mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-03 20:17:36 +03:00
sync: merge changes from go 1.23.4
This commit is contained in:
Mingye Chen
commit
cefe226467
98 changed files with 8089 additions and 4530 deletions
137
defaults.go
Normal file
137
defaults.go
Normal file
|
|
@ -0,0 +1,137 @@
|
|||
// Copyright 2024 The Go Authors. All rights reserved.
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package tls
|
||||
|
||||
import (
|
||||
"slices"
|
||||
_ "unsafe" // for linkname
|
||||
)
|
||||
|
||||
// Defaults are collected in this file to allow distributions to more easily patch
|
||||
// them to apply local policies.
|
||||
|
||||
// var tlskyber = godebug.New("tlskyber") [uTLS]
|
||||
|
||||
func defaultCurvePreferences() []CurveID {
|
||||
// [uTLS section begins]
|
||||
// if tlskyber.Value() == "0" {
|
||||
// return []CurveID{X25519, CurveP256, CurveP384, CurveP521}
|
||||
// }
|
||||
// [uTLS section ends]
|
||||
|
||||
// For now, x25519Kyber768Draft00 must always be followed by X25519.
|
||||
return []CurveID{x25519Kyber768Draft00, X25519, CurveP256, CurveP384, CurveP521}
|
||||
}
|
||||
|
||||
// defaultSupportedSignatureAlgorithms contains the signature and hash algorithms that
|
||||
// the code advertises as supported in a TLS 1.2+ ClientHello and in a TLS 1.2+
|
||||
// CertificateRequest. The two fields are merged to match with TLS 1.3.
|
||||
// Note that in TLS 1.2, the ECDSA algorithms are not constrained to P-256, etc.
|
||||
var defaultSupportedSignatureAlgorithms = []SignatureScheme{
|
||||
PSSWithSHA256,
|
||||
ECDSAWithP256AndSHA256,
|
||||
Ed25519,
|
||||
PSSWithSHA384,
|
||||
PSSWithSHA512,
|
||||
PKCS1WithSHA256,
|
||||
PKCS1WithSHA384,
|
||||
PKCS1WithSHA512,
|
||||
ECDSAWithP384AndSHA384,
|
||||
ECDSAWithP521AndSHA512,
|
||||
PKCS1WithSHA1,
|
||||
ECDSAWithSHA1,
|
||||
}
|
||||
|
||||
// [uTLS section begins]
|
||||
// var tlsrsakex = godebug.New("tlsrsakex")
|
||||
// var tls3des = godebug.New("tls3des")
|
||||
// [uTLS section ends]
|
||||
|
||||
func defaultCipherSuites() []uint16 {
|
||||
suites := slices.Clone(cipherSuitesPreferenceOrder)
|
||||
return slices.DeleteFunc(suites, func(c uint16) bool {
|
||||
return disabledCipherSuites[c] ||
|
||||
// [uTLS section begins]
|
||||
// tlsrsakex.Value() != "1" && rsaKexCiphers[c] ||
|
||||
// tls3des.Value() != "1" && tdesCiphers[c]
|
||||
rsaKexCiphers[c] ||
|
||||
tdesCiphers[c]
|
||||
// [uTLS section ends]
|
||||
})
|
||||
}
|
||||
|
||||
// defaultCipherSuitesTLS13 is also the preference order, since there are no
|
||||
// disabled by default TLS 1.3 cipher suites. The same AES vs ChaCha20 logic as
|
||||
// cipherSuitesPreferenceOrder applies.
|
||||
//
|
||||
// defaultCipherSuitesTLS13 should be an internal detail,
|
||||
// but widely used packages access it using linkname.
|
||||
// Notable members of the hall of shame include:
|
||||
// - github.com/quic-go/quic-go
|
||||
// - github.com/sagernet/quic-go
|
||||
//
|
||||
// Do not remove or change the type signature.
|
||||
// See go.dev/issue/67401.
|
||||
//
|
||||
//go:linkname defaultCipherSuitesTLS13
|
||||
var defaultCipherSuitesTLS13 = []uint16{
|
||||
TLS_AES_128_GCM_SHA256,
|
||||
TLS_AES_256_GCM_SHA384,
|
||||
TLS_CHACHA20_POLY1305_SHA256,
|
||||
}
|
||||
|
||||
// defaultCipherSuitesTLS13NoAES should be an internal detail,
|
||||
// but widely used packages access it using linkname.
|
||||
// Notable members of the hall of shame include:
|
||||
// - github.com/quic-go/quic-go
|
||||
// - github.com/sagernet/quic-go
|
||||
//
|
||||
// Do not remove or change the type signature.
|
||||
// See go.dev/issue/67401.
|
||||
//
|
||||
//go:linkname defaultCipherSuitesTLS13NoAES
|
||||
var defaultCipherSuitesTLS13NoAES = []uint16{
|
||||
TLS_CHACHA20_POLY1305_SHA256,
|
||||
TLS_AES_128_GCM_SHA256,
|
||||
TLS_AES_256_GCM_SHA384,
|
||||
}
|
||||
|
||||
var defaultSupportedVersionsFIPS = []uint16{
|
||||
VersionTLS12,
|
||||
}
|
||||
|
||||
// defaultCurvePreferencesFIPS are the FIPS-allowed curves,
|
||||
// in preference order (most preferable first).
|
||||
var defaultCurvePreferencesFIPS = []CurveID{CurveP256, CurveP384, CurveP521}
|
||||
|
||||
// defaultSupportedSignatureAlgorithmsFIPS currently are a subset of
|
||||
// defaultSupportedSignatureAlgorithms without Ed25519 and SHA-1.
|
||||
var defaultSupportedSignatureAlgorithmsFIPS = []SignatureScheme{
|
||||
PSSWithSHA256,
|
||||
PSSWithSHA384,
|
||||
PSSWithSHA512,
|
||||
PKCS1WithSHA256,
|
||||
ECDSAWithP256AndSHA256,
|
||||
PKCS1WithSHA384,
|
||||
ECDSAWithP384AndSHA384,
|
||||
PKCS1WithSHA512,
|
||||
ECDSAWithP521AndSHA512,
|
||||
}
|
||||
|
||||
// defaultCipherSuitesFIPS are the FIPS-allowed cipher suites.
|
||||
var defaultCipherSuitesFIPS = []uint16{
|
||||
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||
TLS_RSA_WITH_AES_128_GCM_SHA256,
|
||||
TLS_RSA_WITH_AES_256_GCM_SHA384,
|
||||
}
|
||||
|
||||
// defaultCipherSuitesTLS13FIPS are the FIPS-allowed cipher suites for TLS 1.3.
|
||||
var defaultCipherSuitesTLS13FIPS = []uint16{
|
||||
TLS_AES_128_GCM_SHA256,
|
||||
TLS_AES_256_GCM_SHA384,
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue