@@ -61,8 +61,8 @@ func (p *PrivKeyECDH) PubKey() *btcec.PublicKey {
6161// k is our private key, and P is the public key, we perform the following
6262// operation:
6363//
64- // sx := k*P
65- // s := sha256(sx.SerializeCompressed())
64+ // sx := k*P
65+ // s := sha256(sx.SerializeCompressed())
6666//
6767// NOTE: This is part of the SingleKeyECDH interface.
6868func (p * PrivKeyECDH ) ECDH (pub * btcec.PublicKey ) ([32 ]byte , error ) {
@@ -237,8 +237,8 @@ func onionEncrypt(sharedSecret *Hash256, data []byte) []byte {
237237
238238// minOnionErrorLength is the minimally expected length of the onion error
239239// message. Including padding, all messages on the wire should be at least 256
240- // bytes. We then add the size of the sha256 HMAC as well.
241- const minOnionErrorLength = 2 + 2 + 256 + sha256 . Size
240+ // bytes.
241+ const minOnionErrorLength = 2 + 2 + 256
242242
243243// DecryptError attempts to decrypt the passed encrypted error response. The
244244// onion failure is encrypted in backward manner, starting from the node where
@@ -249,10 +249,10 @@ const minOnionErrorLength = 2 + 2 + 256 + sha256.Size
249249func (o * OnionErrorDecrypter ) DecryptError (encryptedData []byte ) (
250250 * DecryptedError , error ) {
251251
252- // Ensure the error message length is as expected.
253- if len (encryptedData ) < minOnionErrorLength {
252+ // Ensure the error message length including hmac is as expected.
253+ if len (encryptedData ) < minOnionErrorLength + sha256 . Size {
254254 return nil , fmt .Errorf ("invalid error length: " +
255- "expected at least %v got %v" , minOnionErrorLength ,
255+ "expected at least %v got %v" , minOnionErrorLength + sha256 . Size ,
256256 len (encryptedData ))
257257 }
258258
0 commit comments