From: Devrandom Date: Thu, 5 May 2022 15:59:38 +0000 (+0200) Subject: bitcoin crate 0.28.1 X-Git-Tag: v0.0.107~37^2~1 X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=commitdiff_plain;h=28d33ff9e03b7e3a0cd7ba3bc59f1303b3903f88;p=rust-lightning bitcoin crate 0.28.1 --- diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml index bc1f0a479..88e577617 100644 --- a/fuzz/Cargo.toml +++ b/fuzz/Cargo.toml @@ -19,7 +19,7 @@ stdin_fuzz = [] [dependencies] afl = { version = "0.4", optional = true } lightning = { path = "../lightning", features = ["regex"] } -bitcoin = { version = "0.27", features = ["fuzztarget", "secp-lowmemory"] } +bitcoin = { version = "0.28.1", features = ["secp-lowmemory"] } hex = "0.3" honggfuzz = { version = "0.5", optional = true } libfuzzer-sys = { git = "https://github.com/rust-fuzz/libfuzzer-sys.git", optional = true } diff --git a/fuzz/src/chanmon_consistency.rs b/fuzz/src/chanmon_consistency.rs index 8c4f5adcb..8472f8fa6 100644 --- a/fuzz/src/chanmon_consistency.rs +++ b/fuzz/src/chanmon_consistency.rs @@ -53,8 +53,8 @@ use lightning::routing::router::{Route, RouteHop}; use utils::test_logger::{self, Output}; use utils::test_persister::TestPersister; -use bitcoin::secp256k1::key::{PublicKey,SecretKey}; -use bitcoin::secp256k1::recovery::RecoverableSignature; +use bitcoin::secp256k1::{PublicKey,SecretKey}; +use bitcoin::secp256k1::ecdsa::RecoverableSignature; use bitcoin::secp256k1::Secp256k1; use std::mem; diff --git a/fuzz/src/full_stack.rs b/fuzz/src/full_stack.rs index 0412547a0..330124f8a 100644 --- a/fuzz/src/full_stack.rs +++ b/fuzz/src/full_stack.rs @@ -50,8 +50,8 @@ use lightning::util::ser::ReadableArgs; use utils::test_logger; use utils::test_persister::TestPersister; -use bitcoin::secp256k1::key::{PublicKey,SecretKey}; -use bitcoin::secp256k1::recovery::RecoverableSignature; +use bitcoin::secp256k1::{PublicKey,SecretKey}; +use bitcoin::secp256k1::ecdsa::RecoverableSignature; use bitcoin::secp256k1::Secp256k1; use std::cell::RefCell; diff --git a/fuzz/src/peer_crypt.rs b/fuzz/src/peer_crypt.rs index f41137fc8..9bef43298 100644 --- a/fuzz/src/peer_crypt.rs +++ b/fuzz/src/peer_crypt.rs @@ -9,7 +9,7 @@ use lightning::ln::peer_channel_encryptor::PeerChannelEncryptor; -use bitcoin::secp256k1::key::{PublicKey,SecretKey}; +use bitcoin::secp256k1::{PublicKey,SecretKey}; use utils::test_logger; diff --git a/fuzz/src/router.rs b/fuzz/src/router.rs index 27c5ee2b7..786bfa3e5 100644 --- a/fuzz/src/router.rs +++ b/fuzz/src/router.rs @@ -23,7 +23,7 @@ use lightning::util::ser::Readable; use lightning::routing::network_graph::{NetworkGraph, RoutingFees}; use bitcoin::hashes::Hash; -use bitcoin::secp256k1::key::PublicKey; +use bitcoin::secp256k1::PublicKey; use bitcoin::network::constants::Network; use bitcoin::blockdata::constants::genesis_block; diff --git a/lightning-background-processor/Cargo.toml b/lightning-background-processor/Cargo.toml index 16ec763fb..00061ee6e 100644 --- a/lightning-background-processor/Cargo.toml +++ b/lightning-background-processor/Cargo.toml @@ -14,7 +14,7 @@ all-features = true rustdoc-args = ["--cfg", "docsrs"] [dependencies] -bitcoin = "0.27" +bitcoin = "0.28.1" lightning = { version = "0.0.106", path = "../lightning", features = ["std"] } [dev-dependencies] diff --git a/lightning-block-sync/Cargo.toml b/lightning-block-sync/Cargo.toml index 673034081..1d6e7f40a 100644 --- a/lightning-block-sync/Cargo.toml +++ b/lightning-block-sync/Cargo.toml @@ -18,7 +18,7 @@ rest-client = [ "serde", "serde_json", "chunked_transfer" ] rpc-client = [ "serde", "serde_json", "chunked_transfer" ] [dependencies] -bitcoin = "0.27" +bitcoin = "0.28.1" lightning = { version = "0.0.106", path = "../lightning" } futures = { version = "0.3" } tokio = { version = "1.0", features = [ "io-util", "net", "time" ], optional = true } diff --git a/lightning-block-sync/src/test_utils.rs b/lightning-block-sync/src/test_utils.rs index c101d4bd3..baaab456b 100644 --- a/lightning-block-sync/src/test_utils.rs +++ b/lightning-block-sync/src/test_utils.rs @@ -6,6 +6,8 @@ use bitcoin::blockdata::constants::genesis_block; use bitcoin::hash_types::BlockHash; use bitcoin::network::constants::Network; use bitcoin::util::uint::Uint256; +use bitcoin::util::hash::bitcoin_merkle_root; +use bitcoin::Transaction; use lightning::chain; @@ -37,16 +39,27 @@ impl Blockchain { let prev_block = &self.blocks[i - 1]; let prev_blockhash = prev_block.block_hash(); let time = prev_block.header.time + height as u32; + // Must have at least one transaction, because the merkle root is not defined for an empty block + // and we would fail when we later checked, as of bitcoin crate 0.28.0. + // Note that elsewhere in tests we assume that the merkle root of an empty block is all zeros, + // but that's OK because those tests don't trigger the check. + let coinbase = Transaction { + version: 0, + lock_time: 0, + input: vec![], + output: vec![] + }; + let merkle_root = bitcoin_merkle_root(vec![coinbase.txid().as_hash()].into_iter()).unwrap(); self.blocks.push(Block { header: BlockHeader { version: 0, prev_blockhash, - merkle_root: Default::default(), + merkle_root: merkle_root.into(), time, bits, nonce: 0, }, - txdata: vec![], + txdata: vec![coinbase], }); } self diff --git a/lightning-invoice/Cargo.toml b/lightning-invoice/Cargo.toml index 194f5f70e..f65d7ac88 100644 --- a/lightning-invoice/Cargo.toml +++ b/lightning-invoice/Cargo.toml @@ -20,7 +20,7 @@ std = ["bitcoin_hashes/std", "num-traits/std", "lightning/std", "bech32/std"] [dependencies] bech32 = { version = "0.8", default-features = false } lightning = { version = "0.0.106", path = "../lightning", default-features = false } -secp256k1 = { version = "0.20", default-features = false, features = ["recovery", "alloc"] } +secp256k1 = { version = "0.22", default-features = false, features = ["recovery", "alloc"] } num-traits = { version = "0.2.8", default-features = false } bitcoin_hashes = { version = "0.10", default-features = false } hashbrown = { version = "0.11", optional = true } diff --git a/lightning-invoice/src/de.rs b/lightning-invoice/src/de.rs index 5de2b038e..e9b639c10 100644 --- a/lightning-invoice/src/de.rs +++ b/lightning-invoice/src/de.rs @@ -19,8 +19,8 @@ use lightning::routing::router::{RouteHint, RouteHintHop}; use num_traits::{CheckedAdd, CheckedMul}; use secp256k1; -use secp256k1::recovery::{RecoveryId, RecoverableSignature}; -use secp256k1::key::PublicKey; +use secp256k1::ecdsa::{RecoveryId, RecoverableSignature}; +use secp256k1::PublicKey; use super::{Invoice, Sha256, TaggedField, ExpiryTime, MinFinalCltvExpiry, Fallback, PayeePubKey, InvoiceSignature, PositiveTimestamp, SemanticError, PrivateRoute, ParseError, ParseOrSemanticError, Description, RawTaggedField, Currency, RawHrp, SiPrefix, RawInvoice, @@ -967,7 +967,7 @@ mod test { #[test] fn test_payment_secret_and_features_de_and_ser() { use lightning::ln::features::InvoiceFeatures; - use secp256k1::recovery::{RecoveryId, RecoverableSignature}; + use secp256k1::ecdsa::{RecoveryId, RecoverableSignature}; use TaggedField::*; use {SiPrefix, SignedRawInvoice, InvoiceSignature, RawInvoice, RawHrp, RawDataPart, Currency, Sha256, PositiveTimestamp}; @@ -1014,7 +1014,7 @@ mod test { #[test] fn test_raw_signed_invoice_deserialization() { use TaggedField::*; - use secp256k1::recovery::{RecoveryId, RecoverableSignature}; + use secp256k1::ecdsa::{RecoveryId, RecoverableSignature}; use {SignedRawInvoice, InvoiceSignature, RawInvoice, RawHrp, RawDataPart, Currency, Sha256, PositiveTimestamp}; diff --git a/lightning-invoice/src/lib.rs b/lightning-invoice/src/lib.rs index 5784607dd..616ea99f0 100644 --- a/lightning-invoice/src/lib.rs +++ b/lightning-invoice/src/lib.rs @@ -47,9 +47,9 @@ use lightning::routing::network_graph::RoutingFees; use lightning::routing::router::RouteHint; use lightning::util::invoice::construct_invoice_preimage; -use secp256k1::key::PublicKey; +use secp256k1::PublicKey; use secp256k1::{Message, Secp256k1}; -use secp256k1::recovery::RecoverableSignature; +use secp256k1::ecdsa::RecoverableSignature; use core::fmt::{Display, Formatter, self}; use core::iter::FilterMap; @@ -163,7 +163,7 @@ pub const DEFAULT_MIN_FINAL_CLTV_EXPIRY: u64 = 18; /// use bitcoin_hashes::sha256; /// /// use secp256k1::Secp256k1; -/// use secp256k1::key::SecretKey; +/// use secp256k1::SecretKey; /// /// use lightning::ln::PaymentSecret; /// @@ -191,7 +191,7 @@ pub const DEFAULT_MIN_FINAL_CLTV_EXPIRY: u64 = 18; /// .current_timestamp() /// .min_final_cltv_expiry(144) /// .build_signed(|hash| { -/// Secp256k1::new().sign_recoverable(hash, &private_key) +/// Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key) /// }) /// .unwrap(); /// @@ -749,7 +749,7 @@ impl SignedRawInvoice { let hash = Message::from_slice(&self.hash[..]) .expect("Hash is 32 bytes long, same as MESSAGE_SIZE"); - Ok(PayeePubKey(Secp256k1::new().recover( + Ok(PayeePubKey(Secp256k1::new().recover_ecdsa( &hash, &self.signature )?)) @@ -776,7 +776,7 @@ impl SignedRawInvoice { .expect("Hash is 32 bytes long, same as MESSAGE_SIZE"); let secp_context = Secp256k1::new(); - let verification_result = secp_context.verify( + let verification_result = secp_context.verify_ecdsa( &hash, &self.signature.to_standard(), pub_key @@ -1576,8 +1576,8 @@ mod test { fn test_check_signature() { use TaggedField::*; use secp256k1::Secp256k1; - use secp256k1::recovery::{RecoveryId, RecoverableSignature}; - use secp256k1::key::{SecretKey, PublicKey}; + use secp256k1::ecdsa::{RecoveryId, RecoverableSignature}; + use secp256k1::{SecretKey, PublicKey}; use {SignedRawInvoice, InvoiceSignature, RawInvoice, RawHrp, RawDataPart, Currency, Sha256, PositiveTimestamp}; @@ -1635,7 +1635,7 @@ mod test { let (raw_invoice, _, _) = invoice.into_parts(); let new_signed = raw_invoice.sign::<_, ()>(|hash| { - Ok(Secp256k1::new().sign_recoverable(hash, &private_key)) + Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)) }).unwrap(); assert!(new_signed.check_signature()); @@ -1646,7 +1646,7 @@ mod test { use TaggedField::*; use lightning::ln::features::InvoiceFeatures; use secp256k1::Secp256k1; - use secp256k1::key::SecretKey; + use secp256k1::SecretKey; use {RawInvoice, RawHrp, RawDataPart, Currency, Sha256, PositiveTimestamp, Invoice, SemanticError}; @@ -1677,7 +1677,7 @@ mod test { let invoice = { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::InvalidFeatures)); @@ -1686,7 +1686,7 @@ mod test { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); invoice.data.tagged_fields.push(Features(InvoiceFeatures::empty()).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::InvalidFeatures)); @@ -1695,14 +1695,14 @@ mod test { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); invoice.data.tagged_fields.push(Features(InvoiceFeatures::known()).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert!(Invoice::from_signed(invoice).is_ok()); // No payment secret or features let invoice = { let invoice = invoice_template.clone(); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret)); @@ -1710,7 +1710,7 @@ mod test { let invoice = { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(Features(InvoiceFeatures::empty()).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret)); @@ -1718,7 +1718,7 @@ mod test { let invoice = { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(Features(InvoiceFeatures::known()).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret)); @@ -1727,7 +1727,7 @@ mod test { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::MultiplePaymentSecrets)); } @@ -1764,7 +1764,7 @@ mod test { use ::*; use lightning::routing::router::RouteHintHop; use std::iter::FromIterator; - use secp256k1::key::PublicKey; + use secp256k1::PublicKey; let builder = InvoiceBuilder::new(Currency::Bitcoin) .payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap()) @@ -1818,7 +1818,7 @@ mod test { use ::*; use lightning::routing::router::RouteHintHop; use secp256k1::Secp256k1; - use secp256k1::key::{SecretKey, PublicKey}; + use secp256k1::{SecretKey, PublicKey}; use std::time::{UNIX_EPOCH, Duration}; let secp_ctx = Secp256k1::new(); @@ -1897,7 +1897,7 @@ mod test { .basic_mpp(); let invoice = builder.clone().build_signed(|hash| { - secp_ctx.sign_recoverable(hash, &private_key) + secp_ctx.sign_ecdsa_recoverable(hash, &private_key) }).unwrap(); assert!