mirrors/XTLS_REALITY
0
0
Fork 0
mirror of https://github.com/XTLS/REALITY.git synced 2025-08-22 22:48:36 +00:00
Code

REALITY protocol: Use X25519MLKEM768's data if X25519 doesn't exist in Client Hello

Browse Source
This commit is contained in:
RPRX 2025-07-21 01:50:19 +00:00 committed by GitHub
parent 05a351a645
commit 69a94c6c1d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
tls.go
View File

@ -211,11 +211,23 @@ func Server(ctx context.Context, conn net.Conn, config *Config) (*Conn, error) {
if copying || err != nil || hs.c.vers != VersionTLS13 || !config.ServerNames[hs.clientHello.serverName] { if copying || err != nil || hs.c.vers != VersionTLS13 || !config.ServerNames[hs.clientHello.serverName] {
break break
} }
var peerPub []byte
for _, keyShare := range hs.clientHello.keyShares { for _, keyShare := range hs.clientHello.keyShares {
if keyShare.group != X25519 || len(keyShare.data) != 32 { if keyShare.group == X25519 && len(keyShare.data) == 32 {
continue peerPub = keyShare.data
break
} }
if hs.c.AuthKey, err = curve25519.X25519(config.PrivateKey, keyShare.data); err != nil { }
if peerPub == nil {
for _, keyShare := range hs.clientHello.keyShares {
if keyShare.group == X25519MLKEM768 && len(keyShare.data) == mlkem.EncapsulationKeySize768+32 {
peerPub = keyShare.data[mlkem.EncapsulationKeySize768:]
break
}
}
}
for peerPub != nil {
if hs.c.AuthKey, err = curve25519.X25519(config.PrivateKey, peerPub); err != nil {
break break
} }
if _, err = hkdf.New(sha256.New, hs.c.AuthKey, hs.clientHello.random[:20], []byte("REALITY")).Read(hs.c.AuthKey); err != nil { if _, err = hkdf.New(sha256.New, hs.c.AuthKey, hs.clientHello.random[:20], []byte("REALITY")).Read(hs.c.AuthKey); err != nil {
@ -426,7 +438,7 @@ func Server(ctx context.Context, conn net.Conn, config *Config) (*Conn, error) {
waitGroup.Wait() waitGroup.Wait()
target.Close() target.Close()
if config.Show { if config.Show {
fmt.Printf("REALITY remoteAddr: %v\ths.c.handshakeStatus: %v\n", remoteAddr, hs.c.isHandshakeComplete.Load()) fmt.Printf("REALITY remoteAddr: %v\ths.c.isHandshakeComplete.Load(): %v\n", remoteAddr, hs.c.isHandshakeComplete.Load())
} }
if hs.c.isHandshakeComplete.Load() { if hs.c.isHandshakeComplete.Load() {
return hs.c, nil return hs.c, nil