github.com/MerlinKodo/quic-go@v0.39.2/internal/qtls/go120.go (about)

     1  //go:build go1.20 && !go1.21
     2  
     3  package qtls
     4  
     5  import (
     6  	"crypto/tls"
     7  	"fmt"
     8  	"unsafe"
     9  
    10  	"github.com/MerlinKodo/quic-go/internal/protocol"
    11  
    12  	"github.com/quic-go/qtls-go1-20"
    13  )
    14  
    15  type (
    16  	QUICConn            = qtls.QUICConn
    17  	QUICConfig          = qtls.QUICConfig
    18  	QUICEvent           = qtls.QUICEvent
    19  	QUICEventKind       = qtls.QUICEventKind
    20  	QUICEncryptionLevel = qtls.QUICEncryptionLevel
    21  	AlertError          = qtls.AlertError
    22  )
    23  
    24  const (
    25  	QUICEncryptionLevelInitial     = qtls.QUICEncryptionLevelInitial
    26  	QUICEncryptionLevelEarly       = qtls.QUICEncryptionLevelEarly
    27  	QUICEncryptionLevelHandshake   = qtls.QUICEncryptionLevelHandshake
    28  	QUICEncryptionLevelApplication = qtls.QUICEncryptionLevelApplication
    29  )
    30  
    31  const (
    32  	QUICNoEvent                     = qtls.QUICNoEvent
    33  	QUICSetReadSecret               = qtls.QUICSetReadSecret
    34  	QUICSetWriteSecret              = qtls.QUICSetWriteSecret
    35  	QUICWriteData                   = qtls.QUICWriteData
    36  	QUICTransportParameters         = qtls.QUICTransportParameters
    37  	QUICTransportParametersRequired = qtls.QUICTransportParametersRequired
    38  	QUICRejectedEarlyData           = qtls.QUICRejectedEarlyData
    39  	QUICHandshakeDone               = qtls.QUICHandshakeDone
    40  )
    41  
    42  func SetupConfigForServer(conf *QUICConfig, enable0RTT bool, getDataForSessionTicket func() []byte, handleSessionTicket func([]byte, bool) bool) {
    43  	qtls.InitSessionTicketKeys(conf.TLSConfig)
    44  	conf.TLSConfig = conf.TLSConfig.Clone()
    45  	conf.TLSConfig.MinVersion = tls.VersionTLS13
    46  	conf.ExtraConfig = &qtls.ExtraConfig{
    47  		Enable0RTT: enable0RTT,
    48  		Accept0RTT: func(data []byte) bool {
    49  			return handleSessionTicket(data, true)
    50  		},
    51  		GetAppDataForSessionTicket: getDataForSessionTicket,
    52  	}
    53  }
    54  
    55  func SetupConfigForClient(conf *QUICConfig, getDataForSessionState func() []byte, setDataFromSessionState func([]byte)) {
    56  	conf.ExtraConfig = &qtls.ExtraConfig{
    57  		GetAppDataForSessionState:  getDataForSessionState,
    58  		SetAppDataFromSessionState: setDataFromSessionState,
    59  	}
    60  }
    61  
    62  func QUICServer(config *QUICConfig) *QUICConn {
    63  	return qtls.QUICServer(config)
    64  }
    65  
    66  func QUICClient(config *QUICConfig) *QUICConn {
    67  	return qtls.QUICClient(config)
    68  }
    69  
    70  func ToTLSEncryptionLevel(e protocol.EncryptionLevel) qtls.QUICEncryptionLevel {
    71  	switch e {
    72  	case protocol.EncryptionInitial:
    73  		return qtls.QUICEncryptionLevelInitial
    74  	case protocol.EncryptionHandshake:
    75  		return qtls.QUICEncryptionLevelHandshake
    76  	case protocol.Encryption1RTT:
