X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning%2Fsrc%2Fln%2Fonion_utils.rs;h=e952bd8e2e125c5d8c16ef6f8419e1c8a2579ba0;hb=98544772e2d5bd28f68a0e485dfe2eafed186cab;hp=db61f0c90d00530eaf6a6e612ad837d7244beac2;hpb=61ab1f85130de9b8a4346c821b34a145692e85e6;p=rust-lightning

diff --git a/lightning/src/ln/onion_utils.rs b/lightning/src/ln/onion_utils.rs
index db61f0c9..e952bd8e 100644
--- a/lightning/src/ln/onion_utils.rs
+++ b/lightning/src/ln/onion_utils.rs
@@ -93,7 +93,7 @@ pub(super) fn gen_pad_from_shared_secret(shared_secret: &[u8]) -> [u8; 32] {
 }
 
 /// Calculates a pubkey for the next hop, such as the next hop's packet pubkey or blinding point.
-pub(crate) fn next_hop_pubkey<T: secp256k1::Signing + secp256k1::Verification>(
+pub(crate) fn next_hop_pubkey<T: secp256k1::Verification>(
 	secp_ctx: &Secp256k1<T>, curr_pubkey: PublicKey, shared_secret: &[u8]
 ) -> Result<PublicKey, secp256k1::Error> {
 	let blinding_factor = {
@@ -426,7 +426,7 @@ pub(super) fn build_first_hop_failure_packet(shared_secret: &[u8], failure_type:
 pub(crate) struct DecodedOnionFailure {
 	pub(crate) network_update: Option<NetworkUpdate>,
 	pub(crate) short_channel_id: Option<u64>,
-	pub(crate) payment_retryable: bool,
+	pub(crate) payment_failed_permanently: bool,
 	#[cfg(test)]
 	pub(crate) onion_error_code: Option<u16>,
 	#[cfg(test)]
@@ -474,11 +474,33 @@ pub(super) fn process_onion_failure<T: secp256k1::Signing, L: Deref>(
 				// Got an error from within a blinded route.
 				error_code_ret = Some(BADONION | PERM | 24); // invalid_onion_blinding
 				error_packet_ret = Some(vec![0; 32]);
-				is_from_final_node = false;
+				res = Some(FailureLearnings {
+					network_update: None, short_channel_id: None, payment_failed_permanently: false
+				});
 				return
 			},
 		};
 
+		// The failing hop includes either the inbound channel to the recipient or the outbound channel
+		// from the current hop (i.e., the next hop's inbound channel).
+		let num_blinded_hops = path.blinded_tail.as_ref().map_or(0, |bt| bt.hops.len());
+		// For 1-hop blinded paths, the final `path.hops` entry is the recipient.
+		is_from_final_node = route_hop_idx + 1 == path.hops.len() && num_blinded_hops <= 1;
+		let failing_route_hop = if is_from_final_node { route_hop } else {
+			match path.hops.get(route_hop_idx + 1) {
+				Some(hop) => hop,
+				None => {
+					// The failing hop is within a multi-hop blinded path.
+					error_code_ret = Some(BADONION | PERM | 24); // invalid_onion_blinding
+					error_packet_ret = Some(vec![0; 32]);
+					res = Some(FailureLearnings {
+						network_update: None, short_channel_id: None, payment_failed_permanently: false
+					});
+					return
+				}
+			}
+		};
+
 		let amt_to_forward = htlc_msat - route_hop.fee_msat;
 		htlc_msat = amt_to_forward;
 
@@ -490,11 +512,6 @@ pub(super) fn process_onion_failure<T: secp256k1::Signing, L: Deref>(
 		chacha.process(&packet_decrypted, &mut decryption_tmp[..]);
 		packet_decrypted = decryption_tmp;
 
