struct secret: use everywhere.

We alternated between using a sha256 and using a privkey, but there are numerous places where we have a random 32 bytes which are neither. This fixes many of them (plus, struct privkey is now defined in terms of struct secret). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2025-12-23 00:54:20 +01:00 · 2017-05-06 11:49:44 +09:30
parent 42601c29d7
commit b99c5620ef
39 changed files with 250 additions and 215 deletions
--- a/lightningd/sphinx.h
+++ b/lightningd/sphinx.h
@@ -87,7 +87,7 @@ struct onionpacket *create_onionpacket(
 	const u8 * sessionkey,
 	const u8 *assocdata,
 	const size_t assocdatalen,
-	struct sha256 **path_secrets
+	struct secret **path_secrets
 	);

 /**
@@ -162,7 +162,8 @@ struct onionreply {
 *     HMAC
 * @failure_msg: message (must support tal_len)
 */
-u8 *create_onionreply(const tal_t *ctx, const u8 *shared_secret, const u8 *failure_msg);
+u8 *create_onionreply(const tal_t *ctx, const struct secret *shared_secret,
+		      const u8 *failure_msg);

 /**
 * wrap_onionreply - Add another encryption layer to the reply.
@@ -172,7 +173,8 @@ u8 *create_onionreply(const tal_t *ctx, const u8 *shared_secret, const u8 *failu
 *     encryption.
 * @reply: the reply to wrap
 */
-u8 *wrap_onionreply(const tal_t *ctx, const u8 *shared_secret, const u8 *reply);
+u8 *wrap_onionreply(const tal_t *ctx, const struct secret *shared_secret,
+		    const u8 *reply);

 /**
 * unwrap_onionreply - Remove layers, check integrity and parse reply
@@ -182,7 +184,8 @@ u8 *wrap_onionreply(const tal_t *ctx, const u8 *shared_secret, const u8 *reply);
 * @numhops: path length and number of shared_secrets provided
 * @reply: the incoming reply
 */
-struct onionreply *unwrap_onionreply(const tal_t *ctx, u8 **shared_secrets,
+struct onionreply *unwrap_onionreply(const tal_t *ctx,
+				     const struct secret *shared_secrets,
 				     const int numhops, const u8 *reply);

 #endif /* LIGHTNING_DAEMON_SPHINX_H */