X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning%2Fsrc%2Foffers%2Frefund.rs;h=8fbc47d122cc88983694d0c5235b58e33e970169;hb=6775b957bc0e738afff46eb819c69f45410f1843;hp=8f91db597f62527ab52f9569ae8ce2182c53162f;hpb=2298af4d0b008d844eed12444948339ba7557de7;p=rust-lightning

diff --git a/lightning/src/offers/refund.rs b/lightning/src/offers/refund.rs
index 8f91db59..8fbc47d1 100644
--- a/lightning/src/offers/refund.rs
+++ b/lightning/src/offers/refund.rs
@@ -32,7 +32,7 @@
 //! use lightning::offers::refund::{Refund, RefundBuilder};
 //! use lightning::util::ser::{Readable, Writeable};
 //!
-//! # use lightning::onion_message::BlindedPath;
+//! # use lightning::blinded_path::BlindedPath;
 //! # #[cfg(feature = "std")]
 //! # use std::time::SystemTime;
 //! #
@@ -78,20 +78,19 @@ use core::convert::TryFrom;
 use core::ops::Deref;
 use core::str::FromStr;
 use core::time::Duration;
-use crate::chain::keysinterface::EntropySource;
+use crate::sign::EntropySource;
 use crate::io;
+use crate::blinded_path::BlindedPath;
 use crate::ln::PaymentHash;
 use crate::ln::features::InvoiceRequestFeatures;
 use crate::ln::inbound_payment::{ExpandedKey, IV_LEN, Nonce};
 use crate::ln::msgs::{DecodeError, MAX_VALUE_MSAT};
-use crate::offers::invoice::{BlindedPayInfo, InvoiceBuilder};
-use crate::offers::invoice_request::{INVOICE_REQUEST_PAYER_ID_TYPE, INVOICE_REQUEST_TYPES, InvoiceRequestTlvStream, InvoiceRequestTlvStreamRef};
-use crate::offers::merkle::TlvStream;
-use crate::offers::offer::{OFFER_TYPES, OfferTlvStream, OfferTlvStreamRef};
+use crate::offers::invoice::{BlindedPayInfo, DerivedSigningPubkey, ExplicitSigningPubkey, InvoiceBuilder};
+use crate::offers::invoice_request::{InvoiceRequestTlvStream, InvoiceRequestTlvStreamRef};
+use crate::offers::offer::{OfferTlvStream, OfferTlvStreamRef};
 use crate::offers::parse::{Bech32Encode, ParseError, ParsedMessage, SemanticError};
-use crate::offers::payer::{PAYER_METADATA_TYPE, PayerContents, PayerTlvStream, PayerTlvStreamRef};
+use crate::offers::payer::{PayerContents, PayerTlvStream, PayerTlvStreamRef};
 use crate::offers::signer::{Metadata, MetadataMaterial, self};
-use crate::onion_message::BlindedPath;
 use crate::util::ser::{SeekReadable, WithoutLength, Writeable, Writer};
 use crate::util::string::PrintableString;
 
@@ -100,12 +99,14 @@ use crate::prelude::*;
 #[cfg(feature = "std")]
 use std::time::SystemTime;
 
-const IV_BYTES: &[u8; IV_LEN] = b"LDK Refund ~~~~~";
+pub(super) const IV_BYTES: &[u8; IV_LEN] = b"LDK Refund ~~~~~";
 
 /// Builds a [`Refund`] for the "offer for money" flow.
 ///
 /// See [module-level documentation] for usage.
 ///
+/// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+///
 /// [module-level documentation]: self
 pub struct RefundBuilder<'a, T: secp256k1::Signing> {
 	refund: RefundContents,
@@ -311,7 +312,7 @@ impl Refund {
 	/// A complete description of the purpose of the refund. Intended to be displayed to the user
 	/// but with the caveat that it has not been verified in any way.
 	pub fn description(&self) -> PrintableString {
-		PrintableString(&self.contents.description)
+		self.contents.description()
 	}
 
 	/// Duration since the Unix epoch when an invoice should no longer be sent.
@@ -388,12 +389,14 @@ impl Refund {
 	/// See [`Refund::respond_with_no_std`] for further details where the aforementioned creation
 	/// time is used for the `created_at` parameter.
 	///
+	/// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+	///
 	/// [`Duration`]: core::time::Duration
 	#[cfg(feature = "std")]
 	pub fn respond_with(
 		&self, payment_paths: Vec<(BlindedPath, BlindedPayInfo)>, payment_hash: PaymentHash,
 		signing_pubkey: PublicKey,
-	) -> Result<InvoiceBuilder, SemanticError> {
+	) -> Result<InvoiceBuilder<ExplicitSigningPubkey>, SemanticError> {
 		let created_at = std::time::SystemTime::now()
 			.duration_since(std::time::SystemTime::UNIX_EPOCH)
 			.expect("SystemTime::now() should come after SystemTime::UNIX_EPOCH");
@@ -420,11 +423,13 @@ impl Refund {
 	///
 	/// Errors if the request contains unknown required features.
 	///
+	/// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+	///
 	/// [`Invoice::created_at`]: crate::offers::invoice::Invoice::created_at
 	pub fn respond_with_no_std(
 		&self, payment_paths: Vec<(BlindedPath, BlindedPayInfo)>, payment_hash: PaymentHash,
 		signing_pubkey: PublicKey, created_at: Duration
-	) -> Result<InvoiceBuilder, SemanticError> {
+	) -> Result<InvoiceBuilder<ExplicitSigningPubkey>, SemanticError> {
 		if self.features().requires_unknown_bits() {
 			return Err(SemanticError::UnknownRequiredFeatures);
 		}
@@ -432,6 +437,55 @@ impl Refund {
 		InvoiceBuilder::for_refund(self, payment_paths, created_at, payment_hash, signing_pubkey)
 	}
 
