lightningd: get basepoints from hsmd, don't ever get seed.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
7 years ago · 231f14e645
9 changed files with 57 additions and 63 deletions
--- a/hsmd/hsm.c
+++ b/hsmd/hsm.c
@ -921,14 +921,11 @@ static struct io_plan *handle_client(struct io_conn *conn,
 static void send_init_response(struct daemon_conn *master)
 {
 	struct pubkey node_id;
-	struct secret peer_seed;
 	u8 *msg;

-	hsm_peer_secret_base(&peer_seed);
 	node_key(NULL, &node_id);

-	msg = towire_hsm_init_reply(NULL, &node_id, &peer_seed,
-				    &secretstuff.bip32);
+	msg = towire_hsm_init_reply(NULL, &node_id, &secretstuff.bip32);
 	daemon_conn_send(master, take(msg));
 }

--- a/hsmd/hsm_client_wire_csv
+++ b/hsmd/hsm_client_wire_csv
@ -10,7 +10,6 @@ hsm_init,11
 #include <common/bip32.h>
 hsm_init_reply,111
 hsm_init_reply,,node_id,struct pubkey
-hsm_init_reply,,peer_seed,struct secret
 hsm_init_reply,,bip32,struct ext_key

 # Get a new HSM FD, with the specified capabilities
--- a/lightningd/channel.c
+++ b/lightningd/channel.c
@ -2,15 +2,19 @@
 #include <ccan/crypto/hkdf_sha256/hkdf_sha256.h>
 #include <ccan/tal/str/str.h>
 #include <common/wire_error.h>
+#include <errno.h>
 #include <gossipd/gen_gossip_wire.h>
+#include <hsmd/gen_hsm_client_wire.h>
 #include <inttypes.h>
 #include <lightningd/channel.h>
 #include <lightningd/gen_channel_state_names.h>
+#include <lightningd/hsm_control.h>
 #include <lightningd/jsonrpc.h>
 #include <lightningd/lightningd.h>
 #include <lightningd/log.h>
 #include <lightningd/peer_control.h>
 #include <lightningd/subd.h>
+#include <wire/wire_sync.h>

 static bool connects_to_peer(struct subd *owner)
 {
@ -99,35 +103,24 @@ void delete_channel(struct channel *channel)
 		delete_peer(peer);
 }

-/* FIXME: We have no business knowing this! */
-/**
- * derive_channel_seed - Generate a unique secret for this peer's channel
- *
- * @ld: the lightning daemon to get global secret from
- * @seed: where to store the generated secret
- * @peer_id: the id node_id of the remote peer
- * @dbid: channel DBID
- *
- * This method generates a unique secret from the given parameters. It
- * is important that this secret be unique for each channel, but it
- * must be reproducible for the same channel in case of
- * reconnection. We use the DB channel ID to guarantee unique secrets
- * per channel.
- */
-void derive_channel_seed(struct lightningd *ld, struct secret *seed,
-			 const struct pubkey *peer_id,
-			 const u64 dbid)
+void get_channel_basepoints(struct lightningd *ld,
+			    const struct pubkey *peer_id,
+			    const u64 dbid,
+			    struct basepoints *local_basepoints,
+			    struct pubkey *local_funding_pubkey)
 {
-	u8 input[PUBKEY_DER_LEN + sizeof(dbid)];
-	char *info = "per-peer seed";
-	pubkey_to_der(input, peer_id);
-	memcpy(input + PUBKEY_DER_LEN, &dbid, sizeof(dbid));
+	u8 *msg;

 	assert(dbid != 0);
-	hkdf_sha256(seed, sizeof(*seed),
-		    input, sizeof(input),
-		    &ld->peer_seed, sizeof(ld->peer_seed),
-		    info, strlen(info));
+	msg = towire_hsm_get_channel_basepoints(NULL, peer_id, dbid);
+	if (!wire_sync_write(ld->hsm_fd, take(msg)))
+		fatal("Could not write to HSM: %s", strerror(errno));
+
+	msg = wire_sync_read(tmpctx, ld->hsm_fd);
+	if (!fromwire_hsm_get_channel_basepoints_reply(msg, local_basepoints,
+						       local_funding_pubkey))
+		fatal("HSM gave bad hsm_get_channel_basepoints_reply %s",
+		      tal_hex(msg, msg));
 }

 struct channel *new_channel(struct peer *peer, u64 dbid,
@ -231,7 +224,6 @@ struct channel *new_channel(struct peer *peer, u64 dbid,
 	channel->connected = connected;
 	channel->local_basepoints = *local_basepoints;
 	channel->local_funding_pubkey = *local_funding_pubkey;
-	derive_channel_seed(peer->ld, &channel->seed, &peer->id, channel->dbid);

 	list_add_tail(&peer->channels, &channel->list);
 	tal_add_destructor(channel, destroy_channel);
--- a/lightningd/channel.h
+++ b/lightningd/channel.h
@ -78,9 +78,6 @@ struct channel {
 	/* Keys for channel */
 	struct channel_info channel_info;

-	/* Secret seed (FIXME: Move to hsm!) */
-	struct secret seed;
-
 	/* Our local basepoints */
 	struct basepoints local_basepoints;

@ -211,9 +208,11 @@ static inline bool channel_active(const struct channel *channel)
 		&& !channel_on_chain(channel);
 }

