- // Advance the blinded onion message path by one hop, so make the second hop into the new
- // introduction node.
- pub(super) fn advance_message_path_by_one<NS: Deref, T: secp256k1::Signing + secp256k1::Verification>
- (&mut self, node_signer: &NS, secp_ctx: &Secp256k1<T>) -> Result<(), ()>
- where NS::Target: NodeSigner
- {
- let control_tlvs_ss = node_signer.ecdh(Recipient::Node, &self.blinding_point, None)?;
- let rho = onion_utils::gen_rho_from_shared_secret(&control_tlvs_ss.secret_bytes());
- let encrypted_control_tlvs = self.blinded_hops.remove(0).encrypted_payload;
- let mut s = Cursor::new(&encrypted_control_tlvs);
- let mut reader = FixedLengthReader::new(&mut s, encrypted_control_tlvs.len() as u64);
- match ChaChaPolyReadAdapter::read(&mut reader, rho) {
- Ok(ChaChaPolyReadAdapter { readable: ControlTlvs::Forward(ForwardTlvs {
- mut next_node_id, next_blinding_override,
- })}) => {
- let mut new_blinding_point = match next_blinding_override {
- Some(blinding_point) => blinding_point,
- None => {
- onion_utils::next_hop_pubkey(secp_ctx, self.blinding_point,
- control_tlvs_ss.as_ref()).map_err(|_| ())?
- }
- };
- mem::swap(&mut self.blinding_point, &mut new_blinding_point);
- mem::swap(&mut self.introduction_node_id, &mut next_node_id);
- Ok(())
- },
- _ => Err(())
- }
- }
-}
-
-/// Construct blinded onion message hops for the given `unblinded_path`.
-fn blinded_message_hops<T: secp256k1::Signing + secp256k1::Verification>(
- secp_ctx: &Secp256k1<T>, unblinded_path: &[PublicKey], session_priv: &SecretKey
-) -> Result<Vec<BlindedHop>, secp256k1::Error> {
- let mut blinded_hops = Vec::with_capacity(unblinded_path.len());
-
- let mut prev_ss_and_blinded_node_id = None;
- utils::construct_keys_callback(secp_ctx, unblinded_path, None, session_priv, |blinded_node_id, _, _, encrypted_payload_ss, unblinded_pk, _| {
- if let Some((prev_ss, prev_blinded_node_id)) = prev_ss_and_blinded_node_id {
- if let Some(pk) = unblinded_pk {
- let payload = ForwardTlvs {
- next_node_id: pk,
- next_blinding_override: None,
- };
- blinded_hops.push(BlindedHop {
- blinded_node_id: prev_blinded_node_id,
- encrypted_payload: encrypt_payload(payload, prev_ss),
- });
- } else { debug_assert!(false); }
- }
- prev_ss_and_blinded_node_id = Some((encrypted_payload_ss, blinded_node_id));
- })?;
-
- if let Some((final_ss, final_blinded_node_id)) = prev_ss_and_blinded_node_id {
- let final_payload = ReceiveTlvs { path_id: None };
- blinded_hops.push(BlindedHop {
- blinded_node_id: final_blinded_node_id,
- encrypted_payload: encrypt_payload(final_payload, final_ss),
- });
- } else { debug_assert!(false) }
-
- Ok(blinded_hops)
-}
+ /// Create a blinded path for a payment, to be forwarded along `intermediate_nodes`.
+ ///
+ /// Errors if:
+ /// * a provided node id is invalid
+ /// * [`BlindedPayInfo`] calculation results in an integer overflow
+ /// * any unknown features are required in the provided [`ForwardTlvs`]
+ ///
+ /// [`ForwardTlvs`]: crate::blinded_path::payment::ForwardTlvs
+ // TODO: make all payloads the same size with padding + add dummy hops
+ pub fn new_for_payment<ES: EntropySource, T: secp256k1::Signing + secp256k1::Verification>(
+ intermediate_nodes: &[payment::ForwardNode], payee_node_id: PublicKey,
+ payee_tlvs: payment::ReceiveTlvs, htlc_maximum_msat: u64, entropy_source: &ES,
+ secp_ctx: &Secp256k1<T>
+ ) -> Result<(BlindedPayInfo, Self), ()> {
+ let blinding_secret_bytes = entropy_source.get_secure_random_bytes();
+ let blinding_secret = SecretKey::from_slice(&blinding_secret_bytes[..]).expect("RNG is busted");