Correct the encoding of a_sk,par for Sprout child derivation.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>

zip-0032.rst

@@ -273,7 +273,9 @@ CDKsk((*a*\ :sub:`sk,par`\ , *c*\ :sub:`par`\ ), *i*) → (*a*\ :sub:`sk,i`\ , *
 
 - Check whether *i* ≥ 2\ :sup:`31` (whether the child is a hardened key).
 
-  - If so (hardened child): let *I* = PRF\ :sup:`expand`\ (*c*\ :sub:`par`\ , [0x80] || *a*\ :sub:`sk,par` || I2LEOSP\ :sub:`32`\ (*i*))
+  - If so (hardened child): let *I* = PRF\ :sup:`expand`\ (*c*\ :sub:`par`\ , [0x80] || *ASK*\ :sub:`par` || I2LEOSP\ :sub:`32`\ (*i*))
+    where *ASK*\ :sub:`par` is the encoding of *a*\ :sub:`sk,par` excluding lead bytes from
+    [#sapling-spec]_ section 5.6.8.
   - If not (normal child): return failure
 
 - Split *I* into two 32-byte sequences, *I*\ :sub:`L` and *I*\ :sub:`R`\ .