github.com/MerlinKodo/quic-go@v0.39.2/internal/qtls/cipher_suite_go121.go (about) 1 //go:build go1.21 2 3 package qtls 4 5 import ( 6 "crypto" 7 "crypto/cipher" 8 "crypto/tls" 9 "fmt" 10 "unsafe" 11 ) 12 13 type cipherSuiteTLS13 struct { 14 ID uint16 15 KeyLen int 16 AEAD func(key, fixedNonce []byte) cipher.AEAD 17 Hash crypto.Hash 18 } 19 20 //go:linkname cipherSuiteTLS13ByID crypto/tls.cipherSuiteTLS13ByID 21 func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13 22 23 //go:linkname cipherSuitesTLS13 crypto/tls.cipherSuitesTLS13 24 var cipherSuitesTLS13 []unsafe.Pointer 25 26 //go:linkname defaultCipherSuitesTLS13 crypto/tls.defaultCipherSuitesTLS13 27 var defaultCipherSuitesTLS13 []uint16 28 29 //go:linkname defaultCipherSuitesTLS13NoAES crypto/tls.defaultCipherSuitesTLS13NoAES 30 var defaultCipherSuitesTLS13NoAES []uint16 31 32 var cipherSuitesModified bool 33 34 // SetCipherSuite modifies the cipherSuiteTLS13 slice of cipher suites inside qtls 35 // such that it only contains the cipher suite with the chosen id. 36 // The reset function returned resets them back to the original value. 37 func SetCipherSuite(id uint16) (reset func()) { 38 if cipherSuitesModified { 39 panic("cipher suites modified multiple times without resetting") 40 } 41 cipherSuitesModified = true 42 43 origCipherSuitesTLS13 := append([]unsafe.Pointer{}, cipherSuitesTLS13...) 44 origDefaultCipherSuitesTLS13 := append([]uint16{}, defaultCipherSuitesTLS13...) 45 origDefaultCipherSuitesTLS13NoAES := append([]uint16{}, defaultCipherSuitesTLS13NoAES...) 46 // The order is given by the order of the slice elements in cipherSuitesTLS13 in qtls. 47 switch id { 48 case tls.TLS_AES_128_GCM_SHA256: 49 cipherSuitesTLS13 = cipherSuitesTLS13[:1] 50 case tls.TLS_CHACHA20_POLY1305_SHA256: 51 cipherSuitesTLS13 = cipherSuitesTLS13[1:2] 52 case tls.TLS_AES_256_GCM_SHA384: 53 cipherSuitesTLS13 = cipherSuitesTLS13[2:] 54 default: 55 panic(fmt.Sprintf("unexpected cipher suite: %d", id)) 56 } 57 defaultCipherSuitesTLS13 = []uint16{id} 58 defaultCipherSuitesTLS13NoAES = []uint16{id} 59 60 return func() { 61 cipherSuitesTLS13 = origCipherSuitesTLS13 62 defaultCipherSuitesTLS13 = origDefaultCipherSuitesTLS13 63 defaultCipherSuitesTLS13NoAES = origDefaultCipherSuitesTLS13NoAES 64 cipherSuitesModified = false 65 } 66 }