diff --git a/common/sphinx.c b/common/sphinx.c index 58005b905..02442e24d 100644 --- a/common/sphinx.c +++ b/common/sphinx.c @@ -438,12 +438,17 @@ static void deserialize_hop_data(struct hop_data *data, const u8 *src) data->outgoing_cltv = fromwire_u32(&cursor, &max); } -static void sphinx_write_frame(u8 *dest, const struct sphinx_hop *hop) +static bool sphinx_write_frame(u8 *dest, const struct sphinx_hop *hop) { size_t raw_size = tal_bytelen(hop->payload); size_t hop_size = sphinx_hop_size(hop); + size_t padding_size; int pos = 0; - memset(dest, 0, hop_size); + +#if !EXPERIMENTAL_FEATURES + if (hop->realm != 0x00) + return false; +#endif /* Backwards compatibility for the legacy hop_data format. */ if (hop->realm == 0x00) @@ -452,12 +457,26 @@ static void sphinx_write_frame(u8 *dest, const struct sphinx_hop *hop) pos += varint_put(dest+pos, raw_size); memcpy(dest + pos, hop->payload, raw_size); - memcpy(dest + hop_size - HMAC_SIZE, hop->hmac, HMAC_SIZE); + pos += raw_size; + + padding_size = hop_size - pos - HMAC_SIZE; + memset(dest + pos, 0, padding_size); + pos += padding_size; + + memcpy(dest + pos, hop->hmac, HMAC_SIZE); + assert(pos + HMAC_SIZE == hop_size); + return true; } static void sphinx_parse_payload(struct route_step *step, const u8 *src) { size_t hop_size, raw_size, vsize; +#if !EXPERIMENTAL_FEATURES + if (src[0] != 0x00) { + step->type = SPHINX_INVALID_PAYLOAD; + return; + } +#endif /* Legacy hop_data support */ if (src[0] == 0x00) { @@ -527,8 +546,11 @@ struct onionpacket *create_onionpacket( size_t shiftSize = sphinx_hop_size(&sp->hops[i]); memmove(packet->routinginfo + shiftSize, packet->routinginfo, ROUTING_INFO_SIZE-shiftSize); - sphinx_write_frame(packet->routinginfo, &sp->hops[i]); - + if (!sphinx_write_frame(packet->routinginfo, &sp->hops[i])) { + tal_free(packet); + tal_free(secrets); + return NULL; + } xorbytes(packet->routinginfo, packet->routinginfo, stream, ROUTING_INFO_SIZE); if (i == num_hops - 1) { diff --git a/common/sphinx.h b/common/sphinx.h index 461f8d7cc..3730c0ea6 100644 --- a/common/sphinx.h +++ b/common/sphinx.h @@ -21,6 +21,12 @@ #define ROUTING_INFO_SIZE (FRAME_SIZE * NUM_MAX_FRAMES) #define TOTAL_PACKET_SIZE (VERSION_SIZE + PUBKEY_SIZE + HMAC_SIZE + ROUTING_INFO_SIZE) +#if EXPERIMENTAL_FEATURES +#define MAX_FRAMES_PER_HOP (1 << 4) +#else +#define MAX_FRAMES_PER_HOP 1 +#endif + struct onionpacket { /* Cleartext information */ u8 version; @@ -87,6 +93,7 @@ struct hop_data { enum sphinx_payload_type { SPHINX_V0_PAYLOAD = 0, + SPHINX_INVALID_PAYLOAD = 254, SPHINX_RAW_PAYLOAD = 255, }; diff --git a/common/test/onion-test-v0.json b/common/test/onion-test-v0.json new file mode 100644 index 000000000..5f3b34fa4 --- /dev/null +++ b/common/test/onion-test-v0.json @@ -0,0 +1,42 @@ +{ + "comment": "This is a simple testcase in which we only use v0 payloads, and all hops have single frame payloads", + "generate": { + "session_key": "4141414141414141414141414141414141414141414141414141414141414141", + "associated_data": "4242424242424242424242424242424242424242424242424242424242424242", + "hops": [ + { + "realm": 0, + "pubkey": "02eec7245d6b7d2ccb30380bfbe2a3648cd7a942653f5aa340edcea1f283686619", + "payload": "0000000000000000000000000000000000000000000000000000000000000000" + }, + { + "realm": 