From b8d85c94f3217d85b0706a238d1f9a84f60ec8c0 Mon Sep 17 00:00:00 2001
From: Wilmer Paulino <wilmer@wilmerpaulino.com>
Date: Wed, 19 Apr 2023 15:13:35 -0700
Subject: [PATCH] Use new feature to gate test vectors behind

To match the local signatures found in test vectors, we must make sure
we don't use any additional randomess when generating signatures, as
we'll arrive at a different signature otherwise.
---
 ci/ci-tests.sh               | 2 +-
 lightning/Cargo.toml         | 2 ++
 lightning/src/ln/channel.rs  | 2 +-
 lightning/src/util/crypto.rs | 4 +++-
 4 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/ci/ci-tests.sh b/ci/ci-tests.sh
index 7dad1436e98..391029f92c0 100755
--- a/ci/ci-tests.sh
+++ b/ci/ci-tests.sh
@@ -37,7 +37,7 @@ for DIR in lightning lightning-invoice lightning-rapid-gossip-sync; do
 	cargo test --verbose --color always --features no-std
 	# check that things still pass without grind_signatures
 	# note that outbound_commitment_test only runs in this mode, because of hardcoded signature values
-	cargo test --verbose --color always --no-default-features --features std
+	cargo test --verbose --color always --no-default-features --features=std,_test_vectors
 	# check if there is a conflict between no-std and the c_bindings cfg
 	RUSTFLAGS="--cfg=c_bindings" cargo test --verbose --color always --no-default-features --features=no-std
 	popd
diff --git a/lightning/Cargo.toml b/lightning/Cargo.toml
index 17896ecb387..32755a7e43f 100644
--- a/lightning/Cargo.toml
+++ b/lightning/Cargo.toml
@@ -29,6 +29,8 @@ max_level_trace = []
 # This is unsafe to use in production because it may result in the counterparty publishing taking our funds.
 unsafe_revoked_tx_signing = []
 _bench_unstable = []
+# Override signing to not include randomness when generating signatures for test vectors.
+_test_vectors = []
 
 no-std = ["hashbrown", "bitcoin/no-std", "core2/alloc"]
 std = ["bitcoin/std"]
diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs
index 7ba62a216e1..dd553c1ff86 100644
--- a/lightning/src/ln/channel.rs
+++ b/lightning/src/ln/channel.rs
@@ -7516,7 +7516,7 @@ mod tests {
 		}
 	}
 
-	#[cfg(not(feature = "grind_signatures"))]
+	#[cfg(feature = "_test_vectors")]
 	#[test]
 	fn outbound_commitment_test() {
 		use bitcoin::util::sighash;
diff --git a/lightning/src/util/crypto.rs b/lightning/src/util/crypto.rs
index d4d15cfa304..ac159519c59 100644
--- a/lightning/src/util/crypto.rs
+++ b/lightning/src/util/crypto.rs
@@ -62,7 +62,9 @@ pub fn sign_with_aux_rand<C: Signing, ES: Deref>(
 			break sig;
 		}
 	};
-	#[cfg(not(feature = "grind_signatures"))]
+	#[cfg(all(not(feature = "grind_signatures"), not(feature = "_test_vectors")))]
 	let sig = ctx.sign_ecdsa_with_noncedata(msg, sk, &entropy_source.get_secure_random_bytes());
+	#[cfg(all(not(feature = "grind_signatures"), feature = "_test_vectors"))]
+	let sig = sign(ctx, msg, sk);
 	sig
 }