quic: use QuicCID more consistently

PR-URL: #286
Reviewed-By: Anna Henningsen <[email protected]>

node.gyp

@@ -1166,6 +1166,7 @@
           ],
           'sources': [
             'test/cctest/test_quic_buffer.cc',
+            'test/cctest/test_quic_cid.cc',
             'test/cctest/test_quic_verifyhostnameidentity.cc'
           ]
         }],

src/quic/node_quic_crypto.cc

@@ -106,7 +106,7 @@ void GenerateRandData(uint8_t* buf, size_t len) {
 bool GenerateResetToken(
     uint8_t* token,
     const uint8_t* secret,
-    const ngtcp2_cid* cid) {
+    const QuicCID& cid) {
   ngtcp2_crypto_ctx ctx;
   ngtcp2_crypto_ctx_initial(&ctx);
   return NGTCP2_OK(ngtcp2_crypto_hkdf_expand(
@@ -123,7 +123,7 @@ bool GenerateRetryToken(
     uint8_t* token,
     size_t* tokenlen,
     const sockaddr* addr,
-    const ngtcp2_cid* ocid,
+    const QuicCID& ocid,
     const uint8_t* token_secret) {
   std::array<uint8_t, 4096> plaintext;
   uint8_t rand_data[kTokenRandLen];
@@ -180,7 +180,7 @@ bool InvalidRetryToken(
     const uint8_t* token,
     size_t tokenlen,
     const sockaddr* addr,
-    ngtcp2_cid* ocid,
+    QuicCID* ocid,
     const uint8_t* token_secret,
     uint64_t verification_expiration) {
 
@@ -245,7 +245,10 @@ bool InvalidRetryToken(
   if (t + verification_expiration * NGTCP2_SECONDS < now)
     return true;
 
-  ngtcp2_cid_init(ocid, plaintext.data() + addrlen + sizeof(uint64_t), cil);
+  ngtcp2_cid_init(
+      ocid->cid(),
+      plaintext.data() + addrlen + sizeof(uint64_t),
+      cil);
 
   return false;
 }
@@ -786,7 +789,7 @@ bool SetCryptoSecrets(
 
 bool DeriveAndInstallInitialKey(
     QuicSession* session,
-    const ngtcp2_cid* dcid) {
+    const QuicCID& dcid) {
   uint8_t initial_secret[NGTCP2_CRYPTO_INITIAL_SECRETLEN];
   uint8_t rx_secret[NGTCP2_CRYPTO_INITIAL_SECRETLEN];
   uint8_t tx_secret[NGTCP2_CRYPTO_INITIAL_SECRETLEN];
@@ -807,7 +810,7 @@ bool DeriveAndInstallInitialKey(
       tx_key,
       tx_iv,
       tx_hp,
-      dcid,
+      dcid.cid(),
       session->crypto_context()->side()));
 }
 

src/quic/node_quic_crypto.h

@@ -51,7 +51,7 @@ void InitializeTLS(QuicSession* session);
 // client hello.
 bool DeriveAndInstallInitialKey(
     QuicSession* session,
-    const ngtcp2_cid* dcid);
+    const QuicCID& dcid);
 
 // Generates a stateless reset token using HKDF with the
 // cid and token secret as input. The token secret is
@@ -67,7 +67,7 @@ bool DeriveAndInstallInitialKey(
 bool GenerateResetToken(
     uint8_t* token,
     const uint8_t* secret,
-    const ngtcp2_cid* cid);
+    const QuicCID& cid);
 
 // The Retry Token is an encrypted token that is sent to the client
 // by the server as part of the path validation flow. The plaintext
@@ -82,7 +82,7 @@ bool GenerateRetryToken(
     uint8_t* token,
     size_t* tokenlen,
     const sockaddr* addr,
-    const ngtcp2_cid* ocid,
+    const QuicCID& ocid,
     const uint8_t* token_secret);
 
