|
7 | 7 | // You may not use this file except in accordance with one or both of these |
8 | 8 | // licenses. |
9 | 9 |
|
10 | | -use bitcoin::bech32::{u5, FromBase32, ToBase32}; |
11 | 10 | use crate::utils::test_logger; |
12 | | -use lightning_invoice::RawDataPart; |
| 11 | +use bitcoin::bech32::{u5, FromBase32, ToBase32}; |
| 12 | +use bitcoin::secp256k1::{Secp256k1, SecretKey}; |
| 13 | +use lightning_invoice::{ |
| 14 | + Bolt11Invoice, RawBolt11Invoice, RawDataPart, RawHrp, RawTaggedField, TaggedField, |
| 15 | +}; |
| 16 | +use std::str::FromStr; |
13 | 17 |
|
14 | 18 | #[inline] |
15 | 19 | pub fn do_test<Out: test_logger::Output>(data: &[u8], _out: Out) { |
16 | | - let bech32 = data.iter().map(|x| u5::try_from_u8(x % 32).unwrap()).collect::<Vec<_>>(); |
17 | | - let invoice = match RawDataPart::from_base32(&bech32) { |
18 | | - Ok(invoice) => invoice, |
19 | | - Err(_) => return, |
20 | | - }; |
21 | | - |
22 | | - // Our encoding is not worse than the input |
23 | | - assert!(invoice.to_base32().len() <= bech32.len()); |
24 | | - |
25 | | - // Our serialization is loss-less |
26 | | - assert_eq!( |
27 | | - RawDataPart::from_base32(&invoice.to_base32()).expect("faild parsing out own encoding"), |
28 | | - invoice |
29 | | - ); |
| 20 | + // Read a fake HRP length byte |
| 21 | + let hrp_len = std::cmp::min(*data.get(0).unwrap_or(&0) as usize, data.len()); |
| 22 | + if let Ok(s) = std::str::from_utf8(&data[..hrp_len]) { |
| 23 | + let hrp = match RawHrp::from_str(s) { |
| 24 | + Ok(hrp) => hrp, |
| 25 | + Err(_) => return, |
| 26 | + }; |
| 27 | + let bech32 = |
| 28 | + data.iter().skip(hrp_len).map(|x| u5::try_from_u8(x % 32).unwrap()).collect::<Vec<_>>(); |
| 29 | + let invoice_data = match RawDataPart::from_base32(&bech32) { |
| 30 | + Ok(invoice) => invoice, |
| 31 | + Err(_) => return, |
| 32 | + }; |
| 33 | + |
| 34 | + // Our data encoding is not worse than the input |
| 35 | + assert!(invoice_data.to_base32().len() <= bech32.len()); |
| 36 | + |
| 37 | + // Our data serialization is loss-less |
| 38 | + assert_eq!( |
| 39 | + RawDataPart::from_base32(&invoice_data.to_base32()) |
| 40 | + .expect("faild parsing out own encoding"), |
| 41 | + invoice_data |
| 42 | + ); |
| 43 | + |
| 44 | + if invoice_data.tagged_fields.iter().any(|field| { |
| 45 | + matches!(field, RawTaggedField::KnownSemantics(TaggedField::PayeePubKey(_))) |
| 46 | + }) { |
| 47 | + // We could forge a signature using the fact that signing is insecure in fuzz mode, but |
| 48 | + // easier to just skip and rely on the fact that no-PayeePubKey invoices do pubkey |
| 49 | + // recovery |
| 50 | + return; |
| 51 | + } |
| 52 | + |
| 53 | + let raw_invoice = RawBolt11Invoice { hrp, data: invoice_data }; |
| 54 | + let signed_raw_invoice = match raw_invoice.sign(|hash| { |
| 55 | + let private_key = SecretKey::from_slice(&[42; 32]).unwrap(); |
| 56 | + Ok::<_, ()>(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)) |
| 57 | + }) { |
| 58 | + Ok(inv) => inv, |
| 59 | + Err(_) => return, |
| 60 | + }; |
| 61 | + |
| 62 | + if let Ok(invoice) = Bolt11Invoice::from_signed(signed_raw_invoice) { |
| 63 | + invoice.amount_milli_satoshis(); |
| 64 | + } |
| 65 | + } |
30 | 66 | } |
31 | 67 |
|
32 | 68 | pub fn bolt11_deser_test<Out: test_logger::Output>(data: &[u8], out: Out) { |
|
0 commit comments