github.com/tumi8/quic-go@v0.37.4-tum/noninternal/qtls/go120.go (about)

     1  //go:build go1.20 && !go1.21
     2  
     3  package qtls
     4  
     5  import (
     6  	"crypto/tls"
     7  	"fmt"
     8  	"unsafe"
     9  
    10  	"github.com/tumi8/quic-go/noninternal/protocol"
    11  
    12  	"github.com/tumi8/qtls-go1-20"
    13  )
    14  
    15  type (
    16  	QUICConn            = qtls.QUICConn
    17  	QUICConfig          = qtls.QUICConfig
    18  	QUICEvent           = qtls.QUICEvent
    19  	QUICEventKind       = qtls.QUICEventKind
    20  	QUICEncryptionLevel = qtls.QUICEncryptionLevel
    21  	AlertError          = qtls.AlertError
    22  )
    23  
    24  const (
    25  	QUICEncryptionLevelInitial     = qtls.QUICEncryptionLevelInitial
    26  	QUICEncryptionLevelEarly       = qtls.QUICEncryptionLevelEarly
    27  	QUICEncryptionLevelHandshake   = qtls.QUICEncryptionLevelHandshake
    28  	QUICEncryptionLevelApplication = qtls.QUICEncryptionLevelApplication
    29  )
    30  
    31  const (
    32  	QUICNoEvent                     = qtls.QUICNoEvent
    33  	QUICSetReadSecret               = qtls.QUICSetReadSecret
    34  	QUICSetWriteSecret              = qtls.QUICSetWriteSecret
    35  	QUICWriteData                   = qtls.QUICWriteData
    36  	QUICTransportParameters         = qtls.QUICTransportParameters
    37  	QUICTransportParametersRequired = qtls.QUICTransportParametersRequired
    38  	QUICRejectedEarlyData           = qtls.QUICRejectedEarlyData
    39  	QUICHandshakeDone               = qtls.QUICHandshakeDone
    40  )
    41  
    42  func SetupConfigForServer(conf *QUICConfig, enable0RTT bool, getDataForSessionTicket func() []byte, accept0RTT func([]byte) bool) {
    43  	qtls.InitSessionTicketKeys(conf.TLSConfig)
    44  	conf.TLSConfig = conf.TLSConfig.Clone()
    45  	conf.TLSConfig.MinVersion = tls.VersionTLS13
    46  	conf.ExtraConfig = &qtls.ExtraConfig{
    47  		Enable0RTT:                 enable0RTT,
    48  		Accept0RTT:                 accept0RTT,
    49  		GetAppDataForSessionTicket: getDataForSessionTicket,
    50  	}
    51  }
    52  
    53  func SetupConfigForClient(conf *QUICConfig, getDataForSessionState func() []byte, setDataFromSessionState func([]byte)) {
    54  	conf.ExtraConfig = &qtls.ExtraConfig{
    55  		GetAppDataForSessionState:  getDataForSessionState,
    56  		SetAppDataFromSessionState: setDataFromSessionState,
    57  	}
    58  }
    59  
    60  func QUICServer(config *QUICConfig) *QUICConn {
    61  	return qtls.QUICServer(config)
    62  }
    63  
    64  func QUICClient(config *QUICConfig) *QUICConn {
    65  	return qtls.QUICClient(config)
    66  }
    67  
    68  func ToTLSEncryptionLevel(e protocol.EncryptionLevel) qtls.QUICEncryptionLevel {
    69  	switch e {
    70  	case protocol.EncryptionInitial:
    71  		return qtls.QUICEncryptionLevelInitial
    72  	case protocol.EncryptionHandshake:
    73  		return qtls.QUICEncryptionLevelHandshake
    74  	case protocol.Encryption1RTT:
    75  		return qtls.QUICEncryptionLevelApplication
    76  	case protocol.Encryption0RTT:
    77  		return qtls.QUICEncryptionLevelEarly
    78  	default:
    79  		panic(fmt.Sprintf("unexpected encryption level: %s", e))
    80  	}
    81  }
    82  
    83  func FromTLSEncryptionLevel(e qtls.QUICEncryptionLevel) protocol.EncryptionLevel {
    84  	switch e {
    85  	case qtls.QUICEncryptionLevelInitial:
    86  		return protocol.EncryptionInitial
    87  	case qtls.QUICEncryptionLevelHandshake:
    88  		return protocol.EncryptionHandshake
    89  	case qtls.QUICEncryptionLevelApplication:
    90  		return protocol.Encryption1RTT
    91  	case qtls.QUICEncryptionLevelEarly:
    92  		return protocol.Encryption0RTT
    93  	default:
    94  		panic(fmt.Sprintf("unexpect encryption level: %s", e))
    95  	}
    96  }
    97  
    98  //go:linkname cipherSuitesTLS13 github.com/tumi8/qtls-go1-20.cipherSuitesTLS13
    99  var cipherSuitesTLS13 []unsafe.Pointer
   100  
   101  //go:linkname defaultCipherSuitesTLS13 github.com/tumi8/qtls-go1-20.defaultCipherSuitesTLS13
   102  var defaultCipherSuitesTLS13 []uint16
   103  
   104  //go:linkname defaultCipherSuitesTLS13NoAES github.com/tumi8/qtls-go1-20.defaultCipherSuitesTLS13NoAES
   105  var defaultCipherSuitesTLS13NoAES []uint16
   106  
   107  var cipherSuitesModified bool
   108  
   109  // SetCipherSuite modifies the cipherSuiteTLS13 slice of cipher suites inside qtls
   110  // such that it only contains the cipher suite with the chosen id.
   111  // The reset function returned resets them back to the original value.
   112  func SetCipherSuite(id uint16) (reset func()) {
   113  	if cipherSuitesModified {
   114  		panic("cipher suites modified multiple times without resetting")
   115  	}
   116  	cipherSuitesModified = true
   117  
   118  	origCipherSuitesTLS13 := append([]unsafe.Pointer{}, cipherSuitesTLS13...)
   119  	origDefaultCipherSuitesTLS13 := append([]uint16{}, defaultCipherSuitesTLS13...)
   120  	origDefaultCipherSuitesTLS13NoAES := append([]uint16{}, defaultCipherSuitesTLS13NoAES...)
   121  	// The order is given by the order of the slice elements in cipherSuitesTLS13 in qtls.
   122  	switch id {
   123  	case tls.TLS_AES_128_GCM_SHA256:
   124  		cipherSuitesTLS13 = cipherSuitesTLS13[:1]
   125  	case tls.TLS_CHACHA20_POLY1305_SHA256:
   126  		cipherSuitesTLS13 = cipherSuitesTLS13[1:2]
   127  	case tls.TLS_AES_256_GCM_SHA384:
   128  		cipherSuitesTLS13 = cipherSuitesTLS13[2:]
   129  	default:
   130  		panic(fmt.Sprintf("unexpected cipher suite: %d", id))
   131  	}
   132  	defaultCipherSuitesTLS13 = []uint16{id}
   133  	defaultCipherSuitesTLS13NoAES = []uint16{id}
   134  
   135  	return func() {
   136  		cipherSuitesTLS13 = origCipherSuitesTLS13
   137  		defaultCipherSuitesTLS13 = origDefaultCipherSuitesTLS13
   138  		defaultCipherSuitesTLS13NoAES = origDefaultCipherSuitesTLS13NoAES
   139  		cipherSuitesModified = false
   140  	}
   141  }