common/derive_basepoints: complete the set of single-value derive functions.

This helps make it explicit what we're deriving; these two were missing. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2025-03-15 20:09:18 +01:00 · 2018-07-23 11:53:02 +09:30 · 2018-07-23 11:53:02 +09:30 · 5d815238cf
commit 5d815238cf
parent dd2773dfc0
3 changed files with 91 additions and 3 deletions
--- a/common/derive_basepoints.c
+++ b/common/derive_basepoints.c
@ -166,6 +166,52 @@ bool derive_funding_key(const struct secret *seed,
 	return true;
 }

+bool derive_revocation_basepoint(const struct secret *seed,
+				 struct pubkey *revocation_basepoint,
+				 struct secret *revocation_secret)
+{
+	struct keys {
+		struct privkey f, r, h, p, d;
+		struct sha256 shaseed;
+	} keys;
+
+	hkdf_sha256(&keys, sizeof(keys), NULL, 0, seed, sizeof(*seed),
+		    "c-lightning", strlen("c-lightning"));
+
+	if (revocation_basepoint) {
+		if (!pubkey_from_privkey(&keys.r, revocation_basepoint))
+			return false;
+	}
+
+	if (revocation_secret)
+		*revocation_secret = keys.r.secret;
+
+	return true;
+}
+
+bool derive_htlc_basepoint(const struct secret *seed,
+			   struct pubkey *htlc_basepoint,
+			   struct secret *htlc_secret)
+{
+	struct keys {
+		struct privkey f, r, h, p, d;
+		struct sha256 shaseed;
+	} keys;
+
+	hkdf_sha256(&keys, sizeof(keys), NULL, 0, seed, sizeof(*seed),
+		    "c-lightning", strlen("c-lightning"));
+
+	if (htlc_basepoint) {
+		if (!pubkey_from_privkey(&keys.h, htlc_basepoint))
+			return false;
+	}
+
+	if (htlc_secret)
+		*htlc_secret = keys.h.secret;
+
+	return true;
+}
+
 void towire_basepoints(u8 **pptr, const struct basepoints *b)
 {
 	towire_pubkey(pptr, &b->revocation);
--- a/common/derive_basepoints.h
+++ b/common/derive_basepoints.h
@ -39,7 +39,7 @@ bool derive_basepoints(const struct secret *seed,
 		       struct sha256 *shaseed);

 /**
- * derive_funding_key - give a (per-peer) seed, get just funding key
+ * derive_funding_key - given a (per-peer) seed, get just funding key
 * @seed: (in) seed (derived by master daemon from counter and main seed)
 * @funding_pubkey: (out) pubkey for funding tx output (if non-NULL)
 * @funding_privkey: (out) privkey for funding tx output (if non-NULL)
@ -51,7 +51,7 @@ bool derive_funding_key(const struct secret *seed,
 			struct privkey *funding_privkey);

 /**
- * derive_payment_basepoint - give a (per-channel) seed, get just payment basepoint
+ * derive_payment_basepoint - given a (per-channel) seed, get just payment basepoint
 * @seed: (in) seed (derived by master daemon from counter and main seed)
 * @payment_basepoint: (out) basepoint for payment output (if non-NULL)
 * @payment_secret: (out) secret for payment basepoint (if non-NULL)
@ -63,7 +63,7 @@ bool derive_payment_basepoint(const struct secret *seed,
 			      struct secret *payment_secret);

 /**
- * derive_shaseed - give a (per-peer) seed, get just the shaseed
+ * derive_shaseed - given a (per-peer) seed, get just the shaseed
 * @seed: (in) seed (derived by master daemon from counter and main seed)
 * @shaseed: (out) seed for shachain
 *
@ -83,6 +83,30 @@ bool derive_delayed_payment_basepoint(const struct secret *seed,
 			      struct pubkey *delayed_payment_basepoint,
 			      struct secret *delayed_payment_secret);

+/**
+ * derive_revocation_basepoint - given a (per-channel) seed, get just revocation basepoint
+ * @seed: (in) seed (derived by master daemon from counter and main seed)
+ * @payment_basepoint: (out) basepoint for revocation keys (if non-NULL)
+ * @payment_secret: (out) secret for revocation keys (if non-NULL)
+ *
+ * This is a cut-down version of derive_basepoints.
+ */
+bool derive_revocation_basepoint(const struct secret *seed,
+				 struct pubkey *revocation_basepoint,
+				 struct secret *revocation_secret);
+
+/**
+ * derive_htlc_basepoint - give a (per-channel) seed, get just htlc basepoint
+ * @seed: (in) seed (derived by master daemon from counter and main seed)
+ * @htlc_basepoint: (out) basepoint for htlc output (if non-NULL)
+ * @htlc_secret: (out) secret for htlc basepoint (if non-NULL)
+ *
+ * This is a cut-down version of derive_basepoints.
+ */
+bool derive_htlc_basepoint(const struct secret *seed,
+			   struct pubkey *htlc_basepoint,
+			   struct secret *htlc_secret);
+
 /**
 * per_commit_secret - get a secret for this index.
 * @shaseed: the sha256 seed
--- a/common/test/run-derive_basepoints.c
+++ b/common/test/run-derive_basepoints.c
@ -151,6 +151,24 @@ int main(void)
 	assert(derive_shaseed(&info->seed, &info->shaseed));
 	assert(sha256_eq(&baseline->shaseed, &info->shaseed));

+	/* derive_revocation_basepoint should give same results. */
+	info = new_info(ctx);
+	assert(derive_revocation_basepoint(&info->seed, &info->basepoints.revocation,
+					&info->secrets.revocation_basepoint_secret));
+	assert(pubkey_eq(&baseline->basepoints.revocation,
+			 &info->basepoints.revocation));
+	assert(secret_eq(&baseline->secrets.revocation_basepoint_secret,
+			  &info->secrets.revocation_basepoint_secret));
+
+	/* derive_htlc_basepoint should give same results. */
+	info = new_info(ctx);
+	assert(derive_htlc_basepoint(&info->seed, &info->basepoints.htlc,
+					&info->secrets.htlc_basepoint_secret));
+	assert(pubkey_eq(&baseline->basepoints.htlc,
+			 &info->basepoints.htlc));
+	assert(secret_eq(&baseline->secrets.htlc_basepoint_secret,
+			  &info->secrets.htlc_basepoint_secret));
+
 	tal_free(ctx);
 	wally_cleanup(0);
 	return 0;