add new design plan

Author: buggmagnet

ios/PacketTunnelCore/Actor/PacketTunnelActor.swift

@@ -150,6 +150,41 @@ extension PacketTunnelActor {
         }
     }
 
+    struct QuantumKeyNegotiatior {
+        let packetTunnel: NEPacketTunnelProvider
+        private let tcpConnectionInsideTunnel: NWTCPConnection
+
+        func setupKVOForTCPConnection(_ connection: NWTCPConnection) {}
+
+        func negotiatePostQuantumKeyExchange(
+            relayAddress: IPv4Address,
+            devicePublicKey: PublicKey,
+            presharedKey: PublicKey
+        ) -> PrivateKey? /* pre shared key to use*/ {
+            nil
+        }
+    }
+
+    /*
+     - New Design of the functionality
+     - Enter the negotiatePostQuantumKey state
+     - Configure Wireguard to connect to the gateway (10.64.0.1/32)
+     - Open the TCP Connection inside the tunnel `createTCPConnectionThroughTunnel(to:enableTLS:tlsParameters:delegate:)`
+     - Setup KVO on the TCP Connection
+     - Wait for the connection to be in a connected state
+     - Call the rust function to exchange keys
+     - Use the returned preshared-key to reconfigure the WireGuard adapter
+     - Send the .start message to the Packet Tunnel Actor with the new preshared key
+     - Try writing the new preshared private key to the settings, where it will be read when we send the `.start` message
+     let postQuantumConfiguration = ConfigurationBuilder(
+         privateKey: RETURNED_PRE_SHARED_KEY,
+         interfaceAddresses: settings.interfaceAddresses, allowedIPs: [
+             IPAddressRange(from: "0.0.0.0/0")!,
+             IPAddressRange(from: "::/0")!,
+         ]
+     )
+
+     */
     private func negotiatePostQuantumKeyExchange(_ options: StartOptions, nextRelay: NextRelay = .current) async {
         // TODO: Should this be the same path as in a reconnection attempt ?
         guard case .initial = state else { return }