sphinx: Use libsecp256k1 to generate shared secrets

So far we did it on our own, but since the spec specifies that we use the libsecp256k1 version anyway, we can remove our own implementation.
8 years ago · 285b8b4698
1 changed files with 3 additions and 14 deletions
--- a/daemon/sphinx.c
+++ b/daemon/sphinx.c
@ -8,6 +8,8 @@
 #include <err.h>
 #include <secp256k1_ecdh.h>
 #include <sodium/crypto_auth_hmacsha256.h>
 #include <sodium/crypto_stream_chacha20.h>
@ -258,22 +260,9 @@ static bool create_shared_secret(
 	const secp256k1_pubkey *pubkey,
 	const u8 *sessionkey)
 {
 	/* Need to copy since tweak is in-place */
 	secp256k1_pubkey pkcopy;
 	u8 ecres[33];
 	pkcopy = *pubkey;
-	if (secp256k1_ec_pubkey_tweak_mul(secp256k1_ctx, &pkcopy, sessionkey) != 1)
+	if (secp256k1_ecdh(secp256k1_ctx, secret, pubkey, sessionkey) != 1)
 		return false;
 	/* Serialize and strip first byte, this gives us the X coordinate */
 	size_t outputlen = 33;
 	secp256k1_ec_pubkey_serialize(secp256k1_ctx, ecres, &outputlen,
 				      &pkcopy, SECP256K1_EC_COMPRESSED);
 	struct sha256 h;
 	sha256(&h, ecres, sizeof(ecres));
 	memcpy(secret, &h, sizeof(h));
 	return true;
 }