github.com/MerlinKodo/quic-go@v0.39.2/internal/qtls/cipher_suite_go121.go (about)

     1  //go:build go1.21
     2  
     3  package qtls
     4  
     5  import (
     6  	"crypto"
     7  	"crypto/cipher"
     8  	"crypto/tls"
     9  	"fmt"
    10  	"unsafe"
    11  )
    12  
    13  type cipherSuiteTLS13 struct {
    14  	ID     uint16
    15  	KeyLen int
    16  	AEAD   func(key, fixedNonce []byte) cipher.AEAD
    17  	Hash   crypto.Hash
    18  }
    19  
    20  //go:linkname cipherSuiteTLS13ByID crypto/tls.cipherSuiteTLS13ByID
    21  func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13
    22  
    23  //go:linkname cipherSuitesTLS13 crypto/tls.cipherSuitesTLS13
    24  var cipherSuitesTLS13 []unsafe.Pointer
    25  
    26  //go:linkname defaultCipherSuitesTLS13 crypto/tls.defaultCipherSuitesTLS13
    27  var defaultCipherSuitesTLS13 []uint16
    28  
    29  //go:linkname defaultCipherSuitesTLS13NoAES crypto/tls.defaultCipherSuitesTLS13NoAES
    30  var defaultCipherSuitesTLS13NoAES []uint16
    31  
    32  var cipherSuitesModified bool
    33  
    34  // SetCipherSuite modifies the cipherSuiteTLS13 slice of cipher suites inside qtls
    35  // such that it only contains the cipher suite with the chosen id.
    36  // The reset function returned resets them back to the original value.
    37  func SetCipherSuite(id uint16) (reset func()) {
    38  	if cipherSuitesModified {
    39  		panic("cipher suites modified multiple times without resetting")
    40  	}
    41  	cipherSuitesModified = true
    42  
    43  	origCipherSuitesTLS13 := append([]unsafe.Pointer{}, cipherSuitesTLS13...)
    44  	origDefaultCipherSuitesTLS13 := append([]uint16{}, defaultCipherSuitesTLS13...)
    45  	origDefaultCipherSuitesTLS13NoAES := append([]uint16{}, defaultCipherSuitesTLS13NoAES...)
    46  	// The order is given by the order of the slice elements in cipherSuitesTLS13 in qtls.
    47  	switch id {
    48  	case tls.TLS_AES_128_GCM_SHA256:
    49  		cipherSuitesTLS13 = cipherSuitesTLS13[:1]
    50  	case tls.TLS_CHACHA20_POLY1305_SHA256:
    51  		cipherSuitesTLS13 = cipherSuitesTLS13[1:2]
    52  	case tls.TLS_AES_256_GCM_SHA384:
    53  		cipherSuitesTLS13 = cipherSuitesTLS13[2:]
    54  	default:
    55  		panic(fmt.Sprintf("unexpected cipher suite: %d", id))
    56  	}
    57  	defaultCipherSuitesTLS13 = []uint16{id}
    58  	defaultCipherSuitesTLS13NoAES = []uint16{id}
    59  
    60  	return func() {
    61  		cipherSuitesTLS13 = origCipherSuitesTLS13
    62  		defaultCipherSuitesTLS13 = origDefaultCipherSuitesTLS13
    63  		defaultCipherSuitesTLS13NoAES = origDefaultCipherSuitesTLS13NoAES
    64  		cipherSuitesModified = false
    65  	}
    66  }