mirror of
https://github.com/lightningnetwork/lnd.git
synced 2025-08-31 08:02:25 +02:00
multi: refactor SignDigestCompact into SignMessageCompact
To make it possible to use a remote lnrpc server as a signer for our wallet, we need to change our main interface to sign the message instead of the message's digest. Otherwise we'd need to alter the lnrpc.SignMessage RPC to accept a digest instead of only the message which has security implications.
This commit is contained in:
@@ -394,7 +394,7 @@ func (b *BtcWalletKeyRing) ECDH(keyDesc KeyDescriptor,
|
||||
// SignMessage signs the given message, single or double SHA256 hashing it
|
||||
// first, with the private key described in the key descriptor.
|
||||
//
|
||||
// NOTE: This is part of the keychain.DigestSignerRing interface.
|
||||
// NOTE: This is part of the keychain.MessageSignerRing interface.
|
||||
func (b *BtcWalletKeyRing) SignMessage(keyDesc KeyDescriptor,
|
||||
msg []byte, doubleHash bool) (*btcec.Signature, error) {
|
||||
|
||||
@@ -412,17 +412,24 @@ func (b *BtcWalletKeyRing) SignMessage(keyDesc KeyDescriptor,
|
||||
return privKey.Sign(digest)
|
||||
}
|
||||
|
||||
// SignDigestCompact signs the given SHA256 message digest with the private key
|
||||
// described in the key descriptor and returns the signature in the compact,
|
||||
// public key recoverable format.
|
||||
// SignMessageCompact signs the given message, single or double SHA256 hashing
|
||||
// it first, with the private key described in the key descriptor and returns
|
||||
// the signature in the compact, public key recoverable format.
|
||||
//
|
||||
// NOTE: This is part of the keychain.DigestSignerRing interface.
|
||||
func (b *BtcWalletKeyRing) SignDigestCompact(keyDesc KeyDescriptor,
|
||||
digest [32]byte) ([]byte, error) {
|
||||
// NOTE: This is part of the keychain.MessageSignerRing interface.
|
||||
func (b *BtcWalletKeyRing) SignMessageCompact(keyDesc KeyDescriptor,
|
||||
msg []byte, doubleHash bool) ([]byte, error) {
|
||||
|
||||
privKey, err := b.DerivePrivKey(keyDesc)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return btcec.SignCompact(btcec.S256(), privKey, digest[:], true)
|
||||
|
||||
var digest []byte
|
||||
if doubleHash {
|
||||
digest = chainhash.DoubleHashB(msg)
|
||||
} else {
|
||||
digest = chainhash.HashB(msg)
|
||||
}
|
||||
return btcec.SignCompact(btcec.S256(), privKey, digest, true)
|
||||
}
|
||||
|
@@ -178,7 +178,7 @@ type SecretKeyRing interface {
|
||||
|
||||
ECDHRing
|
||||
|
||||
DigestSignerRing
|
||||
MessageSignerRing
|
||||
|
||||
// DerivePrivKey attempts to derive the private key that corresponds to
|
||||
// the passed key descriptor. If the public key is set, then this
|
||||
@@ -188,24 +188,26 @@ type SecretKeyRing interface {
|
||||
DerivePrivKey(keyDesc KeyDescriptor) (*btcec.PrivateKey, error)
|
||||
}
|
||||
|
||||
// DigestSignerRing is an interface that abstracts away basic low-level ECDSA
|
||||
// MessageSignerRing is an interface that abstracts away basic low-level ECDSA
|
||||
// signing on keys within a key ring.
|
||||
type DigestSignerRing interface {
|
||||
type MessageSignerRing interface {
|
||||
// SignMessage signs the given message, single or double SHA256 hashing
|
||||
// it first, with the private key described in the key descriptor.
|
||||
SignMessage(keyDesc KeyDescriptor, message []byte,
|
||||
doubleHash bool) (*btcec.Signature, error)
|
||||
|
||||
// SignDigestCompact signs the given SHA256 message digest with the
|
||||
// private key described in the key descriptor and returns the signature
|
||||
// in the compact, public key recoverable format.
|
||||
SignDigestCompact(keyDesc KeyDescriptor, digest [32]byte) ([]byte, error)
|
||||
// SignMessageCompact signs the given message, single or double SHA256
|
||||
// hashing it first, with the private key described in the key
|
||||
// descriptor and returns the signature in the compact, public key
|
||||
// recoverable format.
|
||||
SignMessageCompact(keyDesc KeyDescriptor, message []byte,
|
||||
doubleHash bool) ([]byte, error)
|
||||
}
|
||||
|
||||
// SingleKeyDigestSigner is an abstraction interface that hides the
|
||||
// SingleKeyMessageSigner is an abstraction interface that hides the
|
||||
// implementation of the low-level ECDSA signing operations by wrapping a
|
||||
// single, specific private key.
|
||||
type SingleKeyDigestSigner interface {
|
||||
type SingleKeyMessageSigner interface {
|
||||
// PubKey returns the public key of the wrapped private key.
|
||||
PubKey() *btcec.PublicKey
|
||||
|
||||
@@ -213,10 +215,10 @@ type SingleKeyDigestSigner interface {
|
||||
// it first, with the wrapped private key.
