Upgrade to secp256k1 v12, bitcoin v16, and crates bitcoin_hashes

Author: TheBlueMatt

Cargo.toml

@@ -22,13 +22,13 @@ max_level_info = []
 max_level_debug = []
 
 [dependencies]
-bitcoin = "0.15"
-bitcoin_hashes = { git = "https://github.com/TheBlueMatt/bitcoin_hashes", branch = "rust-lightning-dep" }
+bitcoin = "0.16"
+bitcoin_hashes = "0.2"
 rand = "0.4"
-secp256k1 = "0.11"
+secp256k1 = "0.12"
 
 [dev-dependencies.bitcoin]
-version = "0.15"
+version = "0.16"
 features = ["bitcoinconsensus"]
 
 [dev-dependencies]

fuzz/Cargo.toml

@@ -18,11 +18,11 @@ libfuzzer_fuzz = ["libfuzzer-sys"]
 [dependencies]
 afl = { version = "0.4", optional = true }
 lightning = { path = "..", features = ["fuzztarget"] }
-bitcoin = { version = "0.15", features = ["fuzztarget"] }
-bitcoin_hashes = { git = "https://github.com/TheBlueMatt/bitcoin_hashes", branch = "rust-lightning-dep", features=["fuzztarget"] }
+bitcoin = { version = "0.16", features = ["fuzztarget"] }
+bitcoin_hashes = { version = "0.2", features=["fuzztarget"] }
 hex = "0.3"
 honggfuzz = { version = "0.5", optional = true }
-secp256k1 = { version = "0.11", features=["fuzztarget"] }
+secp256k1 = { version = "0.12", features=["fuzztarget"] }
 libfuzzer-sys = { git = "https://github.com/rust-fuzz/libfuzzer-sys.git", optional = true }
 
 [build-dependencies]

fuzz/fuzz_targets/full_stack_target.rs

@@ -5,7 +5,6 @@ use lightning::ln::peer_channel_encryptor::PeerChannelEncryptor;
 use lightning::util::reset_rng_state;
 
 use secp256k1::key::{PublicKey,SecretKey};
-use secp256k1::Secp256k1;
 
 #[inline]
 fn slice_to_be16(v: &[u8]) -> u16 {
@@ -31,14 +30,13 @@ pub fn do_test(data: &[u8]) {
 		}
 	}
 
-	let secp_ctx = Secp256k1::new();
-	let our_network_key = match SecretKey::from_slice(&secp_ctx, get_slice!(32)) {
+	let our_network_key = match SecretKey::from_slice(get_slice!(32)) {
 		Ok(key) => key,
 		Err(_) => return,
 	};
 
 	let mut crypter = if get_slice!(1)[0] != 0 {
-		let their_pubkey = match PublicKey::from_slice(&secp_ctx, get_slice!(33)) {
+		let their_pubkey = match PublicKey::from_slice(get_slice!(33)) {
 			Ok(key) => key,
 			Err(_) => return,
 		};

fuzz/fuzz_targets/peer_crypt_target.rs

@@ -15,7 +15,6 @@ use lightning::util::logger::Logger;
 use lightning::util::ser::Readable;
 
 use secp256k1::key::PublicKey;
-use secp256k1::Secp256k1;
 
 mod utils;
 
@@ -146,10 +145,9 @@ pub fn do_test(data: &[u8]) {
 		}
 	}
 
-	let secp_ctx = Secp256k1::new();
 	macro_rules! get_pubkey {
 		() => {
-			match PublicKey::from_slice(&secp_ctx, get_slice!(33)) {
+			match PublicKey::from_slice(get_slice!(33)) {
 				Ok(key) => key,
 				Err(_) => return,
 			}

