test: remove a ton of rand feature-gating

Sometihng like half the tests in this crate are gated on "rand", most of
which are for dumb reasons (we are generating random keys from the
thread rng). By adding a non-feature=rand "random key generator" we can
enable these tests even without the rand feature.

We typically also have a gate on "std", which is needed to get the
thread rng, but in some cases this is the *only* reason to have a std
gate. So by eliminating the rand requirement we can make tests work in
nostd.

In the LLM-generated tests in musig2.rs we have some rand feature gates
for literally no reason at all :/. My bad.

In addition to dramatically increasing nostd test coverage, the new
"generate random keys" function also gives us an opportunity to use the
new global context API including rerandomization.

Author: apoelstra

src/ecdh.rs

@@ -194,11 +194,9 @@ mod tests {
     use crate::Secp256k1;
 
     #[test]
-    #[cfg(all(feature = "rand", feature = "std"))]
     fn ecdh() {
-        let s = Secp256k1::signing_only();
-        let (sk1, pk1) = s.generate_keypair(&mut rand::rng());
-        let (sk2, pk2) = s.generate_keypair(&mut rand::rng());
+        let (sk1, pk1) = crate::test_random_keypair();
+        let (sk2, pk2) = crate::test_random_keypair();
 
         let sec1 = SharedSecret::new(&pk2, &sk1);
         let sec2 = SharedSecret::new(&pk1, &sk2);
@@ -226,15 +224,14 @@ mod tests {
 
     #[test]
     #[cfg(not(secp256k1_fuzz))]
-    #[cfg(all(feature = "hashes", feature = "rand", feature = "std"))]
+    #[cfg(feature = "hashes")]
     fn hashes_and_sys_generate_same_secret() {
         use hashes::{sha256, Hash, HashEngine};
 
         use crate::ecdh::shared_secret_point;
 
-        let s = Secp256k1::signing_only();
-        let (sk1, _) = s.generate_keypair(&mut rand::rng());
-        let (_, pk2) = s.generate_keypair(&mut rand::rng());
+        let (sk1, _) = crate::test_random_keypair();
+        let (_, pk2) = crate::test_random_keypair();
 
         let secret_sys = SharedSecret::new(&pk2, &sk1);
 
@@ -251,7 +248,7 @@ mod tests {
     }
 
     #[test]
-    #[cfg(all(feature = "serde", feature = "alloc"))]
+    #[cfg(all(feature = "serde"))]
     fn serde() {
         use serde_test::{assert_tokens, Configure, Token};
         #[rustfmt::skip]

src/ecdsa/recovery.rs

@@ -264,17 +264,17 @@ mod tests {
     use crate::{Error, Message, Secp256k1, SecretKey};
 
     #[test]
-    #[cfg(all(feature = "rand", feature = "std"))]
+    #[cfg(feature = "std")]
     fn capabilities() {
         let sign = Secp256k1::signing_only();
         let vrfy = Secp256k1::verification_only();
         let full = Secp256k1::new();
 
-        let msg = crate::random_32_bytes(&mut rand::rng());
+        let msg = crate::test_random_32_bytes();
         let msg = Message::from_digest_slice(&msg).unwrap();
 
         // Try key generation
-        let (sk, pk) = full.generate_keypair(&mut rand::rng());
+        let (sk, pk) = crate::test_random_keypair();
 
         // Try signing
         assert_eq!(sign.sign_ecdsa_recoverable(msg, &sk), full.sign_ecdsa_recoverable(msg, &sk));
@@ -296,11 +296,10 @@ mod tests {
 
     #[test]
     #[cfg(not(secp256k1_fuzz))]  // fixed sig vectors can't work with fuzz-sigs
-    #[cfg(all(feature = "rand", feature = "std"))]
+    #[cfg(feature = "std")]
     #[rustfmt::skip]
     fn sign() {
-        let mut s = Secp256k1::new();
-        s.randomize(&mut rand::rng());
+        let s = Secp256k1::new();
 
         let sk = SecretKey::from_slice(&ONE).unwrap();
         let msg = Message::from_digest_slice(&ONE).unwrap();
@@ -321,11 +320,10 @@ mod tests {
 
     #[test]
     #[cfg(not(secp256k1_fuzz))]  // fixed sig vectors can't work with fuzz-sigs
-    #[cfg(all(feature = "rand", feature = "std"))]
+    #[cfg(feature = "std")]
     #[rustfmt::skip]
     fn sign_with_noncedata() {
-        let mut s = Secp256k1::new();
-        s.randomize(&mut rand::rng());
+        let s = Secp256k1::new();
 
         let sk = SecretKey::from_slice(&ONE).unwrap();
         let msg = Message::from_digest_slice(&ONE).unwrap();
@@ -346,68 +344,57 @@ mod tests {
     }
 
