sync: merge changes from go 1.24.0

This commit is contained in:
Mingye Chen 2025-03-01 00:13:08 -07:00
commit a99feacec2
50 changed files with 2505 additions and 2734 deletions

View file

@ -7,14 +7,12 @@ package tls
import (
"crypto"
"crypto/ecdh"
"crypto/mlkem"
"crypto/x509"
"fmt"
"hash"
"time"
"github.com/cloudflare/circl/kem"
"github.com/cloudflare/circl/kem/hybrid"
"github.com/refraction-networking/utls/internal/mlkem768"
)
// ClientHandshakeState includes both TLS 1.3-only and TLS 1.2-only states,
@ -64,45 +62,45 @@ type TLS12OnlyState struct {
Suite PubCipherSuite
}
func mlkemCirclToGo(circlKey kem.PrivateKey) (*mlkem768.DecapsulationKey, *ecdh.PrivateKey, error) {
if circlKey.Scheme().Name() != "Kyber768-X25519" {
return nil, nil, fmt.Errorf("circl key is not Kyber768-X25519")
}
// func mlkemCirclToGo(circlKey kem.PrivateKey) (*mlkem768.DecapsulationKey, *ecdh.PrivateKey, error) {
// if circlKey.Scheme().Name() != "Kyber768-X25519" {
// return nil, nil, fmt.Errorf("circl key is not Kyber768-X25519")
// }
encodedKey, err := circlKey.MarshalBinary()
if err != nil {
return nil, nil, err
}
// encodedKey, err := circlKey.MarshalBinary()
// if err != nil {
// return nil, nil, err
// }
ecdhKey := encodedKey[:x25519PublicKeySize]
kyberKey := encodedKey[x25519PublicKeySize:]
// ecdhKey := encodedKey[:x25519PublicKeySize]
// kyberKey := encodedKey[x25519PublicKeySize:]
goKyberkey, err := mlkem768.NewKeyFromExtendedEncoding(kyberKey)
if err != nil {
return nil, nil, err
}
// goKyberkey, err := mlkem768.NewKeyFromExtendedEncoding(kyberKey)
// if err != nil {
// return nil, nil, err
// }
goEcdhKey, err := ecdh.X25519().NewPrivateKey(ecdhKey)
if err != nil {
return nil, nil, err
}
// goEcdhKey, err := ecdh.X25519().NewPrivateKey(ecdhKey)
// if err != nil {
// return nil, nil, err
// }
return goKyberkey, goEcdhKey, nil
}
// return goKyberkey, goEcdhKey, nil
// }
func (chs *TLS13OnlyState) private13KeyShareKeys() *keySharePrivateKeys {
if chs.KeyShareKeys != nil {
return chs.KeyShareKeys.ToPrivate()
}
if chs.KEMKey != nil {
if kyberKey, ecdhKey, err := mlkemCirclToGo(chs.KEMKey.SecretKey); err == nil {
return &keySharePrivateKeys{
kyber: kyberKey,
ecdhe: ecdhKey,
}
}
}
// if chs.KEMKey != nil {
// if kyberKey, ecdhKey, err := mlkemCirclToGo(chs.KEMKey.SecretKey); err == nil {
// return &keySharePrivateKeys{
// kyber: kyberKey,
// ecdhe: ecdhKey,
// }
// }
// }
if chs.EcdheKey != nil {
return &keySharePrivateKeys{
@ -113,9 +111,9 @@ func (chs *TLS13OnlyState) private13KeyShareKeys() *keySharePrivateKeys {
return nil
}
func kyberGoToCircl(kyberKey *mlkem768.DecapsulationKey, ecdhKey *ecdh.PrivateKey) (kem.PrivateKey, error) {
return hybrid.Kyber768X25519().UnmarshalBinaryPrivateKey(append(ecdhKey.Bytes(), kyberKey.Bytes()...))
}
// func kyberGoToCircl(kyberKey *mlkem768.DecapsulationKey, ecdhKey *ecdh.PrivateKey) (kem.PrivateKey, error) {
// return hybrid.Kyber768X25519().UnmarshalBinaryPrivateKey(append(ecdhKey.Bytes(), kyberKey.Bytes()...))
// }
func (chs *PubClientHandshakeState) toPrivate13() *clientHandshakeStateTLS13 {
if chs == nil {
@ -128,16 +126,14 @@ func (chs *PubClientHandshakeState) toPrivate13() *clientHandshakeStateTLS13 {
