fixup! sphinx_test: add blinded onion message test

gijswijs · gijswijs · commit e56b6705e383 · 2025-10-26T04:49:15.000+01:00
diff --git a/path_test.go b/path_test.go
@@ -12,14 +12,14 @@ import (
 )
 
 const (
-	routeBlindingTestFileName            = "testdata/route-blinding-test.json"
-	onionRouteBlindingTestFileName       = "testdata/onion-route-blinding-test.json"
-	blindedOnionMessageOnionTestFileName = "testdata/blinded-onion-message-onion-test.json"
+	routeBlindingTestFileName            = "testdata/route-blinding-test.json"              //nolint:lll
+	onionRouteBlindingTestFileName       = "testdata/onion-route-blinding-test.json"        //nolint:lll
+	blindedOnionMessageOnionTestFileName = "testdata/blinded-onion-message-onion-test.json" //nolint:lll
 )
 
 var (
-	// bolt4PubKeys contains the public keys used in the Bolt 4 spec test
-	// vectors. We convert them variables named after the commonly used
+	// bolt4PubKeys contains the public keys used in the Bolt 4 spec. test
+	// vectors. We convert them to variables named after the commonly used
 	// names in cryptography.
 	alicePubKey = bolt4PubKeys[0]
 	bobPubKey   = bolt4PubKeys[1]
@@ -128,7 +128,7 @@ func TestBuildBlindedRoute(t *testing.T) {
 
 // TestBuildOnionMessageBlindedRoute tests the construction of a blinded route
 // for an onion message, specifically the concatenation of two blinded paths,
-// against the spec test vectors in `blinded-onion-message-onion-test.json`. It
+// against the spec. test vectors in `blinded-onion-message-onion-test.json`. It
 // verifies the correctness of BuildBlindedPath, decryptBlindedHopData, and
 // NextEphemeral.
 //
@@ -152,9 +152,10 @@ func TestBuildBlindedRoute(t *testing.T) {
 //     hop (Bob) instead of the key that she could derive herself.
 //
 // The test then asserts that the generated concatenated path matches the test
-// vector's expected route. Finally, it simulates the decryption process at each
-// hop, verifying that each node can correctly decrypt its payload and derive
-// the correct next ephemeral key.
+// vector's expected route. It simulates the decryption process at each hop,
+// verifying that at each hop encrypted_recipient_data is what we expect it to
+// be and that it correctly decrypts to the encrypted_data_tlv stream. Finally,
+// we verify the derivation of the next ephemeral key.
 func TestBuildOnionMessageBlindedRoute(t *testing.T) {
 	t.Parallel()
 
@@ -174,6 +175,7 @@ func TestBuildOnionMessageBlindedRoute(t *testing.T) {
 		initialHopID string) []*HopInfo {
 
 		path := make([]*HopInfo, len(h))
+
 		// The json test vector doesn't properly specify the current
 		// node id, so we need the initial Node ID as a starting point.
 		currentHop := initialHopID
@@ -196,17 +198,20 @@ func TestBuildOnionMessageBlindedRoute(t *testing.T) {
 			// get the next node id here.
 			currentHop = hop.EncodedOnionMessageTLVs.NextNodeID
 		}
+
 		return path
 	}
 
 	// First, Dave will build a blinded path from Bob to itself.
-	daveSessKey := privKeyFromString(
+	receiverSessKey := privKeyFromString(
 		testCase.Generate.Hops[1].PathKeySecret,
 	)
 	daveBobPath := buildMessagePath(
 		testCase.Generate.Hops[1:], bobPubKey,
 	)
-	daveBobBlindedPath, err := BuildBlindedPath(daveSessKey, daveBobPath)
+	daveBobBlindedPath, err := BuildBlindedPath(
+		receiverSessKey, daveBobPath,
+	)
 	require.NoError(t, err)
 
 	// At this point, Dave will give his blinded path to the Sender who will
@@ -263,6 +268,17 @@ func TestBuildOnionMessageBlindedRoute(t *testing.T) {
 		priv := privKeyFromString(hop.PrivKey)
 		ephem := pubKeyFromString(genData.EphemeralPubKey)
 
