From 8f64eb90af96b602398666ddf5fac24d0d1fcc84 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Thu, 9 Jul 2015 15:43:36 +0930 Subject: [PATCH] Switch over to CCAN's ripemd160. Avoids handing naked u8 arrays around, too. Signed-off-by: Rusty Russell --- Makefile | 5 ++++- bitcoin/address.c | 2 +- bitcoin/address.h | 4 ++-- bitcoin/base58.c | 36 ++++++++++++++++++------------------ bitcoin/base58.h | 7 +++---- bitcoin/script.c | 14 +++++++------- 6 files changed, 35 insertions(+), 33 deletions(-) diff --git a/Makefile b/Makefile index c9d8f3e69..3d7293d85 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ BITCOIN_OBJS := bitcoin/address.o bitcoin/base58.o bitcoin/pubkey.o bitcoin/scri HELPER_OBJS := lightning.pb-c.o pkt.o permute_tx.o anchor.o commit_tx.o opt_bits.o close_tx.o find_p2sh_out.o protobuf_convert.o -CCAN_OBJS := ccan-crypto-sha256.o ccan-crypto-shachain.o ccan-err.o ccan-tal.o ccan-tal-str.o ccan-take.o ccan-list.o ccan-str.o ccan-opt-helpers.o ccan-opt.o ccan-opt-parse.o ccan-opt-usage.o ccan-read_write_all.o ccan-str-hex.o ccan-tal-grab_file.o ccan-noerr.o +CCAN_OBJS := ccan-crypto-sha256.o ccan-crypto-shachain.o ccan-err.o ccan-tal.o ccan-tal-str.o ccan-take.o ccan-list.o ccan-str.o ccan-opt-helpers.o ccan-opt.o ccan-opt-parse.o ccan-opt-usage.o ccan-read_write_all.o ccan-str-hex.o ccan-tal-grab_file.o ccan-noerr.o ccan-crypto-ripemd160.o HEADERS := $(wildcard *.h) @@ -95,4 +95,7 @@ ccan-crypto-shachain.o: $(CCANDIR)/ccan/crypto/shachain/shachain.c $(CC) $(CFLAGS) -c -o $@ $< ccan-crypto-sha256.o: $(CCANDIR)/ccan/crypto/sha256/sha256.c $(CC) $(CFLAGS) -c -o $@ $< +ccan-crypto-ripemd160.o: $(CCANDIR)/ccan/crypto/ripemd160/ripemd160.c + $(CC) $(CFLAGS) -c -o $@ $< + diff --git a/bitcoin/address.c b/bitcoin/address.c index 3d39cd759..d1dbe22c7 100644 --- a/bitcoin/address.c +++ b/bitcoin/address.c @@ -7,5 +7,5 @@ void bitcoin_address(const struct pubkey *key, struct bitcoin_address *addr) struct sha256 h; sha256(&h, key->key, pubkey_len(key)); - RIPEMD160(h.u.u8, sizeof(h), addr->addr); + ripemd160(&addr->addr, h.u.u8, sizeof(h)); } diff --git a/bitcoin/address.h b/bitcoin/address.h index abf74efa4..b56572136 100644 --- a/bitcoin/address.h +++ b/bitcoin/address.h @@ -1,13 +1,13 @@ #ifndef LIGHTNING_BITCOIN_ADDRESS_H #define LIGHTNING_BITCOIN_ADDRESS_H #include -#include +#include struct pubkey; /* An address is the RIPEMD160 of the SHA of the public key. */ struct bitcoin_address { - u8 addr[RIPEMD160_DIGEST_LENGTH]; /* 20 */ + struct ripemd160 addr; }; void bitcoin_address(const struct pubkey *key, diff --git a/bitcoin/base58.c b/bitcoin/base58.c index 1944950d6..05b044413 100644 --- a/bitcoin/base58.c +++ b/bitcoin/base58.c @@ -143,17 +143,17 @@ void base58_get_checksum(u8 csum[4], const u8 buf[], size_t buflen) char *bitcoin_to_base58(const tal_t *ctx, bool test_net, const struct bitcoin_address *addr) { - u8 buf[1 + RIPEMD160_DIGEST_LENGTH + 4]; + u8 buf[1 + sizeof(addr->addr) + 4]; char out[BASE58_ADDR_MAX_LEN + 2], *p; buf[0] = test_net ? 