X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning-invoice%2Fsrc%2Flib.rs;h=20bc5218ae5524d35bd2f4a15157e58ca08b6bf7;hb=4846570807e94b02b41367d4e91c85d7dbddf578;hp=04ba08bd8552c34379576b59047de719ef200ae3;hpb=c0bbd4d91877b3f7eca5b6aba877257acf4eec0b;p=rust-lightning diff --git a/lightning-invoice/src/lib.rs b/lightning-invoice/src/lib.rs index 04ba08bd..20bc5218 100644 --- a/lightning-invoice/src/lib.rs +++ b/lightning-invoice/src/lib.rs @@ -1,28 +1,48 @@ +// Prefix these with `rustdoc::` when we update our MSRV to be >= 1.52 to remove warnings. +#![deny(broken_intra_doc_links)] +#![deny(private_intra_doc_links)] + #![deny(missing_docs)] #![deny(non_upper_case_globals)] #![deny(non_camel_case_types)] #![deny(non_snake_case)] #![deny(unused_mut)] -#![deny(broken_intra_doc_links)] + +#![cfg_attr(docsrs, feature(doc_auto_cfg))] #![cfg_attr(feature = "strict", deny(warnings))] +#![cfg_attr(all(not(feature = "std"), not(test)), no_std)] //! This crate provides data structures to represent -//! [lightning BOLT11](https://github.com/lightningnetwork/lightning-rfc/blob/master/11-payment-encoding.md) +//! [lightning BOLT11](https://github.com/lightning/bolts/blob/master/11-payment-encoding.md) //! invoices and functions to create, encode and decode these. If you just want to use the standard //! en-/decoding functionality this should get you started: //! //! * For parsing use `str::parse::(&self)` (see the docs of `impl FromStr for Invoice`) //! * For constructing invoices use the `InvoiceBuilder` //! * For serializing invoices use the `Display`/`ToString` traits + +#[cfg(not(any(feature = "std", feature = "no-std")))] +compile_error!("at least one of the `std` or `no-std` features must be enabled"); + pub mod payment; pub mod utils; +pub(crate) mod time_utils; + extern crate bech32; extern crate bitcoin_hashes; #[macro_use] extern crate lightning; extern crate num_traits; extern crate secp256k1; +extern crate alloc; +#[cfg(any(test, feature = "std"))] +extern crate core; +#[cfg(feature = "serde")] +extern crate serde; + +#[cfg(feature = "std")] +use std::time::SystemTime; use bech32::u5; use bitcoin_hashes::Hash; @@ -30,37 +50,105 @@ use bitcoin_hashes::sha256; use lightning::ln::PaymentSecret; use lightning::ln::features::InvoiceFeatures; #[cfg(any(doc, test))] -use lightning::routing::network_graph::RoutingFees; +use lightning::routing::gossip::RoutingFees; use lightning::routing::router::RouteHint; +use lightning::util::invoice::construct_invoice_preimage; -use secp256k1::key::PublicKey; +use secp256k1::PublicKey; use secp256k1::{Message, Secp256k1}; -use secp256k1::recovery::RecoverableSignature; +use secp256k1::ecdsa::RecoverableSignature; + +use core::fmt::{Display, Formatter, self}; +use core::iter::FilterMap; +use core::num::ParseIntError; +use core::ops::Deref; +use core::slice::Iter; +use core::time::Duration; +use core::str; -use std::fmt::{Display, Formatter, self}; -use std::iter::FilterMap; -use std::ops::Deref; -use std::slice::Iter; -use std::time::{SystemTime, Duration, UNIX_EPOCH}; +#[cfg(feature = "serde")] +use serde::{Deserialize, Deserializer,Serialize, Serializer, de::Error}; mod de; mod ser; mod tb; -pub use de::{ParseError, ParseOrSemanticError}; +mod prelude { + #[cfg(feature = "hashbrown")] + extern crate hashbrown; + + pub use alloc::{vec, vec::Vec, string::String, collections::VecDeque, boxed::Box}; + #[cfg(not(feature = "hashbrown"))] + pub use std::collections::{HashMap, HashSet, hash_map}; + #[cfg(feature = "hashbrown")] + pub use self::hashbrown::{HashMap, HashSet, hash_map}; + + pub use alloc::string::ToString; +} + +use prelude::*; + +/// Sync compat for std/no_std +#[cfg(feature = "std")] +mod sync { + pub use ::std::sync::{Mutex, MutexGuard}; +} + +/// Sync compat for std/no_std +#[cfg(not(feature = "std"))] +mod sync; + +/// Errors that indicate what is wrong with the invoice. They have some granularity for debug +/// reasons, but should generally result in an "invalid BOLT11 invoice" message for the user. +#[allow(missing_docs)] +#[derive(PartialEq, Debug, Clone)] +pub enum ParseError { + Bech32Error(bech32::Error), + ParseAmountError(ParseIntError), + MalformedSignature(secp256k1::Error), + BadPrefix, + UnknownCurrency, + UnknownSiPrefix, + MalformedHRP, + TooShortDataPart, + UnexpectedEndOfTaggedFields, + DescriptionDecodeError(str::Utf8Error), + PaddingError, + IntegerOverflowError, + InvalidSegWitProgramLength, + InvalidPubKeyHashLength, + InvalidScriptHashLength, + InvalidRecoveryId, + InvalidSliceLength(String), + + /// Not an error, but used internally to signal that a part of the invoice should be ignored + /// according to BOLT11 + Skip, +} -// TODO: fix before 2037 (see rust PR #55527) -/// Defines the maximum UNIX timestamp that can be represented as `SystemTime`. This is checked by -/// one of the unit tests, please run them. -const SYSTEM_TIME_MAX_UNIX_TIMESTAMP: u64 = std::i32::MAX as