99
1010//! Utilities for signing offer messages and verifying metadata.
1111
12- use bitcoin:: hashes:: { Hash , HashEngine } ;
13- use bitcoin:: hashes:: cmp:: fixed_time_eq;
14- use bitcoin:: hashes:: hmac:: { Hmac , HmacEngine } ;
15- use bitcoin:: hashes:: sha256:: Hash as Sha256 ;
16- use bitcoin:: secp256k1:: { Keypair , PublicKey , Secp256k1 , SecretKey , self } ;
17- use types:: payment:: PaymentHash ;
18- use core:: fmt;
1912use crate :: blinded_path:: payment:: UnauthenticatedReceiveTlvs ;
2013use crate :: ln:: channelmanager:: PaymentId ;
2114use crate :: ln:: inbound_payment:: { ExpandedKey , IV_LEN } ;
2215use crate :: offers:: merkle:: TlvRecord ;
2316use crate :: offers:: nonce:: Nonce ;
2417use crate :: util:: ser:: Writeable ;
18+ use bitcoin:: hashes:: cmp:: fixed_time_eq;
19+ use bitcoin:: hashes:: hmac:: { Hmac , HmacEngine } ;
20+ use bitcoin:: hashes:: sha256:: Hash as Sha256 ;
21+ use bitcoin:: hashes:: { Hash , HashEngine } ;
22+ use bitcoin:: secp256k1:: { self , Keypair , PublicKey , Secp256k1 , SecretKey } ;
23+ use core:: fmt;
24+ use types:: payment:: PaymentHash ;
2525
2626use crate :: prelude:: * ;
2727
@@ -99,15 +99,24 @@ impl Metadata {
9999 pub fn as_bytes ( & self ) -> Option < & Vec < u8 > > {
100100 match self {
101101 Metadata :: Bytes ( bytes) => Some ( bytes) ,
102- _ => { debug_assert ! ( false ) ; None } ,
102+ _ => {
103+ debug_assert ! ( false ) ;
104+ None
105+ } ,
103106 }
104107 }
105108
106109 pub fn has_derivation_material ( & self ) -> bool {
107110 match self {
108111 Metadata :: Bytes ( _) => false ,
109- Metadata :: RecipientData ( _) => { debug_assert ! ( false ) ; false } ,
110- Metadata :: PayerData ( _) => { debug_assert ! ( false ) ; false } ,
112+ Metadata :: RecipientData ( _) => {
113+ debug_assert ! ( false ) ;
114+ false
115+ } ,
116+ Metadata :: PayerData ( _) => {
117+ debug_assert ! ( false ) ;
118+ false
119+ } ,
111120 Metadata :: Derived ( _) => true ,
112121 Metadata :: DerivedSigningPubkey ( _) => true ,
113122 }
@@ -151,20 +160,32 @@ impl Metadata {
151160pub fn without_keys ( self ) -> Self {
152161 match self {
153162 Metadata :: Bytes ( _) => self ,
154- Metadata :: RecipientData ( _) => { debug_assert ! ( false ) ; self } ,
155- Metadata :: PayerData ( _) => { debug_assert ! ( false ) ; self } ,
163+ Metadata :: RecipientData ( _) => {
164+ debug_assert ! ( false ) ;
165+ self
166+ } ,
167+ Metadata :: PayerData ( _) => {
168+ debug_assert ! ( false ) ;
169+ self
170+ } ,
156171 Metadata :: Derived ( _) => self ,
157172 Metadata :: DerivedSigningPubkey ( material) => Metadata :: Derived ( material) ,
158173 }
159174 }
160175
161176 pub fn derive_from < W : Writeable , T : secp256k1:: Signing > (
162- self , iv_bytes : & [ u8 ; IV_LEN ] , tlv_stream : W , secp_ctx : Option < & Secp256k1 < T > >
177+ self , iv_bytes : & [ u8 ; IV_LEN ] , tlv_stream : W , secp_ctx : Option < & Secp256k1 < T > > ,
163178 ) -> ( Self , Option < Keypair > ) {
164179 match self {
165180 Metadata :: Bytes ( _) => ( self , None ) ,