(invoice.check_signature().is_ok()); @@ -1932,7 +1932,7 @@ mod test { fn test_default_values() { use ::*; use secp256k1::Secp256k1; - use secp256k1::key::SecretKey; + use secp256k1::SecretKey; let signed_invoice = InvoiceBuilder::new(Currency::Bitcoin) .description("Test".into()) @@ -1944,7 +1944,7 @@ mod test { .sign::<_, ()>(|hash| { let privkey = SecretKey::from_slice(&[41; 32]).unwrap(); let secp_ctx = Secp256k1::new(); - Ok(secp_ctx.sign_recoverable(hash, &privkey)) + Ok(secp_ctx.sign_ecdsa_recoverable(hash, &privkey)) }) .unwrap(); let invoice = Invoice::from_signed(signed_invoice).unwrap(); @@ -1958,7 +1958,7 @@ mod test { fn test_expiration() { use ::*; use secp256k1::Secp256k1; - use secp256k1::key::SecretKey; + use secp256k1::SecretKey; let signed_invoice = InvoiceBuilder::new(Currency::Bitcoin) .description("Test".into()) @@ -1970,7 +1970,7 @@ mod test { .sign::<_, ()>(|hash| { let privkey = SecretKey::from_slice(&[41; 32]).unwrap(); let secp_ctx = Secp256k1::new(); - Ok(secp_ctx.sign_recoverable(hash, &privkey)) + Ok(secp_ctx.sign_ecdsa_recoverable(hash, &privkey)) }) .unwrap(); let invoice = Invoice::from_signed(signed_invoice).unwrap(); diff --git a/lightning-invoice/src/payment.rs b/lightning-invoice/src/payment.rs index 82c07199f..1c8285429 100644 --- a/lightning-invoice/src/payment.rs +++ b/lightning-invoice/src/payment.rs @@ -46,7 +46,7 @@ //! # use lightning::util::ser::{Writeable, Writer}; //! # use lightning_invoice::Invoice; //! # use lightning_invoice::payment::{InvoicePayer, Payer, RetryAttempts, Router}; -//! # use secp256k1::key::PublicKey; +//! # use secp256k1::PublicKey; //! # use std::cell::RefCell; //! # use std::ops::Deref; //! # @@ -148,7 +148,7 @@ use lightning::util::events::{Event, EventHandler}; use lightning::util::logger::Logger; use crate::sync::Mutex; -use secp256k1::key::PublicKey; +use secp256k1::PublicKey; use core::ops::Deref; use core::time::Duration; @@ -555,7 +555,7 @@ mod tests { .min_final_cltv_expiry(144) .amount_milli_satoshis(128) .build_signed(|hash| { - Secp256k1::new().sign_recoverable(hash, &private_key) + Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key) }) .unwrap() } @@ -580,7 +580,7 @@ mod tests { .duration_since_epoch(duration_since_epoch()) .min_final_cltv_expiry(144) .build_signed(|hash| { - Secp256k1::new().sign_recoverable(hash, &private_key) + Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key) }) .unwrap() } @@ -600,7 +600,7 @@ mod tests { .min_final_cltv_expiry(144) .amount_milli_satoshis(128) .build_signed(|hash| { - Secp256k1::new().sign_recoverable(hash, &private_key) + Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key) }) .unwrap() } diff --git a/lightning-invoice/src/utils.rs b/lightning-invoice/src/utils.rs index a2edc43af..deea02a92 100644 --- a/lightning-invoice/src/utils.rs +++ b/lightning-invoice/src/utils.rs @@ -19,7 +19,7 @@ use lightning::routing::scoring::Score; use lightning::routing::network_graph::{NetworkGraph, RoutingFees}; use lightning::routing::router::{Route, RouteHint, RouteHintHop, RouteParameters, find_route}; use lightning::util::logger::Logger; -use secp256k1::key::PublicKey; +use secp256k1::PublicKey; use core::convert::TryInto; use core::ops::Deref; use core::time::Duration; diff --git a/lightning-invoice/tests/ser_de.rs b/lightning-invoice/tests/ser_de.rs index 1eaeb3137..1d9c48151 100644 --- a/lightning-invoice/tests/ser_de.rs +++ b/lightning-invoice/tests/ser_de.rs @@ -13,7 +13,7 @@ use lightning::routing::router::{RouteHint, RouteHintHop}; use lightning::routing::network_graph::RoutingFees; use lightning_invoice::*; use secp256k1::PublicKey; -use secp256k1::recovery::{RecoverableSignature, RecoveryId}; +use secp256k1::ecdsa::{RecoverableSignature, RecoveryId}; use std::collections::HashSet; use std::time::Duration; use std::str::FromStr; diff --git a/lightning-net-tokio/Cargo.toml b/lightning-net-tokio/Cargo.toml index 40734ff28..08c649f79 100644 --- a/lightning-net-tokio/Cargo.toml +++ b/lightning-net-tokio/Cargo.toml @@ -15,7 +15,7 @@ all-features = true rustdoc-args = ["--cfg", "docsrs"] [dependencies] -bitcoin = "0.27" +bitcoin = "0.28.1" lightning = { version = "0.0.106", path = "../lightning" } tokio = { version = "1.0", features = [ "io-util", "macros", "rt", "sync", "net", "time" ] } diff --git a/lightning-net-tokio/src/lib.rs b/lightning-net-tokio/src/lib.rs index a9fd861bc..e63f7c016 100644 --- a/lightning-net-tokio/src/lib.rs +++ b/lightning-net-tokio/src/lib.rs @@ -23,7 +23,7 @@ //! # Example //! ``` //! use std::net::TcpStream; -//! use bitcoin::secp256k1::key::PublicKey; +//! use bitcoin::secp256k1::PublicKey; //! use lightning::util::events::{Event, EventHandler, EventsProvider}; //! use std::net::SocketAddr; //! use std::sync::Arc; @@ -71,7 +71,7 @@ #![cfg_attr(docsrs, feature(doc_auto_cfg))] -use bitcoin::secp256k1::key::PublicKey; +use bitcoin::secp256k1::PublicKey; use tokio::net::TcpStream; use tokio::{io, time}; diff --git a/lightning-persister/Cargo.toml b/lightning-persister/Cargo.toml index d97cd017b..1bf4c5d2e 100644 --- a/lightning-persister/Cargo.toml +++ b/lightning-persister/Cargo.toml @@ -16,7 +16,7 @@ rustdoc-args = ["--cfg", "docsrs"] _bench_unstable = ["lightning/_bench_unstable"] [dependencies] -bitcoin = "0.27" +bitcoin = "0.28.1" lightning = { version = "0.0.106", path = "../lightning" } libc = "0.2" diff --git a/lightning/Cargo.toml b/lightning/Cargo.toml index a9df76673..5a54d042a 100644 --- a/lightning/Cargo.toml +++ b/lightning/Cargo.toml @@ -38,9 +38,7 @@ grind_signatures = [] default = ["std", "grind_signatures"] [dependencies] -bitcoin = { version = "0.27", default-features = false, features = ["secp-recovery"] } -# TODO remove this once rust-bitcoin PR #637 is released -secp256k1 = { version = "0.20.2", default-features = false, features = ["alloc"] } +bitcoin = { version = "0.28.1", default-features = false, features = ["secp-recovery"] } hashbrown = { version = "0.11", optional = true } hex = { version = "0.4", optional = true } @@ -52,10 +50,8 @@ core2 = { version = "0.3.0", optional = true, default-features = false } [dev-dependencies] hex = "0.4" regex = "0.2.11" -# TODO remove this once rust-bitcoin PR #637 is released -secp256k1 = { version = "0.20.2", default-features = false, features = ["alloc"] } [dev-dependencies.bitcoin] -version = "0.27" +version = "0.28.1" default-features = false features = ["bitcoinconsensus", "secp-recovery"] diff --git a/lightning/src/chain/channelmonitor.rs b/lightning/src/chain/channelmonitor.rs index 681d895f2..738fff383 100644 --- a/lightning/src/chain/channelmonitor.rs +++ b/lightning/src/chain/channelmonitor.rs @@ -29,8 +29,8 @@ use bitcoin::hashes::Hash; use bitcoin::hashes::sha256::Hash as Sha256; use bitcoin::hash_types::{Txid, BlockHash, WPubkeyHash}; -use bitcoin::secp256k1::{Secp256k1,Signature}; -use bitcoin::secp256k1::key::{SecretKey,PublicKey}; +use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature}; +use bitcoin::secp256k1::{SecretKey, PublicKey}; use bitcoin::secp256k1; use ln::{PaymentHash, PaymentPreimage}; @@ -2653,7 +2653,7 @@ impl ChannelMonitorImpl { // appears to be spending the correct type (ie that the match would // actually succeed in BIP 158/159-style filters). if _script_pubkey.is_v0_p2wsh() { - assert_eq!(&bitcoin::Address::p2wsh(&Script::from(input.witness.last().unwrap().clone()), bitcoin::Network::Bitcoin).script_pubkey(), _script_pubkey); + assert_eq!(&bitcoin::Address::p2wsh(&Script::from(input.witness.last().unwrap().to_vec()), bitcoin::Network::Bitcoin).script_pubkey(), _script_pubkey); } else if _script_pubkey.is_v0_p2wpkh() { assert_eq!(&bitcoin::Address::p2wpkh(&bitcoin::PublicKey::from_slice(&input.witness.last().unwrap()).unwrap(), bitcoin::Network::Bitcoin).unwrap().script_pubkey(), _script_pubkey); } else { panic!(); } @@ -2736,20 +2736,23 @@ impl ChannelMonitorImpl { fn is_resolving_htlc_output(&mut self, tx: &Transaction, height: u32, logger: &L) where L::Target: Logger { 'outer_loop: for input in &tx.input { let mut payment_data = None; - let revocation_sig_claim = (input.witness.len() == 3 && HTLCType::scriptlen_to_htlctype(input.witness[2].len()) == Some(HTLCType::OfferedHTLC) && input.witness[1].len() == 33) - || (input.witness.len() == 3 && HTLCType::scriptlen_to_htlctype(input.witness[2].len()) == Some(HTLCType::AcceptedHTLC) && input.witness[1].len() == 33); - let accepted_preimage_claim = input.witness.len() == 5 && HTLCType::scriptlen_to_htlctype(input.witness[4].len()) == Some(HTLCType::AcceptedHTLC); + let witness_items = input.witness.len(); + let htlctype = input.witness.last().map(|w| w.len()).and_then(HTLCType::scriptlen_to_htlctype); + let prev_last_witness_len = input.witness.second_to_last().map(|w| w.len()).unwrap_or(0); + let revocation_sig_claim = (witness_items == 3 && htlctype == Some(HTLCType::OfferedHTLC) && prev_last_witness_len == 33) + || (witness_items == 3 && htlctype == Some(HTLCType::AcceptedHTLC) && prev_last_witness_len == 33); + let accepted_preimage_claim = witness_items == 5 && htlctype == Some(HTLCType::AcceptedHTLC); #[cfg(not(fuzzing))] - let accepted_timeout_claim = input.witness.len() == 3 && HTLCType::scriptlen_to_htlctype(input.witness[2].len()) == Some(HTLCType::AcceptedHTLC) && !revocation_sig_claim; - let offered_preimage_claim = input.witness.len() == 3 && HTLCType::scriptlen_to_htlctype(input.witness[2].len()) == Some(HTLCType::OfferedHTLC) && !revocation_sig_claim; + let accepted_timeout_claim = witness_items == 3 && htlctype == Some(HTLCType::AcceptedHTLC) && !revocation_sig_claim; + let offered_preimage_claim = witness_items == 3 && htlctype == Some(HTLCType::OfferedHTLC) && !revocation_sig_claim; #[cfg(not(fuzzing))] - let offered_timeout_claim = input.witness.len() == 5 && HTLCType::scriptlen_to_htlctype(input.witness[4].len()) == Some(HTLCType::OfferedHTLC); + let offered_timeout_claim = witness_items == 5 && htlctype == Some(HTLCType::OfferedHTLC); let mut payment_preimage = PaymentPreimage([0; 32]); if accepted_preimage_claim { - payment_preimage.0.copy_from_slice(&input.witness[3]); + payment_preimage.0.copy_from_slice(input.witness.second_to_last().unwrap()); } else if offered_preimage_claim { - payment_preimage.0.copy_from_slice(&input.witness[1]); + payment_preimage.0.copy_from_slice(input.witness.second_to_last().unwrap()); } macro_rules! log_claim { @@ -3322,15 +3325,15 @@ mod tests { use bitcoin::blockdata::block::BlockHeader; use bitcoin::blockdata::script::{Script, Builder}; use bitcoin::blockdata::opcodes; - use bitcoin::blockdata::transaction::{Transaction, TxIn, TxOut, SigHashType}; + use bitcoin::blockdata::transaction::{Transaction, TxIn, TxOut, EcdsaSighashType}; use bitcoin::blockdata::transaction::OutPoint as BitcoinOutPoint; - use bitcoin::util::bip143; + use bitcoin::util::sighash; use bitcoin::hashes::Hash; use bitcoin::hashes::sha256::Hash as Sha256; use bitcoin::hashes::hex::FromHex; use bitcoin::hash_types::{BlockHash, Txid}; use bitcoin::network::constants::Network; - use bitcoin::secp256k1::key::{SecretKey,PublicKey}; + use bitcoin::secp256k1::{SecretKey,PublicKey}; use bitcoin::secp256k1::Secp256k1; use hex; @@ -3355,6 +3358,7 @@ mod tests { use util::ser::{ReadableArgs, Writeable}; use sync::{Arc, Mutex}; use io; + use bitcoin::Witness; use prelude::*; fn do_test_funding_spend_refuses_updates(use_local_txn: bool) { @@ -3608,24 +3612,27 @@ mod tests { transaction_output_index: Some($idx as u32), }; let redeem_script = if *$weight == WEIGHT_REVOKED_OUTPUT { chan_utils::get_revokeable_redeemscript(&pubkey, 256, &pubkey) } else { chan_utils::get_htlc_redeemscript_with_explicit_keys(&htlc, $opt_anchors, &pubkey, &pubkey, &pubkey) }; - let sighash = hash_to_message!(&$sighash_parts.signature_hash($idx, &redeem_script, $amount, SigHashType::All)[..]); - let sig = secp_ctx.sign(&sighash, &privkey); - $sighash_parts.access_witness($idx).push(sig.serialize_der().to_vec()); - $sighash_parts.access_witness($idx)[0].push(SigHashType::All as u8); - $sum_actual_sigs += $sighash_parts.access_witness($idx)[0].len(); + let sighash = hash_to_message!(&$sighash_parts.segwit_signature_hash($idx, &redeem_script, $amount, EcdsaSighashType::All).unwrap()[..]); + let sig = secp_ctx.sign_ecdsa(&sighash, &privkey); + let mut ser_sig = sig.serialize_der().to_vec(); + ser_sig.push(EcdsaSighashType::All as u8); + $sum_actual_sigs += ser_sig.len(); + let witness = $sighash_parts.witness_mut($idx).unwrap(); + witness.push(ser_sig); if *$weight == WEIGHT_REVOKED_OUTPUT { - $sighash_parts.access_witness($idx).push(vec!(1)); + witness.push(vec!(1)); } else if *$weight == weight_revoked_offered_htlc($opt_anchors) || *$weight == weight_revoked_received_htlc($opt_anchors) { - $sighash_parts.access_witness($idx).push(pubkey.clone().serialize().to_vec()); + witness.push(pubkey.clone().serialize().to_vec()); } else if *$weight == weight_received_htlc($opt_anchors) { - $sighash_parts.access_witness($idx).push(vec![0]); + witness.push(vec![0]); } else { - $sighash_parts.access_witness($idx).push(PaymentPreimage([1; 32]).0.to_vec()); + witness.push(PaymentPreimage([1; 32]).0.to_vec()); } - $sighash_parts.access_witness($idx).push(redeem_script.into_bytes()); - println!