Use regular hmac comparison in onion failure processing

joostjager · joostjager · commit 991caa695390 · 2025-03-27T14:21:55.000-04:00
Because this method is used by the sender of the payment after the htlc
has been resolved, there is no information that can leak to downstream
nodes. Revert to a regular comparison for better performance and easier
fuzzing.
diff --git a/lightning/src/ln/onion_utils.rs b/lightning/src/ln/onion_utils.rs
@@ -1160,7 +1160,7 @@ where
 		let mut hmac = HmacEngine::<Sha256>::new(&um);
 		hmac.input(&encrypted_packet.data[32..]);
 
-		if !fixed_time_eq(&Hmac::from_engine(hmac).to_byte_array(), &encrypted_packet.data[..32]) {
+		if &Hmac::from_engine(hmac).to_byte_array() != &encrypted_packet.data[..32] {
 			continue;
 		}
 

Original file line number	Diff line number	Diff line change
`@@ -1160,7 +1160,7 @@ where`
`1160`	`1160`	`let mut hmac = HmacEngine::<Sha256>::new(&um);`
`1161`	`1161`	`hmac.input(&encrypted_packet.data[32..]);`
`1162`	`1162`
`1163`		`- if !fixed_time_eq(&Hmac::from_engine(hmac).to_byte_array(), &encrypted_packet.data[..32]) {`
	`1163`	`+ if &Hmac::from_engine(hmac).to_byte_array() != &encrypted_packet.data[..32] {`
`1164`	`1164`	`continue;`
`1165`	`1165`	`}`
`1166`	`1166`