stealth: S1 padding rand, S7 ALPS codepoint fix, S20 ECH policy

Author: RsNest

Telegram/SourceFiles/mtproto/details/mtproto_tls_client_hello.cpp

@@ -0,0 +1,36 @@
+/*
+This file is part of Telegram Desktop,
+the official desktop application for the Telegram messaging service.
+
+For license and copyright information please follow this link:
+https://github.com/telegramdesktop/tdesktop/blob/master/LEGAL
+*/
+#pragma once
+
+#include "base/bytes.h"
+#include "scheme.h"
+
+#include <QtCore/QByteArray>
+
+namespace MTP::details {
+
+struct TlsClientHelloGenerated {
+	QByteArray data;
+	QByteArray digest;
+};
+
+// Synthetic TLS ClientHello rules for MTProxy (ee) transport. When include_ech
+// is false, the ECH extension permutation branch is omitted (conservative
+// egress; see tdlib-obf-stealth-plan V6 / S20).
+[[nodiscard]] MTPTlsClientHello TlsClientHelloDefaultRules(bool include_ech = true);
+
+// Whether to include ECH for this process / connection policy (compile-time
+// default + optional TDESKTOP_TLS_ECH_OFF / TDESKTOP_TLS_ECH_ON env).
+[[nodiscard]] bool TlsClientHelloIncludeEch();
+
+[[nodiscard]] TlsClientHelloGenerated GenerateTlsClientHello(
+	const MTPTlsClientHello &rules,
+	bytes::const_span domain,
+	bytes::const_span key);
+
+} // namespace MTP::details