|
||||
SignMessage(message []byte, doubleHash bool) (*btcec.Signature, error)
|
||||
|
||||
// SignDigestCompact signs the given SHA256 message digest with the
|
||||
// wrapped private key and returns the signature in the compact, public
|
||||
// key recoverable format.
|
||||
SignDigestCompact(digest [32]byte) ([]byte, error)
|
||||
// SignMessageCompact signs the given message, single or double SHA256
|
||||
// hashing it first, with the wrapped private key and returns the
|
||||
// signature in the compact, public key recoverable format.
|
||||
SignMessageCompact(message []byte, doubleHash bool) ([]byte, error)
|
||||
}
|
||||
|
||||
// ECDHRing is an interface that abstracts away basic low-level ECDH shared key
|
||||
|
@@ -5,45 +5,45 @@ import (
|
||||
"github.com/btcsuite/btcd/chaincfg/chainhash"
|
||||
)
|
||||
|
||||
func NewPubKeyDigestSigner(keyDesc KeyDescriptor,
|
||||
signer DigestSignerRing) *PubKeyDigestSigner {
|
||||
func NewPubKeyMessageSigner(keyDesc KeyDescriptor,
|
||||
signer MessageSignerRing) *PubKeyMessageSigner {
|
||||
|
||||
return &PubKeyDigestSigner{
|
||||
return &PubKeyMessageSigner{
|
||||
keyDesc: keyDesc,
|
||||
digestSigner: signer,
|
||||
}
|
||||
}
|
||||
|
||||
type PubKeyDigestSigner struct {
|
||||
type PubKeyMessageSigner struct {
|
||||
keyDesc KeyDescriptor
|
||||
digestSigner DigestSignerRing
|
||||
digestSigner MessageSignerRing
|
||||
}
|
||||
|
||||
func (p *PubKeyDigestSigner) PubKey() *btcec.PublicKey {
|
||||
func (p *PubKeyMessageSigner) PubKey() *btcec.PublicKey {
|
||||
return p.keyDesc.PubKey
|
||||
}
|
||||
|
||||
func (p *PubKeyDigestSigner) SignMessage(message []byte,
|
||||
func (p *PubKeyMessageSigner) SignMessage(message []byte,
|
||||
doubleHash bool) (*btcec.Signature, error) {
|
||||
|
||||
return p.digestSigner.SignMessage(p.keyDesc, message, doubleHash)
|
||||
}
|
||||
|
||||
func (p *PubKeyDigestSigner) SignDigestCompact(digest [32]byte) ([]byte,
|
||||
error) {
|
||||
func (p *PubKeyMessageSigner) SignMessageCompact(msg []byte,
|
||||
doubleHash bool) ([]byte, error) {
|
||||
|
||||
return p.digestSigner.SignDigestCompact(p.keyDesc, digest)
|
||||
return p.digestSigner.SignMessageCompact(p.keyDesc, msg, doubleHash)
|
||||
}
|
||||
|
||||
type PrivKeyDigestSigner struct {
|
||||
type PrivKeyMessageSigner struct {
|
||||
PrivKey *btcec.PrivateKey
|
||||
}
|
||||
|
||||
func (p *PrivKeyDigestSigner) PubKey() *btcec.PublicKey {
|
||||
func (p *PrivKeyMessageSigner) PubKey() *btcec.PublicKey {
|
||||
return p.PrivKey.PubKey()
|
||||
}
|
||||
|
||||
func (p *PrivKeyDigestSigner) SignMessage(msg []byte,
|
||||
func (p *PrivKeyMessageSigner) SignMessage(msg []byte,
|
||||
doubleHash bool) (*btcec.Signature, error) {
|
||||
|
||||
var digest []byte
|
||||
@@ -55,11 +55,17 @@ func (p *PrivKeyDigestSigner) SignMessage(msg []byte,
|
||||
return p.PrivKey.Sign(digest)
|
||||
}
|
||||
|
||||
func (p *PrivKeyDigestSigner) SignDigestCompact(digest [32]byte) ([]byte,
|
||||
error) {
|
||||
func (p *PrivKeyMessageSigner) SignMessageCompact(msg []byte,
|
||||
doubleHash bool) ([]byte, error) {
|
||||
|
||||
return btcec.SignCompact(btcec.S256(), p.PrivKey, digest[:], true)
|
||||
var digest []byte
|
||||
if doubleHash {
|
||||
digest = chainhash.DoubleHashB(msg)
|
||||
} else {
|
||||
digest = chainhash.HashB(msg)
|
||||
}
|
||||
return btcec.SignCompact(btcec.S256(), p.PrivKey, digest, true)
|
||||
}
|
||||
|
||||
var _ SingleKeyDigestSigner = (*PubKeyDigestSigner)(nil)
|
||||
var _ SingleKeyDigestSigner = (*PrivKeyDigestSigner)(nil)
|
||||
var _ SingleKeyMessageSigner = (*PubKeyMessageSigner)(nil)
|
||||
var _ SingleKeyMessageSigner = (*PrivKeyMessageSigner)(nil)
|
||||
|
Reference in New Issue
Block a user