From 38046e07cf4b97739d86fbd50d19de095fff11f7 Mon Sep 17 00:00:00 2001
From: Sebastian Holmin <sebastian.holmin@mullvad.net>
Date: Thu, 9 Jan 2025 15:26:00 +0100
Subject: [PATCH] Do not expose the key pair receiver publicly

---
 talpid-core/src/tunnel_state_machine/mod.rs         |  4 ++--
 talpid-tunnel-config-client/src/classic_mceliece.rs | 13 ++++++-------
 2 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/talpid-core/src/tunnel_state_machine/mod.rs b/talpid-core/src/tunnel_state_machine/mod.rs
index d9d25d95d2a9..e8bd4ed64980 100644
--- a/talpid-core/src/tunnel_state_machine/mod.rs
+++ b/talpid-core/src/tunnel_state_machine/mod.rs
@@ -25,7 +25,7 @@ use talpid_routing::RouteManagerHandle;
 #[cfg(target_os = "macos")]
 use talpid_tunnel::TunnelMetadata;
 use talpid_tunnel::{tun_provider::TunProvider, TunnelEvent};
-use talpid_tunnel_config_client::classic_mceliece::get_or_init_keypair_receiver;
+use talpid_tunnel_config_client::classic_mceliece::spawn_keypair_generator;
 #[cfg(target_os = "macos")]
 use talpid_types::ErrorExt;
 
@@ -179,7 +179,7 @@ pub async fn spawn(
     });
 
     // Spawn a worker that pre-computes McEliece key pairs for PQ tunnels
-    get_or_init_keypair_receiver();
+    spawn_keypair_generator();
 
     Ok(TunnelStateMachineHandle {
         command_tx,
diff --git a/talpid-tunnel-config-client/src/classic_mceliece.rs b/talpid-tunnel-config-client/src/classic_mceliece.rs
index fbe69149cf04..363fbec82b5b 100644
--- a/talpid-tunnel-config-client/src/classic_mceliece.rs
+++ b/talpid-tunnel-config-client/src/classic_mceliece.rs
@@ -19,6 +19,8 @@ pub const ALGORITHM_NAME: &str = "Classic-McEliece-460896f-round3";
 
 type KeyPair = (PublicKey<'static>, SecretKey<'static>);
 
+/// Receiver for McEliece key pairs used by PQ tunnels. These are generated in a separate
+/// thread to reduce latency when connecting.
 static KEYPAIR_RX: OnceLock<Mutex<mpsc::Receiver<KeyPair>>> = OnceLock::new();
 
 /// Spawn a worker that pre computes `bufsize` McEliece key pairs in a separate thread, which can be
@@ -62,7 +64,8 @@ pub fn spawn_keypair_worker(bufsize: usize) -> mpsc::Receiver<KeyPair> {
 }
 
 pub async fn generate_keys() -> KeyPair {
-    get_or_init_keypair_receiver()
+    KEYPAIR_RX
+        .get_or_init(|| Mutex::new(spawn_keypair_worker(BUFSIZE)))
         .lock()
         .await
         .recv()
@@ -70,12 +73,8 @@ pub async fn generate_keys() -> KeyPair {
         .expect("Expected to receive key pair, but key generator has been stopped.")
 }
 
-/// Returns a receiver for McEliece key pairs used by PQ tunnels. These are generated in a separate
-/// thread to reduce latency when connecting.
-///
-/// The first call will spawn the worker which immedietly starts to compute and buffer [`BUFSIZE`]
-/// of key pairs.
-pub fn get_or_init_keypair_receiver<'a>() -> &'a Mutex<mpsc::Receiver<KeyPair>> {
+/// Spawn a worker which computes and buffers [`BUFSIZE`] of McEliece key pairs, used by PQ tunnels.
+pub fn spawn_keypair_generator<'a>() -> &'a Mutex<mpsc::Receiver<KeyPair>> {
     KEYPAIR_RX.get_or_init(|| Mutex::new(spawn_keypair_worker(BUFSIZE)))
 }