diff options
author | Lucien Heuzeveldt <lucienclaude.heuzeveldt@students.bfh.ch> | 2022-02-05 22:46:36 +0100 |
---|---|---|
committer | Lucien Heuzeveldt <lucienclaude.heuzeveldt@students.bfh.ch> | 2022-02-05 22:46:36 +0100 |
commit | 251f2b598730b9a5a692a602bcde050d63c2db84 (patch) | |
tree | 440ec4b5a9c6357ca0e7b4e1f682cae8813db32c /src | |
parent | 5a47863cafd647f89685fc06ed37ec8ed497f3d1 (diff) |
implement csr max request elements
Diffstat (limited to 'src')
-rw-r--r-- | src/exchange/taler-exchange-httpd_csr.c | 12 | ||||
-rw-r--r-- | src/exchange/taler-exchange-httpd_refreshes_reveal.c | 10 | ||||
-rw-r--r-- | src/include/taler_crypto_lib.h | 6 |
3 files changed, 18 insertions, 10 deletions
diff --git a/src/exchange/taler-exchange-httpd_csr.c b/src/exchange/taler-exchange-httpd_csr.c index b3fa49f30..af621682a 100644 --- a/src/exchange/taler-exchange-httpd_csr.c +++ b/src/exchange/taler-exchange-httpd_csr.c @@ -63,7 +63,15 @@ TEH_handler_csr (struct TEH_RequestContext *rc, return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; } csr_requests_num = json_array_size (csr_requests); - // FIXME: check number of requests against an upper bound + if (TALER_MAX_FRESH_COINS <= csr_requests_num) + { + return TALER_MHD_reply_with_error ( + rc->connection, + MHD_HTTP_BAD_REQUEST, + // FIXME: generalize error message + TALER_EC_EXCHANGE_REFRESHES_REVEAL_NEW_DENOMS_ARRAY_SIZE_EXCESSIVE, + NULL); + } struct TALER_CsNonce nonces[GNUNET_NZL (csr_requests_num)]; struct TALER_DenominationHash denom_pub_hashes[GNUNET_NZL (csr_requests_num)]; for (unsigned int i = 0; i < csr_requests_num; i++) @@ -86,7 +94,6 @@ TEH_handler_csr (struct TEH_RequestContext *rc, csr_spec, i, -1); - GNUNET_JSON_parse_free (csr_spec); if (GNUNET_OK != res) return (GNUNET_NO == res) ? MHD_YES : MHD_NO; } @@ -158,6 +165,7 @@ TEH_handler_csr (struct TEH_RequestContext *rc, } // derive r_pub + // FIXME: bundle all requests into one derivation request (TEH_keys_..., crypto helper, security module) ec = TEH_keys_denomination_cs_r_pub (denom_pub_hash, nonce, r_pub); diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c index ce1e273bb..3e5401a17 100644 --- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c +++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c @@ -32,12 +32,6 @@ /** - * Maximum number of fresh coins we allow per refresh operation. - */ -#define MAX_FRESH_COINS 256 - - -/** * Send a response for "/refreshes/$RCH/reveal". * * @param connection the connection to send the response to @@ -305,7 +299,7 @@ resolve_refreshes_reveal_denominations (struct MHD_Connection *connection, const json_t *coin_evs) { unsigned int num_fresh_coins = json_array_size (new_denoms_h_json); - /* We know num_fresh_coins is bounded by #MAX_FRESH_COINS, so this is safe */ + /* We know num_fresh_coins is bounded by #TALER_MAX_FRESH_COINS, so this is safe */ const struct TEH_DenominationKey *dks[num_fresh_coins]; struct TALER_RefreshCoinData rcds[num_fresh_coins]; struct TALER_EXCHANGEDB_RefreshRevealedCoin rrcs[num_fresh_coins]; @@ -610,7 +604,7 @@ handle_refreshes_reveal_json (struct MHD_Connection *connection, unsigned int num_tprivs = json_array_size (tp_json); GNUNET_assert (num_tprivs == TALER_CNC_KAPPA - 1); /* checked just earlier */ - if ( (num_fresh_coins >= MAX_FRESH_COINS) || + if ( (num_fresh_coins >= TALER_MAX_FRESH_COINS) || (0 == num_fresh_coins) ) { GNUNET_break_op (0); diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 0783b1e85..cf8464b3e 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -1558,6 +1558,12 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk, /** + * Maximum number of fresh coins we allow per refresh operation. + */ +#define TALER_MAX_FRESH_COINS 256 + + +/** * Given the coin and the transfer private keys, compute the * transfer secret. (Technically, we only need one of the two * private keys, but the caller currently trivially only has |