bitcoin: allow developer override of signature grinding.

Allows us to precisely replicate test vectors. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2024-11-19 09:54:16 +01:00 · 2021-04-27 14:03:48 +09:30 · 2021-04-27 14:03:48 +09:30 · 16735e1352
commit 16735e1352
parent 9470ea3032
1 changed files with 13 additions and 1 deletions
--- a/bitcoin/signature.c
+++ b/bitcoin/signature.c
@ -94,6 +94,13 @@ static bool sig_has_low_r(const secp256k1_ecdsa_signature* sig)
 	return compact_sig[0] < 0x80;
 }

+#if DEVELOPER
+/* Some of the spec test vectors assume no sig grinding. */
+extern bool dev_no_grind;
+
+bool dev_no_grind = false;
+#endif
+
 void sign_hash(const struct privkey *privkey,
 	       const struct sha256_double *h,
 	       secp256k1_ecdsa_signature *s)
@ -106,8 +113,13 @@ void sign_hash(const struct privkey *privkey,
 		ok = secp256k1_ecdsa_sign(secp256k1_ctx,
 					  s,
 					  h->sha.u.u8,
-					  privkey->secret.data, NULL, extra_entropy);
+					  privkey->secret.data, NULL,
+					  IFDEV(dev_no_grind ? NULL
+						: extra_entropy,
+						extra_entropy));
 		((u32 *)extra_entropy)[0]++;
+		if (IFDEV(dev_no_grind, false))
+			break;
 	} while (!sig_has_low_r(s));

 	assert(ok);