u64; +/// Indicates that something went wrong while parsing or validating the invoice. Parsing errors +/// should be mostly seen as opaque and are only there for debugging reasons. Semantic errors +/// like wrong signatures, missing fields etc. could mean that someone tampered with the invoice. +#[derive(PartialEq, Debug, Clone)] +pub enum ParseOrSemanticError { + /// The invoice couldn't be decoded + ParseError(ParseError), -/// Allow the expiry time to be up to one year. Since this reduces the range of possible timestamps -/// it should be rather low as long as we still have to support 32bit time representations -const MAX_EXPIRY_TIME: u64 = 60 * 60 * 24 * 356; + /// The invoice could be decoded but violates the BOLT11 standard + SemanticError(::SemanticError), +} + +/// The number of bits used to represent timestamps as defined in BOLT 11. +const TIMESTAMP_BITS: usize = 35; + +/// The maximum timestamp as [`Duration::as_secs`] since the Unix epoch allowed by [`BOLT 11`]. +/// +/// [BOLT 11]: https://github.com/lightning/bolts/blob/master/11-payment-encoding.md +pub const MAX_TIMESTAMP: u64 = (1 << TIMESTAMP_BITS) - 1; /// Default expiry time as defined by [BOLT 11]. /// -/// [BOLT 11]: https://github.com/lightningnetwork/lightning-rfc/blob/master/11-payment-encoding.md +/// [BOLT 11]: https://github.com/lightning/bolts/blob/master/11-payment-encoding.md pub const DEFAULT_EXPIRY_TIME: u64 = 3600; /// Default minimum final CLTV expiry as defined by [BOLT 11]. @@ -68,61 +156,10 @@ pub const DEFAULT_EXPIRY_TIME: u64 = 3600; /// Note that this is *not* the same value as rust-lightning's minimum CLTV expiry, which is /// provided in [`MIN_FINAL_CLTV_EXPIRY`]. /// -/// [BOLT 11]: https://github.com/lightningnetwork/lightning-rfc/blob/master/11-payment-encoding.md +/// [BOLT 11]: https://github.com/lightning/bolts/blob/master/11-payment-encoding.md /// [`MIN_FINAL_CLTV_EXPIRY`]: lightning::ln::channelmanager::MIN_FINAL_CLTV_EXPIRY pub const DEFAULT_MIN_FINAL_CLTV_EXPIRY: u64 = 18; -/// This function is used as a static assert for the size of `SystemTime`. If the crate fails to -/// compile due to it this indicates that your system uses unexpected bounds for `SystemTime`. You -/// can remove this functions and run the test `test_system_time_bounds_assumptions`. In any case, -/// please open an issue. If all tests pass you should be able to use this library safely by just -/// removing this function till we patch it accordingly. -fn __system_time_size_check() { - // Use 2 * sizeof(u64) as expected size since the expected underlying implementation is storing - // a `Duration` since `SystemTime::UNIX_EPOCH`. - unsafe { std::mem::transmute_copy::(&UNIX_EPOCH); } -} - - -/// **Call this function on startup to ensure that all assumptions about the platform are valid.** -/// -/// Unfortunately we have to make assumptions about the upper bounds of the `SystemTime` type on -/// your platform which we can't fully verify at compile time and which isn't part of it's contract. -/// To our best knowledge our assumptions hold for all platforms officially supported by rust, but -/// since this check is fast we recommend to do it anyway. -/// -/// If this function fails this is considered a bug. Please open an issue describing your -/// platform and stating your current system time. -/// -/// # Panics -/// If the check fails this function panics. By calling this function on startup you ensure that -/// this wont happen at an arbitrary later point in time. -pub fn check_platform() { - // The upper and lower bounds of `SystemTime` are not part of its public contract and are - // platform specific. That's why we have to test if our assumptions regarding these bounds - // hold on the target platform. - // - // If this test fails on your platform, please don't use the library and open an issue - // instead so we can resolve the situation. Currently this library is tested on: - // * Linux (64bit) - let fail_date = UNIX_EPOCH + Duration::from_secs(SYSTEM_TIME_MAX_UNIX_TIMESTAMP); - let year = Duration::from_secs(60 * 60 * 24 * 365); - - // Make sure that the library will keep working for another year - assert!(fail_date.duration_since(SystemTime::now()).unwrap() > year); - - let max_ts = PositiveTimestamp::from_unix_timestamp( - SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME - ).unwrap(); - let max_exp = ::ExpiryTime::from_seconds(MAX_EXPIRY_TIME).unwrap(); - - assert_eq!