Onion messaging support

.gitignore

@@ -1,2 +1,3 @@
 vendor/
 .idea
+.aider*

cmd/main.go

@@ -9,7 +9,7 @@ import (
 	"os"
 
 	"github.com/btcsuite/btcd/btcec/v2"
-	sphinx "github.com/lightningnetwork/lightning-onion"
+	sphinx "github.com/gijswijs/lightning-onion"
 	"github.com/urfave/cli"
 )
 
@@ -70,6 +70,13 @@ func main() {
 						"data.",
 					Value: defaultHopDataPath,
 				},
+				cli.IntFlag{
+					Name: "payload-size",
+					Usage: "The size for a payload for a " +
+						"single hop. Defaults to the " +
+						"max routing payload size",
+					Value: sphinx.MaxRoutingPayloadSize,
+				},
 			},
 		},
 		{
@@ -203,8 +210,10 @@ func generate(ctx *cli.Context) error {
 		return fmt.Errorf("could not peel onion spec: %v", err)
 	}
 
+	payloadSize := ctx.Int("payload-size")
 	msg, err := sphinx.NewOnionPacket(
 		path, sessionKey, assocData, sphinx.DeterministicPacketFiller,
+		sphinx.WithMaxPayloadSize(payloadSize),
 	)
 	if err != nil {
 		return fmt.Errorf("error creating message: %v", err)

error.go

@@ -1,27 +1,56 @@
 package sphinx
 
-import "fmt"
+import "errors"
 
 var (
 	// ErrReplayedPacket is an error returned when a packet is rejected
 	// during processing due to being an attempted replay or probing
 	// attempt.
-	ErrReplayedPacket = fmt.Errorf("sphinx packet replay attempted")
+	ErrReplayedPacket = errors.New("sphinx packet replay attempted")
 
 	// ErrInvalidOnionVersion is returned during decoding of the onion
 	// packet, when the received packet has an unknown version byte.
-	ErrInvalidOnionVersion = fmt.Errorf("invalid onion packet version")
+	ErrInvalidOnionVersion = errors.New("invalid onion packet version")
 
-	// ErrInvalidOnionHMAC is returned during onion parsing process, when received
-	// mac does not corresponds to the generated one.
-	ErrInvalidOnionHMAC = fmt.Errorf("invalid mismatched mac")
+	// ErrInvalidOnionHMAC is returned during onion parsing process, when
+	// received mac does not corresponds to the generated one.
+	ErrInvalidOnionHMAC = errors.New("invalid mismatched mac")
 
 	// ErrInvalidOnionKey is returned during onion parsing process, when
 	// onion key is invalid.
-	ErrInvalidOnionKey = fmt.Errorf("invalid onion key: pubkey isn't on " +
+	ErrInvalidOnionKey = errors.New("invalid onion key: pubkey isn't on " +
 		"secp256k1 curve")
 
-	// ErrLogEntryNotFound is an error returned when a packet lookup in a replay
-	// log fails because it is missing.
-	ErrLogEntryNotFound = fmt.Errorf("sphinx packet is not in log")
+	// ErrLogEntryNotFound is an error returned when a packet lookup in a
+	// replay log fails because it is missing.
+	ErrLogEntryNotFound = errors.New("sphinx packet is not in log")
+
+	// ErrPayloadSizeExceeded is returned when the payload size exceeds the
+	// configured payload size of the onion packet.
+	ErrPayloadSizeExceeded = errors.New("max payload size exceeded")
+
+	// ErrSharedSecretDerivation is returned when we fail to derive the
+	// shared secret for a hop.
+	ErrSharedSecretDerivation = errors.New("error generating shared secret")
+
+	// ErrMissingHMAC is returned when the onion packet is too small to
+	// contain a valid HMAC.
+	ErrMissingHMAC = errors.New("onion packet is too small, missing HMAC")
+
+	// ErrNegativeRoutingInfoSize is returned when a negative routing info
+	// size is specified in the Sphinx configuration.
+	ErrNegativeRoutingInfoSize = errors.New("payload size must be " +
+		"non-negative")
+
+	// ErrNegativePayloadSize is returned when a negative payload size is
+	// specified in the Sphinx configuration.
+	ErrNegativePayloadSize = errors.New("payload size must be " +
+		"non-negative")
+
+	// ErrZeroHops is returned when attempting to create a route with zero
+	// hops.
+	ErrZeroHops = errors.New("route of length zero passed in")
+
+	// ErrIOReadFull is returned when an io read full operation fails.
+	ErrIOReadFull = errors.New("io read full error")
 )

