f - Use saturating_add

jkczyz · jkczyz · commit 5f61a120dea6 · 2022-01-24T00:00:38.000-06:00
diff --git a/lightning-invoice/src/de.rs b/lightning-invoice/src/de.rs
@@ -24,7 +24,7 @@ use secp256k1::key::PublicKey;
 
 use super::{Invoice, Sha256, TaggedField, ExpiryTime, MinFinalCltvExpiry, Fallback, PayeePubKey, InvoiceSignature, PositiveTimestamp,
 	SemanticError, PrivateRoute, Description, RawTaggedField, Currency, RawHrp, SiPrefix, RawInvoice, constants, SignedRawInvoice,
-	RawDataPart, CreationError, InvoiceFeatures};
+	RawDataPart, InvoiceFeatures};
 
 use self::hrp_sm::parse_hrp;
 
@@ -357,11 +357,7 @@ impl FromBase32 for PositiveTimestamp {
 		}
 		let timestamp: u64 = parse_int_be(b32, 32)
 			.expect("7*5bit < 64bit, no overflow possible");
-		match PositiveTimestamp::from_unix_timestamp(timestamp) {
-			Ok(t) => Ok(t),
-			Err(CreationError::TimestampOutOfBounds) => Err(ParseError::TimestampOverflow),
-			Err(_) => unreachable!(),
-		}
+		Ok(PositiveTimestamp::from_unix_timestamp(timestamp))
 	}
 }
 
@@ -516,7 +512,7 @@ impl FromBase32 for ExpiryTime {
 
 	fn from_base32(field_data: &[u5]) -> Result<ExpiryTime, ParseError> {
 		match parse_int_be::<u64, u5>(field_data, 32)
-			.and_then(|t| ExpiryTime::from_seconds(t).ok()) // ok, since the only error is out of bounds
+			.map(|t| ExpiryTime::from_seconds(t))
 		{
 			Some(t) => Ok(t),
 			None => Err(ParseError::IntegerOverflowError),
@@ -646,7 +642,6 @@ pub enum ParseError {
 	/// Not an error, but used internally to signal that a part of the invoice should be ignored
 	/// according to BOLT11
 	Skip,
-	TimestampOverflow,
 }
 
 /// Indicates that something went wrong while parsing or validating the invoice. Parsing errors
@@ -709,9 +704,6 @@ impl Display for ParseError {
 			ParseError::Skip => {
 				f.write_str("the tagged field has to be skipped because of an unexpected, but allowed property")
 			},
-			ParseError::TimestampOverflow => {
-                f.write_str("the invoice's timestamp could not be represented as SystemTime")
-            },
 		}
 	}
 }
@@ -877,7 +869,7 @@ mod test {
 		use bech32::FromBase32;
 
 		let input = from_bech32("pu".as_bytes());
-		let expected = Ok(ExpiryTime::from_seconds(60).unwrap());
+		let expected = Ok(ExpiryTime::from_seconds(60));
 		assert_eq!(ExpiryTime::from_base32(&input), expected);
 
 		let input_too_large = from_bech32("sqqqqqqqqqqqq".as_bytes());
@@ -1028,7 +1020,7 @@ mod test {
 							si_prefix: Some(SiPrefix::Milli)
 						},
 						data: RawDataPart {
-							timestamp: PositiveTimestamp::from_unix_timestamp(1496314658).unwrap(),
+							timestamp: PositiveTimestamp::from_unix_timestamp(1496314658),
 							tagged_fields: vec ! [
 								PaymentHash(Sha256(sha256::Hash::from_hex(
 									"0001020304050607080900010203040506070809000102030405060708090102"
@@ -1075,7 +1067,7 @@ mod test {
 						si_prefix: None,
 					},
 					data: RawDataPart {
-					timestamp: PositiveTimestamp::from_unix_timestamp(1496314658).unwrap(),
+					timestamp: PositiveTimestamp::from_unix_timestamp(1496314658),
 					tagged_fields: vec ! [
 						PaymentHash(Sha256(sha256::Hash::from_hex(
 							"0001020304050607080900010203040506070809000102030405060708090102"
diff --git a/lightning-invoice/src/lib.rs b/lightning-invoice/src/lib.rs
@@ -85,17 +85,6 @@ mod sync;
 
 pub use de::{ParseError, ParseOrSemanticError};
 