+	/// Creates an [`InvoiceBuilder`] for the refund using the given required fields and that uses
+	/// derived signing keys to sign the [`Invoice`].
+	///
+	/// See [`Refund::respond_with`] for further details.
+	///
+	/// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+	///
+	/// [`Invoice`]: crate::offers::invoice::Invoice
+	#[cfg(feature = "std")]
+	pub fn respond_using_derived_keys<ES: Deref>(
+		&self, payment_paths: Vec<(BlindedPath, BlindedPayInfo)>, payment_hash: PaymentHash,
+		expanded_key: &ExpandedKey, entropy_source: ES
+	) -> Result<InvoiceBuilder<DerivedSigningPubkey>, SemanticError>
+	where
+		ES::Target: EntropySource,
+	{
+		let created_at = std::time::SystemTime::now()
+			.duration_since(std::time::SystemTime::UNIX_EPOCH)
+			.expect("SystemTime::now() should come after SystemTime::UNIX_EPOCH");
+
+		self.respond_using_derived_keys_no_std(
+			payment_paths, payment_hash, created_at, expanded_key, entropy_source
+		)
+	}
+
+	/// Creates an [`InvoiceBuilder`] for the refund using the given required fields and that uses
+	/// derived signing keys to sign the [`Invoice`].
+	///
+	/// See [`Refund::respond_with_no_std`] for further details.
+	///
+	/// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+	///
+	/// [`Invoice`]: crate::offers::invoice::Invoice
+	pub fn respond_using_derived_keys_no_std<ES: Deref>(
+		&self, payment_paths: Vec<(BlindedPath, BlindedPayInfo)>, payment_hash: PaymentHash,
+		created_at: core::time::Duration, expanded_key: &ExpandedKey, entropy_source: ES
+	) -> Result<InvoiceBuilder<DerivedSigningPubkey>, SemanticError>
+	where
+		ES::Target: EntropySource,
+	{
+		if self.features().requires_unknown_bits() {
+			return Err(SemanticError::UnknownRequiredFeatures);
+		}
+
+		let nonce = Nonce::from_entropy_source(entropy_source);
+		let keys = signer::derive_keys(nonce, expanded_key);
+		InvoiceBuilder::for_refund_using_keys(self, payment_paths, created_at, payment_hash, keys)
+	}
+
 	#[cfg(test)]
 	fn as_tlv_stream(&self) -> RefundTlvStreamRef {
 		self.contents.as_tlv_stream()
@@ -445,6 +499,10 @@ impl AsRef<[u8]> for Refund {
 }
 
 impl RefundContents {
+	pub fn description(&self) -> PrintableString {
+		PrintableString(&self.description)
+	}
+
 	#[cfg(feature = "std")]
 	pub(super) fn is_expired(&self) -> bool {
 		match self.absolute_expiry {
@@ -456,7 +514,7 @@ impl RefundContents {
 		}
 	}
 
-	fn metadata(&self) -> &[u8] {
+	pub(super) fn metadata(&self) -> &[u8] {
 		self.payer.0.as_bytes().map(|bytes| bytes.as_slice()).unwrap_or(&[])
 	}
 
@@ -468,20 +526,12 @@ impl RefundContents {
 		ChainHash::using_genesis_block(Network::Bitcoin)
 	}
 
-	/// Verifies that the payer metadata was produced from the refund in the TLV stream.
-	pub(super) fn verify<T: secp256k1::Signing>(
-		&self, tlv_stream: TlvStream<'_>, key: &ExpandedKey, secp_ctx: &Secp256k1<T>
-	) -> bool {
-		let offer_records = tlv_stream.clone().range(OFFER_TYPES);
-		let invreq_records = tlv_stream.range(INVOICE_REQUEST_TYPES).filter(|record| {
-			match record.r#type {
-				PAYER_METADATA_TYPE => false, // Should be outside range
-				INVOICE_REQUEST_PAYER_ID_TYPE => !self.payer.0.derives_keys(),
-				_ => true,
-			}
-		});
-		let tlv_stream = offer_records.chain(invreq_records);
-		signer::verify_metadata(self.metadata(), key, IV_BYTES, self.payer_id, tlv_stream, secp_ctx)
+	pub(super) fn derives_keys(&self) -> bool {
+		self.payer.0.derives_keys()
+	}
+
+	pub(super) fn payer_id(&self) -> PublicKey {
+		self.payer_id
 	}
 
 	pub(super) fn as_tlv_stream(&self) -> RefundTlvStreamRef {
@@ -661,7 +711,8 @@ mod tests {
 	use bitcoin::secp256k1::{KeyPair, Secp256k1, SecretKey};
 	use core::convert::TryFrom;
 	use core::time::Duration;
-	use crate::chain::keysinterface::KeyMaterial;
+	use crate::blinded_path::{BlindedHop, BlindedPath};
+	use crate::sign::KeyMaterial;
 	use crate::ln::features::{InvoiceRequestFeatures, OfferFeatures};
 	use crate::ln::inbound_payment::ExpandedKey;
 	use crate::ln::msgs::{DecodeError, MAX_VALUE_MSAT};
@@ -670,7 +721,6 @@ mod tests {
 	use crate::offers::parse::{ParseError, SemanticError};
 	use crate::offers::payer::PayerTlvStreamRef;
 	use crate::offers::test_utils::*;
-	use crate::onion_message::{BlindedHop, BlindedPath};
 	use crate::util::ser::{BigSize, Writeable};
 	use crate::util::string::PrintableString;