Landing Recent QUIC changes until 5:30 PM, Feb 3, 2017 UTC-5

net/quic/test_tools/crypto_test_utils.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/test_tools/crypto_test_utils.h"
 
 #include <memory>
 
 #include "crypto/openssl_util.h"
 #include "crypto/secure_hash.h"
 #include "net/quic/core/crypto/channel_id.h"
 #include "net/quic/core/crypto/common_cert_set.h"
 #include "net/quic/core/crypto/crypto_handshake.h"
 #include "net/quic/core/crypto/crypto_server_config_protobuf.h"
 #include "net/quic/core/crypto/quic_crypto_server_config.h"
 #include "net/quic/core/crypto/quic_decrypter.h"
 #include "net/quic/core/crypto/quic_encrypter.h"
 #include "net/quic/core/crypto/quic_random.h"
 #include "net/quic/core/quic_crypto_client_stream.h"
 #include "net/quic/core/quic_crypto_server_stream.h"
 #include "net/quic/core/quic_crypto_stream.h"
 #include "net/quic/core/quic_server_id.h"
 #include "net/quic/core/quic_utils.h"
 #include "net/quic/platform/api/quic_clock.h"
 #include "net/quic/platform/api/quic_logging.h"
 #include "net/quic/platform/api/quic_socket_address.h"
 #include "net/quic/platform/api/quic_text_utils.h"
 #include "net/quic/test_tools/quic_connection_peer.h"
 #include "net/quic/test_tools/quic_framer_peer.h"
+#include "net/quic/test_tools/quic_stream_peer.h"
 #include "net/quic/test_tools/quic_test_utils.h"
 #include "net/quic/test_tools/simple_quic_framer.h"
 #include "third_party/boringssl/src/include/openssl/bn.h"
 #include "third_party/boringssl/src/include/openssl/ec.h"
 #include "third_party/boringssl/src/include/openssl/ecdsa.h"
 #include "third_party/boringssl/src/include/openssl/evp.h"
 #include "third_party/boringssl/src/include/openssl/obj_mac.h"
 #include "third_party/boringssl/src/include/openssl/sha.h"
 
 using base::StringPiece;
 using std::string;
 
 namespace net {
 namespace test {
+namespace crypto_test_utils {
 
 namespace {
 
 // CryptoFramerVisitor is a framer visitor that records handshake messages.
 class CryptoFramerVisitor : public CryptoFramerVisitorInterface {
  public:
   CryptoFramerVisitor() : error_(false) {}
 
   void OnError(CryptoFramer* framer) override { error_ = true; }
 
@@ skipping 25 matching lines @@
   }
   if (c >= 'A' && c <= 'F') {
     *value = c - 'A' + 10;
     return true;
   }
   return false;
 }
 
 // A ChannelIDSource that works in asynchronous mode unless the |callback|
 // argument to GetChannelIDKey is nullptr.
-class AsyncTestChannelIDSource : public ChannelIDSource,
-                                 public CryptoTestUtils::CallbackSource {
+class AsyncTestChannelIDSource : public ChannelIDSource, public CallbackSource {
  public:
   // Takes ownership of |sync_source|, a synchronous ChannelIDSource.
   explicit AsyncTestChannelIDSource(ChannelIDSource* sync_source)
       : sync_source_(sync_source) {}
   ~AsyncTestChannelIDSource() override {}
 
   // ChannelIDSource implementation.
   QuicAsyncStatus GetChannelIDKey(const string& hostname,
                                   std::unique_ptr<ChannelIDKey>* channel_id_key,
                                   ChannelIDSourceCallback* callback) override {
@@ skipping 152 matching lines @@
     bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());
     // EVP_PKEY_set1_EC_KEY takes a reference so no |release| here.
     EVP_PKEY_set1_EC_KEY(pkey.get(), ecdsa_key.get());
 
     return pkey.release();
   }
 };
 
