X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning-invoice%2Fsrc%2Flib.rs;h=20bc5218ae5524d35bd2f4a15157e58ca08b6bf7;hb=4846570807e94b02b41367d4e91c85d7dbddf578;hp=2164f1c530fccc6b30dbaa632a8087311a255fdd;hpb=b62b244c3c826523a81631037cd060bafef8e402;p=rust-lightning diff --git a/lightning-invoice/src/lib.rs b/lightning-invoice/src/lib.rs index 2164f1c5..20bc5218 100644 --- a/lightning-invoice/src/lib.rs +++ b/lightning-invoice/src/lib.rs @@ -1,15 +1,20 @@ +// Prefix these with `rustdoc::` when we update our MSRV to be >= 1.52 to remove warnings. +#![deny(broken_intra_doc_links)] +#![deny(private_intra_doc_links)] + #![deny(missing_docs)] #![deny(non_upper_case_globals)] #![deny(non_camel_case_types)] #![deny(non_snake_case)] #![deny(unused_mut)] -#![deny(broken_intra_doc_links)] + +#![cfg_attr(docsrs, feature(doc_auto_cfg))] #![cfg_attr(feature = "strict", deny(warnings))] #![cfg_attr(all(not(feature = "std"), not(test)), no_std)] //! This crate provides data structures to represent -//! [lightning BOLT11](https://github.com/lightningnetwork/lightning-rfc/blob/master/11-payment-encoding.md) +//! [lightning BOLT11](https://github.com/lightning/bolts/blob/master/11-payment-encoding.md) //! invoices and functions to create, encode and decode these. If you just want to use the standard //! en-/decoding functionality this should get you started: //! @@ -23,6 +28,8 @@ compile_error!("at least one of the `std` or `no-std` features must be enabled") pub mod payment; pub mod utils; +pub(crate) mod time_utils; + extern crate bech32; extern crate bitcoin_hashes; #[macro_use] extern crate lightning; @@ -31,6 +38,8 @@ extern crate secp256k1; extern crate alloc; #[cfg(any(test, feature = "std"))] extern crate core; +#[cfg(feature = "serde")] +extern crate serde; #[cfg(feature = "std")] use std::time::SystemTime; @@ -41,18 +50,24 @@ use bitcoin_hashes::sha256; use lightning::ln::PaymentSecret; use lightning::ln::features::InvoiceFeatures; #[cfg(any(doc, test))] -use lightning::routing::network_graph::RoutingFees; +use lightning::routing::gossip::RoutingFees; use lightning::routing::router::RouteHint; +use lightning::util::invoice::construct_invoice_preimage; -use secp256k1::key::PublicKey; +use secp256k1::PublicKey; use secp256k1::{Message, Secp256k1}; -use secp256k1::recovery::RecoverableSignature; +use secp256k1::ecdsa::RecoverableSignature; use core::fmt::{Display, Formatter, self}; use core::iter::FilterMap; +use core::num::ParseIntError; use core::ops::Deref; use core::slice::Iter; use core::time::Duration; +use core::str; + +#[cfg(feature = "serde")] +use serde::{Deserialize, Deserializer,Serialize, Serializer, de::Error}; mod de; mod ser; @@ -83,20 +98,57 @@ mod sync { #[cfg(not(feature = "std"))] mod sync; -pub use de::{ParseError, ParseOrSemanticError}; +/// Errors that indicate what is wrong with the invoice. They have some granularity for debug +/// reasons, but should generally result in an "invalid BOLT11 invoice" message for the user. +#[allow(missing_docs)] +#[derive(PartialEq, Debug, Clone)] +pub enum ParseError { + Bech32Error(bech32::Error), + ParseAmountError(ParseIntError), + MalformedSignature(secp256k1::Error), + BadPrefix, + UnknownCurrency, + UnknownSiPrefix, + MalformedHRP, + TooShortDataPart, + UnexpectedEndOfTaggedFields, + DescriptionDecodeError(str::Utf8Error), + PaddingError, + IntegerOverflowError, + InvalidSegWitProgramLength, + InvalidPubKeyHashLength, + InvalidScriptHashLength, + InvalidRecoveryId, + InvalidSliceLength(String), -// TODO: fix before 2037 (see rust PR #55527) -/// Defines the maximum UNIX timestamp that can be represented as `SystemTime`. This is checked by -/// one of the unit tests, please run them. -const SYSTEM_TIME_MAX_UNIX_TIMESTAMP: u64 = core::i32::MAX as u64; + /// Not an error, but used internally to signal that a part of the invoice should be ignored + /// according to BOLT11 + Skip, +} -/// Allow the expiry time to be up to one year. Since this reduces the range of possible timestamps -/// it should be rather low as long as we still have to support 32bit time representations -const MAX_EXPIRY_TIME: u64 = 60 * 60 * 24 * 356; +/// Indicates that something went wrong while parsing or validating the invoice. Parsing errors +/// should be mostly seen as opaque and are only there for debugging reasons. Semantic errors +/// like wrong signatures, missing fields etc. could mean that someone tampered with the invoice. +#[derive(PartialEq, Debug, Clone)] +pub enum ParseOrSemanticError { + /// The invoice couldn't be decoded + ParseError(ParseError), + + /// The invoice could be decoded but violates the BOLT11 standard + SemanticError(::SemanticError), +} + +/// The number of bits used to represent timestamps as defined in BOLT 11. +const TIMESTAMP_BITS: usize = 35; + +/// The maximum timestamp as [`Duration::as_secs`] since the Unix epoch allowed by [`BOLT 11`]. +/// +/// [BOLT 11]: https://github.com/lightning/bolts/blob/master/11-payment-encoding.md +pub const MAX_TIMESTAMP: u64 = (1 << TIMESTAMP_BITS) - 1; /// Default expiry time as defined by [BOLT 11]. /// -/// [BOLT 11]: https://github.com/lightningnetwork/lightning-rfc/blob/master/11-payment-encoding.md +/// [BOLT 11]: https://github.com/lightning/bolts/blob/master/11-payment-encoding.md pub const DEFAULT_EXPIRY_TIME: u64 = 3600; /// Default minimum final CLTV expiry as defined by [BOLT 11]. @@ -104,71 +156,10 @@ pub const DEFAULT_EXPIRY_TIME: u64 = 3600; /// Note that this is *not* the same value as rust-lightning's minimum CLTV expiry, which is /// provided in [`MIN_FINAL_CLTV_EXPIRY`]. /// -/// [BOLT 11]: https://github.com/lightningnetwork/lightning-rfc/blob/master/11-payment-encoding.md +/// [BOLT 11]: https://github.com/lightning/bolts/blob/master/11-payment-encoding.md /// [`MIN_FINAL_CLTV_EXPIRY`]: lightning::ln::channelmanager::MIN_FINAL_CLTV_EXPIRY pub const DEFAULT_MIN_FINAL_CLTV_EXPIRY: u64 = 18; -/// This function is used as a static assert for the size of `SystemTime`. If the crate fails to -/// compile due to it this indicates that your system uses unexpected bounds for `SystemTime`. You -/// can remove this functions and run the test `test_system_time_bounds_assumptions`. In any case, -/// please open an issue. If all tests pass you should be able to use this library safely by just -/// removing this function till we patch it accordingly. -#[cfg(feature = "std")] -fn __system_time_size_check() { - // Use 2 * sizeof(u64) as expected size since the expected underlying implementation is storing - // a `Duration` since `SystemTime::UNIX_EPOCH`. - unsafe { core::mem::transmute_copy::(&SystemTime::UNIX_EPOCH); } -} - - -/// **Call this function on startup to ensure that all assumptions about the platform are valid.** -/// -/// Unfortunately we have to make assumptions about the upper bounds of the `SystemTime` type on -/// your platform which we can't fully verify at compile time and which isn't part of it's contract. -/// To our best knowledge our assumptions hold for all platforms officially supported by rust, but -/// since this check is fast we recommend to do it anyway. -/// -/// If this function fails this is considered a bug. Please open an issue describing your -/// platform and stating your current system time. -/// -/// Note that this currently does nothing in `no_std` environments, because they don't have -/// a `SystemTime` implementation. -/// -/// # Panics -/// If the check fails this function panics. By calling this function on startup you ensure that -/// this wont happen at an arbitrary later point in time. -pub fn check_platform() { - #[cfg(feature = "std")] - check_system_time_bounds(); -} - -#[cfg(feature = "std")] -fn check_system_time_bounds() { - // The upper and lower bounds of `SystemTime` are not part of its public contract and are - // platform specific. That's why we have to test if our assumptions regarding these bounds - // hold on the target platform. - // - // If this test fails on your platform, please don't use the library and open an issue - // instead so we can resolve the situation. Currently this library is tested on: - // * Linux (64bit) - let fail_date = SystemTime::UNIX_EPOCH + Duration::from_secs(SYSTEM_TIME_MAX_UNIX_TIMESTAMP); - let year = Duration::from_secs(60 * 60 * 24 * 365); - - // Make sure that the library will keep working for another year - assert!(fail_date.duration_since(SystemTime::now()).unwrap() > year); - - let max_ts = PositiveTimestamp::from_unix_timestamp( - SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME - ).unwrap(); - let max_exp = ::ExpiryTime::from_seconds(MAX_EXPIRY_TIME).unwrap(); - - assert_eq!( - (max_ts.as_time() + *max_exp.as_duration()).duration_since(SystemTime::UNIX_EPOCH).unwrap().as_secs(), - SYSTEM_TIME_MAX_UNIX_TIMESTAMP - ); -} - - /// Builder for `Invoice`s. It's the most convenient and advised way to use this library. It ensures /// that only a semantically and syntactically correct Invoice can be built using it. /// @@ -182,7 +173,7 @@ fn check_system_time_bounds() { /// use bitcoin_hashes::sha256; /// /// use secp256k1::Secp256k1; -/// use secp256k1::key::SecretKey; +/// use secp256k1::SecretKey; /// /// use lightning::ln::PaymentSecret; /// @@ -210,7 +201,7 @@ fn check_system_time_bounds() { /// .current_timestamp() /// .min_final_cltv_expiry(144) /// .build_signed(|hash| { -/// Secp256k1::new().sign_recoverable(hash, &private_key) +/// Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key) /// }) /// .unwrap(); /// @@ -248,7 +239,7 @@ pub struct InvoiceBuilder(&str)` -#[derive(Eq, PartialEq, Debug, Clone)] +#[derive(Eq, PartialEq, Debug, Clone, Hash)] pub struct Invoice { signed_invoice: SignedRawInvoice, } @@ -272,7 +263,7 @@ pub enum InvoiceDescription<'f> { /// /// # Invariants /// The hash has to be either from the deserialized invoice or from the serialized `raw_invoice`. -#[derive(Eq, PartialEq, Debug, Clone)] +#[derive(Eq, PartialEq, Debug, Clone, Hash)] pub struct SignedRawInvoice { /// The rawInvoice that the signature belongs to raw_invoice: RawInvoice, @@ -295,7 +286,7 @@ pub struct SignedRawInvoice { /// De- and encoding should not lead to information loss but may lead to different hashes. /// /// For methods without docs see the corresponding methods in `Invoice`. -#[derive(Eq, PartialEq, Debug, Clone)] +#[derive(Eq, PartialEq, Debug, Clone, Hash)] pub struct RawInvoice { /// human readable part pub hrp: RawHrp, @@ -307,7 +298,7 @@ pub struct RawInvoice { /// Data of the `RawInvoice` that is encoded in the human readable part /// /// (C-not exported) As we don't yet support Option -#[derive(Eq, PartialEq, Debug, Clone)] +#[derive(Eq, PartialEq, Debug, Clone, Hash)] pub struct RawHrp { /// The currency deferred from the 3rd and 4th character of the bech32 transaction pub currency: Currency, @@ -320,7 +311,7 @@ pub struct RawHrp { } /// Data of the `RawInvoice` that is encoded in the data part -#[derive(Eq, PartialEq, Debug, Clone)] +#[derive(Eq, PartialEq, Debug, Clone, Hash)] pub struct RawDataPart { /// generation time of the invoice pub timestamp: PositiveTimestamp, @@ -329,17 +320,17 @@ pub struct RawDataPart { pub tagged_fields: Vec, } -/// A timestamp that refers to a date after 1 January 1970 which means its representation as UNIX -/// timestamp is positive. +/// A timestamp that refers to a date after 1 January 1970. /// /// # Invariants -/// The UNIX timestamp representing the stored time has to be positive and small enough so that -/// a `ExpiryTime` can be added to it without an overflow. -#[derive(Eq, PartialEq, Debug, Clone)] +/// +/// The Unix timestamp representing the stored time has to be positive and no greater than +/// [`MAX_TIMESTAMP`]. +#[derive(Eq, PartialEq, Debug, Clone, Hash)] pub struct PositiveTimestamp(Duration); /// SI prefixes for the human readable part -#[derive(Eq, PartialEq, Debug, Clone, Copy)] +#[derive(Eq, PartialEq, Debug, Clone, Copy, Hash)] pub enum SiPrefix { /// 10^-3 Milli, @@ -444,11 +435,6 @@ pub struct PayeePubKey(pub PublicKey); /// Positive duration that defines when (relatively to the timestamp) in the future the invoice /// expires -/// -/// # Invariants -/// The number of seconds this expiry time represents has to be in the range -/// `0...(SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME)` to avoid overflows when adding it to a -/// timestamp #[derive(Clone, Debug, Hash, Eq, PartialEq)] pub struct ExpiryTime(Duration); @@ -470,7 +456,7 @@ pub enum Fallback { } /// Recoverable signature -#[derive(Clone, Debug, Eq, PartialEq)] +#[derive(Clone, Debug, Hash, Eq, PartialEq)] pub struct InvoiceSignature(pub RecoverableSignature); /// Private routing information @@ -556,10 +542,7 @@ impl InvoiceBui /// Sets the expiry time pub fn expiry_time(mut self, expiry_time: Duration) -> Self { - match ExpiryTime::from_duration(expiry_time) { - Ok(t) => self.tagged_fields.push(TaggedField::ExpiryTime(t)), - Err(e) => self.error = Some(e), - }; + self.tagged_fields.push(TaggedField::ExpiryTime(ExpiryTime::from_duration(expiry_time))); self } @@ -649,7 +632,7 @@ impl InvoiceBuilder InvoiceBuilder { match PositiveTimestamp::from_duration_since_epoch(time) { Ok(t) => self.timestamp = Some(t), @@ -679,9 +662,9 @@ impl InvoiceBuilder InvoiceBuilder { /// Sets the payment secret and relevant features. pub fn payment_secret(mut self, payment_secret: PaymentSecret) -> InvoiceBuilder { - let features = InvoiceFeatures::empty() - .set_variable_length_onion_required() - .set_payment_secret_required(); + let mut features = InvoiceFeatures::empty(); + features.set_variable_length_onion_required(); + features.set_payment_secret_required(); self.tagged_fields.push(TaggedField::PaymentSecret(payment_secret)); self.tagged_fields.push(TaggedField::Features(features)); self.set_flags() @@ -691,13 +674,11 @@ impl InvoiceBuilder InvoiceBuilder { /// Sets the `basic_mpp` feature as optional. pub fn basic_mpp(mut self) -> Self { - self.tagged_fields = self.tagged_fields - .drain(..) - .map(|field| match field { - TaggedField::Features(f) => TaggedField::Features(f.set_basic_mpp_optional()), - _ => field, - }) - .collect(); + for field in self.tagged_fields.iter_mut() { + if let TaggedField::Features(f) = field { + f.set_basic_mpp_optional(); + } + } self } } @@ -764,7 +745,7 @@ impl SignedRawInvoice { } /// The hash of the `RawInvoice` that was signed. - pub fn hash(&self) -> &[u8; 32] { + pub fn signable_hash(&self) -> &[u8; 32] { &self.hash } @@ -778,7 +759,7 @@ impl SignedRawInvoice { let hash = Message::from_slice(&self.hash[..]) .expect("Hash is 32 bytes long, same as MESSAGE_SIZE"); - Ok(PayeePubKey(Secp256k1::new().recover( + Ok(PayeePubKey(Secp256k1::new().recover_ecdsa( &hash, &self.signature )?)) @@ -805,7 +786,7 @@ impl SignedRawInvoice { .expect("Hash is 32 bytes long, same as MESSAGE_SIZE"); let secp_context = Secp256k1::new(); - let verification_result = secp_context.verify( + let verification_result = secp_context.verify_ecdsa( &hash, &self.signature.to_standard(), pub_key @@ -822,18 +803,15 @@ impl SignedRawInvoice { /// variant. If no element was found `None` gets returned. /// /// The following example would extract the first B. -/// ``` -/// use Enum::* /// /// enum Enum { /// A(u8), /// B(u16) /// } /// -/// let elements = vec![A(1), A(2), B(3), A(4)] +/// let elements = vec![Enum::A(1), Enum::A(2), Enum::B(3), Enum::A(4)]; /// -/// assert_eq!(find_extract!(elements.iter(), Enum::B(ref x), x), Some(3u16)) -/// ``` +/// assert_eq!(find_extract!(elements.iter(), Enum::B(x), x), Some(3u16)); macro_rules! find_extract { ($iter:expr, $enm:pat, $enm_var:ident) => { find_all_extract!($iter, $enm, $enm_var).next() @@ -844,20 +822,18 @@ macro_rules! find_extract { /// variant through an iterator. /// /// The following example would extract all A. -/// ``` -/// use Enum::* /// /// enum Enum { /// A(u8), /// B(u16) /// } /// -/// let elements = vec![A(1), A(2), B(3), A(4)] +/// let elements = vec![Enum::A(1), Enum::A(2), Enum::B(3), Enum::A(4)]; /// /// assert_eq!( -/// find_all_extract!(elements.iter(), Enum::A(ref x), x).collect::>(), -/// vec![1u8, 2u8, 4u8]) -/// ``` +/// find_all_extract!