( - (*max_ts.as_time() + *max_exp.as_duration()).duration_since(UNIX_EPOCH).unwrap().as_secs(), - SYSTEM_TIME_MAX_UNIX_TIMESTAMP - ); -} - - /// Builder for `Invoice`s. It's the most convenient and advised way to use this library. It ensures /// that only a semantically and syntactically correct Invoice can be built using it. /// @@ -136,12 +173,15 @@ pub fn check_platform() { /// use bitcoin_hashes::sha256; /// /// use secp256k1::Secp256k1; -/// use secp256k1::key::SecretKey; +/// use secp256k1::SecretKey; /// /// use lightning::ln::PaymentSecret; /// /// use lightning_invoice::{Currency, InvoiceBuilder}; /// +/// # #[cfg(not(feature = "std"))] +/// # fn main() {} +/// # #[cfg(feature = "std")] /// # fn main() { /// let private_key = SecretKey::from_slice( /// &[ @@ -161,7 +201,7 @@ pub fn check_platform() { /// .current_timestamp() /// .min_final_cltv_expiry(144) /// .build_signed(|hash| { -/// Secp256k1::new().sign_recoverable(hash, &private_key) +/// Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key) /// }) /// .unwrap(); /// @@ -186,11 +226,11 @@ pub struct InvoiceBuilder, error: Option, - phantom_d: std::marker::PhantomData, - phantom_h: std::marker::PhantomData, - phantom_t: std::marker::PhantomData, - phantom_c: std::marker::PhantomData, - phantom_s: std::marker::PhantomData, + phantom_d: core::marker::PhantomData, + phantom_h: core::marker::PhantomData, + phantom_t: core::marker::PhantomData, + phantom_c: core::marker::PhantomData, + phantom_s: core::marker::PhantomData, } /// Represents a syntactically and semantically correct lightning BOLT11 invoice. @@ -199,7 +239,7 @@ pub struct InvoiceBuilder(&str)` -#[derive(Eq, PartialEq, Debug, Clone)] +#[derive(Eq, PartialEq, Debug, Clone, Hash)] pub struct Invoice { signed_invoice: SignedRawInvoice, } @@ -223,7 +263,7 @@ pub enum InvoiceDescription<'f> { /// /// # Invariants /// The hash has to be either from the deserialized invoice or from the serialized `raw_invoice`. -#[derive(Eq, PartialEq, Debug, Clone)] +#[derive(Eq, PartialEq, Debug, Clone, Hash)] pub struct SignedRawInvoice { /// The rawInvoice that the signature belongs to raw_invoice: RawInvoice, @@ -246,7 +286,7 @@ pub struct SignedRawInvoice { /// De- and encoding should not lead to information loss but may lead to different hashes. /// /// For methods without docs see the corresponding methods in `Invoice`. -#[derive(Eq, PartialEq, Debug, Clone)] +#[derive(Eq, PartialEq, Debug, Clone, Hash)] pub struct RawInvoice { /// human readable part pub hrp: RawHrp, @@ -258,7 +298,7 @@ pub struct RawInvoice { /// Data of the `RawInvoice` that is encoded in the human readable part /// /// (C-not exported) As we don't yet support Option -#[derive(Eq, PartialEq, Debug, Clone)] +#[derive(Eq, PartialEq, Debug, Clone, Hash)] pub struct RawHrp { /// The currency deferred from the 3rd and 4th character of the bech32 transaction pub currency: Currency, @@ -271,7 +311,7 @@ pub struct RawHrp { } /// Data of the `RawInvoice` that is encoded in the data part -#[derive(Eq, PartialEq, Debug, Clone)] +#[derive(Eq, PartialEq, Debug, Clone, Hash)] pub struct RawDataPart { /// generation time of the invoice pub timestamp: PositiveTimestamp, @@ -280,17 +320,17 @@ pub struct RawDataPart { pub tagged_fields: Vec, } -/// A timestamp that refers to a date after 1 January 1970 which means its representation as UNIX -/// timestamp is positive. +/// A timestamp that refers to a date after 1 January 1970. /// /// # Invariants -/// The UNIX timestamp representing the stored time has to be positive and small enough so that -/// a `EpiryTime` can be added to it without an overflow. -#[derive(Eq, PartialEq, Debug, Clone)] -pub struct PositiveTimestamp(SystemTime); +/// +/// The Unix timestamp representing the stored time has to be positive and no greater than +/// [`MAX_TIMESTAMP`]. +#[derive(Eq, PartialEq, Debug, Clone, Hash)] +pub struct PositiveTimestamp(Duration); /// SI prefixes for the human readable part -#[derive(Eq, PartialEq, Debug, Clone, Copy)] +#[derive(Eq, PartialEq, Debug, Clone, Copy, Hash)] pub enum SiPrefix { /// 10^-3 Milli, @@ -395,11 +435,6 @@ pub struct PayeePubKey(pub PublicKey); /// Positive duration that defines when (relatively to the timestamp) in the future the invoice /// expires -/// -/// # Invariants -/// The number of seconds this expiry time represents has to be in the range -/// `0...(SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME)` to avoid overflows when adding it to a -/// timestamp #[derive(Clone, Debug, Hash, Eq, PartialEq)] pub struct ExpiryTime(Duration); @@ -421,7 +456,7 @@ pub enum Fallback { } /// Recoverable signature -#[derive(Clone, Debug, Eq, PartialEq)] +#[derive(Clone, Debug, Hash, Eq, PartialEq)] pub struct InvoiceSignature(pub RecoverableSignature); /// Private routing information @@ -459,11 +494,11 @@ impl InvoiceBuilder { tagged_fields: Vec::new(), error: None, - phantom_d: std::marker::PhantomData, - phantom_h: std::marker::PhantomData, - phantom_t: std::marker::PhantomData, - phantom_c: std::marker::PhantomData, - phantom_s: std::marker::PhantomData, + phantom_d: core::marker::PhantomData, + phantom_h: core::marker::PhantomData, + phantom_t: core::marker::PhantomData, + phantom_c: core::marker::PhantomData, + phantom_s: core::marker::PhantomData, } } } @@ -479,11 +514,11 @@ impl InvoiceBui tagged_fields: self.tagged_fields, error: self.error, - phantom_d: std::marker::PhantomData, - phantom_h: std::marker::PhantomData, - phantom_t: std::marker::PhantomData, - phantom_c: std::marker::PhantomData, - phantom_s: std::marker::PhantomData, + phantom_d: core::marker::PhantomData, + phantom_h: core::marker::PhantomData, + phantom_t: core::marker::PhantomData, + phantom_c: core::marker::PhantomData, + phantom_s: core::marker::PhantomData, } } @@ -507,10 +542,7 @@ impl InvoiceBui /// Sets the expiry time pub fn expiry_time(mut self, expiry_time: Duration) -> Self { - match ExpiryTime::from_duration(expiry_time) { - Ok(t) => self.tagged_fields.push(TaggedField::ExpiryTime(t)), - Err(e) => self.error = Some(e), - }; + self.tagged_fields.push(TaggedField::ExpiryTime(ExpiryTime::from_duration(expiry_time))); self } @@ -589,7 +621,8 @@ impl InvoiceBuilder InvoiceBuilder { - /// Sets the timestamp. + /// Sets the timestamp to a specific [`SystemTime`]. + #[cfg(feature = "std")] pub fn timestamp(mut self, time: SystemTime) -> InvoiceBuilder { match PositiveTimestamp::from_system_time(time) { Ok(t) => self.timestamp = Some(t), @@ -599,7 +632,18 @@ impl InvoiceBuilder InvoiceBuilder { + match PositiveTimestamp::from_duration_since_epoch(time) { + Ok(t) => self.timestamp = Some(t), + Err(e) => self.error = Some(e), + } + + self.set_flags() + } + + /// Sets the timestamp to the current system time. + #[cfg(feature = "std")] pub fn current_timestamp(mut self) -> InvoiceBuilder { let now = PositiveTimestamp::from_system_time(SystemTime::now()); self.timestamp = Some(now.expect("for the foreseeable future this shouldn't happen")); @@ -618,9 +662,9 @@ impl InvoiceBuilder InvoiceBuilder { /// Sets the payment secret and relevant features. pub fn payment_secret(mut self, payment_secret: PaymentSecret) -> InvoiceBuilder { - let features = InvoiceFeatures::empty() - .set_variable_length_onion_required() - .set_payment_secret_required(); + let mut features = InvoiceFeatures::empty(); + features.set_variable_length_onion_required(); + features.set_payment_secret_required(); self.tagged_fields.push(TaggedField::PaymentSecret(payment_secret)); self.tagged_fields.push(TaggedField::Features(features)); self.set_flags() @@ -630,13 +674,11 @@ impl InvoiceBuilder InvoiceBuilder { /// Sets the `basic_mpp` feature as optional. pub fn basic_mpp(mut self) -> Self { - self.tagged_fields = self.tagged_fields - .drain(..) - .map(|field| match field { - TaggedField::Features(f) => TaggedField::Features(f.set_basic_mpp_optional()), - _ => field, - }) - .collect(); + for field in self.tagged_fields.iter_mut() { + if let TaggedField::Features(f) = field { + f.set_basic_mpp_optional(); + } + } self } } @@ -703,7 +745,7 @@ impl SignedRawInvoice { } /// The hash of the `RawInvoice` that was signed. - pub fn hash(&self) -> &[u8; 32] { + pub fn signable_hash(&self) -> &[u8; 32] { &self.hash } @@ -717,7 +759,7 @@ impl SignedRawInvoice { let hash = Message::from_slice(&self.hash[..]) .expect("Hash is 32 bytes long, same as MESSAGE_SIZE"); - Ok(PayeePubKey(Secp256k1::new().recover( + Ok(PayeePubKey(Secp256k1::new().recover_ecdsa( &hash, &self.signature )?)) @@ -744,7 +786,7 @@ impl SignedRawInvoice { .expect("Hash is 32 bytes long, same as MESSAGE_SIZE"); let secp_context = Secp256k1::new(); - let verification_result = secp_context.verify( + let verification_result = secp_context.verify_ecdsa( &hash, &self.signature.to_standard(), pub_key @@ -761,86 +803,58 @@ impl SignedRawInvoice { /// variant. If no element was found `None` gets returned. /// /// The following example would extract the first B. -/// ``` -/// use Enum::* /// /// enum Enum { /// A(u8), /// B(u16) /// } /// -/// let elements = vec![A(1), A(2), B(3), A(4)] +/// let elements = vec![Enum::A(1), Enum::A(2), Enum::B(3), Enum::A(4)]; /// -/// assert_eq!(find_extract!(elements.iter(), Enum::B(ref x), x), Some(3u16)) -/// ``` +/// assert_eq!(find_extract!(elements.iter(), Enum::B(x), x), Some(3u16)); macro_rules! find_extract { ($iter:expr, $enm:pat, $enm_var:ident) => { find_all_extract!($iter, $enm, $enm_var).next() - }; + }; } /// Finds the all elements of an enum stream of a given variant and extracts one member of the /// variant through an iterator. /// /// The following example would extract all A. -/// ``` -/// use Enum::* /// /// enum Enum { /// A(u8), /// B(u16) /// } /// -/// let elements = vec![A(1), A(2), B(3), A(4)] +/// let elements = vec![Enum::A(1), Enum::A(2), Enum::B(3), Enum::A(4)]; /// /// assert_eq!( -/// find_all_extract!(elements.iter(), Enum::A(ref x), x).collect::>(), -/// vec![1u8, 2u8, 4u8]) -/// ``` +/// find_all_extract!