From c350888911b98c65b5f27334ef153b98d0f619bd Mon Sep 17 00:00:00 2001
From: Fabio Colacio <fabio.colacio.dev@gmail.com>
Date: Sun, 9 Dec 2018 22:01:54 -0800
Subject: [PATCH] MAC is computed for encrypted key also.

---
 crypto/eecdh.go | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/crypto/eecdh.go b/crypto/eecdh.go
index 7881f68..ad35fd3 100644
--- a/crypto/eecdh.go
+++ b/crypto/eecdh.go
@@ -102,7 +102,10 @@ func EncryptMessage(clearText, aesKey, nxt []byte, sid, rid int) (msg *Encrypted
 
     // Generate MAC tag for data
     mac := hmac.New(secureHash, hmacKey)
-    mac.Write(cipherText)
+    tmp := make([]byte, 0, len(cipherText) + len(encryptedNxt))
+    tmp = append(tmp, cipherText...)
+    tmp = append(tmp, encryptedNxt...)
+    mac.Write(tmp)
     tag := mac.Sum(nil)
 
     msg = &EncryptedMessage{
@@ -133,7 +136,10 @@ func (message *EncryptedMessage) Decrypt(aesKey []byte) (clearText, nextKey []by
     cbc.CryptBlocks(message.Key, message.Key)
 
     // Compare MAC tags
-    if !CheckMAC(message.Msg, message.Tag, message.Key) {
+    tmp := make([]byte, 0, len(message.Msg) + len(message.Nxt))
+    tmp = append(tmp, message.Msg...)
+    tmp = append(tmp, message.Nxt...)
+    if !CheckMAC(tmp, message.Tag, message.Key) {
         err = ErrUnexpectedMAC
         return
     }