github.com/tumi8/quic-go@v0.37.4-tum/noninternal/qtls/go120.go (about) 1 //go:build go1.20 && !go1.21 2 3 package qtls 4 5 import ( 6 "crypto/tls" 7 "fmt" 8 "unsafe" 9 10 "github.com/tumi8/quic-go/noninternal/protocol" 11 12 "github.com/tumi8/qtls-go1-20" 13 ) 14 15 type ( 16 QUICConn = qtls.QUICConn 17 QUICConfig = qtls.QUICConfig 18 QUICEvent = qtls.QUICEvent 19 QUICEventKind = qtls.QUICEventKind 20 QUICEncryptionLevel = qtls.QUICEncryptionLevel 21 AlertError = qtls.AlertError 22 ) 23 24 const ( 25 QUICEncryptionLevelInitial = qtls.QUICEncryptionLevelInitial 26 QUICEncryptionLevelEarly = qtls.QUICEncryptionLevelEarly 27 QUICEncryptionLevelHandshake = qtls.QUICEncryptionLevelHandshake 28 QUICEncryptionLevelApplication = qtls.QUICEncryptionLevelApplication 29 ) 30 31 const ( 32 QUICNoEvent = qtls.QUICNoEvent 33 QUICSetReadSecret = qtls.QUICSetReadSecret 34 QUICSetWriteSecret = qtls.QUICSetWriteSecret 35 QUICWriteData = qtls.QUICWriteData 36 QUICTransportParameters = qtls.QUICTransportParameters 37 QUICTransportParametersRequired = qtls.QUICTransportParametersRequired 38 QUICRejectedEarlyData = qtls.QUICRejectedEarlyData 39 QUICHandshakeDone = qtls.QUICHandshakeDone 40 ) 41 42 func SetupConfigForServer(conf *QUICConfig, enable0RTT bool, getDataForSessionTicket func() []byte, accept0RTT func([]byte) bool) { 43 qtls.InitSessionTicketKeys(conf.TLSConfig) 44 conf.TLSConfig = conf.TLSConfig.Clone() 45 conf.TLSConfig.MinVersion = tls.VersionTLS13 46 conf.ExtraConfig = &qtls.ExtraConfig{ 47 Enable0RTT: enable0RTT, 48 Accept0RTT: accept0RTT, 49 GetAppDataForSessionTicket: getDataForSessionTicket, 50 } 51 } 52 53 func SetupConfigForClient(conf *QUICConfig, getDataForSessionState func() []byte, setDataFromSessionState func([]byte)) { 54 conf.ExtraConfig = &qtls.ExtraConfig{ 55 GetAppDataForSessionState: getDataForSessionState, 56 SetAppDataFromSessionState: setDataFromSessionState, 57 } 58 } 59 60 func QUICServer(config *QUICConfig) *QUICConn { 61 return qtls.QUICServer(config) 62 } 63 64 func QUICClient(config *QUICConfig) *QUICConn { 65 return qtls.QUICClient(config) 66 } 67 68 func ToTLSEncryptionLevel(e protocol.EncryptionLevel) qtls.QUICEncryptionLevel { 69 switch e { 70 case protocol.EncryptionInitial: 71 return qtls.QUICEncryptionLevelInitial 72 case protocol.EncryptionHandshake: 73 return qtls.QUICEncryptionLevelHandshake 74 case protocol.Encryption1RTT: 75 return qtls.QUICEncryptionLevelApplication 76 case protocol.Encryption0RTT: 77 return qtls.QUICEncryptionLevelEarly 78 default: 79 panic(fmt.Sprintf("unexpected encryption level: %s", e)) 80 } 81 } 82 83 func FromTLSEncryptionLevel(e qtls.QUICEncryptionLevel) protocol.EncryptionLevel { 84 switch e { 85 case qtls.QUICEncryptionLevelInitial: 86 return protocol.EncryptionInitial 87 case qtls.QUICEncryptionLevelHandshake: 88 return protocol.EncryptionHandshake 89 case qtls.QUICEncryptionLevelApplication: 90 return protocol.Encryption1RTT 91 case qtls.QUICEncryptionLevelEarly: 92 return protocol.Encryption0RTT 93 default: 94 panic(fmt.Sprintf("unexpect encryption level: %s", e)) 95 } 96 } 97 98 //go:linkname cipherSuitesTLS13 github.com/tumi8/qtls-go1-20.cipherSuitesTLS13 99 var cipherSuitesTLS13 []unsafe.Pointer 100 101 //go:linkname defaultCipherSuitesTLS13 github.com/tumi8/qtls-go1-20.defaultCipherSuitesTLS13 102 var defaultCipherSuitesTLS13 []uint16 103 104 //go:linkname defaultCipherSuitesTLS13NoAES github.com/tumi8/qtls-go1-20.defaultCipherSuitesTLS13NoAES 105 var defaultCipherSuitesTLS13NoAES []uint16 106 107 var cipherSuitesModified bool 108 109 // SetCipherSuite modifies the cipherSuiteTLS13 slice of cipher suites inside qtls 110 // such that it only contains the cipher suite with the chosen id. 111 // The reset function returned resets them back to the original value. 112 func SetCipherSuite(id uint16) (reset func()) { 113 if cipherSuitesModified { 114 panic("cipher suites modified multiple times without resetting") 115 } 116 cipherSuitesModified = true 117 118 origCipherSuitesTLS13 := append([]unsafe.Pointer{}, cipherSuitesTLS13...) 119 origDefaultCipherSuitesTLS13 := append([]uint16{}, defaultCipherSuitesTLS13...) 120 origDefaultCipherSuitesTLS13NoAES := append([]uint16{}, defaultCipherSuitesTLS13NoAES...) 121 // The order is given by the order of the slice elements in cipherSuitesTLS13 in qtls. 122 switch id { 123 case tls.TLS_AES_128_GCM_SHA256: 124 cipherSuitesTLS13 = cipherSuitesTLS13[:1] 125 case tls.TLS_CHACHA20_POLY1305_SHA256: 126 cipherSuitesTLS13 = cipherSuitesTLS13[1:2] 127 case tls.TLS_AES_256_GCM_SHA384: 128 cipherSuitesTLS13 = cipherSuitesTLS13[2:] 129 default: 130 panic(fmt.Sprintf("unexpected cipher suite: %d", id)) 131 } 132 defaultCipherSuitesTLS13 = []uint16{id} 133 defaultCipherSuitesTLS13NoAES = []uint16{id} 134 135 return func() { 136 cipherSuitesTLS13 = origCipherSuitesTLS13 137 defaultCipherSuitesTLS13 = origDefaultCipherSuitesTLS13 138 defaultCipherSuitesTLS13NoAES = origDefaultCipherSuitesTLS13NoAES 139 cipherSuitesModified = false 140 } 141 }