f: create façade for session overrides

arik-so · arik-so · commit 72f5c3d67f50 · 2025-03-13T03:31:39.000-07:00
diff --git a/lightning/src/ln/onion_utils.rs b/lightning/src/ln/onion_utils.rs
@@ -937,23 +937,54 @@ pub(crate) struct DecodedOnionFailure {
 	pub(crate) onion_error_data: Option<Vec<u8>>,
 }
 
+pub(super) fn process_onion_failure<T: secp256k1::Signing, L: Deref>(
+	secp_ctx: &Secp256k1<T>, logger: &L, htlc_source: &HTLCSource,
+	encrypted_packet: OnionErrorPacket,
+) -> DecodedOnionFailure
+where
+	L::Target: Logger,
+{
+	let (path, primary_session_priv) = match htlc_source {
+		HTLCSource::OutboundRoute { ref path, ref session_priv, .. } => (path, session_priv),
+		_ => unreachable!(),
+	};
+
+	let (outer_session_priv, inner_session_priv) = if path.has_trampoline_hops() {
+		// If we have Trampoline hops, the outer onion session_priv is a hash of the inner one.
+		let session_priv_hash = Sha256::hash(&primary_session_priv.secret_bytes()).to_byte_array();
+		(
+			&SecretKey::from_slice(&session_priv_hash[..]).expect("You broke SHA-256!"),
+			Some(primary_session_priv),
+		)
+	} else {
+		(primary_session_priv, None)
+	};
+
+	process_onion_failure_inner(
+		secp_ctx,
+		logger,
+		htlc_source,
+		outer_session_priv,
+		inner_session_priv,
+		encrypted_packet,
+	)
+}
+
 /// Process failure we got back from upstream on a payment we sent (implying htlc_source is an
 /// OutboundRoute).
 #[inline]
-pub(super) fn process_onion_failure<T: secp256k1::Signing, L: Deref>(
-	secp_ctx: &Secp256k1<T>, logger: &L, htlc_source: &HTLCSource,
-	mut encrypted_packet: OnionErrorPacket, outer_session_priv_override: Option<SecretKey>,
+pub(super) fn process_onion_failure_inner<T: secp256k1::Signing, L: Deref>(
+	secp_ctx: &Secp256k1<T>, logger: &L, htlc_source: &HTLCSource, outer_session_priv: &SecretKey,
+	inner_session_priv: Option<&SecretKey>, mut encrypted_packet: OnionErrorPacket,
 ) -> DecodedOnionFailure
 where
 	L::Target: Logger,
 {
-	let (path, session_priv, first_hop_htlc_msat) = match htlc_source {
-		HTLCSource::OutboundRoute {
-			ref path, ref session_priv, ref first_hop_htlc_msat, ..
-		} => (path, session_priv, first_hop_htlc_msat),
-		_ => {
-			unreachable!()
+	let (path, first_hop_htlc_msat) = match htlc_source {
+		HTLCSource::OutboundRoute { ref path, ref first_hop_htlc_msat, .. } => {
+			(path, first_hop_htlc_msat)
 		},
+		_ => unreachable!(),
 	};
 
 	// Learnings from the HTLC failure to inform future payment retries and scoring.
@@ -1002,14 +1033,6 @@ where
 		}
 	}
 
-	let outer_session_priv = path.has_trampoline_hops().then(|| {
-		// If we have Trampoline hops, the outer onion session_priv is a hash of the inner one.
-		outer_session_priv_override.unwrap_or_else(|| {
-			let session_priv_hash = Sha256::hash(&session_priv.secret_bytes()).to_byte_array();
-			SecretKey::from_slice(&session_priv_hash[..]).expect("You broke SHA-256!")
-		})
-	});
-
 	let num_blinded_hops = path.blinded_tail.as_ref().map_or(0, |bt| bt.hops.len());
 
