Merge rust-bitcoin/rust-secp256k1#842: Add API test and fix up SecretKey API

44dae89894f8e40069f717f5746206cb83703e06 key/secret: encapsulate SecretKey in module that enforces invariants (Andrew Poelstra)
41bb44294cb883740d938b16f0874424e095c018 key: add {from,to,as}_secret_bytes methods (Andrew Poelstra)
9b84072757d3916969d7c8ed6ba08e3e749044cc move SecretKey into its own module (Andrew Poelstra)
e86555ad3e2991cfa72a0fb7725b50b3a6c9f352 move key.rs to key/mod.rs (Andrew Poelstra)
0619163ea2df49f70e0d30e36186af8a2506ec18 tests: add API test (Andrew Poelstra)
4853f671312782e871baad9ae745278f0cc78cd6 test: remove deprecated StepRng (Andrew Poelstra)

Pull request description:

  Now that we unconditionally have a global context object we can basically redo the whole API of this crate to avoid requiring these objects (although for the next release we should continue to support the old API, to make the transition easier).
  
  We know a lot more about Rust and API design than we did when we put together the old one, so we can do this in a consistent and principled way. This isn't a huge crate. We should be able to do the "main" data structures (`SecretKey', `PublicKey`, `ecdsa::Signature`, `schnorr:Signature`, `Message`) in a week or so, then cut a new release which enables context-free keygen, verification and signing.


ACKs for top commit:
  tcharding:
    ACK 44dae89894f8e40069f717f5746206cb83703e06


Tree-SHA512: 60659532b7ac65c85ac0c7bf9b78d0f080d4b3f556a02623bcb2b737ab73d02bf493153f751b435c7be5041435900870868b4e18b321207d50aaceb96b2f56da

Author: chain-forgexcr45

Cargo-minimal.lock

@@ -183,6 +183,15 @@ dependencies = [
  "getrandom",
 ]
 
+[[package]]
+name = "rand_xoshiro"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f703f4665700daf5512dcca5f43afa6af89f09db47fb56be587f80636bda2d41"
+dependencies = [
+ "rand_core",
+]
+
 [[package]]
 name = "rustversion"
 version = "1.0.20"
@@ -204,7 +213,7 @@ dependencies = [
  "getrandom",
  "hex_lit",
  "rand",
- "rand_core",
+ "rand_xoshiro",
  "secp256k1-sys",
  "serde",
  "serde_cbor",

Cargo-recent.lock

@@ -174,6 +174,15 @@ dependencies = [
  "getrandom",
 ]
 
+[[package]]
+name = "rand_xoshiro"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f703f4665700daf5512dcca5f43afa6af89f09db47fb56be587f80636bda2d41"
+dependencies = [
+ "rand_core",
+]
+
 [[package]]
 name = "rustversion"
 version = "1.0.20"
@@ -195,7 +204,7 @@ dependencies = [
  "getrandom",
  "hex_lit",
  "rand",
- "rand_core",
+ "rand_xoshiro",
  "secp256k1-sys",
  "serde",
  "serde_cbor",

Cargo.toml

@@ -42,7 +42,7 @@ rand = { version = "0.9", default-features = false, optional = true }
 serde = { version = "1.0.103", default-features = false, optional = true }
 
 [dev-dependencies]
-rand_core = "0.9"
+rand_xoshiro = { version = "0.7.0", default-features = false }
 serde_cbor = "0.10.0"
 serde_test = "1.0.19"
 bincode = "1.3.3"

examples/sign_verify.rs

@@ -36,7 +36,7 @@ fn sign<C: Signing>(
     seckey: [u8; 32],
 ) -> Result<ecdsa::Signature, Error> {
     let msg = Message::from_digest(msg_digest);
-    let seckey = SecretKey::from_byte_array(seckey)?;
+    let seckey = SecretKey::from_secret_bytes(seckey)?;
     Ok(secp.sign_ecdsa(msg, &seckey))
 }
 

examples/sign_verify_recovery.rs

@@ -15,7 +15,7 @@ fn sign_recovery(
     seckey: [u8; 32],
 ) -> Result<ecdsa::RecoverableSignature, Error> {
     let msg = Message::from_digest(msg_digest);
-    let seckey = SecretKey::from_byte_array(seckey)?;
+    let seckey = SecretKey::from_secret_bytes(seckey)?;
     Ok(ecdsa::RecoverableSignature::sign_ecdsa_recoverable(msg, &seckey))
 }
 

src/ecdsa/recovery.rs

@@ -170,7 +170,7 @@ impl RecoverableSignature {
         let mut ret = ffi::RecoverableSignature::new();
         // xor the secret key and message together to get a rerandomization seed
         // for timing analysis defense-in-depth
-        let mut rerandomize = sk.secret_bytes();
+        let mut rerandomize = sk.to_secret_bytes();
         for (rera, byte) in rerandomize.iter_mut().zip(msg[..].iter()) {
             *rera ^= *byte;
         }
@@ -272,7 +272,7 @@ mod tests {
     #[cfg(not(secp256k1_fuzz))]  // fixed sig vectors can't work with fuzz-sigs
     #[rustfmt::skip]
     fn sign() {
-        let sk = SecretKey::from_byte_array(ONE).unwrap();
+        let sk = SecretKey::from_secret_bytes(ONE).unwrap();
         let msg = Message::from_digest(ONE);
         let sig = RecoverableSignature::sign_ecdsa_recoverable(msg, &sk);
 
