_config_set_crl_lookup_cb(struct s2n_config *config, s2n_crl_lookup_callback callback, void *context); /** * Allocates a new `s2n_crl` struct. @@ -67,8 +66,7 @@ int s2n_config_set_crl_lookup_cb(struct s2n_config *config, s2n_crl_lookup_callb * * @return A pointer to the allocated `s2n_crl` struct. */ -S2N_API -struct s2n_crl *s2n_crl_new(void); +S2N_API struct s2n_crl *s2n_crl_new(void); /** * Loads a CRL with pem data. @@ -78,8 +76,7 @@ struct s2n_crl *s2n_crl_new(void); * @param len The length of the pem data. * @return S2N_SUCCESS on success, S2N_FAILURE on error. */ -S2N_API -int s2n_crl_load_pem(struct s2n_crl *crl, uint8_t *pem, size_t len); +S2N_API int s2n_crl_load_pem(struct s2n_crl *crl, uint8_t *pem, size_t len); /** * Frees a CRL. @@ -89,8 +86,7 @@ int s2n_crl_load_pem(struct s2n_crl *crl, uint8_t *pem, size_t len); * @param crl The CRL to free. * @return S2N_SUCCESS on success, S2N_FAILURE on error. */ -S2N_API -int s2n_crl_free(struct s2n_crl **crl); +S2N_API int s2n_crl_free(struct s2n_crl **crl); /** * Retrieves the issuer hash of a CRL. @@ -103,8 +99,7 @@ int s2n_crl_free(struct s2n_crl **crl); * @param hash A pointer that will be set to the hash value. * @return S2N_SUCCESS on success. S2N_FAILURE on failure */ -S2N_API -int s2n_crl_get_issuer_hash(struct s2n_crl *crl, uint64_t *hash); +S2N_API int s2n_crl_get_issuer_hash(struct s2n_crl *crl, uint64_t *hash); /** * Determines if the CRL is currently active. @@ -116,8 +111,7 @@ int s2n_crl_get_issuer_hash(struct s2n_crl *crl, uint64_t *hash); * @param crl The CRL to validate. * @return S2N_SUCCESS if `crl` is active, S2N_FAILURE if `crl` is not active, or the active status cannot be determined. */ -S2N_API -int s2n_crl_validate_active(struct s2n_crl *crl); +S2N_API int s2n_crl_validate_active(struct s2n_crl *crl); /** * Determines if the CRL has expired. @@ -131,8 +125,7 @@ int s2n_crl_validate_active(struct s2n_crl *crl); * @param crl The CRL to validate. * @return S2N_SUCCESS if `crl` has not expired, S2N_FAILURE if `crl` has expired, or the expiration status cannot be determined. */ -S2N_API -int s2n_crl_validate_not_expired(struct s2n_crl *crl); +S2N_API int s2n_crl_validate_not_expired(struct s2n_crl *crl); /** * Retrieves the issuer hash of the certificate. @@ -145,8 +138,7 @@ int s2n_crl_validate_not_expired(struct s2n_crl *crl); * @param hash A pointer that will be set to the hash value. * @return S2N_SUCCESS on success, S2N_FAILURE on failure. */ -S2N_API -int s2n_crl_lookup_get_cert_issuer_hash(struct s2n_crl_lookup *lookup, uint64_t *hash); +S2N_API int s2n_crl_lookup_get_cert_issuer_hash(struct s2n_crl_lookup *lookup, uint64_t *hash); /** * Provide s2n-tls with a CRL from the CRL lookup callback. @@ -161,8 +153,7 @@ int s2n_crl_lookup_get_cert_issuer_hash(struct s2n_crl_lookup *lookup, uint64_t * @param crl The CRL to include in the list of CRLs used to validate the certificate chain. * @return S2N_SUCCESS on success, S2N_FAILURE on failure. */ -S2N_API -int s2n_crl_lookup_set(struct s2n_crl_lookup *lookup, struct s2n_crl *crl); +S2N_API int s2n_crl_lookup_set(struct s2n_crl_lookup *lookup, struct s2n_crl *crl); /** * Skip providing a CRL from the CRL lookup callback. @@ -177,5 +168,4 @@ int s2n_crl_lookup_set(struct s2n_crl_lookup *lookup, struct s2n_crl *crl); * @param lookup The CRL lookup for the given certificate. * @return S2N_SUCCESS on success, S2N_FAILURE on failure. */ -S2N_API -int s2n_crl_lookup_ignore(struct s2n_crl_lookup *lookup); +S2N_API int s2n_crl_lookup_ignore(struct s2n_crl_lookup *lookup); diff --git a/contrib/restricted/aws/s2n/api/unstable/renegotiate.h b/contrib/restricted/aws/s2n/api/unstable/renegotiate.h index c605988cb8..b3e8e04d1a 100644 --- a/contrib/restricted/aws/s2n/api/unstable/renegotiate.h +++ b/contrib/restricted/aws/s2n/api/unstable/renegotiate.h @@ -81,8 +81,7 @@ typedef int (*s2n_renegotiate_request_cb)(struct s2n_connection *conn, void *con * @param context Context to be passed to the callback function. * @returns S2N_SUCCESS on success, S2N_FAILURE on error. */ -S2N_API -int s2n_config_set_renegotiate_request_cb(struct s2n_config *config, s2n_renegotiate_request_cb callback, void *context); +S2N_API int s2n_config_set_renegotiate_request_cb(struct s2n_config *config, s2n_renegotiate_request_cb callback, void *context); /** * Reset the connection so that it can be renegotiated. @@ -115,8 +114,7 @@ int s2n_config_set_renegotiate_request_cb(struct s2n_config *config, s2n_renegot * @param conn A pointer to the connection object. * @returns S2N_SUCCESS on success, S2N_FAILURE on error. */ -S2N_API -int s2n_renegotiate_wipe(struct s2n_connection *conn); +S2N_API int s2n_renegotiate_wipe(struct s2n_connection *conn); /** * Perform a new handshake on an already established connection. @@ -140,6 +138,5 @@ int s2n_renegotiate_wipe(struct s2n_connection *conn); * @param blocked A pointer which will be set to the blocked status. * @returns S2N_SUCCESS if the handshake completed. S2N_FAILURE if the handshake encountered an error or is blocked. */ -S2N_API -int s2n_renegotiate(struct s2n_connection *conn, uint8_t *app_data_buf, ssize_t app_data_buf_size, +S2N_API int s2n_renegotiate(struct s2n_connection *conn, uint8_t *app_data_buf, ssize_t app_data_buf_size, ssize_t *app_data_size, s2n_blocked_status *blocked); diff --git a/contrib/restricted/aws/s2n/crypto/s2n_hash.c b/contrib/restricted/aws/s2n/crypto/s2n_hash.c index b2d817851d..96dae1424c 100644 --- a/contrib/restricted/aws/s2n/crypto/s2n_hash.c +++ b/contrib/restricted/aws/s2n/crypto/s2n_hash.c @@ -165,8 +165,8 @@ static int s2n_low_level_hash_init(struct s2n_hash_state *state, s2n_hash_algori POSIX_GUARD_OSSL(SHA512_Init(&state->digest.low_level.sha512), S2N_ERR_HASH_INIT_FAILED); break; case S2N_HASH_MD5_SHA1: - POSIX_GUARD_OSSL(SHA1_Init(&state->digest.low_level.md5_sha1.sha1), S2N_ERR_HASH_INIT_FAILED);; - POSIX_GUARD_OSSL(MD5_Init(&state->digest.low_level.md5_sha1.md5), S2N_ERR_HASH_INIT_FAILED);; + POSIX_GUARD_OSSL(SHA1_Init(&state->digest.low_level.md5_sha1.sha1), S2N_ERR_HASH_INIT_FAILED); + POSIX_GUARD_OSSL(MD5_Init(&state->digest.low_level.md5_sha1.md5), S2N_ERR_HASH_INIT_FAILED); break; default: diff --git a/contrib/restricted/aws/s2n/pq-crypto/kyber_r3/kyber512r3_kem.c b/contrib/restricted/aws/s2n/pq-crypto/kyber_r3/kyber512r3_kem.c index e35b3df805..06c86ccad2 100644 --- a/contrib/restricted/aws/s2n/pq-crypto/kyber_r3/kyber512r3_kem.c +++ b/contrib/restricted/aws/s2n/pq-crypto/kyber_r3/kyber512r3_kem.c @@ -24,7 +24,7 @@ S2N_ENSURE_PORTABLE_OPTIMIZATIONS * * Returns 0 (success) **************************************************/ -int s2n_kyber_512_r3_crypto_kem_keypair(unsigned char *pk, unsigned char *sk) +int s2n_kyber_512_r3_crypto_kem_keypair(uint8_t *pk, uint8_t *sk) { POSIX_ENSURE(s2n_pq_is_enabled(), S2N_ERR_PQ_DISABLED); #if defined(S2N_KYBER512R3_AVX2_BMI2) @@ -60,7 +60,7 @@ int s2n_kyber_512_r3_crypto_kem_keypair(unsigned char *pk, unsigned char *sk) * * Returns 0 (success) **************************************************/ -int s2n_kyber_512_r3_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) +int s2n_kyber_512_r3_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) { POSIX_ENSURE(s2n_pq_is_enabled(), S2N_ERR_PQ_DISABLED); uint8_t buf[2*S2N_KYBER_512_R3_SYMBYTES]; @@ -109,7 +109,7 @@ int s2n_kyber_512_r3_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const * * On failure, ss will contain a pseudo-random value. **************************************************/ -int s2n_kyber_512_r3_crypto_kem_dec(unsigned char *ss, const unsigned char *ct, const unsigned char *sk) +int s2n_kyber_512_r3_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) { POSIX_ENSURE(s2n_pq_is_enabled(), S2N_ERR_PQ_DISABLED); uint8_t buf[2*S2N_KYBER_512_R3_SYMBYTES]; diff --git a/contrib/restricted/aws/s2n/pq-crypto/s2n_kyber_512_evp.c b/contrib/restricted/aws/s2n/pq-crypto/s2n_kyber_512_evp.c new file mode 100644 index 0000000000..36e6d3d85e --- /dev/null +++ b/contrib/restricted/aws/s2n/pq-crypto/s2n_kyber_512_evp.c @@ -0,0 +1,86 @@ +/* +* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +* +* Licensed under the Apache License, Version 2.0 (the "License"). +* You may not use this file except in compliance with the License. +* A copy of the License is located at +* +* http://aws.amazon.com/apache2.0 +* +* or in the "license" file accompanying this file. This file is distributed +* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +* express or implied. See the License for the specific language governing +* permissions and limitations under the License. +*/ + +#include "s2n_kyber_512_evp.h" + +#include <openssl/evp.h> +#include <stddef.h> + +#include "error/s2n_errno.h" +#include "tls/s2n_kem.h" +#include "utils/s2n_safety_macros.h" + +#if defined(S2N_LIBCRYPTO_SUPPORTS_KYBER512) +int s2n_kyber_512_evp_generate_keypair(uint8_t *public_key, uint8_t *private_key) { + EVP_PKEY_CTX *kyber_pkey_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_KYBER512, NULL); + POSIX_GUARD_PTR(kyber_pkey_ctx); + POSIX_ENSURE(EVP_PKEY_keygen_init(kyber_pkey_ctx), S2N_FAILURE); + + EVP_PKEY *kyber_pkey = NULL; + POSIX_ENSURE(EVP_PKEY_keygen(kyber_pkey_ctx, &kyber_pkey), S2N_FAILURE); + + size_t public_key_size = S2N_KYBER_512_R3_PUBLIC_KEY_BYTES; + size_t private_key_size = S2N_KYBER_512_R3_SECRET_KEY_BYTES; + POSIX_ENSURE(EVP_PKEY_get_raw_public_key(kyber_pkey, public_key, &public_key_size), S2N_FAILURE); + POSIX_ENSURE(EVP_PKEY_get_raw_private_key(kyber_pkey, private_key, &private_key_size), S2N_FAILURE); + + return S2N_SUCCESS; +} + +int s2n_kyber_512_evp_encapsulate(uint8_t *ciphertext, uint8_t *shared_secret, + const uint8_t *public_key) { + size_t public_key_size = S2N_KYBER_512_R3_PUBLIC_KEY_BYTES; + EVP_PKEY *kyber_pkey = EVP_PKEY_new_raw_public_key(EVP_PKEY_KYBER512, NULL, public_key, public_key_size); + POSIX_GUARD_PTR(kyber_pkey); + + EVP_PKEY_CTX *kyber_pkey_ctx = EVP_PKEY_CTX_new(kyber_pkey, NULL); + POSIX_GUARD_PTR(kyber_pkey_ctx); + + size_t cipher_text_size = S2N_KYBER_512_R3_CIPHERTEXT_BYTES; + size_t shared_secret_size = S2N_KYBER_512_R3_SHARED_SECRET_BYTES; + POSIX_ENSURE(EVP_PKEY_encapsulate(kyber_pkey_ctx, ciphertext, &cipher_text_size, shared_secret, + &shared_secret_size), S2N_FAILURE); + return S2N_SUCCESS; +} + +int s2n_kyber_512_evp_decapsulate(uint8_t *shared_secret, const uint8_t *ciphertext, + const uint8_t *private_key) { + size_t private_key_size = S2N_KYBER_512_R3_SECRET_KEY_BYTES; + EVP_PKEY *kyber_pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_KYBER512, NULL, private_key, private_key_size); + POSIX_GUARD_PTR(kyber_pkey); + + EVP_PKEY_CTX *kyber_pkey_ctx = EVP_PKEY_CTX_new(kyber_pkey, NULL); + POSIX_GUARD_PTR(kyber_pkey_ctx); + + size_t shared_secret_size = S2N_KYBER_512_R3_SHARED_SECRET_BYTES; + POSIX_ENSURE(EVP_PKEY_decapsulate(kyber_pkey_ctx, shared_secret, &shared_secret_size, (uint8_t *) ciphertext, + S2N_KYBER_512_R3_CIPHERTEXT_BYTES), S2N_FAILURE); + return S2N_SUCCESS; +} +#else +int s2n_kyber_512_evp_generate_keypair(OUT uint8_t *public_key, OUT uint8_t *private_key) { + POSIX_BAIL(S2N_ERR_UNIMPLEMENTED); +} + +int s2n_kyber_512_evp_encapsulate(OUT uint8_t *ciphertext, OUT uint8_t *shared_secret, + IN const uint8_t *public_key) { + POSIX_BAIL(S2N_ERR_UNIMPLEMENTED); +} + +int s2n_kyber_512_evp_decapsulate(OUT uint8_t *shared_secret, IN const uint8_t *ciphertext, + IN const uint8_t *private_key) { + POSIX_BAIL(S2N_ERR_UNIMPLEMENTED); +} +#endif diff --git a/contrib/restricted/aws/s2n/pq-crypto/s2n_kyber_512_evp.h b/contrib/restricted/aws/s2n/pq-crypto/s2n_kyber_512_evp.h new file mode 100644 index 0000000000..1a62a7cc92 --- /dev/null +++ b/contrib/restricted/aws/s2n/pq-crypto/s2n_kyber_512_evp.h @@ -0,0 +1,22 @@ +/* +* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +* +* Licensed under the Apache License, Version 2.0 (the "License"). +* You may not use this file except in compliance with the License. +* A copy of the License is located at +* +* http://aws.amazon.com/apache2.0 +* +* or in the "license" file accompanying this file. This file is distributed +* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +* express or implied. See the License for the specific language governing +* permissions and limitations under the License. +*/ + +#pragma once + +#include "tls/s2n_kem.h" + +int s2n_kyber_512_evp_generate_keypair(OUT uint8_t *public_key, OUT uint8_t *private_key); +int s2n_kyber_512_evp_encapsulate(OUT uint8_t *ciphertext, OUT uint8_t *shared_secret, IN const uint8_t *public_key); +int s2n_kyber_512_evp_decapsulate(OUT uint8_t *shared_secret, IN const uint8_t *ciphertext, IN const uint8_t *private_key); diff --git a/contrib/restricted/aws/s2n/pq-crypto/s2n_pq.c b/contrib/restricted/aws/s2n/pq-crypto/s2n_pq.c index e684aed377..abaf8f2d65 100644 --- a/contrib/restricted/aws/s2n/pq-crypto/s2n_pq.c +++ b/contrib/restricted/aws/s2n/pq-crypto/s2n_pq.c @@ -14,7 +14,9 @@ */ #include "s2n_pq.h" + #include "crypto/s2n_openssl.h" +#include "s2n_kyber_512_evp.h" static bool kyber512r3_avx2_bmi2_enabled = false; @@ -97,6 +99,13 @@ bool s2n_pq_is_enabled() { #endif } +bool s2n_libcrypto_supports_kyber_512() { +#if defined(S2N_LIBCRYPTO_SUPPORTS_KYBER512) + return true; +#else + return false; +#endif +} S2N_RESULT s2n_disable_kyber512r3_opt_avx2_bmi2() { kyber512r3_avx2_bmi2_enabled = false; diff --git a/contrib/restricted/aws/s2n/pq-crypto/s2n_pq.h b/contrib/restricted/aws/s2n/pq-crypto/s2n_pq.h index 1c9ca37812..6ac074dc49 100644 --- a/contrib/restricted/aws/s2n/pq-crypto/s2n_pq.h +++ b/contrib/restricted/aws/s2n/pq-crypto/s2n_pq.h @@ -26,4 +26,5 @@ S2N_RESULT s2n_try_enable_kyber512r3_opt_avx2_bmi2(void); S2N_RESULT s2n_disable_kyber512r3_opt_avx2_bmi2(void); bool s2n_pq_is_enabled(void); +bool s2n_libcrypto_supports_kyber_512(void); S2N_RESULT s2n_pq_init(void); diff --git a/contrib/restricted/aws/s2n/tls/s2n_cipher_preferences.c b/contrib/restricted/aws/s2n/tls/s2n_cipher_preferences.c index 3690338fd3..62d5951e99 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_cipher_preferences.c +++ b/contrib/restricted/aws/s2n/tls/s2n_cipher_preferences.c @@ -55,6 +55,7 @@ struct s2n_cipher_suite *cipher_suites_20190801[] = { const struct s2n_cipher_preferences cipher_preferences_20190801 = { .count = s2n_array_len(cipher_suites_20190801), .suites = cipher_suites_20190801, + .allow_chacha20_boosting = false, }; /* Same as 20190801, but with ECDSA for TLS 1.2 added */ @@ -80,6 +81,7 @@ struct s2n_cipher_suite *cipher_suites_20210831[] = { const struct s2n_cipher_preferences cipher_preferences_20210831 = { .count = s2n_array_len(cipher_suites_20210831), .suites = cipher_suites_20210831, + .allow_chacha20_boosting = false, }; /* @@ -107,6 +109,7 @@ struct s2n_cipher_suite *cipher_suites_default_fips[] = { const struct s2n_cipher_preferences cipher_preferences_default_fips = { .count = s2n_array_len(cipher_suites_default_fips), .suites = cipher_suites_default_fips, + .allow_chacha20_boosting = false, }; /* s2n's list of cipher suites, in order of preference, as of 2014-06-01 */ @@ -124,12 +127,14 @@ struct s2n_cipher_suite *cipher_suites_20140601[] = { const struct s2n_cipher_preferences cipher_preferences_20140601 = { .count = s2n_array_len(cipher_suites_20140601), .suites = cipher_suites_20140601, + .allow_chacha20_boosting = false, }; /* Disable SSLv3 due to POODLE */ const struct s2n_cipher_preferences cipher_preferences_20141001 = { .count = s2n_array_len(cipher_suites_20140601), .suites = cipher_suites_20140601, + .allow_chacha20_boosting = false, }; /* Disable RC4 */ @@ -145,6 +150,7 @@ struct s2n_cipher_suite *cipher_suites_20150202[] = { const struct s2n_cipher_preferences cipher_preferences_20150202 = { .count = s2n_array_len(cipher_suites_20150202), .suites = cipher_suites_20150202, + .allow_chacha20_boosting = false, }; /* Support AES-GCM modes */ @@ -162,6 +168,7 @@ struct s2n_cipher_suite *cipher_suites_20150214[] = { const struct s2n_cipher_preferences cipher_preferences_20150214 = { .count = s2n_array_len(cipher_suites_20150214), .suites = cipher_suites_20150214, + .allow_chacha20_boosting = false, }; /* Make a CBC cipher #1 to avoid negotiating GCM with buggy Java clients */ @@ -184,6 +191,7 @@ struct s2n_cipher_suite *cipher_suites_20160411[] = { const struct s2n_cipher_preferences cipher_preferences_20160411 = { .count = s2n_array_len(cipher_suites_20160411), .suites = cipher_suites_20160411, + .allow_chacha20_boosting = false, }; /* Use ECDHE instead of plain DHE. Prioritize ECDHE in favour of non ECDHE; GCM in favour of CBC; AES128 in favour of AES256. */ @@ -203,6 +211,7 @@ struct s2n_cipher_suite *cipher_suites_20150306[] = { const struct s2n_cipher_preferences cipher_preferences_20150306 = { .count = s2n_array_len(cipher_suites_20150306), .suites = cipher_suites_20150306, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_20160804[] = { @@ -224,6 +233,7 @@ struct s2n_cipher_suite *cipher_suites_20160804[] = { const struct s2n_cipher_preferences cipher_preferences_20160804 = { .count = s2n_array_len(cipher_suites_20160804), .suites = cipher_suites_20160804, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_20160824[] = { @@ -240,6 +250,7 @@ struct s2n_cipher_suite *cipher_suites_20160824[] = { const struct s2n_cipher_preferences cipher_preferences_20160824 = { .count = s2n_array_len(cipher_suites_20160824), .suites = cipher_suites_20160824, + .allow_chacha20_boosting = false, }; /* Add ChaCha20 suite */ @@ -258,6 +269,7 @@ struct s2n_cipher_suite *cipher_suites_20170210[] = { const struct s2n_cipher_preferences cipher_preferences_20170210 = { .count = s2n_array_len(cipher_suites_20170210), .suites = cipher_suites_20170210, + .allow_chacha20_boosting = false, }; /* Same as 20160411, but with ChaCha20 added as 1st in Preference List */ @@ -281,6 +293,7 @@ struct s2n_cipher_suite *cipher_suites_20190122[] = { const struct s2n_cipher_preferences cipher_preferences_20190122 = { .count = s2n_array_len(cipher_suites_20190122), .suites = cipher_suites_20190122, + .allow_chacha20_boosting = false, }; /* Same as 20160804, but with ChaCha20 added as 2nd in Preference List */ @@ -304,6 +317,7 @@ struct s2n_cipher_suite *cipher_suites_20190121[] = { const struct s2n_cipher_preferences cipher_preferences_20190121 = { .count = s2n_array_len(cipher_suites_20190121), .suites = cipher_suites_20190121, + .allow_chacha20_boosting = false, }; /* Same as 20160411, but with ChaCha20 in 3rd Place after CBC and GCM */ @@ -327,6 +341,7 @@ struct s2n_cipher_suite *cipher_suites_20190120[] = { const struct s2n_cipher_preferences cipher_preferences_20190120 = { .count = s2n_array_len(cipher_suites_20190120), .suites = cipher_suites_20190120, + .allow_chacha20_boosting = false, }; /* Preferences optimized for interop, includes ECDSA priortitized. DHE and 3DES are