0, + "pubkey": "0324653eac434488002cc06bbfb7f10fe18991e35f9fe4302dbea6d2353dc0ab1c", + "payload": "0101010101010101000000000000000100000001000000000000000000000000" + }, + { + "realm": 0, + "pubkey": "027f31ebc5462c1fdce1b737ecff52d37d75dea43ce11c74d25aa297165faa2007", + "payload": "0202020202020202000000000000000200000002000000000000000000000000" + }, + { + "realm": 0, + "pubkey": "032c0b7cf95324a07d05398b240174dc0c2be444d96b159aa6c7f7b1e668680991", + "payload": "0303030303030303000000000000000300000003000000000000000000000000" + }, + { + "realm": 0, + "pubkey": "02edabbd16b41c8371b92ef2f04c1185b4f03b6dcd52ba9b78d9d7c89c8f221145", + "payload": "0404040404040404000000000000000400000004000000000000000000000000" + } + ] + }, + "onion": "0002eec7245d6b7d2ccb30380bfbe2a3648cd7a942653f5aa340edcea1f283686619e5f14350c2a76fc232b5e46d421e9615471ab9e0bc887beff8c95fdb878f7b3a71da571226458c510bbadd1276f045c21c520a07d35da256ef75b4367962437b0dd10f7d61ab590531cf08000178a333a347f8b4072e216400406bdf3bf038659793a86cae5f52d32f3438527b47a1cfc54285a8afec3a4c9f3323db0c946f5d4cb2ce721caad69320c3a469a202f3e468c67eaf7a7cda226d0fd32f7b48084dca885d15222e60826d5d971f64172d98e0760154400958f00e86697aa1aa9d41bee8119a1ec866abe044a9ad635778ba61fc0776dc832b39451bd5d35072d2269cf9b040d6ba38b54ec35f81d7fc67678c3be47274f3c4cc472aff005c3469eb3bc140769ed4c7f0218ff8c6c7dd7221d189c65b3b9aaa71a01484b122846c7c7b57e02e679ea8469b70e14fe4f70fee4d87b910cf144be6fe48eef24da475c0b0bcc6565ae82cd3f4e3b24c76eaa5616c6111343306ab35c1fe5ca4a77c0e314ed7dba39d6f1e0de791719c241a939cc493bea2bae1c1e932679ea94d29084278513c77b899cc98059d06a27d171b0dbdf6bee13ddc4fc17a0c4d2827d488436b57baa167544138ca2e64a11b43ac8a06cd0c2fba2d4d900ed2d9205305e2d7383cc98dacb078133de5f6fb6bed2ef26ba92cea28aafc3b9948dd9ae5559e8bd6920b8cea462aa445ca6a95e0e7ba52961b181c79e73bd581821df2b10173727a810c92b83b5ba4a0403eb710d2ca10689a35bec6c3a708e9e92f7d78ff3c5d9989574b00c6736f84c199256e76e19e78f0c98a9d580b4a658c84fc8f2096c2fbea8f5f8c59d0fdacb3be2802ef802abbecb3aba4acaac69a0e965abd8981e9896b1f6ef9d60f7a164b371af869fd0e48073742825e9434fc54da837e120266d53302954843538ea7c6c3dbfb4ff3b2fdbe244437f2a153ccf7bdb4c92aa08102d4f3cff2ae5ef86fab4653595e6a5837fa2f3e29f27a9cde5966843fb847a4a61f1e76c281fe8bb2b0a181d096100db5a1a5ce7a910238251a43ca556712eaadea167fb4d7d75825e440f3ecd782036d7574df8bceacb397abefc5f5254d2722215c53ff54af8299aaaad642c6d72a14d27882d9bbd539e1cc7a527526ba89b8c037ad09120e98ab042d3e8652b31ae0e478516bfaf88efca9f3676ffe99d2819dcaeb7610a626695f53117665d267d3f7abebd6bbd6733f645c72c389f03855bdf1e4b8075b516569b118233a0f0971d24b83113c0b096f5216a207ca99a7cddc81c130923fe3d91e7508c9ac5f2e914ff5dccab9e558566fa14efb34ac98d878580814b94b73acbfde9072f30b881f7f0fff42d4045d1ace6322d86a97d164aa84d93a60498065cc7c20e636f5862dc81531a88c60305a2e59a985be327a6902e4bed986dbf4a0b50c217af0ea7fdf9ab37f9ea1a1aaa72f54cf40154ea9b269f1a7c09f9f43245109431a175d50e2db0132337baa0ef97eed0fcf20489da36b79a1172faccc2f7ded7c60e00694282d93359c4682135642bc81f433574aa8ef0c97b4ade7ca372c5ffc23c7eddd839bab4e0f14d6df15c9dbeab176bec8b5701cf054eb3072f6dadc98f88819042bf10c407516ee58bce33fbe3b3d86a54255e577db4598e30a135361528c101683a5fcde7e8ba53f3456254be8f45fe3a56120ae96ea3773631fcb3873aa3abd91bcff00bd38bd43697a2e789e00da6077482e7b1b1a677b5afae4c54e6cbdf7377b694eb7d7a5b913476a5be923322d3de06060fd5e819635232a2cf4f0731da13b8546d1d6d4f8d75b9fce6c2341a71b0ea6f780df54bfdb0dd5cd9855179f602f917265f21f9190c70217774a6fbaaa7d63ad64199f4664813b955cff954949076dcf", + "decode": [ + "4141414141414141414141414141414141414141414141414141414141414141", + "4242424242424242424242424242424242424242424242424242424242424242", + "4343434343434343434343434343434343434343434343434343434343434343", + "4444444444444444444444444444444444444444444444444444444444444444", + "4545454545454545454545454545454545454545454545454545454545454545" + ] +} diff --git a/devtools/Makefile b/devtools/Makefile index 5defe65b0..13c45c2aa 100644 --- a/devtools/Makefile +++ b/devtools/Makefile @@ -17,6 +17,8 @@ DEVTOOLS_COMMON_OBJS := \ common/hash_u5.o \ common/node_id.o \ common/per_peer_state.o \ + common/json.o \ + common/json_helpers.o \ common/type_to_string.o \ common/utils.o \ common/version.o \ diff --git a/devtools/onion.c b/devtools/onion.c index 6b4ff6b0b..427a9fcaf 100644 --- a/devtools/onion.c +++ b/devtools/onion.c @@ -4,9 +4,14 @@ #include #include #include +#include +#include #include +#include +#include #include #include +#include #include #include #include @@ -20,7 +25,7 @@ static void do_generate(int argc, char **argv, const u8 assocdata[ASSOC_DATA_SIZE]) { const tal_t *ctx = talz(NULL, tal_t); - int num_hops = argc - 1; + int num_hops = argc - 2; struct pubkey *path = tal_arr(ctx, struct pubkey, num_hops); u8 rawpubkey[PUBKEY_LEN], rawprivkey[PRIVKEY_LEN]; struct secret session_key; @@ -118,24 +123,41 @@ static void do_generate(int argc, char **argv, tal_free(ctx); } -static void do_decode(int argc, char **argv, const u8 assocdata[ASSOC_DATA_SIZE]) +static struct route_step *decode_with_privkey(const tal_t *ctx, const u8 *onion, char *hexprivkey, const u8 *assocdata) { - struct route_step *step; - struct onionpacket *msg; struct privkey seckey; + struct route_step *step; + struct onionpacket *packet; + enum onion_type why_bad; + u8 shared_secret[32]; + if (!hex_decode(hexprivkey, strlen(hexprivkey), &seckey, sizeof(seckey))) + errx(1, "Invalid private key hex '%s'", hexprivkey); + + packet = parse_onionpacket(ctx, onion, TOTAL_PACKET_SIZE, &why_bad); + + if (!packet) + errx(1, "Error parsing message: %s", onion_type_name(why_bad)); + + if (!onion_shared_secret(shared_secret, packet, &seckey)) + errx(1, "Error creating shared secret."); + + step = process_onionpacket(ctx, packet, shared_secret, assocdata, + tal_bytelen(assocdata)); + return step; + +} + +static void do_decode(int argc, char **argv, const u8 assocdata[ASSOC_DATA_SIZE]) +{ const tal_t *ctx = talz(NULL, tal_t); u8 serialized[TOTAL_PACKET_SIZE]; + struct route_step *step; char hextemp[2 * sizeof(serialized)]; memset(hextemp, 0, sizeof(hextemp)); - u8 shared_secret[32]; - enum onion_type why_bad; - if (argc != 2) + if (argc != 3) opt_usage_exit_fail("Expect a privkey with --decode"); - if (!hex_decode(argv[1], strlen(argv[1]), &seckey, sizeof(seckey))) - errx(1, "Invalid private key hex '%s'", argv[1]); - if (!read_all(STDIN_FILENO, hextemp, sizeof(hextemp))) errx(1, "Reading