From 2b7c67d2973a14d5decee199971132e01f6929b0 Mon Sep 17 00:00:00 2001
From: Marten Seemann <martenseemann@gmail.com>
Date: Mon, 7 Nov 2016 13:04:54 +0700
Subject: [PATCH] create handshake.CryptoSetup interface

---
 benchmark_test.go                             |  2 +-
 handshake/crypto_setup_interface.go           | 14 +++++++
 ...crypto_setup.go => crypto_setup_server.go} | 38 +++++++++----------
 ...up_test.go => crypto_setup_server_test.go} |  7 ++--
 packet_packer.go                              |  4 +-
 packet_packer_test.go                         |  4 +-
 session.go                                    |  2 +-
 7 files changed, 44 insertions(+), 27 deletions(-)
 create mode 100644 handshake/crypto_setup_interface.go
 rename handshake/{crypto_setup.go => crypto_setup_server.go} (88%)
 rename handshake/{crypto_setup_test.go => crypto_setup_server_test.go} (98%)

diff --git a/benchmark_test.go b/benchmark_test.go
index 07cfa0a3..b8fe524d 100644
--- a/benchmark_test.go
+++ b/benchmark_test.go
@@ -65,7 +65,7 @@ func (c *linkedConnection) write(p []byte) error {
 func (*linkedConnection) setCurrentRemoteAddr(addr interface{}) {}
 func (*linkedConnection) RemoteAddr() *net.UDPAddr              { return &net.UDPAddr{} }
 
-func setAEAD(cs *handshake.CryptoSetup, aead crypto.AEAD) {
+func setAEAD(cs handshake.CryptoSetup, aead crypto.AEAD) {
 	*(*bool)(unsafe.Pointer(reflect.ValueOf(cs).Elem().FieldByName("receivedForwardSecurePacket").UnsafeAddr())) = true
 	*(*crypto.AEAD)(unsafe.Pointer(reflect.ValueOf(cs).Elem().FieldByName("forwardSecureAEAD").UnsafeAddr())) = aead
 }
diff --git a/handshake/crypto_setup_interface.go b/handshake/crypto_setup_interface.go
new file mode 100644
index 00000000..1452b5af
--- /dev/null
+++ b/handshake/crypto_setup_interface.go
@@ -0,0 +1,14 @@
+package handshake
+
+import "github.com/lucas-clemente/quic-go/protocol"
+
+// CryptoSetup is a crypto setup
+type CryptoSetup interface {
+	HandleCryptoStream() error
+	Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error)
+	Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) []byte
+	DiversificationNonce() []byte
+	LockForSealing()
+	UnlockForSealing()
+	HandshakeComplete() bool
+}
diff --git a/handshake/crypto_setup.go b/handshake/crypto_setup_server.go
similarity index 88%
rename from handshake/crypto_setup.go
rename to handshake/crypto_setup_server.go
index b6203071..23d77790 100644
--- a/handshake/crypto_setup.go
+++ b/handshake/crypto_setup_server.go
@@ -20,8 +20,8 @@ type KeyDerivationFunction func(forwardSecure bool, sharedSecret, nonces []byte,
 // KeyExchangeFunction is used to make a new KEX
 type KeyExchangeFunction func() crypto.KeyExchange
 
-// The CryptoSetup handles all things crypto for the Session
-type CryptoSetup struct {
+// The CryptoSetupServer handles all things crypto for the Session
+type cryptoSetupServer struct {
 	connID               protocol.ConnectionID
 	ip                   net.IP
 	version              protocol.VersionNumber
@@ -44,7 +44,7 @@ type CryptoSetup struct {
 	mutex sync.RWMutex
 }
 
-var _ crypto.AEAD = &CryptoSetup{}
+var _ crypto.AEAD = &cryptoSetupServer{}
 
 // NewCryptoSetup creates a new CryptoSetup instance
 func NewCryptoSetup(
@@ -53,10 +53,10 @@ func NewCryptoSetup(
 	version protocol.VersionNumber,
 	scfg *ServerConfig,
 	cryptoStream utils.Stream,
-	connectionParameters ConnectionParametersManager,
+	connectionParametersManager ConnectionParametersManager,
 	aeadChanged chan struct{},
-) (*CryptoSetup, error) {
-	return &CryptoSetup{
+) (CryptoSetup, error) {
+	return &cryptoSetupServer{
 		connID:               connID,
 		ip:                   ip,
 		version:              version,
@@ -64,13 +64,13 @@ func NewCryptoSetup(
 		keyDerivation:        crypto.DeriveKeysAESGCM,
 		keyExchange:          getEphermalKEX,
 		cryptoStream:         cryptoStream,
-		connectionParameters: connectionParameters,
+		connectionParameters: connectionParametersManager,
 		aeadChanged:          aeadChanged,
 	}, nil
 }
 
