aws · johubertj · Jun 19, 2025 · Jun 19, 2025 · Jun 19, 2025 · Jun 19, 2025
diff --git a/docs/usage-guide/topics/ch06-security-policies.md b/docs/usage-guide/topics/ch06-security-policies.md
@@ -54,6 +54,7 @@ The following chart maps the security policy version to protocol version and cip
 |   20190802    |    X   |    X   |    X   |    X   |    X    |    X    |      X     |      |     |     |   X   |    X   |
 |   20200207    |        |        |        |    X   |         |    X    |      X     |      |     |     |   X   |        |
 |    rfc9151    |        |        |    X   |    X   |         |    X    |            |      |     |  X  |   X   |    X   |
+|    cnsa_1     |        |        |    X   |    X   |         |    X    |            |      |     |  X  |   X   |    X   |
 
 The "default", "default_tls13", and "default_fips" versions are special in that they will be updated with future s2n-tls changes to keep up-to-date with current security best practices. Ciphersuites, protocol versions, and other options may be added or removed, or their internal order of preference might change. **Warning**: this means that the default policies may change as a result of library updates, which could break peers that rely on legacy options.
 
@@ -111,6 +112,7 @@ s2n-tls usually prefers AES over ChaCha20. However, some clients-- particularly
 |   20190802    |     X     |   X   |       X      |    X    |
 |   20200207    |           |   X   |              |    X    |
 |    rfc9151    |     X     |   X   |              |    X    |
+|    cnsa_1     |     X     |   X   |              |    X    |
 
 *NOTE*: Legacy SHA-1 algorithms are not supported in TLS1.3. Legacy SHA-1 algorithms will be supported only if TLS1.2 has been negotiated and the security policy allows them.
 
@@ -146,6 +148,7 @@ s2n-tls usually prefers AES over ChaCha20. However, some clients-- particularly
 |   20190802    |     X     |     X     |        |
 |   20200207    |     X     |     X     |    X   |
 |    rfc9151    |           |     X     |        |
+|    cnsa_1     |           |     X     |        |
 
 ### Default Policy History
 |  Version   | "default" | "default_fips" | "default_tls13" |

diff --git a/tests/policy_snapshot/snapshots/cnsa_1 b/tests/policy_snapshot/snapshots/cnsa_1
@@ -0,0 +1,28 @@
+name: cnsa_1
+min version: TLS1.2
+rules:
+- Perfect Forward Secrecy: no
+- FIPS 140-3 (2019): no
+cipher suites:
+- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+- TLS_RSA_WITH_AES_256_GCM_SHA384
+- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+- TLS_AES_256_GCM_SHA384
+signature schemes:
+- ecdsa_sha384
+- rsa_pss_pss_sha384
+- rsa_pss_rsae_sha384
+- rsa_pkcs1_sha384
+curves:
+- secp384r1
+certificate preferences apply locally
+certificate signature schemes:
+- ecdsa_sha384
+- rsa_pkcs1_sha384
+certificate keys:
+- ecdsa_p384
+- rsa_3072
+- rsa_4096
+- rsa_pss_3072
+- rsa_pss_4096
diff --git a/tls/s2n_security_policies.c b/tls/s2n_security_policies.c
@@ -1144,6 +1144,20 @@ const struct s2n_security_policy security_policy_rfc9151 = {
     .certificate_preferences_apply_locally = true,
 };
 
+/*
+ * CNSA_1.0 policy is an alias for the existing rfc9151 TLS Security policy.
+ */
+const struct s2n_security_policy security_policy_cnsa_1_20250616 = {
+    .minimum_protocol_version = S2N_TLS12,
+    .cipher_preferences = &cipher_preferences_rfc9151,
+    .kem_preferences = &kem_preferences_null,
+    .signature_preferences = &s2n_signature_preferences_rfc9151,
+    .certificate_signature_preferences = &s2n_certificate_signature_preferences_rfc9151,
+    .certificate_key_preferences = &s2n_certificate_key_preferences_rfc9151,
+    .ecc_preferences = &s2n_ecc_preferences_20210816,
+    .certificate_preferences_apply_locally = true
+};
+
 /*
  * This security policy is a mix of default_tls13 (20240503) and rfc9151, with
  * a primary requirement that AES-256 is the ciphersuite chosen. Other
@@ -1382,6 +1396,7 @@ struct s2n_security_policy_selection security_policy_selection[] = {
     { .version = "20250211", .security_policy = &security_policy_20250211, .ecc_extension_required = 0, .pq_kem_extension_required = 0 },
     { .version = "20250414", .security_policy = &security_policy_20250414, .ecc_extension_required = 0, .pq_kem_extension_required = 0 },
     { .version = "rfc9151", .security_policy = &security_policy_rfc9151, .ecc_extension_required = 0, .pq_kem_extension_required = 0 },
+    { .version = "cnsa_1", .security_policy = &security_policy_cnsa_1_20250616, .ecc_extension_required = 0, .pq_kem_extension_required = 0 },
     { .version = "test_all", .security_policy = &security_policy_test_all, .ecc_extension_required = 0, .pq_kem_extension_required = 0 },
     { .version = "test_all_fips", .security_policy = &security_policy_test_all_fips, .ecc_extension_required = 0, .pq_kem_extension_required = 0 },
     { .version = "test_all_ecdsa", .security_policy = &security_policy_test_all_ecdsa, .ecc_extension_required = 0, .pq_kem_extension_required = 0 },

diff --git a/tls/s2n_security_policies.h b/tls/s2n_security_policies.h
@@ -133,6 +133,7 @@ extern const struct s2n_security_policy security_policy_20250211;
 extern const struct s2n_security_policy security_policy_20250414;
 
 extern const struct s2n_security_policy security_policy_rfc9151;
+extern const struct s2n_security_policy security_policy_cnsa_1_20250616;
 extern const struct s2n_security_policy security_policy_test_all;
 
 extern const struct s2n_security_policy security_policy_test_all_tls12;