don't use trial decryption for IETF QUIC

internal/handshake/interface.go

@@ -35,9 +35,7 @@ type MintTLS interface {
 	SetCryptoStream(io.ReadWriter)
 }
 
-// CryptoSetup is a crypto setup
-type CryptoSetup interface {
-	Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error)
+type baseCryptoSetup interface {
 	HandleCryptoStream() error
 	ConnectionState() ConnectionState
 
@@ -46,6 +44,21 @@ type CryptoSetup interface {
 	GetSealerForCryptoStream() (protocol.EncryptionLevel, Sealer)
 }
 
+// CryptoSetup is the crypto setup used by gQUIC
+type CryptoSetup interface {
+	baseCryptoSetup
+
+	Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error)
+}
+
+// CryptoSetupTLS is the crypto setup used by IETF QUIC
+type CryptoSetupTLS interface {
+	baseCryptoSetup
+
+	OpenHandshake(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error)
+	Open1RTT(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error)
+}
+
 // ConnectionState records basic details about the QUIC connection.
 // Warning: This API should not be considered stable and might change soon.
 type ConnectionState struct {