From caed31a1e65d1c605dc8beecb8ffa90f05b492db Mon Sep 17 00:00:00 2001 From: "Dr. Maxim Orlovsky" Date: Tue, 21 Jul 2020 13:48:37 +0200 Subject: [PATCH] Test cases for message encryption/decryption size limits --- lightning/src/ln/peer_channel_encryptor.rs | 36 ++++++++++++++++++++++ lightning/src/ln/wire.rs | 8 ++++- 2 files changed, 43 insertions(+), 1 deletion(-) diff --git a/lightning/src/ln/peer_channel_encryptor.rs b/lightning/src/ln/peer_channel_encryptor.rs index 9f6797591..a4d51fcf7 100644 --- a/lightning/src/ln/peer_channel_encryptor.rs +++ b/lightning/src/ln/peer_channel_encryptor.rs @@ -468,6 +468,8 @@ impl PeerChannelEncryptor { #[cfg(test)] mod tests { + use super::LN_MAX_MSG_LEN; + use bitcoin::secp256k1::key::{PublicKey,SecretKey}; use hex; @@ -714,4 +716,38 @@ mod tests { } } } + + #[test] + #[should_panic(expected = "Attempted to encrypt message longer than 65535 bytes!")] + fn max_message_len_encryption() { + let mut outbound_peer = get_outbound_peer_for_initiator_test_vectors(); + let msg = [4u8; LN_MAX_MSG_LEN + 1]; + outbound_peer.encrypt_message(&msg); + } + + #[test] + #[should_panic(expected = "Attempted to decrypt message longer than 65535 + 16 bytes!")] + fn max_message_len_decryption() { + let mut inbound_peer; + + { + // transport-responder successful handshake + let our_node_id = SecretKey::from_slice(&hex::decode("2121212121212121212121212121212121212121212121212121212121212121").unwrap()[..]).unwrap(); + let our_ephemeral = SecretKey::from_slice(&hex::decode("2222222222222222222222222222222222222222222222222222222222222222").unwrap()[..]).unwrap(); + + inbound_peer = PeerChannelEncryptor::new_inbound(&our_node_id); + + let act_one = hex::decode("00036360e856310ce5d294e8be33fc807077dc56ac80d95d9cd4ddbd21325eff73f70df6086551151f58b8afe6c195782c6a").unwrap().to_vec(); + assert_eq!(inbound_peer.process_act_one_with_keys(&act_one[..], &our_node_id, our_ephemeral.clone()).unwrap()[..], hex::decode("0002466d7fcae563e5cb09a0d1870bb580344804617879a14949cf22285f1bae3f276e2470b93aac583c9ef6eafca3f730ae").unwrap()[..]); + + let act_three = hex::decode("00b9e3a702e93e3a9948c2ed6e5fd7590a6e1c3a0344cfc9d5b57357049aa22355361aa02e55a8fc28fef5bd6d71ad0c38228dc68b1c466263b47fdf31e560e139ba").unwrap().to_vec(); + // test vector doesn't specify the initiator static key, but it's the same as the one + // from transport-initiator successful handshake + assert_eq!(inbound_peer.process_act_three(&act_three[..]).unwrap().serialize()[..], hex::decode("034f355bdcb7cc0af728ef3cceb9615d90684bb5b2ca5f859ab0f0b704075871aa").unwrap()[..]); + } + + // MSG should not exceed LN_MAX_MSG_LEN + 16 + let msg = [4u8; LN_MAX_MSG_LEN + 17]; + inbound_peer.decrypt_message(&msg).unwrap(); + } } diff --git a/lightning/src/ln/wire.rs b/lightning/src/ln/wire.rs index 42889ce03..dc09bbe23 100644 --- a/lightning/src/ln/wire.rs +++ b/lightning/src/ln/wire.rs @@ -21,7 +21,7 @@ use util::ser::{Readable, Writeable, Writer}; /// "The maximum size of any Lightning message MUST NOT exceed 65535 bytes. /// A maximum size of 65535 simplifies testing, makes memory management easier, /// and helps mitigate memory-exhaustion attacks." -pub const LN_MAX_MSG_LEN: usize = 65535; +pub const LN_MAX_MSG_LEN: usize = std::u16::MAX as usize; // Must be equal to 65535 /// A Lightning message returned by [`read`] when decoding bytes received over the wire. Each /// variant contains a message from [`ln::msgs`] or otherwise the message type if unknown. @@ -318,6 +318,12 @@ mod tests { // Big-endian wire encoding of Pong message (type = 19, byteslen = 2). const ENCODED_PONG: [u8; 6] = [0u8, 19u8, 0u8, 2u8, 0u8, 0u8]; + #[test] + fn max_msg_len() { + assert_eq!(LN_MAX_MSG_LEN, 65535); + assert_eq!(LN_MAX_MSG_LEN, std::u16::MAX as usize); + } + #[test] fn read_empty_buffer() { let buffer = []; -- 2.39.5