aws · maddeleine · Apr 11, 2024 · Apr 4, 2024 · Apr 4, 2024 · Apr 4, 2024
diff --git a/api/unstable/renegotiate.h b/api/unstable/renegotiate.h
@@ -110,6 +110,8 @@ S2N_API int s2n_config_set_renegotiate_request_cb(struct s2n_config *config, s2n
  *
  * @note This method MUST be called before s2n_renegotiate.
  * @note Calling this method on a server connection will fail. s2n-tls servers do not support renegotiation.
+ * @note This method will fail if the connection has indicated that it will be serialized with
+ * `s2n_config_set_serialized_connection_version()`.
  *
  * @param conn A pointer to the connection object.
  * @returns S2N_SUCCESS on success, S2N_FAILURE on error.

diff --git a/tests/testlib/s2n_resumption_testlib.c b/tests/testlib/s2n_resumption_testlib.c
@@ -0,0 +1,37 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+#include "testlib/s2n_testlib.h"
+
+S2N_RESULT s2n_resumption_test_ticket_key_setup(struct s2n_config *config)
+{
+    /**
+     *= https://tools.ietf.org/rfc/rfc5869#appendix-A.1
+     *# PRK  = 0x077709362c2e32df0ddc3f0dc47bba63
+     *#        90b6c73bb50f9c3122ec844ad7c2b3e5 (32 octets)
+     **/
+    S2N_RESULT_BLOB_FROM_HEX(ticket_key,
+            "077709362c2e32df0ddc3f0dc47bba63"
+            "90b6c73bb50f9c3122ec844ad7c2b3e5");
+
+    /* Set up encryption key */
+    uint64_t current_time = 0;
+    uint8_t ticket_key_name[16] = "2016.07.26.15\0";
+
+    RESULT_GUARD_POSIX(s2n_config_set_session_tickets_onoff(config, true));
+    RESULT_GUARD_POSIX(config->wall_clock(config->sys_clock_ctx, &current_time));
+    RESULT_GUARD_POSIX(s2n_config_add_ticket_crypto_key(config, ticket_key_name, strlen((char *) ticket_key_name),
+            ticket_key.data, ticket_key.size, current_time / ONE_SEC_IN_NANOS));
+    return S2N_RESULT_OK;
+}
diff --git a/tests/testlib/s2n_testlib.h b/tests/testlib/s2n_testlib.h
@@ -292,3 +292,5 @@ extern const s2n_parsed_extension EMPTY_PARSED_EXTENSIONS[S2N_PARSED_EXTENSIONS_
 int s2n_kem_recv_public_key_fuzz_test(const uint8_t *buf, size_t len, struct s2n_kem_params *kem_params);
 int s2n_kem_recv_ciphertext_fuzz_test(const uint8_t *buf, size_t len, struct s2n_kem_params *kem_params);
 int s2n_kem_recv_ciphertext_fuzz_test_init(const char *kat_file_path, struct s2n_kem_params *kem_params);
+
+S2N_RESULT s2n_resumption_test_ticket_key_setup(struct s2n_config *config);
diff --git a/tests/unit/s2n_connection_serialize_test.c b/tests/unit/s2n_connection_serialize_test.c
diff --git a/tests/unit/s2n_ktls_test.c b/tests/unit/s2n_ktls_test.c
@@ -452,6 +452,23 @@ int main(int argc, char **argv)
             EXPECT_SUCCESS(s2n_connection_ktls_enable_recv(server));
         }
 
