Add non-vector cryptography tests [expound]

arik-so · arik-so · commit 3e45cb22ac87 · 2025-03-11T13:54:32.000-07:00
diff --git a/lightning/src/ln/onion_utils.rs b/lightning/src/ln/onion_utils.rs
@@ -2493,6 +2493,190 @@ mod tests {
 		assert_eq!(decrypted_failure.onion_error_code, Some(0x400f));
 	}
 
+	#[test]
+	fn test_trampoline_onion_decryption() {
+		// In this test, we construct a dummy path that uses Trampoline hops, and ensure that the
+		// correct shared secrets are used to decrypt the error packets. The actual path configuration
+		// is not particularly relevant.
+
+		let dummy_amt_msat = 150_000_000;
+
+		let path = Path {
+			hops: vec![
+				// Bob
+				RouteHop {
+					pubkey: PublicKey::from_slice(&<Vec<u8>>::from_hex("0324653eac434488002cc06bbfb7f10fe18991e35f9fe4302dbea6d2353dc0ab1c").unwrap()).unwrap(),
+					node_features: NodeFeatures::empty(),
+					short_channel_id: 0,
+					channel_features: ChannelFeatures::empty(),
+					fee_msat: 3_000,
+					cltv_expiry_delta: 24,
+					maybe_announced_channel: false,
+				},
+
+				// Carol
+				RouteHop {
+					pubkey: PublicKey::from_slice(&<Vec<u8>>::from_hex("027f31ebc5462c1fdce1b737ecff52d37d75dea43ce11c74d25aa297165faa2007").unwrap()).unwrap(),
+					node_features: NodeFeatures::empty(),
+					short_channel_id: (572330 << 40) + (42 << 16) + 2821,
+					channel_features: ChannelFeatures::empty(),
+					fee_msat: 153_000,
+					cltv_expiry_delta: 0,
+					maybe_announced_channel: false,
+				},
+			],
+			blinded_tail: Some(BlindedTail {
+				trampoline_hops: vec![
+					// Carol's pubkey
+					TrampolineHop {
+						pubkey: PublicKey::from_slice(&<Vec<u8>>::from_hex("027f31ebc5462c1fdce1b737ecff52d37d75dea43ce11c74d25aa297165faa2007").unwrap()).unwrap(),
+						node_features: Features::empty(),
+						fee_msat: 2_500,
+						cltv_expiry_delta: 24,
+					},
+					// Dave's pubkey
+					TrampolineHop {
+						pubkey: PublicKey::from_slice(&<Vec<u8>>::from_hex("020e2dbadcc2005e859819ddebbe88a834ae8a6d2b049233c07335f15cd1dc5f22").unwrap()).unwrap(),
+						node_features: Features::empty(),
+						fee_msat: 2_500,
+						cltv_expiry_delta: 24,
+					},
+					// Emily's pubkey (the intro node needs to be duplicated)
+					TrampolineHop {
+						pubkey: PublicKey::from_slice(&<Vec<u8>>::from_hex("032c0b7cf95324a07d05398b240174dc0c2be444d96b159aa6c7f7b1e668680991").unwrap()).unwrap(),
+						node_features: Features::empty(),
+						fee_msat: 150_500,
+						cltv_expiry_delta: 36,
+					}
+				],
+				hops: vec![
+					// Emily's blinded node id
+					BlindedHop {
+						blinded_node_id: PublicKey::from_slice(&<Vec<u8>>::from_hex("0295d40514096a8be54859e7dfe947b376eaafea8afe5cb4eb2c13ff857ed0b4be").unwrap()).unwrap(),
+						encrypted_payload: vec![],
+					},
+					// Forrest's blinded node id
+					BlindedHop {
+						blinded_node_id: PublicKey::from_slice(&<Vec<u8>>::from_hex("020e2dbadcc2005e859819ddebbe88a834ae8a6d2b049233c07335f15cd1dc5f22").unwrap()).unwrap(),
+						encrypted_payload: vec![],
+					}
+				],
+				blinding_point: PublicKey::from_slice(&<Vec<u8>>::from_hex("02988face71e92c345a068f740191fd8e53be14f0bb957ef730d3c5f76087b960e").unwrap()).unwrap(),
