From e480d3588bc018ddde3147fcf209f2df2ff93f1f Mon Sep 17 00:00:00 2001 From: Alex Weibel Date: Thu, 23 Jan 2025 11:15:33 -0800 Subject: [PATCH 1/3] Update AWS-LC and S2N to versions with ML-KEM support --- codebuild/cd/test-fips-branch.sh | 9 +++++---- crt/aws-lc | 2 +- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/codebuild/cd/test-fips-branch.sh b/codebuild/cd/test-fips-branch.sh index 903d620fd..ac4277356 100755 --- a/codebuild/cd/test-fips-branch.sh +++ b/codebuild/cd/test-fips-branch.sh @@ -9,12 +9,13 @@ cd ./crt/aws-lc || exit 1 # Get the current commit hash current_commit=$(git rev-parse HEAD) -# Check if the current commit is from the "fips-2022-11-02" branch -if git merge-base --is-ancestor "$current_commit" "origin/fips-2022-11-02"; then - echo "Current aws-lc commit is from the 'fips-2022-11-02' branch" +# Check if the current commit is from the FIPS branch +fips_branch="fips-2024-09-27" +if git merge-base --is-ancestor "$current_commit" "origin/$fips_branch"; then + echo "Current aws-lc commit is from the '$fips_branch' branch" status=0 else - echo "Error: Current aws-lc commit is not from the 'fips-2022-11-02' branch" + echo "Error: Current aws-lc commit is not from the '$fips_branch' branch" status=1 fi diff --git a/crt/aws-lc b/crt/aws-lc index 634f19ab6..190be0667 160000 --- a/crt/aws-lc +++ b/crt/aws-lc @@ -1 +1 @@ -Subproject commit 634f19ab6a4808fae59f3312ca397927653ee27f +Subproject commit 190be0667cf1f7b39bed2c96760f08a6295b652b From ff2d26a2fbef45ebd0eed006f61a60fa51fbf270 Mon Sep 17 00:00:00 2001 From: Alex Weibel Date: Thu, 23 Jan 2025 11:49:53 -0800 Subject: [PATCH 2/3] Add ML-KEM TLS Security Policy --- .../awssdk/crt/io/TlsCipherPreference.java | 36 ++++++++----------- 1 file changed, 15 insertions(+), 21 deletions(-) diff --git a/src/main/java/software/amazon/awssdk/crt/io/TlsCipherPreference.java b/src/main/java/software/amazon/awssdk/crt/io/TlsCipherPreference.java index 16f9f3d38..08d57528b 100644 --- a/src/main/java/software/amazon/awssdk/crt/io/TlsCipherPreference.java +++ b/src/main/java/software/amazon/awssdk/crt/io/TlsCipherPreference.java @@ -18,54 +18,48 @@ public enum TlsCipherPreference { TLS_CIPHER_SYSTEM_DEFAULT(0), /** - * @deprecated This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05 instead. + * @deprecated This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_2_2023 instead. */ @Deprecated TLS_CIPHER_KMS_PQ_TLSv1_0_2019_06(1), /** - * @deprecated This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05 instead. + * @deprecated This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_2_2023 instead. */ @Deprecated TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2019_11(2), /** - * @deprecated This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05 instead. + * @deprecated This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_2_2023 instead. */ @Deprecated TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_02(3), /** - * @deprecated This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05 instead. + * @deprecated This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_2_2023 instead. */ @Deprecated TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2020_02(4), /** - * @deprecated This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05 instead. + * @deprecated This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_2_2023 instead. */ @Deprecated TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_07(5), /** - * This TlsCipherPreference supports TLS 1.0 through TLS 1.3, and contains Kyber Round 3 as its highest priority - * PQ algorithm. PQ algorithms in this preference list will be used in hybrid mode, and will be combined with a - * classical ECDHE key exchange. - * - * NIST has announced that Kyber will be first post-quantum key-agreement algorithm that it will standardize. - * However, the NIST standardization process might introduce minor changes that may cause the final Kyber standard - * to differ from the Kyber Round 3 implementation available in this