-func (h *Handshake) Server(id *PeerId, conn *net.UDPConn, data []byte) *Peer {
- // R + ENC(PSK, dh_client_pub) + IDtag
- if len(data) == 48 && h.rNonce == nil {
- key := KeyRead(path.Join(PeersPath, id.String(), "key"))
- h.Id = *id
-
- // Generate private DH key
- h.dhPriv = dhPrivGen()
- dhPub := new([32]byte)
- curve25519.ScalarBaseMult(dhPub, h.dhPriv)
-
- // Decrypt remote public key and compute shared key
- dec := new([32]byte)
- salsa20.XORKeyStream(dec[:], data[8:8+32], data[:8], key)
- h.key = dhKeyGen(h.dhPriv, dec)
-
- // Compute nonce and encrypt our public key
- h.rNonce = new([8]byte)
- copy(h.rNonce[:], data[:8])
+func (h *Handshake) Server(data []byte) *Peer {
+ // R + ENC(H(DSAPub), R, El(CDHPub)) + IDtag
+ if h.rNonce == nil && ((!h.Conf.Encless && len(data) >= 48) ||
+ (h.Conf.Encless && len(data) == EnclessEnlargeSize+h.Conf.MTU)) {
+ h.rNonce = new([16]byte)
+ copy(h.rNonce[8:], data[:RSize])
+
+ // Decrypt remote public key
+ cDHRepr := new([32]byte)
+ if h.Conf.Encless {
+ out, err := EnclessDecode(
+ h.dsaPubH,
+ h.rNonce,
+ data[RSize:len(data)-8],
+ )
+ if err != nil {
+ log.Println("Unable to decode packet from", h.addr, err)
+ return nil
+ }
+ copy(cDHRepr[:], out)
+ } else {
+ chacha20.XORKeyStream(cDHRepr[:], data[RSize:RSize+32], h.rNonce, h.dsaPubH)
+ }