From: Valentine Wallace Date: Tue, 27 Jun 2023 16:35:03 +0000 (-0400) Subject: Generalize next_hop_packet_pubkey onion util X-Git-Tag: v0.0.117-alpha1~50^2~3 X-Git-Url: http://git.bitcoin.ninja/?a=commitdiff_plain;h=ec5e837cc2390573fa4273381c182a174ebfe027;p=rust-lightning Generalize next_hop_packet_pubkey onion util Useful for generating a next hop blinding point when forwarding a blinded payment. --- diff --git a/lightning/src/blinded_path/mod.rs b/lightning/src/blinded_path/mod.rs index dabfb79c7..c52df1651 100644 --- a/lightning/src/blinded_path/mod.rs +++ b/lightning/src/blinded_path/mod.rs @@ -11,9 +11,7 @@ pub(crate) mod utils; -use bitcoin::hashes::{Hash, HashEngine}; -use bitcoin::hashes::sha256::Hash as Sha256; -use bitcoin::secp256k1::{self, PublicKey, Scalar, Secp256k1, SecretKey}; +use bitcoin::secp256k1::{self, PublicKey, Secp256k1, SecretKey}; use crate::sign::{EntropySource, NodeSigner, Recipient}; use crate::onion_message::ControlTlvs; @@ -97,14 +95,8 @@ impl BlindedPath { let mut new_blinding_point = match next_blinding_override { Some(blinding_point) => blinding_point, None => { - let blinding_factor = { - let mut sha = Sha256::engine(); - sha.input(&self.blinding_point.serialize()[..]); - sha.input(control_tlvs_ss.as_ref()); - Sha256::from_engine(sha).into_inner() - }; - self.blinding_point.mul_tweak(secp_ctx, &Scalar::from_be_bytes(blinding_factor).unwrap()) - .map_err(|_| ())? + onion_utils::next_hop_pubkey(secp_ctx, self.blinding_point, + control_tlvs_ss.as_ref()).map_err(|_| ())? } }; mem::swap(&mut self.blinding_point, &mut new_blinding_point); diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs index 961f25cc6..5c2d392ba 100644 --- a/lightning/src/ln/channelmanager.rs +++ b/lightning/src/ln/channelmanager.rs @@ -2868,9 +2868,9 @@ where short_channel_id, amt_to_forward, outgoing_cltv_value }, .. } => { - let next_pk = onion_utils::next_hop_packet_pubkey(&self.secp_ctx, + let next_packet_pk = onion_utils::next_hop_pubkey(&self.secp_ctx, msg.onion_routing_packet.public_key.unwrap(), &shared_secret); - (short_channel_id, amt_to_forward, outgoing_cltv_value, Some(next_pk)) + (short_channel_id, amt_to_forward, outgoing_cltv_value, Some(next_packet_pk)) }, // We'll do receive checks in [`Self::construct_pending_htlc_info`] so we have access to the // inbound channel's state. diff --git a/lightning/src/ln/onion_utils.rs b/lightning/src/ln/onion_utils.rs index 03ba88771..688a9c961 100644 --- a/lightning/src/ln/onion_utils.rs +++ b/lightning/src/ln/onion_utils.rs @@ -91,15 +91,18 @@ pub(super) fn gen_pad_from_shared_secret(shared_secret: &[u8]) -> [u8; 32] { Hmac::from_engine(hmac).into_inner() } -pub(crate) fn next_hop_packet_pubkey(secp_ctx: &Secp256k1, packet_pubkey: PublicKey, packet_shared_secret: &[u8; 32]) -> Result { +/// Calculates a pubkey for the next hop, such as the next hop's packet pubkey or blinding point. +pub(crate) fn next_hop_pubkey( + secp_ctx: &Secp256k1, curr_pubkey: PublicKey, shared_secret: &[u8] +) -> Result { let blinding_factor = { let mut sha = Sha256::engine(); - sha.input(&packet_pubkey.serialize()[..]); - sha.input(packet_shared_secret); + sha.input(&curr_pubkey.serialize()[..]); + sha.input(shared_secret); Sha256::from_engine(sha).into_inner() }; - packet_pubkey.mul_tweak(secp_ctx, &Scalar::from_be_bytes(blinding_factor).unwrap()) + curr_pubkey.mul_tweak(secp_ctx, &Scalar::from_be_bytes(blinding_factor).unwrap()) } // can only fail if an intermediary hop has an invalid public key or session_priv is invalid diff --git a/lightning/src/onion_message/messenger.rs b/lightning/src/onion_message/messenger.rs index a3613605c..7d5f4a22e 100644 --- a/lightning/src/onion_message/messenger.rs +++ b/lightning/src/onion_message/messenger.rs @@ -490,7 +490,7 @@ where // unwrapping the onion layers to get to the final payload. Since we don't have the option // of creating blinded paths with dummy hops currently, we should be ok to not handle this // for now. - let new_pubkey = match onion_utils::next_hop_packet_pubkey(&self.secp_ctx, msg.onion_routing_packet.public_key, &onion_decode_ss) { + let new_pubkey = match onion_utils::next_hop_pubkey(&self.secp_ctx, msg.onion_routing_packet.public_key, &onion_decode_ss) { Ok(pk) => pk, Err(e) => { log_trace!(self.logger, "Failed to compute next hop packet pubkey: {}", e); @@ -507,21 +507,16 @@ where blinding_point: match next_blinding_override { Some(blinding_point) => blinding_point, None => { - let blinding_factor = { - let mut sha = Sha256::engine(); - sha.input(&msg.blinding_point.serialize()[..]); - sha.input(control_tlvs_ss.as_ref()); - Sha256::from_engine(sha).into_inner() - }; - let next_blinding_point = msg.blinding_point; - match next_blinding_point.mul_tweak(&self.secp_ctx, &Scalar::from_be_bytes(blinding_factor).unwrap()) { + match onion_utils::next_hop_pubkey( + &self.secp_ctx, msg.blinding_point, control_tlvs_ss.as_ref() + ) { Ok(bp) => bp, Err(e) => { log_trace!(self.logger, "Failed to compute next blinding point: {}", e); return } } - }, + } }, onion_routing_packet: outgoing_packet, };