preference list. - * - * Since this TlsCipherPreference contains algorithms that have not yet been officially standardized by NIST, this - * preference list, and any of the PQ algorithms in it, may stop being supported at any time. + * @deprecated This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_2_2023 instead. + */ + @Deprecated + TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05(6), + + /** + * This TlsCipherPreference is a clone of the "AWS-CRT-SDK-TLSv1.2-2023" s2n TLS Policy, but with the following PQ SupportedGroups added: + * - X25519MLKEM768, P256MLKEM768, SecP256r1Kyber768Draft00, X25519Kyber768Draft00, secp384r1_kyber-768-r3, secp521r1_kyber-1024-r3, secp256r1_kyber-512-r3, x25519_kyber-512-r3 * - * For more info see: - * - https://tools.ietf.org/html/draft-campagna-tls-bike-sike-hybrid - * - https://datatracker.ietf.org/doc/html/draft-ietf-tls-hybrid-design - * - https://aws.amazon.com/blogs/security/how-to-tune-tls-for-hybrid-post-quantum-cryptography-with-kyber/ - * - https://nvlpubs.nist.gov/nistpubs/ir/2022/NIST.IR.8413.pdf + * Both X25519MLKEM768 and P256MLKEM768 will be standardized by the IETF soon. Hybrid Groups that contain Kyber may be removed in the future. */ - TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05(6); + TLS_CIPHER_PREF_PQ_TLSv1_2_2023(7); private int val; From 5bac19e89ad8022f1e4e589cf8f3e8f2aee63b8c Mon Sep 17 00:00:00 2001 From: Alex Weibel Date: Mon, 3 Feb 2025 14:27:36 -0800 Subject: [PATCH 3/3] Update FIPS section of Readme --- README.md | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 89d11f61a..3deaf14de 100644 --- a/README.md +++ b/README.md @@ -150,18 +150,15 @@ a classifier-based jar, you must specify the classifier name yourself. ``` -## FIPS Compliance +## FIPS Cryptography -Currently the classifier `fips-where-available` provides an "uber" jar with FIPS compliance on *some platforms*. - -Platforms without FIPS compliance are also included in this jar, for compatibility's sake. Check `CRT.isFIPS()` at runtime to ensure you are on a FIPS compliant platform. The current breakdown is: -* **FIPS compliant**: linux-aarch_64, linux-x86_64 -* **NOT compliant**: linux-armv6, linux-armv7, linux-armv7-musl, linux-aarch_64-musl, linux-x86_32, linux-x86_64-musl, osx-aarch_64, osx-x86_64, windows-x86_32, windows-x86_64 +Currently the classifier `fips-where-available` provides an "uber" jar with FIPS tested cryptography on *some platforms*. +Platforms that were not part of the FIPS testing are also included in this jar, for compatibility's sake. Check `CRT.isFIPS()` at runtime to ensure that AWS-LC is being run in FIPS mode, and follow the [security policy of AWS-LC-FIPS 3.0.0 (static)](https://github.com/aws/aws-lc/blob/AWS-LC-FIPS-3.0.0/crypto/fipsmodule/policydocs/DRAFT-140-3-AmazonSecurityPolicy-3.0.0-static.pdf). > [!WARNING] -> The classifier, and platforms with FIPS compliance are subject to change in the future. +> The classifier, and platforms with FIPS testing are subject to change in the future. -Platforms with FIPS compliance use [AWS-LC](https://github.com/aws/aws-lc) as their cryptographic module ([NIST Certificate #4816](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4816)). +Refer to the [NIST Cryptographic Module Validation Program's Modules In Progress List](https://csrc.nist.gov/Projects/cryptographic-module-validation-program/modules-in-process/modules-in-process-list) for the latest status of the static AWS-LC 3.0 Cryptographic Module. A complete list of supported operating environments will be made available in the vendor security policy once the validation certificate has been issued. We will also update our release notes and documentation to reflect any changes in FIPS certification status. Previous versions of AWS-LC have already received FIPS cryptographic module certificates ([NIST Certificate #4816](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4816) & [NIST Certificate #4631](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4631)). ## GraalVM support