mirrors/rust-lightning
1
0
Fork 0
mirror of https://github.com/lightningdevkit/rust-lightning.git synced 2025-03-13 14:52:21 +01:00
Code Issues Projects Releases Packages Wiki Activity

Add a MessageContext::DNSResolution to protect against probing

Browse source 
When we make a DNSSEC query with a reply path, we don't want to
allow the DNS resolver to attempt to respond to various nodes to
try to detect (through timining or other analysis) whether we were
the one who made the query. Thus, we need to include a nonce in the
context in our reply path, which we set up here by creating a new
context type for DNS resolutions.
This commit is contained in:
Matt Corallo 2024-09-30 14:45:36 +00:00
parent a661c92746
commit 151a8a1aaf
1 changed files with 20 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
lightning/src/blinded_path/message.rs
View file

@ -284,6 +284,9 @@ pub enum MessageContext {
///
/// [`AsyncPaymentsMessage`]: crate::onion_message::async_payments::AsyncPaymentsMessage
AsyncPayments(AsyncPaymentsContext),
/// Represents a context for a blinded path used in a reply path when requesting a DNSSEC proof
/// in a `DNSResolverMessage`.
DNSResolver(DNSResolverContext),
/// Context specific to a [`CustomOnionMessageHandler::CustomMessage`].
///
/// [`CustomOnionMessageHandler::CustomMessage`]: crate::onion_message::messenger::CustomOnionMessageHandler::CustomMessage
@ -402,6 +405,7 @@ impl_writeable_tlv_based_enum!(MessageContext,
{0, Offers} => (),
{1, Custom} => (),
{2, AsyncPayments} => (),
{3, DNSResolver} => (),
);
impl_writeable_tlv_based_enum!(OffersContext,
@ -428,6 +432,22 @@ impl_writeable_tlv_based_enum!(AsyncPaymentsContext,
},
);
/// Contains a simple nonce for use in a blinded path's context.
///
/// Such a context is required when receiving a `DNSSECProof` message.
#[derive(Clone, Debug, Hash, PartialEq, Eq)]
pub struct DNSResolverContext {
/// A nonce which uniquely describes a DNS resolution.
///
/// When we receive a DNSSEC proof message, we should check that it was sent over the blinded
/// path we included in the request by comparing a stored nonce with this one.
pub nonce: [u8; 16],
}
impl_writeable_tlv_based!(DNSResolverContext, {
(0, nonce, required),
});
/// Construct blinded onion message hops for the given `intermediate_nodes` and `recipient_node_id`.
pub(super) fn blinded_hops<T: secp256k1::Signing + secp256k1::Verification>(
secp_ctx: &Secp256k1<T>, intermediate_nodes: &[MessageForwardNode],