From 7624db4efd91aee964b54ad67be38dd901a66040 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96zg=C3=BCr=20Kesim?= Date: Wed, 2 Mar 2022 10:59:42 +0100 Subject: -refactor TALER_AgeMask.mask -> TALER_AgeMask.bits also: fix off-by-one in TALER_age_restriction_commit --- src/benchmark/taler-aggregator-benchmark.c | 2 +- src/exchange-tools/taler-exchange-offline.c | 2 +- src/exchange/taler-exchange-httpd_extensions.c | 2 +- src/exchange/taler-exchange-httpd_keys.c | 4 +-- src/exchangedb/plugin_exchangedb_postgres.c | 16 +++++------ src/extensions/extension_age_restriction.c | 40 +++++++++++++------------- src/include/taler_crypto_lib.h | 2 +- src/json/json_helper.c | 2 +- src/json/json_pack.c | 4 +-- src/pq/pq_query_helper.c | 2 +- src/pq/pq_result_helper.c | 2 +- src/testing/testing_api_cmd_refresh.c | 2 +- src/testing/testing_api_helpers_exchange.c | 4 +-- src/util/age_restriction.c | 34 ++++++++++++---------- src/util/denom.c | 6 ++-- 15 files changed, 64 insertions(+), 60 deletions(-) diff --git a/src/benchmark/taler-aggregator-benchmark.c b/src/benchmark/taler-aggregator-benchmark.c index 6db083426..1437dafa3 100644 --- a/src/benchmark/taler-aggregator-benchmark.c +++ b/src/benchmark/taler-aggregator-benchmark.c @@ -530,7 +530,7 @@ run (void *cls, { uint64_t seed; struct TALER_AgeMask mask = { - .mask = 1 || 1 << 8 || 1 << 12 || 1 << 16 || 1 << 18 + .bits = 1 || 1 << 8 || 1 << 12 || 1 << 16 || 1 << 18 }; struct TALER_AgeCommitmentProof acp = {0}; diff --git a/src/exchange-tools/taler-exchange-offline.c b/src/exchange-tools/taler-exchange-offline.c index 8e1fdd51b..0c1e84ddb 100644 --- a/src/exchange-tools/taler-exchange-offline.c +++ b/src/exchange-tools/taler-exchange-offline.c @@ -3260,7 +3260,7 @@ load_age_mask (const char*section_name) static const struct TALER_AgeMask null_mask = {0}; enum GNUNET_GenericReturnValue ret; - if (age_mask.mask == 0) + if (age_mask.bits == 0) return null_mask; if (GNUNET_OK != (GNUNET_CONFIGURATION_have_value ( diff --git a/src/exchange/taler-exchange-httpd_extensions.c b/src/exchange/taler-exchange-httpd_extensions.c index 6894a0762..0a7707e7e 100644 --- a/src/exchange/taler-exchange-httpd_extensions.c +++ b/src/exchange/taler-exchange-httpd_extensions.c @@ -131,7 +131,7 @@ extension_update_event_cb (void *cls, /* Special case age restriction: Update global flag and mask */ if (TALER_Extension_AgeRestriction == type) { - TEH_age_mask.mask = 0; + TEH_age_mask.bits = 0; TEH_age_restriction_enabled = TALER_extensions_age_restriction_is_enabled (); if (TEH_age_restriction_enabled) diff --git a/src/exchange/taler-exchange-httpd_keys.c b/src/exchange/taler-exchange-httpd_keys.c index 8d90afae6..33f9170d3 100644 --- a/src/exchange/taler-exchange-httpd_keys.c +++ b/src/exchange/taler-exchange-httpd_keys.c @@ -797,7 +797,7 @@ load_age_mask (const char*section_name) static const struct TALER_AgeMask null_mask = {0}; struct TALER_AgeMask age_mask = TALER_extensions_age_restriction_ageMask (); - if (age_mask.mask == 0) + if (age_mask.bits == 0) return null_mask; if (GNUNET_OK != (GNUNET_CONFIGURATION_have_value ( @@ -2120,7 +2120,7 @@ finish_keys_response (struct TEH_KeyStateHandle *ksh) * the properties of the