added(at the lowest preference). */ @@ -361,6 +376,7 @@ struct s2n_cipher_suite *cipher_suites_20190214[] = { const struct s2n_cipher_preferences cipher_preferences_20190214 = { .count = s2n_array_len(cipher_suites_20190214), .suites = cipher_suites_20190214, + .allow_chacha20_boosting = false, }; /* 20190214 with aes-gcm prioritized above aes-cbc */ @@ -395,6 +411,7 @@ struct s2n_cipher_suite *cipher_suites_20190214_gcm[] = { const struct s2n_cipher_preferences cipher_preferences_20190214_gcm = { .count = s2n_array_len(cipher_suites_20190214_gcm), .suites = cipher_suites_20190214_gcm, + .allow_chacha20_boosting = false, }; /* Same as cipher_suites_20190214, but with TLS 1.3 Ciphers */ @@ -430,6 +447,7 @@ struct s2n_cipher_suite *cipher_suites_20210825[] = { const struct s2n_cipher_preferences cipher_preferences_20210825 = { .count = s2n_array_len(cipher_suites_20210825), .suites = cipher_suites_20210825, + .allow_chacha20_boosting = false, }; /* Same as cipher_suites_20190214_gcm, but with TLS 1.3 Ciphers */ @@ -465,6 +483,7 @@ struct s2n_cipher_suite *cipher_suites_20210825_gcm[] = { const struct s2n_cipher_preferences cipher_preferences_20210825_gcm = { .count = s2n_array_len(cipher_suites_20210825_gcm), .suites = cipher_suites_20210825_gcm, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_null[] = { @@ -474,6 +493,7 @@ struct s2n_cipher_suite *cipher_suites_null[] = { const struct s2n_cipher_preferences cipher_preferences_null = { .count = s2n_array_len(cipher_suites_null), .suites = cipher_suites_null, + .allow_chacha20_boosting = false, }; /* Preferences optimized for interop. DHE and 3DES are added(at the lowest preference). */ @@ -502,6 +522,7 @@ struct s2n_cipher_suite *cipher_suites_20170328[] = { const struct s2n_cipher_preferences cipher_preferences_20170328 = { .count = s2n_array_len(cipher_suites_20170328), .suites = cipher_suites_20170328, + .allow_chacha20_boosting = false, }; /* Equivalent to cipher_suites_20170328 with aes-gcm prioritized above aes-cbc */ @@ -530,6 +551,7 @@ struct s2n_cipher_suite *cipher_suites_20170328_gcm[] = { const struct s2n_cipher_preferences cipher_preferences_20170328_gcm = { .count = s2n_array_len(cipher_suites_20170328_gcm), .suites = cipher_suites_20170328_gcm, + .allow_chacha20_boosting = false, }; /* Preferences optimized for FIPS compatibility. */ @@ -550,6 +572,7 @@ struct s2n_cipher_suite *cipher_suites_20170405[] = { const struct s2n_cipher_preferences cipher_preferences_20170405 = { .count = s2n_array_len(cipher_suites_20170405), .suites = cipher_suites_20170405, + .allow_chacha20_boosting = false, }; /* Preferences optimized for FIPS compatibility with GCM prioritized */ @@ -570,6 +593,7 @@ struct s2n_cipher_suite *cipher_suites_20170405_gcm[] = { const struct s2n_cipher_preferences cipher_preferences_20170405_gcm = { .count = s2n_array_len(cipher_suites_20170405_gcm), .suites = cipher_suites_20170405_gcm, + .allow_chacha20_boosting = false, }; /* Equivalent to cipher_suite_20160411 with 3DES removed. @@ -592,6 +616,7 @@ struct s2n_cipher_suite *cipher_suites_20170718[] = { const struct s2n_cipher_preferences cipher_preferences_20170718 = { .count = s2n_array_len(cipher_suites_20170718), .suites = cipher_suites_20170718, + .allow_chacha20_boosting = false, }; /* Equivalent to cipher_suites_20170718 with aes-gcm prioritized above aes-cbc */ @@ -613,6 +638,7 @@ struct s2n_cipher_suite *cipher_suites_20170718_gcm[] = { const struct s2n_cipher_preferences cipher_preferences_20170718_gcm = { .count = s2n_array_len(cipher_suites_20170718_gcm), .suites = cipher_suites_20170718_gcm, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_elb_security_policy_2015_04[] = { @@ -640,6 +666,7 @@ struct s2n_cipher_suite *cipher_suites_elb_security_policy_2015_04[] = { const struct s2n_cipher_preferences elb_security_policy_2015_04 = { .count = s2n_array_len(cipher_suites_elb_security_policy_2015_04), .suites = cipher_suites_elb_security_policy_2015_04, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_elb_security_policy_2016_08[] = { @@ -666,6 +693,7 @@ struct s2n_cipher_suite *cipher_suites_elb_security_policy_2016_08[] = { const struct s2n_cipher_preferences elb_security_policy_2016_08 = { .count = s2n_array_len(cipher_suites_elb_security_policy_2016_08), .suites = cipher_suites_elb_security_policy_2016_08, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_elb_security_policy_tls_1_2_2017_01[] = { @@ -686,6 +714,7 @@ struct s2n_cipher_suite *cipher_suites_elb_security_policy_tls_1_2_2017_01[] = { const struct s2n_cipher_preferences elb_security_policy_tls_1_2_2017_01 = { .count = s2n_array_len(cipher_suites_elb_security_policy_tls_1_2_2017_01), .suites = cipher_suites_elb_security_policy_tls_1_2_2017_01, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_elb_security_policy_tls_1_1_2017_01[] = { @@ -712,6 +741,7 @@ struct s2n_cipher_suite *cipher_suites_elb_security_policy_tls_1_1_2017_01[] = { const struct s2n_cipher_preferences elb_security_policy_tls_1_1_2017_01 = { .count = s2n_array_len(cipher_suites_elb_security_policy_tls_1_1_2017_01), .suites = cipher_suites_elb_security_policy_tls_1_1_2017_01, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_elb_security_policy_tls_1_2_ext_2018_06[] = { @@ -738,6 +768,7 @@ struct s2n_cipher_suite *cipher_suites_elb_security_policy_tls_1_2_ext_2018_06[] const struct s2n_cipher_preferences elb_security_policy_tls_1_2_ext_2018_06 = { .count = s2n_array_len(cipher_suites_elb_security_policy_tls_1_2_ext_2018_06), .suites = cipher_suites_elb_security_policy_tls_1_2_ext_2018_06, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_elb_security_policy_fs_2018_06[] = { @@ -758,6 +789,7 @@ struct s2n_cipher_suite *cipher_suites_elb_security_policy_fs_2018_06[] = { const struct s2n_cipher_preferences elb_security_policy_fs_2018_06 = { .count = s2n_array_len(cipher_suites_elb_security_policy_fs_2018_06), .suites = cipher_suites_elb_security_policy_fs_2018_06, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_elb_security_policy_fs_1_2_2019_08[] = { @@ -778,6 +810,7 @@ struct s2n_cipher_suite *cipher_suites_elb_security_policy_fs_1_2_2019_08[] = { const struct s2n_cipher_preferences elb_security_policy_fs_1_2_2019_08 = { .count = s2n_array_len(cipher_suites_elb_security_policy_fs_1_2_2019_08), .suites = cipher_suites_elb_security_policy_fs_1_2_2019_08, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_elb_security_policy_fs_1_1_2019_08[] = { @@ -798,6 +831,7 @@ struct s2n_cipher_suite *cipher_suites_elb_security_policy_fs_1_1_2019_08[] = { const struct s2n_cipher_preferences elb_security_policy_fs_1_1_2019_08 = { .count = s2n_array_len(cipher_suites_elb_security_policy_fs_1_1_2019_08), .suites = cipher_suites_elb_security_policy_fs_1_1_2019_08, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_elb_security_policy_fs_1_2_Res_2019_08[] = { @@ -814,6 +848,7 @@ struct s2n_cipher_suite *cipher_suites_elb_security_policy_fs_1_2_Res_2019_08[] const struct s2n_cipher_preferences elb_security_policy_fs_1_2_Res_2019_08 = { .count = s2n_array_len(cipher_suites_elb_security_policy_fs_1_2_Res_2019_08), .suites = cipher_suites_elb_security_policy_fs_1_2_Res_2019_08, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_upstream[] = { @@ -841,6 +876,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_upstream[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_upstream = { .count = s2n_array_len(cipher_suites_cloudfront_upstream), .suites = cipher_suites_cloudfront_upstream, + .allow_chacha20_boosting = false, }; /* CloudFront viewer facing (with TLS 1.3) */ @@ -865,6 +901,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_ssl_v_3[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_ssl_v_3 = { .count = s2n_array_len(cipher_suites_cloudfront_ssl_v_3), .suites = cipher_suites_cloudfront_ssl_v_3, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_0_2014[] = { @@ -894,6 +931,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_0_2014[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_0_2014 = { .count = s2n_array_len(cipher_suites_cloudfront_tls_1_0_2014), .suites = cipher_suites_cloudfront_tls_1_0_2014, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_0_2016[] = { @@ -922,6 +960,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_0_2016[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_0_2016 = { .count = s2n_array_len(cipher_suites_cloudfront_tls_1_0_2016), .suites = cipher_suites_cloudfront_tls_1_0_2016, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_1_2016[] = { @@ -950,6 +989,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_1_2016[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_1_2016 = { .count = s2n_array_len(cipher_suites_cloudfront_tls_1_1_2016), .suites = cipher_suites_cloudfront_tls_1_1_2016, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_2_2018[] = { @@ -972,6 +1012,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_2_2018[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2018 = { .count = s2n_array_len(cipher_suites_cloudfront_tls_1_2_2018), .suites = cipher_suites_cloudfront_tls_1_2_2018, + .allow_chacha20_boosting = false, }; /* CloudFront viewer facing legacy TLS 1.2 policies */ @@ -1000,6 +1041,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_ssl_v_3_legacy[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_ssl_v_3_legacy = { .count = s2n_array_len(cipher_suites_cloudfront_ssl_v_3_legacy), .suites = cipher_suites_cloudfront_ssl_v_3_legacy, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_0_2014_legacy[] = { @@ -1026,6 +1068,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_0_2014_legacy[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_0_2014_legacy = { .count = s2n_array_len(cipher_suites_cloudfront_tls_1_0_2014_legacy), .suites = cipher_suites_cloudfront_tls_1_0_2014_legacy, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_0_2016_legacy[] = { @@ -1051,6 +1094,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_0_2016_legacy[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_0_2016_legacy = { .count = s2n_array_len(cipher_suites_cloudfront_tls_1_0_2016_legacy), .suites = cipher_suites_cloudfront_tls_1_0_2016_legacy, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_1_2016_legacy[] = { @@ -1076,6 +1120,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_1_2016_legacy[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_1_2016_legacy = { .count = s2n_array_len(cipher_suites_cloudfront_tls_1_1_2016_legacy), .suites = cipher_suites_cloudfront_tls_1_1_2016_legacy, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_2_2018_legacy[] = { @@ -1095,6 +1140,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_2_2018_legacy[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2018_legacy = { .count = s2n_array_len(cipher_suites_cloudfront_tls_1_2_2018_legacy), .suites = cipher_suites_cloudfront_tls_1_2_2018_legacy, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_2_2019_legacy[] = { @@ -1111,6 +1157,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_2_2019_legacy[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2019_legacy = { .count = s2n_array_len(cipher_suites_cloudfront_tls_1_2_2019_legacy), .suites = cipher_suites_cloudfront_tls_1_2_2019_legacy, + .allow_chacha20_boosting = false, }; /* CloudFront upstream */ @@ -1139,6 +1186,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_upstream_tls10[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_upstream_tls10 = { .count = s2n_array_len(cipher_suites_cloudfront_upstream_tls10), .suites = cipher_suites_cloudfront_upstream_tls10, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_upstream_tls11[] = { @@ -1166,6 +1214,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_upstream_tls11[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_upstream_tls11 = { .count = s2n_array_len(cipher_suites_cloudfront_upstream_tls11), .suites = cipher_suites_cloudfront_upstream_tls11, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_upstream_tls12[] = { @@ -1193,6 +1242,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_upstream_tls12[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_upstream_tls12 = { .count = s2n_array_len(cipher_suites_cloudfront_upstream_tls12), .suites = cipher_suites_cloudfront_upstream_tls12, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_2_2019[] = { @@ -1212,6 +1262,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_2_2019[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2019 = { .count = s2n_array_len(cipher_suites_cloudfront_tls_1_2_2019), .suites = cipher_suites_cloudfront_tls_1_2_2019, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_2_2021[] = { @@ -1227,6 +1278,7 @@ struct s2n_cipher_suite *cipher_suites_cloudfront_tls_1_2_2021[] = { const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2021 = { .count = s2n_array_len(cipher_suites_cloudfront_tls_1_2_2021), .suites = cipher_suites_cloudfront_tls_1_2_2021, + .allow_chacha20_boosting = false, }; /* Based on cipher_preferences_cloudfront_tls_1_0_2016, but with ordering changed and AES256-SHA256, DES-CBC3-SHA, and @@ -1260,6 +1312,7 @@ struct s2n_cipher_suite *cipher_suites_aws_crt_sdk_ssl_v3[] = { const struct s2n_cipher_preferences cipher_preferences_aws_crt_sdk_ssl_v3 = { .count = s2n_array_len(cipher_suites_aws_crt_sdk_ssl_v3), .suites = cipher_suites_aws_crt_sdk_ssl_v3, + .allow_chacha20_boosting = false, }; /* Based on cipher_preferences_cloudfront_tls_1_0_2016, but with ordering changed and AES256-SHA256 added for @@ -1291,6 +1344,7 @@ struct s2n_cipher_suite *cipher_suites_aws_crt_sdk_default[] = { const struct s2n_cipher_preferences cipher_preferences_aws_crt_sdk_default = { .count = s2n_array_len(cipher_suites_aws_crt_sdk_default), .suites = cipher_suites_aws_crt_sdk_default, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_aws_crt_sdk_tls_13[] = { @@ -1300,6 +1354,7 @@ struct s2n_cipher_suite *cipher_suites_aws_crt_sdk_tls_13[] = { const struct s2n_cipher_preferences cipher_preferences_aws_crt_sdk_tls_13 = { .count = s2n_array_len(cipher_suites_aws_crt_sdk_tls_13), .suites = cipher_suites_aws_crt_sdk_tls_13, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_kms_tls_1_0_2018_10[] = { @@ -1318,6 +1373,7 @@ struct s2n_cipher_suite *cipher_suites_kms_tls_1_0_2018_10[] = { const struct s2n_cipher_preferences cipher_preferences_kms_tls_1_0_2018_10 = { .count = s2n_array_len(cipher_suites_kms_tls_1_0_2018_10), .suites = cipher_suites_kms_tls_1_0_2018_10, + .allow_chacha20_boosting = false, }; @@ -1338,6 +1394,7 @@ struct s2n_cipher_suite *cipher_suites_kms_tls_1_0_2021_08[] = { const struct s2n_cipher_preferences cipher_preferences_kms_tls_1_0_2021_08 = { .count = s2n_array_len(cipher_suites_kms_tls_1_0_2021_08), .suites = cipher_suites_kms_tls_1_0_2021_08, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_kms_pq_tls_1_0_2019_06[] = { @@ -1357,6 +1414,7 @@ struct s2n_cipher_suite *cipher_suites_kms_pq_tls_1_0_2019_06[] = { const struct s2n_cipher_preferences cipher_preferences_kms_pq_tls_1_0_2019_06 = { .count = s2n_array_len(cipher_suites_kms_pq_tls_1_0_2019_06), .suites = cipher_suites_kms_pq_tls_1_0_2019_06, + .allow_chacha20_boosting = false, }; /* Includes round 1 and round 2 PQ KEM params. The cipher suite list is the same @@ -1364,6 +1422,7 @@ const struct s2n_cipher_preferences cipher_preferences_kms_pq_tls_1_0_2019_06 = const struct s2n_cipher_preferences cipher_preferences_kms_pq_tls_1_0_2020_02 = { .count = s2n_array_len(cipher_suites_kms_pq_tls_1_0_2019_06), .suites = cipher_suites_kms_pq_tls_1_0_2019_06, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_pq_sike_test_tls_1_0_2019_11[] = { @@ -1383,6 +1442,7 @@ struct s2n_cipher_suite *cipher_suites_pq_sike_test_tls_1_0_2019_11[] = { const struct s2n_cipher_preferences cipher_preferences_pq_sike_test_tls_1_0_2019_11 = { .count = s2n_array_len(cipher_suites_pq_sike_test_tls_1_0_2019_11), .suites = cipher_suites_pq_sike_test_tls_1_0_2019_11, + .allow_chacha20_boosting = false, }; /* Previously included SIKE round 1 and round 2 (for integration tests). The cipher suite list @@ -1390,6 +1450,7 @@ const struct s2n_cipher_preferences cipher_preferences_pq_sike_test_tls_1_0_2019 const struct s2n_cipher_preferences cipher_preferences_pq_sike_test_tls_1_0_2020_02 = { .count = s2n_array_len(cipher_suites_pq_sike_test_tls_1_0_2019_11), .suites = cipher_suites_pq_sike_test_tls_1_0_2019_11, + .allow_chacha20_boosting = false, }; /* Includes Kyber PQ algorithm */ @@ -1410,6 +1471,7 @@ struct s2n_cipher_suite *cipher_suites_kms_pq_tls_1_0_2020_07[] = { const struct s2n_cipher_preferences cipher_preferences_kms_pq_tls_1_0_2020_07 = { .count = s2n_array_len(cipher_suites_kms_pq_tls_1_0_2020_07), .suites = cipher_suites_kms_pq_tls_1_0_2020_07, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_pq_tls_1_0_2020_12[] = { @@ -1430,6 +1492,7 @@ struct s2n_cipher_suite *cipher_suites_pq_tls_1_0_2020_12[] = { const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2020_12 = { .count = s2n_array_len(cipher_suites_pq_tls_1_0_2020_12), .suites = cipher_suites_pq_tls_1_0_2020_12, + .allow_chacha20_boosting = false, }; /* Same as ELBSecurityPolicy-TLS-1-1-2017-01, but with PQ Ciphers appended to top of preference list */ @@ -1458,6 +1521,7 @@ struct s2n_cipher_suite *cipher_suites_pq_tls_1_1_2021_05_17[] = { const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_1_2021_05_17 = { .count = s2n_array_len(cipher_suites_pq_tls_1_1_2021_05_17), .suites = cipher_suites_pq_tls_1_1_2021_05_17, + .allow_chacha20_boosting = false, }; /* Same as cipher_preferences_20190214, but with PQ Ciphers appended to top of preference list */ @@ -1493,6 +1557,7 @@ struct s2n_cipher_suite *cipher_suites_pq_tls_1_0_2021_05_18[] = { const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_18 = { .count = s2n_array_len(cipher_suites_pq_tls_1_0_2021_05_18), .suites = cipher_suites_pq_tls_1_0_2021_05_18, + .allow_chacha20_boosting = false, }; /* Same as ELBSecurityPolicy-2016-08, but with PQ Ciphers appended to top of preference list */ @@ -1521,6 +1586,7 @@ struct s2n_cipher_suite *cipher_suites_pq_tls_1_0_2021_05_19[] = { const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_19 = { .count = s2n_array_len(cipher_suites_pq_tls_1_0_2021_05_19), .suites = cipher_suites_pq_tls_1_0_2021_05_19, + .allow_chacha20_boosting = false, }; /* Same as ELBSecurityPolicy-TLS-1-1-2017-01, but with TLS 1.3 and PQ Ciphers appended to top of preference list */ @@ -1551,6 +1617,7 @@ struct s2n_cipher_suite *cipher_suites_pq_tls_1_1_2021_05_21[] = { const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_1_2021_05_21 = { .count = s2n_array_len(cipher_suites_pq_tls_1_1_2021_05_21), .suites = cipher_suites_pq_tls_1_1_2021_05_21, + .allow_chacha20_boosting = false, }; /* Same as cipher_preferences_20190214, but with