@@ -292,7 +292,7 @@ mod tests {
     #[cfg(not(secp256k1_fuzz))]  // fixed sig vectors can't work with fuzz-sigs
     #[rustfmt::skip]
     fn sign_with_noncedata() {
-        let sk = SecretKey::from_byte_array(ONE).unwrap();
+        let sk = SecretKey::from_secret_bytes(ONE).unwrap();
         let noncedata = [42u8; 32];
         let msg = Message::from_digest(ONE);
 

src/ellswift.rs

@@ -111,7 +111,7 @@ impl ElligatorSwift {
     /// # #[cfg(feature = "alloc")] {
     ///     use secp256k1::{ellswift::ElligatorSwift, PublicKey, Secp256k1, SecretKey};
     ///     let secp = Secp256k1::new();
-    ///     let sk = SecretKey::from_slice(&[1; 32]).unwrap();
+    ///     let sk = SecretKey::from_secret_bytes([1; 32]).unwrap();
     ///     let es = ElligatorSwift::from_seckey(&secp, sk, None);
     /// # }
     /// ```
@@ -140,7 +140,7 @@ impl ElligatorSwift {
     /// # #[cfg(feature = "alloc")] {
     ///     use secp256k1::{ellswift::ElligatorSwift, PublicKey, Secp256k1, SecretKey};
     ///     let secp = Secp256k1::new();
-    ///     let sk = SecretKey::from_slice(&[1; 32]).unwrap();
+    ///     let sk = SecretKey::from_secret_bytes([1; 32]).unwrap();
     ///     let pk = PublicKey::from_secret_key(&secp, &sk);
     ///     let es = ElligatorSwift::from_pubkey(pk);
     /// # }
@@ -377,7 +377,7 @@ mod tests {
         // Test that we can round trip an ElligatorSwift encoding
         let secp = crate::Secp256k1::new();
         let public_key =
-            PublicKey::from_secret_key(&secp, &SecretKey::from_byte_array([1u8; 32]).unwrap());
+            PublicKey::from_secret_key(&secp, &SecretKey::from_secret_bytes([1u8; 32]).unwrap());
 
         let ell = ElligatorSwift::from_pubkey(public_key);
         let pk = PublicKey::from_ellswift(ell);
@@ -391,10 +391,10 @@ mod tests {
         let rand32 = [1u8; 32];
         let priv32 = [1u8; 32];
         let ell =
-            ElligatorSwift::from_seckey(&secp, SecretKey::from_byte_array(rand32).unwrap(), None);
+            ElligatorSwift::from_seckey(&secp, SecretKey::from_secret_bytes(rand32).unwrap(), None);
         let pk = PublicKey::from_ellswift(ell);
         let expected =
-            PublicKey::from_secret_key(&secp, &SecretKey::from_byte_array(priv32).unwrap());
+            PublicKey::from_secret_key(&secp, &SecretKey::from_secret_bytes(priv32).unwrap());
 
         assert_eq!(pk, expected);
     }
@@ -407,13 +407,13 @@ mod tests {
         let priv32 = [2u8; 32];
         let ell = ElligatorSwift::from_seckey(
             &secp,
-            SecretKey::from_byte_array(rand32).unwrap(),
+            SecretKey::from_secret_bytes(rand32).unwrap(),
             Some(rand32),
         );
         let pk = ElligatorSwift::shared_secret_with_hasher(
             ell,
             ell,
-            SecretKey::from_byte_array(priv32).unwrap(),
+            SecretKey::from_secret_bytes(priv32).unwrap(),
             Party::Initiator,
             |_, _, _| ElligatorSwiftSharedSecret([0xff; 32]),
         );
@@ -627,7 +627,7 @@ mod tests {
                     ElligatorSwift::from_array(ellswift_theirs),
                 )
             };
-            let sec_key = SecretKey::from_byte_array(my_secret).unwrap();
+            let sec_key = SecretKey::from_secret_bytes(my_secret).unwrap();
             let initiator = if initiator == 0 { Party::Responder } else { Party::Initiator };
 
             let shared = ElligatorSwift::shared_secret(el_a, el_b, sec_key, initiator);