("witness[0] {}", $sighash_parts.access_witness($idx)[0].len()); - println!("witness[1] {}", $sighash_parts.access_witness($idx)[1].len()); - println!("witness[2] {}", $sighash_parts.access_witness($idx)[2].len()); + witness.push(redeem_script.into_bytes()); + let witness = witness.to_vec(); + println!("witness[0] {}", witness[0].len()); + println!("witness[1] {}", witness[1].len()); + println!("witness[2] {}", witness[2].len()); } } @@ -3644,24 +3651,24 @@ mod tests { }, script_sig: Script::new(), sequence: 0xfffffffd, - witness: Vec::new(), + witness: Witness::new(), }); } claim_tx.output.push(TxOut { script_pubkey: script_pubkey.clone(), value: 0, }); - let base_weight = claim_tx.get_weight(); + let base_weight = claim_tx.weight(); let inputs_weight = vec![WEIGHT_REVOKED_OUTPUT, weight_revoked_offered_htlc(opt_anchors), weight_revoked_offered_htlc(opt_anchors), weight_revoked_received_htlc(opt_anchors)]; let mut inputs_total_weight = 2; // count segwit flags { - let mut sighash_parts = bip143::SigHashCache::new(&mut claim_tx); + let mut sighash_parts = sighash::SighashCache::new(&mut claim_tx); for (idx, inp) in inputs_weight.iter().enumerate() { sign_input!(sighash_parts, idx, 0, inp, sum_actual_sigs, opt_anchors); inputs_total_weight += inp; } } - assert_eq!(base_weight + inputs_total_weight as usize, claim_tx.get_weight() + /* max_length_sig */ (73 * inputs_weight.len() - sum_actual_sigs)); + assert_eq!(base_weight + inputs_total_weight as usize, claim_tx.weight() + /* max_length_sig */ (73 * inputs_weight.len() - sum_actual_sigs)); } // Claim tx with 1 offered HTLCs, 3 received HTLCs @@ -3676,24 +3683,24 @@ mod tests { }, script_sig: Script::new(), sequence: 0xfffffffd, - witness: Vec::new(), + witness: Witness::new(), }); } claim_tx.output.push(TxOut { script_pubkey: script_pubkey.clone(), value: 0, }); - let base_weight = claim_tx.get_weight(); + let base_weight = claim_tx.weight(); let inputs_weight = vec![weight_offered_htlc(opt_anchors), weight_received_htlc(opt_anchors), weight_received_htlc(opt_anchors), weight_received_htlc(opt_anchors)]; let mut inputs_total_weight = 2; // count segwit flags { - let mut sighash_parts = bip143::SigHashCache::new(&mut claim_tx); + let mut sighash_parts = sighash::SighashCache::new(&mut claim_tx); for (idx, inp) in inputs_weight.iter().enumerate() { sign_input!(sighash_parts, idx, 0, inp, sum_actual_sigs, opt_anchors); inputs_total_weight += inp; } } - assert_eq!(base_weight + inputs_total_weight as usize, claim_tx.get_weight() + /* max_length_sig */ (73 * inputs_weight.len() - sum_actual_sigs)); + assert_eq!(base_weight + inputs_total_weight as usize, claim_tx.weight() + /* max_length_sig */ (73 * inputs_weight.len() - sum_actual_sigs)); } // Justice tx with 1 revoked HTLC-Success tx output @@ -3707,23 +3714,23 @@ mod tests { }, script_sig: Script::new(), sequence: 0xfffffffd, - witness: Vec::new(), + witness: Witness::new(), }); claim_tx.output.push(TxOut { script_pubkey: script_pubkey.clone(), value: 0, }); - let base_weight = claim_tx.get_weight(); + let base_weight = claim_tx.weight(); let inputs_weight = vec![WEIGHT_REVOKED_OUTPUT]; let mut inputs_total_weight = 2; // count segwit flags { - let mut sighash_parts = bip143::SigHashCache::new(&mut claim_tx); + let mut sighash_parts = sighash::SighashCache::new(&mut claim_tx); for (idx, inp) in inputs_weight.iter().enumerate() { sign_input!(sighash_parts, idx, 0, inp, sum_actual_sigs, opt_anchors); inputs_total_weight += inp; } } - assert_eq!(base_weight + inputs_total_weight as usize, claim_tx.get_weight() + /* max_length_isg */ (73 * inputs_weight.len() - sum_actual_sigs)); + assert_eq!(base_weight + inputs_total_weight as usize, claim_tx.weight() + /* max_length_isg */ (73 * inputs_weight.len() - sum_actual_sigs)); } } diff --git a/lightning/src/chain/keysinterface.rs b/lightning/src/chain/keysinterface.rs index be3103622..33c88cf11 100644 --- a/lightning/src/chain/keysinterface.rs +++ b/lightning/src/chain/keysinterface.rs @@ -11,12 +11,12 @@ //! spendable on-chain outputs which the user owns and is responsible for using just as any other //! on-chain output which is theirs. -use bitcoin::blockdata::transaction::{Transaction, TxOut, TxIn, SigHashType}; +use bitcoin::blockdata::transaction::{Transaction, TxOut, TxIn, EcdsaSighashType}; use bitcoin::blockdata::script::{Script, Builder}; use bitcoin::blockdata::opcodes; use bitcoin::network::constants::Network; use bitcoin::util::bip32::{ExtendedPrivKey, ExtendedPubKey, ChildNumber}; -use bitcoin::util::bip143; +use bitcoin::util::sighash; use bitcoin::bech32::u5; use bitcoin::hashes::{Hash, HashEngine}; @@ -25,10 +25,10 @@ use bitcoin::hashes::sha256::Hash as Sha256; use bitcoin::hashes::sha256d::Hash as Sha256dHash; use bitcoin::hash_types::WPubkeyHash; -use bitcoin::secp256k1::key::{SecretKey, PublicKey}; -use bitcoin::secp256k1::{Secp256k1, Signature, Signing}; -use bitcoin::secp256k1::recovery::RecoverableSignature; -use bitcoin::secp256k1; +use bitcoin::secp256k1::{SecretKey, PublicKey}; +use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature, Signing}; +use bitcoin::secp256k1::ecdsa::RecoverableSignature; +use bitcoin::{secp256k1, Witness}; use util::{byte_utils, transaction_utils}; use util::crypto::{hkdf_extract_expand_twice, sign}; @@ -588,16 +588,16 @@ impl InMemorySigner { if spend_tx.input[input_idx].previous_output != descriptor.outpoint.into_bitcoin_outpoint() { return Err(()); } let remotepubkey = self.pubkeys().payment_point; - let witness_script = bitcoin::Address::p2pkh(&::bitcoin::PublicKey{compressed: true, key: remotepubkey}, Network::Testnet).script_pubkey(); - let sighash = hash_to_message!(&bip143::SigHashCache::new(spend_tx).signature_hash(input_idx, &witness_script, descriptor.output.value, SigHashType::All)[..]); + let witness_script = bitcoin::Address::p2pkh(&::bitcoin::PublicKey{compressed: true, inner: remotepubkey}, Network::Testnet).script_pubkey(); + let sighash = hash_to_message!(&sighash::SighashCache::new(spend_tx).segwit_signature_hash(input_idx, &witness_script, descriptor.output.value, EcdsaSighashType::All).unwrap()[..]); let remotesig = sign(secp_ctx, &sighash, &self.payment_key); - let payment_script = bitcoin::Address::p2wpkh(&::bitcoin::PublicKey{compressed: true, key: remotepubkey}, Network::Bitcoin).unwrap().script_pubkey(); + let payment_script = bitcoin::Address::p2wpkh(&::bitcoin::PublicKey{compressed: true, inner: remotepubkey}, Network::Bitcoin).unwrap().script_pubkey(); if payment_script != descriptor.output.script_pubkey { return Err(()); } let mut witness = Vec::with_capacity(2); witness.push(remotesig.serialize_der().to_vec()); - witness[0].push(SigHashType::All as u8); + witness[0].push(EcdsaSighashType::All as u8); witness.push(remotepubkey.serialize().to_vec()); Ok(witness) } @@ -623,7 +623,7 @@ impl InMemorySigner { .expect("We constructed the payment_base_key, so we can only fail here if the RNG is busted."); let delayed_payment_pubkey = PublicKey::from_secret_key(&secp_ctx, &delayed_payment_key); let witness_script = chan_utils::get_revokeable_redeemscript(&descriptor.revocation_pubkey, descriptor.to_self_delay, &delayed_payment_pubkey); - let sighash = hash_to_message!(&bip143::SigHashCache::new(spend_tx).signature_hash(input_idx, &witness_script, descriptor.output.value, SigHashType::All)[..]); + let sighash = hash_to_message!(&sighash::SighashCache::new(spend_tx).segwit_signature_hash(input_idx, &witness_script, descriptor.output.value, EcdsaSighashType::All).unwrap()[..]); let local_delayedsig = sign(secp_ctx, &sighash, &delayed_payment_key); let payment_script = bitcoin::Address::p2wsh(&witness_script, Network::Bitcoin).script_pubkey(); @@ -631,7 +631,7 @@ impl InMemorySigner { let mut witness = Vec::with_capacity(3); witness.push(local_delayedsig.serialize_der().to_vec()); - witness[0].push(SigHashType::All as u8); + witness[0].push(EcdsaSighashType::All as u8); witness.push(vec!()); //MINIMALIF witness.push(witness_script.clone().into_bytes()); Ok(witness) @@ -670,8 +670,8 @@ impl BaseSign for InMemorySigner { for htlc in commitment_tx.htlcs() { let htlc_tx = chan_utils::build_htlc_transaction(&commitment_txid, commitment_tx.feerate_per_kw(), self.holder_selected_contest_delay(), htlc, self.opt_anchors(), &keys.broadcaster_delayed_payment_key, &keys.revocation_key); let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, self.opt_anchors(), &keys); - let htlc_sighashtype = if self.opt_anchors() { SigHashType::SinglePlusAnyoneCanPay } else { SigHashType::All }; - let htlc_sighash = hash_to_message!(&bip143::SigHashCache::new(&htlc_tx).signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype)[..]); + let htlc_sighashtype = if self.opt_anchors() { EcdsaSighashType::SinglePlusAnyoneCanPay } else { EcdsaSighashType::All }; + let htlc_sighash = hash_to_message!(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype).unwrap()[..]); let holder_htlc_key = chan_utils::derive_private_key(&secp_ctx, &keys.per_commitment_point, &self.htlc_base_key).map_err(|_| ())?; htlc_sigs.push(sign(secp_ctx, &htlc_sighash, &holder_htlc_key)); } @@ -712,8 +712,8 @@ impl BaseSign for InMemorySigner { let counterparty_delayedpubkey = chan_utils::derive_public_key(&secp_ctx, &per_commitment_point, &self.counterparty_pubkeys().delayed_payment_basepoint).map_err(|_| ())?; chan_utils::get_revokeable_redeemscript(&revocation_pubkey, self.holder_selected_contest_delay(), &counterparty_delayedpubkey) }; - let mut sighash_parts = bip143::SigHashCache::new(justice_tx); - let sighash = hash_to_message!(&sighash_parts.signature_hash(input, &witness_script, amount, SigHashType::All)[..]); + let mut sighash_parts = sighash::SighashCache::new(justice_tx); + let sighash = hash_to_message!(&sighash_parts.segwit_signature_hash(input, &witness_script, amount, EcdsaSighashType::All).unwrap()[..]); return Ok(sign(secp_ctx, &sighash, &revocation_key)) } @@ -726,8 +726,8 @@ impl BaseSign for InMemorySigner { let holder_htlcpubkey = chan_utils::derive_public_key(&secp_ctx, &per_commitment_point, &self.pubkeys().htlc_basepoint).map_err(|_| ())?; chan_utils::get_htlc_redeemscript_with_explicit_keys(&htlc, self.opt_anchors(), &counterparty_htlcpubkey, &holder_htlcpubkey, &revocation_pubkey) }; - let mut sighash_parts = bip143::SigHashCache::new(justice_tx); - let sighash = hash_to_message!(&sighash_parts.signature_hash(input, &witness_script, amount, SigHashType::All)[..]); + let mut sighash_parts = sighash::SighashCache::new(justice_tx); + let sighash = hash_to_message!(&sighash_parts.segwit_signature_hash(input, &witness_script, amount, EcdsaSighashType::All).unwrap()[..]); return Ok(sign(secp_ctx, &sighash, &revocation_key)) } @@ -740,8 +740,8 @@ impl BaseSign for InMemorySigner { } else { return Err(()) } } else { return Err(()) } } else { return Err(()) }; - let mut sighash_parts = bip143::SigHashCache::new(htlc_tx); - let sighash = hash_to_message!(&sighash_parts.signature_hash(input, &witness_script, amount, SigHashType::All)[..]); + let mut sighash_parts = sighash::SighashCache::new(htlc_tx); + let sighash = hash_to_message!(&sighash_parts.segwit_signature_hash(input, &witness_script, amount, EcdsaSighashType::All).unwrap()[..]); return Ok(sign(secp_ctx, &sighash, &htlc_key)) } Err(()) @@ -884,10 +884,10 @@ impl KeysManager { // Note that when we aren't serializing the key, network doesn't matter match ExtendedPrivKey::new_master(Network::Testnet, seed) { Ok(master_key) => { - let node_secret = master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(0).unwrap()).expect("Your RNG is busted").private_key.key; + let node_secret = master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(0).unwrap()).expect("Your RNG is busted").private_key; let destination_script = match master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(1).unwrap()) { Ok(destination_key) => { - let wpubkey_hash = WPubkeyHash::hash(&ExtendedPubKey::from_private(&secp_ctx, &destination_key).public_key.to_bytes()); + let wpubkey_hash = WPubkeyHash::hash(&ExtendedPubKey::from_priv(&secp_ctx, &destination_key).to_pub().to_bytes()); Builder::new().push_opcode(opcodes::all::OP_PUSHBYTES_0) .push_slice(&wpubkey_hash.into_inner()) .into_script() @@ -895,12 +895,12 @@ impl KeysManager { Err(_) => panic!("Your RNG is busted"), }; let shutdown_pubkey = match master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(2).unwrap()) { - Ok(shutdown_key) => ExtendedPubKey::from_private(&secp_ctx, &shutdown_key).public_key.key, + Ok(shutdown_key) => ExtendedPubKey::from_priv(&secp_ctx, &shutdown_key).public_key, Err(_) => panic!