Merge pull request #137 from wpaulino/signer-derive-shared-key

guggero · web-flow · commit a486760ebf66 · 2020-01-22T09:41:43.000+01:00
lndclient: expose DeriveSharedKey for SignerClient
diff --git a/go.mod b/go.mod
@@ -10,7 +10,7 @@ require (
 	github.com/google/go-cmp v0.3.1 // indirect
 	github.com/grpc-ecosystem/grpc-gateway v1.10.0
 	github.com/jessevdk/go-flags v1.4.0
-	github.com/lightningnetwork/lnd v0.8.0-beta-rc3.0.20200103000305-22e1f006b194
+	github.com/lightningnetwork/lnd v0.9.0-beta-rc3.0.20200121213302-a2977c4438b5
 	github.com/lightningnetwork/lnd/queue v1.0.2
 	github.com/urfave/cli v1.20.0
 	golang.org/x/crypto v0.0.0-20190829043050-9756ffdc2472 // indirect
diff --git a/go.sum b/go.sum
@@ -137,10 +137,10 @@ github.com/lightninglabs/gozmq v0.0.0-20191113021534-d20a764486bf/go.mod h1:vxmQ
 github.com/lightninglabs/neutrino v0.11.0 h1:lPpYFCtsfJX2W5zI4pWycPmbbBdr7zU+BafYdLoD6k0=
 github.com/lightninglabs/neutrino v0.11.0/go.mod h1:CuhF0iuzg9Sp2HO6ZgXgayviFTn1QHdSTJlMncK80wg=
 github.com/lightninglabs/protobuf-hex-display v1.3.3-0.20191212020323-b444784ce75d/go.mod h1:KDb67YMzoh4eudnzClmvs2FbiLG9vxISmLApUkCa4uI=
-github.com/lightningnetwork/lightning-onion v0.0.0-20191214001659-f34e9dc1651d h1:U50MHOOeL6gR3Ee/l0eMvZMpmRo+ydzmlQuIruCyCsA=
-github.com/lightningnetwork/lightning-onion v0.0.0-20191214001659-f34e9dc1651d/go.mod h1:rigfi6Af/KqsF7Za0hOgcyq2PNH4AN70AaMRxcJkff4=
-github.com/lightningnetwork/lnd v0.8.0-beta-rc3.0.20200103000305-22e1f006b194 h1:PCzjJcVWcMbkiQvzFNc3ta0JmiMprFDqzMZsSpd/km8=
-github.com/lightningnetwork/lnd v0.8.0-beta-rc3.0.20200103000305-22e1f006b194/go.mod h1:WHK90FD3m2n6OyWzondS7ho0Uhtgfp30Nxvj24lQYX4=
+github.com/lightningnetwork/lightning-onion v1.0.1 h1:qChGgS5+aPxFeR6JiUsGvanei1bn6WJpYbvosw/1604=
+github.com/lightningnetwork/lightning-onion v1.0.1/go.mod h1:rigfi6Af/KqsF7Za0hOgcyq2PNH4AN70AaMRxcJkff4=
+github.com/lightningnetwork/lnd v0.9.0-beta-rc3.0.20200121213302-a2977c4438b5 h1:qLO+I/7EggqegY8uu6k9TuE/5Tc5zV2L8gQGfgEV9LY=
+github.com/lightningnetwork/lnd v0.9.0-beta-rc3.0.20200121213302-a2977c4438b5/go.mod h1:sxMH8WLTqgERzBCrTrBCuDkT6SqAjZhnOWiAQSNzJ8A=
 github.com/lightningnetwork/lnd/cert v1.0.0 h1:J0gtf2UNQX2U+/j5cXnX2wIMSTuJuwrXv7m9qJr2wtw=
 github.com/lightningnetwork/lnd/cert v1.0.0/go.mod h1:fmtemlSMf5t4hsQmcprSoOykypAPp+9c+0d0iqTScMo=
 github.com/lightningnetwork/lnd/queue v1.0.1 h1:jzJKcTy3Nj5lQrooJ3aaw9Lau3I0IwvQR5sqtjdv2R0=
diff --git a/lndclient/signer_client.go b/lndclient/signer_client.go
@@ -3,6 +3,7 @@ package lndclient
 import (
 	"context"
 
+	"github.com/btcsuite/btcd/btcec"
 	"github.com/btcsuite/btcd/wire"
 	"github.com/lightninglabs/loop/swap"
 	"github.com/lightningnetwork/lnd/input"
@@ -26,6 +27,19 @@ type SignerClient interface {
 	// encoded.
 	VerifyMessage(ctx context.Context, msg, sig []byte, pubkey [33]byte) (
 		bool, error)
+
+	// DeriveSharedKey returns a shared secret key by performing
+	// Diffie-Hellman key derivation between the ephemeral public key and
+	// the key specified by the key locator (or the node's identity private
+	// key if no key locator is specified):
+	//
+	//     P_shared = privKeyNode * ephemeralPubkey
+	//
+	// The resulting shared public key is serialized in the compressed
+	// format and hashed with SHA256, resulting in a final key length of 256
+	// bits.
+	DeriveSharedKey(ctx context.Context, ephemeralPubKey *btcec.PublicKey,
+		keyLocator *keychain.KeyLocator) ([32]byte, error)
 }
 
 type signerClient struct {
@@ -152,3 +166,37 @@ func (s *signerClient) VerifyMessage(ctx context.Context, msg, sig []byte,
 	}
 	return resp.Valid, nil
 }
+
+// DeriveSharedKey returns a shared secret key by performing Diffie-Hellman key
+// derivation between the ephemeral public key and the key specified by the key
+// locator (or the node's identity private key if no key locator is specified):
+//
+//     P_shared = privKeyNode * ephemeralPubkey
+//
+// The resulting shared public key is serialized in the compressed format and
+// hashed with SHA256, resulting in a final key length of 256 bits.
+func (s *signerClient) DeriveSharedKey(ctx context.Context,
+	ephemeralPubKey *btcec.PublicKey,
+	keyLocator *keychain.KeyLocator) ([32]byte, error) {
+
+	rpcCtx, cancel := context.WithTimeout(ctx, rpcTimeout)
+	defer cancel()
+
+	rpcIn := &signrpc.SharedKeyRequest{
+		EphemeralPubkey: ephemeralPubKey.SerializeCompressed(),
+		KeyLoc: &signrpc.KeyLocator{
+			KeyFamily: int32(keyLocator.Family),
+			KeyIndex:  int32(keyLocator.Index),
+		},
+	}
+
+	rpcCtx = s.signerMac.WithMacaroonAuth(rpcCtx)
+	resp, err := s.client.DeriveSharedKey(rpcCtx, rpcIn)
+	if err != nil {
+		return [32]byte{}, err
+	}
+
+	var sharedKey [32]byte
+	copy(sharedKey[:], resp.SharedKey)
+	return sharedKey, nil
+}
diff --git a/test/signer_mock.go b/test/signer_mock.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"context"
 
+	"github.com/btcsuite/btcd/btcec"
 	"github.com/btcsuite/btcd/wire"
 	"github.com/lightningnetwork/lnd/input"
 	"github.com/lightningnetwork/lnd/keychain"
@@ -42,3 +43,9 @@ func (s *mockSigner) VerifyMessage(ctx context.Context, msg, sig []byte,
 
 	return mockAssertion, nil
 }
+
+func (s *mockSigner) DeriveSharedKey(context.Context, *btcec.PublicKey,
+	*keychain.KeyLocator) ([32]byte, error) {
+
+	return [32]byte{4, 5, 6}, nil
+}
