From 5b204f7e2dbfd410b8d340fb455e17e6a8627de5 Mon Sep 17 00:00:00 2001 From: Jeffrey Czyz Date: Wed, 4 Dec 2024 16:37:35 -0600 Subject: [PATCH] f - HMAC entire ReceiveTlvs --- lightning/src/ln/channelmanager.rs | 21 ++++----------------- lightning/src/ln/msgs.rs | 22 ++++++++++++++-------- lightning/src/ln/onion_payment.rs | 10 ++++------ 3 files changed, 22 insertions(+), 31 deletions(-) diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs index bb5df9f0000..66dd625b8fd 100644 --- a/lightning/src/ln/channelmanager.rs +++ b/lightning/src/ln/channelmanager.rs @@ -198,8 +198,6 @@ pub enum PendingHTLCRouting { custom_tlvs: Vec<(u64, Vec)>, /// Set if this HTLC is the final hop in a multi-hop blinded path. requires_blinded_error: bool, - /// An HMAC of `payment_context` along with a nonce used to construct it. - authentication: Option<(Hmac, Nonce)>, }, /// The onion indicates that this is for payment to us but which contains the preimage for /// claiming included, and is unrelated to any invoice we'd previously generated (aka a @@ -5996,19 +5994,19 @@ where let blinded_failure = routing.blinded_failure(); let ( cltv_expiry, onion_payload, payment_data, payment_context, phantom_shared_secret, - mut onion_fields, has_recipient_created_payment_secret, authentication, + mut onion_fields, has_recipient_created_payment_secret ) = match routing { PendingHTLCRouting::Receive { payment_data, payment_metadata, payment_context, incoming_cltv_expiry, phantom_shared_secret, custom_tlvs, - requires_blinded_error: _, authentication, + requires_blinded_error: _ } => { let _legacy_hop_data = Some(payment_data.clone()); let onion_fields = RecipientOnionFields { payment_secret: Some(payment_data.payment_secret), payment_metadata, custom_tlvs }; (incoming_cltv_expiry, OnionPayload::Invoice { _legacy_hop_data }, Some(payment_data), payment_context, phantom_shared_secret, onion_fields, - true, authentication) + true) }, PendingHTLCRouting::ReceiveKeysend { payment_data, payment_preimage, payment_metadata, @@ -6021,7 +6019,7 @@ where custom_tlvs, }; (incoming_cltv_expiry, OnionPayload::Spontaneous(payment_preimage), - payment_data, None, None, onion_fields, has_recipient_created_payment_secret, None) + payment_data, None, None, onion_fields, has_recipient_created_payment_secret) }, _ => { panic!("short_channel_id == 0 should imply any pending_forward entries are of type Receive"); @@ -6206,16 +6204,6 @@ where payment_preimage } else { fail_htlc!(claimable_htlc, payment_hash); } } else { None }; - - // Authenticate the PaymentContext received over a BlindedPaymentPath - if let Some(payment_context) = payment_context.as_ref() { - if let Some((hmac, nonce)) = authentication { - if payment_context.verify_for_offer_payment(hmac, nonce, &self.inbound_payment_key).is_err() { - fail_htlc!(claimable_htlc, payment_hash); - } - } - } - match claimable_htlc.onion_payload { OnionPayload::Invoice { .. } => { let payment_data = payment_data.unwrap(); @@ -12374,7 +12362,6 @@ impl_writeable_tlv_based_enum!(PendingHTLCRouting, (5, custom_tlvs, optional_vec), (7, requires_blinded_error, (default_value, false)), (9, payment_context, option), - (11, authentication, option), }, (2, ReceiveKeysend) => { (0, payment_preimage, required), diff --git a/lightning/src/ln/msgs.rs b/lightning/src/ln/msgs.rs index d03b9f4343a..ae20de2b925 100644 --- a/lightning/src/ln/msgs.rs +++ b/lightning/src/ln/msgs.rs @@ -32,6 +32,7 @@ use bitcoin::script::ScriptBuf; use bitcoin::hash_types::Txid; use crate::blinded_path::payment::{BlindedPaymentTlvs, ForwardTlvs, ReceiveTlvs}; +use crate::ln::channelmanager::Verification; use crate::ln::types::ChannelId; use crate::types::payment::{PaymentPreimage, PaymentHash, PaymentSecret}; use crate::types::features::{ChannelFeatures, ChannelTypeFeatures, InitFeatures, NodeFeatures}; @@ -1745,12 +1746,9 @@ pub struct