util: fix derivation of age commitment in refresh - taler-typescript-core - Wallet core logic and WebUIs for various components

commit 2d70e9893428b860aef4d698852c991aef0fcdf2
parent d466940f1ae91aae3ba4d24bd8f5ee24ebba2f98
Author: Florian Dold <florian@dold.me>
Date:   Mon, 28 Apr 2025 22:26:06 +0200

util: fix derivation of age commitment in refresh

Diffstat:
M packages/taler-wallet-core/src/crypto/cryptoImplementation.ts  | 7 ++++++-

1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts b/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts
@@ -1608,9 +1608,14 @@ export const nativeCryptoR: TalerCryptoInterfaceR = {
           let newAc: AgeCommitmentProof | undefined = undefined;
           let newAch: HashCodeString | undefined = undefined;
           if (req.meltCoinAgeCommitmentProof) {
+            const ageCommitmentSalt = kdfKw({
+              ikm: myPlanchetSecret,
+              outputLength: 64,
+              salt: stringToBytes("age commitment"),
+            });
             newAc = await AgeRestriction.commitmentDerive(
               req.meltCoinAgeCommitmentProof,
-              myPlanchetSecret,
+              ageCommitmentSalt,
             );
             newAch = AgeRestriction.hashCommitment(newAc.commitment);
           }

	taler-typescript-core Wallet core logic and WebUIs for various components
	Log \| Files \| Refs \| Submodules \| README \| LICENSE