Add SendError enum for onion messages and error on too-big packets

Author: valentinewallace

lightning/src/onion_message.rs

@@ -358,6 +358,18 @@ impl Destination {
 	}
 }
 
+/// Errors that may occur when [sending an onion message].
+///
+/// [sending an onion message]: OnionMessenger::send_onion_message
+#[derive(Debug, PartialEq)]
+pub enum SendError {
+	/// Errored computing onion message packet keys.
+	Secp256k1(secp256k1::Error),
+	/// Because implementations such as Eclair will drop onion messages where the message packet
+	/// exceeds 32834 bytes, we refuse to send messages where the packet exceeds this size.
+	TooBigPacket,
+}
+
 /// A sender, receiver and forwarder of onion messages. In upcoming releases, this object will be
 /// used to retrieve invoices and fulfill invoice requests from [offers]. Currently, only sending
 /// and
@@ -444,7 +456,7 @@ impl<Signer: Sign, K: Deref, L: Deref> OnionMessenger<Signer, K, L>
 	}
 
 	/// Send an empty onion message to `destination`, routing it through `intermediate_nodes`.
-	pub fn send_onion_message(&self, intermediate_nodes: Vec<PublicKey>, destination: Destination) -> Result<(), secp256k1::Error> {
+	pub fn send_onion_message(&self, intermediate_nodes: Vec<PublicKey>, destination: Destination) -> Result<(), SendError> {
 		let blinding_secret_bytes = self.keys_manager.get_secure_random_bytes();
 		let blinding_secret = SecretKey::from_slice(&blinding_secret_bytes[..]).expect("RNG is busted");
 		let (introduction_node_id, blinding_point) = if intermediate_nodes.len() != 0 {
@@ -457,9 +469,17 @@ impl<Signer: Sign, K: Deref, L: Deref> OnionMessenger<Signer, K, L>
 			}
 		};
 		let (encrypted_data_keys, onion_packet_keys) = construct_sending_keys(
-			&self.secp_ctx, &intermediate_nodes, &destination, &blinding_secret)?;
+			&self.secp_ctx, &intermediate_nodes, &destination, &blinding_secret)
+			.map_err(|e| SendError::Secp256k1(e))?;
 		let payloads = build_payloads(intermediate_nodes, destination, encrypted_data_keys);
 
+		// Check whether the onion message is too big to send.
+		let payloads_serialized_len = payloads.iter()
+			.fold(0, |total, next_payload| total + next_payload.serialized_length() + 32 /* HMAC */ );
+		if payloads_serialized_len > BIG_PACKET_HOP_DATA_LEN {
+			return Err(SendError::TooBigPacket)
+		}
+
 		let prng_seed = self.keys_manager.get_secure_random_bytes();
 		let onion_packet = onion_utils::construct_onion_message_packet(payloads, onion_packet_keys, prng_seed);
 
@@ -778,13 +798,13 @@ pub type SimpleRefOnionMessenger<'a, 'b, L> = OnionMessenger<InMemorySigner, &'a
 mod tests {
 	use chain::keysinterface::{KeysInterface, Recipient};
 	use ln::msgs::OnionMessageHandler;
-	use onion_message::{BlindedRoute, Destination, OnionMessenger};
+	use onion_message::{BlindedRoute, Destination, OnionMessenger, SendError};
 	use util::enforcing_trait_impls::EnforcingSigner;
 	use util::events::{MessageSendEvent, MessageSendEventsProvider};
 	use util::test_utils;
 
 	use bitcoin::network::constants::Network;
-	use bitcoin::secp256k1::{PublicKey, Secp256k1};
+	use bitcoin::secp256k1::{PublicKey, Secp256k1, SecretKey};
 
 	use sync::Arc;
 
@@ -877,4 +897,18 @@ mod tests {
 		node1.messenger.send_onion_message(vec![], Destination::BlindedRoute(blinded_route)).unwrap();
 		pass_along_path(vec![&node1, &node2, &node3, &node4], None);
 	}
+
+	#[test]
+	fn too_big_packet_error() {
+		// Make sure we error as expected if a packet is too big to send.
+		let nodes = create_nodes(1);
+
+		let hop_secret = SecretKey::from_slice(&hex::decode("0101010101010101010101010101010101010101010101010101010101010101").unwrap()[..]).unwrap();
+		let secp_ctx = Secp256k1::new();
+		let hop_node_id = PublicKey::from_secret_key(&secp_ctx, &hop_secret);
+
+		let hops = vec![hop_node_id.clone(); 400];
+		let err = nodes[0].messenger.send_onion_message(hops, Destination::Node(hop_node_id)).unwrap_err();
+		assert_eq!(err, SendError::TooBigPacket);
+	}
 }