secret: stop using "hashes" dependency for secret debug output

This is the only place we use a sha256 hash. We were using the 'hashes'
crate which is a whole extra dependency just to bring in a hash function
that already exists in libsecp256k1.

libsecp256k1 doesn't expose sha256 directly, but they do expose default
hash functions for EDCH, ECDSA and Schnorr, which are just sha2s with
extra steps. Since we are not worried about having a specific canonical
hash, just one that won't change for different keys, do this.

(This change does mean that users will get different hashes when they
upgrade this library; but they really shouldn't be persisting Debug
output and expecting it to be consistent. I don't think this is a
meaningful breaking change.)

Author: apoelstra

src/key.rs

@@ -1894,10 +1894,7 @@ mod test {
         let s = Secp256k1::new();
         let (sk, _) = s.generate_keypair(&mut StepRng::new(1, 1));
 
-        assert_eq!(
-            &format!("{:?}", sk),
-            "<secret key; enable `hashes` feature of `secp256k1` to display fingerprint>"
-        );
+        assert_eq!(&format!("{:?}", sk), "SecretKey(7ad2d060fb2971d6)");
 
         let mut buf = [0u8; constants::SECRET_KEY_SIZE * 2];
         assert_eq!(

src/secret.rs

@@ -11,31 +11,38 @@ use crate::to_hex;
 macro_rules! impl_display_secret {
     // Default hasher exists only in standard library and not alloc
     ($thing:ident) => {
-        #[cfg(feature = "hashes")]
         impl ::core::fmt::Debug for $thing {
             fn fmt(&self, f: &mut ::core::fmt::Formatter) -> ::core::fmt::Result {
-                use hashes::{sha256, Hash, HashEngine};
+                use core::fmt;
+                use secp256k1_sys::secp256k1_ecdh_hash_function_default;
 
-                let tag = "rust-secp256k1DEBUG";
+                struct Hex16Writer([u8; 32]);
 
-                let mut engine = sha256::Hash::engine();
-                let tag_hash = sha256::Hash::hash(tag.as_bytes());
-                engine.input(&tag_hash.as_ref());
-                engine.input(&tag_hash.as_ref());
-                engine.input(&self.secret_bytes());
-                let hash = sha256::Hash::from_engine(engine);
+                let mut output = Hex16Writer([0u8; 32]);
+                unsafe {
+                    // SAFETY: this function pointer is an Option<fn> so we need to unwrap it, even
+                    // though we know that the FFI has provided a non-null value for us.
+                    let ecdh_hash = secp256k1_ecdh_hash_function_default.unwrap();
+                    // SAFETY: output points to >= 32 mutable bytes; both inputs are >= 32 bytes
+                    assert!(self.as_ref().len() >= 32);
+                    ecdh_hash(
+                        output.0.as_mut_ptr(),
+                        self.as_ref().as_ptr(),
+                        "a debug-only byte 'y coordinate'".as_ptr(),
+                        core::ptr::null_mut(),
+                    );
+                }
 
-                f.debug_tuple(stringify!($thing)).field(&format_args!("#{:.16}", hash)).finish()
-            }
-        }
+                impl fmt::Debug for Hex16Writer {
+                    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+                        for byte in self.0.iter().copied().take(8) {
+                            write!(f, "{:02x}", byte)?;
+                        }
+                        Ok(())
+                    }
+                }
 
-        #[cfg(not(feature = "hashes"))]
-        impl ::core::fmt::Debug for $thing {
-            fn fmt(&self, f: &mut ::core::fmt::Formatter) -> ::core::fmt::Result {
-                write!(
-                    f,
-                    "<secret key; enable `hashes` feature of `secp256k1` to display fingerprint>"
-                )
+                f.debug_tuple(stringify!($thing)).field(&output).finish()
             }
         }
     };