FinalOnionHopData { } mod fuzzy_internal_msgs { - use bitcoin::hashes::hmac::Hmac; - use bitcoin::hashes::sha256::Hash as Sha256; use bitcoin::secp256k1::PublicKey; use crate::blinded_path::payment::{BlindedPaymentPath, PaymentConstraints, PaymentContext, PaymentRelay}; use crate::offers::invoice_request::InvoiceRequest; - use crate::offers::nonce::Nonce; use crate::types::payment::{PaymentPreimage, PaymentSecret}; use crate::types::features::{BlindedHopFeatures, Bolt12InvoiceFeatures}; use super::{FinalOnionHopData, TrampolineOnionPacket}; @@ -1794,7 +1792,6 @@ mod fuzzy_internal_msgs { intro_node_blinding_point: Option, keysend_preimage: Option, custom_tlvs: Vec<(u64, Vec)>, - authentication: (Hmac, Nonce), } } @@ -2911,9 +2908,19 @@ impl ReadableArgs<(Option, NS)> for InboundOnionPayload wh next_blinding_override, }) }, - ChaChaPolyReadAdapter { readable: BlindedPaymentTlvs::Receive(ReceiveTlvs { - payment_secret, payment_constraints, payment_context, authentication, - })} => { + ChaChaPolyReadAdapter { readable: BlindedPaymentTlvs::Receive(mut receive_tlvs) } => { + if let Some((hmac, nonce)) = receive_tlvs.authentication.take() { + let expanded_key = node_signer.get_inbound_payment_key(); + if receive_tlvs.verify_for_offer_payment(hmac, nonce, &expanded_key).is_err() { + return Err(DecodeError::InvalidValue); + } + } else { + return Err(DecodeError::InvalidValue); + } + + let ReceiveTlvs { + payment_secret, payment_constraints, payment_context, authentication: _, + } = receive_tlvs; if total_msat.unwrap_or(0) > MAX_VALUE_MSAT { return Err(DecodeError::InvalidValue) } Ok(Self::BlindedReceive { sender_intended_htlc_amt_msat: amt.ok_or(DecodeError::InvalidValue)?, @@ -2925,7 +2932,6 @@ impl ReadableArgs<(Option, NS)> for InboundOnionPayload wh intro_node_blinding_point, keysend_preimage, custom_tlvs, - authentication, }) }, } diff --git a/lightning/src/ln/onion_payment.rs b/lightning/src/ln/onion_payment.rs index 83076b22173..3da1830dfc7 100644 --- a/lightning/src/ln/onion_payment.rs +++ b/lightning/src/ln/onion_payment.rs @@ -135,19 +135,18 @@ pub(super) fn create_recv_pending_htlc_info( ) -> Result { let ( payment_data, keysend_preimage, custom_tlvs, onion_amt_msat, onion_cltv_expiry, - payment_metadata, payment_context, requires_blinded_error, has_recipient_created_payment_secret, - authentication, + payment_metadata, payment_context, requires_blinded_error, has_recipient_created_payment_secret ) = match hop_data { msgs::InboundOnionPayload::Receive { payment_data, keysend_preimage, custom_tlvs, sender_intended_htlc_amt_msat, cltv_expiry_height, payment_metadata, .. } => (payment_data, keysend_preimage, custom_tlvs, sender_intended_htlc_amt_msat, - cltv_expiry_height, payment_metadata, None, false, keysend_preimage.is_none(), None), + cltv_expiry_height, payment_metadata, None, false, keysend_preimage.is_none()), msgs::InboundOnionPayload::BlindedReceive { sender_intended_htlc_amt_msat, total_msat, cltv_expiry_height, payment_secret, intro_node_blinding_point, payment_constraints, payment_context, keysend_preimage, - custom_tlvs, authentication, + custom_tlvs } => { check_blinded_payment_constraints( sender_intended_htlc_amt_msat, cltv_expiry, &payment_constraints @@ -162,7 +161,7 @@ pub(super) fn create_recv_pending_htlc_info( let payment_data = msgs::FinalOnionHopData { payment_secret, total_msat }; (Some(payment_data), keysend_preimage, custom_tlvs, sender_intended_htlc_amt_msat, cltv_expiry_height, None, Some(payment_context), - intro_node_blinding_point.is_none(), true, Some(authentication)) + intro_node_blinding_point.is_none(), true) } msgs::InboundOnionPayload::Forward { .. } => { return Err(InboundHTLCErr { @@ -253,7 +252,6 @@ pub(super) fn create_recv_pending_htlc_info( phantom_shared_secret, custom_tlvs, requires_blinded_error, - authentication, } } else { return Err(InboundHTLCErr {