TLS 1.3 and PQ Ciphers appended to top of preference list */ @@ -1588,6 +1655,7 @@ struct s2n_cipher_suite *cipher_suites_pq_tls_1_0_2021_05_22[] = { const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_22 = { .count = s2n_array_len(cipher_suites_pq_tls_1_0_2021_05_22), .suites = cipher_suites_pq_tls_1_0_2021_05_22, + .allow_chacha20_boosting = false, }; /* Same as ELBSecurityPolicy-2016-08, but with TLS 1.3 and PQ Ciphers appended to top of preference list */ @@ -1618,6 +1686,7 @@ struct s2n_cipher_suite *cipher_suites_pq_tls_1_0_2021_05_23[] = { const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_23 = { .count = s2n_array_len(cipher_suites_pq_tls_1_0_2021_05_23), .suites = cipher_suites_pq_tls_1_0_2021_05_23, + .allow_chacha20_boosting = false, }; /* Same as cipher_preferences_kms_pq_tls_1_0_2020_07, but with TLS 1.3 appended to top of preference list */ @@ -1640,6 +1709,7 @@ struct s2n_cipher_suite *cipher_suites_pq_tls_1_0_2021_05_24[] = { const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_24 = { .count = s2n_array_len(cipher_suites_pq_tls_1_0_2021_05_24), .suites = cipher_suites_pq_tls_1_0_2021_05_24, + .allow_chacha20_boosting = false, }; /* Same as 20190214_gcm, but with PQ Ciphers appended to top of preference list */ @@ -1675,6 +1745,7 @@ struct s2n_cipher_suite *cipher_suites_pq_tls_1_0_2021_05_25[] = { const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_25 = { .count = s2n_array_len(cipher_suites_pq_tls_1_0_2021_05_25), .suites = cipher_suites_pq_tls_1_0_2021_05_25, + .allow_chacha20_boosting = false, }; /* Same as 20190214_gcm, but with TLS 1.3 and PQ Ciphers appended to top of preference list */ @@ -1712,6 +1783,7 @@ struct s2n_cipher_suite *cipher_suites_pq_tls_1_0_2021_05_26[] = { const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_26 = { .count = s2n_array_len(cipher_suites_pq_tls_1_0_2021_05_26), .suites = cipher_suites_pq_tls_1_0_2021_05_26, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_kms_fips_tls_1_2_2018_10[] = { @@ -1726,6 +1798,7 @@ struct s2n_cipher_suite *cipher_suites_kms_fips_tls_1_2_2018_10[] = { const struct s2n_cipher_preferences cipher_preferences_kms_fips_tls_1_2_2018_10 = { .count = s2n_array_len(cipher_suites_kms_fips_tls_1_2_2018_10), .suites = cipher_suites_kms_fips_tls_1_2_2018_10, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_kms_fips_tls_1_2_2021_08[] = { @@ -1742,6 +1815,7 @@ struct s2n_cipher_suite *cipher_suites_kms_fips_tls_1_2_2021_08[] = { const struct s2n_cipher_preferences cipher_preferences_kms_fips_tls_1_2_2021_08 = { .count = s2n_array_len(cipher_suites_kms_fips_tls_1_2_2021_08), .suites = cipher_suites_kms_fips_tls_1_2_2021_08, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_20210816[] = { @@ -1754,6 +1828,7 @@ struct s2n_cipher_suite *cipher_suites_20210816[] = { const struct s2n_cipher_preferences cipher_preferences_20210816 = { .count = s2n_array_len(cipher_suites_20210816), .suites = cipher_suites_20210816, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_20210816_gcm[] = { @@ -1766,6 +1841,7 @@ struct s2n_cipher_suite *cipher_suites_20210816_gcm[] = { const struct s2n_cipher_preferences cipher_preferences_20210816_gcm = { .count = s2n_array_len(cipher_suites_20210816_gcm), .suites = cipher_suites_20210816_gcm, + .allow_chacha20_boosting = false, }; struct s2n_cipher_suite *cipher_suites_rfc9151[] = { @@ -1782,6 +1858,7 @@ struct s2n_cipher_suite *cipher_suites_rfc9151[] = { const struct s2n_cipher_preferences cipher_preferences_rfc9151 = { .count = s2n_array_len(cipher_suites_rfc9151), .suites = cipher_suites_rfc9151, + .allow_chacha20_boosting = false, }; /* clang-format on */ diff --git a/contrib/restricted/aws/s2n/tls/s2n_cipher_preferences.h b/contrib/restricted/aws/s2n/tls/s2n_cipher_preferences.h index 455c8a71f2..6cfa6700a8 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_cipher_preferences.h +++ b/contrib/restricted/aws/s2n/tls/s2n_cipher_preferences.h @@ -23,6 +23,7 @@ struct s2n_cipher_preferences { uint8_t count; struct s2n_cipher_suite **suites; + bool allow_chacha20_boosting; }; extern const struct s2n_cipher_preferences cipher_preferences_20140601; @@ -125,4 +126,3 @@ extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05 extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_26; extern const struct s2n_cipher_preferences cipher_preferences_null; - diff --git a/contrib/restricted/aws/s2n/tls/s2n_cipher_suites.c b/contrib/restricted/aws/s2n/tls/s2n_cipher_suites.c index f16304a6ce..f6f3cce710 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_cipher_suites.c +++ b/contrib/restricted/aws/s2n/tls/s2n_cipher_suites.c @@ -1169,6 +1169,30 @@ static int s2n_wire_ciphers_contain(const uint8_t *match, const uint8_t *wire, u return 0; } +bool s2n_cipher_suite_uses_chacha20_alg(struct s2n_cipher_suite *cipher_suite) { + return cipher_suite && cipher_suite->record_alg && cipher_suite->record_alg->cipher == &s2n_chacha20_poly1305; +} + +/* Iff the server has enabled allow_chacha20_boosting and the client has a chacha20 cipher suite as its most + * preferred cipher suite, then we have mutual chacha20 boosting support. + */ +static S2N_RESULT s2n_validate_chacha20_boosting(const struct s2n_cipher_preferences *cipher_preferences, const uint8_t *wire, + uint32_t cipher_suite_len) { + RESULT_ENSURE_REF(cipher_preferences); + RESULT_ENSURE_REF(wire); + + RESULT_ENSURE_EQ(cipher_preferences->allow_chacha20_boosting, true); + + const uint8_t *clients_first_cipher_iana = wire + cipher_suite_len - S2N_TLS_CIPHER_SUITE_LEN; + + struct s2n_cipher_suite *client_first_cipher_suite = NULL; + RESULT_GUARD(s2n_cipher_suite_from_iana(clients_first_cipher_iana, S2N_TLS_CIPHER_SUITE_LEN, &client_first_cipher_suite)); + RESULT_ENSURE_REF(client_first_cipher_suite); + + RESULT_ENSURE_EQ(s2n_cipher_suite_uses_chacha20_alg(client_first_cipher_suite), true); + return S2N_RESULT_OK; +} + static int s2n_set_cipher_as_server(struct s2n_connection *conn, uint8_t *wire, uint32_t count, uint32_t cipher_suite_len) { POSIX_ENSURE_REF(conn); @@ -1176,6 +1200,7 @@ static int s2n_set_cipher_as_server(struct s2n_connection *conn, uint8_t *wire, uint8_t renegotiation_info_scsv[S2N_TLS_CIPHER_SUITE_LEN] = { TLS_EMPTY_RENEGOTIATION_INFO_SCSV }; struct s2n_cipher_suite *higher_vers_match = NULL; + struct s2n_cipher_suite *non_chacha20_match = NULL; /* RFC 7507 - If client is attempting to negotiate a TLS Version that is lower than the highest supported server * version, and the client cipher list contains TLS_FALLBACK_SCSV, then the server must abort the connection since @@ -1210,13 +1235,27 @@ static int s2n_set_cipher_as_server(struct s2n_connection *conn, uint8_t *wire, const struct s2n_security_policy *security_policy; POSIX_GUARD(s2n_connection_get_security_policy(conn, &security_policy)); - /* s2n supports only server order */ - for (int i = 0; i < security_policy->cipher_preferences->count; i++) { - const uint8_t *ours = security_policy->cipher_preferences->suites[i]->iana_value; + const struct s2n_cipher_preferences *cipher_preferences = security_policy->cipher_preferences; + POSIX_ENSURE_REF(cipher_preferences); + + bool try_chacha20_boosting = s2n_result_is_ok(s2n_validate_chacha20_boosting(cipher_preferences, wire, cipher_suite_len)); + + /* + * s2n only respects server preference order and chooses the server's + * most preferred mutually supported cipher suite. + * + * If chacha20 boosting is enabled, we prefer chacha20 cipher suites over all + * other cipher suites. + * + * If no mutually supported cipher suites are found, we choose one with a version + * too high for the current connection (higher_vers_match). + */ + for (size_t i = 0; i < cipher_preferences->count; i++) { + const uint8_t *ours = cipher_preferences->suites[i]->iana_value; if (s2n_wire_ciphers_contain(ours, wire, count, cipher_suite_len)) { /* We have a match */ - struct s2n_cipher_suite *match = security_policy->cipher_preferences->suites[i]; + struct s2n_cipher_suite *match = cipher_preferences->suites[i]; /* Never use TLS1.3 ciphers on a pre-TLS1.3 connection, and vice versa */ if ((conn->actual_protocol_version >= S2N_TLS13) != (match->minimum_required_tls_version >= S2N_TLS13)) { @@ -1272,11 +1311,30 @@ static int s2n_set_cipher_as_server(struct s2n_connection *conn, uint8_t *wire, continue; } + /* The server and client have chacha20 boosting support enabled AND the server identified a negotiable match */ + if (try_chacha20_boosting) { + if (s2n_cipher_suite_uses_chacha20_alg(match)) { + conn->secure->cipher_suite = match; + return S2N_SUCCESS; + } + + /* Save the valid non-chacha20 match in case no valid chacha20 match is found */ + if (!non_chacha20_match) { + non_chacha20_match = match; + } + continue; + } + conn->secure->cipher_suite = match; return S2N_SUCCESS; } } + if (non_chacha20_match) { + conn->secure->cipher_suite = non_chacha20_match; + return S2N_SUCCESS; + } + /* Settle for a cipher with a higher required proto version, if it was set */ if (higher_vers_match) { conn->secure->cipher_suite = higher_vers_match; diff --git a/contrib/restricted/aws/s2n/tls/s2n_cipher_suites.h b/contrib/restricted/aws/s2n/tls/s2n_cipher_suites.h index 08d878575e..f00fa19a14 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_cipher_suites.h +++ b/contrib/restricted/aws/s2n/tls/s2n_cipher_suites.h @@ -161,6 +161,7 @@ extern struct s2n_cipher_suite s2n_tls13_chacha20_poly1305_sha256; extern