multi: move node ann validation code to netann pkg

ellemouton · ellemouton · commit 1974903fb22c · 2025-02-07T07:30:00.000+02:00
The `netann` package is a more appropriate place for this code to live.
Also, once the funding transaction code is moved out of the
`graph.Builder`, then no `lnwire` validation will occur in the `graph`
package.
diff --git a/discovery/gossiper.go b/discovery/gossiper.go
@@ -1977,7 +1977,7 @@ func (d *AuthenticatedGossiper) fetchPKScript(chanID *lnwire.ShortChannelID) (
 func (d *AuthenticatedGossiper) addNode(msg *lnwire.NodeAnnouncement,
 	op ...batch.SchedulerOption) error {
 
-	if err := graph.ValidateNodeAnn(msg); err != nil {
+	if err := netann.ValidateNodeAnn(msg); err != nil {
 		return fmt.Errorf("unable to validate node announcement: %w",
 			err)
 	}
diff --git a/graph/ann_validation.go b/graph/ann_validation.go
diff --git a/netann/node_announcement.go b/netann/node_announcement.go
@@ -1,10 +1,14 @@
 package netann
 
 import (
+	"bytes"
 	"image/color"
 	"net"
 	"time"
 
+	"github.com/btcsuite/btcd/btcec/v2"
+	"github.com/btcsuite/btcd/chaincfg/chainhash"
+	"github.com/go-errors/errors"
 	"github.com/lightningnetwork/lnd/keychain"
 	"github.com/lightningnetwork/lnd/lnwallet"
 	"github.com/lightningnetwork/lnd/lnwire"
@@ -76,3 +80,40 @@ func SignNodeAnnouncement(signer lnwallet.MessageSigner,
 	nodeAnn.Signature, err = lnwire.NewSigFromSignature(sig)
 	return err
 }
+
+// ValidateNodeAnn validates the node announcement by ensuring that the
+// attached signature is needed a signature of the node announcement under the
+// specified node public key.
+func ValidateNodeAnn(a *lnwire.NodeAnnouncement) error {
+	// Reconstruct the data of announcement which should be covered by the
+	// signature so we can verify the signature shortly below
+	data, err := a.DataToSign()
+	if err != nil {
+		return err
+	}
+
+	nodeSig, err := a.Signature.ToSignature()
+	if err != nil {
+		return err
+	}
+	nodeKey, err := btcec.ParsePubKey(a.NodeID[:])
+	if err != nil {
+		return err
+	}
+
+	// Finally ensure that the passed signature is valid, if not we'll
+	// return an error so this node announcement can be rejected.
+	dataHash := chainhash.DoubleHashB(data)
+	if !nodeSig.Verify(dataHash, nodeKey) {
+		var msgBuf bytes.Buffer
+		if _, err := lnwire.WriteMessage(&msgBuf, a, 0); err != nil {
+			return err
+		}
+
+		return errors.Errorf("signature on NodeAnnouncement(%x) is "+
+			"invalid: %x", nodeKey.SerializeCompressed(),
+			msgBuf.Bytes())
+	}
+
+	return nil
+}

Original file line number	Diff line number	Diff line change
`@@ -1977,7 +1977,7 @@ func (d AuthenticatedGossiper) fetchPKScript(chanID lnwire.ShortChannelID) (`
`1977`	`1977`	`func (d AuthenticatedGossiper) addNode(msg lnwire.NodeAnnouncement,`
`1978`	`1978`	`op ...batch.SchedulerOption) error {`
`1979`	`1979`
`1980`		`- if err := graph.ValidateNodeAnn(msg); err != nil {`
	`1980`	`+ if err := netann.ValidateNodeAnn(msg); err != nil {`
`1981`	`1981`	`return fmt.Errorf("unable to validate node announcement: %w",`
`1982`	`1982`	`err)`
`1983`	`1983`	`}`