Make key exchange behaviors consistent

This commit is contained in:
Frank Denis 2020-09-21 02:13:57 +02:00
parent e54056bc38
commit 8b72e58656
1 changed files with 11 additions and 1 deletions

View File

@ -50,10 +50,20 @@ func ComputeSharedKey(cryptoConstruction CryptoConstruction, secretKey *[32]byte
var err error var err error
sharedKey, err = xsecretbox.SharedKey(*secretKey, *serverPk) sharedKey, err = xsecretbox.SharedKey(*secretKey, *serverPk)
if err != nil { if err != nil {
dlog.Criticalf("[%v] Weak public key", providerName) dlog.Criticalf("[%v] Weak XChaCha20 public key", providerName)
} }
} else { } else {
box.Precompute(&sharedKey, serverPk, secretKey) box.Precompute(&sharedKey, serverPk, secretKey)
c := byte(0)
for i := 0; i < 32; i++ {
c |= sharedKey[i]
}
if c == 0 {
dlog.Criticalf("[%v] Weak XSalsa20 public key", providerName)
if _, err := crypto_rand.Read(sharedKey[:]); err != nil {
dlog.Fatal(err)
}
}
} }
return return
} }