111 : 0; - BUILD_ASSERT(sizeof(*addr) == RIPEMD160_DIGEST_LENGTH); - memcpy(buf+1, addr, RIPEMD160_DIGEST_LENGTH); + BUILD_ASSERT(sizeof(addr->addr) == sizeof(struct ripemd160)); + memcpy(buf+1, addr, sizeof(addr->addr)); /* Append checksum */ - base58_get_checksum(buf + 1 + RIPEMD160_DIGEST_LENGTH, - buf, 1 + RIPEMD160_DIGEST_LENGTH); + base58_get_checksum(buf + 1 + sizeof(addr->addr), + buf, 1 + sizeof(addr->addr)); p = encode_base58(out, BASE58_ADDR_MAX_LEN, buf, sizeof(buf)); return tal_strdup(ctx, p); @@ -163,7 +163,7 @@ bool bitcoin_from_base58(bool *test_net, struct bitcoin_address *addr, const char *base58, size_t base58_len) { - u8 buf[1 + RIPEMD160_DIGEST_LENGTH + 4]; + u8 buf[1 + sizeof(addr->addr) + 4]; BIGNUM bn; size_t len; u8 csum[4]; @@ -187,32 +187,32 @@ bool bitcoin_from_base58(bool *test_net, else return false; - base58_get_checksum(csum, buf, 1 + RIPEMD160_DIGEST_LENGTH); - if (memcmp(csum, buf + 1 + RIPEMD160_DIGEST_LENGTH, sizeof(csum)) != 0) + base58_get_checksum(csum, buf, 1 + sizeof(addr->addr)); + if (memcmp(csum, buf + 1 + sizeof(addr->addr), sizeof(csum)) != 0) return false; - BUILD_ASSERT(sizeof(*addr) == RIPEMD160_DIGEST_LENGTH); - memcpy(addr, buf+1, sizeof(*addr)); + memcpy(&addr->addr, buf+1, sizeof(addr->addr)); return true; } /* buf already contains version and ripemd160. Append checksum and encode */ char *base58_with_check(char dest[BASE58_ADDR_MAX_LEN], - u8 buf[1 + RIPEMD160_DIGEST_LENGTH + 4]) + u8 buf[1 + sizeof(struct ripemd160) + 4]) { /* Append checksum */ - base58_get_checksum(buf + 1 + RIPEMD160_DIGEST_LENGTH, - buf, 1 + RIPEMD160_DIGEST_LENGTH); + base58_get_checksum(buf + 1 + sizeof(struct ripemd160), + buf, 1 + sizeof(struct ripemd160)); /* Now encode. */ return encode_base58(dest, BASE58_ADDR_MAX_LEN, buf, - 1 + RIPEMD160_DIGEST_LENGTH + 4); + 1 + sizeof(struct ripemd160) + 4); } -bool ripemd_from_base58(u8 *version, u8 ripemd160[RIPEMD160_DIGEST_LENGTH], +bool ripemd_from_base58(u8 *version, + struct ripemd160 *ripemd160, const char *base58) { - u8 buf[1 + RIPEMD160_DIGEST_LENGTH + 4]; + u8 buf[1 + sizeof(*ripemd160) + 4]; u8 csum[4]; BIGNUM bn; size_t len; @@ -240,11 +240,11 @@ bool ripemd_from_base58(u8 *version, u8 ripemd160[RIPEMD160_DIGEST_LENGTH], /* Check checksum is correct. */ base58_get_checksum(csum, buf, sizeof(buf)); - if (memcmp(csum, buf + 1 + RIPEMD160_DIGEST_LENGTH, 4) != 0) + if (memcmp(csum, buf + 1 + sizeof(*ripemd160), 4) != 0) return false; *version = buf[0]; - memcpy(ripemd160, buf + 1, RIPEMD160_DIGEST_LENGTH); + memcpy(ripemd160, buf + 1, sizeof(*ripemd160)); return true; } diff --git a/bitcoin/base58.h b/bitcoin/base58.h index 8f699bd2e..a8a8e1ebc 100644 --- a/bitcoin/base58.h +++ b/bitcoin/base58.h @@ -1,9 +1,8 @@ #ifndef LIGHTNING_BITCOIN_BASE58_H #define LIGHTNING_BITCOIN_BASE58_H -/* FIXME: Use libsecpk1 */ +#include #include #include -#include #include #include #include @@ -30,11 +29,11 @@ bool bitcoin_from_base58(bool *test_net, struct bitcoin_address *addr, const char *base58, size_t len); -bool ripemd_from_base58(u8 *version, u8 ripemd160[RIPEMD160_DIGEST_LENGTH], +bool ripemd_from_base58(u8 *version, struct ripemd160 *ripemd160, const char *base58); char *base58_with_check(char dest[BASE58_ADDR_MAX_LEN], - u8 buf[1 + RIPEMD160_DIGEST_LENGTH + 4]); + u8 buf[1 + sizeof(struct ripemd160) + 4]); char *key_to_base58(const tal_t *ctx, bool test_net, const struct privkey *key); bool key_from_base58(const char *base58, size_t base58_len, diff --git a/bitcoin/script.c b/bitcoin/script.c index 3b907bf09..27ac373e8 100644 --- a/bitcoin/script.c +++ b/bitcoin/script.c @@ -1,6 +1,6 @@ +#include #include #include -#include #include #include "address.h" #include "pubkey.h" @@ -146,13 +146,13 @@ u8 *bitcoin_redeem_single(const tal_t *ctx, const struct pubkey *key) u8 *scriptpubkey_p2sh(const tal_t *ctx, const u8 *redeemscript) { struct sha256 h; - u8 redeemhash[RIPEMD160_DIGEST_LENGTH]; + struct ripemd160 redeemhash; u8 *script = tal_arr(ctx, u8, 0); add_op(&script, OP_HASH160); sha256(&h, redeemscript, tal_count(redeemscript)); - RIPEMD160(h.u.u8, sizeof(h), redeemhash); - add_push_bytes(&script, redeemhash, sizeof(redeemhash)); + ripemd160(&redeemhash, h.u.u8, sizeof(h)); + add_push_bytes(&script, redeemhash.u.u8, sizeof(redeemhash.u.u8)); add_op(&script, OP_EQUAL); return script; } @@ -247,7 +247,7 @@ u8 *bitcoin_redeem_revocable(const tal_t *ctx, const struct sha256 *rhash) { u8 *script = tal_arr(ctx, u8, 0); - u8 rhash_ripemd[RIPEMD160_DIGEST_LENGTH]; + struct ripemd160 rhash_ripemd; le32 locktime_le = cpu_to_le32(locktime); /* If there are two args: */ @@ -256,9 +256,9 @@ u8 *bitcoin_redeem_revocable(const tal_t *ctx, add_op(&script, OP_IF); /* Must hash to revocation_hash, and be signed by them. */ - RIPEMD160(rhash->u.u8, sizeof(rhash->u), rhash_ripemd); + ripemd160(&rhash_ripemd, rhash->u.u8, sizeof(rhash->u)); add_op(&script, OP_HASH160); - add_push_bytes(&script, rhash_ripemd, sizeof(rhash_ripemd)); + add_push_bytes(&script, rhash_ripemd.u.u8, sizeof(rhash_ripemd.u.u8)); add_op(&script, OP_EQUALVERIFY); add_push_key(&script, theirkey);