-/// The maximum timestamp that can be represented as a [`Duration`] since the UNIX epoch while
-/// allowing for adding an expiry without overflowing.
-const MAX_TIMESTAMP: u64 = core::i64::MAX as u64;
-
-/// The maximum expiry allowed, represented as a [`Duration`] since the invoice timestamp.
-const MAX_EXPIRY_TIME: u64 = (core::i64::MAX) as u64 + 1;
-
-/// Assert that the maximum expiry represented as a [`Duration`] since the UNIX epoch does not
-/// exceed [`u64::MAX`].
-const _MAX_EXPIRY_TIMESTAMP: u64 = MAX_TIMESTAMP + MAX_EXPIRY_TIME;
-
 /// Default expiry time as defined by [BOLT 11].
 ///
 /// [BOLT 11]: https://github.com/lightningnetwork/lightning-rfc/blob/master/11-payment-encoding.md
@@ -385,10 +374,6 @@ pub struct PayeePubKey(pub PublicKey);
 
 /// Positive duration that defines when (relatively to the timestamp) in the future the invoice
 /// expires
-///
-/// # Invariants
-/// The number of seconds this expiry time represents has to be in the range
-/// `0...MAX_EXPIRY_TIME` to avoid overflows when adding it to a timestamp.
 #[derive(Clone, Debug, Hash, Eq, PartialEq)]
 pub struct ExpiryTime(Duration);
 
@@ -496,10 +481,7 @@ impl<D: tb::Bool, H: tb::Bool, T: tb::Bool, C: tb::Bool, S: tb::Bool> InvoiceBui
 
 	/// Sets the expiry time
 	pub fn expiry_time(mut self, expiry_time: Duration) -> Self {
-        match ExpiryTime::from_duration(expiry_time) {
-            Ok(t) => self.tagged_fields.push(TaggedField::ExpiryTime(t)),
-            Err(e) => self.error = Some(e),
-        };
+        self.tagged_fields.push(TaggedField::ExpiryTime(ExpiryTime::from_duration(expiry_time)));
 		self
 	}
 
@@ -591,19 +573,15 @@ impl<D: tb::Bool, H: tb::Bool, C: tb::Bool, S: tb::Bool> InvoiceBuilder<D, H, tb
 
 	/// Sets the timestamp to a duration since the UNIX epoch.
 	pub fn duration_since_epoch(mut self, time: Duration) -> InvoiceBuilder<D, H, tb::True, C, S> {
-		match PositiveTimestamp::from_duration_since_epoch(time) {
-			Ok(t) => self.timestamp = Some(t),
-			Err(e) => self.error = Some(e),
-		}
-
+		self.timestamp = Some(PositiveTimestamp::from_duration_since_epoch(time));
 		self.set_flags()
 	}
 
 	/// Sets the timestamp to the current system time.
 	#[cfg(feature = "std")]
 	pub fn current_timestamp(mut self) -> InvoiceBuilder<D, H, tb::True, C, S> {
 		let now = PositiveTimestamp::from_system_time(SystemTime::now());
-		self.timestamp = Some(now.expect("for the foreseeable future this shouldn't happen"));
+		self.timestamp = Some(now.expect("this shouldn't happen after the UNIX epoch"));
 		self.set_flags()
 	}
 }
@@ -946,35 +924,24 @@ impl PositiveTimestamp {
 	/// Creates a `PositiveTimestamp` from a unix timestamp in the range `0...MAX_TIMESTAMP`.
 	///
 	/// Otherwise, returns a [`CreationError::TimestampOutOfBounds`].
-	pub fn from_unix_timestamp(unix_seconds: u64) -> Result<Self, CreationError> {
-		if unix_seconds > MAX_TIMESTAMP {
-			Err(CreationError::TimestampOutOfBounds)
-		} else {
-			Ok(PositiveTimestamp(Duration::from_secs(unix_seconds)))
-		}
+	pub fn from_unix_timestamp(unix_seconds: u64) -> Self {
+		PositiveTimestamp(Duration::from_secs(unix_seconds))
 	}
 
