f - invoice_request semantic and signature checks

Author: jkczyz

lightning/src/offers/invoice_request.rs

@@ -10,14 +10,15 @@
 //! Data structures and encoding for `invoice_request` messages.
 
 use bitcoin::hash_types::BlockHash;
-use bitcoin::secp256k1::PublicKey;
+use bitcoin::hashes::{Hash, sha256};
+use bitcoin::secp256k1::{Message, PublicKey, Secp256k1, self};
 use bitcoin::secp256k1::schnorr::Signature;
 use core::convert::TryFrom;
 use core::str::FromStr;
 use ln::features::OfferFeatures;
 use offers::PayerTlvStream;
-use offers::merkle::SignatureTlvStream;
-use offers::offer::{OfferContents, OfferTlvStream};
+use offers::merkle::{SignatureTlvStream, self};
+use offers::offer::{Amount, OfferContents, OfferTlvStream};
 use offers::parse::{Bech32Encode, ParseError, SemanticError};
 
 ///
@@ -30,15 +31,33 @@ pub struct InvoiceRequest {
 pub(crate) struct InvoiceRequestContents {
 	offer: OfferContents,
 	chain: Option<BlockHash>,
-	amount_msat: Option<u64>,
+	amount_msats: Option<u64>,
 	features: Option<OfferFeatures>,
 	quantity: Option<u64>,
-	payer_id: Option<PublicKey>,
+	payer_id: PublicKey,
 	payer_note: Option<String>,
 	payer_info: Option<Vec<u8>>,
 	signature: Option<Signature>,
 }
 
+impl InvoiceRequestContents {
+	pub fn verify_signature(&self, bytes: &[u8]) -> Result<(), secp256k1::Error> {
+		if let Some(signature) = &self.signature {
+			let tag = sha256::Hash::hash(
+				concat!("lightning", "invoice_request", "signature").as_bytes()
+			);
+			let merkle_root = merkle::root_hash(bytes);
+			let digest = Message::from_slice(&merkle::tagged_hash(tag, merkle_root)).unwrap();
+			let pubkey = self.payer_id.into();
+			let secp_ctx = Secp256k1::verification_only();
+			secp_ctx.verify_schnorr(signature, &digest, &pubkey)
+		} else {
+			Ok(())
+		}
+	}
+
+}
+
 impl AsRef<[u8]> for InvoiceRequest {
 	fn as_ref(&self) -> &[u8] {
 		&self.bytes
@@ -69,6 +88,8 @@ impl FromStr for InvoiceRequest {
 	fn from_str(s: &str) -> Result<Self, <Self as FromStr>::Err> {
 		let (tlv_stream, bytes) = InvoiceRequest::from_bech32_str(s)?;
 		let contents = InvoiceRequestContents::try_from(tlv_stream)?;
+		contents.verify_signature(&bytes)?;
+
 		Ok(InvoiceRequest { bytes, contents })
 	}
 }
@@ -93,16 +114,44 @@ impl TryFrom<FullInvoiceRequestTlvStream> for InvoiceRequestContents {
 		};
 
 		// TODO: Check remaining fields against the reflected offer
-		let amount_msat = amount.map(Into::into);
 
-		let quantity = quantity.map(Into::into);
+		// TODO: Determine whether quantity should be accounted for
+		let amount_msats = match (offer.amount(), amount.map(Into::into)) {
+			// TODO: Handle currency case
+			(Some(Amount::Currency { .. }), _) => return Err(SemanticError::UnexpectedCurrency),
+			(Some(_), None) => return Err(SemanticError::MissingAmount),
+			(Some(Amount::Bitcoin { amount_msats: offer_amount_msats }), Some(amount_msats)) => {
+				if amount_msats < *offer_amount_msats {
+					return Err(SemanticError::InsufficientAmount);
+				} else {
+					Some(amount_msats)
+				}
+			},
+			(_, amount_msats) => amount_msats,
+		};
+
+		if let Some(features) = &features {
+			if features.requires_unknown_bits() {
+				return Err(SemanticError::UnknownRequiredFeatures);
+			}
+		}
+
+		let quantity = match quantity.map(Into::into) {
+			Some(quantity) if offer.is_valid_quantity(quantity) => Some(quantity),
+			_ => return Err(SemanticError::InvalidQuantity),
+		};
+
+		let payer_id = match payer_id {
+			None => return Err(SemanticError::MissingPayerId),
+			Some(payer_id) => payer_id,
+		};
 
 		let payer_note = payer_note.map(Into::into);
 
 		let payer_info = payer_info.map(Into::into);
 
