Rename PacketEncoder/Decoder to PacketEncryptor/Decryptor.

src/Tmds.Ssh/AesGcmPacketDecoder.cs → src/Tmds.Ssh/AesGcmPacketDecryptor.cs

@@ -7,7 +7,7 @@
 
 namespace Tmds.Ssh;
 
-sealed class AesGcmPacketDecoder : IPacketDecoder
+sealed class AesGcmPacketDecryptor : IPacketDecryptor
 {
     private const int AesBlockSize = 16;
 
@@ -16,7 +16,7 @@ sealed class AesGcmPacketDecoder : IPacketDecoder
     private readonly SequencePool _sequencePool;
     private readonly int _tagLength;
 
-    public AesGcmPacketDecoder(SequencePool sequencePool, byte[] key, byte[] iv, int tagLength)
+    public AesGcmPacketDecryptor(SequencePool sequencePool, byte[] key, byte[] iv, int tagLength)
     {
         _iv = iv;
         _tagLength = tagLength;
@@ -29,7 +29,7 @@ public void Dispose()
         _aesGcm.Dispose();
     }
 
-    public bool TryDecodePacket(Sequence receiveBuffer, uint sequenceNumber, int maxLength, out Packet packet)
+    public bool TryDecrypt(Sequence receiveBuffer, uint sequenceNumber, int maxLength, out Packet packet)
     {
         packet = new Packet(null);
 

src/Tmds.Ssh/AesGcmPacketEncoder.cs → src/Tmds.Ssh/AesGcmPacketEncryptor.cs

@@ -7,15 +7,15 @@
 
 namespace Tmds.Ssh;
 
-sealed class AesGcmPacketEncoder : IPacketEncoder
+sealed class AesGcmPacketEncryptor : IPacketEncryptor
 {
     private const int AesBlockSize = 16;
 
     private readonly AesGcm _aesGcm;
     private readonly byte[] _iv;
     private readonly int _tagLength;
 
-    public AesGcmPacketEncoder(byte[] key, byte[] iv, int tagLength)
+    public AesGcmPacketEncryptor(byte[] key, byte[] iv, int tagLength)
     {
         _iv = iv;
         _tagLength = tagLength;
@@ -27,7 +27,7 @@ public void Dispose()
         _aesGcm.Dispose();
     }
 
-    public void Encode(uint sequenceNumber, Packet packet, Sequence output)
+    public void Encrypt(uint sequenceNumber, Packet packet, Sequence output)
     {
         using var pkt = packet.Move(); // Dispose the packet.
 
@@ -37,7 +37,7 @@ public void Encode(uint sequenceNumber, Packet packet, Sequence output)
         //     byte      padding_length; // 4 <= padding_length < 256
         //     byte[n1]  payload;        // n1 = packet_length-padding_length-1
         //     byte[n2]  random_padding; // n2 = padding_length
-        byte padding_length = IPacketEncoder.DeterminePaddingLength(payload_length + 1, multipleOf: AesBlockSize);
+        byte padding_length = IPacketEncryptor.DeterminePaddingLength(payload_length + 1, multipleOf: AesBlockSize);
         pkt.WriteHeaderAndPadding(padding_length);
 
         var unencrypted_packet = pkt.AsReadOnlySequence();

src/Tmds.Ssh/ChaCha20Poly1305PacketDecoder.cs → src/Tmds.Ssh/ChaCha20Poly1305PacketDecryptor.cs

@@ -7,12 +7,12 @@
 
 namespace Tmds.Ssh;
 
-sealed class ChaCha20Poly1305PacketDecoder : ChaCha20Poly1305PacketEncDecBase, IPacketDecoder
+sealed class ChaCha20Poly1305PacketDecryptor : ChaCha20Poly1305PacketEncDecBase, IPacketDecryptor
 {
     private readonly SequencePool _sequencePool;
     private int _currentPacketLength = -1;
 
-    public ChaCha20Poly1305PacketDecoder(SequencePool sequencePool, byte[] key) :
+    public ChaCha20Poly1305PacketDecryptor(SequencePool sequencePool, byte[] key) :
         base(key)
     {
         _sequencePool = sequencePool;
@@ -21,7 +21,7 @@ public ChaCha20Poly1305PacketDecoder(SequencePool sequencePool, byte[] key) :
     public void Dispose()
     { }
 
-    public bool TryDecodePacket(Sequence receiveBuffer, uint sequenceNumber, int maxLength, out Packet packet)
+    public bool TryDecrypt(Sequence receiveBuffer, uint sequenceNumber, int maxLength, out Packet packet)
     {
         packet = new Packet(null);
 

src/Tmds.Ssh/ChaCha20Poly1305PacketEncoder.cs → src/Tmds.Ssh/ChaCha20Poly1305PacketEncryptor.cs

