Is TLSv1.2 and TLSv1.3 approved in any versions of AWS-LC-FIPS? #2921
Description
Security issue notifications
This is not a security issue, but a compliance one.
Problem:
ACVP testing has 3 TLS related algorithms that one can test:
- KDF TLS (for TLSv1.0/v1.1/v1.2 without Extended Master Secret Support)
- TLS v1.2 KDF RFC7627 (TLSv1.2 with Extended Master Secret Support)
- TLS v1.3 KDF
Searching all Amazon vendor modules with algorithms set to "TLS v1.2 KDF RFC7627" and "TLS v1.3 KDF" brings up that only Amazon Linux OpenSSL has approved mode for modern TLS.
Noticeably no tests for AWS-LC.
Separately if one instead searches for KDF TLS, lots of Amazon cryptographic modules show up, however all of them are likely capped at deprecated TLS v1.2 without Extended Master Secret support - or simply use TLSv1.2 with EMS / TLSv1.3 in unapproved mode and ignore service indicators.
Also security policies either do not mention TLSv1.3 at all in neither approved or unapproved service tables; or do make TLSv1.3 scenario references.
Solution:
Is TLSv1.3 vendor affirmed in AWS-LC? If yes, can the future security policies be updated to state so?
Can you please add "TLS v1.2 KDF RFC7627" and "TLS v1.3 KDF" in future ACVP tests for AWS-LC?
Competitive analysis
As a comparison, BoringCrypto does validate "TLS v1.2 KDF RFC7627" and "TLS v1.3 KDF" since 2023 submissions, see:
Thus boringcrypto like code can be ACVP tested for these.
Requirements / Acceptance Criteria:
Please see FIPS 140-3 IG 2.4.B, Resolution, Item 7 w.r.t. TLS v1.3
- https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips-140-3-ig-announcements
- https://csrc.nist.gov/csrc/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf
Out of scope:
I actually don't know if anybody actually cares. As clearly lots of people are using TLSv1.3 and don't check service indicators and likely no auditor ever looks at this.