166- Metadata :: RecipientData ( _) => { debug_assert ! ( false ) ; ( self , None ) } ,
167- Metadata :: PayerData ( _) => { debug_assert ! ( false ) ; ( self , None ) } ,
181+ Metadata :: RecipientData ( _) => {
182+ debug_assert ! ( false ) ;
183+ ( self , None )
184+ } ,
185+ Metadata :: PayerData ( _) => {
186+ debug_assert ! ( false ) ;
187+ ( self , None )
188+ } ,
168189 Metadata :: Derived ( metadata_material) => {
169190 ( Metadata :: Bytes ( metadata_material. derive_metadata ( iv_bytes, tlv_stream) ) , None )
170191 } ,
@@ -190,8 +211,14 @@ impl AsRef<[u8]> for Metadata {
190211 Metadata :: Bytes ( bytes) => & bytes,
191212 Metadata :: RecipientData ( nonce) => & nonce. 0 ,
192213 Metadata :: PayerData ( bytes) => bytes. as_slice ( ) ,
193- Metadata :: Derived ( _) => { debug_assert ! ( false ) ; & [ ] } ,
194- Metadata :: DerivedSigningPubkey ( _) => { debug_assert ! ( false ) ; & [ ] } ,
214+ Metadata :: Derived ( _) => {
215+ debug_assert ! ( false ) ;
216+ & [ ]
217+ } ,
218+ Metadata :: DerivedSigningPubkey ( _) => {
219+ debug_assert ! ( false ) ;
220+ & [ ]
221+ } ,
195222 }
196223 }
197224}
@@ -212,10 +239,12 @@ impl fmt::Debug for Metadata {
212239impl PartialEq for Metadata {
213240 fn eq ( & self , other : & Self ) -> bool {
214241 match self {
215- Metadata :: Bytes ( bytes) => if let Metadata :: Bytes ( other_bytes) = other {
216- bytes == other_bytes
217- } else {
218- false
242+ Metadata :: Bytes ( bytes) => {
243+ if let Metadata :: Bytes ( other_bytes) = other {
244+ bytes == other_bytes
245+ } else {
246+ false
247+ }
219248 } ,
220249 Metadata :: RecipientData ( _) => false ,
221250 Metadata :: PayerData ( _) => false ,
@@ -237,15 +266,10 @@ pub(super) struct MetadataMaterial {
237266impl MetadataMaterial {
238267 pub fn new ( nonce : Nonce , expanded_key : & ExpandedKey , payment_id : Option < PaymentId > ) -> Self {
239268 // Encrypt payment_id
240- let encrypted_payment_id = payment_id. map ( |payment_id| {
241- expanded_key. crypt_for_offer ( payment_id. 0 , nonce)
242- } ) ;
243-
244- Self {
245- nonce,
246- hmac : expanded_key. hmac_for_offer ( ) ,
247- encrypted_payment_id,
248- }
269+ let encrypted_payment_id =
270+ payment_id. map ( |payment_id| expanded_key. crypt_for_offer ( payment_id. 0 , nonce) ) ;
271+
272+ Self { nonce, hmac : expanded_key. hmac_for_offer ( ) , encrypted_payment_id }
249273 }
250274
251275 fn derive_metadata < W : Writeable > ( mut self , iv_bytes : & [ u8 ; IV_LEN ] , tlv_stream : W ) -> Vec < u8 > {
@@ -263,7 +287,7 @@ impl MetadataMaterial {
263287 }
264288
265289 fn derive_metadata_and_keys < W : Writeable , T : secp256k1:: Signing > (
266- mut self , iv_bytes : & [ u8 ; IV_LEN ] , tlv_stream : W , secp_ctx : & Secp256k1 < T >
290+ mut self , iv_bytes : & [ u8 ; IV_LEN ] , tlv_stream : W , secp_ctx : & Secp256k1 < T > ,
267291 ) -> ( Vec < u8 > , Keypair ) {
268292 self . hmac . input ( iv_bytes) ;
269293 self . hmac . input ( & self . nonce . 0 ) ;
@@ -315,7 +339,7 @@ pub(super) fn derive_keys(nonce: Nonce, expanded_key: &ExpandedKey) -> Keypair {
