Only generate byte[] of nonce_info and key_info once (#33)

Motivation:

We can store the byte[] of nonce_info and key_info in a static final field and so reduce the overhead of generating these from a string all the time

Modifications:

- Only generate byte[] once and store in final field.
- Cleanup internal API

Result:

Reduce overhead

codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCiphersuite.java

@@ -36,6 +36,8 @@ public final class OHttpCiphersuite {
     private static final Random RAND = new SecureRandom();
 
     private static final int ENCODED_LENGTH = 7;
+    private static final byte[] KEY_INFO  = "key".getBytes(StandardCharsets.US_ASCII);
+    private static final byte[] NONCE_INFO  = "nonce".getBytes(StandardCharsets.US_ASCII);
 
     public OHttpCiphersuite(byte keyId, KEM kem, KDF kdf,
                             AEAD aead) {
@@ -128,16 +130,17 @@ byte[] createResponseNonce() {
     /*
      * See https://ietf-wg-ohai.github.io/oblivious-http/draft-ietf-ohai-ohttp.html#name-encapsulation-of-responses
      */
-    AEADContext createResponseAead(OHttpCryptoProvider provider, HPKEContext context, byte[] enc,
-                                                 byte[] responseNonce, OHttpCryptoConfiguration configuration) {
+    AEADContext createResponseAEAD(OHttpCryptoProvider provider, HPKEContext context, byte[] enc,
+                                   byte[] responseNonce, byte[] responseExportContext) {
         int secretLength = Math.max(aead.nk(), aead.nn());
-        byte[] secret = context.export(configuration.responseExportContext(), secretLength);
+        byte[] secret = context.export(responseExportContext, secretLength);
         byte[] salt = Arrays.concatenate(enc, responseNonce);
         byte[] prk = context.extract(salt, secret);
-        byte[] aeadKey = context.expand(prk, "key".getBytes(StandardCharsets.US_ASCII), aead.nk());
-        byte[] aeadNonce = context.expand(prk, "nonce".getBytes(StandardCharsets.US_ASCII), aead.nn());
+        byte[] aeadKey = context.expand(prk, KEY_INFO, aead.nk());
+        byte[] aeadNonce = context.expand(prk, NONCE_INFO, aead.nn());
         return provider.setupAEAD(aead, aeadKey, aeadNonce);
     }
+
     @Override
     public String toString() {
         return "OHttpCiphersuite{id=" + Byte.toUnsignedInt(keyId) + ", kem=" + this.kem + ", kdf=" + this.kdf + ", aead=" + this.aead + "}";

codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoReceiver.java

@@ -104,12 +104,12 @@ private OHttpCryptoReceiver(Builder builder) {
         this.context = provider.setupHPKEBaseR(HPKEMode.Base, ciphersuite.kem(), ciphersuite.kdf(),
                 ciphersuite.aead(), encapsulatedKey, keyPair, ciphersuite.createInfo(configuration));
         if (builder.forcedResponseNonce == null) {
-            this.responseNonce = builder.ciphersuite.createResponseNonce();
+            this.responseNonce = ciphersuite.createResponseNonce();
         } else {
             this.responseNonce = builder.forcedResponseNonce;
         }
-        this.aead = builder.ciphersuite.createResponseAead(provider, this.context, encapsulatedKey,
-                this.responseNonce, configuration);
+        this.aead = ciphersuite.createResponseAEAD(provider, this.context, encapsulatedKey,
+                this.responseNonce, configuration.responseExportContext());
     }
 
     /**

codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoSender.java

@@ -130,8 +130,8 @@ public boolean readResponseNonce(ByteBuf in) {
         }
         byte[] responseNonce = new byte[ciphersuite().responseNonceLength()];
         in.readBytes(responseNonce);
-        this.aead = ciphersuite.createResponseAead(
-                provider, context, context.encapsulation(), responseNonce, configuration);
+        this.aead = ciphersuite.createResponseAEAD(
+                provider, context, context.encapsulation(), responseNonce, configuration.responseExportContext());
         return true;
     }