From feb882f6a45ecf78b176a09ed61efc1cdfb43b7f Mon Sep 17 00:00:00 2001 From: Valentine Wallace Date: Thu, 29 Apr 2021 12:19:05 -0400 Subject: [PATCH] Move invoice signing behind KeysInterface --- fuzz/src/chanmon_consistency.rs | 5 +++++ fuzz/src/full_stack.rs | 5 +++++ lightning/src/chain/keysinterface.rs | 11 +++++++++++ lightning/src/ln/channel.rs | 2 ++ lightning/src/util/test_utils.rs | 6 ++++++ 5 files changed, 29 insertions(+) diff --git a/fuzz/src/chanmon_consistency.rs b/fuzz/src/chanmon_consistency.rs index a75883792..b48604dba 100644 --- a/fuzz/src/chanmon_consistency.rs +++ b/fuzz/src/chanmon_consistency.rs @@ -56,6 +56,7 @@ use utils::test_logger; use utils::test_persister::TestPersister; use bitcoin::secp256k1::key::{PublicKey,SecretKey}; +use bitcoin::secp256k1::recovery::RecoverableSignature; use bitcoin::secp256k1::Secp256k1; use std::mem; @@ -206,6 +207,10 @@ impl KeysInterface for KeyProvider { disable_revocation_policy_check: false, }) } + + fn sign_invoice(&self, _invoice_preimage: Vec) -> Result { + unreachable!() + } } impl KeyProvider { diff --git a/fuzz/src/full_stack.rs b/fuzz/src/full_stack.rs index feee650d2..55fae3a85 100644 --- a/fuzz/src/full_stack.rs +++ b/fuzz/src/full_stack.rs @@ -48,6 +48,7 @@ use utils::test_logger; use utils::test_persister::TestPersister; use bitcoin::secp256k1::key::{PublicKey,SecretKey}; +use bitcoin::secp256k1::recovery::RecoverableSignature; use bitcoin::secp256k1::Secp256k1; use std::cell::RefCell; @@ -313,6 +314,10 @@ impl KeysInterface for KeyProvider { fn read_chan_signer(&self, data: &[u8]) -> Result { EnforcingSigner::read(&mut std::io::Cursor::new(data)) } + + fn sign_invoice(&self, _invoice_preimage: Vec) -> Result { + unreachable!() + } } #[inline] diff --git a/lightning/src/chain/keysinterface.rs b/lightning/src/chain/keysinterface.rs index 02ee9b5f5..366afe0db 100644 --- a/lightning/src/chain/keysinterface.rs +++ b/lightning/src/chain/keysinterface.rs @@ -26,6 +26,7 @@ use bitcoin::hash_types::WPubkeyHash; use bitcoin::secp256k1::key::{SecretKey, PublicKey}; use bitcoin::secp256k1::{Secp256k1, Signature, Signing}; +use bitcoin::secp256k1::recovery::RecoverableSignature; use bitcoin::secp256k1; use util::{byte_utils, transaction_utils}; @@ -391,6 +392,12 @@ pub trait KeysInterface { /// contain no versioning scheme. You may wish to include your own version prefix and ensure /// you've read all of the provided bytes to ensure no corruption occurred. fn read_chan_signer(&self, reader: &[u8]) -> Result; + + /// Sign an invoice's preimage (note that this is the preimage of the invoice, not the HTLC's + /// preimage). By parameterizing by the preimage instead of the hash, we allow implementors of + /// this trait to parse the invoice and make sure they're signing what they expect, rather than + /// blindly signing the hash. + fn sign_invoice(&self, invoice_preimage: Vec) -> Result; } #[derive(Clone)] @@ -1047,6 +1054,10 @@ impl KeysInterface for KeysManager { fn read_chan_signer(&self, reader: &[u8]) -> Result { InMemorySigner::read(&mut std::io::Cursor::new(reader)) } + + fn sign_invoice(&self, invoice_preimage: Vec) -> Result { + Ok(self.secp_ctx.sign_recoverable(&hash_to_message!(&Sha256::hash(&invoice_preimage)), &self.get_node_secret())) + } } // Ensure that BaseSign can have a vtable diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs index 0085ef098..fc59c29d7 100644 --- a/lightning/src/ln/channel.rs +++ b/lightning/src/ln/channel.rs @@ -4843,6 +4843,7 @@ mod tests { use bitcoin::secp256k1::{Secp256k1, Message, Signature, All}; use bitcoin::secp256k1::ffi::Signature as FFISignature; use bitcoin::secp256k1::key::{SecretKey,PublicKey}; + use bitcoin::secp256k1::recovery::RecoverableSignature; use bitcoin::hashes::sha256::Hash as Sha256; use bitcoin::hashes::Hash; use bitcoin::hash_types::{Txid, WPubkeyHash}; @@ -4888,6 +4889,7 @@ mod tests { } fn get_secure_random_bytes(&self) -> [u8; 32] { [0; 32] } fn read_chan_signer(&self, _data: &[u8]) -> Result { panic!(); } + fn sign_invoice(&self, _invoice_preimage: Vec) -> Result { panic!(); } } fn public_from_secret_hex(secp_ctx: &Secp256k1, hex: &str) -> PublicKey { diff --git a/lightning/src/util/test_utils.rs b/lightning/src/util/test_utils.rs index 153f2f28e..00c346a80 100644 --- a/lightning/src/util/test_utils.rs +++ b/lightning/src/util/test_utils.rs @@ -32,6 +32,7 @@ use bitcoin::network::constants::Network; use bitcoin::hash_types::{BlockHash, Txid}; use bitcoin::secp256k1::{SecretKey, PublicKey, Secp256k1, Signature}; +use bitcoin::secp256k1::recovery::RecoverableSignature; use regex; @@ -75,6 +76,7 @@ impl keysinterface::KeysInterface for OnlyReadsKeysInterface { fn read_chan_signer(&self, reader: &[u8]) -> Result { EnforcingSigner::read(&mut std::io::Cursor::new(reader)) } + fn sign_invoice(&self, _invoice_preimage: Vec) -> Result { unreachable!(); } } pub struct TestChainMonitor<'a> { @@ -483,6 +485,10 @@ impl keysinterface::KeysInterface for TestKeysInterface { disable_revocation_policy_check: self.disable_revocation_policy_check, }) } + + fn sign_invoice(&self, invoice_preimage: Vec) -> Result { + self.backing.sign_invoice(invoice_preimage) + } } -- 2.39.5