(elements.iter(), Enum::A(x), x).collect::>(), +/// vec![1u8, 2u8, 4u8] +/// ); macro_rules! find_all_extract { ($iter:expr, $enm:pat, $enm_var:ident) => { - $iter.filter_map(|tf| match *tf { + $iter.filter_map(|tf| match *tf { $enm => Some($enm_var), _ => None, }) - }; + }; } #[allow(missing_docs)] impl RawInvoice { - /// Construct the invoice's HRP and signatureless data into a preimage to be hashed. - pub(crate) fn construct_invoice_preimage(hrp_bytes: &[u8], data_without_signature: &[u5]) -> Vec { - use bech32::FromBase32; - - let mut preimage = Vec::::from(hrp_bytes); - - let mut data_part = Vec::from(data_without_signature); - let overhang = (data_part.len() * 5) % 8; - if overhang > 0 { - // add padding if data does not end at a byte boundary - data_part.push(u5::try_from_u8(0).unwrap()); - - // if overhang is in (1..3) we need to add u5(0) padding two times - if overhang < 3 { - data_part.push(u5::try_from_u8(0).unwrap()); - } - } - - preimage.extend_from_slice(&Vec::::from_base32(&data_part) - .expect("No padding error may occur due to appended zero above.")); - preimage - } - /// Hash the HRP as bytes and signatureless data part. fn hash_from_parts(hrp_bytes: &[u8], data_without_signature: &[u5]) -> [u8; 32] { - let preimage = RawInvoice::construct_invoice_preimage(hrp_bytes, data_without_signature); + let preimage = construct_invoice_preimage(hrp_bytes, data_without_signature); let mut hash: [u8; 32] = Default::default(); hash.copy_from_slice(&sha256::Hash::hash(&preimage)[..]); hash } - /// Calculate the hash of the encoded `RawInvoice` - pub fn hash(&self) -> [u8; 32] { + /// Calculate the hash of the encoded `RawInvoice` which should be signed. + pub fn signable_hash(&self) -> [u8; 32] { use bech32::ToBase32; RawInvoice::hash_from_parts( @@ -858,7 +872,7 @@ impl RawInvoice { pub fn sign(self, sign_method: F) -> Result where F: FnOnce(&Message) -> Result { - let raw_hash = self.hash(); + let raw_hash = self.signable_hash(); let hash = Message::from_slice(&raw_hash[..]) .expect("Hash is 32 bytes long, same as MESSAGE_SIZE"); let signature = sign_method(&hash)?; @@ -942,56 +956,57 @@ impl RawInvoice { } impl PositiveTimestamp { - /// Create a new `PositiveTimestamp` from a unix timestamp in the Range - /// `0...SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME`, otherwise return a - /// `CreationError::TimestampOutOfBounds`. + /// Creates a `PositiveTimestamp` from a Unix timestamp in the range `0..=MAX_TIMESTAMP`. + /// + /// Otherwise, returns a [`CreationError::TimestampOutOfBounds`]. pub fn from_unix_timestamp(unix_seconds: u64) -> Result { - if unix_seconds > SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME { - Err(CreationError::TimestampOutOfBounds) - } else { - Ok(PositiveTimestamp(UNIX_EPOCH + Duration::from_secs(unix_seconds))) - } + Self::from_duration_since_epoch(Duration::from_secs(unix_seconds)) } - /// Create a new `PositiveTimestamp` from a `SystemTime` with a corresponding unix timestamp in - /// the Range `0...SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME`, otherwise return a - /// `CreationError::TimestampOutOfBounds`. + /// Creates a `PositiveTimestamp` from a [`SystemTime`] with a corresponding Unix timestamp in + /// the range `0..=MAX_TIMESTAMP`. + /// + /// Otherwise, returns a [`CreationError::TimestampOutOfBounds`]. + #[cfg(feature = "std")] pub fn from_system_time(time: SystemTime) -> Result { - if time - .duration_since(UNIX_EPOCH) - .map(|t| t.as_secs() <= SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME) - .unwrap_or(true) - { - Ok(PositiveTimestamp(time)) - } else { + time.duration_since(SystemTime::UNIX_EPOCH) + .map(Self::from_duration_since_epoch) + .unwrap_or(Err(CreationError::TimestampOutOfBounds)) + } + + /// Creates a `PositiveTimestamp` from a [`Duration`] since the Unix epoch in the range + /// `0..=MAX_TIMESTAMP`. + /// + /// Otherwise, returns a [`CreationError::TimestampOutOfBounds`]. + pub fn from_duration_since_epoch(duration: Duration) -> Result { + if duration.as_secs() <= MAX_TIMESTAMP { + Ok(PositiveTimestamp(duration)) + } else { Err(CreationError::TimestampOutOfBounds) } } - /// Returns the UNIX timestamp representing the stored time + /// Returns the Unix timestamp representing the stored time pub fn as_unix_timestamp(&self) -> u64 { - self.0.duration_since(UNIX_EPOCH) - .expect("ensured by type contract/constructors") - .as_secs() + self.0.as_secs() } - /// Returns a reference to the internal `SystemTime` time representation - pub fn as_time(&self) -> &SystemTime { - &self.0 + /// Returns the duration of the stored time since the Unix epoch + pub fn as_duration_since_epoch(&self) -> Duration { + self.0 } -} -impl Into for PositiveTimestamp { - fn into(self) -> SystemTime { - self.0 + /// Returns the [`SystemTime`] representing the stored time + #[cfg(feature = "std")] + pub fn as_time(&self) -> SystemTime { + SystemTime::UNIX_EPOCH + self.0 } } -impl Deref for PositiveTimestamp { - type Target = SystemTime; - - fn deref(&self) -> &Self::Target { - &self.0 +#[cfg(feature = "std")] +impl Into for PositiveTimestamp { + fn into(self) -> SystemTime { + SystemTime::UNIX_EPOCH + self.0 } } @@ -1132,11 +1147,17 @@ impl Invoice { Ok(invoice) } - /// Returns the `Invoice`'s timestamp (should equal it's creation time) - pub fn timestamp(&self) -> &SystemTime { + /// Returns the `Invoice`'s timestamp (should equal its creation time) + #[cfg(feature = "std")] + pub fn timestamp(&self) -> SystemTime { self.signed_invoice.raw_invoice().data.timestamp.as_time() } + /// Returns the `Invoice`'s timestamp as a duration since the Unix epoch + pub fn duration_since_epoch(&self) -> Duration { + self.signed_invoice.raw_invoice().data.timestamp.0 + } + /// Returns an iterator over all tagged fields of this Invoice. /// /// (C-not exported) As there is not yet a manual mapping for a FilterMap @@ -1190,11 +1211,13 @@ impl Invoice { } /// Returns whether the invoice has expired. + #[cfg(feature = "std")] pub fn is_expired(&self) -> bool { - Self::is_expired_from_epoch(self.timestamp(), self.expiry_time()) + Self::is_expired_from_epoch(&self.timestamp(), self.expiry_time()) } /// Returns whether the expiry time from the given epoch has passed. + #[cfg(feature = "std")] pub(crate) fn is_expired_from_epoch(epoch: &SystemTime, expiry_time: Duration) -> bool { match epoch.elapsed() { Ok(elapsed) => elapsed > expiry_time, @@ -1202,6 +1225,14 @@ impl Invoice { } } + /// Returns whether the expiry time would pass at the given point in time. + /// `at_time` is the timestamp as a duration since the Unix epoch. + pub fn would_expire(&self, at_time: Duration) -> bool { + self.duration_since_epoch() + .checked_add(self.expiry_time()) + .unwrap_or_else(|| Duration::new(u64::max_value(), 1_000_000_000 - 1)) < at_time + } + /// Returns the invoice's `min_final_cltv_expiry` time, if present, otherwise /// [`DEFAULT_MIN_FINAL_CLTV_EXPIRY`]. pub fn min_final_cltv_expiry(&self) -> u64 { @@ -1320,26 +1351,14 @@ impl Deref for PayeePubKey { } impl ExpiryTime { - /// Construct an `ExpiryTime` from seconds. If there exists a `PositiveTimestamp` which would - /// overflow on adding the `EpiryTime` to it then this function will return a - /// `CreationError::ExpiryTimeOutOfBounds`. - pub fn from_seconds(seconds: u64) -> Result { - if seconds <= MAX_EXPIRY_TIME { - Ok(ExpiryTime(Duration::from_secs(seconds))) - } else { - Err(CreationError::ExpiryTimeOutOfBounds) - } + /// Construct an `ExpiryTime` from seconds. + pub fn from_seconds(seconds: u64) -> ExpiryTime { + ExpiryTime(Duration::from_secs(seconds)) } - /// Construct an `ExpiryTime` from a `Duration`. If there exists a `PositiveTimestamp` which - /// would overflow on adding the `EpiryTime` to it then this function will return a - /// `CreationError::ExpiryTimeOutOfBounds`. - pub fn from_duration(duration: Duration) -> Result { - if duration.as_secs() <= MAX_EXPIRY_TIME { - Ok(ExpiryTime(duration)) - } else { - Err(CreationError::ExpiryTimeOutOfBounds) - } + /// Construct an `ExpiryTime` from a `Duration`. + pub fn from_duration(duration: Duration) -> ExpiryTime { + ExpiryTime(duration) } /// Returns the expiry time in seconds @@ -1408,11 +1427,17 @@ pub enum CreationError { /// The specified route has too many hops and can't be encoded RouteTooLong, - /// The unix timestamp of the supplied date is <0 or can't be represented as `SystemTime` + /// The Unix timestamp of the supplied date is less than zero or greater than 35-bits TimestampOutOfBounds, - /// The supplied expiry time could cause an overflow if added to a `PositiveTimestamp` - ExpiryTimeOutOfBounds, + /// The supplied millisatoshi amount was greater than the total bitcoin supply. + InvalidAmount, + + /// Route hints were required for this invoice and were missing. Applies to + /// [phantom invoices]. + /// + /// [phantom invoices]: crate::utils::create_phantom_invoice + MissingRouteHints, } impl Display for CreationError { @@ -1420,12 +1445,14 @@ impl Display for CreationError { match self { CreationError::DescriptionTooLong => f.write_str("The supplied description string was longer than 639 bytes"), CreationError::RouteTooLong => f.write_str("The specified route has too many hops and can't be encoded"), - CreationError::TimestampOutOfBounds => f.write_str("The unix timestamp of the supplied date is <0 or can't be represented as `SystemTime`"), - CreationError::ExpiryTimeOutOfBounds => f.write_str("The supplied expiry time could cause an overflow if added to a `PositiveTimestamp`"), + CreationError::TimestampOutOfBounds => f.write_str("The Unix timestamp of the supplied date is less than zero or greater than 35-bits"), + CreationError::InvalidAmount => f.write_str("The supplied millisatoshi amount was greater than the total bitcoin supply"), + CreationError::MissingRouteHints => f.write_str("The invoice required route hints and they weren't provided"), } } } +#[cfg(feature = "std")] impl std::error::Error for CreationError { } /// Errors that may occur when converting a `RawInvoice` to an `Invoice`. They relate to the @@ -1481,6 +1508,7 @@ impl Display for SemanticError { } } +#[cfg(feature = "std")] impl std::error::Error for SemanticError { } /// When signing using a fallible method either an user-supplied `SignError` or a `CreationError` @@ -1503,6 +1531,23 @@ impl Display for SignOrCreationError { } } +#[cfg(feature = "serde")] +impl Serialize for Invoice { + fn serialize(&self, serializer: S) -> Result where S: Serializer { + serializer.serialize_str(self.to_string().as_str()) + } +} +#[cfg(feature = "serde")] +impl<'de> Deserialize<'de> for Invoice { + fn deserialize(deserializer: D) -> Result where D: Deserializer<'de> { + let bolt11 = String::deserialize(deserializer)? + .parse::() + .map_err(|e| D::Error::custom(format!