Browse Source

gossipd: Verify signatures for incoming channel_announcements

ppa-0.6.1
Christian Decker 8 years ago
committed by Rusty Russell
parent
commit
58196b5a32
  1. 32
      daemon/routing.c

32
daemon/routing.c

@ -635,6 +635,26 @@ u8 *write_ip(const tal_t *ctx, const char *srcip, int port)
}
}
static bool check_channel_announcement(
const struct pubkey *node1_key, const struct pubkey *node2_key,
const struct pubkey *bitcoin1_key, const struct pubkey *bitcoin2_key,
const secp256k1_ecdsa_signature *node1_sig,
const secp256k1_ecdsa_signature *node2_sig,
const secp256k1_ecdsa_signature *bitcoin1_sig,
const secp256k1_ecdsa_signature *bitcoin2_sig, const u8 *announcement)
{
/* 2 byte msg type + 256 byte signatures */
int offset = 258;
struct sha256_double hash;
sha256_double(&hash, announcement + offset,
tal_len(announcement) - offset);
return check_signed_hash(&hash, node1_sig, node1_key) &&
check_signed_hash(&hash, node2_sig, node2_key) &&
check_signed_hash(&hash, bitcoin1_sig, bitcoin1_key) &&
check_signed_hash(&hash, bitcoin2_sig, bitcoin2_key);
}
void handle_channel_announcement(
struct routing_state *rstate,
const u8 *announce, size_t len)
@ -667,7 +687,6 @@ void handle_channel_announcement(
}
// FIXME: Check features!
//FIXME(cdecker) Check signatures, when the spec is settled
//FIXME(cdecker) Check chain topology for the anchor TX
log_debug(rstate->base_log,
@ -677,6 +696,17 @@ void handle_channel_announcement(
short_channel_id.outnum
);
if (!check_channel_announcement(&node_id_1, &node_id_2, &bitcoin_key_1,
&bitcoin_key_2, &node_signature_1,
&node_signature_2, &bitcoin_signature_1,
&bitcoin_signature_2, serialized)) {
log_debug(
rstate->base_log,
"Signature verification of channel announcement failed");
tal_free(tmpctx);
return;
}
forward |= add_channel_direction(rstate, &node_id_1, &node_id_2,
&short_channel_id, serialized);
forward |= add_channel_direction(rstate, &node_id_2, &node_id_1,

Loading…
Cancel
Save