Add method to derive Peer Storage encryption key

Add get_peer_storage_key method to derive a 32-byte encryption key for securing Peer Storage.
This method utilizes HKDF with the node's secret key as input and a fixed info string to generate the encryption key.

 - Add 'get_peer_storage_key' to NodeSigner.
 - Implement 'get_peer_storage_key' for KeysManager & PhantomKeysManager.

Author: Aditya Sharma

lightning/src/ln/blinded_payment_tests.rs

@@ -1550,6 +1550,7 @@ fn route_blinding_spec_test_vector() {
 		fn sign_invoice(
 			&self, _invoice: &RawBolt11Invoice, _recipient: Recipient,
 		) -> Result<RecoverableSignature, ()> { unreachable!() }
+		fn get_peer_storage_key(&self) -> [u8;32] { unreachable!() }
 		fn sign_bolt12_invoice(
 			&self, _invoice: &UnsignedBolt12Invoice,
 		) -> Result<schnorr::Signature, ()> { unreachable!() }

lightning/src/sign/mod.rs

@@ -856,6 +856,35 @@ pub trait NodeSigner {
 	/// [phantom node payments]: PhantomKeysManager
 	fn get_inbound_payment_key(&self) -> ExpandedKey;
 
+	/// Generates a 32-byte key used for peer storage encryption.
+	///
+	/// This function derives an encryption key for peer storage by using the HKDF
+	/// (HMAC-based Key Derivation Function) with a specific label and the node
+	/// secret key. The derived key is used for encrypting or decrypting peer storage
+	/// data.
+	///
+	/// The process involves the following steps:
+	/// 1. Retrieves the node secret key.
+	/// 2. Uses the node secret key and the label `"Peer Storage Encryption Key"`
+	///    to perform HKDF extraction and expansion.
+	/// 3. Returns the first part of the derived key, which is a 32-byte array.
+	///
+	/// # Returns
+	///
+	/// Returns a 32-byte array that serves as the encryption key for peer storage.
+	///
+	/// # Panics
+	///
+	/// This function does not panic under normal circumstances, but failures in
+	/// obtaining the node secret key or issues within the HKDF function may cause
+	/// unexpected behavior.
+	///
+	/// # Notes
+	///
+	/// Ensure that the node secret key is securely managed, as it is crucial for
+	/// the security of the derived encryption key.
+	fn get_peer_storage_key(&self) -> [u8; 32];
+
 	/// Get node id based on the provided [`Recipient`].
 	///
 	/// This method must return the same value each time it is called with a given [`Recipient`]
@@ -2201,6 +2230,14 @@ impl NodeSigner for KeysManager {
 		self.inbound_payment_key.clone()
 	}
 
+	fn get_peer_storage_key(&self) -> [u8; 32] {
+		let (t1, _) = hkdf_extract_expand_twice(
+			b"Peer Storage Encryption Key",
+			&self.get_node_secret_key().secret_bytes(),
+		);
+		t1
+	}
+
 	fn sign_invoice(
 		&self, invoice: &RawBolt11Invoice, recipient: Recipient,
 	) -> Result<RecoverableSignature, ()> {
@@ -2370,6 +2407,14 @@ impl NodeSigner for PhantomKeysManager {
 		self.inbound_payment_key.clone()
 	}
 
+	fn get_peer_storage_key(&self) -> [u8; 32] {
+		let (t1, _) = hkdf_extract_expand_twice(
+			b"Peer Storage Encryption Key",
+			&self.get_node_secret_key().secret_bytes(),
+		);
+		t1
+	}
+
 	fn sign_invoice(
 		&self, invoice: &RawBolt11Invoice, recipient: Recipient,
 	) -> Result<RecoverableSignature, ()> {

lightning/src/util/test_utils.rs

@@ -1460,6 +1460,10 @@ impl NodeSigner for TestNodeSigner {
 		unreachable!()
 	}
 
+	fn get_peer_storage_key(&self) -> [u8; 32] {
+		unreachable!()
+	}
+
 	fn get_node_id(&self, recipient: Recipient) -> Result<PublicKey, ()> {
 		let node_secret = match recipient {
 			Recipient::Node => Ok(&self.node_secret),
@@ -1538,6 +1542,10 @@ impl NodeSigner for TestKeysInterface {
 		self.backing.sign_invoice(invoice, recipient)
 	}
 
+	fn get_peer_storage_key(&self) -> [u8; 32] {
+		self.backing.get_peer_storage_key()
+	}
+
 	fn sign_bolt12_invoice(
 		&self, invoice: &UnsignedBolt12Invoice,
 	) -> Result<schnorr::Signature, ()> {