From b6943b91988944048565f9569ab3de2a47bb4ac2 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Wed, 30 Mar 2016 16:54:16 +1030 Subject: [PATCH] protocol: remove support for uncompressed pubkeys. There's no good reason to support them, and this way every key is 33 bytes. Signed-off-by: Rusty Russell --- bitcoin/address.c | 3 ++- bitcoin/pubkey.c | 41 +++++++++-------------------------------- bitcoin/pubkey.h | 5 +---- bitcoin/script.c | 8 ++------ daemon/packets.c | 2 +- daemon/peer.c | 2 +- daemon/secrets.c | 2 +- lightning.pb-c.h | 2 +- lightning.proto | 2 +- protobuf_convert.c | 2 +- 10 files changed, 20 insertions(+), 49 deletions(-) diff --git a/bitcoin/address.c b/bitcoin/address.c index eeb9c7b30..4506ea8ad 100644 --- a/bitcoin/address.c +++ b/bitcoin/address.c @@ -1,11 +1,12 @@ #include "address.h" #include "pubkey.h" +#include #include void bitcoin_address(const struct pubkey *key, struct bitcoin_address *addr) { struct sha256 h; - sha256(&h, key->der, pubkey_derlen(key)); + sha256(&h, memcheck(key->der, sizeof(key->der)), sizeof(key->der)); ripemd160(&addr->addr, h.u.u8, sizeof(h)); } diff --git a/bitcoin/pubkey.c b/bitcoin/pubkey.c index 8204aa88b..565802754 100644 --- a/bitcoin/pubkey.c +++ b/bitcoin/pubkey.c @@ -1,41 +1,19 @@ #include "privkey.h" #include "pubkey.h" #include +#include #include -/* Must agree on key validity with bitcoin! Stolen from bitcoin/src/pubkey.h's - * GetLen: - * // Copyright (c) 2009-2010 Satoshi Nakamoto - * // Copyright (c) 2009-2014 The Bitcoin Core developers - * // Distributed under the MIT software license, see the accompanying - * // file COPYING or http://www.opensource.org/licenses/mit-license.php. - */ -static unsigned int GetLen(unsigned char chHeader) -{ - if (chHeader == 2 || chHeader == 3) - return 33; - if (chHeader == 4 || chHeader == 6 || chHeader == 7) - return 65; - return 0; -} - -size_t pubkey_derlen(const struct pubkey *key) -{ - size_t len = GetLen(key->der[0]); - - assert(len); - return len; -} - bool pubkey_from_der(secp256k1_context *secpctx, const u8 *der, size_t len, struct pubkey *key) { - if (len > sizeof(key->der)) + if (len != sizeof(key->der)) return false; - memcpy(key->der, der, len); - if (!secp256k1_ec_pubkey_parse(secpctx, &key->pubkey, key->der, len)) + memcpy(key->der, memcheck(der, sizeof(key->der)), sizeof(key->der)); + if (!secp256k1_ec_pubkey_parse(secpctx, &key->pubkey, key->der, + sizeof(key->der))) return false; return true; @@ -55,7 +33,7 @@ bool pubkey_from_privkey(secp256k1_context *secpctx, if (!secp256k1_ec_pubkey_serialize(secpctx, key->der, &outlen, &key->pubkey, compressed_flags)) return false; - assert(outlen == pubkey_derlen(key)); + assert(outlen == sizeof(key->der)); return true; } @@ -63,10 +41,10 @@ bool pubkey_from_hexstr(secp256k1_context *secpctx, const char *derstr, size_t slen, struct pubkey *key) { size_t dlen; - unsigned char der[65]; + unsigned char der[sizeof(key->der)]; dlen = hex_data_size(slen); - if (dlen > sizeof(der)) + if (dlen != sizeof(der)) return false; if (!hex_decode(derstr, slen, der, dlen)) @@ -77,6 +55,5 @@ bool pubkey_from_hexstr(secp256k1_context *secpctx, bool pubkey_eq(const struct pubkey *a, const struct pubkey *b) { - return pubkey_derlen(a) == pubkey_derlen(b) - && memcmp(a->der, b->der, pubkey_derlen(a)) == 0; + return memcmp(a->der, b->der, sizeof(a->der)) == 0; } diff --git a/bitcoin/pubkey.h b/bitcoin/pubkey.h index 569fd8eec..70fd6a6d5 100644 --- a/bitcoin/pubkey.h +++ b/bitcoin/pubkey.h @@ -9,7 +9,7 @@ struct privkey; struct pubkey { /* DER-encoded key (as hashed by bitcoin, for addresses) */ - u8 der[65]; + u8 der[33]; /* Unpacked pubkey (as used by