From 9ba99d2b2d8ae547aa61abb4c7f6e5ff467f3e0f Mon Sep 17 00:00:00 2001 From: Christian Decker Date: Thu, 30 Nov 2017 17:07:38 +0100 Subject: [PATCH] hsm: Cleanup after merging control and client libraries Change all calls to use the correct serialization and deserialization functions, include the correct headers and remove the control messages. Signed-off-by: Christian Decker --- common/bolt11.c | 2 +- hsmd/Makefile | 13 ++----- hsmd/hsm.c | 45 ++++++++++++------------ hsmd/hsm_client_wire_csv | 6 ++++ hsmd/hsm_wire.csv | 70 ------------------------------------- lightningd/Makefile | 2 +- lightningd/gossip_control.c | 6 ++-- lightningd/hsm_control.c | 6 ++-- lightningd/invoice.c | 6 ++-- lightningd/peer_control.c | 14 ++++---- wallet/walletrpc.c | 16 ++++----- 11 files changed, 58 insertions(+), 128 deletions(-) delete mode 100644 hsmd/hsm_wire.csv diff --git a/common/bolt11.c b/common/bolt11.c index 49eed2151..213079f3d 100644 --- a/common/bolt11.c +++ b/common/bolt11.c @@ -11,7 +11,7 @@ #include #include #include -#include +#include #include #include #include diff --git a/hsmd/Makefile b/hsmd/Makefile index 8376d7fd1..fae738eeb 100644 --- a/hsmd/Makefile +++ b/hsmd/Makefile @@ -11,14 +11,9 @@ LIGHTNINGD_HSM_CLIENT_HEADERS := hsmd/client.h LIGHTNINGD_HSM_CLIENT_SRC := hsmd/client.c hsmd/gen_hsm_client_wire.c LIGHTNINGD_HSM_CLIENT_OBJS := $(LIGHTNINGD_HSM_CLIENT_SRC:.c=.o) -# Control daemon uses this: -LIGHTNINGD_HSM_CONTROL_HEADERS := hsmd/gen_hsm_wire.h -LIGHTNINGD_HSM_CONTROL_SRC := hsmd/gen_hsm_wire.c -LIGHTNINGD_HSM_CONTROL_OBJS := $(LIGHTNINGD_HSM_CONTROL_SRC:.c=.o) - # lightningd/hsm needs these: -LIGHTNINGD_HSM_HEADERS := hsmd/gen_hsm_client_wire.h \ - hsmd/gen_hsm_wire.h +LIGHTNINGD_HSM_HEADERS := hsmd/gen_hsm_client_wire.h + LIGHTNINGD_HSM_SRC := hsmd/hsm.c \ $(LIGHTNINGD_HSM_HEADERS:.h=.c) LIGHTNINGD_HSM_OBJS := $(LIGHTNINGD_HSM_SRC:.c=.o) @@ -50,8 +45,6 @@ LIGHTNINGD_HEADERS_GEN += $(LIGHTNINGD_HSM_HEADERS) $(LIGHTNINGD_HSM_CLIENT_HEAD $(LIGHTNINGD_HSM_OBJS) $(LIGHTNINGD_HSM_CLIENT_OBJS): $(LIGHTNINGD_HEADERS) -$(LIGHTNINGD_HSM_CONTROL_OBJS) : $(LIGHTNINGD_HSM_CONTROL_HEADERS) - # Make sure these depend on everything. ALL_OBJS += $(LIGHTNINGD_HSM_OBJS) $(LIGHTNINGD_HSM_CLIENT_OBJS) ALL_PROGRAMS += lightningd/lightning_hsmd @@ -83,4 +76,4 @@ clean: lightningd/hsm-clean lightningd/hsm-clean: $(RM) $(LIGHTNINGD_HSM_OBJS) hsmd/gen_* --include hsmd/test/Makefile +-include hsmd/test/Makefile diff --git a/hsmd/hsm.c b/hsmd/hsm.c index 7bb58993a..74e890e0d 100644 --- a/hsmd/hsm.c +++ b/hsmd/hsm.c @@ -28,7 +28,6 @@ #include #include #include -#include #include #include #include @@ -266,6 +265,7 @@ static bool check_client_capabilities(struct client *client, case WIRE_HSM_SIGN_WITHDRAWAL_REPLY: case WIRE_HSM_SIGN_INVOICE_REPLY: case WIRE_HSM_INIT_REPLY: + case WIRE_HSMSTATUS_CLIENT_BAD_REQUEST: break; } return false; @@ -333,6 +333,7 @@ static