github.com/sagernet/quic-go@v0.43.1-beta.1/internal/qtls/cipher_suite_go121.go (about)

     1  //go:build go1.21
     2  
     3  package qtls
     4  
     5  import (
     6  	"crypto/tls"
     7  	"fmt"
     8  	"unsafe"
     9  )
    10  
    11  //go:linkname cipherSuitesTLS13 crypto/tls.cipherSuitesTLS13
    12  var cipherSuitesTLS13 []unsafe.Pointer
    13  
    14  //go:linkname defaultCipherSuitesTLS13 crypto/tls.defaultCipherSuitesTLS13
    15  var defaultCipherSuitesTLS13 []uint16
    16  
    17  //go:linkname defaultCipherSuitesTLS13NoAES crypto/tls.defaultCipherSuitesTLS13NoAES
    18  var defaultCipherSuitesTLS13NoAES []uint16
    19  
    20  var cipherSuitesModified bool
    21  
    22  // SetCipherSuite modifies the cipherSuiteTLS13 slice of cipher suites inside qtls
    23  // such that it only contains the cipher suite with the chosen id.
    24  // The reset function returned resets them back to the original value.
    25  func SetCipherSuite(id uint16) (reset func()) {
    26  	if cipherSuitesModified {
    27  		panic("cipher suites modified multiple times without resetting")
    28  	}
    29  	cipherSuitesModified = true
    30  
    31  	origCipherSuitesTLS13 := append([]unsafe.Pointer{}, cipherSuitesTLS13...)
    32  	origDefaultCipherSuitesTLS13 := append([]uint16{}, defaultCipherSuitesTLS13...)
    33  	origDefaultCipherSuitesTLS13NoAES := append([]uint16{}, defaultCipherSuitesTLS13NoAES...)
    34  	// The order is given by the order of the slice elements in cipherSuitesTLS13 in qtls.
    35  	switch id {
    36  	case tls.TLS_AES_128_GCM_SHA256:
    37  		cipherSuitesTLS13 = cipherSuitesTLS13[:1]
    38  	case tls.TLS_CHACHA20_POLY1305_SHA256:
    39  		cipherSuitesTLS13 = cipherSuitesTLS13[1:2]
    40  	case tls.TLS_AES_256_GCM_SHA384:
    41  		cipherSuitesTLS13 = cipherSuitesTLS13[2:]
    42  	default:
    43  		panic(fmt.Sprintf("unexpected cipher suite: %d", id))
    44  	}
    45  	defaultCipherSuitesTLS13 = []uint16{id}
    46  	defaultCipherSuitesTLS13NoAES = []uint16{id}
    47  
    48  	return func() {
    49  		cipherSuitesTLS13 = origCipherSuitesTLS13
    50  		defaultCipherSuitesTLS13 = origDefaultCipherSuitesTLS13
    51  		defaultCipherSuitesTLS13NoAES = origDefaultCipherSuitesTLS13NoAES
    52  		cipherSuitesModified = false
    53  	}
    54  }