X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning%2Fsrc%2Fonion_message%2Futils.rs;h=52cadf6c9dbf5db5e3a5747729dde7fbeadf8d93;hb=b4a40f6b409a54f586ba560ecb1d5ab002c3e8f3;hp=785a373caa4c80d7783dc062208af9da28e087b3;hpb=4e5381a50fa524cb183a3d92dee05cb4f2950255;p=rust-lightning

diff --git a/lightning/src/onion_message/utils.rs b/lightning/src/onion_message/utils.rs
index 785a373c..52cadf6c 100644
--- a/lightning/src/onion_message/utils.rs
+++ b/lightning/src/onion_message/utils.rs
@@ -12,18 +12,20 @@
 use bitcoin::hashes::{Hash, HashEngine};
 use bitcoin::hashes::hmac::{Hmac, HmacEngine};
 use bitcoin::hashes::sha256::Hash as Sha256;
-use bitcoin::secp256k1::{self, PublicKey, Secp256k1, SecretKey};
+use bitcoin::secp256k1::{self, PublicKey, Secp256k1, SecretKey, Scalar};
 use bitcoin::secp256k1::ecdh::SharedSecret;
 
 use ln::onion_utils;
+use super::blinded_route::BlindedRoute;
+use super::messenger::Destination;
 
 use prelude::*;
 
 // TODO: DRY with onion_utils::construct_onion_keys_callback
 #[inline]
 pub(super) fn construct_keys_callback<T: secp256k1::Signing + secp256k1::Verification,
-	FType: FnMut(PublicKey, SharedSecret, PublicKey, [u8; 32], Option<PublicKey>)>(
-	secp_ctx: &Secp256k1<T>, unblinded_path: &[PublicKey],
+	FType: FnMut(PublicKey, SharedSecret, PublicKey, [u8; 32], Option<PublicKey>, Option<Vec<u8>>)>(
+	secp_ctx: &Secp256k1<T>, unblinded_path: &[PublicKey], destination: Option<Destination>,
 	session_priv: &SecretKey, mut callback: FType
 ) -> Result<(), secp256k1::Error> {
 	let mut msg_blinding_point_priv = session_priv.clone();
@@ -32,7 +34,7 @@ pub(super) fn construct_keys_callback<T: secp256k1::Signing + secp256k1::Verific
 	let mut onion_packet_pubkey = msg_blinding_point.clone();
 
 	macro_rules! build_keys {
-		($pk: expr, $blinded: expr) => {
+		($pk: expr, $blinded: expr, $encrypted_payload: expr) => {{
 			let encrypted_data_ss = SharedSecret::new(&$pk, &msg_blinding_point_priv);
 
 			let blinded_hop_pk = if $blinded { $pk } else {
@@ -41,15 +43,20 @@ pub(super) fn construct_keys_callback<T: secp256k1::Signing + secp256k1::Verific
 					hmac.input(encrypted_data_ss.as_ref());
 					Hmac::from_engine(hmac).into_inner()
 				};
-				let mut unblinded_pk = $pk;
-				unblinded_pk.mul_assign(secp_ctx, &hop_pk_blinding_factor)?;
-				unblinded_pk
+				$pk.mul_tweak(secp_ctx, &Scalar::from_be_bytes(hop_pk_blinding_factor).unwrap())?
 			};
 			let onion_packet_ss = SharedSecret::new(&blinded_hop_pk, &onion_packet_pubkey_priv);
 
 			let rho = onion_utils::gen_rho_from_shared_secret(encrypted_data_ss.as_ref());
 			let unblinded_pk_opt = if $blinded { None } else { Some($pk) };
-			callback(blinded_hop_pk, onion_packet_ss, onion_packet_pubkey, rho, unblinded_pk_opt);
+			callback(blinded_hop_pk, onion_packet_ss, onion_packet_pubkey, rho, unblinded_pk_opt, $encrypted_payload);
+			(encrypted_data_ss, onion_packet_ss)
+		}}
+	}
+
+	macro_rules! build_keys_in_loop {
+		($pk: expr, $blinded: expr, $encrypted_payload: expr) => {
+			let (encrypted_data_ss, onion_packet_ss) = build_keys!($pk, $blinded, $encrypted_payload);
 
 			let msg_blinding_point_blinding_factor = {
 				let mut sha = Sha256::engine();
@@ -58,7 +65,7 @@ pub(super) fn construct_keys_callback<T: secp256k1::Signing + secp256k1::Verific
 				Sha256::from_engine(sha).into_inner()
 			};
 
-			msg_blinding_point_priv.mul_assign(&msg_blinding_point_blinding_factor)?;
+			msg_blinding_point_priv = msg_blinding_point_priv.mul_tweak(&Scalar::from_be_bytes(msg_blinding_point_blinding_factor).unwrap())?;
 			msg_blinding_point = PublicKey::from_secret_key(secp_ctx, &msg_blinding_point_priv);
 
 			let onion_packet_pubkey_blinding_factor = {
@@ -67,13 +74,25 @@ pub(super) fn construct_keys_callback<T: secp256k1::Signing + secp256k1::Verific
 				sha.input(onion_packet_ss.as_ref());
 				Sha256::from_engine(sha).into_inner()
 			};
-			onion_packet_pubkey_priv.mul_assign(&onion_packet_pubkey_blinding_factor)?;
+			onion_packet_pubkey_priv = onion_packet_pubkey_priv.mul_tweak(&Scalar::from_be_bytes(onion_packet_pubkey_blinding_factor).unwrap())?;
 			onion_packet_pubkey = PublicKey::from_secret_key(secp_ctx, &onion_packet_pubkey_priv);
 		};
 	}
 
 	for pk in unblinded_path {
-		build_keys!(*pk, false);
+		build_keys_in_loop!(*pk, false, None);
+	}
+	if let Some(dest) = destination {
+		match dest {
+			Destination::Node(pk) => {
+				build_keys!(pk, false, None);
+			},
+			Destination::BlindedRoute(BlindedRoute { blinded_hops, .. }) => {
+				for hop in blinded_hops {
+					build_keys_in_loop!(hop.blinded_node_id, true, Some(hop.encrypted_payload));
+				}
+			},
+		}
 	}
 	Ok(())
 }