keyShareKeys: chs.State13.private13KeyShareKeys(),
keySharesParams: chs.State13.KeySharesParams,
session: chs.Session,
earlySecret: chs.State13.EarlySecret,
binderKey: chs.State13.BinderKey,
session: chs.Session,
binderKey: chs.State13.BinderKey,
certReq: chs.State13.CertReq.toPrivate(),
usingPSK: chs.State13.UsingPSK,
sentDummyCCS: chs.State13.SentDummyCCS,
suite: chs.State13.Suite.toPrivate(),
transcript: chs.State13.Transcript,
masterSecret: chs.MasterSecret,
trafficSecret: chs.State13.TrafficSecret,
uconn: chs.uconn,
@ -152,7 +148,7 @@ func (chs13 *clientHandshakeStateTLS13) toPublic13() *PubClientHandshakeState {
tls13State := TLS13OnlyState{
KeySharesParams: chs13.keySharesParams,
KeyShareKeys: chs13.keyShareKeys.ToPublic(),
EarlySecret: chs13.earlySecret,
EarlySecret: chs13.earlySecret.Secret(),
BinderKey: chs13.binderKey,
CertReq: chs13.certReq.toPublic(),
UsingPSK: chs13.usingPSK,
@ -168,7 +164,7 @@ func (chs13 *clientHandshakeStateTLS13) toPublic13() *PubClientHandshakeState {
Session: chs13.session,
MasterSecret: chs13.masterSecret,
MasterSecret: chs13.masterSecret.Secret(),
State13: tls13State,
@ -599,22 +595,48 @@ type FinishedHash struct {
Buffer []byte
Version uint16
Prf func(result, secret, label, seed []byte)
Prfv2 prfFunc
// Deprecated: Use Prfv2 instead. Prfv2 will be used if both are set.
Prf prfFuncOld
}
type prfFuncOld func(result, secret, label, seed []byte)
func prfFuncV1ToV2(v1 prfFuncOld) prfFunc {
return func(secret []byte, label string, seed []byte, keyLen int) []byte {
res := make([]byte, keyLen)
v1(res, secret, []byte(label), seed)
return res
}
}
func prfFuncV2ToV1(v2 prfFunc) prfFuncOld {
return func(result, secret, label, seed []byte) {
copy(result, v2(secret, string(label), seed, len(result)))
}
}
func (fh *FinishedHash) getPrivateObj() finishedHash {
if fh == nil {
return finishedHash{}
} else {
return finishedHash{
res := finishedHash{
client: fh.Client,
server: fh.Server,
clientMD5: fh.ClientMD5,
serverMD5: fh.ServerMD5,
buffer: fh.Buffer,
version: fh.Version,
prf: fh.Prf,
}
if fh.Prfv2 != nil {
res.prf = fh.Prfv2
} else if fh.Prf != nil {
res.prf = prfFuncV1ToV2(fh.Prf)
}
return res
}
}
@ -622,14 +644,19 @@ func (fh *finishedHash) getPublicObj() FinishedHash {
if fh == nil {
return FinishedHash{}
} else {
return FinishedHash{
res := FinishedHash{
Client: fh.client,
Server: fh.server,
ClientMD5: fh.clientMD5,
ServerMD5: fh.serverMD5,
Buffer: fh.buffer,
Version: fh.version,
Prf: fh.prf}
}
res.Prfv2 = fh.prf
res.Prf = prfFuncV2ToV1(fh.prf)
return res
}
}
@ -894,14 +921,14 @@ func (kpk *kemPrivateKey) ToPublic() *KemPrivateKey {
type KeySharePrivateKeys struct {
CurveID CurveID
Ecdhe *ecdh.PrivateKey
kyber *mlkem768.DecapsulationKey
mlkem *mlkem.DecapsulationKey768
}
func (ksp *KeySharePrivateKeys) ToPrivate() *keySharePrivateKeys {
return &keySharePrivateKeys{
curveID: ksp.CurveID,
ecdhe: ksp.Ecdhe,
kyber: ksp.kyber,
mlkem: ksp.mlkem,
}
}
@ -909,6 +936,6 @@ func (ksp *keySharePrivateKeys) ToPublic() *KeySharePrivateKeys {
return &KeySharePrivateKeys{
CurveID: ksp.curveID,
Ecdhe: ksp.ecdhe,
kyber: ksp.kyber,
mlkem: ksp.mlkem,
}
}