 }  // anonymous namespace
 
-CryptoTestUtils::FakeServerOptions::FakeServerOptions() {}
+FakeServerOptions::FakeServerOptions() {}
 
-CryptoTestUtils::FakeServerOptions::~FakeServerOptions() {}
+FakeServerOptions::~FakeServerOptions() {}
 
-CryptoTestUtils::FakeClientOptions::FakeClientOptions()
+FakeClientOptions::FakeClientOptions()
     : channel_id_enabled(false), channel_id_source_async(false) {}
 
-CryptoTestUtils::FakeClientOptions::~FakeClientOptions() {}
+FakeClientOptions::~FakeClientOptions() {}
 
 namespace {
 // This class is used by GenerateFullCHLO() to extract SCID and STK from
 // REJ/SREJ and to construct a full CHLO with these fields and given inchoate
 // CHLO.
 class FullChloGenerator {
  public:
   FullChloGenerator(
       QuicCryptoServerConfig* crypto_config,
       QuicSocketAddress server_addr,
@@ skipping 80 matching lines @@
     ASSERT_TRUE(rej->GetStringPiece(kSCFG, &scfg));
     std::unique_ptr<CryptoHandshakeMessage> server_config(
         CryptoFramer::ParseMessage(scfg));
 
     StringPiece scid;
     ASSERT_TRUE(server_config->GetStringPiece(kSCID, &scid));
 
     *out_ = result_->client_hello;
     out_->SetStringPiece(kSCID, scid);
     out_->SetStringPiece(kSourceAddressTokenTag, srct);
-    uint64_t xlct = CryptoTestUtils::LeafCertHashForTesting();
+    uint64_t xlct = LeafCertHashForTesting();
     out_->SetValue(kXLCT, xlct);
   }
 
  protected:
   QuicCryptoServerConfig* crypto_config_;
   QuicSocketAddress server_addr_;
   QuicSocketAddress client_addr_;
   const QuicClock* clock_;
   QuicReferenceCountedPointer<QuicSignedServerConfig> signed_config_;
   QuicCompressedCertsCache* compressed_certs_cache_;
   CryptoHandshakeMessage* out_;
 
   QuicReferenceCountedPointer<QuicCryptoNegotiatedParameters> params_;
   QuicReferenceCountedPointer<ValidateClientHelloResultCallback::Result>
       result_;
 };
 
 }  // namespace
 
-// static
-int CryptoTestUtils::HandshakeWithFakeServer(
-    QuicConfig* server_quic_config,
-    MockQuicConnectionHelper* helper,
-    MockAlarmFactory* alarm_factory,
-    PacketSavingConnection* client_conn,
-    QuicCryptoClientStream* client,
-    const FakeServerOptions& options) {
+int HandshakeWithFakeServer(QuicConfig* server_quic_config,
+                            MockQuicConnectionHelper* helper,
+                            MockAlarmFactory* alarm_factory,
+                            PacketSavingConnection* client_conn,
+                            QuicCryptoClientStream* client,
+                            const FakeServerOptions& options) {
   PacketSavingConnection* server_conn =
       new PacketSavingConnection(helper, alarm_factory, Perspective::IS_SERVER,
                                  client_conn->supported_versions());
 
   QuicCryptoServerConfig crypto_config(QuicCryptoServerConfig::TESTING,
                                        QuicRandom::GetInstance(),
                                        ProofSourceForTesting());
   QuicCompressedCertsCache compressed_certs_cache(
       QuicCompressedCertsCache::kQuicCompressedCertsCacheSize);
   SetupCryptoServerConfigForTest(server_conn->clock(),
                                  server_conn->random_generator(),
                                  &crypto_config, options);
 
   TestQuicSpdyServerSession server_session(server_conn, *server_quic_config,
                                            &crypto_config,
                                            &compressed_certs_cache);
 
   // The client's handshake must have been started already.
   CHECK_NE(0u, client_conn->encrypted_packets_.size());
 