 // Verifies the validity of a retry token. Returns true if the
@@ -91,7 +91,7 @@ bool InvalidRetryToken(
     const uint8_t* token,
     size_t tokenlen,
     const sockaddr* addr,
-    ngtcp2_cid* ocid,
+    QuicCID* ocid,
     const uint8_t* token_secret,
     uint64_t verification_expiration);
 

src/quic/node_quic_session-inl.h

@@ -23,7 +23,7 @@ namespace quic {
 void QuicSessionConfig::GenerateStatelessResetToken(
     StatelessResetTokenStrategy strategy,
     QuicSession* session,
-    ngtcp2_cid* cid) {
+    const QuicCID& cid) {
   transport_params.stateless_reset_token_present = 1;
   strategy(
       session,
@@ -36,18 +36,18 @@ void QuicSessionConfig::GeneratePreferredAddressToken(
     ConnectionIDStrategy connection_id_strategy,
     StatelessResetTokenStrategy stateless_reset_strategy,
     QuicSession* session,
-    ngtcp2_cid* pscid) {
+    QuicCID* pscid) {
 
-  connection_id_strategy(session, pscid, kScidLen);
+  connection_id_strategy(session, pscid->cid(), kScidLen);
   stateless_reset_strategy(
       session,
-      pscid,
+      *pscid,
       transport_params.preferred_address.stateless_reset_token,
       NGTCP2_STATELESS_RESET_TOKENLEN);
-  transport_params.preferred_address.cid = *pscid;
+  transport_params.preferred_address.cid = **pscid;
 }
 
-void QuicSessionConfig::set_original_connection_id(const ngtcp2_cid* ocid) {
+void QuicSessionConfig::set_original_connection_id(const QuicCID& ocid) {
   if (ocid) {
     transport_params.original_connection_id = *ocid;
     transport_params.original_connection_id_present = 1;
@@ -130,7 +130,7 @@ void QuicCryptoContext::set_tls_alert(int err) {
 
 // Derives and installs the initial keying material for a newly
 // created session.
-bool QuicCryptoContext::SetupInitialKey(const ngtcp2_cid* dcid) {
+bool QuicCryptoContext::SetupInitialKey(const QuicCID& dcid) {
   Debug(session(), "Deriving and installing initial keys");
   return DeriveAndInstallInitialKey(session(), dcid);
 }
@@ -176,13 +176,13 @@ Environment* QuicApplication::env() const {
 }
 
 // Every QUIC session will have multiple CIDs associated with it.
-void QuicSession::AssociateCID(ngtcp2_cid* cid) {
-  socket()->AssociateCID(QuicCID(cid), QuicCID(scid_));
+void QuicSession::AssociateCID(const QuicCID& cid) {
+  socket()->AssociateCID(cid, scid_);
 }
 
-void QuicSession::DisassociateCID(const ngtcp2_cid* cid) {
+void QuicSession::DisassociateCID(const QuicCID& cid) {
   if (is_server())
-    socket()->DisassociateCID(QuicCID(cid));
+    socket()->DisassociateCID(cid);
 }
 
 void QuicSession::ExtendMaxStreamData(int64_t stream_id, uint64_t max_data) {
@@ -284,11 +284,15 @@ void QuicSession::GetConnectionCloseInfo() {
 }
 
 // Removes the given connection id from the QuicSession.
-void QuicSession::RemoveConnectionID(const ngtcp2_cid* cid) {
+void QuicSession::RemoveConnectionID(const QuicCID& cid) {
   if (!is_flag_set(QUICSESSION_FLAG_DESTROYED))
     DisassociateCID(cid);
 }
 
+QuicCID QuicSession::dcid() const {
+  return QuicCID(ngtcp2_conn_get_dcid(connection()));
+}
+
 // The retransmit timer allows us to trigger retransmission
 // of packets in case they are considered lost. The exact amount
 // of time is determined internally by ngtcp2 according to the