("Your RNG is busted"), }; let channel_master_key = master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(3).unwrap()).expect("Your RNG is busted"); let rand_bytes_master_key = master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(4).unwrap()).expect("Your RNG is busted"); - let inbound_payment_key: SecretKey = master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(5).unwrap()).expect("Your RNG is busted").private_key.key; + let inbound_payment_key: SecretKey = master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(5).unwrap()).expect("Your RNG is busted").private_key; let mut inbound_pmt_key_bytes = [0; 32]; inbound_pmt_key_bytes.copy_from_slice(&inbound_payment_key[..]); @@ -951,7 +951,7 @@ impl KeysManager { // entropy, everything else just ensures uniqueness. We rely on the unique_start (ie // starting_time provided in the constructor) to be unique. let child_privkey = self.channel_master_key.ckd_priv(&self.secp_ctx, ChildNumber::from_hardened_idx(chan_id as u32).expect("key space exhausted")).expect("Your RNG is busted"); - unique_start.input(&child_privkey.private_key.key[..]); + unique_start.input(&child_privkey.private_key[..]); let seed = Sha256::from_engine(unique_start).into_inner(); @@ -1014,7 +1014,7 @@ impl KeysManager { previous_output: descriptor.outpoint.into_bitcoin_outpoint(), script_sig: Script::new(), sequence: 0, - witness: Vec::new(), + witness: Witness::new(), }); witness_weight += StaticPaymentOutputDescriptor::MAX_WITNESS_LENGTH; input_value += descriptor.output.value; @@ -1025,7 +1025,7 @@ impl KeysManager { previous_output: descriptor.outpoint.into_bitcoin_outpoint(), script_sig: Script::new(), sequence: descriptor.to_self_delay as u32, - witness: Vec::new(), + witness: Witness::new(), }); witness_weight += DelayedPaymentOutputDescriptor::MAX_WITNESS_LENGTH; input_value += descriptor.output.value; @@ -1036,7 +1036,7 @@ impl KeysManager { previous_output: outpoint.into_bitcoin_outpoint(), script_sig: Script::new(), sequence: 0, - witness: Vec::new(), + witness: Witness::new(), }); witness_weight += 1 + 73 + 34; input_value += output.value; @@ -1064,7 +1064,7 @@ impl KeysManager { self.derive_channel_keys(descriptor.channel_value_satoshis, &descriptor.channel_keys_id), descriptor.channel_keys_id)); } - spend_tx.input[input_idx].witness = keys_cache.as_ref().unwrap().0.sign_counterparty_payment_input(&spend_tx, input_idx, &descriptor, &secp_ctx)?; + spend_tx.input[input_idx].witness = Witness::from_vec(keys_cache.as_ref().unwrap().0.sign_counterparty_payment_input(&spend_tx, input_idx, &descriptor, &secp_ctx)?); }, SpendableOutputDescriptor::DelayedPaymentOutput(descriptor) => { if keys_cache.is_none() || keys_cache.as_ref().unwrap().1 != descriptor.channel_keys_id { @@ -1072,7 +1072,7 @@ impl KeysManager { self.derive_channel_keys(descriptor.channel_value_satoshis, &descriptor.channel_keys_id), descriptor.channel_keys_id)); } - spend_tx.input[input_idx].witness = keys_cache.as_ref().unwrap().0.sign_dynamic_p2wsh_input(&spend_tx, input_idx, &descriptor, &secp_ctx)?; + spend_tx.input[input_idx].witness = Witness::from_vec(keys_cache.as_ref().unwrap().0.sign_dynamic_p2wsh_input(&spend_tx, input_idx, &descriptor, &secp_ctx)?); }, SpendableOutputDescriptor::StaticOutput { ref output, .. } => { let derivation_idx = if output.script_pubkey == self.destination_script { @@ -1092,29 +1092,30 @@ impl KeysManager { Err(_) => panic!("Your rng is busted"), } }; - let pubkey = ExtendedPubKey::from_private(&secp_ctx, &secret).public_key; + let pubkey = ExtendedPubKey::from_priv(&secp_ctx, &secret).to_pub(); if derivation_idx == 2 { - assert_eq!(pubkey.key, self.shutdown_pubkey); + assert_eq!(pubkey.inner, self.shutdown_pubkey); } let witness_script = bitcoin::Address::p2pkh(&pubkey, Network::Testnet).script_pubkey(); let payment_script = bitcoin::Address::p2wpkh(&pubkey, Network::Testnet).expect("uncompressed key found").script_pubkey(); if payment_script != output.script_pubkey { return Err(()); }; - let sighash = hash_to_message!(&bip143::SigHashCache::new(&spend_tx).signature_hash(input_idx, &witness_script, output.value, SigHashType::All)[..]); - let sig = sign(secp_ctx, &sighash, &secret.private_key.key); - spend_tx.input[input_idx].witness.push(sig.serialize_der().to_vec()); - spend_tx.input[input_idx].witness[0].push(SigHashType::All as u8); - spend_tx.input[input_idx].witness.push(pubkey.key.serialize().to_vec()); + let sighash = hash_to_message!(&sighash::SighashCache::new(&spend_tx).segwit_signature_hash(input_idx, &witness_script, output.value, EcdsaSighashType::All).unwrap()[..]); + let sig = sign(secp_ctx, &sighash, &secret.private_key); + let mut sig_ser = sig.serialize_der().to_vec(); + sig_ser.push(EcdsaSighashType::All as u8); + spend_tx.input[input_idx].witness.push(sig_ser); + spend_tx.input[input_idx].witness.push(pubkey.inner.serialize().to_vec()); }, } input_idx += 1; } - debug_assert!(expected_max_weight >= spend_tx.get_weight()); + debug_assert!(expected_max_weight >= spend_tx.weight()); // Note that witnesses with a signature vary somewhat in size, so allow // `expected_max_weight` to overshoot by up to 3 bytes per input. - debug_assert!(expected_max_weight <= spend_tx.get_weight() + descriptors.len() * 3); + debug_assert!(expected_max_weight <= spend_tx.weight() + descriptors.len() * 3); Ok(spend_tx) } @@ -1157,7 +1158,7 @@ impl KeysInterface for KeysManager { let child_ix = self.rand_bytes_child_index.fetch_add(1, Ordering::AcqRel); let child_privkey = self.rand_bytes_master_key.ckd_priv(&self.secp_ctx, ChildNumber::from_hardened_idx(child_ix as u32).expect("key space exhausted")).expect("Your RNG is busted"); - sha.input(&child_privkey.private_key.key[..]); + sha.input(&child_privkey.private_key[..]); sha.input(b"Unique Secure Random Bytes Salt"); Sha256::from_engine(sha).into_inner() @@ -1173,7 +1174,7 @@ impl KeysInterface for KeysManager { Recipient::Node => self.get_node_secret(Recipient::Node)?, Recipient::PhantomNode => return Err(()), }; - Ok(self.secp_ctx.sign_recoverable(&hash_to_message!(&Sha256::hash(&preimage)), &secret)) + Ok(self.secp_ctx.sign_ecdsa_recoverable(&hash_to_message!(&Sha256::hash(&preimage)), &secret)) } } @@ -1241,7 +1242,7 @@ impl KeysInterface for PhantomKeysManager { fn sign_invoice(&self, hrp_bytes: &[u8], invoice_data: &[u5], recipient: Recipient) -> Result { let preimage = construct_invoice_preimage(&hrp_bytes, &invoice_data); let secret = self.get_node_secret(recipient)?; - Ok(self.inner.secp_ctx.sign_recoverable(&hash_to_message!(&Sha256::hash(&preimage)), &secret)) + Ok(self.inner.secp_ctx.sign_ecdsa_recoverable(&hash_to_message!(&Sha256::hash(&preimage)), &secret)) } } diff --git a/lightning/src/chain/onchaintx.rs b/lightning/src/chain/onchaintx.rs index ee6dc9c5c..1ca3effab 100644 --- a/lightning/src/chain/onchaintx.rs +++ b/lightning/src/chain/onchaintx.rs @@ -18,7 +18,7 @@ use bitcoin::blockdata::script::Script; use bitcoin::hash_types::Txid; -use bitcoin::secp256k1::{Secp256k1, Signature}; +use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature}; use bitcoin::secp256k1; use ln::msgs::DecodeError; @@ -394,7 +394,7 @@ impl OnchainTxHandler { let transaction = cached_request.finalize_package(self, output_value, self.destination_script.clone(), logger).unwrap(); log_trace!(logger, "...with timer {} and feerate {}", new_timer.unwrap(), new_feerate); - assert!(predicted_weight >= transaction.get_weight()); + assert!(predicted_weight >= transaction.weight()); return Some((new_timer, new_feerate, transaction)) } } else { diff --git a/lightning/src/chain/package.rs b/lightning/src/chain/package.rs index 1cc63a8c8..b0961293c 100644 --- a/lightning/src/chain/package.rs +++ b/lightning/src/chain/package.rs @@ -12,13 +12,13 @@ //! also includes witness weight computation and fee computation methods. use bitcoin::blockdata::constants::WITNESS_SCALE_FACTOR; -use bitcoin::blockdata::transaction::{TxOut,TxIn, Transaction, SigHashType}; +use bitcoin::blockdata::transaction::{TxOut,TxIn, Transaction, EcdsaSighashType}; use bitcoin::blockdata::transaction::OutPoint as BitcoinOutPoint; use bitcoin::blockdata::script::Script; use bitcoin::hash_types::Txid; -use bitcoin::secp256k1::key::{SecretKey,PublicKey}; +use bitcoin::secp256k1::{SecretKey,PublicKey}; use ln::PaymentPreimage; use ln::chan_utils::{TxCreationKeys, HTLCOutputInCommitment}; @@ -36,6 +36,7 @@ use prelude::*; use core::cmp; use core::mem; use core::ops::Deref; +use bitcoin::Witness; const MAX_ALLOC_SIZE: usize = 64*1024; @@ -352,8 +353,9 @@ impl PackageSolvingData { let witness_script = chan_utils::get_revokeable_redeemscript(&chan_keys.revocation_key, outp.on_counterparty_tx_csv, &chan_keys.broadcaster_delayed_payment_key); //TODO: should we panic on signer failure ? if let Ok(sig) = onchain_handler.signer.sign_justice_revoked_output(&bumped_tx, i, outp.amount, &outp.per_commitment_key, &onchain_handler.secp_ctx) { - bumped_tx.input[i].witness.push(sig.serialize_der().to_vec()); - bumped_tx.input[i].witness[0].push(SigHashType::All as u8); + let mut ser_sig = sig.serialize_der().to_vec(); + ser_sig.push(EcdsaSighashType::All as u8); + bumped_tx.input[i].witness.push(ser_sig); bumped_tx.input[i].witness.push(vec!(1)); bumped_tx.input[i].witness.push(witness_script.clone().into_bytes()); } else { return false; } @@ -364,8 +366,9 @@ impl PackageSolvingData { let witness_script = chan_utils::get_htlc_redeemscript_with_explicit_keys(&outp.htlc, onchain_handler.opt_anchors(), &chan_keys.broadcaster_htlc_key, &chan_keys.countersignatory_htlc_key, &chan_keys.revocation_key); //TODO: should we panic on signer failure ? if let Ok(sig) = onchain_handler.signer.sign_justice_revoked_htlc(&bumped_tx, i, outp.amount, &outp.per_commitment_key, &outp.htlc, &onchain_handler.secp_ctx) { - bumped_tx.input[i].witness.push(sig.serialize_der().to_vec()); - bumped_tx.input[i].witness[0].push(SigHashType::All as u8); + let mut ser_sig = sig.serialize_der().to_vec(); + ser_sig.push(EcdsaSighashType::All as u8); + bumped_tx.input[i].witness.push(ser_sig); bumped_tx.input[i].witness.push(chan_keys.revocation_key.clone().serialize().to_vec()); bumped_tx.input[i].witness.push(witness_script.clone().into_bytes()); } else { return false; } @@ -376,8 +379,9 @@ impl PackageSolvingData { let witness_script = chan_utils::get_htlc_redeemscript_with_explicit_keys(&outp.htlc, onchain_handler.opt_anchors(), &chan_keys.broadcaster_htlc_key, &chan_keys.countersignatory_htlc_key, &chan_keys.revocation_key); if let Ok(sig) = onchain_handler.signer.sign_counterparty_htlc_transaction(&bumped_tx, i, &outp.htlc.amount_msat / 1000, &outp.per_commitment_point, &outp.htlc, &onchain_handler.secp_ctx) { - bumped_tx.input[i].witness.push(sig.serialize_der().to_vec()); - bumped_tx.input[i].witness[0].push(SigHashType::All as u8); + let mut ser_sig = sig.serialize_der().to_vec(); + ser_sig.push(EcdsaSighashType::All as u8); + bumped_tx.input[i].witness.push(ser_sig); bumped_tx.input[i].witness.push(outp.preimage.0.to_vec()); bumped_tx.input[i].witness.push(witness_script.clone().into_bytes()); } @@ -389,8 +393,9 @@ impl PackageSolvingData { bumped_tx.lock_time = outp.htlc.cltv_expiry; // Right now we don't aggregate time-locked transaction, if we do we should set lock_time before to avoid breaking hash computation if let Ok(sig) = onchain_handler.signer.sign_counterparty_htlc_transaction(&bumped_tx, i, &outp.htlc.amount_msat / 1000, &outp.per_commitment_point, &outp.htlc, &onchain_handler.secp_ctx) { - bumped_tx.input[i].witness.push(sig.serialize_der().to_vec()); - bumped_tx.input[i].witness[0].push(SigHashType::All as u8); + let mut ser_sig = sig.serialize_der().to_vec(); + ser_sig.push(EcdsaSighashType::All as u8); + bumped_tx.input[i].witness.push(ser_sig); // Due to BIP146 (MINIMALIF) this must be a zero-length element to relay. bumped_tx.input[i].witness.push(vec![]); bumped_tx.input[i].witness.push(witness_script.clone().into_bytes()); @@ -620,7 +625,7 @@ impl PackageTemplate { previous_output: *outpoint, script_sig: Script::new(), sequence: 0xfffffffd, - witness: Vec::new(), + witness: Witness::new(), }); } for (i, (outpoint, out)) in self.inputs.iter().enumerate() { @@ -852,7 +857,7 @@ mod tests { use bitcoin::hashes::hex::FromHex; - use bitcoin::secp256k1::key::{PublicKey,SecretKey}; + use bitcoin::secp256k1::{PublicKey,SecretKey}; use bitcoin::secp256k1::Secp256k1; macro_rules! dumb_revk_output { diff --git a/lightning/src/ln/chan_utils.rs b/lightning/src/ln/chan_utils.rs index 370c0cc8e..9e987c3de 100644 --- a/lightning/src/ln/chan_utils.rs +++ b/lightning/src/ln/chan_utils.rs @@ -12,8 +12,8 @@ use bitcoin::blockdata::script::{Script,Builder}; use bitcoin::blockdata::opcodes; -use