 // HandleCryptoStream reads and writes messages on the crypto stream
-func (h *CryptoSetup) HandleCryptoStream() error {
+func (h *cryptoSetupServer) HandleCryptoStream() error {
 	for {
 		var chloData bytes.Buffer
 		messageTag, cryptoData, err := ParseHandshakeMessage(io.TeeReader(h.cryptoStream, &chloData))
@@ -93,7 +93,7 @@ func (h *CryptoSetup) HandleCryptoStream() error {
 	}
 }
 
-func (h *CryptoSetup) handleMessage(chloData []byte, cryptoData map[Tag][]byte) (bool, error) {
+func (h *cryptoSetupServer) handleMessage(chloData []byte, cryptoData map[Tag][]byte) (bool, error) {
 	sniSlice, ok := cryptoData[TagSNI]
 	if !ok {
 		return false, qerr.Error(qerr.CryptoMessageParameterNotFound, "SNI required")
@@ -153,7 +153,7 @@ func (h *CryptoSetup) handleMessage(chloData []byte, cryptoData map[Tag][]byte)
 }
 
 // Open a message
-func (h *CryptoSetup) Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error) {
+func (h *cryptoSetupServer) Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error) {
 	h.mutex.RLock()
 	defer h.mutex.RUnlock()
 
@@ -181,7 +181,7 @@ func (h *CryptoSetup) Open(dst, src []byte, packetNumber protocol.PacketNumber,
 }
 
 // Seal a message, call LockForSealing() before!
-func (h *CryptoSetup) Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) []byte {
+func (h *cryptoSetupServer) Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) []byte {
 	if h.receivedForwardSecurePacket {
 		return h.forwardSecureAEAD.Seal(dst, src, packetNumber, associatedData)
 	} else if h.secureAEAD != nil {
@@ -191,7 +191,7 @@ func (h *CryptoSetup) Seal(dst, src []byte, packetNumber protocol.PacketNumber,
 	}
 }
 
-func (h *CryptoSetup) isInchoateCHLO(cryptoData map[Tag][]byte, cert []byte) bool {
+func (h *cryptoSetupServer) isInchoateCHLO(cryptoData map[Tag][]byte, cert []byte) bool {
 	if _, ok := cryptoData[TagPUBS]; !ok {
 		return true
 	}
@@ -214,7 +214,7 @@ func (h *CryptoSetup) isInchoateCHLO(cryptoData map[Tag][]byte, cert []byte) boo
 	return false
 }
 
-func (h *CryptoSetup) handleInchoateCHLO(sni string, chlo []byte, cryptoData map[Tag][]byte) ([]byte, error) {
+func (h *cryptoSetupServer) handleInchoateCHLO(sni string, chlo []byte, cryptoData map[Tag][]byte) ([]byte, error) {
 	if len(chlo) < protocol.ClientHelloMinimumSize {
 		return nil, qerr.Error(qerr.CryptoInvalidValueLength, "CHLO too small")
 	}
@@ -254,7 +254,7 @@ func (h *CryptoSetup) handleInchoateCHLO(sni string, chlo []byte, cryptoData map
 	return serverReply.Bytes(), nil
 }
 
-func (h *CryptoSetup) handleCHLO(sni string, data []byte, cryptoData map[Tag][]byte) ([]byte, error) {
+func (h *cryptoSetupServer) handleCHLO(sni string, data []byte, cryptoData map[Tag][]byte) ([]byte, error) {
 	// We have a CHLO matching our server config, we can continue with the 0-RTT handshake
 	sharedSecret, err := h.scfg.kex.CalculateSharedKey(cryptoData[TagPUBS])
 	if err != nil {
@@ -354,7 +354,7 @@ func (h *CryptoSetup) handleCHLO(sni string, data []byte, cryptoData map[Tag][]b
 }
 
 // DiversificationNonce returns a diversification nonce if required in the next packet to be Seal'ed. See LockForSealing()!
-func (h *CryptoSetup) DiversificationNonce() []byte {
+func (h *cryptoSetupServer) DiversificationNonce() []byte {
 	if h.receivedForwardSecurePacket || h.secureAEAD == nil {
 		return nil
 	}
@@ -362,21 +362,21 @@ func (h *CryptoSetup) DiversificationNonce() []byte {
 }
 
 // LockForSealing should be called before Seal(). It is needed so that diversification nonces can be obtained before packets are sealed, and the AEADs are not changed in the meantime.
-func (h *CryptoSetup) LockForSealing() {
+func (h *cryptoSetupServer) LockForSealing() {
 	h.mutex.RLock()
 }
 
 // UnlockForSealing should be called after Seal() is complete, see LockForSealing().
-func (h *CryptoSetup) UnlockForSealing() {
+func (h *cryptoSetupServer) UnlockForSealing() {
 	h.mutex.RUnlock()
 }
 