fuzz/fuzz_targets/router_target.rs

@@ -133,13 +133,13 @@ impl KeysManager {
 	/// RNG is busted) this may panic.
 	pub fn new(seed: &[u8; 32], network: Network, logger: Arc<Logger>) -> KeysManager {
 		let secp_ctx = Secp256k1::new();
-		match ExtendedPrivKey::new_master(&secp_ctx, network.clone(), seed) {
+		match ExtendedPrivKey::new_master(network.clone(), seed) {
 			Ok(master_key) => {
 				let node_secret = master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(0)).expect("Your RNG is busted").secret_key;
 				let destination_script = match master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(1)) {
 					Ok(destination_key) => {
 						let pubkey_hash160 = Hash160::hash(&ExtendedPubKey::from_private(&secp_ctx, &destination_key).public_key.serialize()[..]);
-						Builder::new().push_opcode(opcodes::All::OP_PUSHBYTES_0)
+						Builder::new().push_opcode(opcodes::all::OP_PUSHBYTES_0)
 						              .push_slice(&pubkey_hash160.into_inner())
 						              .into_script()
 					},
@@ -215,7 +215,7 @@ impl KeysInterface for KeysManager {
 				sha.input(&seed);
 				sha.input(&$prev_key[..]);
 				sha.input(&$info[..]);
-				SecretKey::from_slice(&self.secp_ctx, &Sha256::from_engine(sha).into_inner()).expect("SHA-256 is busted")
+				SecretKey::from_slice(&Sha256::from_engine(sha).into_inner()).expect("SHA-256 is busted")
 			}}
 		}
 		let funding_key = key_step!(b"funding key", commitment_seed);
@@ -244,6 +244,6 @@ impl KeysInterface for KeysManager {
 		let child_ix = self.session_child_index.fetch_add(1, Ordering::AcqRel);
 		let child_privkey = self.session_master_key.ckd_priv(&self.secp_ctx, ChildNumber::from_hardened_idx(child_ix as u32)).expect("Your RNG is busted");
 		sha.input(&child_privkey.secret_key[..]);
-		SecretKey::from_slice(&self.secp_ctx, &Sha256::from_engine(sha).into_inner()).expect("Your RNG is busted")
+		SecretKey::from_slice(&Sha256::from_engine(sha).into_inner()).expect("Your RNG is busted")
 	}
 }

src/chain/keysinterface.rs

@@ -39,7 +39,7 @@ pub fn derive_private_key<T: secp256k1::Signing>(secp_ctx: &Secp256k1<T>, per_co
 	let res = Sha256::from_engine(sha).into_inner();
 
 	let mut key = base_secret.clone();
-	key.add_assign(&secp_ctx, &SecretKey::from_slice(&secp_ctx, &res)?)?;
+	key.add_assign(&res)?;
 	Ok(key)
 }
 
@@ -49,8 +49,8 @@ pub fn derive_public_key<T: secp256k1::Signing>(secp_ctx: &Secp256k1<T>, per_com
 	sha.input(&base_point.serialize());
 	let res = Sha256::from_engine(sha).into_inner();
 
-	let hashkey = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&secp_ctx, &res)?);
-	base_point.combine(&secp_ctx, &hashkey)
+	let hashkey = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&res)?);
+	base_point.combine(&hashkey)
 }
 
 /// Derives a revocation key from its constituent parts
@@ -63,21 +63,21 @@ pub fn derive_private_revocation_key<T: secp256k1::Signing>(secp_ctx: &Secp256k1
 		sha.input(&revocation_base_point.serialize());
 		sha.input(&per_commitment_point.serialize());
 
-		SecretKey::from_slice(&secp_ctx, &Sha256::from_engine(sha).into_inner())?
+		Sha256::from_engine(sha).into_inner()
 	};
 	let commit_append_rev_hash_key = {
 		let mut sha = Sha256::engine();
 		sha.input(&per_commitment_point.serialize());
 		sha.input(&revocation_base_point.serialize());
 
-		SecretKey::from_slice(&secp_ctx, &Sha256::from_engine(sha).into_inner())?
+		Sha256::from_engine(sha).into_inner()
 	};
 
 	let mut part_a = revocation_base_secret.clone();
-	part_a.mul_assign(&secp_ctx, &rev_append_commit_hash_key)?;
+	part_a.mul_assign(&rev_append_commit_hash_key)?;
 	let mut part_b = per_commitment_secret.clone();
-	part_b.mul_assign(&secp_ctx, &commit_append_rev_hash_key)?;
-	part_a.add_assign(&secp_ctx, &part_b)?;
+	part_b.mul_assign(&commit_append_rev_hash_key)?;
+	part_a.add_assign(&part_b[..])?;
 	Ok(part_a)
 }
 
@@ -87,21 +87,21 @@ pub fn derive_public_revocation_key<T: secp256k1::Verification>(secp_ctx: &Secp2
 		sha.input(&revocation_base_point.serialize());
 		sha.input(&per_commitment_point.serialize());
 
