aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <grothoff@gnunet.org>2023-11-09 21:48:12 +0100
committerChristian Grothoff <grothoff@gnunet.org>2023-11-09 21:48:12 +0100
commit4cafd4046ff1405e37018a4909de3b9858b93144 (patch)
tree6cba360fa06e6935c5e9dd91f214ee2887597eff
parente8a77bdbac3cad62e018810c4c0cc06ba6c096b3 (diff)
parent2c4a4166469ebe0ec458bf9b755bce7e2668dc00 (diff)
Merge branch 'master' of git+ssh://git.taler.net/exchange
-rw-r--r--src/exchange/taler-exchange-httpd_age-withdraw.c60
-rw-r--r--src/pq/pq_result_helper.c25
2 files changed, 46 insertions, 39 deletions
diff --git a/src/exchange/taler-exchange-httpd_age-withdraw.c b/src/exchange/taler-exchange-httpd_age-withdraw.c
index bcbb71563..1759bc552 100644
--- a/src/exchange/taler-exchange-httpd_age-withdraw.c
+++ b/src/exchange/taler-exchange-httpd_age-withdraw.c
@@ -69,10 +69,9 @@ struct AgeWithdrawContext
uint32_t num_coins;
/**
- * kappa * #num_coins hashes of blinded coin planchets.
- * FIXME[oec]: Make the [][] structure more explicit.
+ * #num_coins * #kappa hashes of blinded coin planchets.
*/
- struct TALER_BlindedPlanchet *coin_evs;
+ struct TALER_BlindedPlanchet (*coin_evs)[TALER_CNC_KAPPA];
/**
* #num_coins hashes of the denominations from which the coins are withdrawn.
@@ -189,13 +188,13 @@ parse_age_withdraw_json (
}
};
- /* no overflow because
- * num_coins <= TALER_MAX_FRESH_COINS
- * and
- * TALER_MAX_FRESH_COINS * TALER_CNC_KAPPA < INT_MAX
- */
- awc->coin_evs = GNUNET_new_array (awc->num_coins * TALER_CNC_KAPPA,
- struct TALER_BlindedPlanchet);
+ {
+ typedef struct TALER_BlindedPlanchet
+ _array_of_kappa_planchets[TALER_CNC_KAPPA];
+
+ awc->coin_evs = GNUNET_new_array (awc->num_coins,
+ _array_of_kappa_planchets);
+ }
hash_context = GNUNET_CRYPTO_hash_context_start ();
GNUNET_assert (NULL != hash_context);
@@ -225,15 +224,13 @@ parse_age_withdraw_json (
/* Now parse the individual kappa envelopes and calculate the hash of
* the commitment along the way. */
{
- size_t off = idx * TALER_CNC_KAPPA;
unsigned int kappa = 0;
enum GNUNET_GenericReturnValue ret;
json_array_foreach (j_kappa_coin_evs, kappa, value) {
struct GNUNET_JSON_Specification spec[] = {
- /* FIXME-Oec: This allocation is never freed! */
TALER_JSON_spec_blinded_planchet (NULL,
- &awc->coin_evs[off + kappa]),
+ &awc->coin_evs[idx][kappa]),
GNUNET_JSON_spec_end ()
};
@@ -256,7 +253,7 @@ parse_age_withdraw_json (
{
struct TALER_BlindedCoinHashP bch;
- ret = TALER_coin_ev_hash (&awc->coin_evs[off + kappa],
+ ret = TALER_coin_ev_hash (&awc->coin_evs[idx][kappa],
&awc->denom_hs[idx],
&bch);
GNUNET_assert (GNUNET_OK == ret);
@@ -268,17 +265,17 @@ parse_age_withdraw_json (
/* Check for duplicate planchets. Technically a bug on
* the client side that is harmless for us, but still
* not allowed per protocol */
- for (unsigned int i = 0; i < off + kappa; i++)
+ for (unsigned int i = 0; i < idx; i++)
{
- if (0 == TALER_blinded_planchet_cmp (&awc->coin_evs[off + kappa],
- &awc->coin_evs[i]))
+ if (0 == TALER_blinded_planchet_cmp (&awc->coin_evs[idx][kappa],
+ &awc->coin_evs[i][kappa]))
{
+ GNUNET_JSON_parse_free (spec);
error = "duplicate planchet";
goto EXIT;
}
}
}
-
}
}; /* json_array_foreach over j_blinded_coin_evs */
@@ -400,7 +397,7 @@ denomination_is_valid (
* @param connection The HTTP connection to the client
* @param len The lengths of the array @a denoms_h
* @param denom_hs array of hashes of denomination public keys
- * @param coin_evs array of blinded coin planchets
+ * @param coin_evs array of blinded coin planchet candidates
* @param[out] denom_serials On success, will be filled with the serial-id's of the denomination keys. Caller must deallocate.