int s2n_cipher_suites_init(void); S2N_RESULT s2n_cipher_suites_cleanup(void); S2N_RESULT s2n_cipher_suite_from_iana(const uint8_t *iana, size_t iana_len, struct s2n_cipher_suite **cipher_suite); +bool s2n_cipher_suite_uses_chacha20_alg(struct s2n_cipher_suite *cipher_suite); extern int s2n_set_cipher_as_client(struct s2n_connection *conn, uint8_t wire[S2N_TLS_CIPHER_SUITE_LEN]); extern int s2n_set_cipher_as_sslv2_server(struct s2n_connection *conn, uint8_t * wire, uint16_t count); extern int s2n_set_cipher_as_tls_server(struct s2n_connection *conn, uint8_t * wire, uint16_t count); diff --git a/contrib/restricted/aws/s2n/tls/s2n_config.c b/contrib/restricted/aws/s2n/tls/s2n_config.c index 75ea75dd79..48fb0f0ece 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_config.c +++ b/contrib/restricted/aws/s2n/tls/s2n_config.c @@ -160,7 +160,7 @@ static int s2n_config_update_domain_name_to_cert_map(struct s2n_config *config, POSIX_GUARD_RESULT(s2n_map_add(domain_name_to_cert_map, name, &s2n_map_value)); POSIX_GUARD_RESULT(s2n_map_complete(domain_name_to_cert_map)); } else { - struct certs_by_type *value = (void *) s2n_map_value.data;; + struct certs_by_type *value = (void *) s2n_map_value.data; if (value->certs[cert_type] == NULL) { value->certs[cert_type] = cert_key_pair; } else if (config->cert_tiebreak_cb) { diff --git a/contrib/restricted/aws/s2n/tls/s2n_connection.c b/contrib/restricted/aws/s2n/tls/s2n_connection.c index f0bb3c4888..c7b5e69951 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_connection.c +++ b/contrib/restricted/aws/s2n/tls/s2n_connection.c @@ -271,6 +271,7 @@ int s2n_connection_free(struct s2n_connection *conn) POSIX_GUARD(s2n_stuffer_free(&conn->in)); POSIX_GUARD(s2n_stuffer_free(&conn->out)); POSIX_GUARD(s2n_stuffer_free(&conn->handshake.io)); + POSIX_GUARD(s2n_stuffer_free(&conn->post_handshake.in)); s2n_x509_validator_wipe(&conn->x509_validator); POSIX_GUARD(s2n_client_hello_free(&conn->client_hello)); POSIX_GUARD(s2n_free(&conn->application_protocols_overridden)); @@ -397,6 +398,9 @@ int s2n_connection_release_buffers(struct s2n_connection *conn) POSIX_ENSURE(s2n_stuffer_is_consumed(&conn->in), S2N_ERR_STUFFER_HAS_UNPROCESSED_DATA); POSIX_GUARD(s2n_stuffer_resize(&conn->in, 0)); + POSIX_ENSURE(s2n_stuffer_is_consumed(&conn->post_handshake.in), S2N_ERR_STUFFER_HAS_UNPROCESSED_DATA); + POSIX_GUARD(s2n_stuffer_free(&conn->post_handshake.in)); + POSIX_POSTCONDITION(s2n_stuffer_validate(&conn->out)); POSIX_POSTCONDITION(s2n_stuffer_validate(&conn->in)); return S2N_SUCCESS; @@ -487,11 +491,15 @@ int s2n_connection_wipe(struct s2n_connection *conn) POSIX_GUARD(s2n_stuffer_wipe(&conn->writer_alert_out)); POSIX_GUARD(s2n_stuffer_wipe(&conn->client_ticket_to_decrypt)); POSIX_GUARD(s2n_stuffer_wipe(&conn->handshake.io)); + POSIX_GUARD(s2n_stuffer_wipe(&conn->post_handshake.in)); POSIX_GUARD(s2n_blob_zero(&conn->client_hello.raw_message)); POSIX_GUARD(s2n_stuffer_wipe(&conn->header_in)); POSIX_GUARD(s2n_stuffer_wipe(&conn->in)); POSIX_GUARD(s2n_stuffer_wipe(&conn->out)); + /* Free stuffers we plan to just recreate */ + POSIX_GUARD(s2n_stuffer_free(&conn->post_handshake.in)); + POSIX_GUARD_RESULT(s2n_psk_parameters_wipe(&conn->psk_params)); /* Wipe the I/O-related info and restore the original socket if necessary */ diff --git a/contrib/restricted/aws/s2n/tls/s2n_connection.h b/contrib/restricted/aws/s2n/tls/s2n_connection.h index deacc58d82..aed7d56314 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_connection.h +++ b/contrib/restricted/aws/s2n/tls/s2n_connection.h @@ -30,6 +30,7 @@ #include "tls/s2n_handshake.h" #include "tls/s2n_kem_preferences.h" #include "tls/s2n_key_update.h" +#include "tls/s2n_post_handshake.h" #include "tls/s2n_prf.h" #include "tls/s2n_quic_support.h" #include "tls/s2n_record.h" @@ -382,6 +383,8 @@ struct s2n_connection { uint32_t server_max_early_data_size; struct s2n_blob server_early_data_context; uint32_t server_keying_material_lifetime; + + struct s2n_post_handshake post_handshake; }; S2N_CLEANUP_RESULT s2n_connection_ptr_free(struct s2n_connection **s2n_connection); diff --git a/contrib/restricted/aws/s2n/tls/s2n_handshake.c b/contrib/restricted/aws/s2n/tls/s2n_handshake.c index cc343d622d..e622fb8f51 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_handshake.c +++ b/contrib/restricted/aws/s2n/tls/s2n_handshake.c @@ -57,15 +57,15 @@ int s2n_handshake_finish_header(struct s2n_stuffer *out) return S2N_SUCCESS; } -int s2n_handshake_parse_header(struct s2n_connection *conn, uint8_t * message_type, uint32_t * length) +S2N_RESULT s2n_handshake_parse_header(struct s2n_stuffer *io, uint8_t * message_type, uint32_t * length) { - S2N_ERROR_IF(s2n_stuffer_data_available(&conn->handshake.io) < TLS_HANDSHAKE_HEADER_LENGTH, S2N_ERR_SIZE_MISMATCH); + RESULT_ENSURE(s2n_stuffer_data_available(io) >= TLS_HANDSHAKE_HEADER_LENGTH, S2N_ERR_SIZE_MISMATCH); /* read the message header */ - POSIX_GUARD(s2n_stuffer_read_uint8(&conn->handshake.io, message_type)); - POSIX_GUARD(s2n_stuffer_read_uint24(&conn->handshake.io, length)); + RESULT_GUARD_POSIX(s2n_stuffer_read_uint8(io, message_type)); + RESULT_GUARD_POSIX(s2n_stuffer_read_uint24(io, length)); - return S2N_SUCCESS; + return S2N_RESULT_OK; } static int s2n_handshake_get_hash_state_ptr(struct s2n_connection *conn, s2n_hash_algorithm hash_alg, struct s2n_hash_state **hash_state) diff --git a/contrib/restricted/aws/s2n/tls/s2n_handshake_io.c b/contrib/restricted/aws/s2n/tls/s2n_handshake_io.c index 3df9b21270..fb7de64ae8 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_handshake_io.c +++ b/contrib/restricted/aws/s2n/tls/s2n_handshake_io.c @@ -1257,8 +1257,8 @@ static int s2n_read_full_handshake_message(struct s2n_connection *conn, uint8_t POSIX_GUARD(s2n_stuffer_copy(&conn->in, &conn->handshake.io, (TLS_HANDSHAKE_HEADER_LENGTH - current_handshake_data))); } - uint32_t handshake_message_length; - POSIX_GUARD(s2n_handshake_parse_header(conn, message_type, &handshake_message_length)); + uint32_t handshake_message_length = 0; + POSIX_GUARD_RESULT(s2n_handshake_parse_header(&conn->handshake.io, message_type, &handshake_message_length)); S2N_ERROR_IF(handshake_message_length > S2N_MAXIMUM_HANDSHAKE_MESSAGE_LENGTH, S2N_ERR_BAD_MESSAGE); @@ -1285,7 +1285,7 @@ static int s2n_handshake_conn_update_hashes(struct s2n_connection *conn) uint32_t handshake_message_length; POSIX_GUARD(s2n_stuffer_reread(&conn->handshake.io)); - POSIX_GUARD(s2n_handshake_parse_header(conn, &message_type, &handshake_message_length)); + POSIX_GUARD_RESULT(s2n_handshake_parse_header(&conn->handshake.io, &message_type, &handshake_message_length)); struct s2n_blob handshake_record = {0}; handshake_record.data = conn->handshake.io.blob.data; diff --git a/contrib/restricted/aws/s2n/tls/s2n_kem.c b/contrib/restricted/aws/s2n/tls/s2n_kem.c index 82394f8f03..affe9e02c4 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_kem.c +++ b/contrib/restricted/aws/s2n/tls/s2n_kem.c @@ -13,13 +13,15 @@ * permissions and limitations under the License. */ -#include "stuffer/s2n_stuffer.h" -#include "tls/s2n_tls_parameters.h" #include "tls/s2n_kem.h" + +#include "pq-crypto/s2n_kyber_512_evp.h" +#include "pq-crypto/s2n_pq.h" +#include "stuffer/s2n_stuffer.h" #include "tls/extensions/s2n_key_share.h" +#include "tls/s2n_tls_parameters.h" #include "utils/s2n_mem.h" #include "utils/s2n_safety.h" -#include "pq-crypto/s2n_pq.h" /* The KEM IDs and names come from https://tools.ietf.org/html/draft-campagna-tls-bike-sike-hybrid */ @@ -30,9 +32,15 @@ const struct s2n_kem s2n_kyber_512_r3 = { .private_key_length = S2N_KYBER_512_R3_SECRET_KEY_BYTES, .shared_secret_key_length = S2N_KYBER_512_R3_SHARED_SECRET_BYTES, .ciphertext_length = S2N_KYBER_512_R3_CIPHERTEXT_BYTES, +#if defined (S2N_LIBCRYPTO_SUPPORTS_KYBER512) + .generate_keypair = &s2n_kyber_512_evp_generate_keypair, + .encapsulate = &s2n_kyber_512_evp_encapsulate, + .decapsulate = &s2n_kyber_512_evp_decapsulate, +#else .generate_keypair = &s2n_kyber_512_r3_crypto_kem_keypair, .encapsulate = &s2n_kyber_512_r3_crypto_kem_enc, .decapsulate = &s2n_kyber_512_r3_crypto_kem_dec, +#endif }; const struct s2n_kem *kyber_kems[] = { @@ -359,7 +367,7 @@ int s2n_kem_recv_ciphertext(struct s2n_stuffer *in, struct s2n_kem_params *kem_p /* If S2N_NO_PQ was defined at compile time, the PQ KEM code will have been entirely excluded * from compilation. We define stubs of these functions here to error if they are called. */ /* kyber512r3 */ -int s2n_kyber_512_r3_crypto_kem_keypair(OUT unsigned char *pk, OUT unsigned char *sk) { POSIX_BAIL(S2N_ERR_UNIMPLEMENTED); } -int s2n_kyber_512_r3_crypto_kem_enc(OUT unsigned char *ct, OUT unsigned char *ss, IN const unsigned char *pk) { POSIX_BAIL(S2N_ERR_UNIMPLEMENTED); } -int s2n_kyber_512_r3_crypto_kem_dec(OUT unsigned char *ss, IN const unsigned char *ct, IN const unsigned char *sk) { POSIX_BAIL(S2N_ERR_UNIMPLEMENTED); } +int s2n_kyber_512_r3_crypto_kem_keypair(OUT uint8_t *pk, OUT uint8_t *sk) { POSIX_BAIL(S2N_ERR_UNIMPLEMENTED); } +int s2n_kyber_512_r3_crypto_kem_enc(OUT uint8_t *ct, OUT uint8_t *ss, IN const uint8_t *pk) { POSIX_BAIL(S2N_ERR_UNIMPLEMENTED); } +int s2n_kyber_512_r3_crypto_kem_dec(OUT uint8_t *ss, IN const uint8_t *ct, IN const uint8_t *sk) { POSIX_BAIL(S2N_ERR_UNIMPLEMENTED); } #endif diff --git a/contrib/restricted/aws/s2n/tls/s2n_kem.h b/contrib/restricted/aws/s2n/tls/s2n_kem.h index 