in onion"); @@ -143,16 +165,7 @@ static void do_decode(int argc, char **argv, const u8 assocdata[ASSOC_DATA_SIZE] errx(1, "Invalid onion hex '%s'", hextemp); } - msg = parse_onionpacket(ctx, serialized, sizeof(serialized), &why_bad); - - if (!msg) - errx(1, "Error parsing message: %s", onion_type_name(why_bad)); - - if (!onion_shared_secret(shared_secret, msg, &seckey)) - errx(1, "Error creating shared secret."); - - step = process_onionpacket(ctx, msg, shared_secret, - assocdata, ASSOC_DATA_SIZE); + step = decode_with_privkey(ctx, serialized, tal_strdup(ctx, argv[2]), assocdata); if (!step || !step->next) errx(1, "Error processing message."); @@ -179,37 +192,160 @@ static void opt_show_ad(char buf[OPT_SHOW_LEN], const u8 *assocdata) hex_encode(assocdata, ASSOC_DATA_SIZE, buf, OPT_SHOW_LEN); } +/** + * Run an onion encoding/decoding unit-test from a file + */ +static void runtest(const char *filename) +{ + const tal_t *ctx = tal(NULL, u8); + bool valid; + char *buffer = grab_file(ctx, filename); + const jsmntok_t *toks, *session_key_tok, *associated_data_tok, *gentok, + *hopstok, *hop, *payloadtok, *pubkeytok, *realmtok, *oniontok, *decodetok; + const u8 *associated_data, *session_key_raw, *payload, *serialized, *onion; + struct secret session_key, *shared_secrets; + struct pubkey pubkey; + struct sphinx_path *path; + size_t i; + int realm; + struct onionpacket *res; + struct route_step *step; + char *hexprivkey; + + toks = json_parse_input(ctx, buffer, strlen(buffer), &valid); + if (!valid) + errx(1, "File is not a valid JSON file."); + + gentok = json_get_member(buffer, toks, "generate"); + if (!gentok) + errx(1, "JSON object does not contain a 'generate' key"); + + /* Unpack the common parts */ + associated_data_tok = json_get_member(buffer, gentok, "associated_data"); + session_key_tok = json_get_member(buffer, gentok, "session_key"); + associated_data = json_tok_bin_from_hex(ctx, buffer, associated_data_tok); + session_key_raw = json_tok_bin_from_hex(ctx, buffer, session_key_tok); + memcpy(&session_key, session_key_raw, sizeof(session_key)); + path = sphinx_path_new_with_key(ctx, associated_data, &session_key); + + /* Unpack the hops and build up the path */ + hopstok = json_get_member(buffer, gentok, "hops"); + json_for_each_arr(i, hop, hopstok) { + payloadtok = json_get_member(buffer, hop, "payload"); + realmtok = json_get_member(buffer, hop, "realm"); + pubkeytok = json_get_member(buffer, hop, "pubkey"); + payload = json_tok_bin_from_hex(ctx, buffer, payloadtok); + json_to_pubkey(buffer, pubkeytok, &pubkey); + json_to_int(buffer, realmtok, &realm); + sphinx_add_raw_hop(path, &pubkey, realm, payload); + } + res = create_onionpacket(ctx, path, &shared_secrets); + serialized = serialize_onionpacket(ctx, res); + + if (!serialized) + errx(1, "Error serializing message."); + + oniontok = json_get_member(buffer, toks, "onion"); + + if (oniontok) { + onion = json_tok_bin_from_hex(ctx, buffer, oniontok); + if (!memeq(onion, tal_bytelen(onion), serialized, + tal_bytelen(serialized))) + errx(1, + "Generated does not match the expected onion: \n" + "generated: %s\n" + "expected : %s\n", + tal_hex(ctx, serialized), tal_hex(ctx, onion)); + } + printf("Generated