go.mod

@@ -1,23 +1,23 @@
-module github.com/lightningnetwork/lightning-onion
+module github.com/gijswijs/lightning-onion
 
 require (
 	github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da
-	github.com/btcsuite/btcd v0.22.0-beta.0.20220207191057-4dc4ff7963b4
-	github.com/btcsuite/btcd/btcec/v2 v2.1.0
-	github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f
+	github.com/btcsuite/btcd v0.24.3-0.20250318170759-4f4ea81776d6
+	github.com/btcsuite/btcd/btcec/v2 v2.3.4
+	github.com/btcsuite/btclog v0.0.0-20241003133417-09c4e92e319c
 	github.com/davecgh/go-spew v1.1.1
-	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1
-	github.com/stretchr/testify v1.8.2
-	github.com/urfave/cli v1.22.5
-	golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0
+	github.com/stretchr/testify v1.10.0
+	github.com/urfave/cli v1.22.9
+	golang.org/x/crypto v0.33.0
 )
 
 require (
-	github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d // indirect
+	github.com/btcsuite/btcd/chaincfg/chainhash v1.1.0 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/russross/blackfriday/v2 v2.0.1 // indirect
-	github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
-	golang.org/x/sys v0.0.0-20200814200057-3d37ad5750ed // indirect
+	github.com/russross/blackfriday/v2 v2.1.0 // indirect
+	golang.org/x/sys v0.30.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 

go.sum

@@ -1,47 +1,37 @@
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da h1:KjTM2ks9d14ZYCvmHS9iAKVt9AyzRSqNU1qabPih5BY=
 github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA=
-github.com/btcsuite/btcd v0.22.0-beta.0.20220207191057-4dc4ff7963b4 h1:CEGr/598C/0LZQUoioaT6sdGGcJgu4+ck0PDeJ/QkKs=
-github.com/btcsuite/btcd v0.22.0-beta.0.20220207191057-4dc4ff7963b4/go.mod h1:7alexyj/lHlOtr2PJK7L/+HDJZpcGDn/pAU98r7DY08=
-github.com/btcsuite/btcd/btcec/v2 v2.1.0 h1:Whmbo9yShKKG+WrUfYGFfgj77vYBiwhwBSJnM66TMKI=
-github.com/btcsuite/btcd/btcec/v2 v2.1.0/go.mod h1:2VzYrv4Gm4apmbVVsSq5bqf1Ec8v56E48Vt0Y/umPgA=
-github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f h1:bAs4lUbRJpnnkd9VhRV3jjAVU7DJVjMaK+IsvSeZvFo=
-github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f/go.mod h1:TdznJufoqS23FtqVCzL0ZqgP5MqXbb4fg/WgDys70nA=
-github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSYgptZMwQh2aRr3LuazLJIa+Pg3Kc1ylSYVY=
+github.com/btcsuite/btcd v0.24.3-0.20250318170759-4f4ea81776d6 h1:8n9k3I7e8DkpdQ5YAP4j8ly/LSsbe6qX9vmVbrUGvVw=
+github.com/btcsuite/btcd v0.24.3-0.20250318170759-4f4ea81776d6/go.mod h1:OmM4kFtB0klaG/ZqT86rQiyw/1iyXlJgc3UHClPhhbs=
+github.com/btcsuite/btcd/btcec/v2 v2.3.4 h1:3EJjcN70HCu/mwqlUsGK8GcNVyLVxFDlWurTXGPFfiQ=
+github.com/btcsuite/btcd/btcec/v2 v2.3.4/go.mod h1:zYzJ8etWJQIv1Ogk7OzpWjowwOdXY1W/17j2MW85J04=
+github.com/btcsuite/btcd/chaincfg/chainhash v1.1.0 h1:59Kx4K6lzOW5w6nFlA0v5+lk/6sjybR934QNHSJZPTQ=
+github.com/btcsuite/btcd/chaincfg/chainhash v1.1.0/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc=
+github.com/btcsuite/btclog v0.0.0-20241003133417-09c4e92e319c h1:4HxD1lBUGUddhzgaNgrCPsFWd7cGYNpeFUgd9ZIgyM0=
+github.com/btcsuite/btclog v0.0.0-20241003133417-09c4e92e319c/go.mod h1:w7xnGOhwT3lmrS4H3b/D1XAXxvh+tbhUm8xeHN2y3TQ=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
-github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4=
+github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/decred/dcrd/crypto/blake256 v1.0.0/go.mod h1:sQl2p6Y26YV+ZOcSTP6thNdn47hh8kt6rqSlvmrXFAc=
-github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 h1:YLtO71vCjJRCBcrPMtQ9nqBsqpA1m5sE92cU+pd5Mcc=
-github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1/go.mod h1:hyedUtir6IdtD/7lIxGeCxkaw7y45JueMRL4DIyJDKs=
+github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 h1:rpfIENRNNilwHwZeG5+P150SMrnNEcHYvcCuK6dPZSg=
+github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q=
 github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo=
+github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
-github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
-github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
-github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
-github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/urfave/cli v1.22.5 h1:lNq9sAHXK2qfdI8W+GRItjCEkI+2oR4d+MEHy1CKXoU=
-github.com/urfave/cli v1.22.5/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI=
-golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200814200057-3d37ad5750ed h1:J22ig1FUekjjkmZUM7pTKixYm8DvrYsvrBZdunYeIuQ=
-golang.org/x/sys v0.0.0-20200814200057-3d37ad5750ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/urfave/cli v1.22.9 h1:cv3/KhXGBGjEXLC4bH0sLuJ9BewaAbpk5oyMOveu4pw=
+github.com/urfave/cli v1.22.9/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
+golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus=
+golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M=
+golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
+golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

