From 041e02b5d8f5393560b29e567c72686b31718eca Mon Sep 17 00:00:00 2001 From: Aditya Sharma Date: Mon, 16 Oct 2023 00:44:33 +0530 Subject: [PATCH] plugins/offers: Extend the capability of decode to decrypt the contents of emergency.recover file. --- plugins/offers.c | 79 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) diff --git a/plugins/offers.c b/plugins/offers.c index a774f5a0c718..a62a93810d9d 100644 --- a/plugins/offers.c +++ b/plugins/offers.c @@ -17,6 +17,10 @@ #include #include #include +#include + +#define HEADER_LEN crypto_secretstream_xchacha20poly1305_HEADERBYTES +#define ABYTES crypto_secretstream_xchacha20poly1305_ABYTES struct pubkey id; u32 blockheight; @@ -159,8 +163,23 @@ struct decodable { struct tlv_invoice *invoice; struct tlv_invoice_request *invreq; struct rune *rune; + u8 *encrypted_blob; }; +static u8 *encrypted_decode(const tal_t *ctx, const char *str, size_t len) { + u8 *data = tal_hexdata(ctx, str, len); + if(!data) + goto fail; + + if(len < ABYTES + HEADER_LEN) + goto fail; + + return data; +fail: + tal_free(data); + return NULL; +} + static struct command_result *param_decodable(struct command *cmd, const char *name, const char *buffer, @@ -226,6 +245,14 @@ static struct command_result *param_decodable(struct command *cmd, return NULL; } + decodable->encrypted_blob = encrypted_decode(decodable, buffer + tok.start, + tok.end - tok.start); + + if (decodable->encrypted_blob) { + decodable->type = "encrypted blob"; + return NULL; + } + decodable->rune = rune_from_base64n(decodable, buffer + tok.start, tok.end - tok.start); if (decodable->rune) { @@ -1009,6 +1036,46 @@ static void json_add_rune(struct command *cmd, struct json_stream *js, const str json_add_bool(js, "valid", true); } +static struct command_result *after_makesecret(struct command *cmd, + const char *buf, + const jsmntok_t *result, + struct decodable *decodable) +{ + struct secret secret; + struct json_stream *response; + const jsmntok_t *secrettok; + + secrettok = json_get_member(buf, result, "secret"); + json_to_secret(buf, secrettok, &secret); + + crypto_secretstream_xchacha20poly1305_state crypto_state; + + u8 *decrypt_blob = tal_arr(tmpctx, u8, + tal_bytelen(decodable->encrypted_blob) - + ABYTES - + HEADER_LEN); + /* The header part */ + if (crypto_secretstream_xchacha20poly1305_init_pull(&crypto_state, + decodable->encrypted_blob, + (&secret)->data) != 0) { + return command_fail(cmd, JSONRPC2_INVALID_PARAMS, "Can't decrypt!"); + } + + if (crypto_secretstream_xchacha20poly1305_pull(&crypto_state, decrypt_blob, + NULL, 0, + decodable->encrypted_blob + + HEADER_LEN, + tal_bytelen(decodable->encrypted_blob)- + HEADER_LEN, + NULL, 0) != 0) { + return command_fail(cmd, JSONRPC2_INVALID_PARAMS, "Can't decrypt!"); + } + + response = jsonrpc_stream_success(cmd); + json_add_hex(response, "decypted", decrypt_blob, tal_bytelen(decrypt_blob)); + return command_finished(cmd, response); +} + static struct command_result *json_decode(struct command *cmd, const char *buffer, const jsmntok_t *params) @@ -1036,6 +1103,18 @@ static struct command_result *json_decode(struct command *cmd, } if (decodable->rune) json_add_rune(cmd, response, decodable->rune); + if (decodable->encrypted_blob) { + struct out_req *req; + const char *info = "scb secret"; + u8 *info_hex = tal_dup_arr(tmpctx, u8, (u8*)info, strlen(info), 0); + + req = jsonrpc_request_start(cmd->plugin, cmd, "makesecret", + after_makesecret, &forward_error, decodable); + + json_add_hex(req->js, "hex", info_hex, tal_bytelen(info_hex)); + return send_outreq(cmd->plugin, req); + } + return command_finished(cmd, response); }