 	// We are first collecting all the unblinded `RouteHop`s inside `onion_keys`. Then, if applicable,
@@ -1020,7 +1043,7 @@ where
 		&path.hops,
 		// if we have Trampoline hops, the blinded hops are part of the inner Trampoline onion
 		if path.has_trampoline_hops() { None } else { path.blinded_tail.as_ref() },
-		outer_session_priv.as_ref().unwrap_or(session_priv),
+		outer_session_priv,
 		|shared_secret, _, _, route_hop_option: Option<&RouteHop>, _| {
 			onion_keys.push((route_hop_option.map(|rh| ErrorHop::RouteHop(rh)), shared_secret))
 		},
@@ -1033,7 +1056,7 @@ where
 			// Trampoline hops are part of the blinded tail, so this can never panic
 			&path.blinded_tail.as_ref().unwrap().trampoline_hops,
 			path.blinded_tail.as_ref(),
-			session_priv,
+			inner_session_priv.expect("Trampoline hops always have an inner session priv"),
 			|shared_secret, _, _, trampoline_hop_option: Option<&TrampolineHop>, _| {
 				onion_keys.push((
 					trampoline_hop_option.map(|th| ErrorHop::TrampolineHop(th)),
@@ -1473,7 +1496,7 @@ impl HTLCFailReason {
 	{
 		match self.0 {
 			HTLCFailReasonRepr::LightningError { ref err } => {
-				process_onion_failure(secp_ctx, logger, &htlc_source, err.clone(), None)
+				process_onion_failure(secp_ctx, logger, &htlc_source, err.clone())
 			},
 			#[allow(unused)]
 			HTLCFailReasonRepr::Reason { ref failure_code, ref data, .. } => {
@@ -2401,8 +2424,7 @@ mod tests {
 
 		// Assert that the original failure can be retrieved and that all hmacs check out.
 		let decrypted_failure =
-			process_onion_failure(&ctx_full, &logger, &htlc_source, onion_error, None);
-
+			process_onion_failure(&ctx_full, &logger, &htlc_source, onion_error);
 		assert_eq!(decrypted_failure.onion_error_code, Some(0x2002));
 	}
 
@@ -2497,12 +2519,13 @@ mod tests {
 			let error_packet_hex = "f8941a320b8fde4ad7b9b920c69cbf334114737497d93059d77e591eaa78d6334d3e2aeefcb0cc83402eaaf91d07d695cd895d9cad1018abdaf7d2a49d7657b1612729db7f393f0bb62b25afaaaa326d72a9214666025385033f2ec4605dcf1507467b5726d806da180ea224a7d8631cd31b0bdd08eead8bfe14fc8c7475e17768b1321b54dd4294aecc96da391efe0ca5bd267a45ee085c85a60cf9a9ac152fa4795fff8700a3ea4f848817f5e6943e855ab2e86f6929c9e885d8b20c49b14d2512c59ed21f10bd38691110b0d82c00d9fa48a20f10c7550358724c6e8e2b966e56a0aadf458695b273768062fa7c6e60eb72d4cdc67bf525c194e4a17fdcaa0e9d80480b586bf113f14eea530b6728a1c53fe5cee092e24a90f21f4b764015e7ed5e23";
 			let error_packet =
 				OnionErrorPacket { data: <Vec<u8>>::from_hex(error_packet_hex).unwrap() };
-			let decrypted_failure = process_onion_failure(
+			let decrypted_failure = process_onion_failure_inner(
 				&secp_ctx,
 				&logger,
 				&htlc_source,
+				&outer_session_priv,
+				Some(&trampoline_session_priv),
 				error_packet,
-				Some(outer_session_priv),
 			);
 			assert_eq!(decrypted_failure.onion_error_code, Some(0x400f));
 		}
@@ -2545,13 +2568,8 @@ mod tests {
 					&mut first_hop_error_packet,
 				);
 
-				let decrypted_failure = process_onion_failure(
-					&secp_ctx,
-					&logger,
-					&htlc_source,
-					first_hop_error_packet,
-					None,
-				);
+				let decrypted_failure =
+					process_onion_failure(&secp_ctx, &logger, &htlc_source, first_hop_error_packet);
 				assert_eq!(decrypted_failure.onion_error_code, Some(error_code));
 			};
 
@@ -2578,7 +2596,6 @@ mod tests {
 					&logger,
 					&htlc_source,
 					trampoline_outer_hop_error_packet,
-					None,
 				);
 				assert_eq!(decrypted_failure.onion_error_code, Some(error_code));
 			};
@@ -2611,7 +2628,6 @@ mod tests {
 					&logger,
 					&htlc_source,
 					trampoline_inner_hop_error_packet,
-					None,
 				);
 				assert_eq!(decrypted_failure.onion_error_code, Some(error_code));
 			}
@@ -2703,8 +2719,7 @@ mod tests {
 			payment_id: PaymentId([1; 32]),
 		};
 
-		let decrypted_failure =
-			process_onion_failure(&ctx_full, &logger, &htlc_source, packet, None);
+		let decrypted_failure = process_onion_failure(&ctx_full, &logger, &htlc_source, packet);
 
 		decrypted_failure
 	}