struct io_plan *handle_client(struct io_conn *conn, case WIRE_HSM_SIGN_WITHDRAWAL_REPLY: case WIRE_HSM_SIGN_INVOICE_REPLY: case WIRE_HSM_INIT_REPLY: + case WIRE_HSMSTATUS_CLIENT_BAD_REQUEST: break; } @@ -355,8 +356,8 @@ static void send_init_response(struct daemon_conn *master) "peer seed", strlen("peer seed")); node_key(NULL, &node_id); - msg = towire_hsmctl_init_reply(master, &node_id, &peer_seed, - &secretstuff.bip32); + msg = towire_hsm_init_reply(master, &node_id, &peer_seed, + &secretstuff.bip32); daemon_conn_send(master, take(msg)); } @@ -503,8 +504,8 @@ static void init_hsm(struct daemon_conn *master, const u8 *msg) { bool new; - if (!fromwire_hsmctl_init(msg, NULL, &new)) - master_badmsg(WIRE_HSMCTL_INIT, msg); + if (!fromwire_hsm_init(msg, NULL, &new)) + master_badmsg(WIRE_HSM_INIT, msg); if (new) create_new_hsm(master); @@ -520,15 +521,15 @@ static void pass_client_hsmfd(struct daemon_conn *master, const u8 *msg) u64 capabilities; struct pubkey id; - if (!fromwire_hsmctl_client_hsmfd(msg, NULL, &id, &capabilities)) - master_badmsg(WIRE_HSMCTL_CLIENT_HSMFD, msg); + if (!fromwire_hsm_client_hsmfd(msg, NULL, &id, &capabilities)) + master_badmsg(WIRE_HSM_CLIENT_HSMFD, msg); if (socketpair(AF_UNIX, SOCK_STREAM, 0, fds) != 0) status_failed(STATUS_FAIL_INTERNAL_ERROR, "creating fds: %s", strerror(errno)); new_client(master, &id, capabilities, handle_client, fds[0]); daemon_conn_send(master, - take(towire_hsmctl_client_hsmfd_reply(master))); + take(towire_hsm_client_hsmfd_reply(master))); daemon_conn_send_fd(master, fds[1]); } @@ -550,11 +551,11 @@ static void sign_funding_tx(struct daemon_conn *master, const u8 *msg) struct pubkey changekey; /* FIXME: Check fee is "reasonable" */ - if (!fromwire_hsmctl_sign_funding(tmpctx, msg, NULL, - &satoshi_out, &change_out, - &change_keyindex, &local_pubkey, - &remote_pubkey, &inputs)) - master_badmsg(WIRE_HSMCTL_SIGN_FUNDING, msg); + if (!fromwire_hsm_sign_funding(tmpctx, msg, NULL, + &satoshi_out, &change_out, + &change_keyindex, &local_pubkey, + &remote_pubkey, &inputs)) + master_badmsg(WIRE_HSM_SIGN_FUNDING, msg); utxomap = to_utxoptr_arr(tmpctx, inputs); @@ -586,7 +587,7 @@ static void sign_funding_tx(struct daemon_conn *master, const u8 *msg) } daemon_conn_send(master, - take(towire_hsmctl_sign_funding_reply(tmpctx, sig))); + take(towire_hsm_sign_funding_reply(tmpctx, sig))); tal_free(tmpctx); } @@ -606,9 +607,9 @@ static void sign_withdrawal_tx(struct daemon_conn *master, const u8 *msg) struct ext_key ext; struct pubkey changekey; - if (!fromwire_hsmctl_sign_withdrawal(tmpctx, msg, NULL, &satoshi_out, - &change_out, &change_keyindex, - destination.addr.u.u8, &utxos)) { + if (!fromwire_hsm_sign_withdrawal(tmpctx, msg, NULL, &satoshi_out, + &change_out, &change_keyindex, + destination.addr.u.u8, &utxos)) { status_trace("Failed to parse sign_withdrawal: %s", tal_hex(trc, msg)); return; @@ -644,7 +645,7 @@ static void sign_withdrawal_tx(struct daemon_conn *master, const u8 *msg) } daemon_conn_send(master, - take(towire_hsmctl_sign_withdrawal_reply(tmpctx, sigs))); + take(towire_hsm_sign_withdrawal_reply(tmpctx, sigs))); tal_free(tmpctx); } @@ -662,7 +663,7 @@ static void sign_invoice(struct daemon_conn *master, const u8 *msg) struct hash_u5 hu5; struct privkey node_pkey; - if (!fromwire_hsmctl_sign_invoice(tmpctx, msg, NULL, &u5bytes, &hrpu8)) { + if (!fromwire_hsm_sign_invoice(tmpctx, msg, NULL, &u5bytes, &hrpu8)) { status_trace("Failed to parse sign_invoice: %s", tal_hex(trc, msg)); return; @@ -689,7 +690,7 @@ static void sign_invoice(struct daemon_conn *master, const u8 *msg) } daemon_conn_send(master, - take(towire_hsmctl_sign_invoice_reply(tmpctx, &rsig))); + take(towire_hsm_sign_invoice_reply(tmpctx, &rsig))); tal_free(tmpctx); } @@ -703,7 +704,7 @@ static void sign_node_announcement(struct daemon_conn *master, const u8 *msg) u8 *reply; u8 *ann; - if (!fromwire_hsmctl_node_announcement_sig_req(msg, msg, NULL, &ann)) { + if (!fromwire_hsm_node_announcement_sig_req(msg, msg, NULL, &ann)) { status_trace("Failed to parse node_announcement_sig_req: %s", tal_hex(trc, msg)); return; @@ -720,7 +721,7 @@ static void sign_node_announcement(struct daemon_conn *master, const u8 *msg) sign_hash(&node_pkey, &hash, &sig); - reply = towire_hsmctl_node_announcement_sig_reply(msg, &sig); + reply = towire_hsm_node_announcement_sig_reply(msg, &sig); daemon_conn_send(master, take(reply)); } diff --git a/hsmd/hsm_client_wire_csv b/hsmd/hsm_client_wire_csv index cbc3ed8ae..6789ef8e5 100644 --- a/hsmd/hsm_client_wire_csv +++ b/hsmd/hsm_client_wire_csv @@ -1,3 +1,9 @@ +# Clients should not give a bad request but not the HSM's decision to crash. +hsmstatus_client_bad_request,1000 +hsmstatus_client_bad_request,,id,struct pubkey +hsmstatus_client_bad_request,,len,u16 +hsmstatus_client_bad_request,,msg,len*u8 + # Start the HSM. hsm_init,11 hsm_init,,new,bool diff --git a/hsmd/hsm_wire.csv b/hsmd/hsm_wire.csv deleted file mode 100644 index dc1faf6bc..000000000 --- a/hsmd/hsm_wire.csv +++ /dev/null @@ -1,70 +0,0 @@ -# Clients should not give a bad request but not the HSM's decision to crash. -hsmstatus_client_bad_request,1000 -hsmstatus_client_bad_request,,id,struct pubkey -hsmstatus_client_bad_request,,len,u16 -hsmstatus_client_bad_request,,msg,len*u8 - -# Start the HSM. -hsmctl_init,11 -hsmctl_init,,new,bool - -#include -hsmctl_init_reply,111 -hsmctl_init_reply,,node_id,struct pubkey -hsmctl_init_reply,,peer_seed,struct secret -hsmctl_init_reply,,bip32,struct ext_key - -# Get a new HSM FD, with the specified capabilities -hsmctl_client_hsmfd,9 -hsmctl_client_hsmfd,,pubkey,struct pubkey # Which identity to report for requests -hsmctl_client_hsmfd,,capabilities,u64 - -# No content, just an fd. -hsmctl_client_hsmfd_reply,109 - -# Return signature for a funding