    77  		return qtls.QUICEncryptionLevelApplication
    78  	case protocol.Encryption0RTT:
    79  		return qtls.QUICEncryptionLevelEarly
    80  	default:
    81  		panic(fmt.Sprintf("unexpected encryption level: %s", e))
    82  	}
    83  }
    84  
    85  func FromTLSEncryptionLevel(e qtls.QUICEncryptionLevel) protocol.EncryptionLevel {
    86  	switch e {
    87  	case qtls.QUICEncryptionLevelInitial:
    88  		return protocol.EncryptionInitial
    89  	case qtls.QUICEncryptionLevelHandshake:
    90  		return protocol.EncryptionHandshake
    91  	case qtls.QUICEncryptionLevelApplication:
    92  		return protocol.Encryption1RTT
    93  	case qtls.QUICEncryptionLevelEarly:
    94  		return protocol.Encryption0RTT
    95  	default:
    96  		panic(fmt.Sprintf("unexpect encryption level: %s", e))
    97  	}
    98  }
    99  
   100  //go:linkname cipherSuitesTLS13 github.com/quic-go/qtls-go1-20.cipherSuitesTLS13
   101  var cipherSuitesTLS13 []unsafe.Pointer
   102  
   103  //go:linkname defaultCipherSuitesTLS13 github.com/quic-go/qtls-go1-20.defaultCipherSuitesTLS13
   104  var defaultCipherSuitesTLS13 []uint16
   105  
   106  //go:linkname defaultCipherSuitesTLS13NoAES github.com/quic-go/qtls-go1-20.defaultCipherSuitesTLS13NoAES
   107  var defaultCipherSuitesTLS13NoAES []uint16
   108  
   109  var cipherSuitesModified bool
   110  
   111  // SetCipherSuite modifies the cipherSuiteTLS13 slice of cipher suites inside qtls
   112  // such that it only contains the cipher suite with the chosen id.
   113  // The reset function returned resets them back to the original value.
   114  func SetCipherSuite(id uint16) (reset func()) {
   115  	if cipherSuitesModified {
   116  		panic("cipher suites modified multiple times without resetting")
   117  	}
   118  	cipherSuitesModified = true
   119  
   120  	origCipherSuitesTLS13 := append([]unsafe.Pointer{}, cipherSuitesTLS13...)
   121  	origDefaultCipherSuitesTLS13 := append([]uint16{}, defaultCipherSuitesTLS13...)
   122  	origDefaultCipherSuitesTLS13NoAES := append([]uint16{}, defaultCipherSuitesTLS13NoAES...)
   123  	// The order is given by the order of the slice elements in cipherSuitesTLS13 in qtls.
   124  	switch id {
   125  	case tls.TLS_AES_128_GCM_SHA256:
   126  		cipherSuitesTLS13 = cipherSuitesTLS13[:1]
   127  	case tls.TLS_CHACHA20_POLY1305_SHA256:
   128  		cipherSuitesTLS13 = cipherSuitesTLS13[1:2]
   129  	case tls.TLS_AES_256_GCM_SHA384:
   130  		cipherSuitesTLS13 = cipherSuitesTLS13[2:]
   131  	default:
   132  		panic(fmt.Sprintf("unexpected cipher suite: %d", id))
   133  	}
   134  	defaultCipherSuitesTLS13 = []uint16{id}
   135  	defaultCipherSuitesTLS13NoAES = []uint16{id}
   136  
   137  	return func() {
   138  		cipherSuitesTLS13 = origCipherSuitesTLS13
   139  		defaultCipherSuitesTLS13 = origDefaultCipherSuitesTLS13
   140  		defaultCipherSuitesTLS13NoAES = origDefaultCipherSuitesTLS13NoAES
   141  		cipherSuitesModified = false
   142  	}
   143  }
   144  
   145  func SendSessionTicket(c *QUICConn, allow0RTT bool) error {
   146  	return c.SendSessionTicket(allow0RTT)
   147  }