From: joe.miyamoto Date: Mon, 13 Jul 2020 04:24:40 +0000 (+0900) Subject: slightly refactor internal_announcement_signatures X-Git-Tag: v0.0.12~48^2 X-Git-Url: http://git.bitcoin.ninja/?a=commitdiff_plain;h=407e306a9966eddee0f0917181f3c87f2775bf0a;p=rust-lightning slightly refactor internal_announcement_signatures For making debugging easy. If the user gives a different node_secret for transport layer (`PeerManager`) and for routing msg, internal_announcement_signatures is the first place it causes an error. By giving a detailed error message, user will be able to fix the bug quickly. --- diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs index d668cdd59..d591515c4 100644 --- a/lightning/src/ln/channelmanager.rs +++ b/lightning/src/ln/channelmanager.rs @@ -2745,10 +2745,21 @@ impl let were_node_one = announcement.node_id_1 == our_node_id; let msghash = hash_to_message!(&Sha256dHash::hash(&announcement.encode()[..])[..]); - if self.secp_ctx.verify(&msghash, &msg.node_signature, if were_node_one { &announcement.node_id_2 } else { &announcement.node_id_1 }).is_err() || - self.secp_ctx.verify(&msghash, &msg.bitcoin_signature, if were_node_one { &announcement.bitcoin_key_2 } else { &announcement.bitcoin_key_1 }).is_err() { - let chan_err: ChannelError = ChannelError::Close("Bad announcement_signatures node_signature".to_owned()); - try_chan_entry!(self, Err(chan_err), channel_state, chan); + { + let their_node_key = if were_node_one { &announcement.node_id_2 } else { &announcement.node_id_1 }; + let their_bitcoin_key = if were_node_one { &announcement.bitcoin_key_2 } else { &announcement.bitcoin_key_1 }; + match (self.secp_ctx.verify(&msghash, &msg.node_signature, their_node_key), + self.secp_ctx.verify(&msghash, &msg.bitcoin_signature, their_bitcoin_key)) { + (Err(e), _) => { + let chan_err: ChannelError = ChannelError::Close(format!("Bad announcement_signatures. Failed to verify node_signature: {:?}. Maybe using different node_secret for transport and routing msg? UnsignedChannelAnnouncement used for verification is {:?}. their_node_key is {:?}", e, &announcement, their_node_key)); + try_chan_entry!(self, Err(chan_err), channel_state, chan); + }, + (_, Err(e)) => { + let chan_err: ChannelError = ChannelError::Close(format!("Bad announcement_signatures. Failed to verify bitcoin_signature: {:?}. UnsignedChannelAnnouncement used for verification is {:?}. their_bitcoin_key is ({:?})", e, &announcement, their_bitcoin_key)); + try_chan_entry!(self, Err(chan_err), channel_state, chan); + }, + _ => {} + } } let our_node_sig = self.secp_ctx.sign(&msghash, &self.our_network_key);