github.com/sagernet/quic-go@v0.43.1-beta.1/internal/qtls/cipher_suite_go121.go (about) 1 //go:build go1.21 2 3 package qtls 4 5 import ( 6 "crypto/tls" 7 "fmt" 8 "unsafe" 9 ) 10 11 //go:linkname cipherSuitesTLS13 crypto/tls.cipherSuitesTLS13 12 var cipherSuitesTLS13 []unsafe.Pointer 13 14 //go:linkname defaultCipherSuitesTLS13 crypto/tls.defaultCipherSuitesTLS13 15 var defaultCipherSuitesTLS13 []uint16 16 17 //go:linkname defaultCipherSuitesTLS13NoAES crypto/tls.defaultCipherSuitesTLS13NoAES 18 var defaultCipherSuitesTLS13NoAES []uint16 19 20 var cipherSuitesModified bool 21 22 // SetCipherSuite modifies the cipherSuiteTLS13 slice of cipher suites inside qtls 23 // such that it only contains the cipher suite with the chosen id. 24 // The reset function returned resets them back to the original value. 25 func SetCipherSuite(id uint16) (reset func()) { 26 if cipherSuitesModified { 27 panic("cipher suites modified multiple times without resetting") 28 } 29 cipherSuitesModified = true 30 31 origCipherSuitesTLS13 := append([]unsafe.Pointer{}, cipherSuitesTLS13...) 32 origDefaultCipherSuitesTLS13 := append([]uint16{}, defaultCipherSuitesTLS13...) 33 origDefaultCipherSuitesTLS13NoAES := append([]uint16{}, defaultCipherSuitesTLS13NoAES...) 34 // The order is given by the order of the slice elements in cipherSuitesTLS13 in qtls. 35 switch id { 36 case tls.TLS_AES_128_GCM_SHA256: 37 cipherSuitesTLS13 = cipherSuitesTLS13[:1] 38 case tls.TLS_CHACHA20_POLY1305_SHA256: 39 cipherSuitesTLS13 = cipherSuitesTLS13[1:2] 40 case tls.TLS_AES_256_GCM_SHA384: 41 cipherSuitesTLS13 = cipherSuitesTLS13[2:] 42 default: 43 panic(fmt.Sprintf("unexpected cipher suite: %d", id)) 44 } 45 defaultCipherSuitesTLS13 = []uint16{id} 46 defaultCipherSuitesTLS13NoAES = []uint16{id} 47 48 return func() { 49 cipherSuitesTLS13 = origCipherSuitesTLS13 50 defaultCipherSuitesTLS13 = origDefaultCipherSuitesTLS13 51 defaultCipherSuitesTLS13NoAES = origDefaultCipherSuitesTLS13NoAES 52 cipherSuitesModified = false 53 } 54 }