diff options
author | Florian Dold <florian@dold.me> | 2022-04-26 23:34:14 +0200 |
---|---|---|
committer | Florian Dold <florian@dold.me> | 2022-04-26 23:34:14 +0200 |
commit | 17a00ef22dadd10c97fea188c75a8aaeb1e64442 (patch) | |
tree | 838efd9d5c6ba577f4735b9da57a9d38489b007b /src/util | |
parent | 47e276e11a5d1d92bbfc3c8c2e940902af3003dd (diff) | |
download | exchange-17a00ef22dadd10c97fea188c75a8aaeb1e64442.tar.gz exchange-17a00ef22dadd10c97fea188c75a8aaeb1e64442.tar.bz2 exchange-17a00ef22dadd10c97fea188c75a8aaeb1e64442.zip |
age restriction: make seed a HashCode due to endianess and security level concerns
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/age_restriction.c | 6 | ||||
-rw-r--r-- | src/util/test_age_restriction.c | 8 | ||||
-rw-r--r-- | src/util/tv_age_restriction.c | 6 |
3 files changed, 13 insertions, 7 deletions
diff --git a/src/util/age_restriction.c b/src/util/age_restriction.c index 45ebc03c4..65c1574b3 100644 --- a/src/util/age_restriction.c +++ b/src/util/age_restriction.c @@ -173,7 +173,7 @@ FAIL: enum GNUNET_GenericReturnValue TALER_age_commitment_derive ( const struct TALER_AgeCommitmentProof *orig, - const uint64_t salt, + const struct GNUNET_HashCode *salt, struct TALER_AgeCommitmentProof *newacp) { GNUNET_assert (NULL != newacp); @@ -211,8 +211,8 @@ TALER_age_commitment_derive ( { GNUNET_CRYPTO_edx25519_private_key_derive ( &orig->proof.keys[i].priv, - &salt, - sizeof(salt), + salt, + sizeof(*salt), &newacp->proof.keys[i].priv); } #else diff --git a/src/util/test_age_restriction.c b/src/util/test_age_restriction.c index 9b8c6dfe5..847ab4e98 100644 --- a/src/util/test_age_restriction.c +++ b/src/util/test_age_restriction.c @@ -170,11 +170,13 @@ test_attestation (void) /* Also derive two more commitments right away */ for (uint8_t i = 0; i<2; i++) { - uint64_t salt = GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, - UINT64_MAX); + struct GNUNET_HashCode salt; + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, + &salt, + sizeof (salt)); GNUNET_assert (GNUNET_OK == TALER_age_commitment_derive (&acp[i], - salt, + &salt, &acp[i + 1])); } diff --git a/src/util/tv_age_restriction.c b/src/util/tv_age_restriction.c index ffb144ec5..2bddb9d1b 100644 --- a/src/util/tv_age_restriction.c +++ b/src/util/tv_age_restriction.c @@ -175,11 +175,15 @@ generate ( /* Also derive two more commitments right away */ for (uint8_t i = 0; i<2; i++) { + struct GNUNET_HashCode salt; + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, + &salt, + sizeof (salt)); uint64_t salt = GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, UINT64_MAX / 2); GNUNET_assert (GNUNET_OK == TALER_age_commitment_derive (&acp[i], - salt, + &salt, &acp[i + 1])); } |