   CommunicateHandshakeMessages(client_conn, client, server_conn,
                                server_session.GetCryptoStream());
   CompareClientAndServerKeys(client, server_session.GetCryptoStream());
 
   return client->num_sent_client_hellos();
 }
 
-// static
-int CryptoTestUtils::HandshakeWithFakeClient(
-    MockQuicConnectionHelper* helper,
-    MockAlarmFactory* alarm_factory,
-    PacketSavingConnection* server_conn,
-    QuicCryptoServerStream* server,
-    const QuicServerId& server_id,
-    const FakeClientOptions& options) {
+int HandshakeWithFakeClient(MockQuicConnectionHelper* helper,
+                            MockAlarmFactory* alarm_factory,
+                            PacketSavingConnection* server_conn,
+                            QuicCryptoServerStream* server,
+                            const QuicServerId& server_id,
+                            const FakeClientOptions& options) {
   PacketSavingConnection* client_conn =
       new PacketSavingConnection(helper, alarm_factory, Perspective::IS_CLIENT);
   // Advance the time, because timers do not like uninitialized times.
   client_conn->AdvanceTime(QuicTime::Delta::FromSeconds(1));
 
   QuicCryptoClientConfig crypto_config(ProofVerifierForTesting());
   AsyncTestChannelIDSource* async_channel_id_source = nullptr;
   if (options.channel_id_enabled) {
     ChannelIDSource* source = ChannelIDSourceForTesting();
     if (options.channel_id_source_async) {
@@ skipping 30 matching lines @@
                 server->crypto_negotiated_params().channel_id);
       EXPECT_EQ(
           options.channel_id_source_async,
           client_session.GetCryptoStream()->WasChannelIDSourceCallbackRun());
     }
   }
 
   return client_session.GetCryptoStream()->num_sent_client_hellos();
 }
 
-// static
-void CryptoTestUtils::SetupCryptoServerConfigForTest(
-    const QuicClock* clock,
-    QuicRandom* rand,
-    QuicCryptoServerConfig* crypto_config,
-    const FakeServerOptions& fake_options) {
+void SetupCryptoServerConfigForTest(const QuicClock* clock,
+                                    QuicRandom* rand,
+                                    QuicCryptoServerConfig* crypto_config,
+                                    const FakeServerOptions& fake_options) {
   QuicCryptoServerConfig::ConfigOptions options;
   options.channel_id_enabled = true;
   options.token_binding_params = fake_options.token_binding_params;
   std::unique_ptr<CryptoHandshakeMessage> scfg(
       crypto_config->AddDefaultConfig(rand, clock, options));
 }
 
-// static
-void CryptoTestUtils::CommunicateHandshakeMessages(
-    PacketSavingConnection* client_conn,
-    QuicCryptoStream* client,
-    PacketSavingConnection* server_conn,
-    QuicCryptoStream* server) {
+void CommunicateHandshakeMessages(PacketSavingConnection* client_conn,
+                                  QuicCryptoStream* client,
+                                  PacketSavingConnection* server_conn,
+                                  QuicCryptoStream* server) {
   CommunicateHandshakeMessagesAndRunCallbacks(client_conn, client, server_conn,
                                               server, nullptr);
 }
 
-// static
-void CryptoTestUtils::CommunicateHandshakeMessagesAndRunCallbacks(
+void CommunicateHandshakeMessagesAndRunCallbacks(
     PacketSavingConnection* client_conn,
     QuicCryptoStream* client,
     PacketSavingConnection* server_conn,
     QuicCryptoStream* server,
     CallbackSource* callback_source) {
   size_t client_i = 0, server_i = 0;
   while (!client->handshake_confirmed()) {
     ASSERT_GT(client_conn->encrypted_packets_.size(), client_i);
     QUIC_LOG(INFO) << "Processing "
                    << client_conn->encrypted_packets_.size() - client_i
                    << " packets client->server";
     MovePackets(client_conn, &client_i, server, server_conn,
                 Perspective::IS_SERVER);
     if (callback_source) {
       callback_source->RunPendingCallbacks();
     }
 