+        /* Fail if serialization is a possibility */
+        {
+            DEFER_CLEANUP(struct s2n_config *config = s2n_config_new(), s2n_config_ptr_free);
+
+            DEFER_CLEANUP(struct s2n_connection *client = s2n_connection_new(S2N_CLIENT),
+                    s2n_connection_ptr_free);
+            EXPECT_OK(s2n_test_configure_connection_for_ktls(client));
+            EXPECT_SUCCESS(s2n_connection_set_config(client, config));
+
+            EXPECT_SUCCESS(s2n_config_set_serialized_connection_version(config, S2N_SERIALIZED_CONN_V1));
+            EXPECT_FAILURE_WITH_ERRNO(s2n_connection_ktls_enable_recv(client), S2N_ERR_KTLS_UNSUPPORTED_CONN);
+
+            /* Removing the intent to serialize means that ktls enable now succeeds */
+            config->serialized_connection_version = S2N_SERIALIZED_CONN_NONE;
+            EXPECT_SUCCESS(s2n_connection_ktls_enable_recv(client));
+        }
+
         /* Call setsockopt correctly to configure tls crypto */
         {
             struct s2n_cipher_suite test_cipher_suite = s2n_rsa_with_aes_256_gcm_sha384;

diff --git a/tls/s2n_config.c b/tls/s2n_config.c
@@ -1127,6 +1127,10 @@ int s2n_config_set_verify_after_sign(struct s2n_config *config, s2n_verify_after
 int s2n_config_set_renegotiate_request_cb(struct s2n_config *config, s2n_renegotiate_request_cb cb, void *ctx)
 {
     POSIX_ENSURE_REF(config);
+
+    /* This feature cannot be used with serialization currently */
+    POSIX_ENSURE(config->serialized_connection_version == S2N_SERIALIZED_CONN_NONE, S2N_ERR_INVALID_STATE);
+
     config->renegotiate_request_cb = cb;
     config->renegotiate_request_ctx = ctx;
     return S2N_SUCCESS;
@@ -1224,6 +1228,9 @@ int s2n_config_set_serialized_connection_version(struct s2n_config *config, s2n_
 {
     POSIX_ENSURE_REF(config);
 
+    /* This feature cannot be used with renegotiation currently */
+    POSIX_ENSURE(config->renegotiate_request_cb == NULL, S2N_ERR_INVALID_STATE);
+
     /* Currently there is only one format version supported */
     POSIX_ENSURE_EQ(version, S2N_SERIALIZED_CONN_V1);
     config->serialized_connection_version = version;

diff --git a/tls/s2n_ktls.c b/tls/s2n_ktls.c
@@ -90,6 +90,16 @@ static S2N_RESULT s2n_ktls_validate(struct s2n_connection *conn, s2n_ktls_mode k
     bool may_renegotiate = may_receive_hello_request && config->renegotiate_request_cb;
     RESULT_ENSURE(!may_renegotiate, S2N_ERR_KTLS_RENEG);
 
+    /* Prevent kTLS from being enabled on connections that might be serialized.
+     *
+     * The socket takes over tracking sequence numbers when kTLS is enabled.
+     * We would need to call getsockopt to retrieve the current sequence numbers for
+     * serialization. This would complicate the serialization implementation so
+     * for now, do not support kTLS with serialization.
+     */
+    RESULT_ENSURE(config->serialized_connection_version == S2N_SERIALIZED_CONN_NONE,
+            S2N_ERR_KTLS_UNSUPPORTED_CONN);
+
     /* kTLS I/O functionality is managed by s2n-tls. kTLS cannot be enabled if the
      * application sets custom I/O (managed_send_io == false means application has
      * set custom I/O).

diff --git a/utils/s2n_blob.h b/utils/s2n_blob.h
@@ -71,3 +71,7 @@ int S2N_RESULT_MUST_USE s2n_blob_slice(const struct s2n_blob *b, struct s2n_blob
 #define S2N_BLOB_FROM_HEX(name, hex)                                    \
     s2n_stack_blob(name, (sizeof(hex) - 1) / 2, (sizeof(hex) - 1) / 2); \
     POSIX_GUARD(s2n_hex_string_to_bytes((const uint8_t *) hex, &name));
+
+#define S2N_RESULT_BLOB_FROM_HEX(name, hex)                                \
+    RESULT_STACK_BLOB(name, (sizeof(hex) - 1) / 2, (sizeof(hex) - 1) / 2); \
+    RESULT_GUARD_POSIX(s2n_hex_string_to_bytes((const uint8_t *) hex, &name));