refactor to remove message_digest

Author: orbitalturtle

lightning/src/offers/invoice.rs

@@ -439,6 +439,7 @@ impl UnsignedBolt12Invoice {
 			bytes: self.bytes,
 			contents: self.contents,
 			signature,
+			tagged_hash: self.tagged_hash,
 		})
 	}
 }
@@ -463,6 +464,7 @@ pub struct Bolt12Invoice {
 	bytes: Vec<u8>,
 	contents: InvoiceContents,
 	signature: Signature,
+	tagged_hash: TaggedHash,
 }
 
 /// The contents of an [`Bolt12Invoice`] for responding to either an [`Offer`] or a [`Refund`].
@@ -707,7 +709,7 @@ impl Bolt12Invoice {
 
 	/// Hash that was used for signing the invoice.
 	pub fn signable_hash(&self) -> [u8; 32] {
-		merkle::message_digest(SIGNATURE_TAG, &self.bytes).as_ref().clone()
+		self.tagged_hash.as_digest().as_ref().clone()
 	}
 
 	/// Verifies that the invoice was for a request or refund created using the given key. Returns
@@ -1212,11 +1214,11 @@ impl TryFrom<ParsedMessage<FullInvoiceTlvStream>> for Bolt12Invoice {
 			None => return Err(Bolt12ParseError::InvalidSemantics(Bolt12SemanticError::MissingSignature)),
 			Some(signature) => signature,
 		};
-		let message = TaggedHash::new(SIGNATURE_TAG, &bytes);
+		let tagged_hash = TaggedHash::new(SIGNATURE_TAG, &bytes);
 		let pubkey = contents.fields().signing_pubkey;
-		merkle::verify_signature(&signature, message, pubkey)?;
+		merkle::verify_signature(&signature, tagged_hash.clone(), pubkey)?;
 
-		Ok(Bolt12Invoice { bytes, contents, signature })
+		Ok(Bolt12Invoice { bytes, contents, signature, tagged_hash })
 	}
 }
 

lightning/src/offers/merkle.rs

@@ -30,15 +30,17 @@ tlv_stream!(SignatureTlvStream, SignatureTlvStreamRef, SIGNATURE_TYPES, {
 ///
 /// [BIP 340]: https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki
 /// [BOLT 12]: https://github.com/rustyrussell/lightning-rfc/blob/guilt/offers/12-offer-encoding.md#signature-calculation
-#[derive(Debug, PartialEq)]
+#[derive(Clone, Debug, PartialEq)]
 pub struct TaggedHash(Message);
 
 impl TaggedHash {
 	/// Creates a tagged hash with the given parameters.
 	///
 	/// Panics if `tlv_stream` is not a well-formed TLV stream containing at least one TLV record.
 	pub(super) fn new(tag: &str, tlv_stream: &[u8]) -> Self {
-		Self(message_digest(tag, tlv_stream))
+		let tag = sha256::Hash::hash(tag.as_bytes());
+		let merkle_root = root_hash(tlv_stream);
+		Self(Message::from_slice(&tagged_hash(tag, merkle_root)).unwrap())
 	}
 
 	/// Returns the digest to sign.
@@ -99,12 +101,6 @@ pub(super) fn verify_signature(
 	secp_ctx.verify_schnorr(signature, digest, &pubkey)
 }
 
-pub(super) fn message_digest(tag: &str, bytes: &[u8]) -> Message {
-	let tag = sha256::Hash::hash(tag.as_bytes());
-	let merkle_root = root_hash(bytes);
-	Message::from_slice(&tagged_hash(tag, merkle_root)).unwrap()
-}
-
 /// Computes a merkle root hash for the given data, which must be a well-formed TLV stream
 /// containing at least one TLV record.
 fn root_hash(data: &[u8]) -> sha256::Hash {