mirror of
https://github.com/aljazceru/lightning.git
synced 2025-12-19 15:14:23 +01:00
917f78a4f8
This avoids duplication of both logic and error-prone values, such as the salt. Grouping all hsm encryption logic into a public API will also allow us to fuzz it. Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
23 lines
737 B
C
23 lines
737 B
C
#ifndef LIGHTNING_COMMON_HSM_ENCRYPTION_H
|
|
#define LIGHTNING_COMMON_HSM_ENCRYPTION_H
|
|
#include "config.h"
|
|
#include <bitcoin/privkey.h>
|
|
#include <ccan/short_types/short_types.h>
|
|
#include <ccan/tal/tal.h>
|
|
|
|
|
|
/** Derive the hsm_secret encryption key from a passphrase.
|
|
* @pass: the passphrase string.
|
|
* @encryption_key: the output key derived from the passphrase.
|
|
*
|
|
* On success, NULL is returned. On error, a human-readable error is.
|
|
*/
|
|
char *hsm_secret_encryption_key(const char *pass, struct secret *encryption_key);
|
|
|
|
/** Unlock and zeroize the encryption key memory after use.
|
|
* @key: the encryption key. If taken, it will be tal_free'd
|
|
*/
|
|
void discard_key(struct secret *key TAKES);
|
|
|
|
#endif /* LIGHTNING_COMMON_HSM_ENCRYPTION_H */
|