Merge #327: Re-arrange functionality to make ECDSA and Schnorr equal-ish citizens

d244b4d Fix typo in docs (Thomas Eizinger)
c5c9551 Move helper function below usage (Thomas Eizinger)
ce44277 Move ECDSA functionality into ECDSA module (Thomas Eizinger)
e0c3bb2 Rename schnorr functions on `Secp256k1` to match naming of ecdsa (Thomas Eizinger)
760559c Rename `schnorrsig` module to `schnorr` (Thomas Eizinger)
d4fb819 Move `XOnlyPublicKey` to `key` module (Thomas Eizinger)
87d936a Rename `schnorr::PublicKey` to `schnorr::XOnlyPublicKey` (Thomas Eizinger)
2e0e731 Move `KeyPair` to `key` module (Thomas Eizinger)
c47ead9 Move `Signature` and `SerializedSignature` to new `ecdsa` module (Thomas Eizinger)
49c7e21 Prefer `use super::*` import over manually picking items (Thomas Eizinger)
52d0554 Fully qualify Error to simplify imports (Thomas Eizinger)
8e96aba Make `key` module private (Thomas Eizinger)

Pull request description:

  This patch-set tries to re-structure the library a bit. What we currently have seems to have been mostly driven by historical growth. For example, with the addition of Schnorr signatures, just exposing `secp256k1::Signature` is ambiguous.

  This PR only contains renames and moving around of code. I've tried to structure the patches in such a way that makes this reasonably easy to review. Feedback welcome!

ACKs for top commit:
  sanket1729:
    ACK d244b4d
  apoelstra:
    ACK d244b4d

Tree-SHA512: d40af5c56ffa500305e40eb5dbe72f2f6d6193b3a190910018d3bacdec2820ab6a59f15d47d11e0fee7ef4de6efd46d316636cd502aad5db4f314dedfff726f9

Author: apoelstra

examples/sign_verify.rs

@@ -2,22 +2,22 @@ extern crate bitcoin_hashes;
 extern crate secp256k1;
 
 use bitcoin_hashes::{sha256, Hash};
-use secp256k1::{Error, Message, PublicKey, Secp256k1, SecretKey, Signature, Signing, Verification};
+use secp256k1::{Error, Message, PublicKey, Secp256k1, SecretKey, ecdsa, Signing, Verification};
 
 fn verify<C: Verification>(secp: &Secp256k1<C>, msg: &[u8], sig: [u8; 64], pubkey: [u8; 33]) -> Result<bool, Error> {
     let msg = sha256::Hash::hash(msg);
     let msg = Message::from_slice(&msg)?;
-    let sig = Signature::from_compact(&sig)?;
+    let sig = ecdsa::Signature::from_compact(&sig)?;
     let pubkey = PublicKey::from_slice(&pubkey)?;
 
-    Ok(secp.verify(&msg, &sig, &pubkey).is_ok())
+    Ok(secp.verify_ecdsa(&msg, &sig, &pubkey).is_ok())
 }
 
-fn sign<C: Signing>(secp: &Secp256k1<C>, msg: &[u8], seckey: [u8; 32]) -> Result<Signature, Error> {
+fn sign<C: Signing>(secp: &Secp256k1<C>, msg: &[u8], seckey: [u8; 32]) -> Result<ecdsa::Signature, Error> {
     let msg = sha256::Hash::hash(msg);
     let msg = Message::from_slice(&msg)?;
     let seckey = SecretKey::from_slice(&seckey)?;
-    Ok(secp.sign(&msg, &seckey))
+    Ok(secp.sign_ecdsa(&msg, &seckey))
 }
 
 fn main() {

examples/sign_verify_recovery.rs

@@ -3,23 +3,22 @@ extern crate bitcoin_hashes;
 extern crate secp256k1;
 
 use bitcoin_hashes::{sha256, Hash};
-use secp256k1::recovery::{RecoverableSignature, RecoveryId};
-use secp256k1::{Error, Message, PublicKey, Secp256k1, SecretKey, Signing, Verification};
+use secp256k1::{Error, Message, PublicKey, Secp256k1, SecretKey, Signing, Verification, ecdsa};
 
 fn recover<C: Verification>(secp: &Secp256k1<C>,msg: &[u8],sig: [u8; 64],recovery_id: u8) -> Result<PublicKey, Error> {
     let msg = sha256::Hash::hash(msg);
     let msg = Message::from_slice(&msg)?;
-    let id = RecoveryId::from_i32(recovery_id as i32)?;
-    let sig = RecoverableSignature::from_compact(&sig, id)?;
+    let id = ecdsa::RecoveryId::from_i32(recovery_id as i32)?;
+    let sig = ecdsa::RecoverableSignature::from_compact(&sig, id)?;
 
