age restriction: make seed a HashCode due to endianess and security level concerns

author: Florian Dold <florian@dold.me> 2022-04-26 23:34:14 +0200
committer: Florian Dold <florian@dold.me> 2022-04-26 23:34:14 +0200
commit: 17a00ef22dadd10c97fea188c75a8aaeb1e64442 (patch)
tree: 838efd9d5c6ba577f4735b9da57a9d38489b007b /src/lib
parent: 47e276e11a5d1d92bbfc3c8c2e940902af3003dd (diff)
2 files changed, 2 insertions, 9 deletions
diff --git a/src/lib/exchange_api_link.c b/src/lib/exchange_api_link.c
index ddc763c33..9e8625ed5 100644
--- a/src/lib/exchange_api_link.c
+++ b/src/lib/exchange_api_link.c
@@ -148,15 +148,13 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle *lh,
   /* Derive the age commitment and calculate the hash */
   if (NULL != lh->age_commitment_proof)
   {
-    uint64_t seed  = (uint64_t) secret.key.bits[0]
-                     | (uint64_t) secret.key.bits[1] << 32;
     lci->age_commitment_proof = GNUNET_new (struct TALER_AgeCommitmentProof);
     lci->h_age_commitment = GNUNET_new (struct TALER_AgeCommitmentHash);
 
     GNUNET_assert (GNUNET_OK ==
                    TALER_age_commitment_derive (
                      lh->age_commitment_proof,
-                     seed,
+                     &secret.key,
                      lci->age_commitment_proof));
 
     TALER_age_commitment_hash (
diff --git a/src/lib/exchange_api_refresh_common.c b/src/lib/exchange_api_refresh_common.c
index 94d0dc8cb..581e21152 100644
--- a/src/lib/exchange_api_refresh_common.c
+++ b/src/lib/exchange_api_refresh_common.c
@@ -185,11 +185,6 @@ TALER_EXCHANGE_get_melt_data_ (
       /* Handle age commitment, if present */
       if (NULL != md->melted_coin.age_commitment_proof)
       {
-        /* We use the first 8 bytes of the trans_sec to generate a new age
-         * commitment */
-        uint64_t age_seed = (uint64_t) trans_sec.key.bits[0]
-                            | (uint64_t) trans_sec.key.bits[1] << 32;
-
         fcd->age_commitment_proof[i] = GNUNET_new (struct
                                                    TALER_AgeCommitmentProof);
         ach = GNUNET_new (struct TALER_AgeCommitmentHash);
@@ -197,7 +192,7 @@ TALER_EXCHANGE_get_melt_data_ (
         GNUNET_assert (GNUNET_OK ==
                        TALER_age_commitment_derive (
                          md->melted_coin.age_commitment_proof,
-                         age_seed,
+                         &trans_sec.key,
                          fcd->age_commitment_proof[i]));
 
         TALER_age_commitment_hash (
author	Florian Dold <florian@dold.me>	2022-04-26 23:34:14 +0200
committer	Florian Dold <florian@dold.me>	2022-04-26 23:34:14 +0200
commit	17a00ef22dadd10c97fea188c75a8aaeb1e64442 (patch)
tree	838efd9d5c6ba577f4735b9da57a9d38489b007b /src/lib
parent	47e276e11a5d1d92bbfc3c8c2e940902af3003dd (diff)