cryptField() used to obscure extended fields in HELLO cannot use mangleKey()

node/IncomingPacket.cpp

@@ -320,7 +320,7 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut
 
 			// Get moon IDs and timestamps if present
 			if ((ptr + 2) <= size()) {
-				unsigned int numMoons = at<uint16_t>(ptr); ptr += 2;
+				const unsigned int numMoons = at<uint16_t>(ptr); ptr += 2;
 				for(unsigned int i=0;i<numMoons;++i) {
 					if ((World::Type)(*this)[ptr++] == World::TYPE_MOON)
 						moonIdsAndTimestamps.push_back(std::pair<uint64_t,uint64_t>(at<uint64_t>(ptr),at<uint64_t>(ptr + 8)));

node/Packet.cpp

@@ -2025,14 +2025,9 @@ bool Packet::dearmor(const void *key)
 
 void Packet::cryptField(const void *key,unsigned int start,unsigned int len)
 {
-	unsigned char mangledKey[32];
+	unsigned char discard[32];
-	unsigned char macKey[32];
+	Salsa20 s20(key,256,field(ZT_PACKET_IDX_IV,8));
-	_salsa20MangleKey((const unsigned char *)key,mangledKey);
+	s20.crypt12(ZERO_KEY,discard,sizeof(discard)); // discard the first 32 bytes of key stream (the ones use for MAC in armor()) as a precaution
-	mangledKey[0] ^= 0x7f;
-	mangledKey[1] ^= ((start >> 8) & 0xff);
-	mangledKey[2] ^= (start & 0xff); // slightly alter key for this use case as an added guard against key stream reuse
-	Salsa20 s20(mangledKey,256,field(ZT_PACKET_IDX_IV,8));
-	s20.crypt12(ZERO_KEY,macKey,sizeof(macKey)); // discard the first 32 bytes of key stream (the ones use for MAC in armor()) as a precaution
 	unsigned char *const ptr = field(start,len);
 	s20.crypt12(ptr,ptr,len);
 }