MCPcopy
hub / github.com/MetaCubeX/mihomo / VerifyConnection

Method VerifyConnection

component/tls/reality.go:174–197  ·  view source on GitHub ↗
(state utls.ConnectionState)

Source from the content-addressed store, hash-verified

172}
173
174func (c *realityVerifier) VerifyConnection(state utls.ConnectionState) error {
175 log.Debugln("REALITY localAddr: %v is using X25519MLKEM768 for TLS' communication: %v", c.RemoteAddr(), c.HandshakeState.ServerHello.ServerShare.Group == utls.X25519MLKEM768)
176 certs := state.PeerCertificates
177 if pub, ok := certs[0].PublicKey.(ed25519.PublicKey); ok {
178 h := hmac.New(sha512.New, c.authKey)
179 h.Write(pub)
180 if bytes.Equal(h.Sum(nil), certs[0].Signature) {
181 c.verified = true
182 return nil
183 }
184 }
185 opts := x509.VerifyOptions{
186 DNSName: c.serverName,
187 Intermediates: x509.NewCertPool(),
188 CurrentTime: ntp.Now(),
189 }
190 for _, cert := range certs[1:] {
191 opts.Intermediates.AddCert(cert)
192 }
193 if _, err := certs[0].Verify(opts); err != nil {
194 return err
195 }
196 return nil
197}

Callers 1

UConfigFunction · 0.80

Calls 8

DebuglnFunction · 0.92
NowFunction · 0.92
NewMethod · 0.80
SumMethod · 0.80
RemoteAddrMethod · 0.65
WriteMethod · 0.65
EqualMethod · 0.65
VerifyMethod · 0.65

Tested by

no test coverage detected