+				excess_final_cltv_expiry_delta: 0,
+				final_value_msat: dummy_amt_msat
+			}),
+		};
+
+		// all dummy values
+		let secp_ctx = Secp256k1::new();
+		let session_priv = get_test_session_key();
+
+		let trampoline_onion_keys = construct_trampoline_onion_keys(
+			&secp_ctx,
+			&path.blinded_tail.as_ref().unwrap(),
+			&session_priv,
+		)
+		.unwrap();
+
+		let outer_onion_keys = {
+			let session_priv_hash = Sha256::hash(&session_priv.secret_bytes()).to_byte_array();
+			let outer_session_priv = SecretKey::from_slice(&session_priv_hash[..]).unwrap();
+			construct_onion_keys(&Secp256k1::new(), &path, &outer_session_priv).unwrap()
+		};
+
+		let logger: Arc<TestLogger> = Arc::new(TestLogger::new());
+		let htlc_source = HTLCSource::OutboundRoute {
+			path,
+			session_priv,
+			first_hop_htlc_msat: dummy_amt_msat,
+			payment_id: PaymentId([1; 32]),
+		};
+
+		{
+			let error_code = 0x2002;
+			let mut first_hop_error_packet = build_unencrypted_failure_packet(
+				outer_onion_keys[0].shared_secret.as_ref(),
+				error_code,
+				&[0; 0],
+			);
+
+			crypt_failure_packet(
+				outer_onion_keys[0].shared_secret.as_ref(),
+				&mut first_hop_error_packet,
+			);
+
+			let decrypted_failure = process_onion_failure(
+				&secp_ctx,
+				&logger,
+				&htlc_source,
+				first_hop_error_packet,
+				None,
+			);
+			assert_eq!(decrypted_failure.onion_error_code, Some(error_code));
+		};
+
+		{
+			let error_code = 0x2003;
+			let mut trampoline_outer_hop_error_packet = build_unencrypted_failure_packet(
+				outer_onion_keys[1].shared_secret.as_ref(),
+				error_code,
+				&[0; 0],
+			);
+
+			crypt_failure_packet(
+				outer_onion_keys[1].shared_secret.as_ref(),
+				&mut trampoline_outer_hop_error_packet,
+			);
+
+			crypt_failure_packet(
+				outer_onion_keys[0].shared_secret.as_ref(),
+				&mut trampoline_outer_hop_error_packet,
+			);
+
+			let decrypted_failure = process_onion_failure(
+				&secp_ctx,
+				&logger,
+				&htlc_source,
+				trampoline_outer_hop_error_packet,
+				None,
+			);
+			assert_eq!(decrypted_failure.onion_error_code, Some(error_code));
+		};
+
+		{
+			let error_code = 0x2004;
+			let mut trampoline_inner_hop_error_packet = build_unencrypted_failure_packet(
+				trampoline_onion_keys[0].shared_secret.as_ref(),
+				error_code,
+				&[0; 0],
+			);
+
+			crypt_failure_packet(
+				trampoline_onion_keys[0].shared_secret.as_ref(),
+				&mut trampoline_inner_hop_error_packet,
+			);
+
+			crypt_failure_packet(
+				outer_onion_keys[1].shared_secret.as_ref(),
+				&mut trampoline_inner_hop_error_packet,
+			);
+
+			crypt_failure_packet(
+				outer_onion_keys[0].shared_secret.as_ref(),
+				&mut trampoline_inner_hop_error_packet,
+			);
+
+			let decrypted_failure = process_onion_failure(
+				&secp_ctx,
+				&logger,
+				&htlc_source,
+				trampoline_inner_hop_error_packet,
+				None,
+			);
+			assert_eq!(decrypted_failure.onion_error_code, Some(error_code));
+		}
+	}
+
 	#[test]
 	fn test_non_attributable_failure_packet_onion() {
 		// Create a failure packet with bogus data.
