Halaman utama Jelajahi Bantuan
Masuk
yosoyhendrix
/
psiphon-tunnel-core
1
0
Fork 0
Berkas Masalah 0 Permintaan Tarik 0 Wiki
Pohon: v2.0.32
Ranting Tag
psiphon-tunnel-...
/
vendor
/
github.com
/
Psiphon-Labs
/
utls
/
tls_cf.go

tls_cf.go 1.9 KB
Permalink Riwayat Mentahan

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 
  1. // Copyright 2021 Cloudflare, Inc. All rights reserved. Use of this source code
    2. 

  2. // is governed by a BSD-style license that can be found in the LICENSE file.
    3. 

  3. 

  4. package tls
    5. 

  5. 

  6. import (
    7. 

  7. 	circlPki "github.com/cloudflare/circl/pki"
    8. 

  8. 	circlSign "github.com/cloudflare/circl/sign"
    9. 

  9. 	"github.com/cloudflare/circl/sign/eddilithium3"
    10. 

  10. )
    11. 

  11. 

  12. // To add a signature scheme from Circl
    13. 

  13. //
    14. 

  14. //   1. make sure it implements TLSScheme and CertificateScheme,
    15. 

  15. //   2. follow the instructions in crypto/x509/x509_cf.go
    16. 

  16. //   3. add a signature<NameOfAlg> to the iota in common.go
    17. 

  17. //   4. add row in the circlSchemes lists below
    18. 

  18. 

  19. var circlSchemes = [...]struct {
    20. 

  20. 	sigType uint8
    21. 

  21. 	scheme  circlSign.Scheme
    22. 

  22. }{
    23. 

  23. 	{signatureEdDilithium3, eddilithium3.Scheme()},
    24. 

  24. }
    25. 

  25. 

  26. func circlSchemeBySigType(sigType uint8) circlSign.Scheme {
    27. 

  27. 	for _, cs := range circlSchemes {
    28. 

  28. 		if cs.sigType == sigType {
    29. 

  29. 			return cs.scheme
    30. 

  30. 		}
    31. 

  31. 	}
    32. 

  32. 	return nil
    33. 

  33. }
    34. 

  34. 

  35. func sigTypeByCirclScheme(scheme circlSign.Scheme) uint8 {
    36. 

  36. 	for _, cs := range circlSchemes {
    37. 

  37. 		if cs.scheme == scheme {
    38. 

  38. 			return cs.sigType
    39. 

  39. 		}
    40. 

  40. 	}
    41. 

  41. 	return 0
    42. 

  42. }
    43. 

  43. 

  44. var supportedSignatureAlgorithmsWithCircl []SignatureScheme
    45. 

  45. 

  46. // supportedSignatureAlgorithms returns enabled signature schemes. PQ signature
    47. 

  47. // schemes are only included when tls.Config#PQSignatureSchemesEnabled is set
    48. 

  48. // and FIPS-only mode is not enabled.
    49. 

  49. func (c *Config) supportedSignatureAlgorithms() []SignatureScheme {
    50. 

  50. 	// If FIPS-only mode is requested, do not add other algos.
    51. 

  51. 	if needFIPS() {
    52. 

  52. 		return supportedSignatureAlgorithms()
    53. 

  53. 	}
    54. 

  54. 	if c != nil && c.PQSignatureSchemesEnabled {
    55. 

  55. 		return supportedSignatureAlgorithmsWithCircl
    56. 

  56. 	}
    57. 

  57. 	return defaultSupportedSignatureAlgorithms
    58. 

  58. }
    59. 

  59. 

  60. func init() {
    61. 

  61. 	supportedSignatureAlgorithmsWithCircl = append([]SignatureScheme{}, defaultSupportedSignatureAlgorithms...)
    62. 

  62. 	for _, cs := range circlSchemes {
    63. 

  63. 		supportedSignatureAlgorithmsWithCircl = append(supportedSignatureAlgorithmsWithCircl,
    64. 

  64. 			SignatureScheme(cs.scheme.(circlPki.TLSScheme).TLSIdentifier()))
    65. 

  65. 	}
    66. 

  66. }
    67.