(elements.iter(), Enum::A(x), x).collect::>(), +/// vec![1u8, 2u8, 4u8] +/// ); macro_rules! find_all_extract { ($iter:expr, $enm:pat, $enm_var:ident) => { $iter.filter_map(|tf| match *tf { @@ -869,39 +845,16 @@ macro_rules! find_all_extract { #[allow(missing_docs)] impl RawInvoice { - /// Construct the invoice's HRP and signatureless data into a preimage to be hashed. - pub(crate) fn construct_invoice_preimage(hrp_bytes: &[u8], data_without_signature: &[u5]) -> Vec { - use bech32::FromBase32; - - let mut preimage = Vec::::from(hrp_bytes); - - let mut data_part = Vec::from(data_without_signature); - let overhang = (data_part.len() * 5) % 8; - if overhang > 0 { - // add padding if data does not end at a byte boundary - data_part.push(u5::try_from_u8(0).unwrap()); - - // if overhang is in (1..3) we need to add u5(0) padding two times - if overhang < 3 { - data_part.push(u5::try_from_u8(0).unwrap()); - } - } - - preimage.extend_from_slice(&Vec::::from_base32(&data_part) - .expect("No padding error may occur due to appended zero above.")); - preimage - } - /// Hash the HRP as bytes and signatureless data part. fn hash_from_parts(hrp_bytes: &[u8], data_without_signature: &[u5]) -> [u8; 32] { - let preimage = RawInvoice::construct_invoice_preimage(hrp_bytes, data_without_signature); + let preimage = construct_invoice_preimage(hrp_bytes, data_without_signature); let mut hash: [u8; 32] = Default::default(); hash.copy_from_slice(&sha256::Hash::hash(&preimage)[..]); hash } - /// Calculate the hash of the encoded `RawInvoice` - pub fn hash(&self) -> [u8; 32] { + /// Calculate the hash of the encoded `RawInvoice` which should be signed. + pub fn signable_hash(&self) -> [u8; 32] { use bech32::ToBase32; RawInvoice::hash_from_parts( @@ -919,7 +872,7 @@ impl RawInvoice { pub fn sign(self, sign_method: F) -> Result where F: FnOnce(&Message) -> Result { - let raw_hash = self.hash(); + let raw_hash = self.signable_hash(); let hash = Message::from_slice(&raw_hash[..]) .expect("Hash is 32 bytes long, same as MESSAGE_SIZE"); let signature = sign_method(&hash)?; @@ -1003,20 +956,17 @@ impl RawInvoice { } impl PositiveTimestamp { - /// Create a new `PositiveTimestamp` from a unix timestamp in the Range - /// `0...SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME`, otherwise return a - /// `CreationError::TimestampOutOfBounds`. + /// Creates a `PositiveTimestamp` from a Unix timestamp in the range `0..=MAX_TIMESTAMP`. + /// + /// Otherwise, returns a [`CreationError::TimestampOutOfBounds`]. pub fn from_unix_timestamp(unix_seconds: u64) -> Result { - if unix_seconds > SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME { - Err(CreationError::TimestampOutOfBounds) - } else { - Ok(PositiveTimestamp(Duration::from_secs(unix_seconds))) - } + Self::from_duration_since_epoch(Duration::from_secs(unix_seconds)) } - /// Create a new `PositiveTimestamp` from a `SystemTime` with a corresponding unix timestamp in - /// the range `0...SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME`, otherwise return a - /// `CreationError::TimestampOutOfBounds`. + /// Creates a `PositiveTimestamp` from a [`SystemTime`] with a corresponding Unix timestamp in + /// the range `0..=MAX_TIMESTAMP`. + /// + /// Otherwise, returns a [`CreationError::TimestampOutOfBounds`]. #[cfg(feature = "std")] pub fn from_system_time(time: SystemTime) -> Result { time.duration_since(SystemTime::UNIX_EPOCH) @@ -1024,28 +974,29 @@ impl PositiveTimestamp { .unwrap_or(Err(CreationError::TimestampOutOfBounds)) } - /// Create a new `PositiveTimestamp` from a `Duration` since the UNIX epoch in - /// the range `0...SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME`, otherwise return a - /// `CreationError::TimestampOutOfBounds`. + /// Creates a `PositiveTimestamp` from a [`Duration`] since the Unix epoch in the range + /// `0..=MAX_TIMESTAMP`. + /// + /// Otherwise, returns a [`CreationError::TimestampOutOfBounds`]. pub fn from_duration_since_epoch(duration: Duration) -> Result { - if duration.as_secs() <= SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME { + if duration.as_secs() <= MAX_TIMESTAMP { Ok(PositiveTimestamp(duration)) } else { Err(CreationError::TimestampOutOfBounds) } } - /// Returns the UNIX timestamp representing the stored time + /// Returns the Unix timestamp representing the stored time pub fn as_unix_timestamp(&self) -> u64 { self.0.as_secs() } - /// Returns the duration of the stored time since the UNIX epoch + /// Returns the duration of the