packetfiller.go

@@ -12,16 +12,17 @@ import (
 // in order to ensure we don't leak information on the true route length to the
 // receiver. The packet filler may also use the session key to generate a set
 // of filler bytes if it wishes to be deterministic.
-type PacketFiller func(*btcec.PrivateKey, *[routingInfoSize]byte) error
+type PacketFiller func(*btcec.PrivateKey, []byte) error
 
 // RandPacketFiller is a packet filler that reads a set of random bytes from a
 // CSPRNG.
-func RandPacketFiller(_ *btcec.PrivateKey, mixHeader *[routingInfoSize]byte) error {
+func RandPacketFiller(_ *btcec.PrivateKey, mixHeader []byte) error {
 	// Read out random bytes to fill out the rest of the starting packet
 	// after the hop payload for the final node. This mitigates a privacy
 	// leak that may reveal a lower bound on the true path length to the
 	// receiver.
-	if _, err := rand.Read(mixHeader[:]); err != nil {
+	_, err := rand.Read(mixHeader)
+	if err != nil {
 		return err
 	}
 
@@ -31,15 +32,15 @@ func RandPacketFiller(_ *btcec.PrivateKey, mixHeader *[routingInfoSize]byte) err
 // BlankPacketFiller is a packet filler that doesn't attempt to fill out the
 // packet at all. It should ONLY be used for generating test vectors or other
 // instances that required deterministic packet generation.
-func BlankPacketFiller(_ *btcec.PrivateKey, _ *[routingInfoSize]byte) error {
+func BlankPacketFiller(_ *btcec.PrivateKey, _ []byte) error {
 	return nil
 }
 
 // DeterministicPacketFiller is a packet filler that generates a deterministic
 // set of filler bytes by using chacha20 with a key derived from the session
 // key.
 func DeterministicPacketFiller(sessionKey *btcec.PrivateKey,
-	mixHeader *[routingInfoSize]byte) error {
+	mixHeader []byte) error {
 
 	// First, we'll generate a new key that'll be used to generate some
 	// random bytes for our padding purposes. To derive this new key, we
@@ -55,7 +56,8 @@ func DeterministicPacketFiller(sessionKey *btcec.PrivateKey,
 	if err != nil {
 		return err
 	}
-	padCipher.XORKeyStream(mixHeader[:], mixHeader[:])
+
+	padCipher.XORKeyStream(mixHeader, mixHeader)
 
 	return nil
 }