From 093fbecb7ae83db63292088a78954037e0f5ac25 Mon Sep 17 00:00:00 2001
From: Andrew Kozlik <andrew.kozlik@gmail.com>
Date: Wed, 29 Jun 2022 19:01:47 +0200
Subject: [PATCH] refactor(crypto): Clean up ed25519_publickey_ext() API.

---
 crypto/bip32.c                    | 3 +--
 crypto/ed25519-donna/ed25519.c    | 8 +-------
 crypto/ed25519-donna/ed25519.h    | 2 +-
 crypto/tests/test_check_cardano.h | 2 +-
 4 files changed, 4 insertions(+), 11 deletions(-)

diff --git a/crypto/bip32.c b/crypto/bip32.c
index 34130dbb0..09723d9fd 100644
--- a/crypto/bip32.c
+++ b/crypto/bip32.c
@@ -490,8 +490,7 @@ int hdnode_fill_public_key(HDNode *node) {
       curve25519_scalarmult_basepoint(node->public_key + 1, node->private_key);
 #if USE_CARDANO
     } else if (node->curve == &ed25519_cardano_info) {
-      ed25519_publickey_ext(node->private_key, node->private_key_extension,
-                            node->public_key + 1);
+      ed25519_publickey_ext(node->private_key, node->public_key + 1);
 #endif
     }
   }
diff --git a/crypto/ed25519-donna/ed25519.c b/crypto/ed25519-donna/ed25519.c
index 2a7c7c941..2368f41a2 100644
--- a/crypto/ed25519-donna/ed25519.c
+++ b/crypto/ed25519-donna/ed25519.c
@@ -59,17 +59,11 @@ ED25519_FN(ed25519_publickey) (const ed25519_secret_key sk, ed25519_public_key p
 
 #if USE_CARDANO
 void
-ED25519_FN(ed25519_publickey_ext) (const ed25519_secret_key sk, const ed25519_secret_key skext, ed25519_public_key pk) {
+ED25519_FN(ed25519_publickey_ext) (const ed25519_secret_key extsk, ed25519_public_key pk) {
 	bignum256modm a = {0};
 	ge25519 ALIGN(16) A;
-	hash_512bits extsk = {0};
-
-	/* we don't stretch the key through hashing first since its already 64 bytes */
 
-	memcpy(extsk, sk, 32);
-	memcpy(extsk+32, skext, 32);
 	expand256_modm(a, extsk, 32);
-	memzero(&extsk, sizeof(extsk));
 	ge25519_scalarmult_base_niels(&A, ge25519_niels_base_multiples, a);
 	memzero(&a, sizeof(a));
 	ge25519_pack(pk, &A);
diff --git a/crypto/ed25519-donna/ed25519.h b/crypto/ed25519-donna/ed25519.h
index 43cde535c..cb67e5460 100644
--- a/crypto/ed25519-donna/ed25519.h
+++ b/crypto/ed25519-donna/ed25519.h
@@ -17,7 +17,7 @@ typedef unsigned char ed25519_cosi_signature[32];
 
 void ed25519_publickey(const ed25519_secret_key sk, ed25519_public_key pk);
 #if USE_CARDANO
-void ed25519_publickey_ext(const ed25519_secret_key sk, const ed25519_secret_key skext, ed25519_public_key pk);
+void ed25519_publickey_ext(const ed25519_secret_key extsk, ed25519_public_key pk);
 #endif
 
 int ed25519_sign_open(const unsigned char *m, size_t mlen, const ed25519_public_key pk, const ed25519_signature RS);
diff --git a/crypto/tests/test_check_cardano.h b/crypto/tests/test_check_cardano.h
index 81b84aa0c..4f31a5530 100644
--- a/crypto/tests/test_check_cardano.h
+++ b/crypto/tests/test_check_cardano.h
@@ -89,7 +89,7 @@ START_TEST(test_ed25519_cardano_sign_vectors) {
     memcpy(secret_key_extension, fromhex(*(test_data + 1)), 32);
     MARK_SECRET_DATA(secret_key_extension, sizeof(secret_key_extension));
 
-    ed25519_publickey_ext(secret_key, secret_key_extension, public_key);
+    ed25519_publickey_ext(secret_key, public_key);
     UNMARK_SECRET_DATA(public_key, sizeof(public_key));
 
     ck_assert_mem_eq(public_key, fromhex(*(test_data + 2)), 32);