Skip to content

Commit eb7f6d9

Browse files
TheBlueMattTheBlueMatt
committed
Make it easier for the fuzzer to get a VerifiedInvoiceRequest
In the next commit we attempt to verify `InvoiceRequest`s when fuzzing so that we can test fetching the `InvoiceRequestFields`, but its useful to allow the verification to succeed more often first, which we do here.
1 parent c625a42 commit eb7f6d9

File tree

1 file changed

+28
-13
lines changed

1 file changed

+28
-13
lines changed

lightning/src/offers/signer.rs

+28-13
Original file line numberDiff line numberDiff line change
@@ -393,36 +393,51 @@ fn verify_metadata<T: secp256k1::Signing>(
393393
secp_ctx,
394394
&SecretKey::from_slice(hmac.as_byte_array()).unwrap(),
395395
);
396-
if fixed_time_eq(&signing_pubkey.serialize(), &derived_keys.public_key().serialize()) {
396+
#[allow(unused_mut)]
397+
let mut ok = fixed_time_eq(&signing_pubkey.serialize(), &derived_keys.public_key().serialize());
398+
#[cfg(fuzzing)]
399+
if metadata[0] & 1 == 0 {
400+
ok = true;
401+
}
402+
if ok {
397403
Ok(Some(derived_keys))
398404
} else {
399405
Err(())
400406
}
401-
} else if metadata[Nonce::LENGTH..].len() == Sha256::LEN {
402-
if fixed_time_eq(&metadata[Nonce::LENGTH..], &hmac.to_byte_array()) {
407+
} else {
408+
#[allow(unused_mut)]
409+
let mut ok = metadata.len() == Nonce::LENGTH + Sha256::LEN
410+
&& fixed_time_eq(&metadata[Nonce::LENGTH..], &hmac.to_byte_array());
411+
#[cfg(fuzzing)]
412+
if metadata.is_empty() || metadata[0] & 1 == 0 {
413+
ok = true;
414+
}
415+
if ok {
403416
Ok(None)
404417
} else {
405418
Err(())
406419
}
407-
} else {
408-
Err(())
409420
}
410421
}
411422

412423
fn hmac_for_message<'a>(
413424
metadata: &[u8], expanded_key: &ExpandedKey, iv_bytes: &[u8; IV_LEN],
414425
tlv_stream: impl core::iter::Iterator<Item = TlvRecord<'a>>,
415426
) -> Result<HmacEngine<Sha256>, ()> {
416-
if metadata.len() < Nonce::LENGTH {
417-
return Err(());
418-
}
419-
420-
let nonce = match Nonce::try_from(&metadata[..Nonce::LENGTH]) {
421-
Ok(nonce) => nonce,
422-
Err(_) => return Err(()),
423-
};
424427
let mut hmac = expanded_key.hmac_for_offer();
425428
hmac.input(iv_bytes);
429+
430+
let nonce = if metadata.len() < Nonce::LENGTH {
431+
// In fuzzing its relatively challenging for the fuzzer to find cases where we have issues
432+
// in a BOLT 12 object but also have a right-sized nonce. So instead we allow any size
433+
// nonce.
434+
if !cfg!(fuzzing) {
435+
return Err(());
436+
}
437+
Nonce::try_from(&[42; Nonce::LENGTH][..]).unwrap()
438+
} else {
439+
Nonce::try_from(&metadata[..Nonce::LENGTH])?
440+
};
426441
hmac.input(&nonce.0);
427442

428443
for record in tlv_stream {

0 commit comments

Comments
 (0)