bitcoin::blockdata::transaction::{TxIn,TxOut,OutPoint,Transaction, SigHashType}; -use bitcoin::util::bip143; +use bitcoin::blockdata::transaction::{TxIn,TxOut,OutPoint,Transaction, EcdsaSighashType}; +use bitcoin::util::sighash; use bitcoin::hashes::{Hash, HashEngine}; use bitcoin::hashes::sha256::Hash as Sha256; @@ -26,10 +26,10 @@ use util::ser::{Readable, Writeable, Writer}; use util::{byte_utils, transaction_utils}; use bitcoin::hash_types::WPubkeyHash; -use bitcoin::secp256k1::key::{SecretKey, PublicKey}; -use bitcoin::secp256k1::{Secp256k1, Signature, Message}; +use bitcoin::secp256k1::{SecretKey, PublicKey}; +use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature, Message}; use bitcoin::secp256k1::Error as SecpError; -use bitcoin::secp256k1; +use bitcoin::{secp256k1, Witness}; use io; use prelude::*; @@ -102,7 +102,7 @@ pub fn build_closing_transaction(to_holder_value_sat: u64, to_counterparty_value previous_output: funding_outpoint, script_sig: Script::new(), sequence: 0xffffffff, - witness: Vec::new(), + witness: Witness::new(), }); ins }; @@ -615,7 +615,7 @@ pub fn build_htlc_transaction(commitment_txid: &Txid, feerate_per_kw: u32, conte }, script_sig: Script::new(), sequence: if opt_anchors { 1 } else { 0 }, - witness: Vec::new(), + witness: Witness::new(), }); let weight = if htlc.offered { @@ -891,16 +891,18 @@ impl HolderCommitmentTransaction { // First push the multisig dummy, note that due to BIP147 (NULLDUMMY) it must be a zero-length element. let mut tx = self.inner.built.transaction.clone(); tx.input[0].witness.push(Vec::new()); + let mut ser_holder_sig = holder_sig.serialize_der().to_vec(); + ser_holder_sig.push(EcdsaSighashType::All as u8); + let mut ser_cp_sig = self.counterparty_sig.serialize_der().to_vec(); + ser_cp_sig.push(EcdsaSighashType::All as u8); if self.holder_sig_first { - tx.input[0].witness.push(holder_sig.serialize_der().to_vec()); - tx.input[0].witness.push(self.counterparty_sig.serialize_der().to_vec()); + tx.input[0].witness.push(ser_holder_sig); + tx.input[0].witness.push(ser_cp_sig); } else { - tx.input[0].witness.push(self.counterparty_sig.serialize_der().to_vec()); - tx.input[0].witness.push(holder_sig.serialize_der().to_vec()); + tx.input[0].witness.push(ser_cp_sig); + tx.input[0].witness.push(ser_holder_sig); } - tx.input[0].witness[1].push(SigHashType::All as u8); - tx.input[0].witness[2].push(SigHashType::All as u8); tx.input[0].witness.push(funding_redeemscript.as_bytes().to_vec()); tx @@ -929,7 +931,7 @@ impl BuiltCommitmentTransaction { /// /// This can be used to verify a signature. pub fn get_sighash_all(&self, funding_redeemscript: &Script, channel_value_satoshis: u64) -> Message { - let sighash = &bip143::SigHashCache::new(&self.transaction).signature_hash(0, funding_redeemscript, channel_value_satoshis, SigHashType::All)[..]; + let sighash = &sighash::SighashCache::new(&self.transaction).segwit_signature_hash(0, funding_redeemscript, channel_value_satoshis, EcdsaSighashType::All).unwrap()[..]; hash_to_message!(sighash) } @@ -1053,7 +1055,7 @@ impl<'a> TrustedClosingTransaction<'a> { /// /// This can be used to verify a signature. pub fn get_sighash_all(&self, funding_redeemscript: &Script, channel_value_satoshis: u64) -> Message { - let sighash = &bip143::SigHashCache::new(&self.inner.built).signature_hash(0, funding_redeemscript, channel_value_satoshis, SigHashType::All)[..]; + let sighash = &sighash::SighashCache::new(&self.inner.built).segwit_signature_hash(0, funding_redeemscript, channel_value_satoshis, EcdsaSighashType::All).unwrap()[..]; hash_to_message!(sighash) } @@ -1291,7 +1293,7 @@ impl CommitmentTransaction { script_sig: Script::new(), sequence: ((0x80 as u32) << 8 * 3) | ((obscured_commitment_transaction_number >> 3 * 8) as u32), - witness: Vec::new(), + witness: Witness::new(), }); ins }; @@ -1401,7 +1403,7 @@ impl<'a> TrustedCommitmentTransaction<'a> { /// /// The returned Vec has one entry for each HTLC, and in the same order. /// - /// This function is only valid in the holder commitment context, it always uses SigHashType::All. + /// This function is only valid in the holder commitment context, it always uses EcdsaSighashType::All. pub fn get_htlc_sigs(&self, htlc_base_key: &SecretKey, channel_parameters: &DirectedChannelTransactionParameters, secp_ctx: &Secp256k1) -> Result, ()> { let inner = self.inner; let keys = &inner.keys; @@ -1415,7 +1417,7 @@ impl<'a> TrustedCommitmentTransaction<'a> { let htlc_redeemscript = get_htlc_redeemscript_with_explicit_keys(&this_htlc, self.opt_anchors(), &keys.broadcaster_htlc_key, &keys.countersignatory_htlc_key, &keys.revocation_key); - let sighash = hash_to_message!(&bip143::SigHashCache::new(&htlc_tx).signature_hash(0, &htlc_redeemscript, this_htlc.amount_msat / 1000, SigHashType::All)[..]); + let sighash = hash_to_message!(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, this_htlc.amount_msat / 1000, EcdsaSighashType::All).unwrap()[..]); ret.push(sign(secp_ctx, &sighash, &holder_htlc_key)); } Ok(ret) @@ -1437,15 +1439,17 @@ impl<'a> TrustedCommitmentTransaction<'a> { let htlc_redeemscript = get_htlc_redeemscript_with_explicit_keys(&this_htlc, self.opt_anchors(), &keys.broadcaster_htlc_key, &keys.countersignatory_htlc_key, &keys.revocation_key); - let sighashtype = if self.opt_anchors() { SigHashType::SinglePlusAnyoneCanPay } else { SigHashType::All }; + let sighashtype = if self.opt_anchors() { EcdsaSighashType::SinglePlusAnyoneCanPay } else { EcdsaSighashType::All }; // First push the multisig dummy, note that due to BIP147 (NULLDUMMY) it must be a zero-length element. htlc_tx.input[0].witness.push(Vec::new()); - htlc_tx.input[0].witness.push(counterparty_signature.serialize_der().to_vec()); - htlc_tx.input[0].witness.push(signature.serialize_der().to_vec()); - htlc_tx.input[0].witness[1].push(sighashtype as u8); - htlc_tx.input[0].witness[2].push(SigHashType::All as u8); + let mut cp_sig_ser = counterparty_signature.serialize_der().to_vec(); + cp_sig_ser.push(sighashtype as u8); + htlc_tx.input[0].witness.push(cp_sig_ser); + let mut holder_sig_ser = signature.serialize_der().to_vec(); + holder_sig_ser.push(EcdsaSighashType::All as u8); + htlc_tx.input[0].witness.push(holder_sig_ser); if this_htlc.offered { // Due to BIP146 (MINIMALIF) this must be a zero-length element to relay. diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs index 1cb7a689a..8ebaa96b6 100644 --- a/lightning/src/ln/channel.rs +++ b/lightning/src/ln/channel.rs @@ -8,8 +8,8 @@ // licenses. use bitcoin::blockdata::script::{Script,Builder}; -use bitcoin::blockdata::transaction::{Transaction, SigHashType}; -use bitcoin::util::bip143; +use bitcoin::blockdata::transaction::{Transaction, EcdsaSighashType}; +use bitcoin::util::sighash; use bitcoin::consensus::encode; use bitcoin::hashes::Hash; @@ -18,8 +18,8 @@ use bitcoin::hashes::sha256d::Hash as Sha256d; use bitcoin::hash_types::{Txid, BlockHash}; use bitcoin::secp256k1::constants::PUBLIC_KEY_SIZE; -use bitcoin::secp256k1::key::{PublicKey,SecretKey}; -use bitcoin::secp256k1::{Secp256k1,Signature}; +use bitcoin::secp256k1::{PublicKey,SecretKey}; +use bitcoin::secp256k1::{Secp256k1,ecdsa::Signature}; use bitcoin::secp256k1; use ln::{PaymentPreimage, PaymentHash}; @@ -2044,7 +2044,7 @@ impl Channel { log_bytes!(sig.serialize_compact()[..]), log_bytes!(self.counterparty_funding_pubkey().serialize()), encode::serialize_hex(&initial_commitment_bitcoin_tx.transaction), log_bytes!(sighash[..]), encode::serialize_hex(&funding_script), log_bytes!(self.channel_id())); - secp_check!(self.secp_ctx.verify(&sighash, &sig, self.counterparty_funding_pubkey()), "Invalid funding_created signature from peer".to_owned()); + secp_check!(self.secp_ctx.verify_ecdsa(&sighash, &sig, self.counterparty_funding_pubkey()), "Invalid funding_created signature from peer".to_owned()); } let counterparty_keys = self.build_remote_transaction_keys()?; @@ -2176,7 +2176,7 @@ impl Channel { let initial_commitment_bitcoin_tx = trusted_tx.built_transaction(); let sighash = initial_commitment_bitcoin_tx.get_sighash_all(&funding_script, self.channel_value_satoshis); // They sign our commitment transaction, allowing us to broadcast the tx if we wish. - if let Err(_) = self.secp_ctx.verify(&sighash, &msg.signature, &self.get_counterparty_pubkeys().funding_pubkey) { + if let Err(_) = self.secp_ctx.verify_ecdsa(&sighash, &msg.signature, &self.get_counterparty_pubkeys().funding_pubkey) { return Err(ChannelError::Close("Invalid funding_signed signature from peer".to_owned())); } } @@ -2814,7 +2814,7 @@ impl Channel { log_bytes!(msg.signature.serialize_compact()[..]), log_bytes!(self.counterparty_funding_pubkey().serialize()), encode::serialize_hex(&bitcoin_tx.transaction), log_bytes!(sighash[..]), encode::serialize_hex(&funding_script), log_bytes!(self.channel_id())); - if let Err(_) = self.secp_ctx.verify(&sighash, &msg.signature, &self.counterparty_funding_pubkey()) { + if let Err(_) = self.secp_ctx.verify_ecdsa(&sighash, &msg.signature, &self.counterparty_funding_pubkey()) { return Err((None, ChannelError::Close("Invalid commitment tx signature from peer".to_owned()))); } bitcoin_tx.txid @@ -2864,12 +2864,12 @@ impl Channel { &keys.broadcaster_delayed_payment_key, &keys.revocation_key); let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, self.opt_anchors(), &keys); - let htlc_sighashtype = if self.opt_anchors() { SigHashType::SinglePlusAnyoneCanPay } else { SigHashType::All }; - let htlc_sighash = hash_to_message!(&bip143::SigHashCache::new(&htlc_tx).signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype)[..]); + let htlc_sighashtype = if self.opt_anchors() { EcdsaSighashType::SinglePlusAnyoneCanPay } else { EcdsaSighashType::All }; + let htlc_sighash = hash_to_message!(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype).unwrap()[..]); log_trace!(logger, "Checking HTLC tx signature {} by key {} against tx {} (sighash {}) with redeemscript {} in channel {}.", log_bytes!(msg.htlc_signatures[idx].serialize_compact()[..]), log_bytes!(keys.countersignatory_htlc_key.serialize()), encode::serialize_hex(&htlc_tx), log_bytes!(htlc_sighash[..]), encode::serialize_hex(&htlc_redeemscript), log_bytes!(self.channel_id())); - if let Err(_) = self.secp_ctx.verify(&htlc_sighash, &msg.htlc_signatures[idx], &keys.countersignatory_htlc_key) { + if let Err(_) = self.secp_ctx.verify_ecdsa(&htlc_sighash, &msg.htlc_signatures[idx], &keys.countersignatory_htlc_key) { return Err((None, ChannelError::Close("Invalid HTLC tx signature from peer".to_owned()))); } htlcs_and_sigs.push((htlc, Some(msg.htlc_signatures[idx]), source)); @@ -4106,15 +4106,17 @@ impl Channel { let funding_key = self.get_holder_pubkeys().funding_pubkey.serialize(); let counterparty_funding_key = self.counterparty_funding_pubkey().serialize(); + let mut holder_sig = sig.serialize_der().to_vec(); + holder_sig.push(EcdsaSighashType::All as u8); + let mut cp_sig = counterparty_sig.serialize_der().to_vec(); + cp_sig.push(EcdsaSighashType::All as u8); if funding_key[..] < counterparty_funding_key[..] { - tx.input[0].witness.push(sig.serialize_der().to_vec()); - tx.input[0].witness.push(counterparty_sig.serialize_der().to_vec()); + tx.input[0].witness.push(holder_sig); + tx.input[0].witness.push(cp_sig); } else { - tx.input[0].witness.push(counterparty_sig.serialize_der().to_vec()); - tx.input[0].witness.push(sig.serialize_der().to_vec()); + tx.input[0].witness.push(cp_sig); + tx.input[0].witness.push(holder_sig); } - tx.input[0].witness[1].push(SigHashType::All as u8); - tx.input[0].witness[2].push(SigHashType::All as u8); tx.input[0].witness.push(self.get_funding_redeemscript().into_bytes()); tx @@ -4152,14 +4154,14 @@ impl Channel { } let sighash = closing_tx.trust().get_sighash_all(&funding_redeemscript, self.channel_value_satoshis); - match self.secp_ctx.verify(&sighash, &msg.signature, &self.get_counterparty_pubkeys().funding_pubkey) { + match self.secp_ctx.verify_ecdsa(&sighash, &msg.signature, &self.get_counterparty_pubkeys().funding_pubkey) { Ok(_) => {}, Err(_e) => { // The remote end may have decided to revoke their output due to inconsistent dust // limits, so check for that case by re-checking the signature here. closing_tx = self.build_closing_transaction(msg.fee_satoshis, true).0; let sighash = closing_tx.trust().get_sighash_all(&funding_redeemscript, self.channel_value_satoshis); - secp_check!(self.secp_ctx.verify(&sighash, &msg.signature, self.counterparty_funding_pubkey()), "Invalid closing tx signature from peer".to_owned()); + secp_check!(self.secp_ctx.verify_ecdsa(&sighash, &msg.signature, self.counterparty_funding_pubkey()), "Invalid closing tx signature from peer".to_owned()); }, }; @@ -5045,12 +5047,12 @@ impl Channel { let msghash = hash_to_message!