1 files changed, 12 insertions, 5 deletions

diff --git a/src/Network/Tox/Onion/Transport.hs b/src/Network/Tox/Onion/Transport.hs
index b5ac748a..eabd9473 100644
--- a/src/Network/Tox/Onion/Transport.hs
+++ b/src/Network/Tox/Onion/Transport.hs
@@ -457,7 +457,7 @@ peelOnion :: Serialize (Addressed (Forwarding n t))
               -> Forwarding (S n) t
               -> Either String (Addressed (Forwarding n t))
 peelOnion crypto nonce (Forwarding k fwd) =
-    fmap runIdentity $ uncomposed $ decryptMessage crypto nonce (Right $ Assym k nonce fwd)
+    fmap runIdentity $ uncomposed $ decryptMessage (dhtKey crypto) nonce (Right $ Assym k nonce fwd)
 
 handleOnionResponse :: (KnownPeanoNat n, Sized (ReturnPath n), Serialize (ReturnPath n)) => proxy (S n) -> TransportCrypto -> SockAddr -> UDPTransport -> IO a -> OnionResponse (S n) -> IO a
 handleOnionResponse proxy crypto saddr udp kont (OnionResponse path msg) = do
@@ -576,7 +576,7 @@ encrypt crypto msg rpath = ( transcode ( (. (runIdentity . either id assymData))
                                        msg
                            , rpath)
     where
-        skey = transportSecret crypto
+        skey = fst $ aliasKey crypto rpath
 
         -- The OnionToMe case shouldn't happen, but we'll use our own public
         -- key in this situation.
@@ -592,14 +592,21 @@ encryptMessage skey destKey n a = ToxCrypto.encrypt secret plain
 
 decrypt :: TransportCrypto -> OnionMessage Encrypted -> OnionDestination r -> Either String (OnionMessage Identity, OnionDestination r)
 decrypt crypto msg addr = do
-    msg <- sequenceMessage $ transcode (\n -> decryptMessage crypto n . left (senderkey addr)) msg
+    msg <- sequenceMessage $ transcode (\n -> decryptMessage (aliasKey crypto addr) n . left (senderkey addr)) msg
     Right (msg, addr)
 
 senderkey :: OnionDestination r -> t -> (Maybe PublicKey, t)
 senderkey addr e = (onionKey addr, e)
 
+aliasKey :: TransportCrypto -> OnionDestination r -> (SecretKey,PublicKey)
+aliasKey crypto (OnionToOwner {})     = (transportSecret &&& transportPublic) crypto
+aliasKey crypto (OnionDestination {}) = (onionAliasSecret &&& onionAliasPublic) crypto
+
+dhtKey :: TransportCrypto -> (SecretKey,PublicKey)
+dhtKey crypto = (transportSecret &&& transportPublic) crypto
+
 decryptMessage :: Serialize x =>
-                  TransportCrypto
+                  (SecretKey,PublicKey)
                   -> Nonce24
                   -> Either (Maybe PublicKey, Encrypted x)
                             (Assym (Encrypted x))
@@ -609,7 +616,7 @@ decryptMessage crypto n arg
     | otherwise              = Composed $ Left "decryptMessage: Unknown sender"
  where
     msecret  = do sender <- mkey
-                  Just $ computeSharedSecret (transportSecret crypto) sender n
+                  Just $ computeSharedSecret (fst crypto) sender n
     (mkey,e) = either id (Just . senderKey &&& assymData) arg
     plain    = Composed . fmap Identity . (>>= decodePlain)