* @param[out] amount_with_fee On success, will contain the committed amount including fees
* @param[out] result In the error cases, a response will be queued with MHD and this will be the result.
@@ -412,7 +409,7 @@ are_denominations_valid (
struct MHD_Connection *connection,
uint32_t len,
const struct TALER_DenominationHashP *denom_hs,
- const struct TALER_BlindedPlanchet *coin_evs,
+ const struct TALER_BlindedPlanchet (*coin_evs)[TALER_CNC_KAPPA],
uint64_t **denom_serials,
struct TALER_Amount *amount_with_fee,
MHD_RESULT *result)
@@ -453,14 +450,17 @@ are_denominations_valid (
return GNUNET_SYSERR;
/* Ensure the ciphers from the planchets match the denominations' */
- if (dk->denom_pub.bsign_pub_key->cipher !=
- coin_evs[i].blinded_message->cipher)
+ for (uint8_t k=0; k < TALER_CNC_KAPPA; k++)
{
- GNUNET_break_op (0);
- *result = TALER_MHD_reply_with_ec (connection,
- TALER_EC_EXCHANGE_GENERIC_CIPHER_MISMATCH,
- NULL);
- return GNUNET_SYSERR;
+ if (dk->denom_pub.bsign_pub_key->cipher !=
+ coin_evs[i][k].blinded_message->cipher)
+ {
+ GNUNET_break_op (0);
+ *result = TALER_MHD_reply_with_ec (connection,
+ TALER_EC_EXCHANGE_GENERIC_CIPHER_MISMATCH,
+ NULL);
+ return GNUNET_SYSERR;
+ }
}
/* Accumulate the values */
@@ -865,7 +865,7 @@ sign_and_do_age_withdraw (
/* Pick the chosen blinded coins */
for (uint32_t i = 0; i<awc->num_coins; i++)
{
- csds[i].bp = &awc->coin_evs[TALER_CNC_KAPPA * i + noreveal_index];
+ csds[i].bp = &awc->coin_evs[i][noreveal_index];
csds[i].h_denom_pub = &awc->denom_hs[i];
}
@@ -889,7 +889,7 @@ sign_and_do_age_withdraw (
/* Prepare the hashes of the coins for insertion */
for (uint32_t i = 0; i<awc->num_coins; i++)
{
- TALER_coin_ev_hash (&awc->coin_evs[TALER_CNC_KAPPA * i + noreveal_index],
+ TALER_coin_ev_hash (&awc->coin_evs[i][noreveal_index],
&awc->denom_hs[i],
&h_coin_evs[i]);
}
@@ -1009,7 +1009,7 @@ TEH_handler_age_withdraw (struct TEH_RequestContext *rc,
&awc.commitment.h_commitment,
awc.commitment.noreveal_index);
- } while(0);
+ } while (0);
GNUNET_JSON_parse_free (spec);
free_age_withdraw_context_resources (&awc);
diff --git a/src/pq/pq_result_helper.c b/src/pq/pq_result_helper.c
index 6f4338666..9acf80716 100644
--- a/src/pq/pq_result_helper.c
+++ b/src/pq/pq_result_helper.c
@@ -1141,13 +1141,13 @@ extract_array_generic (
*((void **) dst) = NULL;
#define FAIL_IF(cond) \
- do { \
- if ((cond)) \
- { \
- GNUNET_break (! (cond)); \
- goto FAIL; \
- } \
- } while (0)
+ do { \
+ if ((cond)) \
+ { \
+ GNUNET_break (! (cond)); \
+ goto FAIL; \
+ } \
+ } while (0)
col_num = PQfnumber (result, fname);
FAIL_IF (0 > col_num);
@@ -1365,12 +1365,19 @@ array_cleanup (void *cls,
struct ArrayResultCls *info = cls;
void **dst = rd;
- /* FIXME-Oec: this does not properly clean up
- denomination signatures! */
if ((0 == info->same_size) &&
(NULL != info->sizes))
GNUNET_free (*(info->sizes));
+ /* Clean up signatures, if applicable */
+ if (TALER_PQ_array_of_blinded_denom_sig == info->typ)
+ {
+ struct TALER_BlindedDenominationSignature *denom_sigs = *dst;
+ GNUNET_assert (NULL != info->num);
+ for (size_t i = 0; i < *info->num; i++)
+ GNUNET_free (denom_sigs[i].blinded_sig);
+ }
+
GNUNET_free (cls);
GNUNET_free (*dst);
*dst = NULL;