("{:?}", e)))?; + + Ok(bolt11) + } +} + #[cfg(test)] mod test { use bitcoin_hashes::hex::FromHex; @@ -1510,17 +1555,10 @@ mod test { #[test] fn test_system_time_bounds_assumptions() { - ::check_platform(); - - assert_eq!( - ::PositiveTimestamp::from_unix_timestamp(::SYSTEM_TIME_MAX_UNIX_TIMESTAMP + 1), - Err(::CreationError::TimestampOutOfBounds) - ); - - assert_eq!( - ::ExpiryTime::from_seconds(::MAX_EXPIRY_TIME + 1), - Err(::CreationError::ExpiryTimeOutOfBounds) - ); + assert_eq!( + ::PositiveTimestamp::from_unix_timestamp(::MAX_TIMESTAMP + 1), + Err(::CreationError::TimestampOutOfBounds) + ); } #[test] @@ -1553,15 +1591,15 @@ mod test { 0xd5, 0x18, 0xe1, 0xc9 ]; - assert_eq!(invoice.hash(), expected_hash) + assert_eq!(invoice.signable_hash(), expected_hash) } #[test] fn test_check_signature() { use TaggedField::*; use secp256k1::Secp256k1; - use secp256k1::recovery::{RecoveryId, RecoverableSignature}; - use secp256k1::key::{SecretKey, PublicKey}; + use secp256k1::ecdsa::{RecoveryId, RecoverableSignature}; + use secp256k1::{SecretKey, PublicKey}; use {SignedRawInvoice, InvoiceSignature, RawInvoice, RawHrp, RawDataPart, Currency, Sha256, PositiveTimestamp}; @@ -1619,7 +1657,7 @@ mod test { let (raw_invoice, _, _) = invoice.into_parts(); let new_signed = raw_invoice.sign::<_, ()>(|hash| { - Ok(Secp256k1::new().sign_recoverable(hash, &private_key)) + Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)) }).unwrap(); assert!(new_signed.check_signature()); @@ -1630,7 +1668,7 @@ mod test { use TaggedField::*; use lightning::ln::features::InvoiceFeatures; use secp256k1::Secp256k1; - use secp256k1::key::SecretKey; + use secp256k1::SecretKey; use {RawInvoice, RawHrp, RawDataPart, Currency, Sha256, PositiveTimestamp, Invoice, SemanticError}; @@ -1661,7 +1699,7 @@ mod test { let invoice = { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::InvalidFeatures)); @@ -1670,23 +1708,26 @@ mod test { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); invoice.data.tagged_fields.push(Features(InvoiceFeatures::empty()).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::InvalidFeatures)); + let mut payment_secret_features = InvoiceFeatures::empty(); + payment_secret_features.set_payment_secret_required(); + // Including payment secret and feature bits let invoice = { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); - invoice.data.tagged_fields.push(Features(InvoiceFeatures::known()).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.data.tagged_fields.push(Features(payment_secret_features.clone()).into()); + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert!(Invoice::from_signed(invoice).is_ok()); // No payment secret or features let invoice = { let invoice = invoice_template.clone(); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret)); @@ -1694,15 +1735,15 @@ mod test { let invoice = { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(Features(InvoiceFeatures::empty()).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret)); // Missing payment secret let invoice = { let mut invoice = invoice_template.clone(); - invoice.data.tagged_fields.push(Features(InvoiceFeatures::known()).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.data.tagged_fields.push(Features(payment_secret_features).into()); + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret)); @@ -1711,7 +1752,7 @@ mod test { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::MultiplePaymentSecrets)); } @@ -1723,7 +1764,7 @@ mod test { let builder = InvoiceBuilder::new(Currency::Bitcoin) .description("Test".into()) .payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap()) - .current_timestamp(); + .duration_since_epoch(Duration::from_secs(1234567)); let invoice = builder.clone() .amount_milli_satoshis(1500) @@ -1748,11 +1789,11 @@ mod test { use ::*; use lightning::routing::router::RouteHintHop; use std::iter::FromIterator; - use secp256k1::key::PublicKey; + use secp256k1::PublicKey; let builder = InvoiceBuilder::new(Currency::Bitcoin) .payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap()) - .current_timestamp() + .duration_since_epoch(Duration::from_secs(1234567)) .min_final_cltv_expiry(144); let too_long_string = String::from_iter( @@ -1802,7 +1843,7 @@ mod test { use ::*; use lightning::routing::router::RouteHintHop; use secp256k1::Secp256k1; - use secp256k1::key::{SecretKey, PublicKey}; + use secp256k1::{SecretKey, PublicKey}; use std::time::{UNIX_EPOCH, Duration}; let secp_ctx = Secp256k1::new(); @@ -1868,7 +1909,7 @@ mod test { let builder = InvoiceBuilder::new(Currency::BitcoinTestnet) .amount_milli_satoshis(123) - .timestamp(UNIX_EPOCH + Duration::from_secs(1234567)) + .duration_since_epoch(Duration::from_secs(1234567)) .payee_pub_key(public_key.clone()) .expiry_time(Duration::from_secs(54321)) .min_final_cltv_expiry(144) @@ -1881,7 +1922,7 @@ mod test { .basic_mpp(); let invoice = builder.clone().build_signed(|hash| { - secp_ctx.sign_recoverable(hash, &private_key) + secp_ctx.sign_ecdsa_recoverable(hash, &private_key) }).unwrap(); assert!