An invoice request is serialized as a TLV stream and encoded as bytes.
Add a fuzz test that parses the TLV stream and deserializes the
underlying InvoiceRequest. Then compare the original bytes with those
obtained by re-serializing the InvoiceRequest.
GEN_TEST chanmon_deser
GEN_TEST chanmon_consistency
GEN_TEST full_stack
+GEN_TEST invoice_request_deser
GEN_TEST offer_deser
GEN_TEST onion_message
GEN_TEST peer_crypt
--- /dev/null
+// This file is Copyright its original authors, visible in version control
+// history.
+//
+// This file is licensed under the Apache License, Version 2.0 <LICENSE-APACHE
+// or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
+// You may not use this file except in accordance with one or both of these
+// licenses.
+
+// This file is auto-generated by gen_target.sh based on target_template.txt
+// To modify it, modify target_template.txt and run gen_target.sh instead.
+
+#![cfg_attr(feature = "libfuzzer_fuzz", no_main)]
+
+#[cfg(not(fuzzing))]
+compile_error!("Fuzz targets need cfg=fuzzing");
+
+extern crate lightning_fuzz;
+use lightning_fuzz::invoice_request_deser::*;
+
+#[cfg(feature = "afl")]
+#[macro_use] extern crate afl;
+#[cfg(feature = "afl")]
+fn main() {
+ fuzz!(|data| {
+ invoice_request_deser_run(data.as_ptr(), data.len());
+ });
+}
+
+#[cfg(feature = "honggfuzz")]
+#[macro_use] extern crate honggfuzz;
+#[cfg(feature = "honggfuzz")]
+fn main() {
+ loop {
+ fuzz!(|data| {
+ invoice_request_deser_run(data.as_ptr(), data.len());
+ });
+ }
+}
+
+#[cfg(feature = "libfuzzer_fuzz")]
+#[macro_use] extern crate libfuzzer_sys;
+#[cfg(feature = "libfuzzer_fuzz")]
+fuzz_target!(|data: &[u8]| {
+ invoice_request_deser_run(data.as_ptr(), data.len());
+});
+
+#[cfg(feature = "stdin_fuzz")]
+fn main() {
+ use std::io::Read;
+
+ let mut data = Vec::with_capacity(8192);
+ std::io::stdin().read_to_end(&mut data).unwrap();
+ invoice_request_deser_run(data.as_ptr(), data.len());
+}
+
+#[test]
+fn run_test_cases() {
+ use std::fs;
+ use std::io::Read;
+ use lightning_fuzz::utils::test_logger::StringBuffer;
+
+ use std::sync::{atomic, Arc};
+ {
+ let data: Vec<u8> = vec![0];
+ invoice_request_deser_run(data.as_ptr(), data.len());
+ }
+ let mut threads = Vec::new();
+ let threads_running = Arc::new(atomic::AtomicUsize::new(0));
+ if let Ok(tests) = fs::read_dir("test_cases/invoice_request_deser") {
+ for test in tests {
+ let mut data: Vec<u8> = Vec::new();
+ let path = test.unwrap().path();
+ fs::File::open(&path).unwrap().read_to_end(&mut data).unwrap();
+ threads_running.fetch_add(1, atomic::Ordering::AcqRel);
+
+ let thread_count_ref = Arc::clone(&threads_running);
+ let main_thread_ref = std::thread::current();
+ threads.push((path.file_name().unwrap().to_str().unwrap().to_string(),
+ std::thread::spawn(move || {
+ let string_logger = StringBuffer::new();
+
+ let panic_logger = string_logger.clone();
+ let res = if ::std::panic::catch_unwind(move || {
+ invoice_request_deser_test(&data, panic_logger);
+ }).is_err() {
+ Some(string_logger.into_string())
+ } else { None };
+ thread_count_ref.fetch_sub(1, atomic::Ordering::AcqRel);
+ main_thread_ref.unpark();
+ res
+ })
+ ));
+ while threads_running.load(atomic::Ordering::Acquire) > 32 {
+ std::thread::park();
+ }
+ }
+ }
+ let mut failed_outputs = Vec::new();
+ for (test, thread) in threads.drain(..) {
+ if let Some(output) = thread.join().unwrap() {
+ println!("\nOutput of {}:\n{}\n", test, output);
+ failed_outputs.push(test);
+ }
+ }
+ if !failed_outputs.is_empty() {
+ println!("Test cases which failed: ");
+ for case in failed_outputs {
+ println!("{}", case);
+ }
+ panic!();
+ }
+}
--- /dev/null
+// This file is Copyright its original authors, visible in version control
+// history.
+//
+// This file is licensed under the Apache License, Version 2.0 <LICENSE-APACHE
+// or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
+// You may not use this file except in accordance with one or both of these
+// licenses.
