From 246f1bd7c0dffc10a705042363775162b0e3519a Mon Sep 17 00:00:00 2001
From: angt <angt@users.noreply.github.com>
Date: Mon, 16 Nov 2015 16:35:43 +0100
Subject: [PATCH] Add a very simple client and server authentication

---
 src/main.c | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/src/main.c b/src/main.c
index 3d43317..e82b4f9 100644
--- a/src/main.c
+++ b/src/main.c
@@ -487,8 +487,6 @@ static int gt_setup_secretkey (struct crypto_ctx *ctx, char *keyfile)
         return -1;
     }
 
-    // TODO: check key
-
     close(fd);
 
     return 0;
@@ -506,6 +504,7 @@ static int gt_setup_crypto (struct crypto_ctx *ctx, int fd, int listener)
     uint8_t key[crypto_aead_aes256gcm_KEYBYTES];
 
     uint8_t data_r[size], data_w[size];
+    uint8_t auth_r[hash_size], auth_w[hash_size];
     uint8_t hash[hash_size];
 
     randombytes_buf(data_w, nonce_size);
@@ -530,6 +529,21 @@ static int gt_setup_crypto (struct crypto_ctx *ctx, int fd, int listener)
     if (listener && fd_write_all(fd, data_w, size)!=size)
         return -1;
 
+    crypto_generichash(auth_w, hash_size,
+            data_r, size, ctx->skey, sizeof(ctx->skey));
+
+    if (fd_write_all(fd, auth_w, hash_size)!=hash_size)
+        return -1;
+
+    if (fd_read_all(fd, auth_r, hash_size)!=hash_size)
+        return -1;
+
+    crypto_generichash(hash, hash_size,
+            data_w, size, ctx->skey, sizeof(ctx->skey));
+
+    if (sodium_memcmp(auth_r, hash, hash_size))
+        return -2;
+
     crypto_scalarmult(shared, secret, &data_r[nonce_size]);
 
     crypto_generichash_state state;