tx. -#include -# FIXME: This should also take their commit sig & details, to verify. -hsmctl_sign_funding,4 -hsmctl_sign_funding,,satoshi_out,u64 -hsmctl_sign_funding,,change_out,u64 -hsmctl_sign_funding,,change_keyindex,u32 -hsmctl_sign_funding,,our_pubkey,struct pubkey -hsmctl_sign_funding,,their_pubkey,struct pubkey -hsmctl_sign_funding,,num_inputs,u16 -hsmctl_sign_funding,,inputs,num_inputs*struct utxo - -hsmctl_sign_funding_reply,104 -hsmctl_sign_funding_reply,,num_sigs,u16 -hsmctl_sign_funding_reply,,sig,num_sigs*secp256k1_ecdsa_signature - -# Master asks the HSM to sign a node_announcement -hsmctl_node_announcement_sig_req,6 -hsmctl_node_announcement_sig_req,,annlen,u16 -hsmctl_node_announcement_sig_req,,announcement,annlen*u8 - -hsmctl_node_announcement_sig_reply,106 -hsmctl_node_announcement_sig_reply,,signature,secp256k1_ecdsa_signature - -# Sign a withdrawal request -hsmctl_sign_withdrawal,7 -hsmctl_sign_withdrawal,,satoshi_out,u64 -hsmctl_sign_withdrawal,,change_out,u64 -hsmctl_sign_withdrawal,,change_keyindex,u32 -hsmctl_sign_withdrawal,,pkh,20*u8 -hsmctl_sign_withdrawal,,num_inputs,u16 -hsmctl_sign_withdrawal,,inputs,num_inputs*struct utxo - -hsmctl_sign_withdrawal_reply,107 -hsmctl_sign_withdrawal_reply,,num_sigs,u16 -hsmctl_sign_withdrawal_reply,,sig,num_sigs*secp256k1_ecdsa_signature - -# Sign an invoice -hsmctl_sign_invoice,8 -hsmctl_sign_invoice,,len,u16 -hsmctl_sign_invoice,,u5bytes,len*u8 -hsmctl_sign_invoice,,hrplen,u16 -hsmctl_sign_invoice,,hrp,hrplen*u8 - -hsmctl_sign_invoice_reply,108 -hsmctl_sign_invoice_reply,,sig,secp256k1_ecdsa_recoverable_signature diff --git a/lightningd/Makefile b/lightningd/Makefile index de338623f..0d92e3151 100644 --- a/lightningd/Makefile +++ b/lightningd/Makefile @@ -101,7 +101,7 @@ check-makefile: check-lightningd-makefile check-lightningd-makefile: @for f in lightningd/*.h lightningd/*/*.h; do if ! echo $(LIGHTNINGD_HEADERS_NOGEN) $(LIGHTNINGD_HEADERS_GEN) "" | grep -q "$$f "; then echo $$f not mentioned in LIGHTNINGD_HEADERS_NOGEN or LIGHTNINGD_HEADERS_GEN >&2; exit 1; fi; done -lightningd/lightningd: $(LIGHTNINGD_OBJS) $(LIGHTNINGD_COMMON_OBJS) $(BITCOIN_OBJS) $(WIRE_OBJS) $(WIRE_ONION_OBJS) $(LIGHTNINGD_HSM_CONTROL_OBJS) $(LIGHTNINGD_HANDSHAKE_CONTROL_OBJS) $(LIGHTNINGD_GOSSIP_CONTROL_OBJS) $(LIGHTNINGD_OPENING_CONTROL_OBJS) $(LIGHTNINGD_CHANNEL_CONTROL_OBJS) $(LIGHTNINGD_CLOSING_CONTROL_OBJS) $(LIGHTNINGD_ONCHAIN_CONTROL_OBJS) $(WALLET_LIB_OBJS) +lightningd/lightningd: $(LIGHTNINGD_OBJS) $(LIGHTNINGD_COMMON_OBJS) $(BITCOIN_OBJS) $(WIRE_OBJS) $(WIRE_ONION_OBJS) $(LIGHTNINGD_HSM_CLIENT_OBJS) $(LIGHTNINGD_HANDSHAKE_CONTROL_OBJS) $(LIGHTNINGD_GOSSIP_CONTROL_OBJS) $(LIGHTNINGD_OPENING_CONTROL_OBJS) $(LIGHTNINGD_CHANNEL_CONTROL_OBJS) $(LIGHTNINGD_CLOSING_CONTROL_OBJS) $(LIGHTNINGD_ONCHAIN_CONTROL_OBJS) $(WALLET_LIB_OBJS) clean: lightningd-clean diff --git a/lightningd/gossip_control.c