Refactor Sapling spendAuthSig creation into the sapling module

This should move into zcash_primitives once #35 has been merged.
zcash · Sep 11, 2018 · a6b3d14 · a6b3d14
1 parent 97dd7ae
commit a6b3d14
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 21 deletions.
diff --git a/librustzcash/src/rustzcash.rs b/librustzcash/src/rustzcash.rs
@@ -1015,28 +1015,8 @@ pub extern "system" fn librustzcash_sapling_spend_sig(
         Err(_) => return false,
     };
 
-    // We compute `rsk`...
-    let rsk = ask.randomize(ar);
-
-    // We compute `rk` from there (needed for key prefixing)
-    let rk =
-        redjubjub::PublicKey::from_private(&rsk, FixedGenerators::SpendingKeyGenerator, &JUBJUB);
-
-    // Compute the signature's message for rk/spend_auth_sig
-    let mut data_to_be_signed = [0u8; 64];
-    rk.0
-        .write(&mut data_to_be_signed[0..32])
-        .expect("message buffer should be 32 bytes");
-    (&mut data_to_be_signed[32..64]).copy_from_slice(&(unsafe { &*sighash })[..]);
-
     // Do the signing
-    let mut rng = OsRng::new().expect("should be able to construct RNG");
-    let sig = rsk.sign(
-        &data_to_be_signed,
-        &mut rng,
-        FixedGenerators::SpendingKeyGenerator,
-        &JUBJUB,
-    );
+    let sig = sapling::spend_sig(ask, ar, unsafe { &*sighash }, &JUBJUB);
 
     // Write out the signature
     sig.write(&mut (unsafe { &mut *result })[..])

diff --git a/librustzcash/src/sapling.rs b/librustzcash/src/sapling.rs
@@ -11,6 +11,38 @@ use sapling_crypto::{
 };
 use zcash_proofs::sapling::compute_value_balance;
 
+/// Create the spendAuthSig for a Sapling SpendDescription.
+pub fn spend_sig(
+    ask: PrivateKey<Bls12>,
+    ar: Fs,
+    sighash: &[u8; 32],
+    params: &JubjubBls12,
+) -> Signature {
+    // Initialize secure RNG
+    let mut rng = OsRng::new().expect("should be able to construct RNG");
+
+    // We compute `rsk`...
+    let rsk = ask.randomize(ar);
+
+    // We compute `rk` from there (needed for key prefixing)
+    let rk = PublicKey::from_private(&rsk, FixedGenerators::SpendingKeyGenerator, params);
+
+    // Compute the signature's message for rk/spend_auth_sig
+    let mut data_to_be_signed = [0u8; 64];
+    rk.0
+        .write(&mut data_to_be_signed[0..32])
+        .expect("message buffer should be 32 bytes");
+    (&mut data_to_be_signed[32..64]).copy_from_slice(&sighash[..]);
+
+    // Do the signing
+    rsk.sign(
+        &data_to_be_signed,
+        &mut rng,
+        FixedGenerators::SpendingKeyGenerator,
+        params,
+    )
+}
+
 /// A context object for verifying the Sapling components of a Zcash transaction.
 pub struct SaplingVerificationContext {
     bvk: edwards::Point<Bls12, Unknown>,