X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=src%2Fln%2Fchannel.rs;h=6c6dacc84c3821c2285b0156a62498dc068b6a49;hb=ab56b81acd9da3a697dfc37fc4cb43cd8fbb1a2c;hp=ef73db8eb813b2dea164cc00a4b245924c1898a1;hpb=f47ba769f544c4fd2e2d1aa0bd5b1fa74ae15daa;p=rust-lightning

diff --git a/src/ln/channel.rs b/src/ln/channel.rs
index ef73db8e..6c6dacc8 100644
--- a/src/ln/channel.rs
+++ b/src/ln/channel.rs
@@ -13,7 +13,6 @@ use secp256k1;
 
 use crypto::digest::Digest;
 use crypto::hkdf::{hkdf_extract,hkdf_expand};
-use crypto::sha2::Sha256;
 
 use ln::msgs;
 use ln::msgs::{HandleError, MsgEncodable};
@@ -22,9 +21,8 @@ use ln::channelmanager::PendingForwardHTLCInfo;
 use ln::chan_utils::{TxCreationKeys,HTLCOutputInCommitment};
 use ln::chan_utils;
 use chain::chaininterface::{FeeEstimator,ConfirmationTarget};
-use util::transaction_utils;
-
-use rand::{thread_rng,Rng};
+use util::{transaction_utils,rng};
+use util::sha2::Sha256;
 
 use std::default::Default;
 use std::cmp;
@@ -43,34 +41,33 @@ pub struct ChannelKeys {
 
 impl ChannelKeys {
 	pub fn new_from_seed(seed: &[u8; 32]) -> Result<ChannelKeys, secp256k1::Error> {
-		let sha = Sha256::new();
 		let mut prk = [0; 32];
-		hkdf_extract(sha, b"rust-lightning key gen salt", seed, &mut prk);
+		hkdf_extract(Sha256::new(), b"rust-lightning key gen salt", seed, &mut prk);
 		let secp_ctx = Secp256k1::new();
 
 		let mut okm = [0; 32];
-		hkdf_expand(sha, &prk, b"rust-lightning funding key info", &mut okm);
+		hkdf_expand(Sha256::new(), &prk, b"rust-lightning funding key info", &mut okm);
 		let funding_key = SecretKey::from_slice(&secp_ctx, &okm)?;
 
-		hkdf_expand(sha, &prk, b"rust-lightning revocation base key info", &mut okm);
+		hkdf_expand(Sha256::new(), &prk, b"rust-lightning revocation base key info", &mut okm);
 		let revocation_base_key = SecretKey::from_slice(&secp_ctx, &okm)?;
 
-		hkdf_expand(sha, &prk, b"rust-lightning payment base key info", &mut okm);
+		hkdf_expand(Sha256::new(), &prk, b"rust-lightning payment base key info", &mut okm);
 		let payment_base_key = SecretKey::from_slice(&secp_ctx, &okm)?;
 
-		hkdf_expand(sha, &prk, b"rust-lightning delayed payment base key info", &mut okm);
+		hkdf_expand(Sha256::new(), &prk, b"rust-lightning delayed payment base key info", &mut okm);
 		let delayed_payment_base_key = SecretKey::from_slice(&secp_ctx, &okm)?;
 
-		hkdf_expand(sha, &prk, b"rust-lightning htlc base key info", &mut okm);
+		hkdf_expand(Sha256::new(), &prk, b"rust-lightning htlc base key info", &mut okm);
 		let htlc_base_key = SecretKey::from_slice(&secp_ctx, &okm)?;
 
-		hkdf_expand(sha, &prk, b"rust-lightning channel close key info", &mut okm);
+		hkdf_expand(Sha256::new(), &prk, b"rust-lightning channel close key info", &mut okm);
 		let channel_close_key = SecretKey::from_slice(&secp_ctx, &okm)?;
 
-		hkdf_expand(sha, &prk, b"rust-lightning channel monitor claim key info", &mut okm);
+		hkdf_expand(Sha256::new(), &prk, b"rust-lightning channel monitor claim key info", &mut okm);
 		let channel_monitor_claim_key = SecretKey::from_slice(&secp_ctx, &okm)?;
 
-		hkdf_expand(sha, &prk, b"rust-lightning local commitment seed info", &mut okm);
+		hkdf_expand(Sha256::new(), &prk, b"rust-lightning local commitment seed info", &mut okm);
 
 		Ok(ChannelKeys {
 			funding_key: funding_key,
@@ -275,12 +272,11 @@ impl Channel {
 			panic!("funding value > 2^24");
 		}
 
