Added support for Schnorr signatures

_cffi_build/build.py

@@ -27,6 +27,8 @@ def _mk_ffi(sources, name='_libsecp256k1', **kwargs):
     Source('secp256k1.h', '#include <secp256k1.h>'),
     Source('secp256k1_ecdh.h', '#include <secp256k1_ecdh.h>'),
     Source('secp256k1_recovery.h', '#include <secp256k1_recovery.h>'),
+    Source('secp256k1_schnorrsig.h', '#include <secp256k1_schnorrsig.h>'),
+    Source('secp256k1_extrakeys.h', '#include <secp256k1_extrakeys.h>'),
 ]
 
 ffi = _mk_ffi(modules, libraries=['secp256k1'])

_cffi_build/secp256k1.h

@@ -4,6 +4,14 @@ typedef struct {
     unsigned char data[64];
 } secp256k1_pubkey;
 
+typedef struct {
+    unsigned char data[96];
+} secp256k1_keypair;
+
+typedef struct {
+    unsigned char data[64];
+} secp256k1_xonly_pubkey;
+
 typedef struct {
     unsigned char data[64];
 } secp256k1_ecdsa_signature;

_cffi_build/secp256k1_extrakeys.h

@@ -0,0 +1,12 @@
+int secp256k1_keypair_create(
+    const secp256k1_context* ctx,
+    secp256k1_keypair *keypair,
+    const unsigned char *seckey
+);
+
+int secp256k1_xonly_pubkey_from_pubkey(
+    const secp256k1_context* ctx,
+    secp256k1_xonly_pubkey *xonly_pubkey,
+    int *pk_parity,
+    const secp256k1_pubkey *pubkey
+);

_cffi_build/secp256k1_schnorrsig.h

@@ -0,0 +1,24 @@
+typedef int (*secp256k1_nonce_function_hardened)(
+    unsigned char *nonce32,
+    const unsigned char *msg32,
+    const unsigned char *key32,
+    const unsigned char *xonly_pk32,
+    const unsigned char *algo16,
+    void *data
+);
+
+int secp256k1_schnorrsig_sign(
+  const secp256k1_context* ctx,
+  unsigned char *sig64,
+  const unsigned char *msg32,
+  const secp256k1_keypair *keypair,
+  secp256k1_nonce_function_hardened noncefp,
+  void *ndata
+);
+
+int secp256k1_schnorrsig_verify(
+  const secp256k1_context* ctx,
+    const unsigned char *sig64,
+    const unsigned char *msg32,
+    const secp256k1_xonly_pubkey *pubkey
+);

coincurve/keys.py

@@ -106,6 +106,24 @@ def ecdh(self, public_key: bytes) -> bytes:
 
         return bytes(ffi.buffer(secret, 32))
 
+    def schnorr_sign(self, message: bytes, hasher: Hasher = sha256) -> bytes:
+        msg_hash = hasher(message) if hasher is not None else message
+        if len(msg_hash) != 32:
+            raise ValueError('Message hash must be 32 bytes long.')
+
+        signature = ffi.new('unsigned char [64]')
+
+        # Create the secp256k1_keypair
+        keypair = ffi.new('secp256k1_keypair *')
+        lib.secp256k1_keypair_create(self.context.ctx, keypair, self.secret)
+
+        signed = lib.secp256k1_schnorrsig_sign(self.context.ctx, signature, msg_hash, keypair, ffi.NULL, ffi.NULL)
+
+        if not signed:
+            raise ValueError('Failed to generate Schnorr signature.')
+
+        return bytes(signature)
+
     def add(self, scalar: bytes, update: bool = False):
         """
         Add a scalar to the private key.
@@ -410,6 +428,21 @@ def verify(self, signature: bytes, message: bytes, hasher: Hasher = sha256) -> b
         # A performance hack to avoid global bool() lookup.
         return not not verified
 
+    def schnorr_verify(self, signature: bytes, message: bytes, hasher: Hasher = sha256) -> bool:
+        msg_hash = hasher(message) if hasher is not None else message
+        if len(msg_hash) != 32:
+            raise ValueError('Message hash must be 32 bytes long.')
+
+        # Create the secp256k1_xonly_pubkey
+        xonly_pubkey = ffi.new('secp256k1_xonly_pubkey *')
+        parity = ffi.new("int *")
+        lib.secp256k1_xonly_pubkey_from_pubkey(self.context.ctx, xonly_pubkey, parity, self.public_key)
+
+        verified = lib.secp256k1_schnorrsig_verify(self.context.ctx, signature, msg_hash, xonly_pubkey)
+
+        # A performance hack to avoid global bool() lookup.
+        return not not verified
+
     def add(self, scalar: bytes, update: bool = False):
         """
         Add a scalar to the public key.

setup.py

@@ -181,10 +181,13 @@ def run(self):
             os.path.abspath(self.build_clib),
             '--enable-experimental',
             '--enable-module-ecdh',
+            '--enable-module-extrakeys',
+            '--enable-module-schnorrsig',
             '--enable-benchmark=no',
             '--enable-tests=no',
             '--enable-openssl-tests=no',
             '--enable-exhaustive-tests=no',
+            '',
         ]
 
         log.debug('Running configure: {}'.format(' '.join(cmd)))

tests/test_keys.py

@@ -59,6 +59,14 @@ def test_signature_recoverable(self):
             == PublicKey(recover(MESSAGE, deserialize_recoverable(private_key.sign_recoverable(MESSAGE)))).format()
         )
 
+    def test_schnorr_signature(self):
+        private_key = PrivateKey()
+        public_key = private_key.public_key
+
+        message = urandom(200)
+        signature = private_key.schnorr_sign(message)
+        assert public_key.schnorr_verify(signature, message)
+
     def test_to_hex(self):
         assert PrivateKey(PRIVATE_KEY_BYTES).to_hex() == PRIVATE_KEY_HEX