@@ -6,16 +6,16 @@
 namespace Tmds.Ssh;
 
 // https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.chacha20poly1305?annotate=HEAD
-sealed class ChaCha20Poly1305PacketEncoder : ChaCha20Poly1305PacketEncDecBase, IPacketEncoder
+sealed class ChaCha20Poly1305PacketEncryptor : ChaCha20Poly1305PacketEncDecBase, IPacketEncryptor
 {
-    public ChaCha20Poly1305PacketEncoder(byte[] key) :
+    public ChaCha20Poly1305PacketEncryptor(byte[] key) :
         base(key)
     { }
 
     public void Dispose()
     { }
 
-    public void Encode(uint sequenceNumber, Packet packet, Sequence output)
+    public void Encrypt(uint sequenceNumber, Packet packet, Sequence output)
     {
         using var pkt = packet.Move(); // Dispose the packet.
 
@@ -27,7 +27,7 @@ public void Encode(uint sequenceNumber, Packet packet, Sequence output)
         //     byte      padding_length; // 4 <= padding_length < 256
         //     byte[n1]  payload;        // n1 = packet_length-padding_length-1
         //     byte[n2]  random_padding; // n2 = padding_length
-        byte padding_length = IPacketEncoder.DeterminePaddingLength(payload_length + 1, multipleOf: PaddTo);
+        byte padding_length = IPacketEncryptor.DeterminePaddingLength(payload_length + 1, multipleOf: PaddTo);
         pkt.WriteHeaderAndPadding(padding_length);
 
         var unencrypted_packet = pkt.AsReadOnlySequence();

src/Tmds.Ssh/IPacketDecryptor.cs

@@ -0,0 +1,9 @@
+// This file is part of Tmds.Ssh which is released under MIT.
+// See file LICENSE for full license details.
+
+namespace Tmds.Ssh;
+
+interface IPacketDecryptor : IDisposable
+{
+    bool TryDecrypt(Sequence receiveBuffer, uint sequenceNumber, int maxLength, out Packet packet);
+}

src/Tmds.Ssh/IPacketEncoder.cs → src/Tmds.Ssh/IPacketEncryptor.cs

@@ -3,9 +3,9 @@
 
 namespace Tmds.Ssh;
 
-interface IPacketEncoder : IDisposable
+interface IPacketEncryptor : IDisposable
 {
-    public void Encode(uint sequenceNumber, Packet packet, Sequence buffer);
+    public void Encrypt(uint sequenceNumber, Packet packet, Sequence buffer);
 
     protected static byte DeterminePaddingLength(uint length, uint multipleOf)
     {

src/Tmds.Ssh/KeyExchangeContext.cs

@@ -77,8 +77,8 @@ private bool CheckPacketForReturn(MessageId expected, Packet packet)
     public ValueTask SendPacketAsync(Packet packet, CancellationToken ct)
         => _connection.SendPacketAsync(packet, ct);
 
-    public void SetEncoderDecoder(IPacketEncoder packetEncoder, IPacketDecoder packetDecoder)
-        => _connection.SetEncoderDecoder(packetEncoder, packetDecoder);
+    public void SetEncryptorDecryptor(IPacketEncryptor encryptor, IPacketDecryptor decryptor)
+        => _connection.SetEncryptorDecryptor(encryptor, decryptor);
 
     public required List<Name> KeyExchangeAlgorithms { get; init; }
     public required List<Name> ServerHostKeyAlgorithms { get; init; }