 		Ok(InvoiceRequestContents {
-			offer, chain, amount_msat, features, quantity, payer_id, payer_note, payer_info,
+			offer, chain, amount_msats, features, quantity, payer_id, payer_note, payer_info,
 			signature,
 		})
 	}

lightning/src/offers/offer.rs

@@ -202,7 +202,7 @@ impl Offer {
 
 	///
 	pub fn amount(&self) -> Option<&Amount> {
-		self.contents.amount.as_ref()
+		self.contents.amount()
 	}
 
 	///
@@ -252,6 +252,11 @@ impl Offer {
 		self.contents.quantity_max()
 	}
 
+	///
+	pub fn is_valid_quantity(&self, quantity: u64) -> bool {
+		self.contents.is_valid_quantity(quantity)
+	}
+
 	///
 	pub fn node_id(&self) -> PublicKey {
 		Self::node_id_from_parts(self.contents.node_id, self.paths())
@@ -302,6 +307,10 @@ impl OfferContents {
 			.unwrap_or_else(|| genesis_block(Network::Bitcoin).block_hash())
 	}
 
+	pub fn amount(&self) -> Option<&Amount> {
+		self.amount.as_ref()
+	}
+
 	pub fn quantity_min(&self) -> u64 {
 		self.quantity_min.unwrap_or(1)
 	}
@@ -311,6 +320,14 @@ impl OfferContents {
 			self.quantity_min.map_or(1, |_| u64::max_value()))
 	}
 
+	pub fn is_valid_quantity(&self, quantity: u64) -> bool {
+		if self.quantity_min.is_none() && self.quantity_max.is_none() {
+			false
+		} else {
+			quantity >= self.quantity_min() && quantity <= self.quantity_max()
+		}
+	}
+
 	fn as_tlv_stream(&self) -> reference::OfferTlvStream {
 		let (currency, amount) = match &self.amount {
 			None => (None, None),

lightning/src/offers/parse.rs

@@ -11,6 +11,7 @@
 
 use bitcoin::bech32;
 use bitcoin::bech32::{FromBase32, ToBase32};
+use bitcoin::secp256k1;
 use core::fmt;
 use ln::msgs::DecodeError;
 use util::ser::Readable;
@@ -68,6 +69,8 @@ pub enum ParseError {
 	Decode(DecodeError),
 	/// The parsed message has invalid semantics.
 	InvalidSemantics(SemanticError),
+	/// The parsed message has an invalid signature.
+	InvalidSignature(secp256k1::Error),
 }
 
 /// Error when interpreting a TLV stream as a specific type.
@@ -77,6 +80,12 @@ pub enum SemanticError {
 	UnsupportedChain,
 	/// A currency was provided without an amount.
 	UnexpectedCurrency,
+	///
+	MissingAmount,
+	///
+	InsufficientAmount,
+	///
+	UnknownRequiredFeatures,
 	/// A required description was not provided.
 	MissingDescription,
 	/// Either a node id or a blinded path was not provided.
@@ -85,6 +94,8 @@ pub enum SemanticError {
 	MissingPaths,
 	/// A quantity representing an empty range or that was outside of a valid range was provided.
 	InvalidQuantity,
+	///
+	MissingPayerId,
 }
 
 impl From<bech32::Error> for ParseError {
@@ -104,3 +115,9 @@ impl From<SemanticError> for ParseError {
 		Self::InvalidSemantics(error)
 	}
 }
+
+impl From<secp256k1::Error> for ParseError {
+	fn from(error: secp256k1::Error) -> Self {
+		Self::InvalidSignature(error)
+	}
+}