X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning%2Fsrc%2Fchain%2Fkeysinterface.rs;h=366afe0db0969b9f757302b2df256c27767dec55;hb=refs%2Ftags%2Fv0.0.14;hp=9714e992d5912276f004d964f10eb5e6b10ce235;hpb=dba0709b084cd3c1f50f95afed5111e5f8afda39;p=rust-lightning

diff --git a/lightning/src/chain/keysinterface.rs b/lightning/src/chain/keysinterface.rs
index 9714e992..366afe0d 100644
--- a/lightning/src/chain/keysinterface.rs
+++ b/lightning/src/chain/keysinterface.rs
@@ -26,6 +26,7 @@ use bitcoin::hash_types::WPubkeyHash;
 
 use bitcoin::secp256k1::key::{SecretKey, PublicKey};
 use bitcoin::secp256k1::{Secp256k1, Signature, Signing};
+use bitcoin::secp256k1::recovery::RecoverableSignature;
 use bitcoin::secp256k1;
 
 use util::{byte_utils, transaction_utils};
@@ -226,7 +227,7 @@ impl Readable for SpendableOutputDescriptor {
 /// of LN security model, orthogonal of key management issues.
 // TODO: We should remove Clone by instead requesting a new Sign copy when we create
 // ChannelMonitors instead of expecting to clone the one out of the Channel into the monitors.
-pub trait BaseSign : Send {
+pub trait BaseSign {
 	/// Gets the per-commitment point for a specific commitment number
 	///
 	/// Note that the commitment number starts at (1 << 48) - 1 and counts backwards.
@@ -353,7 +354,7 @@ pub trait Sign: BaseSign + Writeable + Clone {
 }
 
 /// A trait to describe an object which can get user secrets and key material.
-pub trait KeysInterface: Send + Sync {
+pub trait KeysInterface {
 	/// A type which implements Sign which will be returned by get_channel_signer.
 	type Signer : Sign;
 
@@ -391,6 +392,12 @@ pub trait KeysInterface: Send + Sync {
 	/// contain no versioning scheme. You may wish to include your own version prefix and ensure
 	/// you've read all of the provided bytes to ensure no corruption occurred.
 	fn read_chan_signer(&self, reader: &[u8]) -> Result<Self::Signer, DecodeError>;
+
+	/// Sign an invoice's preimage (note that this is the preimage of the invoice, not the HTLC's
+	/// preimage). By parameterizing by the preimage instead of the hash, we allow implementors of
+	/// this trait to parse the invoice and make sure they're signing what they expect, rather than
+	/// blindly signing the hash.
+	fn sign_invoice(&self, invoice_preimage: Vec<u8>) -> Result<RecoverableSignature, ()>;
 }
 
 #[derive(Clone)]
@@ -1047,10 +1054,14 @@ impl KeysInterface for KeysManager {
 	fn read_chan_signer(&self, reader: &[u8]) -> Result<Self::Signer, DecodeError> {
 		InMemorySigner::read(&mut std::io::Cursor::new(reader))
 	}
+
+	fn sign_invoice(&self, invoice_preimage: Vec<u8>) -> Result<RecoverableSignature, ()> {
+		Ok(self.secp_ctx.sign_recoverable(&hash_to_message!(&Sha256::hash(&invoice_preimage)), &self.get_node_secret()))
+	}
 }
 
 // Ensure that BaseSign can have a vtable
 #[test]
 pub fn dyn_sign() {
 	let _signer: Box<dyn BaseSign>;
-}
\ No newline at end of file
+}