MCPcopy
hub / github.com/XTLS/REALITY / pickECHConfig

Function pickECHConfig

ech.go:166–203  ·  view source on GitHub ↗
(list []EchConfig)

Source from the content-addressed store, hash-verified

164}
165
166func pickECHConfig(list []EchConfig) *EchConfig {
167 for _, ec := range list {
168 if _, ok := hpke.SupportedKEMs[ec.KemID]; !ok {
169 continue
170 }
171 var validSCS bool
172 for _, cs := range ec.SymmetricCipherSuite {
173 if _, ok := hpke.SupportedAEADs[cs.AEADID]; !ok {
174 continue
175 }
176 if _, ok := hpke.SupportedKDFs[cs.KDFID]; !ok {
177 continue
178 }
179 validSCS = true
180 break
181 }
182 if !validSCS {
183 continue
184 }
185 if !validDNSName(string(ec.PublicName)) {
186 continue
187 }
188 var unsupportedExt bool
189 for _, ext := range ec.Extensions {
190 // If high order bit is set to 1 the extension is mandatory.
191 // Since we don't support any extensions, if we see a mandatory
192 // bit, we skip the config.
193 if ext.Type&uint16(1<<15) != 0 {
194 unsupportedExt = true
195 }
196 }
197 if unsupportedExt {
198 continue
199 }
200 return &ec
201 }
202 return nil
203}
204
205func pickECHCipherSuite(suites []EchCipher) (EchCipher, error) {
206 for _, s := range suites {

Callers 1

makeClientHelloMethod · 0.85

Calls 1

validDNSNameFunction · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…