github.com/daeuniverse/quic-go@v0.0.0-20240413031024-943f218e0810/internal/qtls/cipher_suite.go (about) 1 package qtls 2 3 import ( 4 "crypto/tls" 5 "fmt" 6 "unsafe" 7 ) 8 9 //go:linkname cipherSuitesTLS13 crypto/tls.cipherSuitesTLS13 10 var cipherSuitesTLS13 []unsafe.Pointer 11 12 //go:linkname defaultCipherSuitesTLS13 crypto/tls.defaultCipherSuitesTLS13 13 var defaultCipherSuitesTLS13 []uint16 14 15 //go:linkname defaultCipherSuitesTLS13NoAES crypto/tls.defaultCipherSuitesTLS13NoAES 16 var defaultCipherSuitesTLS13NoAES []uint16 17 18 var cipherSuitesModified bool 19 20 // SetCipherSuite modifies the cipherSuiteTLS13 slice of cipher suites inside qtls 21 // such that it only contains the cipher suite with the chosen id. 22 // The reset function returned resets them back to the original value. 23 func SetCipherSuite(id uint16) (reset func()) { 24 if cipherSuitesModified { 25 panic("cipher suites modified multiple times without resetting") 26 } 27 cipherSuitesModified = true 28 29 origCipherSuitesTLS13 := append([]unsafe.Pointer{}, cipherSuitesTLS13...) 30 origDefaultCipherSuitesTLS13 := append([]uint16{}, defaultCipherSuitesTLS13...) 31 origDefaultCipherSuitesTLS13NoAES := append([]uint16{}, defaultCipherSuitesTLS13NoAES...) 32 // The order is given by the order of the slice elements in cipherSuitesTLS13 in qtls. 33 switch id { 34 case tls.TLS_AES_128_GCM_SHA256: 35 cipherSuitesTLS13 = cipherSuitesTLS13[:1] 36 case tls.TLS_CHACHA20_POLY1305_SHA256: 37 cipherSuitesTLS13 = cipherSuitesTLS13[1:2] 38 case tls.TLS_AES_256_GCM_SHA384: 39 cipherSuitesTLS13 = cipherSuitesTLS13[2:] 40 default: 41 panic(fmt.Sprintf("unexpected cipher suite: %d", id)) 42 } 43 defaultCipherSuitesTLS13 = []uint16{id} 44 defaultCipherSuitesTLS13NoAES = []uint16{id} 45 46 return func() { 47 cipherSuitesTLS13 = origCipherSuitesTLS13 48 defaultCipherSuitesTLS13 = origDefaultCipherSuitesTLS13 49 defaultCipherSuitesTLS13NoAES = origDefaultCipherSuitesTLS13NoAES 50 cipherSuitesModified = false 51 } 52 }