mirrors/rust-lightning
1
0
Fork 0
mirror of https://github.com/lightningdevkit/rust-lightning.git synced 2025-02-25 07:17:40 +01:00
Code Issues Projects Releases Packages Wiki Activity

Use TaggedHash in merkle::verify_signature

Browse source 
An earlier commit introduced TaggedHash for use in sign_message. For
consistency, use it in verify_signature, too.
This commit is contained in:
Jeffrey Czyz 2023-07-11 15:08:23 -05:00
parent 7f641da655
commit 63d0d5583d
No known key found for this signature in database
GPG key ID: 3A4E08275D5E96D2
3 changed files with 18 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
lightning/src/offers/invoice.rs
View file

@ -1184,8 +1184,9 @@ impl TryFrom<ParsedMessage<FullInvoiceTlvStream>> for Bolt12Invoice {
None => return Err(Bolt12ParseError::InvalidSemantics(Bolt12SemanticError::MissingSignature)),
Some(signature) => signature,
};
let message = TaggedHash::new(SIGNATURE_TAG, &bytes);
let pubkey = contents.fields().signing_pubkey;
merkle::verify_signature(&signature, SIGNATURE_TAG, &bytes, pubkey)?;
merkle::verify_signature(&signature, message, pubkey)?;
Ok(Bolt12Invoice { bytes, contents, signature })
}
@ -1288,7 +1289,7 @@ mod tests {
use crate::ln::inbound_payment::ExpandedKey;
use crate::ln::msgs::DecodeError;
use crate::offers::invoice_request::InvoiceRequestTlvStreamRef;
use crate::offers::merkle::{SignError, SignatureTlvStreamRef, self};
use crate::offers::merkle::{SignError, SignatureTlvStreamRef, TaggedHash, self};
use crate::offers::offer::{Amount, OfferBuilder, OfferTlvStreamRef, Quantity};
use crate::offers::parse::{Bolt12ParseError, Bolt12SemanticError};
use crate::offers::payer::PayerTlvStreamRef;
@ -1400,11 +1401,9 @@ mod tests {
assert_eq!(invoice.fallbacks(), vec![]);
assert_eq!(invoice.invoice_features(), &Bolt12InvoiceFeatures::empty());
assert_eq!(invoice.signing_pubkey(), recipient_pubkey());
assert!(
merkle::verify_signature(
&invoice.signature, SIGNATURE_TAG, &invoice.bytes, recipient_pubkey()
).is_ok()
);
let message = TaggedHash::new(SIGNATURE_TAG, &invoice.bytes);
assert!(merkle::verify_signature(&invoice.signature, message, recipient_pubkey()).is_ok());
let digest = Message::from_slice(&invoice.signable_hash()).unwrap();
let pubkey = recipient_pubkey().into();
@ -1499,11 +1498,9 @@ mod tests {
assert_eq!(invoice.fallbacks(), vec![]);
assert_eq!(invoice.invoice_features(), &Bolt12InvoiceFeatures::empty());
assert_eq!(invoice.signing_pubkey(), recipient_pubkey());
assert!(
merkle::verify_signature(
&invoice.signature, SIGNATURE_TAG, &invoice.bytes, recipient_pubkey()
).is_ok()
);
let message = TaggedHash::new(SIGNATURE_TAG, &invoice.bytes);
assert!(merkle::verify_signature(&invoice.signature, message, recipient_pubkey()).is_ok());
assert_eq!(
invoice.as_tlv_stream(),

11
lightning/src/offers/invoice_request.rs
View file

@ -799,7 +799,8 @@ impl TryFrom<Vec<u8>> for InvoiceRequest {
None => return Err(Bolt12ParseError::InvalidSemantics(Bolt12SemanticError::MissingSignature)),
Some(signature) => signature,
};
merkle::verify_signature(&signature, SIGNATURE_TAG, &bytes, contents.payer_id)?;
let message = TaggedHash::new(SIGNATURE_TAG, &bytes);
merkle::verify_signature(&signature, message, contents.payer_id)?;
Ok(InvoiceRequest { bytes, contents, signature })
}
@ -933,11 +934,9 @@ mod tests {
assert_eq!(invoice_request.quantity(), None);
assert_eq!(invoice_request.payer_id(), payer_pubkey());
assert_eq!(invoice_request.payer_note(), None);
assert!(
merkle::verify_signature(
&invoice_request.signature, SIGNATURE_TAG, &invoice_request.bytes, payer_pubkey()
).is_ok()
);
let message = TaggedHash::new(SIGNATURE_TAG, &invoice_request.bytes);
assert!(merkle::verify_signature(&invoice_request.signature, message, payer_pubkey()).is_ok());
assert_eq!(
invoice_request.as_tlv_stream(),

10
lightning/src/offers/merkle.rs
View file

@ -88,17 +88,15 @@ where
Ok(signature)
}
/// Verifies the signature with a pubkey over the given bytes using a tagged hash as the message
/// Verifies the signature with a pubkey over the given message using a tagged hash as the message
/// digest.
///
/// Panics if `bytes` is not a well-formed TLV stream containing at least one TLV record.
pub(super) fn verify_signature(
signature: &Signature, tag: &str, bytes: &[u8], pubkey: PublicKey,
signature: &Signature, message: TaggedHash, pubkey: PublicKey,
) -> Result<(), secp256k1::Error> {
let digest = message_digest(tag, bytes);
let digest = message.as_digest();
let pubkey = pubkey.into();
let secp_ctx = Secp256k1::verification_only();
secp_ctx.verify_schnorr(signature, &digest, &pubkey)
secp_ctx.verify_schnorr(signature, digest, &pubkey)
}
pub(super) fn message_digest(tag: &str, bytes: &[u8]) -> Message {