-void derive_channel_seed(struct lightningd *ld, struct secret *seed,
-			 const struct pubkey *peer_id,
-			 const u64 dbid);
+void get_channel_basepoints(struct lightningd *ld,
+			    const struct pubkey *peer_id,
+			    const u64 dbid,
+			    struct basepoints *local_basepoints,
+			    struct pubkey *local_funding_pubkey);

 void channel_set_billboard(struct channel *channel, bool perm,
 			   const char *str TAKES);
--- a/lightningd/hsm_control.c
+++ b/lightningd/hsm_control.c
@ -63,8 +63,6 @@ void hsm_init(struct lightningd *ld)
 	ld->wallet->bip32_base = tal(ld->wallet, struct ext_key);
 	msg = wire_sync_read(tmpctx, ld->hsm_fd);
 	if (!fromwire_hsm_init_reply(msg,
-					&ld->id,
-					&ld->peer_seed,
-					ld->wallet->bip32_base))
+				     &ld->id, ld->wallet->bip32_base))
 		errx(1, "HSM did not give init reply");
 }
--- a/lightningd/lightningd.h
+++ b/lightningd/lightningd.h
@ -131,8 +131,6 @@ struct lightningd {

 	/* All peers we're tracking. */
 	struct list_head peers;
-	/* FIXME: This should stay in HSM */
-	struct secret peer_seed;

 	/* Outstanding connect commands. */
 	struct list_head connects;
--- a/lightningd/opening_control.c
+++ b/lightningd/opening_control.c
@ -46,9 +46,6 @@ struct uncommitted_channel {
 	/* If we offered channel, this contains information, otherwise NULL */
 	struct funding_channel *fc;

-	/* Secret seed (FIXME: Move to hsm!) */
-	struct secret seed;
-
 	/* Our basepoints for the channel. */
 	struct basepoints local_basepoints;

@ -622,11 +619,8 @@ new_uncommitted_channel(struct lightningd *ld,
 	uc->first_blocknum = get_block_height(ld->topology);
 	uc->our_config.id = 0;

-	/* FIXME: Keep these in HSM! */
-	derive_channel_seed(ld, &uc->seed, &uc->peer->id, uc->dbid);
-	derive_basepoints(&uc->seed,
-			  &uc->local_funding_pubkey, &uc->local_basepoints,
-			  NULL, NULL);
+	get_channel_basepoints(ld, &uc->peer->id, uc->dbid,
+			       &uc->local_basepoints, &uc->local_funding_pubkey);

 	uc->peer->uncommitted_channel = uc;
 	tal_add_destructor(uc, destroy_uncommitted_channel);
--- a/wallet/test/run-wallet.c
+++ b/wallet/test/run-wallet.c
@ -410,12 +410,6 @@ struct txowatch *watch_txo(const tal_t *ctx UNNEEDED,
 						   size_t input_num UNNEEDED,
 						   const struct block *block))
 { fprintf(stderr, "watch_txo called!\n"); abort(); }
-/* Generated stub for wire_sync_read */
-u8 *wire_sync_read(const tal_t *ctx UNNEEDED, int fd UNNEEDED)
-{ fprintf(stderr, "wire_sync_read called!\n"); abort(); }
-/* Generated stub for wire_sync_write */
-bool wire_sync_write(int fd UNNEEDED, const void *msg TAKES UNNEEDED)
-{ fprintf(stderr, "wire_sync_write called!\n"); abort(); }
 /* AUTOGENERATED MOCKS END */

 #if DEVELOPER
@ -423,6 +417,33 @@ bool dev_disconnect_permanent(struct lightningd *ld UNNEEDED)
 { fprintf(stderr, "dev_disconnect_permanent called!\n"); abort(); }
 #endif

+/* Fake stubs to talk to hsm */
+u8 *towire_hsm_get_channel_basepoints(const tal_t *ctx UNNEEDED, const struct pubkey *peerid UNNEEDED, u64 dbid UNNEEDED)
+{
+	return NULL;
+}
+bool wire_sync_write(int fd UNNEEDED, const void *msg TAKES UNNEEDED)
+{
+	return true;
+}
+u8 *wire_sync_read(const tal_t *ctx UNNEEDED, int fd UNNEEDED)
+{
+	return NULL;
+}
+bool fromwire_hsm_get_channel_basepoints_reply(const void *p UNNEEDED,
+					       struct basepoints *basepoints,
+					       struct pubkey *funding_pubkey)
+{
+	struct secret empty;
+	memset(&empty, 0, sizeof(empty));
+	pubkey_from_secret(&empty, funding_pubkey);
+	pubkey_from_secret(&empty, &basepoints->revocation);
+	pubkey_from_secret(&empty, &basepoints->payment);
+	pubkey_from_secret(&empty, &basepoints->htlc);
+	pubkey_from_secret(&empty, &basepoints->delayed_payment);
+	return true;
+}
+
 static char *wallet_err;
 static void wallet_fatal(const char *fmt, ...)
 {
--- a/wallet/wallet.c
+++ b/wallet/wallet.c
@ -566,7 +566,6 @@ static struct channel *wallet_stmt2channel(const tal_t *ctx, struct wallet *w, s
 	s64 final_key_idx;
 	struct basepoints local_basepoints;
 	struct pubkey local_funding_pubkey;
-	struct secret seed;

 	peer_dbid = sqlite3_column_int64(stmt, 1);
 	peer = find_peer_by_dbid(w->ld, peer_dbid);
@ -627,11 +626,8 @@ static struct channel *wallet_stmt2channel(const tal_t *ctx, struct wallet *w, s
 		return NULL;
 	}

-	/* FIXME: this belongs in HSM */
-	derive_channel_seed(w->ld, &seed, &peer->id,
-			    sqlite3_column_int64(stmt, 0));
-	derive_basepoints(&seed, &local_funding_pubkey, &local_basepoints,
-			  NULL, NULL);
+	get_channel_basepoints(w->ld, &peer->id, sqlite3_column_int64(stmt, 0),
+			       &local_basepoints, &local_funding_pubkey);
 	chan = new_channel(peer, sqlite3_column_int64(stmt, 0),
 			   &wshachain,
 			   sqlite3_column_int(stmt, 5),