     ASSERT_GT(server_conn->encrypted_packets_.size(), server_i);
     QUIC_LOG(INFO) << "Processing "
                    << server_conn->encrypted_packets_.size() - server_i
                    << " packets server->client";
     MovePackets(server_conn, &server_i, client, client_conn,
                 Perspective::IS_CLIENT);
     if (callback_source) {
       callback_source->RunPendingCallbacks();
     }
   }
 }
 
-// static
-std::pair<size_t, size_t> CryptoTestUtils::AdvanceHandshake(
-    PacketSavingConnection* client_conn,
-    QuicCryptoStream* client,
-    size_t client_i,
-    PacketSavingConnection* server_conn,
-    QuicCryptoStream* server,
-    size_t server_i) {
+std::pair<size_t, size_t> AdvanceHandshake(PacketSavingConnection* client_conn,
+                                           QuicCryptoStream* client,
+                                           size_t client_i,
+                                           PacketSavingConnection* server_conn,
+                                           QuicCryptoStream* server,
+                                           size_t server_i) {
   QUIC_LOG(INFO) << "Processing "
                  << client_conn->encrypted_packets_.size() - client_i
                  << " packets client->server";
   MovePackets(client_conn, &client_i, server, server_conn,
               Perspective::IS_SERVER);
 
   QUIC_LOG(INFO) << "Processing "
                  << server_conn->encrypted_packets_.size() - server_i
                  << " packets server->client";
   if (server_conn->encrypted_packets_.size() - server_i == 2) {
     QUIC_LOG(INFO) << "here";
   }
   MovePackets(server_conn, &server_i, client, client_conn,
               Perspective::IS_CLIENT);
 
   return std::make_pair(client_i, server_i);
 }
 
-// static
-string CryptoTestUtils::GetValueForTag(const CryptoHandshakeMessage& message,
-                                       QuicTag tag) {
+string GetValueForTag(const CryptoHandshakeMessage& message, QuicTag tag) {
   QuicTagValueMap::const_iterator it = message.tag_value_map().find(tag);
   if (it == message.tag_value_map().end()) {
     return string();
   }
   return it->second;
 }
 
-uint64_t CryptoTestUtils::LeafCertHashForTesting() {
+uint64_t LeafCertHashForTesting() {
   QuicReferenceCountedPointer<ProofSource::Chain> chain;
   QuicSocketAddress server_address;
   QuicCryptoProof proof;
-  std::unique_ptr<ProofSource> proof_source(
-      CryptoTestUtils::ProofSourceForTesting());
-  if (!proof_source->GetProof(server_address, "", "",
-                              AllSupportedVersions().front(), "",
-                              QuicTagVector(), &chain, &proof) ||
-      chain->certs.empty()) {
+  std::unique_ptr<ProofSource> proof_source(ProofSourceForTesting());
+
+  class Callback : public ProofSource::Callback {
+   public:
+    Callback(bool* ok, QuicReferenceCountedPointer<ProofSource::Chain>* chain)
+        : ok_(ok), chain_(chain) {}
+
+    void Run(bool ok,
+             const QuicReferenceCountedPointer<ProofSource::Chain>& chain,
+             const QuicCryptoProof& /* proof */,
+             std::unique_ptr<ProofSource::Details> /* details */) override {
+      *ok_ = ok;
+      *chain_ = chain;
+    }
+
+   private:
+    bool* ok_;
+    QuicReferenceCountedPointer<ProofSource::Chain>* chain_;
+  };
+
+  // Note: relies on the callback being invoked synchronously
+  bool ok = false;
+  proof_source->GetProof(
+      server_address, "", "", AllSupportedVersions().front(), "",
+      QuicTagVector(),
+      std::unique_ptr<ProofSource::Callback>(new Callback(&ok, &chain)));
+  if (!ok || chain->certs.empty()) {
     DCHECK(false) << "Proof generation failed";
     return 0;
   }
 
