feat: Add key update to ktls feature#5484
Merged
maddeleine merged 28 commits intoaws:mainfrom Sep 24, 2025
Merged
Conversation
dougch
reviewed
Aug 25, 2025
lrstewart
reviewed
Aug 25, 2025
lrstewart
reviewed
Aug 28, 2025
lrstewart
reviewed
Sep 11, 2025
lrstewart
reviewed
Sep 17, 2025
lrstewart
reviewed
Sep 22, 2025
3d78f7e to
1624e5f
Compare
CarolYeh910
reviewed
Sep 23, 2025
1624e5f to
1815211
Compare
lrstewart
reviewed
Sep 23, 2025
lrstewart
approved these changes
Sep 24, 2025
Comment on lines
+373
to
+378
| /* Check that the data requested for the ktls send call is not going over the encryption limit, | ||
| * as that would require multiple key updates. | ||
| * In TLS1.3, the key limit is 2^24.5 full-size records. A full-sized record is 16,384 bytes. | ||
| * So essentially 2^24 * 16,384 bytes(285 GB) can be sent before you need to key update. | ||
| * We can add logic for multiple key updates in a single ktls send call in the future, | ||
| * but it's not required at the moment. */ |
Contributor
There was a problem hiding this comment.
You can do this in a follow-up PR if you want, but: we need to add this limitation to our public documentation for ktls. Otherwise, customers won't know what's happening when they get the S2N_ERR_INVALID_ARGUMENT. We might also want to make it a more specific error than S2N_ERR_INVALID_ARGUMENT, if we're worried that the documentation won't be enough.
Contributor
Author
There was a problem hiding this comment.
Yeah I'll do it in a follow up PR.
lrstewart
reviewed
Sep 24, 2025
Co-authored-by: Lindsay Stewart <stewart.r.lindsay@gmail.com>
Co-authored-by: Lindsay Stewart <stewart.r.lindsay@gmail.com>
CarolYeh910
approved these changes
Sep 24, 2025
dougch
approved these changes
Sep 24, 2025
dougch
pushed a commit
to dougch/s2n-tls
that referenced
this pull request
Sep 26, 2025
Co-authored-by: Lindsay Stewart <stewart.r.lindsay@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Release Summary:
Our kTLS feature can now perform key updates, meaning that kTLS is now safe to turn on in TLS1.3 when using the newest version of the linux kernel.
Resolved issues:
Technically this resolves #3711; I don't believe there is any more work to support kTLS in our library, besides some cleanup PRs I need to do.
Description of changes:
This code adds Key Update functionality to our kTLS feature since it is now available as a kernel patch. Enables us to read key update messages, update our keys, as well as send keyupdate messages.
Call-outs:
I decided against writing a feature probe for key updates. There isn't anything in the patch that is available to feature test and required to use ktls (my original feature probe used the snmp.h metrics, but again, you don't need that header file to do key updates). Additionally, we want this feature to be usable by people who are applying the keyupdate patch to older kernels. So I don't think we can make any assumptions about linux kernel version or linux header file availability.
Testing:
Adds key update to ktls self-talk tests. You can tell that my key update tests are running in CI because if you look at the self_talk test numbers for each job
KTLS job: s2n_self_talk_ktls_test.c ... PASSED 678 tests
KTLS_KeyUpdate job: s2n_self_talk_ktls_test.c ... PASSED 718 tests
So therefore we can tell that the keyupdate job is running more tests than the ktls job.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.