From 3e2a7240d7aef1861a04c684c54b3abde107630c Mon Sep 17 00:00:00 2001 From: Wilmer Paulino Date: Tue, 21 Jan 2020 15:37:49 -0800 Subject: [PATCH] lndclient: expose DeriveSharedKey for SignerClient --- go.mod | 2 +- go.sum | 8 +++---- lndclient/signer_client.go | 48 ++++++++++++++++++++++++++++++++++++++ test/signer_mock.go | 7 ++++++ 4 files changed, 60 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 9a3bfd3..99245de 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/google/go-cmp v0.3.1 // indirect github.com/grpc-ecosystem/grpc-gateway v1.10.0 github.com/jessevdk/go-flags v1.4.0 - github.com/lightningnetwork/lnd v0.8.0-beta-rc3.0.20200103000305-22e1f006b194 + github.com/lightningnetwork/lnd v0.9.0-beta-rc3.0.20200121213302-a2977c4438b5 github.com/lightningnetwork/lnd/queue v1.0.2 github.com/urfave/cli v1.20.0 golang.org/x/crypto v0.0.0-20190829043050-9756ffdc2472 // indirect diff --git a/go.sum b/go.sum index f77ece8..c4cfafb 100644 --- a/go.sum +++ b/go.sum @@ -137,10 +137,10 @@ github.com/lightninglabs/gozmq v0.0.0-20191113021534-d20a764486bf/go.mod h1:vxmQ github.com/lightninglabs/neutrino v0.11.0 h1:lPpYFCtsfJX2W5zI4pWycPmbbBdr7zU+BafYdLoD6k0= github.com/lightninglabs/neutrino v0.11.0/go.mod h1:CuhF0iuzg9Sp2HO6ZgXgayviFTn1QHdSTJlMncK80wg= github.com/lightninglabs/protobuf-hex-display v1.3.3-0.20191212020323-b444784ce75d/go.mod h1:KDb67YMzoh4eudnzClmvs2FbiLG9vxISmLApUkCa4uI= -github.com/lightningnetwork/lightning-onion v0.0.0-20191214001659-f34e9dc1651d h1:U50MHOOeL6gR3Ee/l0eMvZMpmRo+ydzmlQuIruCyCsA= -github.com/lightningnetwork/lightning-onion v0.0.0-20191214001659-f34e9dc1651d/go.mod h1:rigfi6Af/KqsF7Za0hOgcyq2PNH4AN70AaMRxcJkff4= -github.com/lightningnetwork/lnd v0.8.0-beta-rc3.0.20200103000305-22e1f006b194 h1:PCzjJcVWcMbkiQvzFNc3ta0JmiMprFDqzMZsSpd/km8= -github.com/lightningnetwork/lnd v0.8.0-beta-rc3.0.20200103000305-22e1f006b194/go.mod h1:WHK90FD3m2n6OyWzondS7ho0Uhtgfp30Nxvj24lQYX4= +github.com/lightningnetwork/lightning-onion v1.0.1 h1:qChGgS5+aPxFeR6JiUsGvanei1bn6WJpYbvosw/1604= +github.com/lightningnetwork/lightning-onion v1.0.1/go.mod h1:rigfi6Af/KqsF7Za0hOgcyq2PNH4AN70AaMRxcJkff4= +github.com/lightningnetwork/lnd v0.9.0-beta-rc3.0.20200121213302-a2977c4438b5 h1:qLO+I/7EggqegY8uu6k9TuE/5Tc5zV2L8gQGfgEV9LY= +github.com/lightningnetwork/lnd v0.9.0-beta-rc3.0.20200121213302-a2977c4438b5/go.mod h1:sxMH8WLTqgERzBCrTrBCuDkT6SqAjZhnOWiAQSNzJ8A= github.com/lightningnetwork/lnd/cert v1.0.0 h1:J0gtf2UNQX2U+/j5cXnX2wIMSTuJuwrXv7m9qJr2wtw= github.com/lightningnetwork/lnd/cert v1.0.0/go.mod h1:fmtemlSMf5t4hsQmcprSoOykypAPp+9c+0d0iqTScMo= github.com/lightningnetwork/lnd/queue v1.0.1 h1:jzJKcTy3Nj5lQrooJ3aaw9Lau3I0IwvQR5sqtjdv2R0= diff --git a/lndclient/signer_client.go b/lndclient/signer_client.go index e587e05..f5cee8f 100644 --- a/lndclient/signer_client.go +++ b/lndclient/signer_client.go @@ -3,6 +3,7 @@ package lndclient import ( "context" + "github.com/btcsuite/btcd/btcec" "github.com/btcsuite/btcd/wire" "github.com/lightninglabs/loop/swap" "github.com/lightningnetwork/lnd/input" @@ -26,6 +27,19 @@ type SignerClient interface { // encoded. VerifyMessage(ctx context.Context, msg, sig []byte, pubkey [33]byte) ( bool, error) + + // DeriveSharedKey returns a shared secret key by performing + // Diffie-Hellman key derivation between the ephemeral public key and + // the key specified by the key locator (or the node's identity private + // key if no key locator is specified): + // + // P_shared = privKeyNode * ephemeralPubkey + // + // The resulting shared public key is serialized in the compressed + // format and hashed with SHA256, resulting in a final key length of 256 + // bits. + DeriveSharedKey(ctx context.Context, ephemeralPubKey *btcec.PublicKey, + keyLocator *keychain.KeyLocator) ([32]byte, error) } type signerClient struct { @@ -152,3 +166,37 @@ func (s *signerClient) VerifyMessage(ctx context.Context, msg, sig []byte, } return resp.Valid, nil } + +// DeriveSharedKey returns a shared secret key by performing Diffie-Hellman key +// derivation between the ephemeral public key and the key specified by the key +// locator (or the node's identity private key if no key locator is specified): +// +// P_shared = privKeyNode * ephemeralPubkey +// +// The resulting shared public key is serialized in the compressed format and +// hashed with SHA256, resulting in a final key length of 256 bits. +func (s *signerClient) DeriveSharedKey(ctx context.Context, + ephemeralPubKey *btcec.PublicKey, + keyLocator *keychain.KeyLocator) ([32]byte, error) { + + rpcCtx, cancel := context.WithTimeout(ctx, rpcTimeout) + defer cancel() + + rpcIn := &signrpc.SharedKeyRequest{ + EphemeralPubkey: ephemeralPubKey.SerializeCompressed(), + KeyLoc: &signrpc.KeyLocator{ + KeyFamily: int32(keyLocator.Family), + KeyIndex: int32(keyLocator.Index), + }, + } + + rpcCtx = s.signerMac.WithMacaroonAuth(rpcCtx) + resp, err := s.client.DeriveSharedKey(rpcCtx, rpcIn) + if err != nil { + return [32]byte{}, err + } + + var sharedKey [32]byte + copy(sharedKey[:], resp.SharedKey) + return sharedKey, nil +} diff --git a/test/signer_mock.go b/test/signer_mock.go index 992da78..4e68c10 100644 --- a/test/signer_mock.go +++ b/test/signer_mock.go @@ -4,6 +4,7 @@ import ( "bytes" "context" + "github.com/btcsuite/btcd/btcec" "github.com/btcsuite/btcd/wire" "github.com/lightningnetwork/lnd/input" "github.com/lightningnetwork/lnd/keychain" @@ -42,3 +43,9 @@ func (s *mockSigner) VerifyMessage(ctx context.Context, msg, sig []byte, return mockAssertion, nil } + +func (s *mockSigner) DeriveSharedKey(context.Context, *btcec.PublicKey, + *keychain.KeyLocator) ([32]byte, error) { + + return [32]byte{4, 5, 6}, nil +}