-    secp.recover(&msg, &sig)
+    secp.recover_ecdsa(&msg, &sig)
 }
 
-fn sign_recovery<C: Signing>(secp: &Secp256k1<C>, msg: &[u8], seckey: [u8; 32]) -> Result<RecoverableSignature, Error> {
+fn sign_recovery<C: Signing>(secp: &Secp256k1<C>, msg: &[u8], seckey: [u8; 32]) -> Result<ecdsa::RecoverableSignature, Error> {
     let msg = sha256::Hash::hash(msg);
     let msg = Message::from_slice(&msg)?;
     let seckey = SecretKey::from_slice(&seckey)?;
-    Ok(secp.sign_recoverable(&msg, &seckey))
+    Ok(secp.sign_ecdsa_recoverable(&msg, &seckey))
 }
 
 fn main() {

no_std_test/src/main.rs

@@ -106,22 +106,22 @@ fn start(_argc: isize, _argv: *const *const u8) -> isize {
     let public_key = PublicKey::from_secret_key(&secp, &secret_key);
     let message = Message::from_slice(&[0xab; 32]).expect("32 bytes");
 
-    let sig = secp.sign(&message, &secret_key);
-    assert!(secp.verify(&message, &sig, &public_key).is_ok());
+    let sig = secp.sign_ecdsa(&message, &secret_key);
+    assert!(secp.verify_ecdsa(&message, &sig, &public_key).is_ok());
 
-    let rec_sig = secp.sign_recoverable(&message, &secret_key);
-    assert!(secp.verify(&message, &rec_sig.to_standard(), &public_key).is_ok());
-    assert_eq!(public_key, secp.recover(&message, &rec_sig).unwrap());
+    let rec_sig = secp.sign_ecdsa_recoverable(&message, &secret_key);
+    assert!(secp.verify_ecdsa(&message, &rec_sig.to_standard(), &public_key).is_ok());
+    assert_eq!(public_key, secp.recover_ecdsa(&message, &rec_sig).unwrap());
     let (rec_id, data) = rec_sig.serialize_compact();
-    let new_rec_sig = recovery::RecoverableSignature::from_compact(&data, rec_id).unwrap();
+    let new_rec_sig = ecdsa::RecoverableSignature::from_compact(&data, rec_id).unwrap();
     assert_eq!(rec_sig, new_rec_sig);
 
     let mut cbor_ser = [0u8; 100];
     let writer = SliceWrite::new(&mut cbor_ser[..]);
     let mut ser = Serializer::new(writer);
     sig.serialize(&mut ser).unwrap();
     let size = ser.into_inner().bytes_written();
-    let new_sig: Signature = de::from_mut_slice(&mut cbor_ser[..size]).unwrap();
+    let new_sig: ecdsa::Signature = de::from_mut_slice(&mut cbor_ser[..size]).unwrap();
     assert_eq!(sig, new_sig);
 
     let _ = SharedSecret::new(&public_key, &secret_key);

src/ecdh.rs

@@ -169,8 +169,8 @@ impl SharedSecret {
 
 #[cfg(test)]
 mod tests {
+    use super::*;
     use rand::thread_rng;
-    use super::SharedSecret;
     use super::super::Secp256k1;
 
     #[cfg(target_arch = "wasm32")]
@@ -224,7 +224,7 @@ mod tests {
         let x = [5u8; 32];
         let y = [7u8; 32];
         let mut output = [0u8; 64];
-        let res = unsafe { super::c_callback(output.as_mut_ptr(), x.as_ptr(), y.as_ptr(), ::ptr::null_mut()) };
+        let res = unsafe { super::c_callback(output.as_mut_ptr(), x.as_ptr(), y.as_ptr(), ptr::null_mut()) };
         assert_eq!(res, 1);
         let mut new_x = [0u8; 32];
         let mut new_y = [0u8; 32];