8e78d649ab..44f16ecc72 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_kem.h +++ b/contrib/restricted/aws/s2n/tls/s2n_kem.h @@ -38,9 +38,9 @@ struct s2n_kem { const kem_shared_secret_size shared_secret_key_length; const kem_ciphertext_key_size ciphertext_length; /* NIST Post Quantum KEM submissions require the following API for compatibility */ - int (*generate_keypair)(OUT unsigned char *public_key, OUT unsigned char *private_key); - int (*encapsulate)(OUT unsigned char *ciphertext, OUT unsigned char *shared_secret, IN const unsigned char *public_key); - int (*decapsulate)(OUT unsigned char *shared_secret, IN const unsigned char *ciphertext, IN const unsigned char *private_key); + int (*generate_keypair)(OUT uint8_t *public_key, OUT uint8_t *private_key); + int (*encapsulate)(OUT uint8_t *ciphertext, OUT uint8_t *shared_secret, IN const uint8_t *public_key); + int (*decapsulate)(OUT uint8_t *shared_secret, IN const uint8_t *ciphertext, IN const uint8_t *private_key); }; struct s2n_kem_params { @@ -135,6 +135,6 @@ extern int s2n_kem_recv_ciphertext(struct s2n_stuffer *in, struct s2n_kem_params #define S2N_KYBER_512_R3_SECRET_KEY_BYTES 1632 #define S2N_KYBER_512_R3_CIPHERTEXT_BYTES 768 #define S2N_KYBER_512_R3_SHARED_SECRET_BYTES 32 -int s2n_kyber_512_r3_crypto_kem_keypair(OUT unsigned char *pk, OUT unsigned char *sk); -int s2n_kyber_512_r3_crypto_kem_enc(OUT unsigned char *ct, OUT unsigned char *ss, IN const unsigned char *pk); -int s2n_kyber_512_r3_crypto_kem_dec(OUT unsigned char *ss, IN const unsigned char *ct, IN const unsigned char *sk); +int s2n_kyber_512_r3_crypto_kem_keypair(OUT uint8_t *pk, OUT uint8_t *sk); +int s2n_kyber_512_r3_crypto_kem_enc(OUT uint8_t *ct, OUT uint8_t *ss, IN const uint8_t *pk); +int s2n_kyber_512_r3_crypto_kem_dec(OUT uint8_t *ss, IN const uint8_t *ct, IN const uint8_t *sk); diff --git a/contrib/restricted/aws/s2n/tls/s2n_post_handshake.c b/contrib/restricted/aws/s2n/tls/s2n_post_handshake.c index 9ae3039f4b..52ba7ca389 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_post_handshake.c +++ b/contrib/restricted/aws/s2n/tls/s2n_post_handshake.c @@ -13,6 +13,8 @@ * permissions and limitations under the License. */ +#include <sys/param.h> + #include "error/s2n_errno.h" #include "tls/s2n_connection.h" @@ -20,59 +22,150 @@ #include "tls/s2n_tls.h" #include "utils/s2n_safety.h" -int s2n_post_handshake_recv(struct s2n_connection *conn) +static S2N_RESULT s2n_post_handshake_process(struct s2n_connection *conn, struct s2n_stuffer *in, uint8_t message_type) { - POSIX_ENSURE_REF(conn); + RESULT_ENSURE_REF(conn); - uint8_t post_handshake_id; - uint32_t message_length; + switch (message_type) { + case TLS_KEY_UPDATE: + RESULT_GUARD_POSIX(s2n_key_update_recv(conn, in)); + break; + case TLS_SERVER_NEW_SESSION_TICKET: + RESULT_GUARD(s2n_tls13_server_nst_recv(conn, in)); + break; + case TLS_HELLO_REQUEST: + RESULT_GUARD(s2n_client_hello_request_recv(conn)); + break; + case TLS_CERT_REQ: + /* + * s2n-tls does not support post-handshake authentication. + * + *= https://tools.ietf.org/rfc/rfc8446#section-4.6.2 + *# A client that receives a CertificateRequest message without having + *# sent the "post_handshake_auth" extension MUST send an + *# "unexpected_message" fatal alert. + */ + RESULT_BAIL(S2N_ERR_BAD_MESSAGE); + default: + /* All other messages are unexpected */ + RESULT_BAIL(S2N_ERR_BAD_MESSAGE); + } - while(s2n_stuffer_data_available(&conn->in)) { - POSIX_GUARD(s2n_stuffer_read_uint8(&conn->in, &post_handshake_id)); - POSIX_GUARD(s2n_stuffer_read_uint24(&conn->in, &message_length)); - - struct s2n_blob post_handshake_blob = { 0 }; - uint8_t *message_data = s2n_stuffer_raw_read(&conn->in, message_length); - POSIX_ENSURE_REF(message_data); - POSIX_GUARD(s2n_blob_init(&post_handshake_blob, message_data, message_length)); - - struct s2n_stuffer post_handshake_stuffer = { 0 }; - POSIX_GUARD(s2n_stuffer_init(&post_handshake_stuffer, &post_handshake_blob)); - POSIX_GUARD(s2n_stuffer_skip_write(&post_handshake_stuffer, message_length)); - - switch (post_handshake_id) - { - case TLS_KEY_UPDATE: - POSIX_GUARD(s2n_key_update_recv(conn, &post_handshake_stuffer)); - break; - case TLS_SERVER_NEW_SESSION_TICKET: - POSIX_GUARD_RESULT(s2n_tls13_server_nst_recv(conn, &post_handshake_stuffer)); - break; - case TLS_HELLO_REQUEST: - POSIX_GUARD_RESULT(s2n_client_hello_request_recv(conn)); - break; - case TLS_CLIENT_HELLO: - case TLS_SERVER_HELLO: - case TLS_END_OF_EARLY_DATA: - case TLS_ENCRYPTED_EXTENSIONS: - case TLS_CERTIFICATE: - case TLS_SERVER_KEY: - case TLS_CERT_REQ: - case TLS_SERVER_HELLO_DONE: - case TLS_CERT_VERIFY: - case TLS_CLIENT_KEY: - case TLS_FINISHED: - case TLS_SERVER_CERT_STATUS: - /* All other known handshake messages should be rejected */ - POSIX_BAIL(S2N_ERR_BAD_MESSAGE); - break; - default: - /* Ignore all other messages */ - break; + return S2N_RESULT_OK; +} + +/* + * Read a handshake message from conn->in. + * + * Handshake messages can be fragmented, meaning that a single message + * may be split between multiple records. conn->in only holds a single + * record at a time, so we may need to call this method multiple + * times to construct the complete message. We store the partial message + * in conn->post_handshake.in between calls. + */ +S2N_RESULT s2n_post_handshake_message_recv(struct s2n_connection *conn) +{ + RESULT_ENSURE_REF(conn); + + struct s2n_stuffer *in = &conn->in; + struct s2n_stuffer *message = &conn->post_handshake.in; + uint8_t message_type = 0; + uint32_t message_len = 0; + + /* We always start reading from the beginning of the message. + * Reset the read progress, but keep the write progress since + * there may already be a partial message stored in `message`. + */ + RESULT_GUARD_POSIX(s2n_stuffer_reread(message)); + + /* At minimum, the message stuffer needs to have enough space to read the header. + * For small messages like KeyUpdate and HelloRequest, this is all the space we will need. + */ + if (s2n_stuffer_is_freed(message)) { + struct s2n_blob b = { 0 }; + RESULT_GUARD_POSIX(s2n_blob_init(&b, conn->post_handshake.header_in, + sizeof(conn->post_handshake.header_in))); + RESULT_GUARD_POSIX(s2n_stuffer_init(message, &b)); + } + + /* Try to copy the header into the message stuffer. + * The message stuffer may already contain some or all of the header if + * we have read fragments of this message from previous records. + */ + if (s2n_stuffer_data_available(message) < TLS_HANDSHAKE_HEADER_LENGTH) { + uint32_t remaining = TLS_HANDSHAKE_HEADER_LENGTH - s2n_stuffer_data_available(message); + uint32_t to_read = MIN(remaining, s2n_stuffer_data_available(in)); + RESULT_GUARD_POSIX(s2n_stuffer_copy(in, message, to_read)); + } + RESULT_ENSURE(s2n_stuffer_data_available(message) >= TLS_HANDSHAKE_HEADER_LENGTH, S2N_ERR_IO_BLOCKED); + + /* Parse the header */ + RESULT_GUARD(s2n_handshake_parse_header(message, &message_type, &message_len)); + RESULT_ENSURE(message_len == 0 || s2n_stuffer_data_available(in), S2N_ERR_IO_BLOCKED); + RESULT_ENSURE(message_len <= S2N_MAXIMUM_HANDSHAKE_MESSAGE_LENGTH, S2N_ERR_BAD_MESSAGE); + + /* If the message body is not fragmented, just process it directly from conn->in. + * This will be the most common case, and does not require us to allocate any new memory. + */ + if (s2n_stuffer_data_available(message) == 0 && s2n_stuffer_data_available(in) >= message_len) { + struct s2n_stuffer full_message = { 0 }; + struct s2n_blob full_message_blob = { 0 }; + RESULT_GUARD_POSIX(s2n_blob_init(&full_message_blob, s2n_stuffer_raw_read(in, message_len), message_len)); + RESULT_GUARD_POSIX(s2n_stuffer_init(&full_message, &full_message_blob)); + RESULT_GUARD_POSIX(s2n_stuffer_skip_write(&full_message, message_len)); + RESULT_GUARD(s2n_post_handshake_process(conn, &full_message, message_type)); + return S2N_RESULT_OK; + } + + /* If the message body is fragmented, then the current fragment will be wiped from conn->in + * in order to read the next record. So the message stuffer needs enough space to store + * the full message as we reconstruct it from multiple records. + * For large messages like NewSessionTicket, this will require allocating new memory. + */ + if (s2n_stuffer_space_remaining(message) < message_len) { + /* We want to avoid servers allocating memory in response to post-handshake messages + * to avoid a potential DDOS / resource exhaustion attack. + * + * Currently, s2n-tls servers only support the KeyUpdate message, + * which should never require additional memory to parse. + */ + RESULT_ENSURE(conn->mode == S2N_CLIENT, S2N_ERR_BAD_MESSAGE); + + uint32_t total_size = message_len + TLS_HANDSHAKE_HEADER_LENGTH; + if (message->alloced) { + RESULT_GUARD_POSIX(s2n_stuffer_resize(message, total_size)); + } else { + /* Manually convert our static stuffer to a growable stuffer */ + RESULT_GUARD_POSIX(s2n_stuffer_growable_alloc(message, total_size)); + RESULT_GUARD_POSIX(s2n_stuffer_write_bytes(message, conn->post_handshake.header_in, TLS_HANDSHAKE_HEADER_LENGTH)); + RESULT_GUARD_POSIX(s2n_stuffer_skip_read(message, TLS_HANDSHAKE_HEADER_LENGTH)); } } - return S2N_SUCCESS; + /* Try to copy the message body into the message stuffer. + * The message stuffer may already contain some of the message body if + * we have already read fragments from previous records. + */ + if (s2n_stuffer_data_available(message) < message_len) { + uint32_t remaining = message_len - s2n_stuffer_data_available(message); + uint32_t to_read = MIN(remaining, s2n_stuffer_data_available(in)); + RESULT_GUARD_POSIX(s2n_stuffer_copy(in, message, to_read)); + } + RESULT_ENSURE(s2n_stuffer_data_available(message) == message_len, S2N_ERR_IO_BLOCKED); + + /* Now that the full message body is available, process it. */ + RESULT_GUARD(s2n_post_handshake_process(conn, message, message_type)); + return S2N_RESULT_OK; +} + +S2N_RESULT s2n_post_handshake_recv(struct s2n_connection *conn) +{ + RESULT_ENSURE_REF(conn); + while(s2n_stuffer_data_available(&conn->in)) { + RESULT_GUARD(s2n_post_handshake_message_recv(conn)); + RESULT_GUARD_POSIX(s2n_stuffer_wipe(&conn->post_handshake.in)); + } + return S2N_RESULT_OK; } int s2n_post_handshake_send(struct s2n_connection *conn, s2n_blocked_status *blocked) diff --git a/contrib/restricted/aws/s2n/tls/s2n_post_handshake.h b/contrib/restricted/aws/s2n/tls/s2n_post_handshake.h index f021f7afb5..cb70af7ee2 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_post_handshake.h +++ b/contrib/restricted/aws/s2n/tls/s2n_post_handshake.h @@ -15,7 +15,12 @@ #pragma once -#include "tls/s2n_connection.h" +struct s2n_connection; -int s2n_post_handshake_recv(struct s2n_connection *conn); +struct s2n_post_handshake { + struct s2n_stuffer in; + uint8_t header_in[TLS_HANDSHAKE_HEADER_LENGTH]; +}; + +S2N_RESULT s2n_post_handshake_recv(struct s2n_connection *conn); int s2n_post_handshake_send(struct s2n_connection *conn, s2n_blocked_status *blocked); diff --git a/contrib/restricted/aws/s2n/tls/s2n_protocol_preferences.h b/contrib/restricted/aws/s2n/tls/s2n_protocol_preferences.h index 327249e80b..259d4ed8ae 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_protocol_preferences.h +++ b/contrib/restricted/aws/s2n/tls/s2n_protocol_preferences.h @@ -17,7 +17,9 @@ #include "api/s2n.h" +#include "stuffer/s2n_stuffer.h" #include "utils/s2n_result.h" +#include "utils/s2n_blob.h" S2N_RESULT s2n_protocol_preferences_read(struct s2n_stuffer *protocol_preferences, struct s2n_blob *protocol); S2N_RESULT s2n_protocol_preferences_contain(struct s2n_blob *protocol_preferences, struct s2n_blob *protocol, bool *contains); diff --git a/contrib/restricted/aws/s2n/tls/s2n_quic_support.c b/contrib/restricted/aws/s2n/tls/s2n_quic_support.c index bd0b44f906..c1da75bf6c 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_quic_support.c +++ b/contrib/restricted/aws/s2n/tls/s2n_quic_support.c @@ -105,7 +105,7 @@ S2N_RESULT s2n_quic_read_handshake_message(struct s2n_connection *conn, uint8_t RESULT_GUARD(s2n_read_in_bytes(conn, &conn->handshake.io, TLS_HANDSHAKE_HEADER_LENGTH)); uint32_t message_len; - RESULT_GUARD_POSIX(s2n_handshake_parse_header(conn, message_type, &message_len)); + RESULT_GUARD(s2n_handshake_parse_header(&conn->handshake.io, message_type, &message_len)); RESULT_GUARD_POSIX(s2n_stuffer_reread(&conn->handshake.io)); RESULT_ENSURE(message_len < S2N_MAXIMUM_HANDSHAKE_MESSAGE_LENGTH, S2N_ERR_BAD_MESSAGE); diff --git a/contrib/restricted/aws/s2n/tls/s2n_recv.c b/contrib/restricted/aws/s2n/tls/s2n_recv.c index ddd3fa8062..84b87e433f 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_recv.c +++ b/contrib/restricted/aws/s2n/tls/s2n_recv.c @@ -157,6 +157,24 @@ ssize_t s2n_recv_impl(struct s2n_connection * conn, void *buf, ssize_t size, s2n S2N_ERROR_IF(isSSLv2, S2N_ERR_BAD_MESSAGE); + if (record_type != TLS_HANDSHAKE) { + /* + *= https://tools.ietf.org/rfc/rfc8446#section-5.1 + *# - Handshake messages MUST NOT be interleaved with other record + *# types. That is, if a handshake message is split over two or more + *# records, there MUST NOT be any other records between them. + */ + POSIX_ENSURE(s2n_stuffer_is_wiped(&conn->post_handshake.in), S2N_ERR_BAD_MESSAGE); + + /* If not handling a handshake message, free the post-handshake memory. + * Post-handshake messages are infrequent enough that we don't want to + * keep a potentially large buffer around unnecessarily. + */ + if (!s2n_stuffer_is_freed(&conn->post_handshake.in)) { + POSIX_GUARD(s2n_stuffer_free(&conn->post_handshake.in)); + } + } + if (record_type != TLS_APPLICATION_DATA) { switch (record_type) { @@ -164,9 +182,16 @@ ssize_t s2n_recv_impl(struct s2n_connection * conn, void *buf, ssize_t size, s2n POSIX_GUARD(s2n_process_alert_fragment(conn)); POSIX_GUARD(s2n_flush(conn, blocked)); break; - case TLS_HANDSHAKE: - WITH_ERROR_BLINDING(conn, POSIX_GUARD(s2n_post_handshake_recv(conn))); + case TLS_HANDSHAKE: { + s2n_result result = s2n_post_handshake_recv(conn); + /* Ignore any errors due to insufficient input data from io. + * The next iteration of this loop will attempt to read more input data. + */ + if (s2n_result_is_error(result) && s2n_errno != S2N_ERR_IO_BLOCKED) { + WITH_ERROR_BLINDING(conn, POSIX_GUARD_RESULT(result)); + } break; + } } POSIX_GUARD(s2n_stuffer_wipe(&conn->header_in)); POSIX_GUARD(s2n_stuffer_wipe(&conn->in)); diff --git a/contrib/restricted/aws/s2n/tls/s2n_security_policies.c b/contrib/restricted/aws/s2n/tls/s2n_security_policies.c index 9072932670..aad1a07828 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_security_policies.c +++ b/contrib/restricted/aws/s2n/tls/s2n_security_policies.c @@ -921,6 +921,8 @@ int s2n_security_policies_init() POSIX_ENSURE_REF(ecc_preference); POSIX_GUARD(s2n_check_ecc_preferences_curves_list(ecc_preference)); + bool cipher_preferences_has_chacha20_cipher_suite = false; + const struct s2n_signature_preferences *certificate_signature_preference = security_policy->certificate_signature_preferences; if (certificate_signature_preference != NULL) { POSIX_GUARD_RESULT(s2n_validate_certificate_signature_preferences(certificate_signature_preference)); @@ -935,12 +937,14 @@ int s2n_security_policies_init() struct s2n_cipher_suite *cipher = cipher_preference->suites[j]; POSIX_ENSURE_REF(cipher); + const uint8_t *iana = cipher->iana_value; + if (cipher->minimum_required_tls_version >= S2N_TLS13) { security_policy_selection[i].supports_tls13 = 1; } /* Sanity check that valid tls13 has minimum tls version set correctly */ - S2N_ERROR_IF(s2n_is_valid_tls13_cipher(cipher->iana_value) ^ + S2N_ERROR_IF(s2n_is_valid_tls13_cipher(iana) ^ (cipher->minimum_required_tls_version >= S2N_TLS13), S2N_ERR_INVALID_SECURITY_POLICY); if (s2n_cipher_suite_requires_ecc_extension(cipher)) { @@ -950,6 +954,15 @@ int s2n_security_policies_init() if (s2n_cipher_suite_requires_pq_extension(cipher)) { security_policy_selection[i].pq_kem_extension_required = 1; } + + if (s2n_cipher_suite_uses_chacha20_alg(cipher)) { + cipher_preferences_has_chacha20_cipher_suite = true; + } + } + + if (cipher_preference->allow_chacha20_boosting) { + /* If chacha20 boosting support is enabled, then the cipher preference must have at least one chacha20 cipher suite */ + POSIX_ENSURE(cipher_preferences_has_chacha20_cipher_suite, S2N_ERR_INVALID_SECURITY_POLICY); } POSIX_GUARD(s2n_validate_kem_preferences(kem_preference, security_policy_selection[i].pq_kem_extension_required)); diff --git a/contrib/restricted/aws/s2n/tls/s2n_signature_algorithms.h b/contrib/restricted/aws/s2n/tls/s2n_signature_algorithms.h index f1533335ba..3bab8e9953 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_signature_algorithms.h +++ b/contrib/restricted/aws/s2n/tls/s2n_signature_algorithms.h @@ -22,6 +22,8 @@ #include "stuffer/s2n_stuffer.h" +#include "tls/s2n_signature_scheme.h" + struct s2n_connection; struct s2n_sig_scheme_list { diff --git a/contrib/restricted/aws/s2n/tls/s2n_tls.h b/contrib/restricted/aws/s2n/tls/s2n_tls.h index 03a5737770..c99d53d66f 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_tls.h +++ b/contrib/restricted/aws/s2n/tls/s2n_tls.h @@ -81,7 +81,7 @@ extern int s2n_end_of_early_data_recv(struct s2n_connection *conn); extern int s2n_process_client_hello(struct s2n_connection *conn); extern int s2n_handshake_write_header(struct s2n_stuffer *out, uint8_t message_type); extern int s2n_handshake_finish_header(struct s2n_stuffer *out); -extern int s2n_handshake_parse_header(struct s2n_connection *conn, uint8_t * message_type, uint32_t * length); +S2N_RESULT s2n_handshake_parse_header(struct s2n_stuffer *io, uint8_t *message_type, uint32_t *length); extern int s2n_read_full_record(struct s2n_connection *conn, uint8_t * record_type, int *isSSLv2); extern int s2n_recv_close_notify(struct s2n_connection *conn, s2n_blocked_status * blocked); diff --git a/contrib/restricted/aws/s2n/tls/s2n_x509_validator.c b/contrib/restricted/aws/s2n/tls/s2n_x509_validator.c index 696e7ed463..561be9d815 100644 --- a/contrib/restricted/aws/s2n/tls/s2n_x509_validator.c +++ b/contrib/restricted/aws/s2n/tls/s2n_x509_validator.c @@ -71,8 +71,6 @@ int s2n_x509_trust_store_from_system_defaults(struct s2n_x509_trust_store *store POSIX_BAIL(S2N_ERR_X509_TRUST_STORE); } - X509_STORE_set_flags(store->trust_store, X509_VP_FLAG_DEFAULT); - return 0; } @@ -127,8 +125,7 @@ int s2n_x509_trust_store_from_ca_file(struct s2n_x509_trust_store *store, const * without a trust anchor. However if you call this function, the assumption is you trust ca_file or path and if a certificate * is encountered that's in that path, it should be trusted. The following flag tells libcrypto to not care that the cert * is missing a root anchor. */ - unsigned long flags = X509_VP_FLAG_DEFAULT; - flags |= X509_V_FLAG_PARTIAL_CHAIN; + unsigned long flags = X509_V_FLAG_PARTIAL_CHAIN; X509_STORE_set_flags(store->trust_store, flags); return 0; |