<div dir="ltr"><div class="gmail_extra">So this looks like:
</div><div class="gmail_extra"><br></div><div class="gmail_extra"><div class="" style="font-weight:bold;margin-top:1em;color:black;font-family:monospace;font-size:13.3333px;white-space:pre">diff --git a/doc/<a href="http://protocol.md">protocol.md</a> b/doc/<a href="http://protocol.md">protocol.md</a><br>index d04132c..ba639d3 100644<br>--- a/<a href="http://git.zx2c4.com/WireGuard/tree/doc/protocol.md?id=dde2f6b2510284cffe9ea9fab892bb562305804a" style="color:blue;text-decoration:none">doc/protocol.md</a><br>+++ b/<a href="http://git.zx2c4.com/WireGuard/tree/doc/protocol.md?id=44d4c6975eb9f52881194aadba31bc9da05a5a79" style="color:blue;text-decoration:none">doc/protocol.md</a></div><div class="" style="color:rgb(0,0,153);font-family:monospace;font-size:13.3333px;white-space:pre">@@ -68,7 +68,7 @@ The fields are populated as follows:</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> msg.sender_index = little_endian(initiator.sender_index)</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> msg.unencrypted_ephemeral = DH_PUBKEY(initiator.ephemeral_private)</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> initiator.hash = HASH(initiator.hash || msg.unencrypted_ephemeral)</div><div class="" style="color:red;font-family:monospace;font-size:13.3333px;white-space:pre">- initiator.key = KDF(GETKEY(initiator.key, 0), DH(initiator.ephemeral_private, responder.static_public))</div><div class="" style="color:green;font-family:monospace;font-size:13.3333px;line-height:normal;white-space:pre">+ initiator.key = KDF(initiator.key, DH(initiator.ephemeral_private, responder.static_public))</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> msg.encrypted_static = AEAD(initiator.key, 0, initiator.static_public, initiator.hash)</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> initiator.hash = HASH(initiator.hash || msg.encrypted_static)</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> initiator.key = KDF(GETKEY(initiator.key, 1), DH(initiator.static_private, responder.static_public))</div><div class="" style="color:rgb(0,0,153);font-family:monospace;font-size:13.3333px;white-space:pre">@@ -98,7 +98,7 @@ The fields are populated as follows:</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> msg.encrypted_ephemeral = AEAD(responder.key, 1, DH_PUBKEY(responder.ephemeral_private), responder.hash)</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> responder.hash = HASH(responder.hash || msg.encrypted_ephemeral)</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> responder.key = KDF(GETKEY(responder.key, 2), DH(responder.ephemeral_private, initiator.ephemeral_public))</div><div class="" style="color:red;font-family:monospace;font-size:13.3333px;white-space:pre">- responder.key = KDF(GETKEY(responder.key, 0), DH(responder.ephemeral_private, initiator.static_public))</div><div class="" style="color:green;font-family:monospace;font-size:13.3333px;line-height:normal;white-space:pre">+ responder.key = KDF(responder.key, DH(responder.ephemeral_private, initiator.static_public))</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> msg.encrypted_nothing = AEAD(responder.key, 0, [empty], responder.hash)</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> </div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> When the initiator receives this message, he decrypts and does all the above operations in reverse, so that the state is identical.</div><div class="" style="font-weight:bold;margin-top:1em;color:black;font-family:monospace;font-size:13.3333px;white-space:pre">diff --git a/src/noise/key.c b/src/noise/key.c<br>index e1dcd78..f68ca9f 100644<br>--- a/<a href="http://git.zx2c4.com/WireGuard/tree/src/noise/key.c?id=dde2f6b2510284cffe9ea9fab892bb562305804a" style="color:blue;text-decoration:none">src/noise/key.c</a><br>+++ b/<a href="http://git.zx2c4.com/WireGuard/tree/src/noise/key.c?id=44d4c6975eb9f52881194aadba31bc9da05a5a79" style="color:blue;text-decoration:none">src/noise/key.c</a></div><div class="" style="color:rgb(0,0,153);font-family:monospace;font-size:13.3333px;white-space:pre">@@ -26,8 +26,12 @@ static inline bool getkey(u8 dst_key[NOISE_SYMMETRIC_KEY_LEN], struct noise_symm</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> static inline bool kdf(struct noise_symmetric_key *key, const u8 *src, size_t src_len)</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> {</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> u8 newkey[NOISE_SYMMETRIC_KEY_LEN];</div><div class="" style="color:red;font-family:monospace;font-size:13.3333px;white-space:pre">- if (!getkey(newkey, key))</div><div class="" style="color:green;font-family:monospace;font-size:13.3333px;line-height:normal;white-space:pre">+</div><div class="" style="color:green;font-family:monospace;font-size:13.3333px;line-height:normal;white-space:pre">+ if (!key->counter.receive.counter)</div><div class="" style="color:green;font-family:monospace;font-size:13.3333px;line-height:normal;white-space:pre">+ memcpy(newkey, key->key, NOISE_SYMMETRIC_KEY_LEN);</div><div class="" style="color:green;font-family:monospace;font-size:13.3333px;line-height:normal;white-space:pre">+ else if (!getkey(newkey, key))</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> return false;</div><div class="" style="color:green;font-family:monospace;font-size:13.3333px;line-height:normal;white-space:pre">+</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> blake2b(key->key, src, newkey, NOISE_SYMMETRIC_KEY_LEN, src_len, NOISE_SYMMETRIC_KEY_LEN);</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> memzero_explicit(newkey, NOISE_SYMMETRIC_KEY_LEN);</div><div class="" style="color:rgb(51,51,51);font-family:monospace;font-size:13.3333px;white-space:pre"> atomic64_set(&key->counter.counter, 0);</div></div></div>