(&Sha256d::hash(&announcement.encode()[..])[..]); - if self.secp_ctx.verify(&msghash, &msg.node_signature, &self.get_counterparty_node_id()).is_err() { + if self.secp_ctx.verify_ecdsa(&msghash, &msg.node_signature, &self.get_counterparty_node_id()).is_err() { return Err(ChannelError::Close(format!( "Bad announcement_signatures. Failed to verify node_signature. UnsignedChannelAnnouncement used for verification is {:?}. their_node_key is {:?}", &announcement, self.get_counterparty_node_id()))); } - if self.secp_ctx.verify(&msghash, &msg.bitcoin_signature, self.counterparty_funding_pubkey()).is_err() { + if self.secp_ctx.verify_ecdsa(&msghash, &msg.bitcoin_signature, self.counterparty_funding_pubkey()).is_err() { return Err(ChannelError::Close(format!( "Bad announcement_signatures. Failed to verify bitcoin_signature. UnsignedChannelAnnouncement used for verification is {:?}. their_bitcoin_key is ({:?})", &announcement, self.counterparty_funding_pubkey()))); @@ -6354,10 +6356,10 @@ mod tests { use util::errors::APIError; use util::test_utils; use util::test_utils::OnGetShutdownScriptpubkey; - use bitcoin::secp256k1::{Secp256k1, Signature}; + use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature}; use bitcoin::secp256k1::ffi::Signature as FFISignature; - use bitcoin::secp256k1::key::{SecretKey,PublicKey}; - use bitcoin::secp256k1::recovery::RecoverableSignature; + use bitcoin::secp256k1::{SecretKey,PublicKey}; + use bitcoin::secp256k1::ecdsa::RecoverableSignature; use bitcoin::hashes::sha256::Hash as Sha256; use bitcoin::hashes::Hash; use bitcoin::hash_types::WPubkeyHash; @@ -6707,9 +6709,9 @@ mod tests { #[cfg(not(feature = "grind_signatures"))] #[test] fn outbound_commitment_test() { - use bitcoin::util::bip143; + use bitcoin::util::sighash; use bitcoin::consensus::encode::serialize; - use bitcoin::blockdata::transaction::SigHashType; + use bitcoin::blockdata::transaction::EcdsaSighashType; use bitcoin::hashes::hex::FromHex; use bitcoin::hash_types::Txid; use bitcoin::secp256k1::Message; @@ -6818,7 +6820,7 @@ mod tests { let counterparty_signature = Signature::from_der(&hex::decode($counterparty_sig_hex).unwrap()[..]).unwrap(); let sighash = unsigned_tx.get_sighash_all(&redeemscript, chan.channel_value_satoshis); log_trace!(logger, "unsigned_tx = {}", hex::encode(serialize(&unsigned_tx.transaction))); - assert!(secp_ctx.verify(&sighash, &counterparty_signature, chan.counterparty_funding_pubkey()).is_ok(), "verify counterparty commitment sig"); + assert!(secp_ctx.verify_ecdsa(&sighash, &counterparty_signature, chan.counterparty_funding_pubkey()).is_ok(), "verify counterparty commitment sig"); let mut per_htlc: Vec<(HTLCOutputInCommitment, Option)> = Vec::new(); per_htlc.clear(); // Don't warn about excess mut for no-HTLC calls @@ -6857,9 +6859,9 @@ mod tests { chan.get_counterparty_selected_contest_delay().unwrap(), &htlc, $opt_anchors, &keys.broadcaster_delayed_payment_key, &keys.revocation_key); let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, $opt_anchors, &keys); - let htlc_sighashtype = if $opt_anchors { SigHashType::SinglePlusAnyoneCanPay } else { SigHashType::All }; - let htlc_sighash = Message::from_slice(&bip143::SigHashCache::new(&htlc_tx).signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype)[..]).unwrap(); - assert!(secp_ctx.verify(&htlc_sighash, &remote_signature, &keys.countersignatory_htlc_key).is_ok(), "verify counterparty htlc sig"); + let htlc_sighashtype = if $opt_anchors { EcdsaSighashType::SinglePlusAnyoneCanPay } else { EcdsaSighashType::All }; + let htlc_sighash = Message::from_slice(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype).unwrap()[..]).unwrap(); + assert!(secp_ctx.verify_ecdsa(&htlc_sighash, &remote_signature, &keys.countersignatory_htlc_key).is_ok(), "verify counterparty htlc sig"); let mut preimage: Option = None; if !htlc.offered { diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs index a28d63473..3aab92ad0 100644 --- a/lightning/src/ln/channelmanager.rs +++ b/lightning/src/ln/channelmanager.rs @@ -28,7 +28,7 @@ use bitcoin::hashes::sha256::Hash as Sha256; use bitcoin::hashes::sha256d::Hash as Sha256dHash; use bitcoin::hash_types::{BlockHash, Txid}; -use bitcoin::secp256k1::key::{SecretKey,PublicKey}; +use bitcoin::secp256k1::{SecretKey,PublicKey}; use bitcoin::secp256k1::Secp256k1; use bitcoin::secp256k1::ecdh::SharedSecret; use bitcoin::secp256k1; @@ -2070,11 +2070,7 @@ impl ChannelMana return_malformed_err!("invalid ephemeral pubkey", 0x8000 | 0x4000 | 6); } - let shared_secret = { - let mut arr = [0; 32]; - arr.copy_from_slice(&SharedSecret::new(&msg.onion_routing_packet.public_key.unwrap(), &self.our_network_key)[..]); - arr - }; + let shared_secret = SharedSecret::new(&msg.onion_routing_packet.public_key.unwrap(), &self.our_network_key).secret_bytes(); if msg.onion_routing_packet.version != 0 { //TODO: Spec doesn't indicate if we should only hash hop_data here (and in other @@ -2324,7 +2320,7 @@ impl ChannelMana }; let msg_hash = Sha256dHash::hash(&unsigned.encode()[..]); - let sig = self.secp_ctx.sign(&hash_to_message!(&msg_hash[..]), &self.our_network_key); + let sig = self.secp_ctx.sign_ecdsa(&hash_to_message!(&msg_hash[..]), &self.our_network_key); Ok(msgs::ChannelUpdate { signature: sig, @@ -2925,11 +2921,7 @@ impl ChannelMana if let PendingHTLCRouting::Forward { onion_packet, .. } = routing { let phantom_secret_res = self.keys_manager.get_node_secret(Recipient::PhantomNode); if phantom_secret_res.is_ok() && fake_scid::is_valid_phantom(&self.fake_scid_rand_bytes, short_chan_id) { - let phantom_shared_secret = { - let mut arr = [0; 32]; - arr.copy_from_slice(&SharedSecret::new(&onion_packet.public_key.unwrap(), &phantom_secret_res.unwrap())[..]); - arr - }; + let phantom_shared_secret = SharedSecret::new(&onion_packet.public_key.unwrap(), &phantom_secret_res.unwrap()).secret_bytes(); let next_hop = match onion_utils::decode_next_hop(phantom_shared_secret, &onion_packet.hop_data, onion_packet.hmac, payment_hash) { Ok(res) => res, Err(onion_utils::OnionDecodeErr::Malformed { err_msg, err_code }) => { diff --git a/lightning/src/ln/functional_test_utils.rs b/lightning/src/ln/functional_test_utils.rs index 163c6cbef..b4807ea68 100644 --- a/lightning/src/ln/functional_test_utils.rs +++ b/lightning/src/ln/functional_test_utils.rs @@ -35,7 +35,7 @@ use bitcoin::network::constants::Network; use bitcoin::hash_types::BlockHash; -use bitcoin::secp256k1::key::PublicKey; +use bitcoin::secp256k1::PublicKey; use io; use prelude::*; @@ -859,7 +859,7 @@ macro_rules! check_spends { for output in $tx.output.iter() { total_value_out += output.value; } - let min_fee = ($tx.get_weight() as u64 + 3) / 4; // One sat per vbyte (ie per weight/4, rounded up) + let min_fee = ($tx.weight() as u64 + 3) / 4; // One sat per vbyte (ie per weight/4, rounded up) // Input amount - output amount = fee, so check that out + min_fee is smaller than input assert!(total_value_out + min_fee <= total_value_in); $tx.verify(get_output).unwrap(); @@ -2004,7 +2004,10 @@ pub fn check_preimage_claim<'a, 'b, 'c>(node: &Node<'a, 'b, 'c>, prev_txn: &Vec< for tx in prev_txn { if node_txn[0].input[0].previous_output.txid == tx.txid() { check_spends!(node_txn[0], tx); - assert!(node_txn[0].input[0].witness[2].len() > 106); // must spend an htlc output + let mut iter = node_txn[0].input[0].witness.iter(); + iter.next().expect("expected 3 witness items"); + iter.next().expect("expected 3 witness items"); + assert!(iter.next().expect("expected 3 witness items").len() > 106); // must spend an htlc output assert_eq!(tx.input.len(), 1); // must spend a commitment tx found_prev = true; diff --git a/lightning/src/ln/functional_tests.rs b/lightning/src/ln/functional_tests.rs index 4defbaaa2..cd33bc41e 100644 --- a/lightning/src/ln/functional_tests.rs +++ b/lightning/src/ln/functional_tests.rs @@ -42,7 +42,7 @@ use bitcoin::blockdata::constants::genesis_block; use bitcoin::network::constants::Network; use bitcoin::secp256k1::Secp256k1; -use bitcoin::secp256k1::key::{PublicKey,SecretKey}; +use bitcoin::secp256k1::{PublicKey,SecretKey}; use regex; @@ -5746,8 +5746,8 @@ fn test_key_derivation_params() { check_spends!(local_txn_1[0], chan_1.3); // We check funding pubkey are unique - let (from_0_funding_key_0, from_0_funding_key_1) = (PublicKey::from_slice(&local_txn_0[0].input[0].witness[3][2..35]), PublicKey::from_slice(&local_txn_0[0].input[0].witness[3][36..69])); - let (from_1_funding_key_0, from_1_funding_key_1) = (PublicKey::from_slice(&local_txn_1[0].input[0].witness[3][2..35]), PublicKey::from_slice(&local_txn_1[0].input[0].witness[3][36..69])); + let (from_0_funding_key_0, from_0_funding_key_1) = (PublicKey::from_slice(&local_txn_0[0].input[0].witness.to_vec()[3][2..35]), PublicKey::from_slice(&local_txn_0[0].input[0].witness.to_vec()[3][36..69])); + let (from_1_funding_key_0, from_1_funding_key_1) = (PublicKey::from_slice(&local_txn_1[0].input[0].witness.to_vec()[3][2..35]), PublicKey::from_slice(&local_txn_1[0].input[0].witness.to_vec()[3][36..69])); if from_0_funding_key_0 == from_1_funding_key_0 || from_0_funding_key_0 == from_1_funding_key_1 || from_0_funding_key_1 == from_1_funding_key_0 @@ -7615,7 +7615,7 @@ fn test_bump_penalty_txn_on_revoked_commitment() { assert_eq!(node_txn[0].output.len(), 1); check_spends!(node_txn[0], revoked_txn[0]); let fee_1 = penalty_sum - node_txn[0].output[0].value; - feerate_1 = fee_1 * 1000 / node_txn[0].get_weight() as u64; + feerate_1 = fee_1 * 1000 / node_txn[0].weight() as u64; penalty_1 = node_txn[0].txid(); node_txn.clear(); }; @@ -7635,7 +7635,7 @@ fn test_bump_penalty_txn_on_revoked_commitment() { // Verify new bumped tx is different from last claiming transaction, we don't want spurrious rebroadcast assert_ne!(penalty_2, penalty_1); let fee_2 = penalty_sum - node_txn[0].output[0].value; - feerate_2 = fee_2 * 1000 / node_txn[0].get_weight() as u64; + feerate_2 = fee_2 * 1000 / node_txn[0].weight() as u64; // Verify 25% bump heuristic assert!(feerate_2 * 100 >= feerate_1 * 125); node_txn.clear(); @@ -7658,7 +7658,7 @@ fn test_bump_penalty_txn_on_revoked_commitment() { // Verify new bumped tx is different from last claiming transaction, we don't want spurrious rebroadcast assert_ne!(penalty_3, penalty_2); let fee_3 = penalty_sum - node_txn[0].output[0].value; - feerate_3 = fee_3 * 1000 / node_txn[0].get_weight() as u64; + feerate_3 = fee_3 * 1000 / node_txn[0].weight() as u64; // Verify 25% bump heuristic assert!(feerate_3 * 100 >= feerate_2 * 125); node_txn.clear(); @@ -7777,7 +7777,7 @@ fn test_bump_penalty_txn_on_revoked_htlcs() { first = node_txn[4].txid(); // Store both feerates for later comparison let fee_1 = revoked_htlc_txn[0].output[0].value + revoked_htlc_txn[2].output[0].value - node_txn[4].output[0].value; - feerate_1 = fee_1 * 1000 / node_txn[4].get_weight() as u64; + feerate_1 = fee_1 * 1000 / node_txn[4].weight() as u64; penalty_txn = vec![node_txn[2].clone()]; node_txn.clear(); } @@ -7817,7 +7817,7 @@ fn test_bump_penalty_txn_on_revoked_htlcs() { // Verify bumped tx is different and 25% bump heuristic assert_ne!(first, node_txn[0].txid()); let fee_2 = revoked_htlc_txn[0].output[0].value + revoked_htlc_txn[2].output[0].value - node_txn[0].output[0].value; - let feerate_2 = fee_2 * 1000 / node_txn[0].get_weight() as u64; + let feerate_2 = fee_2 * 1000 / node_txn[0].weight() as u64; assert!(feerate_2 * 100 > feerate_1 * 125); let txn = vec![node_txn[0].clone()]; node_txn.clear(); @@ -7901,12 +7901,12 @@ fn test_bump_penalty_txn_on_remote_commitment() { timeout = node_txn[6].txid(); let index = node_txn[6].input[0].previous_output.vout; let fee = remote_txn[0].output[index as usize].value - node_txn[6].output[0].value; - feerate_timeout = fee * 1000 / node_txn[6].get_weight() as u64; + feerate_timeout = fee * 1000 / node_txn[6].weight() as u64; preimage = node_txn[0].txid(); let index = node_txn[0].input[0].previous_output.vout; let fee = remote_txn[0].output[index as usize].value - node_txn[0].output[0].value; - feerate_preimage = fee * 1000 / node_txn[0].get_weight() as u64; + feerate_preimage = fee * 1000 / node_txn[0].weight() as u64; node_txn.clear(); }; @@ -7925,13 +7925,13 @@ fn test_bump_penalty_txn_on_remote_commitment() { let index = preimage_bump.input[0].previous_output.vout; let fee = remote_txn[0].output[index as usize].value - preimage_bump.output[0].value; - let new_feerate = fee * 1000 / preimage_bump.get_weight() as u64; + let new_feerate = fee * 1000 / preimage_bump.weight() as u64; assert!(new_feerate * 100 > feerate_timeout * 125); assert_ne!