   return QuicUtils::FNV1a_64_Hash(chain->certs.at(0));
 }
 
 class MockCommonCertSets : public CommonCertSets {
  public:
   MockCommonCertSets(StringPiece cert, uint64_t hash, uint32_t index)
@@ skipping 40 matching lines @@
     *out_index = index_;
     return true;
   }
 
  private:
   const string cert_;
   const uint64_t hash_;
   const uint32_t index_;
 };
 
-CommonCertSets* CryptoTestUtils::MockCommonCertSets(StringPiece cert,
-                                                    uint64_t hash,
-                                                    uint32_t index) {
+CommonCertSets* MockCommonCertSets(StringPiece cert,
+                                   uint64_t hash,
+                                   uint32_t index) {
   return new class MockCommonCertSets(cert, hash, index);
 }
 
-// static
-void CryptoTestUtils::FillInDummyReject(CryptoHandshakeMessage* rej,
-                                        bool reject_is_stateless) {
+void FillInDummyReject(CryptoHandshakeMessage* rej, bool reject_is_stateless) {
   if (reject_is_stateless) {
     rej->set_tag(kSREJ);
   } else {
     rej->set_tag(kREJ);
   }
 
   // Minimum SCFG that passes config validation checks.
   // clang-format off
   unsigned char scfg[] = {
     // SCFG
@@ skipping 13 matching lines @@
   // clang-format on
   rej->SetValue(kSCFG, scfg);
   rej->SetStringPiece(kServerNonceTag, "SERVER_NONCE");
   int64_t ttl = 2 * 24 * 60 * 60;
   rej->SetValue(kSTTL, ttl);
   std::vector<QuicTag> reject_reasons;
   reject_reasons.push_back(CLIENT_NONCE_INVALID_FAILURE);
   rej->SetVector(kRREJ, reject_reasons);
 }
 
-void CryptoTestUtils::CompareClientAndServerKeys(
-    QuicCryptoClientStream* client,
-    QuicCryptoServerStream* server) {
-  QuicFramer* client_framer =
-      QuicConnectionPeer::GetFramer(client->session()->connection());
-  QuicFramer* server_framer =
-      QuicConnectionPeer::GetFramer(server->session()->connection());
+void CompareClientAndServerKeys(QuicCryptoClientStream* client,
+                                QuicCryptoServerStream* server) {
+  QuicFramer* client_framer = QuicConnectionPeer::GetFramer(
+      QuicStreamPeer::session(client)->connection());
+  QuicFramer* server_framer = QuicConnectionPeer::GetFramer(
+      QuicStreamPeer::session(server)->connection());
   const QuicEncrypter* client_encrypter(
       QuicFramerPeer::GetEncrypter(client_framer, ENCRYPTION_INITIAL));
   const QuicDecrypter* client_decrypter(
-      client->session()->connection()->decrypter());
+      QuicStreamPeer::session(client)->connection()->decrypter());
   const QuicEncrypter* client_forward_secure_encrypter(
       QuicFramerPeer::GetEncrypter(client_framer, ENCRYPTION_FORWARD_SECURE));
   const QuicDecrypter* client_forward_secure_decrypter(
-      client->session()->connection()->alternative_decrypter());
+      QuicStreamPeer::session(client)->connection()->alternative_decrypter());
   const QuicEncrypter* server_encrypter(
       QuicFramerPeer::GetEncrypter(server_framer, ENCRYPTION_INITIAL));
   const QuicDecrypter* server_decrypter(
-      server->session()->connection()->decrypter());
+      QuicStreamPeer::session(server)->connection()->decrypter());
   const QuicEncrypter* server_forward_secure_encrypter(
       QuicFramerPeer::GetEncrypter(server_framer, ENCRYPTION_FORWARD_SECURE));
   const QuicDecrypter* server_forward_secure_decrypter(
-      server->session()->connection()->alternative_decrypter());
+      QuicStreamPeer::session(server)->connection()->alternative_decrypter());
 
