(outer, inner *clientHelloMsg, ech *echClientContext, useKey bool)
| 437 | } |
| 438 | |
| 439 | func computeAndUpdateOuterECHExtension(outer, inner *clientHelloMsg, ech *echClientContext, useKey bool) error { |
| 440 | var encapKey []byte |
| 441 | if useKey { |
| 442 | encapKey = ech.encapsulatedKey |
| 443 | } |
| 444 | encodedInner, err := encodeInnerClientHello(inner, int(ech.config.MaxNameLength)) |
| 445 | if err != nil { |
| 446 | return err |
| 447 | } |
| 448 | // NOTE: the tag lengths for all of the supported AEADs are the same (16 |
| 449 | // bytes), so we have hardcoded it here. If we add support for another AEAD |
| 450 | // with a different tag length, we will need to change this. |
| 451 | encryptedLen := len(encodedInner) + 16 // AEAD tag length |
| 452 | outer.encryptedClientHello, err = generateOuterECHExt(ech.config.ConfigID, ech.kdfID, ech.aeadID, encapKey, make([]byte, encryptedLen)) |
| 453 | if err != nil { |
| 454 | return err |
| 455 | } |
| 456 | serializedOuter, err := outer.marshal() |
| 457 | if err != nil { |
| 458 | return err |
| 459 | } |
| 460 | serializedOuter = serializedOuter[4:] // strip the four byte prefix |
| 461 | encryptedInner, err := ech.hpkeContext.Seal(serializedOuter, encodedInner) |
| 462 | if err != nil { |
| 463 | return err |
| 464 | } |
| 465 | outer.encryptedClientHello, err = generateOuterECHExt(ech.config.ConfigID, ech.kdfID, ech.aeadID, encapKey, encryptedInner) |
| 466 | if err != nil { |
| 467 | return err |
| 468 | } |
| 469 | return nil |
| 470 | } |
| 471 | |
| 472 | // validDNSName is a rather rudimentary check for the validity of a DNS name. |
| 473 | // This is used to check if the public_name in a ECHConfig is valid when we are |
no test coverage detected
searching dependent graphs…