signrpc: use ECDH interface for shared key generation
This commit is contained in:
parent
f97e7b9951
commit
4003f25281
@ -5,7 +5,6 @@ package signrpc
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"crypto/sha256"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
@ -515,31 +514,15 @@ func (s *Server) DeriveSharedKey(_ context.Context, in *SharedKeyRequest) (
|
||||
locator.Index = uint32(in.KeyLoc.KeyIndex)
|
||||
}
|
||||
|
||||
// Derive our node's private key from the key ring.
|
||||
idPrivKey, err := s.cfg.KeyRing.DerivePrivKey(keychain.KeyDescriptor{
|
||||
KeyLocator: locator,
|
||||
})
|
||||
// Derive the shared key using ECDH and hashing the serialized
|
||||
// compressed shared point.
|
||||
keyDescriptor := keychain.KeyDescriptor{KeyLocator: locator}
|
||||
sharedKeyHash, err := s.cfg.KeyRing.ECDH(keyDescriptor, ephemeralPubkey)
|
||||
if err != nil {
|
||||
err := fmt.Errorf("unable to derive node private key: %v", err)
|
||||
err := fmt.Errorf("unable to derive shared key: %v", err)
|
||||
log.Error(err)
|
||||
return nil, err
|
||||
}
|
||||
idPrivKey.Curve = btcec.S256()
|
||||
|
||||
// Derive the shared key using ECDH and hashing the serialized
|
||||
// compressed shared point.
|
||||
sharedKeyHash := ecdh(ephemeralPubkey, idPrivKey)
|
||||
return &SharedKeyResponse{SharedKey: sharedKeyHash}, nil
|
||||
}
|
||||
|
||||
// ecdh performs an ECDH operation between pub and priv. The returned value is
|
||||
// the sha256 of the compressed shared point.
|
||||
func ecdh(pub *btcec.PublicKey, priv *btcec.PrivateKey) []byte {
|
||||
s := &btcec.PublicKey{}
|
||||
x, y := btcec.S256().ScalarMult(pub.X, pub.Y, priv.D.Bytes())
|
||||
s.X = x
|
||||
s.Y = y
|
||||
|
||||
h := sha256.Sum256(s.SerializeCompressed())
|
||||
return h[:]
|
||||
return &SharedKeyResponse{SharedKey: sharedKeyHash[:]}, nil
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user