   StringPiece client_encrypter_key = client_encrypter->GetKey();
   StringPiece client_encrypter_iv = client_encrypter->GetNoncePrefix();
   StringPiece client_decrypter_key = client_decrypter->GetKey();
   StringPiece client_decrypter_iv = client_decrypter->GetNoncePrefix();
   StringPiece client_forward_secure_encrypter_key =
       client_forward_secure_encrypter->GetKey();
   StringPiece client_forward_secure_encrypter_iv =
       client_forward_secure_encrypter->GetNoncePrefix();
   StringPiece client_forward_secure_decrypter_key =
@@ skipping 77 matching lines @@
   CompareCharArraysWithHexError(
       "sample key extraction", client_key_extraction.data(),
       client_key_extraction.length(), server_key_extraction.data(),
       server_key_extraction.length());
 
   CompareCharArraysWithHexError("token binding key extraction",
                                 client_tb_ekm.data(), client_tb_ekm.length(),
                                 server_tb_ekm.data(), server_tb_ekm.length());
 }
 
-// static
-QuicTag CryptoTestUtils::ParseTag(const char* tagstr) {
+QuicTag ParseTag(const char* tagstr) {
   const size_t len = strlen(tagstr);
   CHECK_NE(0u, len);
 
   QuicTag tag = 0;
 
   if (tagstr[0] == '#') {
     CHECK_EQ(static_cast<size_t>(1 + 2 * 4), len);
     tagstr++;
 
     for (size_t i = 0; i < 8; i++) {
@@ skipping 11 matching lines @@
   for (size_t i = 0; i < 4; i++) {
     tag >>= 8;
     if (i < len) {
       tag |= static_cast<uint32_t>(tagstr[i]) << 24;
     }
   }
 
   return tag;
 }
 
-// static
-CryptoHandshakeMessage CryptoTestUtils::Message(const char* message_tag, ...) {
-  va_list ap;
-  va_start(ap, message_tag);
+CryptoHandshakeMessage CreateCHLO(
+    std::vector<std::pair<string, string>> tags_and_values) {
+  return CreateCHLO(tags_and_values, -1);
+}
 
+CryptoHandshakeMessage CreateCHLO(
+    std::vector<std::pair<string, string>> tags_and_values,
+    int minimum_size_bytes) {
   CryptoHandshakeMessage msg;
-  msg.set_tag(ParseTag(message_tag));
+  msg.set_tag(MakeQuicTag('C', 'H', 'L', 'O'));
 
-  for (;;) {
-    const char* tagstr = va_arg(ap, const char*);
-    if (tagstr == nullptr) {
-      break;
-    }
+  if (minimum_size_bytes > 0) {
+    msg.set_minimum_size(minimum_size_bytes);
+  }
 
-    if (tagstr[0] == '$') {
-      // Special value.
-      const char* const special = tagstr + 1;
-      if (strcmp(special, "padding") == 0) {
-        const int min_bytes = va_arg(ap, int);
-        msg.set_minimum_size(min_bytes);
-      } else {
-        CHECK(false) << "Unknown special value: " << special;
-      }
+  for (const auto& tag_and_value : tags_and_values) {
+    const string& tag = tag_and_value.first;
+    const string& value = tag_and_value.second;
 
