aljaz/lightning
1
0
Fork 0
mirror of https://github.com/aljazceru/lightning.git synced 2025-12-21 16:14:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

daemon/sphinx: split handling.

Browse Source 
We want to use HSM to do the ECDH part, so split that out.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This commit is contained in:
Rusty Russell
2017-04-01 21:28:30 +10:30
parent e36a65a189
commit 8146b838e8
4 changed files with 43 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
daemon/sphinx.c
View File

@@ -247,6 +247,15 @@ static bool create_shared_secret(
return true;
}
bool onion_shared_secret(
u8 *secret,
const struct onionpacket *packet,
const struct privkey *privkey)
{
return create_shared_secret(secret, &packet->ephemeralkey,
privkey->secret);
}
void pubkey_hash160(
u8 *dst,
const struct pubkey *pubkey)
@@ -267,7 +276,8 @@ void pubkey_hash160(
memcpy(dst, r.u.u8, sizeof(r));
}
static void generate_key_set(u8 secret[SHARED_SECRET_SIZE], struct keyset *keys)
static void generate_key_set(const u8 secret[SHARED_SECRET_SIZE],
struct keyset *keys)
{
generate_key(keys->rho, "rho", 3, secret);
generate_key(keys->pi, "pi", 2, secret);
@@ -417,13 +427,12 @@ struct onionpacket *create_onionpacket(
struct route_step *process_onionpacket(
const tal_t *ctx,
const struct onionpacket *msg,
struct privkey *hop_privkey,
const u8 *shared_secret,
const u8 *assocdata,
const size_t assocdatalen
)
{
struct route_step *step = talz(ctx, struct route_step);
u8 secret[SHARED_SECRET_SIZE];
u8 hmac[20];
struct keyset keys;
u8 paddedhoppayloads[TOTAL_HOP_PAYLOAD_SIZE + HOP_PAYLOAD_SIZE];
@@ -434,8 +443,7 @@ struct route_step *process_onionpacket(
step->next = talz(step, struct onionpacket);
step->next->version = msg->version;
create_shared_secret(secret, &msg->ephemeralkey, hop_privkey->secret);
generate_key_set(secret, &keys);
generate_key_set(shared_secret, &keys);
compute_packet_hmac(msg, assocdata, assocdatalen, keys.mu, hmac);
@@ -461,7 +469,7 @@ struct route_step *process_onionpacket(
memcpy(&step->next->hoppayloads, paddedhoppayloads + HOP_PAYLOAD_SIZE,
TOTAL_HOP_PAYLOAD_SIZE);
compute_blinding_factor(&msg->ephemeralkey, secret, blind);
compute_blinding_factor(&msg->ephemeralkey, shared_secret, blind);
if (!blind_group_element(&step->next->ephemeralkey, &msg->ephemeralkey, blind))
return tal_free(step);
memcpy(&step->next->nexthop, paddedheader, SECURITY_PARAMETER);