From 17a00ef22dadd10c97fea188c75a8aaeb1e64442 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Tue, 26 Apr 2022 23:34:14 +0200 Subject: age restriction: make seed a HashCode due to endianess and security level concerns --- src/lib/exchange_api_refresh_common.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) (limited to 'src/lib/exchange_api_refresh_common.c') diff --git a/src/lib/exchange_api_refresh_common.c b/src/lib/exchange_api_refresh_common.c index 94d0dc8c..581e2115 100644 --- a/src/lib/exchange_api_refresh_common.c +++ b/src/lib/exchange_api_refresh_common.c @@ -185,11 +185,6 @@ TALER_EXCHANGE_get_melt_data_ ( /* Handle age commitment, if present */ if (NULL != md->melted_coin.age_commitment_proof) { - /* We use the first 8 bytes of the trans_sec to generate a new age - * commitment */ - uint64_t age_seed = (uint64_t) trans_sec.key.bits[0] - | (uint64_t) trans_sec.key.bits[1] << 32; - fcd->age_commitment_proof[i] = GNUNET_new (struct TALER_AgeCommitmentProof); ach = GNUNET_new (struct TALER_AgeCommitmentHash); @@ -197,7 +192,7 @@ TALER_EXCHANGE_get_melt_data_ ( GNUNET_assert (GNUNET_OK == TALER_age_commitment_derive ( md->melted_coin.age_commitment_proof, - age_seed, + &trans_sec.key, fcd->age_commitment_proof[i])); TALER_age_commitment_hash ( -- cgit v1.2.3