     #[test]
-    #[cfg(all(feature = "rand", feature = "std"))]
+    #[cfg(feature = "std")]
     fn sign_and_verify_fail() {
-        let mut s = Secp256k1::new();
-        s.randomize(&mut rand::rng());
-
-        let msg = crate::random_32_bytes(&mut rand::rng());
-        let msg = Message::from_digest_slice(&msg).unwrap();
+        let s = Secp256k1::new();
 
-        let (sk, pk) = s.generate_keypair(&mut rand::rng());
+        let msg = Message::from_digest(crate::test_random_32_bytes());
+        let (sk, pk) = crate::test_random_keypair();
 
         let sigr = s.sign_ecdsa_recoverable(msg, &sk);
         let sig = sigr.to_standard();
 
-        let msg = crate::random_32_bytes(&mut rand::rng());
-        let msg = Message::from_digest_slice(&msg).unwrap();
+        let msg = Message::from_digest(crate::test_random_32_bytes());
         assert_eq!(s.verify_ecdsa(&sig, msg, &pk), Err(Error::IncorrectSignature));
 
         let recovered_key = s.recover_ecdsa(msg, &sigr).unwrap();
         assert!(recovered_key != pk);
     }
 
     #[test]
-    #[cfg(all(feature = "rand", feature = "std"))]
+    #[cfg(feature = "std")]
     fn sign_with_recovery() {
-        let mut s = Secp256k1::new();
-        s.randomize(&mut rand::rng());
-
-        let msg = crate::random_32_bytes(&mut rand::rng());
-        let msg = Message::from_digest_slice(&msg).unwrap();
+        let s = Secp256k1::new();
 
-        let (sk, pk) = s.generate_keypair(&mut rand::rng());
+        let msg = Message::from_digest(crate::test_random_32_bytes());
+        let (sk, pk) = crate::test_random_keypair();
 
         let sig = s.sign_ecdsa_recoverable(msg, &sk);
 
         assert_eq!(s.recover_ecdsa(msg, &sig), Ok(pk));
     }
 
     #[test]
-    #[cfg(all(feature = "rand", feature = "std"))]
+    #[cfg(feature = "std")]
     fn sign_with_recovery_and_noncedata() {
-        let mut s = Secp256k1::new();
-        s.randomize(&mut rand::rng());
-
-        let msg = crate::random_32_bytes(&mut rand::rng());
-        let msg = Message::from_digest_slice(&msg).unwrap();
+        let s = Secp256k1::new();
 
-        let noncedata = [42u8; 32];
+        let msg = Message::from_digest(crate::test_random_32_bytes());
+        let noncedata = crate::test_random_32_bytes();
 
-        let (sk, pk) = s.generate_keypair(&mut rand::rng());
+        let (sk, pk) = crate::test_random_keypair();
 
         let sig = s.sign_ecdsa_recoverable_with_noncedata(msg, &sk, &noncedata);
 
         assert_eq!(s.recover_ecdsa(msg, &sig), Ok(pk));
     }
 
     #[test]
-    #[cfg(all(feature = "rand", feature = "std"))]
+    #[cfg(feature = "std")]
     fn bad_recovery() {
-        let mut s = Secp256k1::new();
-        s.randomize(&mut rand::rng());
+        let s = Secp256k1::new();
 
-        let msg = Message::from_digest_slice(&[0x55; 32]).unwrap();
+        let msg = Message::from_digest(crate::test_random_32_bytes());
 
         // Zero is not a valid sig
         let sig = RecoverableSignature::from_compact(&[0; 64], RecoveryId::Zero).unwrap();
@@ -468,22 +455,21 @@ mod tests {
 }
 
 #[cfg(bench)]
-#[cfg(all(feature = "rand", feature = "std"))] // Currently only a single bench that requires "rand" + "std".
+#[cfg(feature = "std")] // Currently only a single bench that requires "rand" + "std".
 mod benches {
     use test::{black_box, Bencher};
 
-    use super::{Message, Secp256k1};
+    use crate::{Message, Secp256k1, SecretKey};
 
     #[bench]
     pub fn bench_recover(bh: &mut Bencher) {
         let s = Secp256k1::new();
-        let msg = crate::random_32_bytes(&mut rand::rng());
-        let msg = Message::from_digest_slice(&msg).unwrap();
-        let (sk, _) = s.generate_keypair(&mut rand::rng());
-        let sig = s.sign_ecdsa_recoverable(&msg, &sk);
+        let msg = Message::from_digest(crate::test_random_32_bytes());
+        let sk = SecretKey::test_random();
+        let sig = s.sign_ecdsa_recoverable(msg, &sk);
 
         bh.iter(|| {
-            let res = s.recover_ecdsa(&msg, &sig).unwrap();
+            let res = s.recover_ecdsa(msg, &sig).unwrap();
             black_box(res);
         });
     }