diff --git a/librustzcash/src/rustzcash.rs b/librustzcash/src/rustzcash.rs index 1db70ac..4f27fa1 100644 --- a/librustzcash/src/rustzcash.rs +++ b/librustzcash/src/rustzcash.rs @@ -1002,8 +1002,11 @@ pub extern "system" fn librustzcash_sapling_spend_sig( Err(_) => return false, }; + // Initialize secure RNG + let mut rng = OsRng; + // Do the signing - let sig = spend_sig(ask, ar, unsafe { &*sighash }, &JUBJUB); + let sig = spend_sig(ask, ar, unsafe { &*sighash }, &mut rng, &JUBJUB); // Write out the signature sig.write(&mut (unsafe { &mut *result })[..]) diff --git a/zcash_primitives/src/sapling.rs b/zcash_primitives/src/sapling.rs index ad7e309..bd981e6 100644 --- a/zcash_primitives/src/sapling.rs +++ b/zcash_primitives/src/sapling.rs @@ -2,7 +2,7 @@ use ff::{BitIterator, PrimeField, PrimeFieldRepr}; use pairing::bls12_381::{Bls12, Fr, FrRepr}; -use rand_os::OsRng; +use rand_core::{CryptoRng, RngCore}; use sapling_crypto::{ jubjub::{fs::Fs, FixedGenerators, JubjubBls12}, pedersen_hash::{pedersen_hash, Personalization}, @@ -106,15 +106,13 @@ lazy_static! { } /// Create the spendAuthSig for a Sapling SpendDescription. -pub fn spend_sig( +pub fn spend_sig( ask: PrivateKey, ar: Fs, sighash: &[u8; 32], + rng: &mut R, params: &JubjubBls12, ) -> Signature { - // Initialize secure RNG - let mut rng = OsRng; - // We compute `rsk`... let rsk = ask.randomize(ar); @@ -130,7 +128,7 @@ pub fn spend_sig( // Do the signing rsk.sign( &data_to_be_signed, - &mut rng, + rng, FixedGenerators::SpendingKeyGenerator, params, ) diff --git a/zcash_primitives/src/transaction/builder.rs b/zcash_primitives/src/transaction/builder.rs index 4edcd20..5c0e643 100644 --- a/zcash_primitives/src/transaction/builder.rs +++ b/zcash_primitives/src/transaction/builder.rs @@ -522,6 +522,7 @@ impl Builder { PrivateKey(spend.extsk.expsk.ask), spend.alpha, &sighash, + &mut self.rng, &JUBJUB, )); }