adjustment of age-commitment and -proof generation
age-withdraw requires that the public keys in the age groups that are too large for the commitment are derived from a published public key.
This commit is contained in:
parent
cf49af2bb9
commit
c12a366d49
@ -1280,6 +1280,9 @@ export namespace AgeRestriction {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const PublishedAgeRestrictionBaseKey: Edx25519PublicKey = decodeCrock(
|
||||||
|
"CH0VKFDZ2GWRWHQBBGEK9MWV5YDQVJ0RXEE0KYT3NMB69F0R96TG");
|
||||||
|
|
||||||
export async function restrictionCommitSeeded(
|
export async function restrictionCommitSeeded(
|
||||||
ageMask: number,
|
ageMask: number,
|
||||||
age: number,
|
age: number,
|
||||||
@ -1292,19 +1295,32 @@ export namespace AgeRestriction {
|
|||||||
const pubs: Edx25519PublicKey[] = [];
|
const pubs: Edx25519PublicKey[] = [];
|
||||||
const privs: Edx25519PrivateKey[] = [];
|
const privs: Edx25519PrivateKey[] = [];
|
||||||
|
|
||||||
for (let i = 0; i < numPubs; i++) {
|
for (let i = 0; i < numPrivs; i++) {
|
||||||
const privSeed = await kdfKw({
|
const privSeed = await kdfKw({
|
||||||
outputLength: 32,
|
outputLength: 32,
|
||||||
ikm: seed,
|
ikm: seed,
|
||||||
info: stringToBytes("age-restriction-commit"),
|
info: stringToBytes("age-commitment"),
|
||||||
salt: bufferForUint32(i),
|
salt: bufferForUint32(i),
|
||||||
});
|
});
|
||||||
|
|
||||||
const priv = await Edx25519.keyCreateFromSeed(privSeed);
|
const priv = await Edx25519.keyCreateFromSeed(privSeed);
|
||||||
const pub = await Edx25519.getPublic(priv);
|
const pub = await Edx25519.getPublic(priv);
|
||||||
pubs.push(pub);
|
pubs.push(pub);
|
||||||
if (i < numPrivs) {
|
privs.push(priv);
|
||||||
privs.push(priv);
|
}
|
||||||
}
|
|
||||||
|
for (let i = numPrivs; i < numPubs; i++) {
|
||||||
|
const deriveSeed = await kdfKw({
|
||||||
|
outputLength: 32,
|
||||||
|
ikm: seed,
|
||||||
|
info: stringToBytes("age-factor"),
|
||||||
|
salt: bufferForUint32(i),
|
||||||
|
});
|
||||||
|
const pub = await Edx25519.publicKeyDerive(
|
||||||
|
PublishedAgeRestrictionBaseKey,
|
||||||
|
deriveSeed,
|
||||||
|
);
|
||||||
|
pubs.push(pub);
|
||||||
}
|
}
|
||||||
|
|
||||||
return {
|
return {
|
||||||
@ -1604,7 +1620,9 @@ export function amountToBuffer(amount: AmountLike): Uint8Array {
|
|||||||
return u8buf;
|
return u8buf;
|
||||||
}
|
}
|
||||||
|
|
||||||
export function timestampRoundedToBuffer(ts: TalerProtocolTimestamp): Uint8Array {
|
export function timestampRoundedToBuffer(
|
||||||
|
ts: TalerProtocolTimestamp,
|
||||||
|
): Uint8Array {
|
||||||
const b = new ArrayBuffer(8);
|
const b = new ArrayBuffer(8);
|
||||||
const v = new DataView(b);
|
const v = new DataView(b);
|
||||||
// The buffer we sign over represents the timestamp in microseconds.
|
// The buffer we sign over represents the timestamp in microseconds.
|
||||||
|
@ -720,9 +720,10 @@ export const nativeCryptoR: TalerCryptoInterfaceR = {
|
|||||||
if (denomPub.age_mask) {
|
if (denomPub.age_mask) {
|
||||||
const age = req.restrictAge || AgeRestriction.AGE_UNRESTRICTED;
|
const age = req.restrictAge || AgeRestriction.AGE_UNRESTRICTED;
|
||||||
logger.info(`creating age-restricted planchet (age ${age})`);
|
logger.info(`creating age-restricted planchet (age ${age})`);
|
||||||
maybeAcp = await AgeRestriction.restrictionCommit(
|
maybeAcp = await AgeRestriction.restrictionCommitSeeded(
|
||||||
denomPub.age_mask,
|
denomPub.age_mask,
|
||||||
age,
|
age,
|
||||||
|
stringToBytes(req.secretSeed)
|
||||||
);
|
);
|
||||||
maybeAgeCommitmentHash = AgeRestriction.hashCommitment(
|
maybeAgeCommitmentHash = AgeRestriction.hashCommitment(
|
||||||
maybeAcp.commitment,
|
maybeAcp.commitment,
|
||||||
|
Loading…
Reference in New Issue
Block a user