+
+use bitcoin::secp256k1::{KeyPair, Parity, PublicKey, Secp256k1, SecretKey, self};
+use crate::utils::test_logger;
+use core::convert::{Infallible, TryFrom};
+use lightning::chain::keysinterface::EntropySource;
+use lightning::ln::PaymentHash;
+use lightning::ln::features::BlindedHopFeatures;
+use lightning::offers::invoice::{BlindedPayInfo, UnsignedInvoice};
+use lightning::offers::invoice_request::InvoiceRequest;
+use lightning::offers::parse::SemanticError;
+use lightning::onion_message::BlindedPath;
+use lightning::util::ser::Writeable;
+
+#[inline]
+pub fn do_test<Out: test_logger::Output>(data: &[u8], _out: Out) {
+ if let Ok(invoice_request) = InvoiceRequest::try_from(data.to_vec()) {
+ let mut bytes = Vec::with_capacity(data.len());
+ invoice_request.write(&mut bytes).unwrap();
+ assert_eq!(data, bytes);
+
+ let secp_ctx = Secp256k1::new();
+ let keys = KeyPair::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
+ let mut buffer = Vec::new();
+
+ if let Ok(unsigned_invoice) = build_response(&invoice_request, &secp_ctx) {
+ let signing_pubkey = unsigned_invoice.signing_pubkey();
+ let (x_only_pubkey, _) = keys.x_only_public_key();
+ let odd_pubkey = x_only_pubkey.public_key(Parity::Odd);
+ let even_pubkey = x_only_pubkey.public_key(Parity::Even);
+ if signing_pubkey == odd_pubkey || signing_pubkey == even_pubkey {
+ unsigned_invoice
+ .sign::<_, Infallible>(
+ |digest| Ok(secp_ctx.sign_schnorr_no_aux_rand(digest, &keys))
+ )
+ .unwrap()
+ .write(&mut buffer)
+ .unwrap();
+ } else {
+ unsigned_invoice
+ .sign::<_, Infallible>(
+ |digest| Ok(secp_ctx.sign_schnorr_no_aux_rand(digest, &keys))
+ )
+ .unwrap_err();
+ }
+ }
+ }
+}
+
+struct Randomness;
+
+impl EntropySource for Randomness {
+ fn get_secure_random_bytes(&self) -> [u8; 32] { [42; 32] }
+}
+
+fn pubkey(byte: u8) -> PublicKey {
+ let secp_ctx = Secp256k1::new();
+ PublicKey::from_secret_key(&secp_ctx, &privkey(byte))
+}
+
+fn privkey(byte: u8) -> SecretKey {
+ SecretKey::from_slice(&[byte; 32]).unwrap()
+}
+
+fn build_response<'a, T: secp256k1::Signing + secp256k1::Verification>(
+ invoice_request: &'a InvoiceRequest, secp_ctx: &Secp256k1<T>
+) -> Result<UnsignedInvoice<'a>, SemanticError> {
+ let entropy_source = Randomness {};
+ let paths = vec![
+ BlindedPath::new(&[pubkey(43), pubkey(44), pubkey(42)], &entropy_source, secp_ctx).unwrap(),
+ BlindedPath::new(&[pubkey(45), pubkey(46), pubkey(42)], &entropy_source, secp_ctx).unwrap(),
+ ];
+
+ let payinfo = vec![
+ BlindedPayInfo {
+ fee_base_msat: 1,
+ fee_proportional_millionths: 1_000,
+ cltv_expiry_delta: 42,
+ htlc_minimum_msat: 100,
+ htlc_maximum_msat: 1_000_000_000_000,
+ features: BlindedHopFeatures::empty(),
+ },
+ BlindedPayInfo {
+ fee_base_msat: 1,
+ fee_proportional_millionths: 1_000,
+ cltv_expiry_delta: 42,
+ htlc_minimum_msat: 100,
+ htlc_maximum_msat: 1_000_000_000_000,
+ features: BlindedHopFeatures::empty(),
+ },
+ ];
+
+ let payment_paths = paths.into_iter().zip(payinfo.into_iter()).collect();
+ let payment_hash = PaymentHash([42; 32]);
+ invoice_request.respond_with(payment_paths, payment_hash)?.build()
+}
+
+pub fn invoice_request_deser_test<Out: test_logger::Output>(data: &[u8], out: Out) {
+ do_test(data, out);
+}
+
+#[no_mangle]
+pub extern "C" fn invoice_request_deser_run(data: *const u8, datalen: usize) {
+ do_test(unsafe { std::slice::from_raw_parts(data, datalen) }, test_logger::DevNull {});
+}
pub mod chanmon_consistency;
pub mod full_stack;
pub mod indexedmap;
+pub mod invoice_request_deser;
pub mod offer_deser;
pub mod onion_message;
pub mod peer_crypt;
void chanmon_deser_run(const unsigned char* data, size_t data_len);
void chanmon_consistency_run(const unsigned char* data, size_t data_len);
void full_stack_run(const unsigned char* data, size_t data_len);
+void invoice_request_deser_run(const unsigned char* data, size_t data_len);
void offer_deser_run(const unsigned char* data, size_t data_len);
void onion_message_run(const unsigned char* data, size_t data_len);
void peer_crypt_run(const unsigned char* data, size_t data_len);
}
impl<'a> UnsignedInvoice<'a> {
+ /// The public key corresponding to the key needed to sign the invoice.
+ pub fn signing_pubkey(&self) -> PublicKey {
+ self.invoice.fields().signing_pubkey
+ }
+
/// Signs the invoice using the given function.
pub fn sign<F, E>(self, sign: F) -> Result<Invoice, SignError<E>>
where
&self.contents.fields().features
}
- /// The public key used to sign invoices.
+ /// The public key corresponding to the key used to sign the invoice.
pub fn signing_pubkey(&self) -> PublicKey {
self.contents.fields().signing_pubkey
}
- /// Signature of the invoice using [`Invoice::signing_pubkey`].
+ /// Signature of the invoice verified using [`Invoice::signing_pubkey`].
pub fn signature(&self) -> Signature {
self.signature
}