stored time since the Unix epoch pub fn as_duration_since_epoch(&self) -> Duration { self.0 } - /// Returns the `SystemTime` representing the stored time + /// Returns the [`SystemTime`] representing the stored time #[cfg(feature = "std")] pub fn as_time(&self) -> SystemTime { SystemTime::UNIX_EPOCH + self.0 @@ -1202,7 +1153,7 @@ impl Invoice { self.signed_invoice.raw_invoice().data.timestamp.as_time() } - /// Returns the `Invoice`'s timestamp as a duration since the UNIX epoch + /// Returns the `Invoice`'s timestamp as a duration since the Unix epoch pub fn duration_since_epoch(&self) -> Duration { self.signed_invoice.raw_invoice().data.timestamp.0 } @@ -1275,9 +1226,11 @@ impl Invoice { } /// Returns whether the expiry time would pass at the given point in time. - /// `at_time` is the timestamp as a duration since the UNIX epoch. + /// `at_time` is the timestamp as a duration since the Unix epoch. pub fn would_expire(&self, at_time: Duration) -> bool { - self.duration_since_epoch() + self.expiry_time() < at_time + self.duration_since_epoch() + .checked_add(self.expiry_time()) + .unwrap_or_else(|| Duration::new(u64::max_value(), 1_000_000_000 - 1)) < at_time } /// Returns the invoice's `min_final_cltv_expiry` time, if present, otherwise @@ -1398,26 +1351,14 @@ impl Deref for PayeePubKey { } impl ExpiryTime { - /// Construct an `ExpiryTime` from seconds. If there exists a `PositiveTimestamp` which would - /// overflow on adding the `EpiryTime` to it then this function will return a - /// `CreationError::ExpiryTimeOutOfBounds`. - pub fn from_seconds(seconds: u64) -> Result { - if seconds <= MAX_EXPIRY_TIME { - Ok(ExpiryTime(Duration::from_secs(seconds))) - } else { - Err(CreationError::ExpiryTimeOutOfBounds) - } + /// Construct an `ExpiryTime` from seconds. + pub fn from_seconds(seconds: u64) -> ExpiryTime { + ExpiryTime(Duration::from_secs(seconds)) } - /// Construct an `ExpiryTime` from a `Duration`. If there exists a `PositiveTimestamp` which - /// would overflow on adding the `EpiryTime` to it then this function will return a - /// `CreationError::ExpiryTimeOutOfBounds`. - pub fn from_duration(duration: Duration) -> Result { - if duration.as_secs() <= MAX_EXPIRY_TIME { - Ok(ExpiryTime(duration)) - } else { - Err(CreationError::ExpiryTimeOutOfBounds) - } + /// Construct an `ExpiryTime` from a `Duration`. + pub fn from_duration(duration: Duration) -> ExpiryTime { + ExpiryTime(duration) } /// Returns the expiry time in seconds @@ -1486,14 +1427,17 @@ pub enum CreationError { /// The specified route has too many hops and can't be encoded RouteTooLong, - /// The unix timestamp of the supplied date is <0 or can't be represented as `SystemTime` + /// The Unix timestamp of the supplied date is less than zero or greater than 35-bits TimestampOutOfBounds, - /// The supplied expiry time could cause an overflow if added to a `PositiveTimestamp` - ExpiryTimeOutOfBounds, - /// The supplied millisatoshi amount was greater than the total bitcoin supply. InvalidAmount, + + /// Route hints were required for this invoice and were missing. Applies to + /// [phantom invoices]. + /// + /// [phantom invoices]: crate::utils::create_phantom_invoice + MissingRouteHints, } impl Display for CreationError { @@ -1501,9 +1445,9 @@ impl Display for CreationError { match self { CreationError::DescriptionTooLong => f.write_str("The supplied description string was longer than 639 bytes"), CreationError::RouteTooLong => f.write_str("The specified route has too many hops and can't be encoded"), - CreationError::TimestampOutOfBounds => f.write_str("The unix timestamp of the supplied date is <0 or can't be represented as `SystemTime`"), - CreationError::ExpiryTimeOutOfBounds => f.write_str("The supplied expiry time could cause an overflow if added to a `PositiveTimestamp`"), + CreationError::TimestampOutOfBounds => f.write_str("The Unix timestamp of the supplied date is less than zero or greater than 35-bits"), CreationError::InvalidAmount => f.write_str("The supplied millisatoshi amount was greater than the total bitcoin supply"), + CreationError::MissingRouteHints => f.write_str("The invoice required route hints and they weren't provided"), } } } @@ -1587,6 +1531,23 @@ impl Display for SignOrCreationError { } } +#[cfg(feature = "serde")] +impl Serialize for Invoice { + fn serialize(&self, serializer: S) -> Result where S: Serializer { + serializer.serialize_str(self.to_string().as_str()) + } +} +#[cfg(feature = "serde")] +impl<'de> Deserialize<'de> for Invoice { + fn deserialize(deserializer: D) -> Result where D: Deserializer<'de> { + let bolt11 = String::deserialize(deserializer)? + .parse::() + .map_err(|e| D::Error::custom(format!