-		SecretKey::from_slice(&secp_ctx, &Sha256::from_engine(sha).into_inner())?
+		Sha256::from_engine(sha).into_inner()
 	};
 	let commit_append_rev_hash_key = {
 		let mut sha = Sha256::engine();
 		sha.input(&per_commitment_point.serialize());
 		sha.input(&revocation_base_point.serialize());
 
-		SecretKey::from_slice(&secp_ctx, &Sha256::from_engine(sha).into_inner())?
+		Sha256::from_engine(sha).into_inner()
 	};
 
 	let mut part_a = revocation_base_point.clone();
 	part_a.mul_assign(&secp_ctx, &rev_append_commit_hash_key)?;
 	let mut part_b = per_commitment_point.clone();
 	part_b.mul_assign(&secp_ctx, &commit_append_rev_hash_key)?;
-	part_a.combine(&secp_ctx, &part_b)
+	part_a.combine(&part_b)
 }
 
 pub struct TxCreationKeys {
@@ -129,15 +129,15 @@ impl TxCreationKeys {
 /// Gets the "to_local" output redeemscript, ie the script which is time-locked or spendable by
 /// the revocation key
 pub fn get_revokeable_redeemscript(revocation_key: &PublicKey, to_self_delay: u16, delayed_payment_key: &PublicKey) -> Script {
-	Builder::new().push_opcode(opcodes::All::OP_IF)
+	Builder::new().push_opcode(opcodes::all::OP_IF)
 	              .push_slice(&revocation_key.serialize())
-	              .push_opcode(opcodes::All::OP_ELSE)
+	              .push_opcode(opcodes::all::OP_ELSE)
 	              .push_int(to_self_delay as i64)
 	              .push_opcode(opcodes::OP_CSV)
-	              .push_opcode(opcodes::All::OP_DROP)
+	              .push_opcode(opcodes::all::OP_DROP)
 	              .push_slice(&delayed_payment_key.serialize())
-	              .push_opcode(opcodes::All::OP_ENDIF)
-	              .push_opcode(opcodes::All::OP_CHECKSIG)
+	              .push_opcode(opcodes::all::OP_ENDIF)
+	              .push_opcode(opcodes::all::OP_CHECKSIG)
 	              .into_script()
 }
 
