Factory methods for segmented connection writers.

api/net/sf/briar/api/transport/ConnectionWriterFactory.java

@@ -2,20 +2,21 @@ package net.sf.briar.api.transport;
 
 import java.io.OutputStream;
 
+import net.sf.briar.api.plugins.SegmentSink;
+
 public interface ConnectionWriterFactory {
 
 	/**
-	 * Creates a connection writer for a simplex connection or the initiator's
+	 * Creates a connection writer for a simplex connection or one side of a
-	 * side of a duplex connection. The secret is erased before this method
+	 * duplex connection. The secret is erased before this method returns.
-	 * returns.
 	 */
 	ConnectionWriter createConnectionWriter(OutputStream out, long capacity,
-			byte[] secret);
+			byte[] secret, boolean initiator);
 
 	/**
-	 * Creates a connection writer for the responder's side of a duplex
+	 * Creates a connection writer for a simplex connection or one side of a
-	 * connection. The secret is erased before this method returns.
+	 * duplex connection. The secret is erased before this method returns.
 	 */
-	ConnectionWriter createConnectionWriter(OutputStream out, long capacity,
+	ConnectionWriter createConnectionWriter(SegmentSink out, long capacity,
-			byte[] secret, byte[] tag);
+			byte[] secret, boolean initiator);
 }

components/net/sf/briar/protocol/duplex/IncomingDuplexConnection.java

@@ -48,6 +48,6 @@ class IncomingDuplexConnection extends DuplexConnection {
 	protected ConnectionWriter createConnectionWriter() throws IOException {
 		return connWriterFactory.createConnectionWriter(
 				transport.getOutputStream(), Long.MAX_VALUE, ctx.getSecret(),
-				tag);
+				false);
 	}
 }

components/net/sf/briar/protocol/duplex/OutgoingDuplexConnection.java

@@ -60,6 +60,7 @@ class OutgoingDuplexConnection extends DuplexConnection {
 				ctx = db.getConnectionContext(contactId, transportIndex);
 		}
 		return connWriterFactory.createConnectionWriter(
-				transport.getOutputStream(), Long.MAX_VALUE, ctx.getSecret());
+				transport.getOutputStream(), Long.MAX_VALUE, ctx.getSecret(),
+				true);
 	}
 }

components/net/sf/briar/protocol/simplex/OutgoingSimplexConnection.java

@@ -62,7 +62,7 @@ class OutgoingSimplexConnection {
 					transportIndex);
 			ConnectionWriter conn = connFactory.createConnectionWriter(
 					transport.getOutputStream(), transport.getCapacity(),
-					ctx.getSecret());
+					ctx.getSecret(), true);
 			OutputStream out = conn.getOutputStream();
 			ProtocolWriter writer = protoFactory.createProtocolWriter(out,
 					transport.shouldFlush());

components/net/sf/briar/transport/ConnectionWriterFactoryImpl.java

@@ -7,6 +7,7 @@ import javax.crypto.Mac;
 
 import net.sf.briar.api.crypto.CryptoComponent;
 import net.sf.briar.api.crypto.ErasableKey;
+import net.sf.briar.api.plugins.SegmentSink;
 import net.sf.briar.api.transport.ConnectionWriter;
 import net.sf.briar.api.transport.ConnectionWriterFactory;
 import net.sf.briar.util.ByteUtils;
@@ -23,23 +24,7 @@ class ConnectionWriterFactoryImpl implements ConnectionWriterFactory {
 	}
 
 	public ConnectionWriter createConnectionWriter(OutputStream out,
-			long capacity, byte[] secret) {
+			long capacity, byte[] secret, boolean initiator) {
-		return createConnectionWriter(out, capacity, true, secret);
-	}
-
-	public ConnectionWriter createConnectionWriter(OutputStream out,
-			long capacity, byte[] secret, byte[] tag) {
-		// Validate the tag
-		Cipher tagCipher = crypto.getTagCipher();
-		ErasableKey tagKey = crypto.deriveTagKey(secret, true);
-		long segmentNumber = TagEncoder.decodeTag(tag, tagCipher, tagKey);
-		tagKey.erase();
-		if(segmentNumber != 0) throw new IllegalArgumentException();
-		return createConnectionWriter(out, capacity, false, secret);
-	}
-
-	private ConnectionWriter createConnectionWriter(OutputStream out,
-			long capacity, boolean initiator, byte[] secret) {
 		// Derive the keys and erase the secret
 		ErasableKey tagKey = crypto.deriveTagKey(secret, initiator);
 		ErasableKey frameKey = crypto.deriveFrameKey(secret, initiator);
@@ -57,4 +42,25 @@ class ConnectionWriterFactoryImpl implements ConnectionWriterFactory {
 		Mac mac = crypto.getMac();
 		return new ConnectionWriterImpl(correcter, mac, macKey);
 	}
+
+	public ConnectionWriter createConnectionWriter(SegmentSink out,
+			long capacity, byte[] secret, boolean initiator) {
+		// Derive the keys and erase the secret
+		ErasableKey tagKey = crypto.deriveTagKey(secret, initiator);
+		ErasableKey frameKey = crypto.deriveFrameKey(secret, initiator);
+		ErasableKey macKey = crypto.deriveMacKey(secret, initiator);
+		ByteUtils.erase(secret);
+		// Create the encrypter
+		Cipher tagCipher = crypto.getTagCipher();
+		Cipher frameCipher = crypto.getFrameCipher();
+		OutgoingEncryptionLayer encrypter =
+			new OutgoingSegmentedEncryptionLayer(out, capacity, tagCipher,
+					frameCipher, tagKey, frameKey, false);
+		// No error correction
+		OutgoingErrorCorrectionLayer correcter =
+			new NullOutgoingErrorCorrectionLayer(encrypter);
+		// Create the writer
+		Mac mac = crypto.getMac();
+		return new ConnectionWriterImpl(correcter, mac, macKey);
+	}
 }

test/net/sf/briar/ProtocolIntegrationTest.java

@@ -136,7 +136,7 @@ public class ProtocolIntegrationTest extends BriarTestCase {
 	private byte[] write() throws Exception {
 		ByteArrayOutputStream out = new ByteArrayOutputStream();
 		ConnectionWriter conn = connectionWriterFactory.createConnectionWriter(
-				out, Long.MAX_VALUE, secret.clone());
+				out, Long.MAX_VALUE, secret.clone(), true);
 		OutputStream out1 = conn.getOutputStream();
 		ProtocolWriter writer = protocolWriterFactory.createProtocolWriter(out1,
 				false);

test/net/sf/briar/transport/ConnectionWriterTest.java

@@ -45,7 +45,7 @@ public class ConnectionWriterTest extends BriarTestCase {
 		ByteArrayOutputStream out =
 			new ByteArrayOutputStream(MIN_CONNECTION_LENGTH);
 		ConnectionWriter w = connectionWriterFactory.createConnectionWriter(out,
-				MIN_CONNECTION_LENGTH, secret);
+				MIN_CONNECTION_LENGTH, secret, true);
 		// Check that the connection writer thinks there's room for a packet
 		long capacity = w.getRemainingCapacity();
 		assertTrue(capacity >= MAX_PACKET_LENGTH);