+    const QuicTag quic_tag = ParseTag(tag.c_str());
+
+    size_t value_len = value.length();
+    if (value_len > 0 && value[0] == '#') {
+      // This is ascii encoded hex.
+      string hex_value = QuicTextUtils::HexDecode(StringPiece(&value[1]));
+      msg.SetStringPiece(quic_tag, hex_value);
       continue;
     }
-
-    const QuicTag tag = ParseTag(tagstr);
-    const char* valuestr = va_arg(ap, const char*);
-
-    size_t len = strlen(valuestr);
-    if (len > 0 && valuestr[0] == '#') {
-      valuestr++;
-      len--;
-
-      CHECK_EQ(0u, len % 2);
-      std::unique_ptr<uint8_t[]> buf(new uint8_t[len / 2]);
-
-      for (size_t i = 0; i < len / 2; i++) {
-        uint8_t v = 0;
-        CHECK(HexChar(valuestr[i * 2], &v));
-        buf[i] = v << 4;
-        CHECK(HexChar(valuestr[i * 2 + 1], &v));
-        buf[i] |= v;
-      }
-
-      msg.SetStringPiece(
-          tag, StringPiece(reinterpret_cast<char*>(buf.get()), len / 2));
-      continue;
-    }
-
-    msg.SetStringPiece(tag, valuestr);
+    msg.SetStringPiece(quic_tag, value);
   }
 
   // The CryptoHandshakeMessage needs to be serialized and parsed to ensure
   // that any padding is included.
   std::unique_ptr<QuicData> bytes(CryptoFramer::ConstructHandshakeMessage(msg));
   std::unique_ptr<CryptoHandshakeMessage> parsed(
       CryptoFramer::ParseMessage(bytes->AsStringPiece()));
   CHECK(parsed.get());
 
-  va_end(ap);
   return *parsed;
 }
 
-// static
-ChannelIDSource* CryptoTestUtils::ChannelIDSourceForTesting() {
+ChannelIDSource* ChannelIDSourceForTesting() {
   return new TestChannelIDSource();
 }
 
-// static
-void CryptoTestUtils::MovePackets(PacketSavingConnection* source_conn,
-                                  size_t* inout_packet_index,
-                                  QuicCryptoStream* dest_stream,
-                                  PacketSavingConnection* dest_conn,
-                                  Perspective dest_perspective) {
+void MovePackets(PacketSavingConnection* source_conn,
+                 size_t* inout_packet_index,
+                 QuicCryptoStream* dest_stream,
+                 PacketSavingConnection* dest_conn,
+                 Perspective dest_perspective) {
   SimpleQuicFramer framer(source_conn->supported_versions(), dest_perspective);
   CryptoFramer crypto_framer;
   CryptoFramerVisitor crypto_visitor;
 
   // In order to properly test the code we need to perform encryption and
   // decryption so that the crypters latch when expected. The crypters are in
   // |dest_conn|, but we don't want to try and use them there. Instead we swap
   // them into |framer|, perform the decryption with them, and then swap ther
   // back.
   QuicConnectionPeer::SwapCrypters(dest_conn, framer.framer());
@@ skipping 21 matching lines @@
   QuicConnectionPeer::SwapCrypters(dest_conn, framer.framer());
 
   ASSERT_EQ(0u, crypto_framer.InputBytesRemaining());
 
   for (const CryptoHandshakeMessage& message : crypto_visitor.messages()) {
     dest_stream->OnHandshakeMessage(message);
   }
   QuicConnectionPeer::SetCurrentPacket(dest_conn, StringPiece(nullptr, 0));
 }
 
-CryptoHandshakeMessage CryptoTestUtils::GenerateDefaultInchoateCHLO(
+CryptoHandshakeMessage GenerateDefaultInchoateCHLO(
     const QuicClock* clock,
     QuicVersion version,
     QuicCryptoServerConfig* crypto_config) {
   // clang-format off
-  return CryptoTestUtils::Message(
-      "CHLO",
-      "PDMD", "X509",
-      "AEAD", "AESG",
-      "KEXS", "C255",
-      "PUBS", CryptoTestUtils::GenerateClientPublicValuesHex().c_str(),
-      "NONC", CryptoTestUtils::GenerateClientNonceHex(clock,
-                                                      crypto_config).c_str(),
-      "VER\0", QuicTagToString(
-          QuicVersionToQuicTag(version)).c_str(),
-      "$padding", static_cast<int>(kClientHelloMinimumSize),
-      nullptr);
+  return CreateCHLO(
+      {{"PDMD", "X509"},
+       {"AEAD", "AESG"},
+       {"KEXS", "C255"},
+       {"PUBS", GenerateClientPublicValuesHex().c_str()},
+       {"NONC", GenerateClientNonceHex(clock, crypto_config).c_str()},
+       {"VER\0", QuicTagToString(QuicVersionToQuicTag(version)).c_str()}},
+      kClientHelloMinimumSize);
   // clang-format on
 }
 
