Add NSS endpoints for ECH interop

[kjacobs-moz]

This currently works for ech-accept between NSS and cloudflare-go.

[cjpatton]

Is this ready to review, @kjacobs-moz?

[kjacobs-moz]

Is this ready to review, @kjacobs-moz?

Yes, the NSS change has landed.

[cjpatton]

For the other direction, I'll need to land a change to selfserv.c to consume the PKCS8-format HPKE keypair. With that change applied, connection succeeds from cloudflare-go to NSS.

FWIW, cloudflare-go client -> nss server works correctly with the existing conversion script.

[cjpatton]

LGTM pending @cjpatton's suggestions for the key conversion script.

I'm happy to merge without the conversion and get back to it later.

[chris-wood]

Yeah, same. I was referring to the documentation suggestions. But even those I'd be fine without.

[kjacobs-moz]

LGTM pending @cjpatton's suggestions for the key conversion script.

I'm happy to merge without the conversion and get back to it later.

Thanks for the reviews.

Unfortunately, I'm not going to have time in the immediate future to rewrite it in Go, but I would definitely support PKCS8-formatting the ECH/HPKE keypair rather than storing the raw private key, which some libraries may not be able to import easily. NSS is one such library, and doing it outside of NSS/selfserv avoids having to write a second ECHConfigs parser at the application level. With that change, we could remove the script entirely, but it might be worth waiting to see if other libraries have an opinion.

Another option is to output two formats from util.go.

[cjpatton]

LGTM. Pleas squash the last commit before merging.

Oops, scratch that. Commits look good. I'm merging now.