-		let mut rng = thread_rng();
 		let feerate = fee_estimator.get_est_sat_per_vbyte(ConfirmationTarget::Normal);
 		let background_feerate = fee_estimator.get_est_sat_per_vbyte(ConfirmationTarget::Background);
 
 		let mut key_seed = [0u8; 32];
-		rng.fill_bytes(&mut key_seed);
+		rng::fill_bytes(&mut key_seed);
 		let chan_keys = match ChannelKeys::new_from_seed(&key_seed) {
 			Ok(key) => key,
 			Err(_) => panic!("RNG is busted!")
@@ -297,7 +293,7 @@ impl Channel {
 		Channel {
 			user_id: user_id,
 
-			channel_id: Uint256([rng.gen(), rng.gen(), rng.gen(), rng.gen()]),
+			channel_id: rng::rand_uint256(),
 			channel_state: ChannelState::OurInitSent as u32,
 			channel_outbound: true,
 			secp_ctx: secp_ctx,
@@ -367,7 +363,9 @@ impl Channel {
 		if msg.push_msat > (msg.funding_satoshis - msg.channel_reserve_satoshis) * 1000 {
 			return Err(HandleError{err: "push_msat more than highest possible value", msg: None});
 		}
-		//TODO Check if dust_limit is sane?
+		if msg.dust_limit_satoshis > 21000000 * 100000000 {
+			return Err(HandleError{err: "Peer never wants payout outputs?", msg: None});
+		}
 		if msg.max_htlc_value_in_flight_msat > msg.funding_satoshis * 1000 {
 			return Err(HandleError{err: "Bogus max_htlc_value_in_flight_satoshis", msg: None});
 		}
@@ -391,9 +389,8 @@ impl Channel {
 
 		let background_feerate = fee_estimator.get_est_sat_per_vbyte(ConfirmationTarget::Background);
 
-		let mut rng = thread_rng();
 		let mut key_seed = [0u8; 32];
-		rng.fill_bytes(&mut key_seed);
+		rng::fill_bytes(&mut key_seed);
 		let chan_keys = match ChannelKeys::new_from_seed(&key_seed) {
 			Ok(key) => key,
 			Err(_) => panic!("RNG is busted!")
@@ -827,13 +824,15 @@ impl Channel {
 
 	pub fn accept_channel(&mut self, msg: &msgs::AcceptChannel) -> Result<(), HandleError> {
 		// Check sanity of message fields:
-		//TODO Check if dust_limit is sane?
 		if !self.channel_outbound {
 			return Err(HandleError{err: "Got an accept_channel message from an inbound peer", msg: None});
 		}
 		if self.channel_state != ChannelState::OurInitSent as u32 {
 			return Err(HandleError{err: "Got an accept_channel message at a strange time", msg: None});
 		}
+		if msg.dust_limit_satoshis > 21000000 * 100000000 {
+			return Err(HandleError{err: "Peer never wants payout outputs?", msg: None});
+		}
 		if msg.max_htlc_value_in_flight_msat > self.channel_value_satoshis * 1000 {
 			return Err(HandleError{err: "Bogus max_htlc_value_in_flight_satoshis", msg: None});
 		}
@@ -1013,8 +1012,10 @@ impl Channel {
 		if htlc_inbound_value_msat + msg.amount_msat > Channel::get_our_max_htlc_value_in_flight_msat(self.channel_value_satoshis) {
 			return Err(HandleError{err: "Remote HTLC add would put them over their max HTLC value in flight", msg: None});
 		}
-		// Check our_channel_reserve_satoshis:
-		if htlc_inbound_value_msat + htlc_outbound_value_msat + msg.amount_msat > (self.channel_value_satoshis - Channel::get_our_channel_reserve_satoshis(self.channel_value_satoshis)) * 1000 {
+		// Check our_channel_reserve_satoshis (we're getting paid, so they have to at least meet
+		// the reserve_satoshis we told them to always have as direct payment so that they lose
+		// something if we punish them for broadcasting an old state).
+		if htlc_inbound_value_msat + htlc_outbound_value_msat + msg.amount_msat + self.value_to_self_msat > (self.channel_value_satoshis - Channel::get_our_channel_reserve_satoshis(self.channel_value_satoshis)) * 1000 {
 			return Err(HandleError{err: "Remote HTLC add would put them over their reserve value", msg: None});
 		}
 		if self.next_remote_htlc_id != msg.htlc_id {
@@ -1592,7 +1593,7 @@ impl Channel {
 			return Err(HandleError{err: "Cannot send value that would put us over our max HTLC value in flight", msg: None});
 		}
 		// Check their_channel_reserve_satoshis:
-		if htlc_outbound_value_msat + amount_msat > (self.channel_value_satoshis - self.their_channel_reserve_satoshis) * 1000 - htlc_inbound_value_msat {
+		if htlc_inbound_value_msat + htlc_outbound_value_msat + amount_msat + (self.channel_value_satoshis * 1000 - self.value_to_self_msat) > (self.channel_value_satoshis - self.their_channel_reserve_satoshis) * 1000 {
 			return Err(HandleError{err: "Cannot send value that would put us over our reserve value", msg: None});
 		}