denomination. Also, we build up the right * hash for the corresponding array. */ if (TEH_age_restriction_enabled && - (0 != dk->denom_pub.age_mask.mask)) + (0 != dk->denom_pub.age_mask.bits)) { have_age_restricted_denoms = true; array = age_restricted_denoms; diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index c8c0c2968..bb1f0b6f3 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -3146,13 +3146,13 @@ postgres_insert_denomination_info ( TALER_PQ_query_param_amount_nbo (&issue->properties.fees.deposit), TALER_PQ_query_param_amount_nbo (&issue->properties.fees.refresh), TALER_PQ_query_param_amount_nbo (&issue->properties.fees.refund), - GNUNET_PQ_query_param_uint32 (&denom_pub->age_mask.mask), + GNUNET_PQ_query_param_uint32 (&denom_pub->age_mask.bits), GNUNET_PQ_query_param_end }; struct TALER_DenomFeeSet fees; - GNUNET_assert (denom_pub->age_mask.mask == - issue->age_mask.mask); + GNUNET_assert (denom_pub->age_mask.bits == + issue->age_mask.bits); TALER_denom_pub_hash (denom_pub, &denom_hash); GNUNET_assert (0 == @@ -3225,7 +3225,7 @@ postgres_get_denomination_info ( TALER_PQ_RESULT_SPEC_AMOUNT_NBO ("fee_refund", &issue->properties.fees.refund), GNUNET_PQ_result_spec_uint32 ("age_mask", - &issue->age_mask.mask), + &issue->age_mask.bits), GNUNET_PQ_result_spec_end }; @@ -3316,7 +3316,7 @@ domination_cb_helper (void *cls, TALER_PQ_result_spec_denom_pub ("denom_pub", &denom_pub), GNUNET_PQ_result_spec_uint32 ("age_mask", - &issue.age_mask.mask), + &issue.age_mask.bits), GNUNET_PQ_result_spec_end }; @@ -3464,7 +3464,7 @@ dominations_cb_helper (void *cls, TALER_PQ_result_spec_denom_pub ("denom_pub", &denom_pub), GNUNET_PQ_result_spec_uint32 ("age_mask", - &meta.age_mask.mask), + &meta.age_mask.bits), GNUNET_PQ_result_spec_end }; @@ -10329,7 +10329,7 @@ postgres_lookup_denomination_key ( TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refund", &meta->fees.refund), GNUNET_PQ_result_spec_uint32 ("age_mask", - &meta->age_mask.mask), + &meta->age_mask.bits), GNUNET_PQ_result_spec_end }; @@ -10373,7 +10373,7 @@ postgres_add_denomination_key ( TALER_PQ_query_param_amount (&meta->fees.deposit), TALER_PQ_query_param_amount (&meta->fees.refresh), TALER_PQ_query_param_amount (&meta->fees.refund), - GNUNET_PQ_query_param_uint32 (&meta->age_mask.mask), + GNUNET_PQ_query_param_uint32 (&meta->age_mask.bits), GNUNET_PQ_query_param_end }; diff --git a/src/extensions/extension_age_restriction.c b/src/extensions/extension_age_restriction.c index 28b2dbb1e..fd883ae4a 100644 --- a/src/extensions/extension_age_restriction.c +++ b/src/extensions/extension_age_restriction.c @@ -64,7 +64,7 @@ TALER_parse_age_group_string ( if (prev >= val) return GNUNET_SYSERR; - mask->mask |= 1 << val; + mask->bits |= 1 << val; prev = val; val = 0; continue; @@ -82,8 +82,8 @@ TALER_parse_age_group_string ( if (0>val || 32<=val || prev>=val) return GNUNET_SYSERR; - mask->mask |= (1 << val); - mask->mask |= 1; // mark zeroth group, too + mask->bits |= (1 << val); + mask->bits |= 1; // mark zeroth group, too return GNUNET_OK; } @@ -100,7 +100,7 @@ char * TALER_age_mask_to_string ( const struct TALER_AgeMask *m) { - uint32_t mask = m->mask; + uint32_t bits = m->bits; unsigned int n = 0; char *buf = GNUNET_malloc (32 * 3); // max characters possible char *pos = buf; @@ -110,11 +110,11 @@ TALER_age_mask_to_string ( return buf; } - while (mask != 0) + while (bits != 0) { - mask >>= 1; + bits >>= 1; n++; - if (0 == (mask & 1)) + if (0 == (bits & 1)) { continue; } @@ -125,7 +125,7 @@ TALER_age_mask_to_string ( } *(pos++) = '0' + n % 10; - if (0 != (mask >> 1)) + if (0 != (bits >> 1)) { *(pos++) = ':'; } @@ -160,7 +160,7 @@ age_restriction_disable ( this->config_json = NULL; } - _config.mask.mask = 0; + _config.mask.bits = 0; _config.num_groups = 0; } @@ -212,23 +212,23 @@ age_restriction_load_taler_config ( return GNUNET_SYSERR; - mask.mask = TALER_EXTENSION_AGE_RESTRICTION_DEFAULT_AGE_MASK; + mask.bits = TALER_EXTENSION_AGE_RESTRICTION_DEFAULT_AGE_MASK; ret = GNUNET_OK; if (groups != NULL) { ret = TALER_parse_age_group_string (groups, &mask); if (GNUNET_OK != ret) - mask.mask = TALER_EXTENSION_AGE_RESTRICTION_DEFAULT_AGE_MASK; + mask.bits = TALER_EXTENSION_AGE_RESTRICTION_DEFAULT_AGE_MASK; } if (GNUNET_OK == ret) { GNUNET_log (GNUNET_ERROR_TYPE_INFO, - "setting age mask to %x with #groups: %d\n", mask.mask, - __builtin_popcount (mask.mask) - 1); - _config.mask.mask = mask.mask; - _config.num_groups = __builtin_popcount (mask.mask) - 1; /* no underflow, first bit always set */ + "setting age mask to %x with #groups: %d\n", mask.bits, + __builtin_popcount (mask.bits) - 1); + _config.mask.bits = mask.bits; + _config.num_groups = __builtin_popcount (mask.bits) - 1; /* no underflow, first bit always set */ this->config = &_config; /* Note: we do now have _config set, however this->config_json is NOT set, @@ -266,16 +266,16 @@ age_restriction_load_json_config ( if (TALER_Extension_AgeRestriction != this->type) return GNUNET_SYSERR; - _config.mask.mask = mask.mask; + _config.mask.bits = mask.bits; _config.num_groups = 0; - if (mask.mask > 0) + if (mask.bits > 0) { /* if the mask is not zero, the first bit MUST be set */ - if (0 == (mask.mask & 1)) + if (0 == (mask.bits & 1)) return GNUNET_SYSERR; - _config.num_groups = __builtin_popcount (mask.mask) - 1; + _config.num_groups = __builtin_popcount (mask.bits) - 1; } this->config = &_config; @@ -358,7 +358,7 @@ struct TALER_Extension _extension_age_restriction = { bool TALER_extensions_age_restriction_is_configured () { - return (0 != _config.mask.mask); + return (0 != _config.mask.bits); } diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index a8dc4b0d7..ea1a73af5 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -850,7 +850,7 @@ struct TALER_BlindedDenominationSignature */ struct TALER_AgeMask { - uint32_t mask; + uint32_t bits; }; /** diff --git a/src/json/json_helper.c b/src/json/json_helper.c index 4ec9a6982..4896fb598 100644 --- a/src/json/json_helper.c +++ b/src/json/json_helper.c @@ -253,7 +253,7 @@ parse_denom_pub (void *cls, GNUNET_JSON_spec_string ("cipher", &cipher), GNUNET_JSON_spec_uint32 ("age_mask", - &denom_pub->age_mask.mask), + &denom_pub->age_mask.bits), GNUNET_JSON_spec_end () }; const char *emsg; diff --git a/src/json/json_pack.c b/src/json/json_pack.c index 8f888eaf0..ad41eb955 100644 --- a/src/json/json_pack.c +++ b/src/json/json_pack.c @@ -64,7 +64,7 @@ TALER_JSON_pack_denom_pub ( GNUNET_JSON_pack_string ("cipher", "RSA"), GNUNET_JSON_pack_uint64 ("age_mask", - pk->age_mask.mask), + pk->age_mask.bits), GNUNET_JSON_pack_rsa_public_key ("rsa_public_key", pk->details.rsa_public_key)); break; @@ -74,7 +74,7 @@ TALER_JSON_pack_denom_pub ( GNUNET_JSON_pack_string ("cipher", "CS"), GNUNET_JSON_pack_uint64 ("age_mask", - pk->age_mask.mask), + pk->age_mask.bits), GNUNET_JSON_pack_data_varsize ("cs_public_key", &pk->details.cs_public_key, sizeof (pk->details.cs_public_key))); diff --git a/src/pq/pq_query_helper.c b/src/pq/pq_query_helper.c index efa250125..1db608edd 100644 --- a/src/pq/pq_query_helper.c +++ b/src/pq/pq_query_helper.c @@ -186,7 +186,7 @@ qconv_denom_pub (void *cls, GNUNET_assert (scratch_length > 0); GNUNET_break (NULL == cls); be[0] = htonl ((uint32_t) denom_pub->cipher); - be[1] = htonl (denom_pub->age_mask.mask); + be[1] = htonl (denom_pub->age_mask.bits); switch (denom_pub->cipher) { case TALER_DENOMINATION_RSA: diff --git a/src/pq/pq_result_helper.c b/src/pq/pq_result_helper.c index 68cbbcd4c..139cf1cbf 100644 --- a/src/pq/pq_result_helper.c +++ b/src/pq/pq_result_helper.c @@ -426,7 +426,7 @@ extract_denom_pub (void *cls, res += sizeof (be); len -= sizeof (be); pk->cipher = ntohl (be[0]); - pk->age_mask.mask = ntohl (be[1]); + pk->age_mask.bits = ntohl (be[1]); switch (pk->cipher) { case TALER_DENOMINATION_RSA: diff --git a/src/testing/testing_api_cmd_refresh.c b/src/testing/testing_api_cmd_refresh.c index e2ed8b216..2b04156c5 100644 --- a/src/testing/testing_api_cmd_refresh.c +++ b/src/testing/testing_api_cmd_refresh.c @@ -1115,7 +1115,7 @@ melt_run (void *cls, /* Melt amount starts with the melt fee of the old coin; we'll add the values and withdraw fees of the fresh coins next */ melt_amount = melt_denom_pub->fees.refresh; - age_restricted = melt_denom_pub->key.age_mask.mask != 0; + age_restricted = melt_denom_pub->key.age_mask.bits != 0; for (unsigned int i = 0; iwithdraw_valid_until)) && - (age_restricted == (0 != pk->key.age_mask.mask)) ) + (age_restricted == (0 != pk->key.age_mask.bits)) ) return pk; } /* do 2nd pass to check if expiration times are to blame for @@ -442,7 +442,7 @@ TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys, GNUNET_TIME_timestamp_cmp (now, >, pk->withdraw_valid_until) ) && - (age_restricted == (0 != pk->key.age_mask.mask)) ) + (age_restricted == (0 != pk->key.age_mask.bits)) ) { GNUNET_log (GNUNET_ERROR_TYPE_WARNING, diff --git a/src/util/age_restriction.c b/src/util/age_restriction.c index 2cb5cb206..8e088a408 100644 --- a/src/util/age_restriction.c +++ b/src/util/age_restriction.c @@ -38,7 +38,7 @@ TALER_age_commitment_hash ( return; } - GNUNET_assert (__builtin_popcount (commitment->mask.mask) - 1 == + GNUNET_assert (__builtin_popcount (commitment->mask.bits) - 1 == commitment->num); hash_context = GNUNET_CRYPTO_hash_context_start (); @@ -67,7 +67,7 @@ get_age_group ( const struct TALER_AgeMask *mask, uint8_t age) { - uint32_t m = mask->mask; + uint32_t m = mask->bits; uint8_t i = 0; while (m > 0) @@ -89,26 +89,29 @@ TALER_age_restriction_commit ( const uint64_t salt, struct TALER_AgeCommitmentProof *new) { - uint8_t num_pub = __builtin_popcount (mask->mask) - 