route/vendor/github.com/lucas-clemente/quic-go/internal/handshake/server_config.go

package handshake

import (
	"bytes"
	"crypto/rand"

	"github.com/lucas-clemente/quic-go/internal/crypto"
)

// ServerConfig is a server config
type ServerConfig struct {
	kex       crypto.KeyExchange
	certChain crypto.CertChain
	ID        []byte
	obit      []byte
	cookieGenerator *CookieGenerator
}

// NewServerConfig creates a new server config
func NewServerConfig(kex crypto.KeyExchange, certChain crypto.CertChain) (*ServerConfig, error) {
	id := make([]byte, 16)
	_, err := rand.Read(id)
	if err != nil {
		return nil, err
	}

	obit := make([]byte, 8)
	if _, err = rand.Read(obit); err != nil {
		return nil, err
	}

	cookieGenerator, err := NewCookieGenerator()

	if err != nil {
		return nil, err
	}

	return &ServerConfig{
		kex:       kex,
		certChain: certChain,
		ID:        id,
		obit:      obit,
		cookieGenerator: cookieGenerator,
	}, nil
}

// Get the server config binary representation
func (s *ServerConfig) Get() []byte {
	var serverConfig bytes.Buffer
	msg := HandshakeMessage{
		Tag: TagSCFG,
		Data: map[Tag][]byte{
			TagSCID: s.ID,
			TagKEXS: []byte("C255"),
			TagAEAD: []byte("AESG"),
			TagPUBS: append([]byte{0x20, 0x00, 0x00}, s.kex.PublicKey()...),
			TagOBIT: s.obit,
			TagEXPY: {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
		},
	}
	msg.Write(&serverConfig)
	return serverConfig.Bytes()
}

// Sign the server config and CHLO with the server's keyData
func (s *ServerConfig) Sign(sni string, chlo []byte) ([]byte, error) {
	return s.certChain.SignServerProof(sni, chlo, s.Get())
}

// GetCertsCompressed returns the certificate data
func (s *ServerConfig) GetCertsCompressed(sni string, commonSetHashes, compressedHashes []byte) ([]byte, error) {
	return s.certChain.GetCertsCompressed(sni, commonSetHashes, compressedHashes)
}
cmd/routed: add quic support 2017-12-12 02:51:45 +00:00			`package handshake`

			`import (`
			`"bytes"`
			`"crypto/rand"`

upgrade all the dependencies 2018-01-03 19:19:49 +00:00			`"github.com/lucas-clemente/quic-go/internal/crypto"`
cmd/routed: add quic support 2017-12-12 02:51:45 +00:00			`)`

			`// ServerConfig is a server config`
			`type ServerConfig struct {`
			`kex crypto.KeyExchange`
			`certChain crypto.CertChain`
			`ID []byte`
			`obit []byte`
upgrade all the dependencies 2018-01-03 19:19:49 +00:00			`cookieGenerator *CookieGenerator`
cmd/routed: add quic support 2017-12-12 02:51:45 +00:00			`}`

			`// NewServerConfig creates a new server config`
			`func NewServerConfig(kex crypto.KeyExchange, certChain crypto.CertChain) (*ServerConfig, error) {`
			`id := make([]byte, 16)`
			`_, err := rand.Read(id)`
			`if err != nil {`
			`return nil, err`
			`}`

			`obit := make([]byte, 8)`
			`if _, err = rand.Read(obit); err != nil {`
			`return nil, err`
			`}`

upgrade all the dependencies 2018-01-03 19:19:49 +00:00			`cookieGenerator, err := NewCookieGenerator()`

cmd/routed: add quic support 2017-12-12 02:51:45 +00:00			`if err != nil {`
			`return nil, err`
			`}`

			`return &ServerConfig{`
			`kex: kex,`
			`certChain: certChain,`
			`ID: id,`
			`obit: obit,`
upgrade all the dependencies 2018-01-03 19:19:49 +00:00			`cookieGenerator: cookieGenerator,`
cmd/routed: add quic support 2017-12-12 02:51:45 +00:00			`}, nil`
			`}`

			`// Get the server config binary representation`
			`func (s *ServerConfig) Get() []byte {`
			`var serverConfig bytes.Buffer`
upgrade all the dependencies 2018-01-03 19:19:49 +00:00			`msg := HandshakeMessage{`
			`Tag: TagSCFG,`
			`Data: map[Tag][]byte{`
			`TagSCID: s.ID,`
			`TagKEXS: []byte("C255"),`
			`TagAEAD: []byte("AESG"),`
			`TagPUBS: append([]byte{0x20, 0x00, 0x00}, s.kex.PublicKey()...),`
			`TagOBIT: s.obit,`
			`TagEXPY: {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},`
			`},`
			`}`
			`msg.Write(&serverConfig)`
cmd/routed: add quic support 2017-12-12 02:51:45 +00:00			`return serverConfig.Bytes()`
			`}`

			`// Sign the server config and CHLO with the server's keyData`
			`func (s *ServerConfig) Sign(sni string, chlo []byte) ([]byte, error) {`
			`return s.certChain.SignServerProof(sni, chlo, s.Get())`
			`}`

			`// GetCertsCompressed returns the certificate data`
			`func (s *ServerConfig) GetCertsCompressed(sni string, commonSetHashes, compressedHashes []byte) ([]byte, error) {`
			`return s.certChain.GetCertsCompressed(sni, commonSetHashes, compressedHashes)`
			`}`