From 8b72e58656d3c34cde0918495ef7fc80d0cf07e9 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Mon, 21 Sep 2020 02:13:57 +0200
Subject: [PATCH] Make key exchange behaviors consistent

---
 dnscrypt-proxy/crypto.go | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/dnscrypt-proxy/crypto.go b/dnscrypt-proxy/crypto.go
index a8e1fc56..166d7fd9 100644
--- a/dnscrypt-proxy/crypto.go
+++ b/dnscrypt-proxy/crypto.go
@@ -50,10 +50,20 @@ func ComputeSharedKey(cryptoConstruction CryptoConstruction, secretKey *[32]byte
 		var err error
 		sharedKey, err = xsecretbox.SharedKey(*secretKey, *serverPk)
 		if err != nil {
-			dlog.Criticalf("[%v] Weak public key", providerName)
+			dlog.Criticalf("[%v] Weak XChaCha20 public key", providerName)
 		}
 	} else {
 		box.Precompute(&sharedKey, serverPk, secretKey)
+		c := byte(0)
+		for i := 0; i < 32; i++ {
+			c |= sharedKey[i]
+		}
+		if c == 0 {
+			dlog.Criticalf("[%v] Weak XSalsa20 public key", providerName)
+			if _, err := crypto_rand.Read(sharedKey[:]); err != nil {
+				dlog.Fatal(err)
+			}
+		}
 	}
 	return
 }