1 files changed, 28 insertions, 22 deletions

diff --git a/src/zenhorde/hordetransportaes.h b/src/zenhorde/hordetransportaes.h
index efcad9835..a1800c684 100644
--- a/src/zenhorde/hordetransportaes.h
+++ b/src/zenhorde/hordetransportaes.h
@@ -6,47 +6,53 @@
 
 #include <cstdint>
 #include <memory>
-#include <mutex>
 #include <vector>
 
+namespace asio {
+class io_context;
+}
+
 namespace zen::horde {
 
-/** AES-256-GCM encrypted transport wrapper.
+/** Async AES-256-GCM encrypted transport wrapper.
  *
- *  Wraps an inner ComputeTransport, encrypting all outgoing data and decrypting
- *  all incoming data using AES-256-GCM. The nonce is mutated per message using
- *  the Horde nonce mangling scheme: n32[0]++; n32[1]--; n32[2] = n32[0] ^ n32[1].
+ *  Wraps an AsyncComputeTransport, encrypting outgoing and decrypting incoming
+ *  data using AES-256-GCM. The nonce is mutated per message using the Horde
+ *  nonce mangling scheme: n32[0]++; n32[1]--; n32[2] = n32[0] ^ n32[1].
  *
  *  Wire format per encrypted message:
  *    [plaintext length (4B little-endian)][nonce (12B)][ciphertext][GCM tag (16B)]
  *
  *  Uses BCrypt on Windows and OpenSSL EVP on Linux/macOS (selected at compile time).
+ *
+ *  Thread safety: all operations must be serialized by the caller (e.g. via a strand).
  */
-class AesComputeTransport final : public ComputeTransport
+class AsyncAesComputeTransport final : public AsyncComputeTransport
 {
 public:
-	AesComputeTransport(const uint8_t (&Key)[KeySize], std::unique_ptr<ComputeTransport> InnerTransport);
-	~AesComputeTransport() override;
+	AsyncAesComputeTransport(const uint8_t (&Key)[KeySize],
+							 std::unique_ptr<AsyncComputeTransport> InnerTransport,
+							 asio::io_context&						IoContext);
+	~AsyncAesComputeTransport() override;
 
-	bool   IsValid() const override;
-	size_t Send(const void* Data, size_t Size) override;
-	size_t Recv(void* Data, size_t Size) override;
-	void   MarkComplete() override;
-	void   Close() override;
+	bool IsValid() const override;
+	void AsyncWrite(const void* Data, size_t Size, AsyncIoHandler Handler) override;
+	void AsyncRead(void* Data, size_t Size, AsyncIoHandler Handler) override;
+	void Close() override;
 
 private:
-	static constexpr size_t NonceBytes = 12;  ///< AES-GCM nonce size
-	static constexpr size_t TagBytes   = 16;  ///< AES-GCM authentication tag size
+	void DoRecvMessage(uint8_t* Dest, size_t Size, AsyncIoHandler Handler);
 
 	struct CryptoContext;
 
-	std::unique_ptr<CryptoContext>	  m_Crypto;
-	std::unique_ptr<ComputeTransport> m_Inner;
-	std::vector<uint8_t>			  m_EncryptBuffer;
-	std::vector<uint8_t>			  m_RemainingData;	///< Buffered decrypted data from a partially consumed Recv
-	size_t							  m_RemainingOffset = 0;
-	std::mutex						  m_Lock;
-	bool							  m_IsClosed = false;
+	std::unique_ptr<CryptoContext>		   m_Crypto;
+	std::unique_ptr<AsyncComputeTransport> m_Inner;
+	asio::io_context&					   m_IoContext;
+	std::vector<uint8_t>				   m_EncryptBuffer;
+	std::vector<uint8_t>				   m_DecryptBuffer;
+	std::vector<uint8_t>				   m_RemainingData;
+	size_t								   m_RemainingOffset = 0;
+	bool								   m_IsClosed		 = false;
 };
 
 }  // namespace zen::horde