-	/// Creates a `PositiveTimestamp` from a [`SystemTime`] with a corresponding unix timestamp in
-	/// the range `0...MAX_TIMESTAMP`.
+	/// Creates a `PositiveTimestamp` from a [`SystemTime`] with a corresponding unix timestamp.
 	///
-	/// Otherwise, returns a [`CreationError::TimestampOutOfBounds`].
+	/// Returns a [`CreationError::TimestampOutOfBounds`] if `time` is before
+	/// [`SystemTime::UNIX_EPOCH`].
 	#[cfg(feature = "std")]
 	pub fn from_system_time(time: SystemTime) -> Result<Self, CreationError> {
 		time.duration_since(SystemTime::UNIX_EPOCH)
 			.map(Self::from_duration_since_epoch)
-			.unwrap_or(Err(CreationError::TimestampOutOfBounds))
+			.map_err(|_| CreationError::TimestampOutOfBounds)
 	}
 
-	/// Creates a `PositiveTimestamp` from a [`Duration`] since the UNIX epoch in the range
-	/// `0...MAX_TIMESTAMP`.
-	///
-	/// Otherwise, returns a [`CreationError::TimestampOutOfBounds`].
-	pub fn from_duration_since_epoch(duration: Duration) -> Result<Self, CreationError> {
-		if duration.as_secs() <= MAX_TIMESTAMP {
-			Ok(PositiveTimestamp(duration))
-		} else {
-			Err(CreationError::TimestampOutOfBounds)
-		}
+	/// Creates a `PositiveTimestamp` from a [`Duration`] since the UNIX epoch.
+	pub fn from_duration_since_epoch(duration: Duration) -> Self {
+		PositiveTimestamp(duration)
 	}
 
 	/// Returns the UNIX timestamp representing the stored time
@@ -1219,7 +1186,7 @@ impl Invoice {
 	/// Returns whether the expiry time would pass at the given point in time.
 	/// `at_time` is the timestamp as a duration since the UNIX epoch.
 	pub fn would_expire(&self, at_time: Duration) -> bool {
-		self.duration_since_epoch() + self.expiry_time() < at_time
+		self.duration_since_epoch().saturating_add(self.expiry_time()) < at_time
 	}
 
 	/// Returns the invoice's `min_final_cltv_expiry` time, if present, otherwise
@@ -1340,26 +1307,14 @@ impl Deref for PayeePubKey {
 }
 
 impl ExpiryTime {
-	/// Construct an `ExpiryTime` from seconds. If there exists a `PositiveTimestamp` which would
-	/// overflow on adding the `ExpiryTime` to it then this function will return a
-	/// `CreationError::ExpiryTimeOutOfBounds`.
-	pub fn from_seconds(seconds: u64) -> Result<ExpiryTime, CreationError> {
-		if seconds <= MAX_EXPIRY_TIME {
-			Ok(ExpiryTime(Duration::from_secs(seconds)))
-		} else {
-			Err(CreationError::ExpiryTimeOutOfBounds)
-		}
+	/// Construct an `ExpiryTime` from seconds.
+	pub fn from_seconds(seconds: u64) -> ExpiryTime {
+		ExpiryTime(Duration::from_secs(seconds))
 	}
 
-	/// Construct an `ExpiryTime` from a `Duration`. If there exists a `PositiveTimestamp` which
-	/// would overflow on adding the `ExpiryTime` to it then this function will return a
-	/// `CreationError::ExpiryTimeOutOfBounds`.
-	pub fn from_duration(duration: Duration) -> Result<ExpiryTime, CreationError> {
-		if duration.as_secs() <= MAX_EXPIRY_TIME {
-			Ok(ExpiryTime(duration))
-		} else {
-			Err(CreationError::ExpiryTimeOutOfBounds)
-		}
+	/// Construct an `ExpiryTime` from a `Duration`.
+	pub fn from_duration(duration: Duration) -> ExpiryTime {
+		ExpiryTime(duration)
 	}
 
