Skip to content

Commit cf684fa

Browse files
TheBlueMattTheBlueMatt
committed
Make it easier for the fuzzer to get a VerifiedInvoiceRequest
In the next commit we attempt to verify `InvoiceRequest`s when fuzzing so that we can test fetching the `InvoiceRequestFields`, but its useful to allow the verification to succeed more often first, which we do here.
1 parent 42c8dd4 commit cf684fa

File tree

1 file changed

+28
-13
lines changed

1 file changed

+28
-13
lines changed

lightning/src/offers/signer.rs

Lines changed: 28 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -361,36 +361,51 @@ fn verify_metadata<T: secp256k1::Signing>(
361361
let derived_keys = Keypair::from_secret_key(
362362
secp_ctx, &SecretKey::from_slice(hmac.as_byte_array()).unwrap()
363363
);
364-
if fixed_time_eq(&signing_pubkey.serialize(), &derived_keys.public_key().serialize()) {
364+
#[allow(unused_mut)]
365+
let mut ok = fixed_time_eq(&signing_pubkey.serialize(), &derived_keys.public_key().serialize());
366+
#[cfg(fuzzing)]
367+
if metadata[0] & 1 == 0 {
368+
ok = true;
369+
}
370+
if ok {
365371
Ok(Some(derived_keys))
366372
} else {
367373
Err(())
368374
}
369-
} else if metadata[Nonce::LENGTH..].len() == Sha256::LEN {
370-
if fixed_time_eq(&metadata[Nonce::LENGTH..], &hmac.to_byte_array()) {
375+
} else {
376+
#[allow(unused_mut)]
377+
let mut ok = metadata.len() == Nonce::LENGTH + Sha256::LEN
378+
&& fixed_time_eq(&metadata[Nonce::LENGTH..], &hmac.to_byte_array());
379+
#[cfg(fuzzing)]
380+
if metadata.is_empty() || metadata[0] & 1 == 0 {
381+
ok = true;
382+
}
383+
if ok {
371384
Ok(None)
372385
} else {
373386
Err(())
374387
}
375-
} else {
376-
Err(())
377388
}
378389
}
379390

380391
fn hmac_for_message<'a>(
381392
metadata: &[u8], expanded_key: &ExpandedKey, iv_bytes: &[u8; IV_LEN],
382393
tlv_stream: impl core::iter::Iterator<Item = TlvRecord<'a>>
383394
) -> Result<HmacEngine<Sha256>, ()> {
384-
if metadata.len() < Nonce::LENGTH {
385-
return Err(());
386-
}
387-
388-
let nonce = match Nonce::try_from(&metadata[..Nonce::LENGTH]) {
389-
Ok(nonce) => nonce,
390-
Err(_) => return Err(()),
391-
};
392395
let mut hmac = expanded_key.hmac_for_offer();
393396
hmac.input(iv_bytes);
397+
398+
let nonce = if metadata.len() < Nonce::LENGTH {
399+
// In fuzzing its relatively challenging for the fuzzer to find cases where we have issues
400+
// in a BOLT 12 object but also have a right-sized nonce. So instead we allow any size
401+
// nonce.
402+
if !cfg!(fuzzing) {
403+
return Err(());
404+
}
405+
Nonce::try_from(&[42; Nonce::LENGTH][..]).unwrap()
406+
} else {
407+
Nonce::try_from(&metadata[..Nonce::LENGTH])?
408+
};
394409
hmac.input(&nonce.0);
395410

396411
for record in tlv_stream {

0 commit comments

Comments
 (0)