("{:?}", e)))?; + + Ok(bolt11) + } +} + #[cfg(test)] mod test { use bitcoin_hashes::hex::FromHex; @@ -1594,17 +1555,10 @@ mod test { #[test] fn test_system_time_bounds_assumptions() { - ::check_platform(); - assert_eq!( - ::PositiveTimestamp::from_unix_timestamp(::SYSTEM_TIME_MAX_UNIX_TIMESTAMP + 1), + ::PositiveTimestamp::from_unix_timestamp(::MAX_TIMESTAMP + 1), Err(::CreationError::TimestampOutOfBounds) ); - - assert_eq!( - ::ExpiryTime::from_seconds(::MAX_EXPIRY_TIME + 1), - Err(::CreationError::ExpiryTimeOutOfBounds) - ); } #[test] @@ -1637,15 +1591,15 @@ mod test { 0xd5, 0x18, 0xe1, 0xc9 ]; - assert_eq!(invoice.hash(), expected_hash) + assert_eq!(invoice.signable_hash(), expected_hash) } #[test] fn test_check_signature() { use TaggedField::*; use secp256k1::Secp256k1; - use secp256k1::recovery::{RecoveryId, RecoverableSignature}; - use secp256k1::key::{SecretKey, PublicKey}; + use secp256k1::ecdsa::{RecoveryId, RecoverableSignature}; + use secp256k1::{SecretKey, PublicKey}; use {SignedRawInvoice, InvoiceSignature, RawInvoice, RawHrp, RawDataPart, Currency, Sha256, PositiveTimestamp}; @@ -1703,7 +1657,7 @@ mod test { let (raw_invoice, _, _) = invoice.into_parts(); let new_signed = raw_invoice.sign::<_, ()>(|hash| { - Ok(Secp256k1::new().sign_recoverable(hash, &private_key)) + Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)) }).unwrap(); assert!(new_signed.check_signature()); @@ -1714,7 +1668,7 @@ mod test { use TaggedField::*; use lightning::ln::features::InvoiceFeatures; use secp256k1::Secp256k1; - use secp256k1::key::SecretKey; + use secp256k1::SecretKey; use {RawInvoice, RawHrp, RawDataPart, Currency, Sha256, PositiveTimestamp, Invoice, SemanticError}; @@ -1745,7 +1699,7 @@ mod test { let invoice = { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::InvalidFeatures)); @@ -1754,23 +1708,26 @@ mod test { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); invoice.data.tagged_fields.push(Features(InvoiceFeatures::empty()).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::InvalidFeatures)); + let mut payment_secret_features = InvoiceFeatures::empty(); + payment_secret_features.set_payment_secret_required(); + // Including payment secret and feature bits let invoice = { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); - invoice.data.tagged_fields.push(Features(InvoiceFeatures::known()).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.data.tagged_fields.push(Features(payment_secret_features.clone()).into()); + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert!(Invoice::from_signed(invoice).is_ok()); // No payment secret or features let invoice = { let invoice = invoice_template.clone(); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret)); @@ -1778,15 +1735,15 @@ mod test { let invoice = { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(Features(InvoiceFeatures::empty()).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret)); // Missing payment secret let invoice = { let mut invoice = invoice_template.clone(); - invoice.data.tagged_fields.push(Features(InvoiceFeatures::known()).