1; - uint8_t num_priv = get_age_group (mask, age) - 1; + uint8_t num_pub = __builtin_popcount (mask->bits) - 1; + uint8_t num_priv = get_age_group (mask, age); size_t i; GNUNET_assert (NULL != new); - GNUNET_assert (mask->mask & 1); /* fist bit must have been set */ + GNUNET_assert (mask->bits & 1); /* fist bit must have been set */ GNUNET_assert (0 <= num_priv); GNUNET_assert (31 > num_priv); GNUNET_assert (num_priv <= num_pub); - new->commitment.mask.mask = mask->mask; + new->commitment.mask.bits = mask->bits; new->commitment.num = num_pub; new->proof.num = num_priv; + new->proof.priv = NULL; new->commitment.pub = GNUNET_new_array ( num_pub, struct TALER_AgeCommitmentPublicKeyP); - new->proof.priv = GNUNET_new_array ( - num_priv, - struct TALER_AgeCommitmentPrivateKeyP); + + if (0 < num_priv) + new->proof.priv = GNUNET_new_array ( + num_priv, + struct TALER_AgeCommitmentPrivateKeyP); /* Create as many private keys as we need and fill the rest of the * public keys with valid curve points. @@ -143,7 +146,8 @@ TALER_age_restriction_commit ( FAIL: GNUNET_free (new->commitment.pub); - GNUNET_free (new->proof.priv); + if (NULL != new->proof.priv) + GNUNET_free (new->proof.priv); return GNUNET_SYSERR; } @@ -199,7 +203,7 @@ TALER_age_commitment_derive ( GNUNET_assert (NULL != new); GNUNET_assert (orig->commitment.num== __builtin_popcount ( - orig->commitment.mask.mask) - 1); + orig->commitment.mask.bits) - 1); GNUNET_assert (orig->proof.num <= orig->commitment.num); new->commitment.mask = orig->commitment.mask; @@ -305,7 +309,7 @@ TALER_age_commitment_attest ( return GNUNET_OK; } - if (group > cp->proof.num) + if (group >= cp->proof.num) return GNUNET_NO; { @@ -316,7 +320,7 @@ TALER_age_commitment_attest ( .age = age }; - GNUNET_CRYPTO_eddsa_sign (&cp->proof.priv[group].eddsa_priv, + GNUNET_CRYPTO_eddsa_sign (&cp->proof.priv[group - 1].eddsa_priv, &at, &attest->eddsa_signature); } @@ -345,7 +349,7 @@ TALER_age_commitment_verify ( if (0 == group) return GNUNET_OK; - if (group > comm->num) + if (group >= comm->num) return GNUNET_NO; { @@ -360,7 +364,7 @@ TALER_age_commitment_verify ( GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_AGE_ATTESTATION, &at, &attest->eddsa_signature, - &comm->pub[group].eddsa_pub); + &comm->pub[group - 1].eddsa_pub); } } diff --git a/src/util/denom.c b/src/util/denom.c index d4cdb8fe2..c1c3cdf5a 100644 --- a/src/util/denom.c +++ b/src/util/denom.c @@ -230,7 +230,7 @@ TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub, struct TALER_DenominationHashP *denom_hash) { uint32_t opt[2] = { - htonl (denom_pub->age_mask.mask), + htonl (denom_pub->age_mask.bits), htonl ((uint32_t) denom_pub->cipher) }; struct GNUNET_HashContext *hc; @@ -558,8 +558,8 @@ TALER_denom_pub_cmp (const struct TALER_DenominationPublicKey *denom1, { if (denom1->cipher != denom2->cipher) return (denom1->cipher > denom2->cipher) ? 1 : -1; - if (denom1->age_mask.mask != denom2->age_mask.mask) - return (denom1->age_mask.mask > denom2->age_mask.mask) ? 1 : -1; + if (denom1->age_mask.bits != denom2->age_mask.bits) + return (denom1->age_mask.bits > denom2->age_mask.bits) ? 1 : -1; switch (denom1->cipher) { case TALER_DENOMINATION_INVALID: -- cgit v1.2.3