b/lightningd/gossip_control.c index 5f2a67ba8..0d7255ec6 100644 --- a/lightningd/gossip_control.c +++ b/lightningd/gossip_control.c @@ -11,7 +11,7 @@ #include #include #include -#include +#include #include #include #include @@ -104,12 +104,12 @@ void gossip_init(struct lightningd *ld) int hsmfd; u64 capabilities = HSM_CAP_ECDH | HSM_CAP_SIGN_GOSSIP; - msg = towire_hsmctl_client_hsmfd(tmpctx, &ld->id, capabilities); + msg = towire_hsm_client_hsmfd(tmpctx, &ld->id, capabilities); if (!wire_sync_write(ld->hsm_fd, msg)) fatal("Could not write to HSM: %s", strerror(errno)); msg = hsm_sync_read(tmpctx, ld); - if (!fromwire_hsmctl_client_hsmfd_reply(msg, NULL)) + if (!fromwire_hsm_client_hsmfd_reply(msg, NULL)) fatal("Malformed hsmfd response: %s", tal_hex(msg, msg)); hsmfd = fdpass_recv(ld->hsm_fd); diff --git a/lightningd/hsm_control.c b/lightningd/hsm_control.c index a4e06089a..f9596c59d 100644 --- a/lightningd/hsm_control.c +++ b/lightningd/hsm_control.c @@ -7,7 +7,7 @@ #include #include #include -#include +#include #include #include #include @@ -46,12 +46,12 @@ void hsm_init(struct lightningd *ld, bool newdir) else create = (access("hsm_secret", F_OK) != 0); - if (!wire_sync_write(ld->hsm_fd, towire_hsmctl_init(tmpctx, create))) + if (!wire_sync_write(ld->hsm_fd, towire_hsm_init(tmpctx, create))) err(1, "Writing init msg to hsm"); ld->wallet->bip32_base = tal(ld->wallet, struct ext_key); msg = hsm_sync_read(tmpctx, ld); - if (!fromwire_hsmctl_init_reply(msg, NULL, + if (!fromwire_hsm_init_reply(msg, NULL, &ld->id, &ld->peer_seed, ld->wallet->bip32_base)) diff --git a/lightningd/invoice.c b/lightningd/invoice.c index 46a040e06..685a49110 100644 --- a/lightningd/invoice.c +++ b/lightningd/invoice.c @@ -11,7 +11,7 @@ #include #include #include -#include +#include #include #include #include @@ -113,13 +113,13 @@ static bool hsm_sign_b11(const u5 *u5bytes, secp256k1_ecdsa_recoverable_signature *rsig, struct lightningd *ld) { - u8 *msg = towire_hsmctl_sign_invoice(ld, u5bytes, hrpu8); + u8 *msg = towire_hsm_sign_invoice(ld, u5bytes, hrpu8); if (!wire_sync_write(ld->hsm_fd, take(msg))) fatal("Could not write to HSM: %s", strerror(errno)); msg = hsm_sync_read(ld, ld); - if (!fromwire_hsmctl_sign_invoice_reply(msg, NULL, rsig)) + if (!fromwire_hsm_sign_invoice_reply(msg, NULL, rsig)) fatal("HSM gave bad sign_invoice_reply %s", tal_hex(msg, msg)); diff --git a/lightningd/peer_control.c b/lightningd/peer_control.c index 33febc4bd..bd3eb3137 100644 --- a/lightningd/peer_control.c +++ b/lightningd/peer_control.c @@ -24,7 +24,7 @@ #include #include #include -#include +#include #include #include #include @@ -1511,7 +1511,7 @@ static void opening_got_hsm_funding_sig(struct funding_channel *fc, struct json_result *response = new_json_result(fc->cmd); size_t i; - if (!fromwire_hsmctl_sign_funding_reply(fc, resp, NULL, &sigs)) + if (!fromwire_hsm_sign_funding_reply(fc, resp, NULL, &sigs)) fatal("HSM