2017-03-27 20:25:44 +03:00
|
|
|
package discovery
|
|
|
|
|
|
|
|
import (
|
2017-12-02 06:24:33 +03:00
|
|
|
"bytes"
|
|
|
|
|
2017-08-23 21:30:50 +03:00
|
|
|
"github.com/davecgh/go-spew/spew"
|
2017-03-27 20:25:44 +03:00
|
|
|
"github.com/go-errors/errors"
|
|
|
|
"github.com/lightningnetwork/lnd/lnwire"
|
2018-06-05 04:34:16 +03:00
|
|
|
"github.com/btcsuite/btcd/btcec"
|
|
|
|
"github.com/btcsuite/btcd/chaincfg/chainhash"
|
2017-03-27 20:25:44 +03:00
|
|
|
)
|
|
|
|
|
2017-12-02 06:24:33 +03:00
|
|
|
// ValidateChannelAnn validates the channel announcement message and checks
|
2017-04-01 15:33:17 +03:00
|
|
|
// that node signatures covers the announcement message, and that the bitcoin
|
|
|
|
// signatures covers the node keys.
|
2017-12-02 06:24:33 +03:00
|
|
|
func ValidateChannelAnn(a *lnwire.ChannelAnnouncement) error {
|
2017-08-22 09:15:16 +03:00
|
|
|
// First, we'll compute the digest (h) which is to be signed by each of
|
|
|
|
// the keys included within the node announcement message. This hash
|
|
|
|
// digest includes all the keys, so the (up to 4 signatures) will
|
|
|
|
// attest to the validity of each of the keys.
|
|
|
|
data, err := a.DataToSign()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
dataHash := chainhash.DoubleHashB(data)
|
|
|
|
|
2017-04-01 15:33:17 +03:00
|
|
|
// First we'll verify that the passed bitcoin key signature is indeed a
|
2017-08-22 09:15:16 +03:00
|
|
|
// signature over the computed hash digest.
|
2018-01-31 07:23:14 +03:00
|
|
|
bitcoinSig1, err := a.BitcoinSig1.ToSignature()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
bitcoinKey1, err := btcec.ParsePubKey(a.BitcoinKey1[:], btcec.S256())
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if !bitcoinSig1.Verify(dataHash, bitcoinKey1) {
|
2017-03-27 20:25:44 +03:00
|
|
|
return errors.New("can't verify first bitcoin signature")
|
|
|
|
}
|
|
|
|
|
2017-04-01 15:33:17 +03:00
|
|
|
// If that checks out, then we'll verify that the second bitcoin
|
2017-08-22 09:15:16 +03:00
|
|
|
// signature is a valid signature of the bitcoin public key over hash
|
|
|
|
// digest as well.
|
2018-01-31 07:23:14 +03:00
|
|
|
bitcoinSig2, err := a.BitcoinSig2.ToSignature()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
bitcoinKey2, err := btcec.ParsePubKey(a.BitcoinKey2[:], btcec.S256())
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if !bitcoinSig2.Verify(dataHash, bitcoinKey2) {
|
2017-03-27 20:25:44 +03:00
|
|
|
return errors.New("can't verify second bitcoin signature")
|
|
|
|
}
|
|
|
|
|
2017-04-01 15:33:17 +03:00
|
|
|
// Both node signatures attached should indeed be a valid signature
|
|
|
|
// over the selected digest of the channel announcement signature.
|
2018-01-31 07:23:14 +03:00
|
|
|
nodeSig1, err := a.NodeSig1.ToSignature()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
nodeKey1, err := btcec.ParsePubKey(a.NodeID1[:], btcec.S256())
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if !nodeSig1.Verify(dataHash, nodeKey1) {
|
2017-03-27 20:25:44 +03:00
|
|
|
return errors.New("can't verify data in first node signature")
|
|
|
|
}
|
2018-01-31 07:23:14 +03:00
|
|
|
|
|
|
|
nodeSig2, err := a.NodeSig2.ToSignature()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
nodeKey2, err := btcec.ParsePubKey(a.NodeID2[:], btcec.S256())
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if !nodeSig2.Verify(dataHash, nodeKey2) {
|
2017-03-27 20:25:44 +03:00
|
|
|
return errors.New("can't verify data in second node signature")
|
|
|
|
}
|
2017-04-01 15:33:17 +03:00
|
|
|
|
2017-03-27 20:25:44 +03:00
|
|
|
return nil
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2017-12-02 06:24:33 +03:00
|
|
|
// ValidateNodeAnn validates the node announcement by ensuring that the
|
2017-04-01 15:33:17 +03:00
|
|
|
// attached signature is needed a signature of the node announcement under the
|
|
|
|
// specified node public key.
|
2017-12-02 06:24:33 +03:00
|
|
|
func ValidateNodeAnn(a *lnwire.NodeAnnouncement) error {
|
2017-04-01 15:33:17 +03:00
|
|
|
// Reconstruct the data of announcement which should be covered by the
|
|
|
|
// signature so we can verify the signature shortly below
|
2017-03-27 20:25:44 +03:00
|
|
|
data, err := a.DataToSign()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2018-01-31 07:23:14 +03:00
|
|
|
nodeSig, err := a.Signature.ToSignature()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
nodeKey, err := btcec.ParsePubKey(a.NodeID[:], btcec.S256())
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2017-04-01 15:33:17 +03:00
|
|
|
// Finally ensure that the passed signature is valid, if not we'll
|
|
|
|
// return an error so this node announcement can be rejected.
|
2017-03-27 20:25:44 +03:00
|
|
|
dataHash := chainhash.DoubleHashB(data)
|
2018-01-31 07:23:14 +03:00
|
|
|
if !nodeSig.Verify(dataHash, nodeKey) {
|
2017-12-02 06:24:33 +03:00
|
|
|
var msgBuf bytes.Buffer
|
|
|
|
if _, err := lnwire.WriteMessage(&msgBuf, a, 0); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return errors.Errorf("signature on NodeAnnouncement(%x) is "+
|
2018-01-31 07:23:14 +03:00
|
|
|
"invalid: %x", nodeKey.SerializeCompressed(),
|
2017-12-02 06:24:33 +03:00
|
|
|
msgBuf.Bytes())
|
2017-03-27 20:25:44 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2017-12-02 06:24:33 +03:00
|
|
|
// ValidateChannelUpdateAnn validates the channel update announcement by
|
2017-04-01 15:33:17 +03:00
|
|
|
// checking that the included signature covers he announcement and has been
|
|
|
|
// signed by the node's private key.
|
2017-12-02 06:24:33 +03:00
|
|
|
func ValidateChannelUpdateAnn(pubKey *btcec.PublicKey,
|
2017-04-20 02:20:46 +03:00
|
|
|
a *lnwire.ChannelUpdate) error {
|
2017-03-27 20:25:44 +03:00
|
|
|
|
|
|
|
data, err := a.DataToSign()
|
|
|
|
if err != nil {
|
2017-04-01 15:33:17 +03:00
|
|
|
return errors.Errorf("unable to reconstruct message: %v", err)
|
2017-03-27 20:25:44 +03:00
|
|
|
}
|
|
|
|
dataHash := chainhash.DoubleHashB(data)
|
|
|
|
|
2018-01-31 07:23:14 +03:00
|
|
|
nodeSig, err := a.Signature.ToSignature()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
if !nodeSig.Verify(dataHash, pubKey) {
|
2017-08-23 21:30:50 +03:00
|
|
|
return errors.Errorf("invalid signature for channel "+
|
|
|
|
"update %v", spew.Sdump(a))
|
2017-03-27 20:25:44 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|