libsecp256k1 internally) */ secp256k1_pubkey pubkey; }; @@ -28,9 +28,6 @@ bool pubkey_from_privkey(secp256k1_context *secpctx, bool pubkey_from_der(secp256k1_context *secpctx, const u8 *der, size_t len, struct pubkey *key); -/* How many bytes of key->der are valid. */ -size_t pubkey_derlen(const struct pubkey *key); - /* Are these keys equal? */ bool pubkey_eq(const struct pubkey *a, const struct pubkey *b); #endif /* LIGHTNING_PUBKEY_H */ diff --git a/bitcoin/script.c b/bitcoin/script.c index 3a84ce0ca..e043c3865 100644 --- a/bitcoin/script.c +++ b/bitcoin/script.c @@ -102,7 +102,7 @@ static void add_number(u8 **script, u32 num) static void add_push_key(u8 **scriptp, const struct pubkey *key) { - add_push_bytes(scriptp, key->der, pubkey_derlen(key)); + add_push_bytes(scriptp, key->der, sizeof(key->der)); } static void add_push_sig(u8 **scriptp, const struct bitcoin_signature *sig) @@ -129,11 +129,7 @@ static void add_push_sig(u8 **scriptp, const struct bitcoin_signature *sig) /* Is a < b? (If equal we don't care) */ static bool key_less(const struct pubkey *a, const struct pubkey *b) { - /* Shorter one wins. */ - if (pubkey_derlen(a) != pubkey_derlen(b)) - return pubkey_derlen(a) < pubkey_derlen(b); - - return memcmp(a->der, b->der, pubkey_derlen(a)) < 0; + return memcmp(a->der, b->der, sizeof(a->der)) < 0; } /* tal_count() gives the length of the script. */ diff --git a/daemon/packets.c b/daemon/packets.c index d89395225..38a7e8a25 100644 --- a/daemon/packets.c +++ b/daemon/packets.c @@ -35,7 +35,7 @@ static void dump_tx(const char *str, const struct bitcoin_tx *tx) static void dump_key(const char *str, const struct pubkey *key) { - printf("%s:%s\n", str, hex_of(NULL, key->der, pubkey_derlen(key))); + printf("%s:%s\n", str, hex_of(NULL, key->der, sizeof(key->der))); } /* Wrap (and own!) member inside Pkt */ diff --git a/daemon/peer.c b/daemon/peer.c index 0b936e0a7..af4205a95 100644 --- a/daemon/peer.c +++ b/daemon/peer.c @@ -1363,7 +1363,7 @@ static void json_getpeers(struct command *cmd, /* This is only valid after crypto setup. */ if (p->state != STATE_INIT) json_add_hex(response, "peerid", - p->id.der, pubkey_derlen(&p->id)); + p->id.der, sizeof(p->id.der)); if (p->cstate) { json_object_start(response, "channel"); diff --git a/daemon/secrets.c b/daemon/secrets.c index 150f772fb..bf4120384 100644 --- a/daemon/secrets.c +++ b/daemon/secrets.c @@ -176,5 +176,5 @@ void secrets_init(struct lightningd_state *dstate) fatal("Invalid privkey"); log_info(dstate->base_log, "ID: "); - log_add_hex(dstate->base_log, dstate->id.der, pubkey_derlen(&dstate->id)); + log_add_hex(dstate->base_log, dstate->id.der, sizeof(dstate->id.der)); } diff --git a/lightning.pb-c.h b/lightning.pb-c.h index 451bc76d8..e8734b0a5 100644 --- a/lightning.pb-c.h +++ b/lightning.pb-c.h @@ -114,7 +114,7 @@ struct _BitcoinPubkey { ProtobufCMessage base; /* - * Either 65 or 33 bytes. + * Must be 33 bytes. */ ProtobufCBinaryData key; }; diff --git a/lightning.proto b/lightning.proto index 5c1424f00..664cd0e18 100644 --- a/lightning.proto +++ b/lightning.proto @@ -35,7 +35,7 @@ message locktime { // Pubkey for commitment transaction input. message bitcoin_pubkey { - // Either 65 or 33 bytes. + // Must be 33 bytes. required bytes key = 1; } diff --git a/protobuf_convert.c b/protobuf_convert.c index 0bc398955..d66a59005 100644 --- a/protobuf_convert.c +++ b/protobuf_convert.c @@ -71,7 +71,7 @@ BitcoinPubkey *pubkey_to_proto(const tal_t *ctx, const struct pubkey *key) struct pubkey check; bitcoin_pubkey__init(p); - p->key.len = pubkey_derlen(key); + p->key.len = sizeof(key->der); p->key.data = tal_dup_arr(p, u8, key->der, p->key.len, 0); {