gave bad sign_funding_reply %s", tal_hex(fc, resp)); @@ -1612,14 +1612,14 @@ static void peer_channel_announce(struct peer *peer, const u8 *msg) return; } - msg = towire_hsmctl_node_announcement_sig_req( + msg = towire_hsm_node_announcement_sig_req( tmpctx, create_node_announcement(tmpctx, ld, NULL, timestamp)); if (!wire_sync_write(ld->hsm_fd, take(msg))) fatal("Could not write to HSM: %s", strerror(errno)); msg = hsm_sync_read(tmpctx, ld); - if (!fromwire_hsmctl_node_announcement_sig_reply(msg, NULL, &sig)) + if (!fromwire_hsm_node_announcement_sig_reply(msg, NULL, &sig)) fatal("HSM returned an invalid node_announcement sig"); /* We got the signature for out provisional node_announcement back @@ -2053,12 +2053,12 @@ static bool peer_start_channeld(struct peer *peer, } else assert(peer->our_msatoshi); - msg = towire_hsmctl_client_hsmfd(tmpctx, &peer->id, HSM_CAP_SIGN_GOSSIP | HSM_CAP_ECDH); + msg = towire_hsm_client_hsmfd(tmpctx, &peer->id, HSM_CAP_SIGN_GOSSIP | HSM_CAP_ECDH); if (!wire_sync_write(peer->ld->hsm_fd, take(msg))) fatal("Could not write to HSM: %s", strerror(errno)); msg = hsm_sync_read(tmpctx, peer->ld); - if (!fromwire_hsmctl_client_hsmfd_reply(msg, NULL)) + if (!fromwire_hsm_client_hsmfd_reply(msg, NULL)) fatal("Bad reply from HSM: %s", tal_hex(tmpctx, msg)); hsmfd = fdpass_recv(peer->ld->hsm_fd); @@ -2265,7 +2265,7 @@ static void opening_funder_finished(struct subd *opening, const u8 *resp, log_debug(fc->peer->log, "Getting HSM to sign funding tx"); utxos = from_utxoptr_arr(fc, fc->utxomap); - msg = towire_hsmctl_sign_funding(fc, fc->peer->funding_satoshi, + msg = towire_hsm_sign_funding(fc, fc->peer->funding_satoshi, fc->change, fc->change_keyindex, &local_fundingkey, &channel_info->remote_fundingkey, diff --git a/wallet/walletrpc.c b/wallet/walletrpc.c index 5e2027019..d8d1e0b9d 100644 --- a/wallet/walletrpc.c +++ b/wallet/walletrpc.c @@ -7,7 +7,7 @@ #include #include #include -#include +#include #include #include #include @@ -131,12 +131,12 @@ static void json_withdraw(struct command *cmd, withdraw->change_key_index = wallet_get_newindex(cmd->ld); utxos = from_utxoptr_arr(withdraw, withdraw->utxos); - u8 *msg = towire_hsmctl_sign_withdrawal(cmd, - withdraw->amount, - withdraw->changesatoshi, - withdraw->change_key_index, - withdraw->destination.addr.u.u8, - utxos); + u8 *msg = towire_hsm_sign_withdrawal(cmd, + withdraw->amount, + withdraw->changesatoshi, + withdraw->change_key_index, + withdraw->destination.addr.u.u8, + utxos); tal_free(utxos); if (!wire_sync_write(cmd->ld->hsm_fd, take(msg))) @@ -145,7 +145,7 @@ static void json_withdraw(struct command *cmd, msg = hsm_sync_read(cmd, cmd->ld); - if (!fromwire_hsmctl_sign_withdrawal_reply(withdraw, msg, NULL, &sigs)) + if (!fromwire_hsm_sign_withdrawal_reply(withdraw, msg, NULL, &sigs)) fatal("HSM gave bad sign_withdrawal_reply %s", tal_hex(withdraw, msg));