-string CryptoTestUtils::GenerateClientNonceHex(
-    const QuicClock* clock,
-    QuicCryptoServerConfig* crypto_config) {
+string GenerateClientNonceHex(const QuicClock* clock,
+                              QuicCryptoServerConfig* crypto_config) {
   net::QuicCryptoServerConfig::ConfigOptions old_config_options;
   net::QuicCryptoServerConfig::ConfigOptions new_config_options;
   old_config_options.id = "old-config-id";
   delete crypto_config->AddDefaultConfig(net::QuicRandom::GetInstance(), clock,
                                          old_config_options);
   std::unique_ptr<QuicServerConfigProtobuf> primary_config(
       crypto_config->GenerateConfig(net::QuicRandom::GetInstance(), clock,
                                     new_config_options));
   primary_config->set_primary_time(clock->WallNow().ToUNIXSeconds());
   std::unique_ptr<net::CryptoHandshakeMessage> msg(
       crypto_config->AddConfig(std::move(primary_config), clock->WallNow()));
   StringPiece orbit;
   CHECK(msg->GetStringPiece(net::kORBT, &orbit));
   string nonce;
   net::CryptoUtils::GenerateNonce(
       clock->WallNow(), net::QuicRandom::GetInstance(),
       StringPiece(reinterpret_cast<const char*>(orbit.data()),
                   sizeof(orbit.size())),
       &nonce);
   return ("#" + QuicTextUtils::HexEncode(nonce));
 }
 
-string CryptoTestUtils::GenerateClientPublicValuesHex() {
+string GenerateClientPublicValuesHex() {
   char public_value[32];
   memset(public_value, 42, sizeof(public_value));
   return ("#" + QuicTextUtils::HexEncode(public_value, sizeof(public_value)));
 }
 
-// static
-void CryptoTestUtils::GenerateFullCHLO(
-    const CryptoHandshakeMessage& inchoate_chlo,
-    QuicCryptoServerConfig* crypto_config,
-    QuicSocketAddress server_addr,
-    QuicSocketAddress client_addr,
-    QuicVersion version,
-    const QuicClock* clock,
-    QuicReferenceCountedPointer<QuicSignedServerConfig> proof,
-    QuicCompressedCertsCache* compressed_certs_cache,
-    CryptoHandshakeMessage* out) {
+void GenerateFullCHLO(const CryptoHandshakeMessage& inchoate_chlo,
+                      QuicCryptoServerConfig* crypto_config,
+                      QuicSocketAddress server_addr,
+                      QuicSocketAddress client_addr,
+                      QuicVersion version,
+                      const QuicClock* clock,
+                      QuicReferenceCountedPointer<QuicSignedServerConfig> proof,
+                      QuicCompressedCertsCache* compressed_certs_cache,
+                      CryptoHandshakeMessage* out) {
   // Pass a inchoate CHLO.
   FullChloGenerator generator(crypto_config, server_addr, client_addr, clock,
                               proof, compressed_certs_cache, out);
   crypto_config->ValidateClientHello(
       inchoate_chlo, client_addr.host(), server_addr, version, clock, proof,
       generator.GetValidateClientHelloCallback());
 }
 
+}  // namespace crypto_test_utils
 }  // namespace test
 }  // namespace net