110 lines
3.4 KiB
Diff
110 lines
3.4 KiB
Diff
From 8c5bcacb996cfecccd71471b682aef9a15da2499 Mon Sep 17 00:00:00 2001
|
|
From: AkinoKaede <i@akinokae.de>
|
|
Date: Mon, 17 Jul 2023 12:38:25 +0800
|
|
Subject: [PATCH] feat: bulit-in qtls cipher suite implementation
|
|
|
|
---
|
|
common/protocol/quic/cipher_suite.go | 23 +++++++++++++++++++++++
|
|
common/protocol/quic/qtls_go119.go | 18 ------------------
|
|
common/protocol/quic/qtls_go120.go | 18 ------------------
|
|
common/protocol/quic/sniff.go | 6 +++---
|
|
go.mod | 4 ++--
|
|
go.sum | 2 ++
|
|
6 files changed, 30 insertions(+), 41 deletions(-)
|
|
create mode 100644 common/protocol/quic/cipher_suite.go
|
|
delete mode 100644 common/protocol/quic/qtls_go119.go
|
|
delete mode 100644 common/protocol/quic/qtls_go120.go
|
|
|
|
--- /dev/null
|
|
+++ b/common/protocol/quic/cipher_suite.go
|
|
@@ -0,0 +1,23 @@
|
|
+package quic
|
|
+
|
|
+import (
|
|
+ "crypto"
|
|
+ "crypto/cipher"
|
|
+ _ "crypto/tls"
|
|
+ _ "unsafe"
|
|
+)
|
|
+
|
|
+// copied from github.com/quic-go/quic-go/internal/qtls/cipher_suite_go121.go
|
|
+
|
|
+type cipherSuiteTLS13 struct {
|
|
+ ID uint16
|
|
+ KeyLen int
|
|
+ AEAD func(key, fixedNonce []byte) cipher.AEAD
|
|
+ Hash crypto.Hash
|
|
+}
|
|
+
|
|
+// github.com/quic-go/quic-go/internal/handshake/cipher_suite.go describes these cipher suite implementations are copied from the standard library crypto/tls package.
|
|
+// So we can user go:linkname to implement the same feature.
|
|
+
|
|
+//go:linkname aeadAESGCMTLS13 crypto/tls.aeadAESGCMTLS13
|
|
+func aeadAESGCMTLS13(key, nonceMask []byte) cipher.AEAD
|
|
--- a/common/protocol/quic/qtls_go119.go
|
|
+++ /dev/null
|
|
@@ -1,18 +0,0 @@
|
|
-//go:build go1.19 && !go1.20
|
|
-
|
|
-package quic
|
|
-
|
|
-import (
|
|
- "crypto/cipher"
|
|
-
|
|
- "github.com/quic-go/qtls-go1-19"
|
|
-)
|
|
-
|
|
-type (
|
|
- // A CipherSuiteTLS13 is a cipher suite for TLS 1.3
|
|
- CipherSuiteTLS13 = qtls.CipherSuiteTLS13
|
|
-)
|
|
-
|
|
-func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD {
|
|
- return qtls.AEADAESGCMTLS13(key, fixedNonce)
|
|
-}
|
|
--- a/common/protocol/quic/qtls_go120.go
|
|
+++ /dev/null
|
|
@@ -1,18 +0,0 @@
|
|
-//go:build go1.20
|
|
-
|
|
-package quic
|
|
-
|
|
-import (
|
|
- "crypto/cipher"
|
|
-
|
|
- "github.com/quic-go/qtls-go1-20"
|
|
-)
|
|
-
|
|
-type (
|
|
- // A CipherSuiteTLS13 is a cipher suite for TLS 1.3
|
|
- CipherSuiteTLS13 = qtls.CipherSuiteTLS13
|
|
-)
|
|
-
|
|
-func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD {
|
|
- return qtls.AEADAESGCMTLS13(key, fixedNonce)
|
|
-}
|
|
--- a/common/protocol/quic/sniff.go
|
|
+++ b/common/protocol/quic/sniff.go
|
|
@@ -37,10 +37,10 @@ const (
|
|
var (
|
|
quicSaltOld = []byte{0xaf, 0xbf, 0xec, 0x28, 0x99, 0x93, 0xd2, 0x4c, 0x9e, 0x97, 0x86, 0xf1, 0x9c, 0x61, 0x11, 0xe0, 0x43, 0x90, 0xa8, 0x99}
|
|
quicSalt = []byte{0x38, 0x76, 0x2c, 0xf7, 0xf5, 0x59, 0x34, 0xb3, 0x4d, 0x17, 0x9a, 0xe6, 0xa4, 0xc8, 0x0c, 0xad, 0xcc, 0xbb, 0x7f, 0x0a}
|
|
- initialSuite = &CipherSuiteTLS13{
|
|
+ initialSuite = &cipherSuiteTLS13{
|
|
ID: tls.TLS_AES_128_GCM_SHA256,
|
|
KeyLen: 16,
|
|
- AEAD: AEADAESGCMTLS13,
|
|
+ AEAD: aeadAESGCMTLS13,
|
|
Hash: crypto.SHA256,
|
|
}
|
|
errNotQuic = errors.New("not quic")
|
|
@@ -153,7 +153,7 @@ func SniffQUIC(b []byte) (*SniffHeader,
|
|
|
|
key := hkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic key", 16)
|
|
iv := hkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic iv", 12)
|
|
- cipher := AEADAESGCMTLS13(key, iv)
|
|
+ cipher := aeadAESGCMTLS13(key, iv)
|
|
nonce := cache.Extend(int32(cipher.NonceSize()))
|
|
binary.BigEndian.PutUint64(nonce[len(nonce)-8:], uint64(packetNumber))
|
|
decrypted, err := cipher.Open(b[extHdrLen:extHdrLen], nonce, data, b[:extHdrLen])
|