Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a security policy for RFC 9151 #4294

Open
goatgoose opened this issue Nov 16, 2023 · 0 comments
Open

Add a security policy for RFC 9151 #4294

goatgoose opened this issue Nov 16, 2023 · 0 comments
Labels
priority/medium Rank 3 s2n-core team size/medium

Comments

@goatgoose
Copy link
Contributor

goatgoose commented Nov 16, 2023
edited
Loading

Problem:

RFC 9151 describes the Commercial National Security Algorithm (CNSA) specification which defines acceptable ECC curves and RSA parameters for TLS 1.2 and TLS 1.3 connections. We should add a new security policy that's compliant with this specification.

Solution:

The difficulty in adding a new policy for CNSA is the restriction on RSA key sizes:

[CNSA] specifies a minimum modulus size of 3072 bits; however, only two modulus sizes (3072 bits and 4096 bits) are supported by this profile.

It's currently possible to specify a list of permitted signature algorithms that can appear in received certificates from the peer, via the certificate_signature_preferences field. However, it's not currently possible to restrict the RSA key size of the public key in each received certificate. To allow for this behavior we will need new fields on the security policy for either the min/max key size, or a list of allowed key sizes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
priority/medium Rank 3 s2n-core team size/medium
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@goatgoose @WesleyRosenblum