From 8c5bcacb996cfecccd71471b682aef9a15da2499 Mon Sep 17 00:00:00 2001 From: AkinoKaede Date: Mon, 17 Jul 2023 12:38:25 +0800 Subject: [PATCH] feat: bulit-in qtls cipher suite implementation --- common/protocol/quic/cipher_suite.go | 23 +++++++++++++++++++++++ common/protocol/quic/qtls_go119.go | 18 ------------------ common/protocol/quic/qtls_go120.go | 18 ------------------ common/protocol/quic/sniff.go | 6 +++--- go.mod | 4 ++-- go.sum | 2 ++ 6 files changed, 30 insertions(+), 41 deletions(-) create mode 100644 common/protocol/quic/cipher_suite.go delete mode 100644 common/protocol/quic/qtls_go119.go delete mode 100644 common/protocol/quic/qtls_go120.go --- /dev/null +++ b/common/protocol/quic/cipher_suite.go @@ -0,0 +1,23 @@ +package quic + +import ( + "crypto" + "crypto/cipher" + _ "crypto/tls" + _ "unsafe" +) + +// copied from github.com/quic-go/quic-go/internal/qtls/cipher_suite_go121.go + +type cipherSuiteTLS13 struct { + ID uint16 + KeyLen int + AEAD func(key, fixedNonce []byte) cipher.AEAD + Hash crypto.Hash +} + +// github.com/quic-go/quic-go/internal/handshake/cipher_suite.go describes these cipher suite implementations are copied from the standard library crypto/tls package. +// So we can user go:linkname to implement the same feature. + +//go:linkname aeadAESGCMTLS13 crypto/tls.aeadAESGCMTLS13 +func aeadAESGCMTLS13(key, nonceMask []byte) cipher.AEAD --- a/common/protocol/quic/qtls_go119.go +++ /dev/null @@ -1,18 +0,0 @@ -//go:build go1.19 && !go1.20 - -package quic - -import ( - "crypto/cipher" - - "github.com/quic-go/qtls-go1-19" -) - -type ( - // A CipherSuiteTLS13 is a cipher suite for TLS 1.3 - CipherSuiteTLS13 = qtls.CipherSuiteTLS13 -) - -func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD { - return qtls.AEADAESGCMTLS13(key, fixedNonce) -} --- a/common/protocol/quic/qtls_go120.go +++ /dev/null @@ -1,18 +0,0 @@ -//go:build go1.20 - -package quic - -import ( - "crypto/cipher" - - "github.com/quic-go/qtls-go1-20" -) - -type ( - // A CipherSuiteTLS13 is a cipher suite for TLS 1.3 - CipherSuiteTLS13 = qtls.CipherSuiteTLS13 -) - -func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD { - return qtls.AEADAESGCMTLS13(key, fixedNonce) -} --- a/common/protocol/quic/sniff.go +++ b/common/protocol/quic/sniff.go @@ -37,10 +37,10 @@ const ( var ( quicSaltOld = []byte{0xaf, 0xbf, 0xec, 0x28, 0x99, 0x93, 0xd2, 0x4c, 0x9e, 0x97, 0x86, 0xf1, 0x9c, 0x61, 0x11, 0xe0, 0x43, 0x90, 0xa8, 0x99} quicSalt = []byte{0x38, 0x76, 0x2c, 0xf7, 0xf5, 0x59, 0x34, 0xb3, 0x4d, 0x17, 0x9a, 0xe6, 0xa4, 0xc8, 0x0c, 0xad, 0xcc, 0xbb, 0x7f, 0x0a} - initialSuite = &CipherSuiteTLS13{ + initialSuite = &cipherSuiteTLS13{ ID: tls.TLS_AES_128_GCM_SHA256, KeyLen: 16, - AEAD: AEADAESGCMTLS13, + AEAD: aeadAESGCMTLS13, Hash: crypto.SHA256, } errNotQuic = errors.New("not quic") @@ -153,7 +153,7 @@ func SniffQUIC(b []byte) (*SniffHeader, key := hkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic key", 16) iv := hkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic iv", 12) - cipher := AEADAESGCMTLS13(key, iv) + cipher := aeadAESGCMTLS13(key, iv) nonce := cache.Extend(int32(cipher.NonceSize())) binary.BigEndian.PutUint64(nonce[len(nonce)-8:], uint64(packetNumber)) decrypted, err := cipher.Open(b[extHdrLen:extHdrLen], nonce, data, b[:extHdrLen])