-		// The failing hop includes either the inbound channel to the recipient or the outbound channel
-		// from the current hop (i.e., the next hop's inbound channel).
-		is_from_final_node = route_hop_idx + 1 == path.hops.len();
-		let failing_route_hop = if is_from_final_node { route_hop } else { &path.hops[route_hop_idx + 1] };
-
 		let err_packet = match msgs::DecodedOnionErrorPacket::read(&mut Cursor::new(&packet_decrypted)) {
 			Ok(p) => p,
 			Err(_) => return
@@ -624,8 +641,9 @@ pub(super) fn process_onion_failure<T: secp256k1::Signing, L: Deref>(
 							} else {
 								// The node in question intentionally encoded a 0-length channel update. This is
 								// likely due to https://github.com/ElementsProject/lightning/issues/6200.
+								short_channel_id = Some(failing_route_hop.short_channel_id);
 								network_update = Some(NetworkUpdate::ChannelFailure {
-									short_channel_id: route_hop.short_channel_id,
+									short_channel_id: failing_route_hop.short_channel_id,
 									is_permanent: false,
 								});
 							}
@@ -684,7 +702,7 @@ pub(super) fn process_onion_failure<T: secp256k1::Signing, L: Deref>(
 		network_update, short_channel_id, payment_failed_permanently
 	}) = res {
 		DecodedOnionFailure {
-			network_update, short_channel_id, payment_retryable: !payment_failed_permanently,
+			network_update, short_channel_id, payment_failed_permanently,
 			#[cfg(test)]
 			onion_error_code: error_code_ret,
 			#[cfg(test)]
@@ -694,7 +712,7 @@ pub(super) fn process_onion_failure<T: secp256k1::Signing, L: Deref>(
 		// only not set either packet unparseable or hmac does not match with any
 		// payment not retryable only when garbage is from the final node
 		DecodedOnionFailure {
-			network_update: None, short_channel_id: None, payment_retryable: !is_from_final_node,
+			network_update: None, short_channel_id: None, payment_failed_permanently: is_from_final_node,
 			#[cfg(test)]
 			onion_error_code: None,
 			#[cfg(test)]
@@ -838,7 +856,7 @@ impl HTLCFailReason {
 				if let &HTLCSource::OutboundRoute { ref path, .. } = htlc_source {
 					DecodedOnionFailure {
 						network_update: None,
-						payment_retryable: true,
+						payment_failed_permanently: false,
 						short_channel_id: Some(path.hops[0].short_channel_id),
 						#[cfg(test)]
 						onion_error_code: Some(*failure_code),
@@ -917,6 +935,27 @@ pub(crate) fn decode_next_payment_hop<NS: Deref>(
 	}
 }
 
