rename crypto.Signer to crypto.CertChain

handshake/crypto_setup_client_test.go

@@ -185,9 +185,9 @@ var _ = Describe("Crypto setup", func() {
 					cs.serverConfig = &serverConfigClient{raw: serverConfigData}
 					certManager.leafCert = leafCert.Raw
 
-					ps, err := crypto.NewProofSource(tlsConfig)
+					cc, err := crypto.NewCertChain(tlsConfig)
 					Expect(err).ToNot(HaveOccurred())
-					signature, err := ps.SignServerProof("", cs.chloForSignature, serverConfigData)
+					signature, err := cc.SignServerProof("", cs.chloForSignature, serverConfigData)
 					Expect(err).ToNot(HaveOccurred())
 					cs.proof = signature
 
@@ -228,9 +228,9 @@ var _ = Describe("Crypto setup", func() {
 					cs.serverConfig = &serverConfigClient{raw: serverConfigData}
 					certManager.leafCert = leafCert.Raw
 
-					ps, err := crypto.NewProofSource(tlsConfig)
+					cc, err := crypto.NewCertChain(tlsConfig)
 					Expect(err).ToNot(HaveOccurred())
-					signature, err := ps.SignServerProof("", cs.chloForSignature, serverConfigData)
+					signature, err := cc.SignServerProof("", cs.chloForSignature, serverConfigData)
 					Expect(err).ToNot(HaveOccurred())
 					cs.proof = signature
 

handshake/crypto_setup_server.go

@@ -122,7 +122,7 @@ func (h *cryptoSetupServer) handleMessage(chloData []byte, cryptoData map[Tag][]
 	var reply []byte
 	var err error
 
-	certUncompressed, err := h.scfg.signer.GetLeafCert(sni)
+	certUncompressed, err := h.scfg.certChain.GetLeafCert(sni)
 	if err != nil {
 		return false, err
 	}
@@ -264,7 +264,7 @@ func (h *cryptoSetupServer) handleCHLO(sni string, data []byte, cryptoData map[T
 	h.mutex.Lock()
 	defer h.mutex.Unlock()
 
-	certUncompressed, err := h.scfg.signer.GetLeafCert(sni)
+	certUncompressed, err := h.scfg.certChain.GetLeafCert(sni)
 	if err != nil {
 		return nil, err
 	}

handshake/crypto_setup_server_test.go

@@ -212,7 +212,7 @@ var _ = Describe("Crypto setup", func() {
 		BeforeEach(func() {
 			xlct = make([]byte, 8)
 			var err error
-			cert, err = cs.scfg.signer.GetLeafCert("")
+			cert, err = cs.scfg.certChain.GetLeafCert("")
 			Expect(err).ToNot(HaveOccurred())
 			binary.LittleEndian.PutUint64(xlct, crypto.HashCert(cert))
 		})

handshake/server_config.go

@@ -9,15 +9,15 @@ import (
 
 // ServerConfig is a server config
 type ServerConfig struct {
+	kex       crypto.KeyExchange
+	certChain crypto.CertChain
 	ID        []byte
 	obit      []byte
-	kex       crypto.KeyExchange
-	signer    crypto.Signer
 	stkSource crypto.StkSource
 }
 
 // NewServerConfig creates a new server config
-func NewServerConfig(kex crypto.KeyExchange, signer crypto.Signer) (*ServerConfig, error) {
+func NewServerConfig(kex crypto.KeyExchange, certChain crypto.CertChain) (*ServerConfig, error) {
 	id := make([]byte, 16)
 	_, err := rand.Read(id)
 	if err != nil {
@@ -40,10 +40,10 @@ func NewServerConfig(kex crypto.KeyExchange, signer crypto.Signer) (*ServerConfi
 	}
 
 	return &ServerConfig{
+		kex:       kex,
+		certChain: certChain,
 		ID:        id,
 		obit:      obit,
-		kex:       kex,
-		signer:    signer,
 		stkSource: stkSource,
 	}, nil
 }
@@ -64,10 +64,10 @@ func (s *ServerConfig) Get() []byte {
 
 // Sign the server config and CHLO with the server's keyData
 func (s *ServerConfig) Sign(sni string, chlo []byte) ([]byte, error) {
-	return s.signer.SignServerProof(sni, chlo, s.Get())
+	return s.certChain.SignServerProof(sni, chlo, s.Get())
 }
 
 // GetCertsCompressed returns the certificate data
 func (s *ServerConfig) GetCertsCompressed(sni string, commonSetHashes, compressedHashes []byte) ([]byte, error) {
-	return s.signer.GetCertsCompressed(sni, commonSetHashes, compressedHashes)
+	return s.certChain.GetCertsCompressed(sni, commonSetHashes, compressedHashes)
 }