keystore: port _test_keystore_secp256k1_schnorr_sign to Rust

benma · benma · commit 0c56a0e99ece · 2025-06-19T11:47:19.000+02:00
diff --git a/src/rust/bitbox02/src/keystore.rs b/src/rust/bitbox02/src/keystore.rs
@@ -401,6 +401,50 @@ mod tests {
             .is_ok());
     }
 
+    #[test]
+    fn test_secp256k1_schnorr_sign() {
+        mock_unlocked_using_mnemonic("abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about", "");
+        let keypath = [86 + HARDENED, 0 + HARDENED, 0 + HARDENED, 0, 0];
+        let msg = [0x88u8; 32];
+
+        let expected_pubkey = {
+            let pubkey =
+                hex::decode("cc8a4bc64d897bddc5fbc2f670f7a8ba0b386779106cf1223c6fc5d7cd6fc115")
+                    .unwrap();
+            secp256k1::XOnlyPublicKey::from_slice(&pubkey).unwrap()
+        };
+
+        // Test without tweak
+        crate::random::mock_reset();
+        let sig = secp256k1_schnorr_sign(&keypath, &msg, None).unwrap();
+        let secp = secp256k1::Secp256k1::new();
+        assert!(secp
+            .verify_schnorr(
+                &secp256k1::schnorr::Signature::from_slice(&sig).unwrap(),
+                &secp256k1::Message::from_digest_slice(&msg).unwrap(),
+                &expected_pubkey
+            )
+            .is_ok());
+
+        // Test with tweak
+        crate::random::mock_reset();
+        let tweak = {
+            let tweak =
+                hex::decode("a39fb163dbd9b5e0840af3cc1ee41d5b31245c5dd8d6bdc3d026d09b8964997c")
+                    .unwrap();
+            secp256k1::Scalar::from_be_bytes(tweak.try_into().unwrap()).unwrap()
+        };
+        let (tweaked_pubkey, _) = expected_pubkey.add_tweak(&secp, &tweak).unwrap();
+        let sig = secp256k1_schnorr_sign(&keypath, &msg, Some(&tweak.to_be_bytes())).unwrap();
+        assert!(secp
+            .verify_schnorr(
+                &secp256k1::schnorr::Signature::from_slice(&sig).unwrap(),
+                &secp256k1::Message::from_digest_slice(&msg).unwrap(),
+                &tweaked_pubkey
+            )
+            .is_ok());
+    }
+
     #[test]
     fn test_secp256k1_nonce_commit() {
         lock();
diff --git a/test/unit-test/test_keystore.c b/test/unit-test/test_keystore.c
@@ -140,16 +140,6 @@ static void _test_keystore_create_and_store_seed(void** state)
     }
 }
 
-static void _mock_with_mnemonic(const char* mnemonic, const char* passphrase)
-{
-    uint8_t seed[32] = {0};
-    size_t seed_len;
-    assert_true(keystore_bip39_mnemonic_to_seed(mnemonic, seed, &seed_len));
-
-    _mock_unlocked(seed, seed_len, NULL);
-    assert_true(keystore_unlock_bip39(passphrase));
-}
-
 // This tests that `secp256k1_schnorrsig_sign()` is the correct function to be used for schnorr sigs
 // in taproot. It is a separate test because there are test vectors available for this which cannot
 // be made to work with `keystore_secp256k1_schnorr_bip86_sign()`.
@@ -208,59 +198,13 @@ static void _test_secp256k1_schnorr_sign(void** state)
     }
 }
 
-static void _test_keystore_secp256k1_schnorr_sign(void** state)
-{
-    _mock_with_mnemonic(
-        "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon "
-        "about",
-        "");
-    const uint32_t keypath[] = {
-        86 + BIP32_INITIAL_HARDENED_CHILD,
-        0 + BIP32_INITIAL_HARDENED_CHILD,
-        0 + BIP32_INITIAL_HARDENED_CHILD,
-        0,
-        0,
-    };
-    struct ext_key xpub = {0};
-    assert_true(keystore_get_xpub(keypath, 5, &xpub));
-
-    uint8_t msg[32] = {0};
-    memset(msg, 0x88, sizeof(msg));
-    uint8_t sig[64] = {0};
-    uint8_t mock_aux_rand[32] = {0};
-
-    // Test without tweak
-    will_return(__wrap_random_32_bytes, mock_aux_rand);
-    assert_true(keystore_secp256k1_schnorr_sign(keypath, 5, msg, NULL, sig));
-    const secp256k1_context* ctx = wally_get_secp_context();
-    secp256k1_pubkey pubkey = {0};
-    assert_true(secp256k1_ec_pubkey_parse(ctx, &pubkey, xpub.pub_key, sizeof(xpub.pub_key)));
-    secp256k1_xonly_pubkey xonly_pubkey = {0};
-    assert_true(secp256k1_xonly_pubkey_from_pubkey(ctx, &xonly_pubkey, NULL, &pubkey));
-    assert_true(secp256k1_schnorrsig_verify(ctx, sig, msg, sizeof(msg), &xonly_pubkey));
-
-    // Test with tweak
-    const uint8_t tweak[32] =
-        "\xa3\x9f\xb1\x63\xdb\xd9\xb5\xe0\x84\x0a\xf3\xcc\x1e\xe4\x1d\x5b\x31\x24\x5c\x5d\xd8\xd6"
-        "\xbd\xc3\xd0\x26\xd0\x9b\x89\x64\x99\x7c";
-    will_return(__wrap_random_32_bytes, mock_aux_rand);
-    assert_true(keystore_secp256k1_schnorr_sign(keypath, 5, msg, tweak, sig));
-    secp256k1_pubkey tweaked_pubkey = {0};
-    assert_true(secp256k1_xonly_pubkey_tweak_add(ctx, &tweaked_pubkey, &xonly_pubkey, tweak));
-    secp256k1_xonly_pubkey tweaked_xonly_pubkey = {0};
-    assert_true(
-        secp256k1_xonly_pubkey_from_pubkey(ctx, &tweaked_xonly_pubkey, NULL, &tweaked_pubkey));
-    assert_true(secp256k1_schnorrsig_verify(ctx, sig, msg, sizeof(msg), &tweaked_xonly_pubkey));
-}
-
 int main(void)
 {
     mock_memory_set_salt_root(_salt_root);
 
     const struct CMUnitTest tests[] = {
         cmocka_unit_test(_test_keystore_create_and_store_seed),
         cmocka_unit_test(_test_secp256k1_schnorr_sign),
-        cmocka_unit_test(_test_keystore_secp256k1_schnorr_sign),
     };
     return cmocka_run_group_tests(tests, NULL, NULL);
 }
