aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorLucien Heuzeveldt <lucienclaude.heuzeveldt@students.bfh.ch>2022-02-05 22:46:36 +0100
committerLucien Heuzeveldt <lucienclaude.heuzeveldt@students.bfh.ch>2022-02-05 22:46:36 +0100
commit251f2b598730b9a5a692a602bcde050d63c2db84 (patch)
tree440ec4b5a9c6357ca0e7b4e1f682cae8813db32c /src
parent5a47863cafd647f89685fc06ed37ec8ed497f3d1 (diff)
implement csr max request elements
Diffstat (limited to 'src')
-rw-r--r--src/exchange/taler-exchange-httpd_csr.c12
-rw-r--r--src/exchange/taler-exchange-httpd_refreshes_reveal.c10
-rw-r--r--src/include/taler_crypto_lib.h6
3 files changed, 18 insertions, 10 deletions
diff --git a/src/exchange/taler-exchange-httpd_csr.c b/src/exchange/taler-exchange-httpd_csr.c
index b3fa49f30..af621682a 100644
--- a/src/exchange/taler-exchange-httpd_csr.c
+++ b/src/exchange/taler-exchange-httpd_csr.c
@@ -63,7 +63,15 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
}
csr_requests_num = json_array_size (csr_requests);
- // FIXME: check number of requests against an upper bound
+ if (TALER_MAX_FRESH_COINS <= csr_requests_num)
+ {
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ // FIXME: generalize error message
+ TALER_EC_EXCHANGE_REFRESHES_REVEAL_NEW_DENOMS_ARRAY_SIZE_EXCESSIVE,
+ NULL);
+ }
struct TALER_CsNonce nonces[GNUNET_NZL (csr_requests_num)];
struct TALER_DenominationHash denom_pub_hashes[GNUNET_NZL (csr_requests_num)];
for (unsigned int i = 0; i < csr_requests_num; i++)
@@ -86,7 +94,6 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
csr_spec,
i,
-1);
- GNUNET_JSON_parse_free (csr_spec);
if (GNUNET_OK != res)
return (GNUNET_NO == res) ? MHD_YES : MHD_NO;
}
@@ -158,6 +165,7 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
}
// derive r_pub
+ // FIXME: bundle all requests into one derivation request (TEH_keys_..., crypto helper, security module)
ec = TEH_keys_denomination_cs_r_pub (denom_pub_hash,
nonce,
r_pub);
diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c
index ce1e273bb..3e5401a17 100644
--- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c
+++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c
@@ -32,12 +32,6 @@
/**
- * Maximum number of fresh coins we allow per refresh operation.
- */
-#define MAX_FRESH_COINS 256
-
-
-/**
* Send a response for "/refreshes/$RCH/reveal".
*
* @param connection the connection to send the response to
@@ -305,7 +299,7 @@ resolve_refreshes_reveal_denominations (struct MHD_Connection *connection,
const json_t *coin_evs)
{
unsigned int num_fresh_coins = json_array_size (new_denoms_h_json);
- /* We know num_fresh_coins is bounded by #MAX_FRESH_COINS, so this is safe */
+ /* We know num_fresh_coins is bounded by #TALER_MAX_FRESH_COINS, so this is safe */
const struct TEH_DenominationKey *dks[num_fresh_coins];
struct TALER_RefreshCoinData rcds[num_fresh_coins];
struct TALER_EXCHANGEDB_RefreshRevealedCoin rrcs[num_fresh_coins];
@@ -610,7 +604,7 @@ handle_refreshes_reveal_json (struct MHD_Connection *connection,
unsigned int num_tprivs = json_array_size (tp_json);
GNUNET_assert (num_tprivs == TALER_CNC_KAPPA - 1); /* checked just earlier */
- if ( (num_fresh_coins >= MAX_FRESH_COINS) ||
+ if ( (num_fresh_coins >= TALER_MAX_FRESH_COINS) ||
(0 == num_fresh_coins) )
{
GNUNET_break_op (0);
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index 0783b1e85..cf8464b3e 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -1558,6 +1558,12 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
/**
+ * Maximum number of fresh coins we allow per refresh operation.
+ */
+#define TALER_MAX_FRESH_COINS 256
+
+
+/**
* Given the coin and the transfer private keys, compute the
* transfer secret. (Technically, we only need one of the two
* private keys, but the caller currently trivially only has