From 99f7df9ad5f525ef05c1b73001d282d799fdd1ce Mon Sep 17 00:00:00 2001
From: xdrm-brackets <doowap31@gmail.com>
Date: Tue, 24 Apr 2018 18:48:05 +0200
Subject: [PATCH] [client] improved 'SynchronisationKey' security

---
 src/git.xdrm.io/schastsp/client/client.go | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/git.xdrm.io/schastsp/client/client.go b/src/git.xdrm.io/schastsp/client/client.go
index bdb8347..86d16bd 100644
--- a/src/git.xdrm.io/schastsp/client/client.go
+++ b/src/git.xdrm.io/schastsp/client/client.go
@@ -148,13 +148,17 @@ func (c *T) Receive(r io.Reader) error {
 ---------------------------------------------------------*/
 func (c *T) SynchronisationKey() ([]byte, error) {
 
-	/* (1) Get current hash */
+	/* (1) Reset keys so no value can be guessed*/
+	c.migrateKey(); // 1: copies 'sync' into 'key'
+	c.migrateKey(); // 2: copies random new 'sync' into 'key' (old 'sync)
+
+	/* (2) Get current hash */
 	hash, err := c.key.CurrentHash()
 	if err != nil { return nil, err }
 
-	/* (2) Decrement key so 'hash' is valid */
+	/* (3) Decrement key so 'hash' is valid */
 	c.key.Decrement()
 
-	/* (3) Return key */
+	/* (4) Return key */
 	return hash, nil;
 }