onion: %s\n", tal_hex(ctx, serialized)); + + hopstok = json_get_member(buffer, gentok, "hops"); + json_for_each_arr(i, hop, hopstok) { + payloadtok = json_get_member(buffer, hop, "payload"); + realmtok = json_get_member(buffer, hop, "realm"); + pubkeytok = json_get_member(buffer, hop, "pubkey"); + payload = json_tok_bin_from_hex(ctx, buffer, payloadtok); + json_to_pubkey(buffer, pubkeytok, &pubkey); + json_to_int(buffer, realmtok, &realm); + sphinx_add_raw_hop(path, &pubkey, realm, payload); + } + + decodetok = json_get_member(buffer, toks, "decode"); + + json_for_each_arr(i, hop, decodetok) { + hexprivkey = json_strdup(ctx, buffer, hop); + printf("Processing at hop %zu\n", i); + step = decode_with_privkey(ctx, serialized, hexprivkey, associated_data); + serialized = serialize_onionpacket(ctx, step->next); + if (!serialized) + errx(1, "Error serializing message."); + printf(" Realm: %d\n", step->realm); + printf(" Payload: %s\n", tal_hex(ctx, step->raw_payload)); + printf(" Next onion: %s\n", tal_hex(ctx, serialized)); + printf(" Next HMAC: %s\n", tal_hexstr(ctx, step->next->mac, HMAC_SIZE)); + } + + tal_free(ctx); +} + +/* Tal wrappers for opt. */ +static void *opt_allocfn(size_t size) +{ + return tal_arr_label(NULL, char, size, TAL_LABEL("opt_allocfn", "")); +} + +static void *tal_reallocfn(void *ptr, size_t size) +{ + if (!ptr) + return opt_allocfn(size); + tal_resize_(&ptr, 1, size, false); + return ptr; +} + +static void tal_freefn(void *ptr) +{ + tal_free(ptr); +} + int main(int argc, char **argv) { setup_locale(); - - bool generate = false, decode = false; + const char *method; u8 assocdata[ASSOC_DATA_SIZE]; - memset(&assocdata, 'B', sizeof(assocdata)); secp256k1_ctx = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY | SECP256K1_CONTEXT_SIGN); - opt_register_noarg("--help|-h", opt_usage_and_exit, - "--generate [/hopdata] [/hopdata]... OR\n" - "--generate [/hopdata] [/hopdata]... OR\n" - "--decode \n" - "Either create an onion message, or decode one step", - "Print this message."); - opt_register_noarg("--generate", opt_set_bool, &generate, - "Generate onion through the given hex pubkeys"); - opt_register_noarg("--decode", opt_set_bool, &decode, - "Decode onion from stdin given the private key"); + opt_set_alloc(opt_allocfn, tal_reallocfn, tal_freefn); opt_register_arg("--assoc-data", opt_set_ad, opt_show_ad, assocdata, "Associated data (usu. payment_hash of payment)"); + opt_register_noarg("--help|-h", opt_usage_and_exit, + "\n\n\tdecode \n" + "\tgenerate ...\n" + "\tgenerate [/hopdata] [/hopdata]\n" + "\tgenerate [/hopdata] [/hopdata]\n" + "\truntest \n\n", "Show this message"); + opt_register_version(); + opt_early_parse(argc, argv, opt_log_stderr_exit); opt_parse(&argc, argv, opt_log_stderr_exit); - if (generate) + if (argc < 2) + errx(1, "You must specify a method"); + method = argv[1]; + + if (streq(method, "runtest")) { + if (argc != 3) + errx(1, "'runtest' requires a filename argument"); + runtest(argv[2]); + } else if (streq(method, "generate")) { do_generate(argc, argv, assocdata); - else if (decode) + } else if (streq(method, "decode")) { do_decode(argc, argv, assocdata); + } else { + errx(1, "Unrecognized method '%s'", method); + } return 0; }