From: Wilmer Paulino <wilmer@wilmerpaulino.com>
Date: Wed, 19 Apr 2023 22:13:35 +0000 (-0700)
Subject: Use new feature to gate test vectors behind
X-Git-Tag: v0.0.115~10^2
X-Git-Url: http://git.bitcoin.ninja/?a=commitdiff_plain;h=86531e5cebcb8307299131a8f20bdec51e5c3d09;p=rust-lightning

Use new feature to gate test vectors behind

To match the local signatures found in test vectors, we must make sure
we don't use any additional randomess when generating signatures, as
we'll arrive at a different signature otherwise.
---

diff --git a/ci/ci-tests.sh b/ci/ci-tests.sh
index 7dad1436e..e0e66861f 100755
--- a/ci/ci-tests.sh
+++ b/ci/ci-tests.sh
@@ -35,13 +35,14 @@ for DIR in lightning lightning-invoice lightning-rapid-gossip-sync; do
 	cargo test --verbose --color always --no-default-features --features no-std
 	# check if there is a conflict between no-std and the default std feature
 	cargo test --verbose --color always --features no-std
-	# check that things still pass without grind_signatures
-	# note that outbound_commitment_test only runs in this mode, because of hardcoded signature values
-	cargo test --verbose --color always --no-default-features --features std
 	# check if there is a conflict between no-std and the c_bindings cfg
 	RUSTFLAGS="--cfg=c_bindings" cargo test --verbose --color always --no-default-features --features=no-std
 	popd
 done
+# Note that outbound_commitment_test only runs in this mode because of hardcoded signature values
+pushd lightning
+cargo test --verbose --color always --no-default-features --features=std,_test_vectors
+popd
 # This one only works for lightning-invoice
 pushd lightning-invoice
 # check that compile with no-std and serde works in lightning-invoice
diff --git a/lightning/Cargo.toml b/lightning/Cargo.toml
index 17896ecb3..32755a7e4 100644
--- a/lightning/Cargo.toml
+++ b/lightning/Cargo.toml
@@ -29,6 +29,8 @@ max_level_trace = []
 # This is unsafe to use in production because it may result in the counterparty publishing taking our funds.
 unsafe_revoked_tx_signing = []
 _bench_unstable = []
+# Override signing to not include randomness when generating signatures for test vectors.
+_test_vectors = []
 
 no-std = ["hashbrown", "bitcoin/no-std", "core2/alloc"]
 std = ["bitcoin/std"]
diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs
index 7ba62a216..dd553c1ff 100644
--- a/lightning/src/ln/channel.rs
+++ b/lightning/src/ln/channel.rs
@@ -7516,7 +7516,7 @@ mod tests {
 		}
 	}
 
-	#[cfg(not(feature = "grind_signatures"))]
+	#[cfg(feature = "_test_vectors")]
 	#[test]
 	fn outbound_commitment_test() {
 		use bitcoin::util::sighash;
diff --git a/lightning/src/util/crypto.rs b/lightning/src/util/crypto.rs
index d4d15cfa3..ac159519c 100644
--- a/lightning/src/util/crypto.rs
+++ b/lightning/src/util/crypto.rs
@@ -62,7 +62,9 @@ pub fn sign_with_aux_rand<C: Signing, ES: Deref>(
 			break sig;
 		}
 	};
-	#[cfg(not(feature = "grind_signatures"))]
+	#[cfg(all(not(feature = "grind_signatures"), not(feature = "_test_vectors")))]
 	let sig = ctx.sign_ecdsa_with_noncedata(msg, sk, &entropy_source.get_secure_random_bytes());
+	#[cfg(all(not(feature = "grind_signatures"), feature = "_test_vectors"))]
+	let sig = sign(ctx, msg, sk);
 	sig
 }