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.data.tagged_fields.push(Features(payment_secret_features).into()); + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret)); @@ -1795,7 +1752,7 @@ mod test { let mut invoice = invoice_template.clone(); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into()); - invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key))) + invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))) }.unwrap(); assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::MultiplePaymentSecrets)); } @@ -1832,7 +1789,7 @@ mod test { use ::*; use lightning::routing::router::RouteHintHop; use std::iter::FromIterator; - use secp256k1::key::PublicKey; + use secp256k1::PublicKey; let builder = InvoiceBuilder::new(Currency::Bitcoin) .payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap()) @@ -1886,7 +1843,7 @@ mod test { use ::*; use lightning::routing::router::RouteHintHop; use secp256k1::Secp256k1; - use secp256k1::key::{SecretKey, PublicKey}; + use secp256k1::{SecretKey, PublicKey}; use std::time::{UNIX_EPOCH, Duration}; let secp_ctx = Secp256k1::new(); @@ -1965,7 +1922,7 @@ mod test { .basic_mpp(); let invoice = builder.clone().build_signed(|hash| { - secp_ctx.sign_recoverable(hash, &private_key) + secp_ctx.sign_ecdsa_recoverable(hash, &private_key) }).unwrap(); assert!(invoice.check_signature().is_ok()); @@ -1990,7 +1947,12 @@ mod test { ); assert_eq!(invoice.payment_hash(), &sha256::Hash::from_slice(&[21;32][..]).unwrap()); assert_eq!(invoice.payment_secret(), &PaymentSecret([42; 32])); - assert_eq!(invoice.features(), Some(&InvoiceFeatures::known())); + + let mut expected_features = InvoiceFeatures::empty(); + expected_features.set_variable_length_onion_required(); + expected_features.set_payment_secret_required(); + expected_features.set_basic_mpp_optional(); + assert_eq!(invoice.features(), Some(&expected_features)); let raw_invoice = builder.build_raw().unwrap(); assert_eq!(raw_invoice, *invoice.into_signed_raw().raw_invoice()) @@ -2000,7 +1962,7 @@ mod test { fn test_default_values() { use ::*; use secp256k1::Secp256k1; - use secp256k1::key::SecretKey; + use secp256k1::SecretKey; let signed_invoice = InvoiceBuilder::new(Currency::Bitcoin) .description("Test".into()) @@ -2012,7 +1974,7 @@ mod test { .sign::<_, ()>(|hash| { let privkey = SecretKey::from_slice(&[41; 32]).unwrap(); let secp_ctx = Secp256k1::new(); - Ok(secp_ctx.sign_recoverable(hash, &privkey)) + Ok(secp_ctx.sign_ecdsa_recoverable(hash, &privkey)) }) .unwrap(); let invoice = Invoice::from_signed(signed_invoice).unwrap(); @@ -2026,7 +1988,7 @@ mod test { fn test_expiration() { use ::*; use secp256k1::Secp256k1; - use secp256k1::key::SecretKey; + use secp256k1::SecretKey; let signed_invoice = InvoiceBuilder::new(Currency::Bitcoin) .description("Test".into()) @@ -2038,11 +2000,33 @@ mod test { .sign::<_, ()>(|hash| { let privkey = SecretKey::from_slice(&[41; 32]).unwrap(); let secp_ctx = Secp256k1::new(); - Ok(secp_ctx.sign_recoverable(hash, &privkey)) + Ok(secp_ctx.sign_ecdsa_recoverable(hash, &privkey)) }) .unwrap(); let invoice = Invoice::from_signed(signed_invoice).unwrap(); assert!(invoice.would_expire(Duration::from_secs(1234567 + DEFAULT_EXPIRY_TIME + 1))); } + + #[cfg(feature = "serde")] + #[test] + fn test_serde() { + let invoice_str = "lnbc100p1psj9jhxdqud3jxktt5w46x7unfv9kz6mn0v3jsnp4q0d3p2sfluzdx45tqcs\ + h2pu5qc7lgq0xs578ngs6s0s68ua4h7cvspp5q6rmq35js88zp5dvwrv9m459tnk2zunwj5jalqtyxqulh0l\ + 5gflssp5nf55ny5gcrfl30xuhzj3nphgj27rstekmr9fw3ny5989s300gyus9qyysgqcqpcrzjqw2sxwe993\ + h5pcm4dxzpvttgza8zhkqxpgffcrf5v25nwpr3cmfg7z54kuqq8rgqqqqqqqq2qqqqq9qq9qrzjqd0ylaqcl\ + j9424x9m8h2vcukcgnm6s56xfgu3j78zyqzhgs4hlpzvznlugqq9vsqqqqqqqlgqqqqqeqq9qrzjqwldmj9d\ + ha74df76zhx6l9we0vjdquygcdt3kssupehe64g6yyp5yz5rhuqqwccqqyqqqqlgqqqqjcqq9qrzjqf9e58a\ + guqr0rcun0ajlvmzq3ek63cw2w282gv3z5uupmuwvgjtq2z55qsqqg6qqqyqqqrtnqqqzq3cqygrzjqvphms\ + ywntrrhqjcraumvc4y6r8v4z5v593trte429v4hredj7ms5z52usqq9ngqqqqqqqlgqqqqqqgq9qrzjq2v0v\ + p62g49p7569ev48cmulecsxe59lvaw3wlxm7r982zxa9zzj7z5l0cqqxusqqyqqqqlgqqqqqzsqygarl9fh3\ + 8s0gyuxjjgux34w75dnc6xp2l35j7es3jd4ugt3lu0xzre26yg5m7ke54n2d5sym4xcmxtl8238xxvw5h5h5\ + j5r6drg6k6zcqj0fcwg"; + let invoice = invoice_str.parse::().unwrap(); + let serialized_invoice = serde_json::to_string(&invoice).unwrap(); + let deserialized_invoice: super::Invoice = serde_json::from_str(serialized_invoice.as_str()).unwrap(); + assert_eq!(invoice, deserialized_invoice); + assert_eq!(invoice_str, deserialized_invoice.to_string().as_str()); + assert_eq!(invoice_str, serialized_invoice.as_str().trim_matches('\"')); + } }