Let invoice.Encode receive a function which hashes itself the message

Modify the SignCompact function passed to invoice.Encode to receive the message before it's hashed and hash it itself. With this modification, the SignMessage rpc function from the signrpc subserver can be used and an invoice can be encoded outside of lnd.
4 years ago · af01571fc6
4 changed files with 14 additions and 9 deletions
--- a/lnrpc/invoicesrpc/addinvoice.go
+++ b/lnrpc/invoicesrpc/addinvoice.go
@ -10,6 +10,7 @@ import (
 	"time"

 	"github.com/btcsuite/btcd/chaincfg"
+	"github.com/btcsuite/btcd/chaincfg/chainhash"
 	"github.com/btcsuite/btcutil"
 	"github.com/davecgh/go-spew/spew"

@ -387,7 +388,10 @@ func AddInvoice(ctx context.Context, cfg *AddInvoiceConfig,

 	payReqString, err := payReq.Encode(
 		zpay32.MessageSigner{
-			SignCompact: cfg.NodeSigner.SignDigestCompact,
+			SignCompact: func(msg []byte) ([]byte, error) {
+				hash := chainhash.HashB(msg)
+				return cfg.NodeSigner.SignDigestCompact(hash)
+			},
 		},
 	)
 	if err != nil {
--- a/zpay32/encode.go
+++ b/zpay32/encode.go
@ -70,12 +70,11 @@ func (invoice *Invoice) Encode(signer MessageSigner) (string, error) {
 	}

 	toSign := append([]byte(hrp), taggedFieldsBytes...)
-	hash := chainhash.HashB(toSign)

 	// We use compact signature format, and also encoded the recovery ID
 	// such that a reader of the invoice can recover our pubkey from the
 	// signature.
-	sign, err := signer.SignCompact(hash)
+	sign, err := signer.SignCompact(toSign)
 	if err != nil {
 		return "", err
 	}
@ -95,6 +94,7 @@ func (invoice *Invoice) Encode(signer MessageSigner) (string, error) {
 				"signature: %v", err)
 		}

+		hash := chainhash.HashB(toSign)
 		valid := signature.Verify(hash, invoice.Destination)
 		if !valid {
 			return "", fmt.Errorf("signature does not match " +
--- a/zpay32/invoice.go
+++ b/zpay32/invoice.go
@ -100,11 +100,11 @@ var (
 // MessageSigner is passed to the Encode method to provide a signature
 // corresponding to the node's pubkey.
 type MessageSigner struct {
-	// SignCompact signs the passed hash with the node's privkey. The
-	// returned signature should be 65 bytes, where the last 64 are the
+	// SignCompact signs the hash of the passed msg with the node's privkey.
+	// The returned signature should be 65 bytes, where the last 64 are the
 	// compact signature, and the first one is a header byte. This is the
 	// format returned by btcec.SignCompact.
-	SignCompact func(hash []byte) ([]byte, error)
+	SignCompact func(msg []byte) ([]byte, error)
 }

 // Invoice represents a decoded invoice, or to-be-encoded invoice. Some of the
--- a/zpay32/invoice_test.go
+++ b/zpay32/invoice_test.go
@ -101,9 +101,9 @@ var (
 	}

 	testMessageSigner = MessageSigner{
-		SignCompact: func(hash []byte) ([]byte, error) {
+		SignCompact: func(msg []byte) ([]byte, error) {
 			sig, err := btcec.SignCompact(btcec.S256(),
-				testPrivKey, hash, true)
+				testPrivKey, chainhash.HashB(msg), true)
 			if err != nil {
 				return nil, fmt.Errorf("can't sign the "+
 					"message: %v", err)
@ -915,7 +915,8 @@ func TestInvoiceChecksumMalleability(t *testing.T) {

 	privKey, _ := btcec.PrivKeyFromBytes(btcec.S256(), privKeyBytes)
 	msgSigner := MessageSigner{
-		SignCompact: func(hash []byte) ([]byte, error) {
+		SignCompact: func(msg []byte) ([]byte, error) {
+			hash := chainhash.HashB(msg)
 			return btcec.SignCompact(btcec.S256(), privKey, hash, true)
 		},
 	}