Refactor Sapling spendAuthSig creation into zcash_primitives::sapling

librustzcash/Cargo.toml

@@ -22,6 +22,7 @@ lazy_static = "1"
 byteorder = "1"
 rand = "0.4"
 sapling-crypto = { path = "../sapling-crypto" }
+zcash_primitives = { path = "../zcash_primitives" }
 zcash_proofs = { path = "../zcash_proofs" }
 zip32 = { path = "../zip32" }
 

librustzcash/src/rustzcash.rs

@@ -6,6 +6,7 @@ extern crate libc;
 extern crate pairing;
 extern crate rand;
 extern crate sapling_crypto;
+extern crate zcash_primitives;
 extern crate zcash_proofs;
 extern crate zip32;
 
@@ -61,6 +62,7 @@ use std::ffi::OsString;
 use std::os::windows::ffi::OsStringExt;
 
 use sapling_crypto::primitives::{ProofGenerationKey, ViewingKey};
+use zcash_primitives::sapling::spend_sig;
 use zcash_proofs::sapling::{
     CommitmentTreeWitness, SaplingProvingContext, SaplingVerificationContext,
 };
@@ -1069,27 +1071,8 @@ pub extern "system" fn librustzcash_sapling_spend_sig(
         Err(_) => return false,
     };
 
-    // We compute `rsk`...
-    let rsk = ask.randomize(ar);
-
-    // We compute `rk` from there (needed for key prefixing)
-    let rk =
-        redjubjub::PublicKey::from_private(&rsk, FixedGenerators::SpendingKeyGenerator, &JUBJUB);
-
-    // Compute the signature's message for rk/spend_auth_sig
-    let mut data_to_be_signed = [0u8; 64];
-    rk.0.write(&mut data_to_be_signed[0..32])
-        .expect("message buffer should be 32 bytes");
-    (&mut data_to_be_signed[32..64]).copy_from_slice(&(unsafe { &*sighash })[..]);
-
     // Do the signing
-    let mut rng = OsRng::new().expect("should be able to construct RNG");
-    let sig = rsk.sign(
-        &data_to_be_signed,
-        &mut rng,
-        FixedGenerators::SpendingKeyGenerator,
-        &JUBJUB,
-    );
+    let sig = spend_sig(ask, ar, unsafe { &*sighash }, &JUBJUB);
 
     // Write out the signature
     sig.write(&mut (unsafe { &mut *result })[..])