315339pub ( super ) fn verify_payer_metadata < ' a , T : secp256k1:: Signing > (
316340 metadata : & [ u8 ] , expanded_key : & ExpandedKey , iv_bytes : & [ u8 ; IV_LEN ] ,
317341 signing_pubkey : PublicKey , tlv_stream : impl core:: iter:: Iterator < Item = TlvRecord < ' a > > ,
318- secp_ctx : & Secp256k1 < T >
342+ secp_ctx : & Secp256k1 < T > ,
319343) -> Result < PaymentId , ( ) > {
320344 if metadata. len ( ) < PaymentId :: LENGTH {
321345 return Err ( ( ) ) ;
@@ -324,14 +348,16 @@ pub(super) fn verify_payer_metadata<'a, T: secp256k1::Signing>(
324348 let mut encrypted_payment_id = [ 0u8 ; PaymentId :: LENGTH ] ;
325349 encrypted_payment_id. copy_from_slice ( & metadata[ ..PaymentId :: LENGTH ] ) ;
326350
327- let mut hmac = hmac_for_message (
328- & metadata[ PaymentId :: LENGTH ..] , expanded_key, iv_bytes, tlv_stream
329- ) ?;
351+ let mut hmac =
352+ hmac_for_message ( & metadata[ PaymentId :: LENGTH ..] , expanded_key, iv_bytes, tlv_stream) ?;
330353 hmac. input ( WITH_ENCRYPTED_PAYMENT_ID_HMAC_INPUT ) ;
331354 hmac. input ( & encrypted_payment_id) ;
332355
333356 verify_metadata (
334- & metadata[ PaymentId :: LENGTH ..] , Hmac :: from_engine ( hmac) , signing_pubkey, secp_ctx
357+ & metadata[ PaymentId :: LENGTH ..] ,
358+ Hmac :: from_engine ( hmac) ,
359+ signing_pubkey,
360+ secp_ctx,
335361 ) ?;
336362
337363 let nonce = Nonce :: try_from ( & metadata[ PaymentId :: LENGTH ..] [ ..Nonce :: LENGTH ] ) . unwrap ( ) ;
@@ -351,7 +377,7 @@ pub(super) fn verify_payer_metadata<'a, T: secp256k1::Signing>(
351377pub ( super ) fn verify_recipient_metadata < ' a , T : secp256k1:: Signing > (
352378 metadata : & [ u8 ] , expanded_key : & ExpandedKey , iv_bytes : & [ u8 ; IV_LEN ] ,
353379 signing_pubkey : PublicKey , tlv_stream : impl core:: iter:: Iterator < Item = TlvRecord < ' a > > ,
354- secp_ctx : & Secp256k1 < T >
380+ secp_ctx : & Secp256k1 < T > ,
355381) -> Result < Option < Keypair > , ( ) > {
356382 let mut hmac = hmac_for_message ( metadata, expanded_key, iv_bytes, tlv_stream) ?;
357383 hmac. input ( WITHOUT_ENCRYPTED_PAYMENT_ID_HMAC_INPUT ) ;
@@ -360,11 +386,12 @@ pub(super) fn verify_recipient_metadata<'a, T: secp256k1::Signing>(
360386}
361387
362388fn verify_metadata < T : secp256k1:: Signing > (
363- metadata : & [ u8 ] , hmac : Hmac < Sha256 > , signing_pubkey : PublicKey , secp_ctx : & Secp256k1 < T >
389+ metadata : & [ u8 ] , hmac : Hmac < Sha256 > , signing_pubkey : PublicKey , secp_ctx : & Secp256k1 < T > ,
364390) -> Result < Option < Keypair > , ( ) > {
365391 if metadata. len ( ) == Nonce :: LENGTH {
366392 let derived_keys = Keypair :: from_secret_key (
367- secp_ctx, & SecretKey :: from_slice ( hmac. as_byte_array ( ) ) . unwrap ( )
393+ secp_ctx,
394+ & SecretKey :: from_slice ( hmac. as_byte_array ( ) ) . unwrap ( ) ,
368395 ) ;
369396 if fixed_time_eq ( & signing_pubkey. serialize ( ) , & derived_keys. public_key ( ) . serialize ( ) ) {
370397 Ok ( Some ( derived_keys) )
@@ -384,7 +411,7 @@ fn verify_metadata<T: secp256k1::Signing>(
384411