(timeout, preimage_bump.txid()); let index = node_txn[0].input[0].previous_output.vout; let fee = remote_txn[0].output[index as usize].value - node_txn[0].output[0].value; - let new_feerate = fee * 1000 / node_txn[0].get_weight() as u64; + let new_feerate = fee * 1000 / node_txn[0].weight() as u64; assert!(new_feerate * 100 > feerate_preimage * 125); assert_ne!(preimage, node_txn[0].txid()); diff --git a/lightning/src/ln/msgs.rs b/lightning/src/ln/msgs.rs index ef07d4c91..281a2a8e9 100644 --- a/lightning/src/ln/msgs.rs +++ b/lightning/src/ln/msgs.rs @@ -24,8 +24,8 @@ //! raw socket events into your non-internet-facing system and then send routing events back to //! track the network on the less-secure system. -use bitcoin::secp256k1::key::PublicKey; -use bitcoin::secp256k1::Signature; +use bitcoin::secp256k1::PublicKey; +use bitcoin::secp256k1::ecdsa::Signature; use bitcoin::secp256k1; use bitcoin::blockdata::script::Script; use bitcoin::hash_types::{Txid, BlockHash}; @@ -1835,7 +1835,7 @@ mod tests { use bitcoin::blockdata::opcodes; use bitcoin::hash_types::{Txid, BlockHash}; - use bitcoin::secp256k1::key::{PublicKey,SecretKey}; + use bitcoin::secp256k1::{PublicKey,SecretKey}; use bitcoin::secp256k1::{Secp256k1, Message}; use io::Cursor; @@ -1892,7 +1892,7 @@ mod tests { ($privkey: expr, $ctx: expr, $string: expr) => { { let sighash = Message::from_slice(&$string.into_bytes()[..]).unwrap(); - $ctx.sign(&sighash, &$privkey) + $ctx.sign_ecdsa(&sighash, &$privkey) } } } @@ -2155,7 +2155,7 @@ mod tests { htlc_basepoint: pubkey_5, first_per_commitment_point: pubkey_6, channel_flags: if random_bit { 1 << 5 } else { 0 }, - shutdown_scriptpubkey: if shutdown { OptionalField::Present(Address::p2pkh(&::bitcoin::PublicKey{compressed: true, key: pubkey_1}, Network::Testnet).script_pubkey()) } else { OptionalField::Absent }, + shutdown_scriptpubkey: if shutdown { OptionalField::Present(Address::p2pkh(&::bitcoin::PublicKey{compressed: true, inner: pubkey_1}, Network::Testnet).script_pubkey()) } else { OptionalField::Absent }, channel_type: if incl_chan_type { Some(ChannelTypeFeatures::empty()) } else { None }, }; let encoded_value = open_channel.encode(); @@ -2211,7 +2211,7 @@ mod tests { delayed_payment_basepoint: pubkey_4, htlc_basepoint: pubkey_5, first_per_commitment_point: pubkey_6, - shutdown_scriptpubkey: if shutdown { OptionalField::Present(Address::p2pkh(&::bitcoin::PublicKey{compressed: true, key: pubkey_1}, Network::Testnet).script_pubkey()) } else { OptionalField::Absent }, + shutdown_scriptpubkey: if shutdown { OptionalField::Present(Address::p2pkh(&::bitcoin::PublicKey{compressed: true, inner: pubkey_1}, Network::Testnet).script_pubkey()) } else { OptionalField::Absent }, channel_type: None, }; let encoded_value = accept_channel.encode(); @@ -2279,9 +2279,9 @@ mod tests { let shutdown = msgs::Shutdown { channel_id: [2; 32], scriptpubkey: - if script_type == 1 { Address::p2pkh(&::bitcoin::PublicKey{compressed: true, key: pubkey_1}, Network::Testnet).script_pubkey() } - else if script_type == 2 { Address::p2sh(&script, Network::Testnet).script_pubkey() } - else if script_type == 3 { Address::p2wpkh(&::bitcoin::PublicKey{compressed: true, key: pubkey_1}, Network::Testnet).unwrap().script_pubkey() } + if script_type == 1 { Address::p2pkh(&::bitcoin::PublicKey{compressed: true, inner: pubkey_1}, Network::Testnet).script_pubkey() } + else if script_type == 2 { Address::p2sh(&script, Network::Testnet).unwrap().script_pubkey() } + else if script_type == 3 { Address::p2wpkh(&::bitcoin::PublicKey{compressed: true, inner: pubkey_1}, Network::Testnet).unwrap().script_pubkey() } else { Address::p2wsh(&script, Network::Testnet).script_pubkey() }, }; let encoded_value = shutdown.encode(); diff --git a/lightning/src/ln/onion_route_tests.rs b/lightning/src/ln/onion_route_tests.rs index 834791cba..cf74fa863 100644 --- a/lightning/src/ln/onion_route_tests.rs +++ b/lightning/src/ln/onion_route_tests.rs @@ -33,7 +33,7 @@ use bitcoin::hashes::sha256::Hash as Sha256; use bitcoin::secp256k1; use bitcoin::secp256k1::Secp256k1; -use bitcoin::secp256k1::key::{PublicKey, SecretKey}; +use bitcoin::secp256k1::{PublicKey, SecretKey}; use io; use prelude::*; @@ -214,7 +214,7 @@ fn run_onion_failure_test_with_fail_intercept(_name: &str, test_case: impl msgs::ChannelUpdate { fn dummy(short_channel_id: u64) -> msgs::ChannelUpdate { use bitcoin::secp256k1::ffi::Signature as FFISignature; - use bitcoin::secp256k1::Signature; + use bitcoin::secp256k1::ecdsa::Signature; msgs::ChannelUpdate { signature: Signature::from(unsafe { FFISignature::new() }), contents: msgs::UnsignedChannelUpdate { @@ -371,7 +371,7 @@ fn test_onion_failure() { // and tamper returning error message let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap(); - msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], NODE|2, &[0;0]); + msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), NODE|2, &[0;0]); }, ||{}, true, Some(NODE|2), Some(NetworkUpdate::NodeFailure{node_id: route.paths[0][0].pubkey, is_permanent: false}), Some(route.paths[0][0].short_channel_id)); // final node failure @@ -379,7 +379,7 @@ fn test_onion_failure() { // and tamper returning error message let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap(); - msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], NODE|2, &[0;0]); + msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[1].shared_secret.as_ref(), NODE|2, &[0;0]); }, ||{ nodes[2].node.fail_htlc_backwards(&payment_hash); }, true, Some(NODE|2), Some(NetworkUpdate::NodeFailure{node_id: route.paths[0][1].pubkey, is_permanent: false}), Some(route.paths[0][1].short_channel_id)); @@ -391,14 +391,14 @@ fn test_onion_failure() { }, |msg| { let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap(); - msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], PERM|NODE|2, &[0;0]); + msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), PERM|NODE|2, &[0;0]); }, ||{}, true, Some(PERM|NODE|2), Some(NetworkUpdate::NodeFailure{node_id: route.paths[0][0].pubkey, is_permanent: true}), Some(route.paths[0][0].short_channel_id)); // final node failure run_onion_failure_test_with_fail_intercept("permanent_node_failure", 200, &nodes, &route, &payment_hash, &payment_secret, |_msg| {}, |msg| { let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap(); - msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], PERM|NODE|2, &[0;0]); + msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[1].shared_secret.as_ref(), PERM|NODE|2, &[0;0]); }, ||{ nodes[2].node.fail_htlc_backwards(&payment_hash); }, false, Some(PERM|NODE|2), Some(NetworkUpdate::NodeFailure{node_id: route.paths[0][1].pubkey, is_permanent: true}), Some(route.paths[0][1].short_channel_id)); @@ -410,7 +410,7 @@ fn test_onion_failure() { }, |msg| { let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap(); - msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], PERM|NODE|3, &[0;0]); + msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), PERM|NODE|3, &[0;0]); }, ||{ nodes[2].node.fail_htlc_backwards(&payment_hash); }, true, Some(PERM|NODE|3), Some(NetworkUpdate::NodeFailure{node_id: route.paths[0][0].pubkey, is_permanent: true}), Some(route.paths[0][0].short_channel_id)); @@ -419,7 +419,7 @@ fn test_onion_failure() { run_onion_failure_test_with_fail_intercept("required_node_feature_missing", 200, &nodes, &route, &payment_hash, &payment_secret, |_msg| {}, |msg| { let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap(); - msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], PERM|NODE|3, &[0;0]); + msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[1].shared_secret.as_ref(), PERM|NODE|3, &[0;0]); }, ||{ nodes[2].node.fail_htlc_backwards(&payment_hash); }, false, Some(PERM|NODE|3), Some(NetworkUpdate::NodeFailure{node_id: route.paths[0][1].pubkey, is_permanent: true}), Some(route.paths[0][1].short_channel_id)); @@ -443,7 +443,7 @@ fn test_onion_failure() { }, |msg| { let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap(); - msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], UPDATE|7, &ChannelUpdate::dummy(short_channel_id).encode_with_len()[..]); + msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), UPDATE|7, &ChannelUpdate::dummy(short_channel_id).encode_with_len()[..]); }, ||{}, true, Some(UPDATE|7), Some(NetworkUpdate::ChannelUpdateMessage{msg: ChannelUpdate::dummy(short_channel_id)}), Some(short_channel_id)); let short_channel_id = channels[1].0.contents.short_channel_id; @@ -452,7 +452,7 @@ fn test_onion_failure() { }, |msg| { let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap(); - msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], PERM|8, &[0;0]); + msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), PERM|8, &[0;0]); // short_channel_id from the processing node }, ||{}, true, Some(PERM|8), Some(NetworkUpdate::ChannelClosed{short_channel_id, is_permanent: true}), Some(short_channel_id)); @@ -462,7 +462,7 @@ fn test_onion_failure() { }, |msg| { let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap(); - msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], PERM|9, &[0;0]); + msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), PERM|9, &[0;0]); // short_channel_id from the processing node }, ||{}, true, Some(PERM|9), Some(NetworkUpdate::ChannelClosed{short_channel_id, is_permanent: true}), Some(short_channel_id)); @@ -571,7 +571,7 @@ fn test_onion_failure() { // Tamper returning error message let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap(); - msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], 23, &[0;0]); + msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[1].shared_secret.as_ref(), 23, &[0;0]); }, ||{ nodes[2].node.fail_htlc_backwards(&payment_hash); }, true, Some(23), None, None); diff --git a/lightning/src/ln/onion_utils.rs b/lightning/src/ln/onion_utils.rs index 0dd6087f8..e9e64491c 100644 --- a/lightning/src/ln/onion_utils.rs +++ b/lightning/src/ln/onion_utils.rs @@ -22,7 +22,7 @@ use bitcoin::hashes::cmp::fixed_time_eq; use bitcoin::hashes::hmac::{Hmac, HmacEngine}; use bitcoin::hashes::sha256::Hash as Sha256; -use bitcoin::secp256k1::key::{SecretKey,PublicKey}; +use bitcoin::secp256k1::{SecretKey,PublicKey}; use bitcoin::secp256k1::Secp256k1; use bitcoin::secp256k1::ecdh::SharedSecret; use bitcoin::secp256k1; @@ -47,12 +47,12 @@ pub(super) fn gen_rho_mu_from_shared_secret(shared_secret: &[u8]) -> ([u8; 32], assert_eq!(shared_secret.len(), 32); ({ let mut hmac = HmacEngine::::new(&[0x72, 0x68, 0x6f]); // rho - hmac.input(&shared_secret[..]); + hmac.input(&shared_secret); Hmac::from_engine(hmac).into_inner() }, { let mut hmac = HmacEngine::::new(&[0x6d, 0x75]); // mu - hmac.input(&shared_secret[..]); + hmac.input(&shared_secret); Hmac::from_engine(hmac).into_inner() }) } @@ -61,7 +61,7 @@ pub(super) fn gen_rho_mu_from_shared_secret(shared_secret: &[u8]) -> ([u8; 32], pub(super) fn gen_um_from_shared_secret(shared_secret: &[u8]) -> [u8; 32] { assert_eq!(shared_secret.len(), 32); let mut hmac = HmacEngine::::new(&[0x75, 0x6d]); // um - hmac.input(&shared_secret[..]); + hmac.input(&shared_secret); Hmac::from_engine(hmac).into_inner() } @@ -69,7 +69,7 @@ pub(super) fn gen_um_from_shared_secret(shared_secret: &[u8]) -> [u8; 32] { pub(super) fn gen_ammag_from_shared_secret(shared_secret: &[u8]) -> [u8; 32] { assert_eq!(shared_secret.len(), 32); let mut hmac = HmacEngine::::new(&[0x61, 0x6d, 0x6d, 0x61, 0x67]); // ammag - hmac.input(&shared_secret[..]); + hmac.input(&shared_secret); Hmac::from_engine(hmac).into_inner() } @@ -84,7 +84,7 @@ pub(super) fn construct_onion_keys_callback(secp_ctx: &Secp256k1(secp_ctx: & let amt_to_forward = htlc_msat - route_hop.fee_msat; htlc_msat = amt_to_forward; - let ammag = gen_ammag_from_shared_secret(&shared_secret[..]); + let ammag = gen_ammag_from_shared_secret(shared_secret.as_ref()); let mut decryption_tmp = Vec::with_capacity(packet_decrypted.len()); decryption_tmp.resize(packet_decrypted.len(), 0); @@ -361,7 +361,7 @@ pub(super) fn process_onion_failure(secp_ctx: & let failing_route_hop = if is_from_final_node { route_hop } else { &path[route_hop_idx + 1] }; if let Ok(err_packet) = msgs::DecodedOnionErrorPacket::read(&mut Cursor::new(&packet_decrypted)) { - let um = gen_um_from_shared_secret(&shared_secret[..]); + let um = gen_um_from_shared_secret(shared_secret.as_ref()); let mut hmac = HmacEngine::::new(&um); hmac.input(&err_packet.encode()[32..]); @@ -627,7 +627,7 @@ mod tests { use hex; use bitcoin::secp256k1::Secp256k1; - use bitcoin::secp256k1::key::{PublicKey,SecretKey}; + use bitcoin::secp256k1::{PublicKey,SecretKey}; use super::OnionKeys; @@ -678,31 +678,31 @@ mod tests { // Legacy packet creation test vectors from BOLT 4 let onion_keys = build_test_onion_keys(); - assert_eq!