+/// Build a payment onion, returning the first hop msat and cltv values as well.
+/// `cur_block_height` should be set to the best known block height + 1.
+pub fn create_payment_onion<T: secp256k1::Signing>(
+	secp_ctx: &Secp256k1<T>, path: &Path, session_priv: &SecretKey, total_msat: u64,
+	recipient_onion: RecipientOnionFields, cur_block_height: u32, payment_hash: &PaymentHash,
+	keysend_preimage: &Option<PaymentPreimage>, prng_seed: [u8; 32]
+) -> Result<(msgs::OnionPacket, u64, u32), APIError> {
+	let onion_keys = construct_onion_keys(&secp_ctx, &path, &session_priv)
+		.map_err(|_| APIError::InvalidRoute{
+			err: "Pubkey along hop was maliciously selected".to_owned()
+		})?;
+	let (onion_payloads, htlc_msat, htlc_cltv) = build_onion_payloads(
+		&path, total_msat, recipient_onion, cur_block_height, keysend_preimage
+	)?;
+	let onion_packet = construct_onion_packet(onion_payloads, onion_keys, prng_seed, payment_hash)
+		.map_err(|_| APIError::InvalidRoute{
+			err: "Route size too large considering onion data".to_owned()
+		})?;
+	Ok((onion_packet, htlc_msat, htlc_cltv))
+}
+
 pub(crate) fn decode_next_untagged_hop<T, R: ReadableArgs<T>, N: NextPacketBytes>(shared_secret: [u8; 32], hop_data: &[u8], hmac_bytes: [u8; 32], read_args: T) -> Result<(R, Option<([u8; 32], N)>), OnionDecodeErr> {
 	decode_next_hop(shared_secret, hop_data, hmac_bytes, None, read_args)
 }
@@ -1028,27 +1067,27 @@ mod tests {
 					RouteHop {
 						pubkey: PublicKey::from_slice(&hex::decode("02eec7245d6b7d2ccb30380bfbe2a3648cd7a942653f5aa340edcea1f283686619").unwrap()[..]).unwrap(),
 						channel_features: ChannelFeatures::empty(), node_features: NodeFeatures::empty(),
-						short_channel_id: 0, fee_msat: 0, cltv_expiry_delta: 0 // We fill in the payloads manually instead of generating them from RouteHops.
+						short_channel_id: 0, fee_msat: 0, cltv_expiry_delta: 0, maybe_announced_channel: true, // We fill in the payloads manually instead of generating them from RouteHops.
 					},
 					RouteHop {
 						pubkey: PublicKey::from_slice(&hex::decode("0324653eac434488002cc06bbfb7f10fe18991e35f9fe4302dbea6d2353dc0ab1c").unwrap()[..]).unwrap(),
 						channel_features: ChannelFeatures::empty(), node_features: NodeFeatures::empty(),
-						short_channel_id: 0, fee_msat: 0, cltv_expiry_delta: 0 // We fill in the payloads manually instead of generating them from RouteHops.
+						short_channel_id: 0, fee_msat: 0, cltv_expiry_delta: 0, maybe_announced_channel: true, // We fill in the payloads manually instead of generating them from RouteHops.
 					},
 					RouteHop {
 						pubkey: PublicKey::from_slice(&hex::decode("027f31ebc5462c1fdce1b737ecff52d37d75dea43ce11c74d25aa297165faa2007").unwrap()[..]).unwrap(),
 						channel_features: ChannelFeatures::empty(), node_features: NodeFeatures::empty(),
-						short_channel_id: 0, fee_msat: 0, cltv_expiry_delta: 0 // We fill in the payloads manually instead of generating them from RouteHops.
+						short_channel_id: 0, fee_msat: 0, cltv_expiry_delta: 0, maybe_announced_channel: true, // We fill in the payloads manually instead of generating them from RouteHops.
 					},
 					RouteHop {
 						pubkey: PublicKey::from_slice(&hex::decode("032c0b7cf95324a07d05398b240174dc0c2be444d96b159aa6c7f7b1e668680991").unwrap()[..]).unwrap(),
 						channel_features: ChannelFeatures::empty(), node_features: NodeFeatures::empty(),
-						short_channel_id: 0, fee_msat: 0, cltv_expiry_delta: 0 // We fill in the payloads manually instead of generating them from RouteHops.
+						short_channel_id: 0, fee_msat: 0, cltv_expiry_delta: 0, maybe_announced_channel: true, // We fill in the payloads manually instead of generating them from RouteHops.
 					},
 					RouteHop {
 						pubkey: PublicKey::from_slice(&hex::decode("02edabbd16b41c8371b92ef2f04c1185b4f03b6dcd52ba9b78d9d7c89c8f221145").unwrap()[..]).unwrap(),
 						channel_features: ChannelFeatures::empty(), node_features: NodeFeatures::empty(),
-						short_channel_id: 0, fee_msat: 0, cltv_expiry_delta: 0 // We fill in the payloads manually instead of generating them from RouteHops.
+						short_channel_id: 0, fee_msat: 0, cltv_expiry_delta: 0, maybe_announced_channel: true, // We fill in the payloads manually instead of generating them from RouteHops.
 					},
 			], blinded_tail: None }],
 			route_params: None,