multi: refactor SignDigest into SignMessage

To make it possible to use a remote signrpc server as a signer for our wallet, we need to change our main interface to sign the message instead of the message's digest. Otherwise we'd need to alter the signrpc.SignMessage RPC to accept a digest instead of only the message which has security implications.
2025-08-30 23:53:41 +02:00 · 2021-09-23 16:54:26 +02:00
parent dd3719d5de
commit 02757f6735
9 changed files with 123 additions and 86 deletions
--- a/keychain/btcwallet.go
+++ b/keychain/btcwallet.go
@@ -5,6 +5,7 @@ import (
 	"fmt"

 	"github.com/btcsuite/btcd/btcec"
+	"github.com/btcsuite/btcd/chaincfg/chainhash"
 	"github.com/btcsuite/btcwallet/waddrmgr"
 	"github.com/btcsuite/btcwallet/wallet"
 	"github.com/btcsuite/btcwallet/walletdb"
@@ -390,18 +391,25 @@ func (b *BtcWalletKeyRing) ECDH(keyDesc KeyDescriptor,
 	return h, nil
 }

-// SignDigest signs the given SHA256 message digest with the private key
-// described in the key descriptor.
+// SignMessage signs the given message, single or double SHA256 hashing it
+// first, with the private key described in the key descriptor.
 //
 // NOTE: This is part of the keychain.DigestSignerRing interface.
-func (b *BtcWalletKeyRing) SignDigest(keyDesc KeyDescriptor,
-	digest [32]byte) (*btcec.Signature, error) {
+func (b *BtcWalletKeyRing) SignMessage(keyDesc KeyDescriptor,
+	msg []byte, doubleHash bool) (*btcec.Signature, error) {

 	privKey, err := b.DerivePrivKey(keyDesc)
 	if err != nil {
 		return nil, err
 	}
-	return privKey.Sign(digest[:])
+
+	var digest []byte
+	if doubleHash {
+		digest = chainhash.DoubleHashB(msg)
+	} else {
+		digest = chainhash.HashB(msg)
+	}
+	return privKey.Sign(digest)
 }

 // SignDigestCompact signs the given SHA256 message digest with the private key