(onion_keys[0].shared_secret[..], hex::decode("53eb63ea8a3fec3b3cd433b85cd62a4b145e1dda09391b348c4e1cd36a03ea66").unwrap()[..]); + assert_eq!(onion_keys[0].shared_secret.secret_bytes(), hex::decode("53eb63ea8a3fec3b3cd433b85cd62a4b145e1dda09391b348c4e1cd36a03ea66").unwrap()[..]); assert_eq!(onion_keys[0].blinding_factor[..], hex::decode("2ec2e5da605776054187180343287683aa6a51b4b1c04d6dd49c45d8cffb3c36").unwrap()[..]); assert_eq!(onion_keys[0].ephemeral_pubkey.serialize()[..], hex::decode("02eec7245d6b7d2ccb30380bfbe2a3648cd7a942653f5aa340edcea1f283686619").unwrap()[..]); assert_eq!(onion_keys[0].rho, hex::decode("ce496ec94def95aadd4bec15cdb41a740c9f2b62347c4917325fcc6fb0453986").unwrap()[..]); assert_eq!(onion_keys[0].mu, hex::decode("b57061dc6d0a2b9f261ac410c8b26d64ac5506cbba30267a649c28c179400eba").unwrap()[..]); - assert_eq!(onion_keys[1].shared_secret[..], hex::decode("a6519e98832a0b179f62123b3567c106db99ee37bef036e783263602f3488fae").unwrap()[..]); + assert_eq!(onion_keys[1].shared_secret.secret_bytes(), hex::decode("a6519e98832a0b179f62123b3567c106db99ee37bef036e783263602f3488fae").unwrap()[..]); assert_eq!(onion_keys[1].blinding_factor[..], hex::decode("bf66c28bc22e598cfd574a1931a2bafbca09163df2261e6d0056b2610dab938f").unwrap()[..]); assert_eq!(onion_keys[1].ephemeral_pubkey.serialize()[..], hex::decode("028f9438bfbf7feac2e108d677e3a82da596be706cc1cf342b75c7b7e22bf4e6e2").unwrap()[..]); assert_eq!(onion_keys[1].rho, hex::decode("450ffcabc6449094918ebe13d4f03e433d20a3d28a768203337bc40b6e4b2c59").unwrap()[..]); assert_eq!(onion_keys[1].mu, hex::decode("05ed2b4a3fb023c2ff5dd6ed4b9b6ea7383f5cfe9d59c11d121ec2c81ca2eea9").unwrap()[..]); - assert_eq!(onion_keys[2].shared_secret[..], hex::decode("3a6b412548762f0dbccce5c7ae7bb8147d1caf9b5471c34120b30bc9c04891cc").unwrap()[..]); + assert_eq!(onion_keys[2].shared_secret.secret_bytes(), hex::decode("3a6b412548762f0dbccce5c7ae7bb8147d1caf9b5471c34120b30bc9c04891cc").unwrap()[..]); assert_eq!(onion_keys[2].blinding_factor[..], hex::decode("a1f2dadd184eb1627049673f18c6325814384facdee5bfd935d9cb031a1698a5").unwrap()[..]); assert_eq!(onion_keys[2].ephemeral_pubkey.serialize()[..], hex::decode("03bfd8225241ea71cd0843db7709f4c222f62ff2d4516fd38b39914ab6b83e0da0").unwrap()[..]); assert_eq!(onion_keys[2].rho, hex::decode("11bf5c4f960239cb37833936aa3d02cea82c0f39fd35f566109c41f9eac8deea").unwrap()[..]); assert_eq!(onion_keys[2].mu, hex::decode("caafe2820fa00eb2eeb78695ae452eba38f5a53ed6d53518c5c6edf76f3f5b78").unwrap()[..]); - assert_eq!(onion_keys[3].shared_secret[..], hex::decode("21e13c2d7cfe7e18836df50872466117a295783ab8aab0e7ecc8c725503ad02d").unwrap()[..]); + assert_eq!(onion_keys[3].shared_secret.secret_bytes(), hex::decode("21e13c2d7cfe7e18836df50872466117a295783ab8aab0e7ecc8c725503ad02d").unwrap()[..]); assert_eq!(onion_keys[3].blinding_factor[..], hex::decode("7cfe0b699f35525029ae0fa437c69d0f20f7ed4e3916133f9cacbb13c82ff262").unwrap()[..]); assert_eq!(onion_keys[3].ephemeral_pubkey.serialize()[..], hex::decode("031dde6926381289671300239ea8e57ffaf9bebd05b9a5b95beaf07af05cd43595").unwrap()[..]); assert_eq!(onion_keys[3].rho, hex::decode("cbe784ab745c13ff5cffc2fbe3e84424aa0fd669b8ead4ee562901a4a4e89e9e").unwrap()[..]); assert_eq!(onion_keys[3].mu, hex::decode("5052aa1b3d9f0655a0932e50d42f0c9ba0705142c25d225515c45f47c0036ee9").unwrap()[..]); - assert_eq!(onion_keys[4].shared_secret[..], hex::decode("b5756b9b542727dbafc6765a49488b023a725d631af688fc031217e90770c328").unwrap()[..]); + assert_eq!(onion_keys[4].shared_secret.secret_bytes(), hex::decode("b5756b9b542727dbafc6765a49488b023a725d631af688fc031217e90770c328").unwrap()[..]); assert_eq!(onion_keys[4].blinding_factor[..], hex::decode("c96e00dddaf57e7edcd4fb5954be5b65b09f17cb6d20651b4e90315be5779205").unwrap()[..]); assert_eq!(onion_keys[4].ephemeral_pubkey.serialize()[..], hex::decode("03a214ebd875aab6ddfd77f22c5e7311d7f77f17a169e599f157bbcdae8bf071f4").unwrap()[..]); assert_eq!(onion_keys[4].rho, hex::decode("034e18b8cc718e8af6339106e706c52d8df89e2b1f7e9142d996acf88df8799b").unwrap()[..]); @@ -758,22 +758,22 @@ mod tests { // Returning Errors test vectors from BOLT 4 let onion_keys = build_test_onion_keys(); - let onion_error = super::build_failure_packet(&onion_keys[4].shared_secret[..], 0x2002, &[0; 0]); + let onion_error = super::build_failure_packet(onion_keys[4].shared_secret.as_ref(), 0x2002, &[0; 0]); assert_eq!(onion_error.encode(), hex::decode("4c2fc8bc08510334b6833ad9c3e79cd1b52ae59dfe5c2a4b23ead50f09f7ee0b0002200200fe0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000").unwrap()); - let onion_packet_1 = super::encrypt_failure_packet(&onion_keys[4].shared_secret[..], &onion_error.encode()[..]); + let onion_packet_1 = super::encrypt_failure_packet(onion_keys[4].shared_secret.as_ref(), &onion_error.encode()[..]); assert_eq!(onion_packet_1.data, hex::decode("a5e6bd0c74cb347f10cce367f949098f2457d14c046fd8a22cb96efb30b0fdcda8cb9168b50f2fd45edd73c1b0c8b33002df376801ff58aaa94000bf8a86f92620f343baef38a580102395ae3abf9128d1047a0736ff9b83d456740ebbb4aeb3aa9737f18fb4afb4aa074fb26c4d702f42968888550a3bded8c05247e045b866baef0499f079fdaeef6538f31d44deafffdfd3afa2fb4ca9082b8f1c465371a9894dd8c243fb4847e004f5256b3e90e2edde4c9fb3082ddfe4d1e734cacd96ef0706bf63c9984e22dc98851bcccd1c3494351feb458c9c6af41c0044bea3c47552b1d992ae542b17a2d0bba1a096c78d169034ecb55b6e3a7263c26017f033031228833c1daefc0dedb8cf7c3e37c9c37ebfe42f3225c326e8bcfd338804c145b16e34e4").unwrap()); - let onion_packet_2 = super::encrypt_failure_packet(&onion_keys[3].shared_secret[..], &onion_packet_1.data[..]); + let onion_packet_2 = super::encrypt_failure_packet(onion_keys[3].shared_secret.as_ref(), &onion_packet_1.data[..]); assert_eq!(onion_packet_2.data, hex::decode("c49a1ce81680f78f5f2000cda36268de34a3f0a0662f55b4e837c83a8773c22aa081bab1616a0011585323930fa5b9fae0c85770a2279ff59ec427ad1bbff9001c0cd1497004bd2a0f68b50704cf6d6a4bf3c8b6a0833399a24b3456961ba00736785112594f65b6b2d44d9f5ea4e49b5e1ec2af978cbe31c67114440ac51a62081df0ed46d4a3df295da0b0fe25c0115019f03f15ec86fabb4c852f83449e812f141a9395b3f70b766ebbd4ec2fae2b6955bd8f32684c15abfe8fd3a6261e52650e8807a92158d9f1463261a925e4bfba44bd20b166d532f0017185c3a6ac7957adefe45559e3072c8dc35abeba835a8cb01a71a15c736911126f27d46a36168ca5ef7dccd4e2886212602b181463e0dd30185c96348f9743a02aca8ec27c0b90dca270").unwrap()); - let onion_packet_3 = super::encrypt_failure_packet(&onion_keys[2].shared_secret[..], &onion_packet_2.data[..]); + let onion_packet_3 = super::encrypt_failure_packet(onion_keys[2].shared_secret.as_ref(), &onion_packet_2.data[..]); assert_eq!(onion_packet_3.data, hex::decode("a5d3e8634cfe78b2307d87c6d90be6fe7855b4f2cc9b1dfb19e92e4b79103f61ff9ac25f412ddfb7466e74f81b3e545563cdd8f5524dae873de61d7bdfccd496af2584930d2b566b4f8d3881f8c043df92224f38cf094cfc09d92655989531524593ec6d6caec1863bdfaa79229b5020acc034cd6deeea1021c50586947b9b8e6faa83b81fbfa6133c0af5d6b07c017f7158fa94f0d206baf12dda6b68f785b773b360fd0497e16cc402d779c8d48d0fa6315536ef0660f3f4e1865f5b38ea49c7da4fd959de4e83ff3ab686f059a45c65ba2af4a6a79166aa0f496bf04d06987b6d2ea205bdb0d347718b9aeff5b61dfff344993a275b79717cd815b6ad4c0beb568c4ac9c36ff1c315ec1119a1993c4b61e6eaa0375e0aaf738ac691abd3263bf937e3").unwrap()); - let onion_packet_4 = super::encrypt_failure_packet(&onion_keys[1].shared_secret[..], &onion_packet_3.data[..]); + let onion_packet_4 = super::encrypt_failure_packet(onion_keys[1].shared_secret.as_ref(), &onion_packet_3.data[..]); assert_eq!(onion_packet_4.data, hex::decode("aac3200c4968f56b21f53e5e374e3a2383ad2b1b6501bbcc45abc31e59b26881b7dfadbb56ec8dae8857add94e6702fb4c3a4de22e2e669e1ed926b04447fc73034bb730f4932acd62727b75348a648a1128744657ca6a4e713b9b646c3ca66cac02cdab44dd3439890ef3aaf61708714f7375349b8da541b2548d452d84de7084bb95b3ac2345201d624d31f4d52078aa0fa05a88b4e20202bd2b86ac5b52919ea305a8949de95e935eed0319cf3cf19ebea61d76ba92532497fcdc9411d06bcd4275094d0a4a3c5d3a945e43305a5a9256e333e1f64dbca5fcd4e03a39b9012d197506e06f29339dfee3331995b21615337ae060233d39befea925cc262873e0530408e6990f1cbd233a150ef7b004ff6166c70c68d9f8c853c1abca640b8660db2921").unwrap()); - let onion_packet_5 = super::encrypt_failure_packet(&onion_keys[0].shared_secret[..], &onion_packet_4.data[..]); + let onion_packet_5 = super::encrypt_failure_packet(onion_keys[0].shared_secret.as_ref(), &onion_packet_4.data[..]); assert_eq!(onion_packet_5.data, hex::decode("9c5add3963fc7f6ed7f148623c84134b5647e1306419dbe2174e523fa9e2fbed3a06a19f899145610741c83ad40b7712aefaddec8c6baf7325d92ea4ca4d1df8bce517f7e54554608bf2bd8071a4f52a7a2f7ffbb1413edad81eeea5785aa9d990f2865dc23b4bc3c301a94eec4eabebca66be5cf638f693ec256aec514620cc28ee4a94bd9565bc4d4962b9d3641d4278fb319ed2b84de5b665f307a2db0f7fbb757366067d88c50f7e829138fde4f78d39b5b5802f1b92a8a820865af5cc79f9f30bc3f461c66af95d13e5e1f0381c184572a91dee1c849048a647a1158cf884064deddbf1b0b88dfe2f791428d0ba0f6fb2f04e14081f69165ae66d9297c118f0907705c9c4954a199bae0bb96fad763d690e7daa6cfda59ba7f2c8d11448b604d12d").unwrap()); } diff --git a/lightning/src/ln/peer_channel_encryptor.rs b/lightning/src/ln/peer_channel_encryptor.rs index fbd32526e..da6dc67ab 100644 --- a/lightning/src/ln/peer_channel_encryptor.rs +++ b/lightning/src/ln/peer_channel_encryptor.rs @@ -16,7 +16,7 @@ use bitcoin::hashes::{Hash, HashEngine}; use bitcoin::hashes::sha256::Hash as Sha256; use bitcoin::secp256k1::Secp256k1; -use bitcoin::secp256k1::key::{PublicKey,SecretKey}; +use bitcoin::secp256k1::{PublicKey,SecretKey}; use bitcoin::secp256k1::ecdh::SharedSecret; use bitcoin::secp256k1; @@ -163,7 +163,7 @@ impl PeerChannelEncryptor { #[inline] fn hkdf(state: &mut BidirectionalNoiseState, ss: SharedSecret) -> [u8; 32] { - let (t1, t2) = hkdf_extract_expand_twice(&state.ck, &ss[..]); + let (t1, t2) = hkdf_extract_expand_twice(&state.ck, ss.as_ref()); state.ck = t1; t2 } @@ -473,7 +473,7 @@ impl PeerChannelEncryptor { mod tests { use super::LN_MAX_MSG_LEN; - use bitcoin::secp256k1::key::{PublicKey,SecretKey}; + use bitcoin::secp256k1::{PublicKey,SecretKey}; use hex; diff --git a/lightning/src/ln/peer_handler.rs b/lightning/src/ln/peer_handler.rs index c09df1752..8430899ee 100644 --- a/lightning/src/ln/peer_handler.rs +++ b/lightning/src/ln/peer_handler.rs @@ -15,7 +15,7 @@ //! call into the provided message handlers (probably a ChannelManager and NetGraphmsgHandler) with messages //! they should handle, and encoding/sending response messages. -use bitcoin::secp256k1::key::{SecretKey,PublicKey}; +use bitcoin::secp256k1::{SecretKey,PublicKey}; use ln::features::InitFeatures; use ln::msgs; @@ -1725,7 +1725,7 @@ mod tests { use util::test_utils; use bitcoin::secp256k1::Secp256k1; - use bitcoin::secp256k1::key::{SecretKey, PublicKey}; + use bitcoin::secp256k1::{SecretKey, PublicKey}; use prelude::*; use sync::{Arc, Mutex}; diff --git a/lightning/src/ln/priv_short_conf_tests.rs b/lightning/src/ln/priv_short_conf_tests.rs index fa44a0655..4fce2bb1b 100644 --- a/lightning/src/ln/priv_short_conf_tests.rs +++ b/lightning/src/ln/priv_short_conf_tests.rs @@ -528,7 +528,7 @@ fn test_scid_alias_returned() { excess_data: Vec::new(), }; let msg_hash = Sha256dHash::hash(&contents.encode()[..]); - let signature = Secp256k1::new().sign(&hash_to_message!(&msg_hash[..]), &nodes[1].keys_manager.get_node_secret(Recipient::Node).unwrap()); + let signature = Secp256k1::new().sign_ecdsa(&hash_to_message!(&msg_hash[..]), &nodes[1].keys_manager.get_node_secret(Recipient::Node).unwrap()); let msg = msgs::ChannelUpdate { signature, contents }; expect_payment_failed_conditions!(nodes[0], payment_hash, false, diff --git a/lightning/src/ln/script.rs b/lightning/src/ln/script.rs index a9f44bae1..218b48276 100644 --- a/lightning/src/ln/script.rs +++ b/lightning/src/ln/script.rs @@ -4,7 +4,7 @@ use bitcoin::blockdata::opcodes::all::OP_PUSHBYTES_0 as SEGWIT_V0; use bitcoin::blockdata::script::{Builder, Script}; use bitcoin::hashes::Hash; use bitcoin::hash_types::{WPubkeyHash, WScriptHash}; -use bitcoin::secp256k1::key::PublicKey; +use bitcoin::secp256k1::PublicKey; use ln::features::InitFeatures; use ln::msgs::DecodeError; @@ -68,12 +68,12 @@ impl ShutdownScript { /// Generates a P2WPKH script pubkey from the given [`WPubkeyHash`]. pub fn new_p2wpkh(pubkey_hash: &WPubkeyHash) -> Self { - Self(ShutdownScriptImpl::Bolt2(Script::new_v0_wpkh(pubkey_hash))) + Self(ShutdownScriptImpl::Bolt2(Script::new_v0_p2wpkh(pubkey_hash))) } /// Generates a P2WSH script pubkey from the given [`WScriptHash`]. pub fn new_p2wsh(script_hash: &WScriptHash) -> Self { - Self(ShutdownScriptImpl::Bolt2(Script::new_v0_wsh(script_hash))) + Self(ShutdownScriptImpl::Bolt2(Script::new_v0_p2wsh(script_hash))) } /// Generates a witness script pubkey from the given segwit version and program. @@ -156,7 +156,7 @@ impl Into