385412fn hmac_for_message < ' a > (
386413 metadata : & [ u8 ] , expanded_key : & ExpandedKey , iv_bytes : & [ u8 ; IV_LEN ] ,
387- tlv_stream : impl core:: iter:: Iterator < Item = TlvRecord < ' a > >
414+ tlv_stream : impl core:: iter:: Iterator < Item = TlvRecord < ' a > > ,
388415) -> Result < HmacEngine < Sha256 > , ( ) > {
389416 if metadata. len ( ) < Nonce :: LENGTH {
390417 return Err ( ( ) ) ;
@@ -420,7 +447,11 @@ pub(crate) fn hmac_for_offer_payment_id(
420447pub ( crate ) fn verify_offer_payment_id (
421448 payment_id : PaymentId , hmac : Hmac < Sha256 > , nonce : Nonce , expanded_key : & ExpandedKey ,
422449) -> Result < ( ) , ( ) > {
423- if hmac_for_offer_payment_id ( payment_id, nonce, expanded_key) == hmac { Ok ( ( ) ) } else { Err ( ( ) ) }
450+ if hmac_for_offer_payment_id ( payment_id, nonce, expanded_key) == hmac {
451+ Ok ( ( ) )
452+ } else {
453+ Err ( ( ) )
454+ }
424455}
425456
426457pub ( crate ) fn hmac_for_payment_hash (
@@ -439,7 +470,11 @@ pub(crate) fn hmac_for_payment_hash(
439470pub ( crate ) fn verify_payment_hash (
440471 payment_hash : PaymentHash , hmac : Hmac < Sha256 > , nonce : Nonce , expanded_key : & ExpandedKey ,
441472) -> Result < ( ) , ( ) > {
442- if hmac_for_payment_hash ( payment_hash, nonce, expanded_key) == hmac { Ok ( ( ) ) } else { Err ( ( ) ) }
473+ if hmac_for_payment_hash ( payment_hash, nonce, expanded_key) == hmac {
474+ Ok ( ( ) )
475+ } else {
476+ Err ( ( ) )
477+ }
443478}
444479
445480#[ cfg( async_payments) ]
@@ -453,7 +488,11 @@ pub(crate) fn hmac_for_async_payment_id(
453488pub ( crate ) fn verify_async_payment_id (
454489 payment_id : PaymentId , hmac : Hmac < Sha256 > , nonce : Nonce , expanded_key : & ExpandedKey ,
455490) -> Result < ( ) , ( ) > {
456- if hmac_for_async_payment_id ( payment_id, nonce, expanded_key) == hmac { Ok ( ( ) ) } else { Err ( ( ) ) }
491+ if hmac_for_async_payment_id ( payment_id, nonce, expanded_key) == hmac {
492+ Ok ( ( ) )
493+ } else {
494+ Err ( ( ) )
495+ }
457496}
458497
459498fn hmac_for_payment_id (
@@ -486,7 +525,11 @@ pub(crate) fn verify_payment_tlvs(
486525 receive_tlvs : & UnauthenticatedReceiveTlvs , hmac : Hmac < Sha256 > , nonce : Nonce ,
487526 expanded_key : & ExpandedKey ,
488527) -> Result < ( ) , ( ) > {
489- if hmac_for_payment_tlvs ( receive_tlvs, nonce, expanded_key) == hmac { Ok ( ( ) ) } else { Err ( ( ) ) }
528+ if hmac_for_payment_tlvs ( receive_tlvs, nonce, expanded_key) == hmac {
529+ Ok ( ( ) )
530+ } else {
531+ Err ( ( ) )
532+ }
490533}
491534
492535#[ cfg( async_payments) ]
@@ -506,5 +549,9 @@ pub(crate) fn hmac_for_held_htlc_available_context(
506549pub ( crate ) fn verify_held_htlc_available_context (
507550 nonce : Nonce , hmac : Hmac < Sha256 > , expanded_key : & ExpandedKey ,
508551) -> Result < ( ) , ( ) > {
509- if hmac_for_held_htlc_available_context ( nonce, expanded_key) == hmac { Ok ( ( ) ) } else { Err ( ( ) ) }
552+ if hmac_for_held_htlc_available_context ( nonce, expanded_key) == hmac {
553+ Ok ( ( ) )
554+ } else {
555+ Err ( ( ) )
556+ }
510557}
0 commit comments