 // HandshakeComplete returns true after the first forward secure packet was received form the client.
-func (h *CryptoSetup) HandshakeComplete() bool {
+func (h *cryptoSetupServer) HandshakeComplete() bool {
 	return h.receivedForwardSecurePacket
 }
 
-func (h *CryptoSetup) validateClientNonce(nonce []byte) error {
+func (h *cryptoSetupServer) validateClientNonce(nonce []byte) error {
 	if len(nonce) != 32 {
 		return qerr.Error(qerr.InvalidCryptoMessageParameter, "invalid client nonce length")
 	}
diff --git a/handshake/crypto_setup_test.go b/handshake/crypto_setup_server_test.go
similarity index 98%
rename from handshake/crypto_setup_test.go
rename to handshake/crypto_setup_server_test.go
index e6c5708e..beb317b8 100644
--- a/handshake/crypto_setup_test.go
+++ b/handshake/crypto_setup_server_test.go
@@ -138,7 +138,7 @@ var _ = Describe("Crypto setup", func() {
 		kex         *mockKEX
 		signer      *mockSigner
 		scfg        *ServerConfig
-		cs          *CryptoSetup
+		cs          *cryptoSetupServer
 		stream      *mockStream
 		cpm         ConnectionParametersManager
 		aeadChanged chan struct{}
@@ -171,9 +171,10 @@ var _ = Describe("Crypto setup", func() {
 		Expect(err).NotTo(HaveOccurred())
 		scfg.stkSource = &mockStkSource{}
 		v := protocol.SupportedVersions[len(protocol.SupportedVersions)-1]
-		cpm = NewConnectionParamatersManager(protocol.Version36)
-		cs, err = NewCryptoSetup(protocol.ConnectionID(42), ip, v, scfg, stream, cpm, aeadChanged)
+		cpm = NewConnectionParamatersManager(protocol.VersionWhatever)
+		csInt, err := NewCryptoSetup(protocol.ConnectionID(42), ip, v, scfg, stream, cpm, aeadChanged)
 		Expect(err).NotTo(HaveOccurred())
+		cs = csInt.(*cryptoSetupServer)
 		cs.keyDerivation = mockKeyDerivation
 		cs.keyExchange = func() crypto.KeyExchange { return &mockKEX{ephermal: true} }
 	})
diff --git a/packet_packer.go b/packet_packer.go
index c37d0b43..aa49e595 100644
--- a/packet_packer.go
+++ b/packet_packer.go
@@ -19,7 +19,7 @@ type packedPacket struct {
 type packetPacker struct {
 	connectionID protocol.ConnectionID
 	version      protocol.VersionNumber
-	cryptoSetup  *handshake.CryptoSetup
+	cryptoSetup  handshake.CryptoSetup
 
 	packetNumberGenerator *packetNumberGenerator
 
@@ -29,7 +29,7 @@ type packetPacker struct {
 	controlFrames []frames.Frame
 }
 
-func newPacketPacker(connectionID protocol.ConnectionID, cryptoSetup *handshake.CryptoSetup, connectionParameters handshake.ConnectionParametersManager, streamFramer *streamFramer, version protocol.VersionNumber) *packetPacker {
+func newPacketPacker(connectionID protocol.ConnectionID, cryptoSetup handshake.CryptoSetup, connectionParameters handshake.ConnectionParametersManager, streamFramer *streamFramer, version protocol.VersionNumber) *packetPacker {
 	return &packetPacker{
 		cryptoSetup:           cryptoSetup,
 		connectionID:          connectionID,
diff --git a/packet_packer_test.go b/packet_packer_test.go
index cd22f6d9..4345d52e 100644
--- a/packet_packer_test.go
+++ b/packet_packer_test.go
@@ -25,9 +25,11 @@ var _ = Describe("Packet packer", func() {
 
 		cpm := &mockConnectionParametersManager{}
 		streamFramer = newStreamFramer(newStreamsMap(nil, cpm), fcm)
+		cs, err := handshake.NewCryptoSetup(0, nil, protocol.VersionWhatever, nil, nil, nil, nil)
+		Expect(err).ToNot(HaveOccurred())
 
 		packer = &packetPacker{
-			cryptoSetup:           &handshake.CryptoSetup{},
+			cryptoSetup:           cs,
 			connectionParameters:  cpm,
 			packetNumberGenerator: newPacketNumberGenerator(protocol.SkipPacketAveragePeriodLength),
 			streamFramer:          streamFramer,
diff --git a/session.go b/session.go
index 74679229..24a16161 100644
--- a/session.go
+++ b/session.go
@@ -63,7 +63,7 @@ type Session struct {
 	unpacker unpacker
 	packer   *packetPacker
 
-	cryptoSetup *handshake.CryptoSetup
+	cryptoSetup handshake.CryptoSetup
 
 	receivedPackets  chan *receivedPacket
 	sendingScheduled chan struct{}