feat: certificate_authorities

api/s2n.h

@@ -3763,6 +3763,28 @@ S2N_API int s2n_connection_serialize(struct s2n_connection *conn, uint8_t *buffe
  */
 S2N_API int s2n_connection_deserialize(struct s2n_connection *conn, uint8_t *buffer, uint32_t buffer_length);
 
+/* Load all acceptable certificate authorities from the currently configured trust store.
+ *
+ * The loaded certificate authorities will be advertised during the handshake.
+ * This can help your peer select a certificate if they have multiple certificate
+ * chains available.
+ *
+ * For now, s2n-tls only supports advertising certificate authorities to support
+ * client auth, so only servers will send the list of certificate authorities.
+ *
+ * To avoid configuration mistakes, certificate authorities cannot be loaded from
+ * a trust store that includes the default system certificates. That means that
+ * s2n_config_new_minimal should be used instead of s2n_config_new to create the
+ * config object. Additionally, the trust store cannot contain more than 10
+ * certificate authorities.
+ *
+ * @param config A pointer to the s2n_config object.
+ * @param count The number of certificate authorities loaded from the trust store.
+ * Can be used for logging or to sanity check the trust store configuration.
+ * @returns S2N_SUCCESS on success. S2N_FAILURE on failure.
+ */
+S2N_API int s2n_config_set_cert_authorities_from_trust_store(struct s2n_config *config, size_t *count);
+
 #ifdef __cplusplus
 }
 #endif

error/s2n_errno.c

@@ -311,6 +311,7 @@ static const char *no_such_error = "Internal s2n error";
     ERR_ENTRY(S2N_ERR_MISSING_CERT_REQUEST, "Client requires mutual authentication, but server did not request a cert") \
     ERR_ENTRY(S2N_ERR_MISSING_CLIENT_CERT, "Server requires client certificate") \
     ERR_ENTRY(S2N_ERR_INVALID_SERIALIZED_CONNECTION, "Serialized connection is invalid"); \
+    ERR_ENTRY(S2N_ERR_TOO_MANY_CAS, "Too many certificate authorities in trust store"); \
     /* clang-format on */
 
 #define ERR_STR_CASE(ERR, str) \

error/s2n_errno.h

@@ -328,6 +328,7 @@ typedef enum {
     S2N_ERR_KTLS_KEY_LIMIT,
     S2N_ERR_SECURITY_POLICY_INCOMPATIBLE_CERT,
     S2N_ERR_INVALID_SERIALIZED_CONNECTION,
+    S2N_ERR_TOO_MANY_CAS,
     S2N_ERR_T_USAGE_END,
 } s2n_error;
 

tests/features/S2N_LIBCRYPTO_SUPPORTS_X509_STORE_LIST.c

@@ -0,0 +1,31 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+#include <openssl/x509.h>
+
+int main() {
+    /* X509_STORE_get0_objects appears to be the earliest method available that
+     * can retrieve all certificates from an X509_STORE.
+     *
+     * X509_STORE_get_by_subject and X509_STORE_get1_certs are available even
+     * earlier (Openssl-1.0.2), but both require known X509_NAMEs.
+     */
+    STACK_OF(X509_OBJECT) *objects = X509_STORE_get0_objects(NULL);
+    X509 *cert = X509_OBJECT_get0_X509(NULL);
+    /* We could use i2d_X509_NAME instead if necessary, but X509_NAME_get0_der
+     * should be available where X509_STORE_get0_objects is */
+    X509_NAME_get0_der(NULL, NULL, NULL);
+    return 0;
+}

tests/testlib/s2n_testlib.h

@@ -192,6 +192,8 @@ S2N_RESULT s2n_connection_set_test_master_secret(struct s2n_connection *conn, co
 #define S2N_MIXED_CHAIN_KEY   "../pems/mixed_chains/ecdsa/server-key.pem"
 #define S2N_MIXED_CHAIN_CA    "../pems/mixed_chains/ecdsa/ca-cert.pem"
 
+#define S2N_TEST_TRUST_STORE "../pems/trust-store/ca-bundle.crt"
+
 #define S2N_DEFAULT_TEST_CERT_CHAIN  S2N_RSA_2048_PKCS1_CERT_CHAIN
 #define S2N_DEFAULT_TEST_PRIVATE_KEY S2N_RSA_2048_PKCS1_KEY