mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 03:57:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

update: rm cf KEMkey & KeySharesParams in TLS13OnlyState

Browse source 
These can be set and read via KeySharePrivateKeys. While the breakage is unfortunate for backwards compatibility, it is already unavoidable in one direction: the cloudflare kem key does not store the mlkem seed and is therefore incompatible with crypto/mlkem.
This commit is contained in:
Mingye Chen 2025-03-01 19:18:24 -07:00
parent 9fada94f7e
commit d24af4ae55
5 changed files with 55 additions and 146 deletions
Download patch file Download diff file Expand all files Collapse all files

10
u_parrots.go
View file

@ -2636,7 +2636,6 @@ func (uconn *UConn) ApplyPreset(p *ClientHelloSpec) error {
} else {
uconn.HandshakeState.State13.KeyShareKeys = &KeySharePrivateKeys{}
}
uconn.HandshakeState.State13.KeySharesParams = NewKeySharesParameters()
uconn.echCtx = ech
hello := uconn.HandshakeState.Hello
@ -2750,12 +2749,6 @@ func (uconn *UConn) ApplyPreset(p *ClientHelloSpec) error {
return err
}
// circlKyberKey, err := kyberGoToCircl(kyberKey, ecdheKey)
// if err != nil {
// return err
// }
// uconn.HandshakeState.State13.KeySharesParams.AddKemKeypair(curveID, circlKyberKey, circlKyberKey.Public())
if curveID == X25519Kyber768Draft00 {
ext.KeyShares[i].Data = append(ecdheKey.PublicKey().Bytes(), mlkemKey.EncapsulationKey().Bytes()...)
} else {
@ -2770,7 +2763,6 @@ func (uconn *UConn) ApplyPreset(p *ClientHelloSpec) error {
if len(ext.KeyShares) > i+1 && ext.KeyShares[i+1].Group == X25519 {
// Reuse the same X25519 ephemeral key for both keyshares, as allowed by draft-ietf-tls-hybrid-design-09, Section 3.2.
uconn.HandshakeState.State13.KeyShareKeys.Ecdhe = ecdheKey
// uconn.HandshakeState.State13.KeySharesParams.AddEcdheKeypair(curveID, ecdheKey, ecdheKey.PublicKey())
ext.KeyShares[i+1].Data = ecdheKey.PublicKey().Bytes()
}
} else {
@ -2780,8 +2772,6 @@ func (uconn *UConn) ApplyPreset(p *ClientHelloSpec) error {
"To mimic it, fill the Data(key) field manually", curveID)
}
// uconn.HandshakeState.State13.KeySharesParams.AddEcdheKeypair(curveID, ecdheKey, ecdheKey.PublicKey())
ext.KeyShares[i].Data = ecdheKey.PublicKey().Bytes()
if !preferredCurveIsSet {
// only do this once for the first non-grease curve