src/Tmds.Ssh/PacketEncryptionAlgorithm.cs

@@ -0,0 +1,92 @@
+// This file is part of Tmds.Ssh which is released under MIT.
+// See file LICENSE for full license details.
+
+namespace Tmds.Ssh;
+
+sealed class PacketEncryptionAlgorithm
+{
+    private readonly Func<PacketEncryptionAlgorithm, byte[], byte[], HMacAlgorithm?, byte[], IPacketEncryptor> _createPacketEncryptor;
+    private readonly Func<PacketEncryptionAlgorithm, SequencePool, byte[], byte[], HMacAlgorithm?, byte[], IPacketDecryptor> _createPacketDecryptor;
+
+    private PacketEncryptionAlgorithm(int keyLength, int ivLength,
+            Func<PacketEncryptionAlgorithm, byte[], byte[], HMacAlgorithm?, byte[], IPacketEncryptor> createPacketEncryptor,
+            Func<PacketEncryptionAlgorithm, SequencePool, byte[], byte[], HMacAlgorithm?, byte[], IPacketDecryptor> createPacketDecryptor,
+            bool isAuthenticated = false,
+            int tagLength = 0)
+    {
+        KeyLength = keyLength;
+        IVLength = ivLength;
+        IsAuthenticated = isAuthenticated;
+        TagLength = tagLength;
+        _createPacketEncryptor = createPacketEncryptor;
+        _createPacketDecryptor = createPacketDecryptor;
+    }
+
+    public int KeyLength { get; }
+    public int IVLength { get; }
+    public bool IsAuthenticated { get; }
+    public int TagLength { get; } // When IsAuthenticated == true
+
+    public IPacketEncryptor CreatePacketEncryptor(byte[] key, byte[] iv, HMacAlgorithm? hmacAlgorithm, byte[] hmacKey)
+    {
+        CheckArguments(this, key, iv, hmacAlgorithm, hmacKey);
+        return _createPacketEncryptor(this, key, iv, hmacAlgorithm, hmacKey);
+    }
+
+    public IPacketDecryptor CreatePacketDecryptor(SequencePool sequencePool, byte[] key, byte[] iv, HMacAlgorithm? hmacAlgorithm, byte[] hmacKey)
+    {
+        CheckArguments(this, key, iv, hmacAlgorithm, hmacKey);
+        return _createPacketDecryptor(this, sequencePool, key, iv, hmacAlgorithm, hmacKey);
+    }
+
+    private static void CheckArguments(PacketEncryptionAlgorithm algorithm, byte[] key, byte[] iv, HMacAlgorithm? hmacAlgorithm, byte[] hmacKey)
+    {
+        if (algorithm.IVLength != iv.Length)
+        {
+            throw new ArgumentException(nameof(iv));
+        }
+        if (algorithm.KeyLength != key.Length)
+        {
+            throw new ArgumentException(nameof(key));
+        }
+        if (algorithm.IsAuthenticated && hmacAlgorithm is not null)
+        {
+            throw new ArgumentException(nameof(hmacAlgorithm));
+        }
+        if (hmacAlgorithm is null && hmacKey.Length > 0)
+        {
+            throw new ArgumentException(nameof(hmacKey));
+        }
+    }
+
+    public static PacketEncryptionAlgorithm Find(Name name)
+        => _algorithms[name];
+
+    private static Dictionary<Name, PacketEncryptionAlgorithm> _algorithms = new()
+        {
+            { AlgorithmNames.Aes128Gcm,
+                new PacketEncryptionAlgorithm(keyLength: 128 / 8, ivLength: 12,
+                    (PacketEncryptionAlgorithm algorithm, byte[] key, byte[] iv, HMacAlgorithm? hmac, byte[] hmacKey)
+                        => new AesGcmPacketEncryptor(key, iv, algorithm.TagLength),
+                    (PacketEncryptionAlgorithm algorithm, SequencePool sequencePool, byte[] key, byte[] iv, HMacAlgorithm? hmac, byte[] hmacKey)
+                        => new AesGcmPacketDecryptor(sequencePool, key, iv, algorithm.TagLength),
+                        isAuthenticated: true,
+                        tagLength: 16) },
+            { AlgorithmNames.Aes256Gcm,
+                new PacketEncryptionAlgorithm(keyLength: 256 / 8, ivLength: 12,
+                    (PacketEncryptionAlgorithm algorithm, byte[] key, byte[] iv, HMacAlgorithm? hmac, byte[] hmacKey)
+                        => new AesGcmPacketEncryptor(key, iv, algorithm.TagLength),
+                    (PacketEncryptionAlgorithm algorithm, SequencePool sequencePool, byte[] key, byte[] iv, HMacAlgorithm? hmac, byte[] hmacKey)
+                        => new AesGcmPacketDecryptor(sequencePool, key, iv, algorithm.TagLength),
+                        isAuthenticated: true,
+                        tagLength: 16) },
+            { AlgorithmNames.ChaCha20Poly1305,
+                new PacketEncryptionAlgorithm(keyLength: 512 / 8, ivLength: 0,
+                    (PacketEncryptionAlgorithm algorithm, byte[] key, byte[] iv, HMacAlgorithm? hmac, byte[] hmacKey)
+                        => new ChaCha20Poly1305PacketEncryptor(key),
+                    (PacketEncryptionAlgorithm algorithm, SequencePool sequencePool, byte[] key, byte[] iv, HMacAlgorithm? hmac, byte[] hmacKey)
+                        => new ChaCha20Poly1305PacketDecryptor(sequencePool, key),
+                        isAuthenticated: true,
+                        tagLength: ChaCha20Poly1305PacketEncryptor.TagSize) },
+        };
+}