github.com/sagernet/quic-go@v0.43.1-beta.1/internal/qtls_ech/cipher_suite_go121.go (about)

     1  package qtls
     2  
     3  import (
     4  	"fmt"
     5  	"unsafe"
     6  
     7  	"github.com/sagernet/cloudflare-tls"
     8  )
     9  
    10  //go:linkname cipherSuitesTLS13 crypto/tls.cipherSuitesTLS13
    11  var cipherSuitesTLS13 []unsafe.Pointer
    12  
    13  //go:linkname defaultCipherSuitesTLS13 crypto/tls.defaultCipherSuitesTLS13
    14  var defaultCipherSuitesTLS13 []uint16
    15  
    16  //go:linkname defaultCipherSuitesTLS13NoAES crypto/tls.defaultCipherSuitesTLS13NoAES
    17  var defaultCipherSuitesTLS13NoAES []uint16
    18  
    19  var cipherSuitesModified bool
    20  
    21  // SetCipherSuite modifies the cipherSuiteTLS13 slice of cipher suites inside qtls
    22  // such that it only contains the cipher suite with the chosen id.
    23  // The reset function returned resets them back to the original value.
    24  func SetCipherSuite(id uint16) (reset func()) {
    25  	if cipherSuitesModified {
    26  		panic("cipher suites modified multiple times without resetting")
    27  	}
    28  	cipherSuitesModified = true
    29  
    30  	origCipherSuitesTLS13 := append([]unsafe.Pointer{}, cipherSuitesTLS13...)
    31  	origDefaultCipherSuitesTLS13 := append([]uint16{}, defaultCipherSuitesTLS13...)
    32  	origDefaultCipherSuitesTLS13NoAES := append([]uint16{}, defaultCipherSuitesTLS13NoAES...)
    33  	// The order is given by the order of the slice elements in cipherSuitesTLS13 in qtls.
    34  	switch id {
    35  	case tls.TLS_AES_128_GCM_SHA256:
    36  		cipherSuitesTLS13 = cipherSuitesTLS13[:1]
    37  	case tls.TLS_CHACHA20_POLY1305_SHA256:
    38  		cipherSuitesTLS13 = cipherSuitesTLS13[1:2]
    39  	case tls.TLS_AES_256_GCM_SHA384:
    40  		cipherSuitesTLS13 = cipherSuitesTLS13[2:]
    41  	default:
    42  		panic(fmt.Sprintf("unexpected cipher suite: %d", id))
    43  	}
    44  	defaultCipherSuitesTLS13 = []uint16{id}
    45  	defaultCipherSuitesTLS13NoAES = []uint16{id}
    46  
    47  	return func() {
    48  		cipherSuitesTLS13 = origCipherSuitesTLS13
    49  		defaultCipherSuitesTLS13 = origDefaultCipherSuitesTLS13
    50  		defaultCipherSuitesTLS13NoAES = origDefaultCipherSuitesTLS13NoAES
    51  		cipherSuitesModified = false
    52  	}
    53  }