Use new feature to gate test vectors behind

wpaulino · wpaulino · commit 86531e5cebcb · 2023-04-20T12:14:28.000-07:00
To match the local signatures found in test vectors, we must make sure
we don't use any additional randomess when generating signatures, as
we'll arrive at a different signature otherwise.
diff --git a/ci/ci-tests.sh b/ci/ci-tests.sh
@@ -35,13 +35,14 @@ for DIR in lightning lightning-invoice lightning-rapid-gossip-sync; do
 	cargo test --verbose --color always --no-default-features --features no-std
 	# check if there is a conflict between no-std and the default std feature
 	cargo test --verbose --color always --features no-std
-	# check that things still pass without grind_signatures
-	# note that outbound_commitment_test only runs in this mode, because of hardcoded signature values
-	cargo test --verbose --color always --no-default-features --features std
 	# check if there is a conflict between no-std and the c_bindings cfg
 	RUSTFLAGS="--cfg=c_bindings" cargo test --verbose --color always --no-default-features --features=no-std
 	popd
 done
+# Note that outbound_commitment_test only runs in this mode because of hardcoded signature values
+pushd lightning
+cargo test --verbose --color always --no-default-features --features=std,_test_vectors
+popd
 # This one only works for lightning-invoice
 pushd lightning-invoice
 # check that compile with no-std and serde works in lightning-invoice
diff --git a/lightning/Cargo.toml b/lightning/Cargo.toml
@@ -29,6 +29,8 @@ max_level_trace = []
 # This is unsafe to use in production because it may result in the counterparty publishing taking our funds.
 unsafe_revoked_tx_signing = []
 _bench_unstable = []
+# Override signing to not include randomness when generating signatures for test vectors.
+_test_vectors = []
 
 no-std = ["hashbrown", "bitcoin/no-std", "core2/alloc"]
 std = ["bitcoin/std"]
diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs
@@ -7516,7 +7516,7 @@ mod tests {
 		}
 	}
 
-	#[cfg(not(feature = "grind_signatures"))]
+	#[cfg(feature = "_test_vectors")]
 	#[test]
 	fn outbound_commitment_test() {
 		use bitcoin::util::sighash;
diff --git a/lightning/src/util/crypto.rs b/lightning/src/util/crypto.rs
@@ -62,7 +62,9 @@ pub fn sign_with_aux_rand<C: Signing, ES: Deref>(
 			break sig;
 		}
 	};
-	#[cfg(not(feature = "grind_signatures"))]
+	#[cfg(all(not(feature = "grind_signatures"), not(feature = "_test_vectors")))]
 	let sig = ctx.sign_ecdsa_with_noncedata(msg, sk, &entropy_source.get_secure_random_bytes());
+	#[cfg(all(not(feature = "grind_signatures"), feature = "_test_vectors"))]
+	let sig = sign(ctx, msg, sk);
 	sig
 }

Original file line number	Diff line number	Diff line change
`@@ -7516,7 +7516,7 @@ mod tests {`
`7516`	`7516`	`}`
`7517`	`7517`	`}`
`7518`	`7518`
`7519`		`- #[cfg(not(feature = "grind_signatures"))]`
	`7519`	`+ #[cfg(feature = "_test_vectors")]`
`7520`	`7520`	`#[test]`
`7521`	`7521`	`fn outbound_commitment_test() {`
`7522`	`7522`	`use bitcoin::util::sighash;`
Original file line number	Diff line number	Diff line change
`@@ -62,7 +62,9 @@ pub fn sign_with_aux_rand<C: Signing, ES: Deref>(`
`62`	`62`	`break sig;`
`63`	`63`	`}`
`64`	`64`	`};`
`65`		`- #[cfg(not(feature = "grind_signatures"))]`
	`65`	`+ #[cfg(all(not(feature = "grind_signatures"), not(feature = "_test_vectors")))]`
`66`	`66`	`let sig = ctx.sign_ecdsa_with_noncedata(msg, sk, &entropy_source.get_secure_random_bytes());`
	`67`	`+ #[cfg(all(not(feature = "grind_signatures"), feature = "_test_vectors"))]`
	`68`	`+ let sig = sign(ctx, msg, sk);`
`67`	`69`	`sig`
`68`	`70`	`}`