+ /* Update our crypto end */
+
+ size_t mykeylen = cipher_keylength(&myself->incipher);
+ size_t hiskeylen = cipher_keylength(&from->outcipher);
+
+ char *mykey;
+ char *hiskey;
+ char *seed;
+
+ if(strcmp(myself->name, from->name) < 0) {
+ mykey = key;
+ hiskey = key + mykeylen * 2;
+ xasprintf(&seed, "tinc UDP key expansion %s %s", myself->name, from->name);
+ } else {
+ mykey = key + hiskeylen * 2;
+ hiskey = key;
+ xasprintf(&seed, "tinc UDP key expansion %s %s", from->name, myself->name);
+ }
+
+ if(!prf(shared, ECDH_SHARED_SIZE, seed, strlen(seed), key, hiskeylen * 2 + mykeylen * 2))
+ return false;
+
+ free(seed);
+
+ cipher_open_by_nid(&from->incipher, cipher_get_nid(&myself->incipher));
+ digest_open_by_nid(&from->indigest, digest_get_nid(&myself->indigest), digest_length(&myself->indigest));
+ from->incompression = myself->incompression;
+
+ cipher_set_key(&from->incipher, mykey, true);
+ digest_set_key(&from->indigest, mykey + mykeylen, mykeylen);
+
+ cipher_set_key(&from->outcipher, hiskey, false);
+ digest_set_key(&from->outdigest, hiskey + hiskeylen, hiskeylen);