(invoice.check_signature().is_ok()); @@ -1890,6 +1931,7 @@ mod test { assert_eq!(invoice.amount_milli_satoshis(), Some(123)); assert_eq!(invoice.amount_pico_btc(), Some(1230)); assert_eq!(invoice.currency(), Currency::BitcoinTestnet); + #[cfg(feature = "std")] assert_eq!( invoice.timestamp().duration_since(UNIX_EPOCH).unwrap().as_secs(), 1234567 @@ -1905,7 +1947,12 @@ mod test { ); assert_eq!(invoice.payment_hash(), &sha256::Hash::from_slice(&[21;32][..]).unwrap()); assert_eq!(invoice.payment_secret(), &PaymentSecret([42; 32])); - assert_eq!(invoice.features(), Some(&InvoiceFeatures::known())); + + let mut expected_features = InvoiceFeatures::empty(); + expected_features.set_variable_length_onion_required(); + expected_features.set_payment_secret_required(); + expected_features.set_basic_mpp_optional(); + assert_eq!(invoice.features(), Some(&expected_features)); let raw_invoice = builder.build_raw().unwrap(); assert_eq!(raw_invoice, *invoice.into_signed_raw().raw_invoice()) @@ -1915,52 +1962,71 @@ mod test { fn test_default_values() { use ::*; use secp256k1::Secp256k1; - use secp256k1::key::SecretKey; + use secp256k1::SecretKey; let signed_invoice = InvoiceBuilder::new(Currency::Bitcoin) .description("Test".into()) .payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap()) .payment_secret(PaymentSecret([0; 32])) - .current_timestamp() + .duration_since_epoch(Duration::from_secs(1234567)) .build_raw() .unwrap() .sign::<_, ()>(|hash| { let privkey = SecretKey::from_slice(&[41; 32]).unwrap(); let secp_ctx = Secp256k1::new(); - Ok(secp_ctx.sign_recoverable(hash, &privkey)) + Ok(secp_ctx.sign_ecdsa_recoverable(hash, &privkey)) }) .unwrap(); let invoice = Invoice::from_signed(signed_invoice).unwrap(); assert_eq!(invoice.min_final_cltv_expiry(), DEFAULT_MIN_FINAL_CLTV_EXPIRY); assert_eq!(invoice.expiry_time(), Duration::from_secs(DEFAULT_EXPIRY_TIME)); - assert!(!invoice.is_expired()); + assert!(!invoice.would_expire(Duration::from_secs(1234568))); } #[test] fn test_expiration() { use ::*; use secp256k1::Secp256k1; - use secp256k1::key::SecretKey; + use secp256k1::SecretKey; - let timestamp = SystemTime::now() - .checked_sub(Duration::from_secs(DEFAULT_EXPIRY_TIME * 2)) - .unwrap(); let signed_invoice = InvoiceBuilder::new(Currency::Bitcoin) .description("Test".into()) .payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap()) .payment_secret(PaymentSecret([0; 32])) - .timestamp(timestamp) + .duration_since_epoch(Duration::from_secs(1234567)) .build_raw() .unwrap() .sign::<_, ()>(|hash| { let privkey = SecretKey::from_slice(&[41; 32]).unwrap(); let secp_ctx = Secp256k1::new(); - Ok(secp_ctx.sign_recoverable(hash, &privkey)) + Ok(secp_ctx.sign_ecdsa_recoverable(hash, &privkey)) }) .unwrap(); let invoice = Invoice::from_signed(signed_invoice).unwrap(); - assert!(invoice.is_expired()); + assert!(invoice.would_expire(Duration::from_secs(1234567 + DEFAULT_EXPIRY_TIME + 1))); + } + + #[cfg(feature = "serde")] + #[test] + fn test_serde() { + let invoice_str = "lnbc100p1psj9jhxdqud3jxktt5w46x7unfv9kz6mn0v3jsnp4q0d3p2sfluzdx45tqcs\ + h2pu5qc7lgq0xs578ngs6s0s68ua4h7cvspp5q6rmq35js88zp5dvwrv9m459tnk2zunwj5jalqtyxqulh0l\ + 5gflssp5nf55ny5gcrfl30xuhzj3nphgj27rstekmr9fw3ny5989s300gyus9qyysgqcqpcrzjqw2sxwe993\ + h5pcm4dxzpvttgza8zhkqxpgffcrf5v25nwpr3cmfg7z54kuqq8rgqqqqqqqq2qqqqq9qq9qrzjqd0ylaqcl\ + j9424x9m8h2vcukcgnm6s56xfgu3j78zyqzhgs4hlpzvznlugqq9vsqqqqqqqlgqqqqqeqq9qrzjqwldmj9d\ + ha74df76zhx6l9we0vjdquygcdt3kssupehe64g6yyp5yz5rhuqqwccqqyqqqqlgqqqqjcqq9qrzjqf9e58a\ + guqr0rcun0ajlvmzq3ek63cw2w282gv3z5uupmuwvgjtq2z55qsqqg6qqqyqqqrtnqqqzq3cqygrzjqvphms\ + ywntrrhqjcraumvc4y6r8v4z5v593trte429v4hredj7ms5z52usqq9ngqqqqqqqlgqqqqqqgq9qrzjq2v0v\ + p62g49p7569ev48cmulecsxe59lvaw3wlxm7r982zxa9zzj7z5l0cqqxusqqyqqqqlgqqqqqzsqygarl9fh3\ + 8s0gyuxjjgux34w75dnc6xp2l35j7es3jd4ugt3lu0xzre26yg5m7ke54n2d5sym4xcmxtl8238xxvw5h5h5\ + j5r6drg6k6zcqj0fcwg"; + let invoice = invoice_str.parse::().unwrap(); + let serialized_invoice = serde_json::to_string(&invoice).unwrap(); + let deserialized_invoice: super::Invoice = serde_json::from_str(serialized_invoice.as_str()).unwrap(); + assert_eq!(invoice, deserialized_invoice); + assert_eq!(invoice_str, deserialized_invoice.to_string().as_str()); + assert_eq!(invoice_str, serialized_invoice.as_str().trim_matches('\"')); } }