@@ -154,63 +154,63 @@ pub struct HTLCOutputInCommitment {
 pub fn get_htlc_redeemscript_with_explicit_keys(htlc: &HTLCOutputInCommitment, a_htlc_key: &PublicKey, b_htlc_key: &PublicKey, revocation_key: &PublicKey) -> Script {
 	let payment_hash160 = Ripemd160::hash(&htlc.payment_hash.0[..]).into_inner();
 	if htlc.offered {
-		Builder::new().push_opcode(opcodes::All::OP_DUP)
-		              .push_opcode(opcodes::All::OP_HASH160)
+		Builder::new().push_opcode(opcodes::all::OP_DUP)
+		              .push_opcode(opcodes::all::OP_HASH160)
 		              .push_slice(&Hash160::hash(&revocation_key.serialize())[..])
-		              .push_opcode(opcodes::All::OP_EQUAL)
-		              .push_opcode(opcodes::All::OP_IF)
-		              .push_opcode(opcodes::All::OP_CHECKSIG)
-		              .push_opcode(opcodes::All::OP_ELSE)
+		              .push_opcode(opcodes::all::OP_EQUAL)
+		              .push_opcode(opcodes::all::OP_IF)
+		              .push_opcode(opcodes::all::OP_CHECKSIG)
+		              .push_opcode(opcodes::all::OP_ELSE)
 		              .push_slice(&b_htlc_key.serialize()[..])
-		              .push_opcode(opcodes::All::OP_SWAP)
-		              .push_opcode(opcodes::All::OP_SIZE)
+		              .push_opcode(opcodes::all::OP_SWAP)
+		              .push_opcode(opcodes::all::OP_SIZE)
 		              .push_int(32)
-		              .push_opcode(opcodes::All::OP_EQUAL)
-		              .push_opcode(opcodes::All::OP_NOTIF)
-		              .push_opcode(opcodes::All::OP_DROP)
+		              .push_opcode(opcodes::all::OP_EQUAL)
+		              .push_opcode(opcodes::all::OP_NOTIF)
+		              .push_opcode(opcodes::all::OP_DROP)
 		              .push_int(2)
-		              .push_opcode(opcodes::All::OP_SWAP)
+		              .push_opcode(opcodes::all::OP_SWAP)
 		              .push_slice(&a_htlc_key.serialize()[..])
 		              .push_int(2)
-		              .push_opcode(opcodes::All::OP_CHECKMULTISIG)
-		              .push_opcode(opcodes::All::OP_ELSE)
-		              .push_opcode(opcodes::All::OP_HASH160)
+		              .push_opcode(opcodes::all::OP_CHECKMULTISIG)
+		              .push_opcode(opcodes::all::OP_ELSE)
+		              .push_opcode(opcodes::all::OP_HASH160)
 		              .push_slice(&payment_hash160)
-		              .push_opcode(opcodes::All::OP_EQUALVERIFY)
-		              .push_opcode(opcodes::All::OP_CHECKSIG)
-		              .push_opcode(opcodes::All::OP_ENDIF)
-		              .push_opcode(opcodes::All::OP_ENDIF)
+		              .push_opcode(opcodes::all::OP_EQUALVERIFY)
+		              .push_opcode(opcodes::all::OP_CHECKSIG)
+		              .push_opcode(opcodes::all::OP_ENDIF)
+		              .push_opcode(opcodes::all::OP_ENDIF)
 		              .into_script()
 	} else {
-		Builder::new().push_opcode(opcodes::All::OP_DUP)
-		              .push_opcode(opcodes::All::OP_HASH160)
+		Builder::new().push_opcode(opcodes::all::OP_DUP)
+		              .push_opcode(opcodes::all::OP_HASH160)
 		              .push_slice(&Hash160::hash(&revocation_key.serialize())[..])
-		              .push_opcode(opcodes::All::OP_EQUAL)
-		              .push_opcode(opcodes::All::OP_IF)
-		              .push_opcode(opcodes::All::OP_CHECKSIG)
-		              .push_opcode(opcodes::All::OP_ELSE)
+		              .push_opcode(opcodes::all::OP_EQUAL)
+		              .push_opcode(opcodes::all::OP_IF)
+		              .push_opcode(opcodes::all::OP_CHECKSIG)
+		              .push_opcode(opcodes::all::OP_ELSE)
 		              .push_slice(&b_htlc_key.serialize()[..])
-		              .push_opcode(opcodes::All::OP_SWAP)
-		              .push_opcode(opcodes::All::OP_SIZE)
+		              .push_opcode(opcodes::all::OP_SWAP)
+		              .push_opcode(opcodes::all::OP_SIZE)
 		              .push_int(32)
-		              .push_opcode(opcodes::All::OP_EQUAL)
-		              .push_opcode(opcodes::All::OP_IF)
-		              .push_opcode(opcodes::All::OP_HASH160)
+		              .push_opcode(opcodes::all::OP_EQUAL)
+		              .push_opcode(opcodes::all::OP_IF)
+		              .push_opcode(opcodes::all::OP_HASH160)
 		              .push_slice(&payment_hash160)
-		              .push_opcode(opcodes::All::OP_EQUALVERIFY)
+		              .push_opcode(opcodes::all::OP_EQUALVERIFY)
 		              .push_int(2)
-		              .push_opcode(opcodes::All::OP_SWAP)
+		              .push_opcode(opcodes::all::OP_SWAP)
 		              .push_slice(&a_htlc_key.serialize()[..])
 		              .push_int(2)
-		              .push_opcode(opcodes::All::OP_CHECKMULTISIG)
-		              .push_opcode(opcodes::All::OP_ELSE)
-		              .push_opcode(opcodes::All::OP_DROP)
+		              .push_opcode(opcodes::all::OP_CHECKMULTISIG)
+		              .push_opcode(opcodes::all::OP_ELSE)
+		              .push_opcode(opcodes::all::OP_DROP)
 		              .push_int(htlc.cltv_expiry as i64)
 		              .push_opcode(opcodes::OP_CLTV)
-		              .push_opcode(opcodes::All::OP_DROP)
-		              .push_opcode(opcodes::All::OP_CHECKSIG)
-		              .push_opcode(opcodes::All::OP_ENDIF)
-		              .push_opcode(opcodes::All::OP_ENDIF)
+		              .push_opcode(opcodes::all::OP_DROP)
+		              .push_opcode(opcodes::all::OP_CHECKSIG)
+		              .push_opcode(opcodes::all::OP_ENDIF)
+		              .push_opcode(opcodes::all::OP_ENDIF)
 		              .into_script()
 	}
 }