 	/// Returns the expiry time in seconds
@@ -1428,12 +1383,9 @@ pub enum CreationError {
 	/// The specified route has too many hops and can't be encoded
 	RouteTooLong,
 
-	/// The unix timestamp of the supplied date is <0 or can't be represented as `SystemTime`
+	/// The unix timestamp of the supplied date is less than zero
 	TimestampOutOfBounds,
 
-	/// The supplied expiry time could cause an overflow if added to a `PositiveTimestamp`
-	ExpiryTimeOutOfBounds,
-
 	/// The supplied millisatoshi amount was greater than the total bitcoin supply.
 	InvalidAmount,
 }
@@ -1443,8 +1395,7 @@ impl Display for CreationError {
 		match self {
 			CreationError::DescriptionTooLong => f.write_str("The supplied description string was longer than 639 bytes"),
 			CreationError::RouteTooLong => f.write_str("The specified route has too many hops and can't be encoded"),
-			CreationError::TimestampOutOfBounds => f.write_str("The unix timestamp of the supplied date is <0 or can't be represented as `SystemTime`"),
-			CreationError::ExpiryTimeOutOfBounds => f.write_str("The supplied expiry time could cause an overflow if added to a `PositiveTimestamp`"),
+			CreationError::TimestampOutOfBounds => f.write_str("The unix timestamp of the supplied date is less than zero"),
 			CreationError::InvalidAmount => f.write_str("The supplied millisatoshi amount was greater than the total bitcoin supply"),
 		}
 	}
@@ -1534,19 +1485,6 @@ mod test {
 	use bitcoin_hashes::hex::FromHex;
 	use bitcoin_hashes::sha256;
 
-	#[test]
-	fn test_system_time_bounds_assumptions() {
-		assert_eq!(
-			::PositiveTimestamp::from_unix_timestamp(::MAX_TIMESTAMP + 1),
-			Err(::CreationError::TimestampOutOfBounds)
-		);
-
-		assert_eq!(
-			::ExpiryTime::from_seconds(::MAX_EXPIRY_TIME + 1),
-			Err(::CreationError::ExpiryTimeOutOfBounds)
-		);
-	}
-
 	#[test]
 	fn test_calc_invoice_hash() {
 		use ::{RawInvoice, RawHrp, RawDataPart, Currency, PositiveTimestamp};
@@ -1559,7 +1497,7 @@ mod test {
 				si_prefix: None,
 			},
 			data: RawDataPart {
-				timestamp: PositiveTimestamp::from_unix_timestamp(1496314658).unwrap(),
+				timestamp: PositiveTimestamp::from_unix_timestamp(1496314658),
 				tagged_fields: vec![
 					PaymentHash(::Sha256(sha256::Hash::from_hex(
 						"0001020304050607080900010203040506070809000102030405060708090102"
@@ -1597,7 +1535,7 @@ mod test {
 					si_prefix: None,
 				},
 				data: RawDataPart {
-					timestamp: PositiveTimestamp::from_unix_timestamp(1496314658).unwrap(),
+					timestamp: PositiveTimestamp::from_unix_timestamp(1496314658),
 					tagged_fields: vec ! [
 						PaymentHash(Sha256(sha256::Hash::from_hex(
 							"0001020304050607080900010203040506070809000102030405060708090102"
@@ -1667,7 +1605,7 @@ mod test {
 				si_prefix: None,
 			},
 			data: RawDataPart {
-				timestamp: PositiveTimestamp::from_unix_timestamp(1496314658).unwrap(),
+				timestamp: PositiveTimestamp::from_unix_timestamp(1496314658),
 				tagged_fields: vec ! [
 					PaymentHash(Sha256(sha256::Hash::from_hex(
 						"0001020304050607080900010203040506070809000102030405060708090102"