+		// Check if the encrypted_recipient_data is what we expect it to
+		// be.
+		encRecipientDataExpected, err := hex.DecodeString(
+			genData.EncryptedRecipientData,
+		)
+		require.NoError(t, err)
+		require.Equal(
+			t, encRecipientDataExpected,
+			path.BlindedHops[i].CipherText,
+		)
+
 		// Now we'll decrypt the blinded hop data using the private key
 		// and the ephemeral public key.
 		data, err := decryptBlindedHopData(
@@ -272,8 +288,9 @@ func TestBuildOnionMessageBlindedRoute(t *testing.T) {
 		require.NoError(t, err)
 
 		// Check if the decrypted data is what we expect it to be.
-		dataExpected, _ := hex.DecodeString(genData.EncryptedDataTlv)
-		require.Equal(t, data, dataExpected)
+		dataExpected, err := hex.DecodeString(genData.EncryptedDataTlv)
+		require.NoError(t, err)
+		require.Equal(t, dataExpected, data)
 
 		nextEphem, err := NextEphemeral(&PrivKeyECDH{priv}, ephem)
 		require.NoError(t, err)
@@ -511,11 +528,13 @@ type decryptOnionMessageData struct {
 }
 
 type decryptHops struct {
+//nolint:tagliatelle
 	Onion        string `json:"onion"`
 	NodePrivKey  string `json:"node_privkey"`
 	NextBlinding string `json:"next_blinding"`
 }
 
+//nolint:tagliatelle
 type decryptOnionMessageHops struct {
 	OnionMessage string `json:"onion_message"`
 	PrivKey      string `json:"privkey"`
@@ -536,11 +555,13 @@ type onionMessageJsonTestCase struct {
 }
 
 type routeData struct {
+//nolint:tagliatelle
 	IntroductionNodeID string       `json:"introduction_node_id"`
 	Blinding           string       `json:"blinding"`
 	Hops               []blindedHop `json:"hops"`
 }
 
+//nolint:tagliatelle
 type routeOnionMessageData struct {
 	FirstNodeId  string                   `json:"first_node_id"`
 	FirstPathKey string                   `json:"first_path_key"`
@@ -559,13 +580,15 @@ type generateData struct {
 	Hops []hopData `json:"hops"`
 }
 
+//nolint:tagliatelle
 type generateOnionMessageData struct {
 	SessionKey string                `json:"session_key"`
 	Hops       []hopOnionMessageData `json:"hops"`
 }
 
 type unblindedHop struct {
 	NodePrivKey         string `json:"node_privkey"`
+//nolint:tagliatelle
 	EphemeralPubKey     string `json:"ephemeral_pubkey"`
 	DecryptedData       string `json:"decrypted_data"`
 	NextEphemeralPubKey string `json:"next_ephemeral_pubkey"`
@@ -577,26 +600,31 @@ type hopData struct {
 	EncodedTLVs string `json:"encoded_tlvs"`
 }
 
+//nolint:tagliatelle
 type hopOnionMessageData struct {
 	PathKeySecret           string                  `json:"path_key_secret"`
 	EncodedOnionMessageTLVs encodedOnionMessageTLVs `json:"tlvs"`
-	EncryptedDataTlv        string                  `json:"encrypted_data_tlv"`
+	EncryptedDataTlv        string                  `json:"encrypted_data_tlv"` //nolint:lll
 	EphemeralPubKey         string                  `json:"E"`
 	NextEphemeralPrivKey    string                  `json:"next_e"`
+	EncryptedRecipientData  string                  `json:"encrypted_recipient_data"` //nolint:lll
 }
 
+//nolint:tagliatelle
 type encodedOnionMessageTLVs struct {
 	NextNodeID            string `json:"next_node_id"`
 	NextPathKeyOverride   string `json:"next_path_key_override"`
 	PathKeyOverrideSecret string `json:"path_key_override_secret"`
 	PathID                string `json:"path_id"`
 }
 
+//nolint:tagliatelle
 type blindedHop struct {
 	BlindedNodeID string `json:"blinded_node_id"`
 	EncryptedData string `json:"encrypted_data"`
 }
 
+//nolint:tagliatelle
 type blindedOnionMessageHop struct {
 	BlindedNodeID          string `json:"blinded_node_id"`
 	EncryptedRecipientData string `json:"encrypted_recipient_data"`
