From 86531e5cebcb8307299131a8f20bdec51e5c3d09 Mon Sep 17 00:00:00 2001 From: Wilmer Paulino Date: Wed, 19 Apr 2023 15:13:35 -0700 Subject: [PATCH] Use new feature to gate test vectors behind To match the local signatures found in test vectors, we must make sure we don't use any additional randomess when generating signatures, as we'll arrive at a different signature otherwise. --- ci/ci-tests.sh | 7 ++++--- lightning/Cargo.toml | 2 ++ lightning/src/ln/channel.rs | 2 +- lightning/src/util/crypto.rs | 4 +++- 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/ci/ci-tests.sh b/ci/ci-tests.sh index 7dad1436..e0e66861 100755 --- a/ci/ci-tests.sh +++ b/ci/ci-tests.sh @@ -35,13 +35,14 @@ for DIR in lightning lightning-invoice lightning-rapid-gossip-sync; do cargo test --verbose --color always --no-default-features --features no-std # check if there is a conflict between no-std and the default std feature cargo test --verbose --color always --features no-std - # check that things still pass without grind_signatures - # note that outbound_commitment_test only runs in this mode, because of hardcoded signature values - cargo test --verbose --color always --no-default-features --features std # check if there is a conflict between no-std and the c_bindings cfg RUSTFLAGS="--cfg=c_bindings" cargo test --verbose --color always --no-default-features --features=no-std popd done +# Note that outbound_commitment_test only runs in this mode because of hardcoded signature values +pushd lightning +cargo test --verbose --color always --no-default-features --features=std,_test_vectors +popd # This one only works for lightning-invoice pushd lightning-invoice # check that compile with no-std and serde works in lightning-invoice diff --git a/lightning/Cargo.toml b/lightning/Cargo.toml index 17896ecb..32755a7e 100644 --- a/lightning/Cargo.toml +++ b/lightning/Cargo.toml @@ -29,6 +29,8 @@ max_level_trace = [] # This is unsafe to use in production because it may result in the counterparty publishing taking our funds. unsafe_revoked_tx_signing = [] _bench_unstable = [] +# Override signing to not include randomness when generating signatures for test vectors. +_test_vectors = [] no-std = ["hashbrown", "bitcoin/no-std", "core2/alloc"] std = ["bitcoin/std"] diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs index 7ba62a21..dd553c1f 100644 --- a/lightning/src/ln/channel.rs +++ b/lightning/src/ln/channel.rs @@ -7516,7 +7516,7 @@ mod tests { } } - #[cfg(not(feature = "grind_signatures"))] + #[cfg(feature = "_test_vectors")] #[test] fn outbound_commitment_test() { use bitcoin::util::sighash; diff --git a/lightning/src/util/crypto.rs b/lightning/src/util/crypto.rs index d4d15cfa..ac159519 100644 --- a/lightning/src/util/crypto.rs +++ b/lightning/src/util/crypto.rs @@ -62,7 +62,9 @@ pub fn sign_with_aux_rand( break sig; } }; - #[cfg(not(feature = "grind_signatures"))] + #[cfg(all(not(feature = "grind_signatures"), not(feature = "_test_vectors")))] let sig = ctx.sign_ecdsa_with_noncedata(msg, sk, &entropy_source.get_secure_random_bytes()); + #[cfg(all(not(feature = "grind_signatures"), feature = "_test_vectors"))] + let sig = sign(ctx, msg, sk); sig } -- 2.30.2