commit 1c32abf0af36e1db97f7cc5bdd4096425e81a647
parent 6f6a3f491904fed64fd924cd997fc3aeda55b366
Author: Christian Grothoff <christian@grothoff.org>
Date: Wed, 30 Apr 2025 23:53:26 +0200
use TALER_MAX_COINS everywhere
Diffstat:
13 files changed, 25 insertions(+), 29 deletions(-)
diff --git a/src/exchange/taler-exchange-httpd_batch-deposit.c b/src/exchange/taler-exchange-httpd_batch-deposit.c
@@ -1042,7 +1042,7 @@ bdc_phase_parse (struct BatchDepositContext *bdc,
"coins"));
return;
}
- if (TALER_MAX_FRESH_COINS < bd->num_cdis)
+ if (TALER_MAX_COINS < bd->num_cdis)
{
GNUNET_break_op (0);
GNUNET_JSON_parse_free (spec);
diff --git a/src/exchange/taler-exchange-httpd_batch-withdraw.c b/src/exchange/taler-exchange-httpd_batch-withdraw.c
@@ -1323,7 +1323,7 @@ batch_withdraw_new_request (
return GNUNET_SYSERR;
}
- if (wc->num_coins > TALER_MAX_FRESH_COINS)
+ if (wc->num_coins > TALER_MAX_COINS)
{
GNUNET_break_op (0);
SET_ERROR_WITH_DETAIL (wc,
diff --git a/src/exchange/taler-exchange-httpd_blinding-prepare.c b/src/exchange/taler-exchange-httpd_blinding-prepare.c
@@ -86,7 +86,7 @@ TEH_handler_blinding_prepare (struct TEH_RequestContext *rc,
num = json_array_size (j_nks);
if ((0 == num) ||
- (TALER_MAX_FRESH_COINS < num))
+ (TALER_MAX_COINS < num))
{
GNUNET_break_op (0);
return TALER_MHD_reply_with_error (rc->connection,
@@ -129,7 +129,7 @@ TEH_handler_blinding_prepare (struct TEH_RequestContext *rc,
? MHD_NO
: MHD_YES;
- if (TALER_MAX_FRESH_COINS < cs_indices[i])
+ if (TALER_MAX_COINS < cs_indices[i])
{
GNUNET_break_op (0);
return TALER_MHD_reply_with_error (rc->connection,
diff --git a/src/exchange/taler-exchange-httpd_csr.c b/src/exchange/taler-exchange-httpd_csr.c
@@ -63,7 +63,7 @@ TEH_handler_csr_melt (struct TEH_RequestContext *rc,
return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
}
csr_requests_num = json_array_size (csr_requests);
- if ( (TALER_MAX_FRESH_COINS <= csr_requests_num) ||
+ if ( (TALER_MAX_COINS <= csr_requests_num) ||
(0 == csr_requests_num) )
{
GNUNET_break_op (0);
diff --git a/src/exchange/taler-exchange-httpd_melt_v27.c b/src/exchange/taler-exchange-httpd_melt_v27.c
@@ -422,8 +422,8 @@ melt_new_request (
/* validate array size */
_Static_assert (
- TALER_MAX_REFRESH_COINS < INT_MAX / TALER_CNC_KAPPA,
- "TALER_MAX_REFRESH_COINS too large");
+ TALER_MAX_COINS < INT_MAX / TALER_CNC_KAPPA,
+ "TALER_MAX_COINS too large");
mc->request.refresh.num_coins = json_array_size (j_denoms_h);
if (0 == mc->request.refresh.num_coins)
@@ -436,7 +436,7 @@ melt_new_request (
"denoms_h must not be empty");
return GNUNET_NO;
}
- else if (TALER_MAX_FRESH_COINS < mc->request.refresh.num_coins)
+ else if (TALER_MAX_COINS < mc->request.refresh.num_coins)
{
/**
* The wallet had committed to more than the maximum coins allowed, the
@@ -1102,9 +1102,9 @@ phase_prepare_transaction (
mc->request.refresh.cs_r_choices |= bit << i;
_Static_assert (
- TALER_MAX_REFRESH_COINS <=
+ TALER_MAX_COINS <=
sizeof(mc->request.refresh.cs_r_choices) * 8,
- "TALER_MAX_REFRESH_COINS too large");
+ "TALER_MAX_COINS too large");
}
}
}
diff --git a/src/exchange/taler-exchange-httpd_purses_create.c b/src/exchange/taler-exchange-httpd_purses_create.c
@@ -500,7 +500,7 @@ TEH_handler_purses_create (
}
pcc.num_coins = json_array_size (deposits);
if ( (0 == pcc.num_coins) ||
- (pcc.num_coins > TALER_MAX_FRESH_COINS) )
+ (pcc.num_coins > TALER_MAX_COINS) )
{
GNUNET_break_op (0);
GNUNET_JSON_parse_free (spec);
diff --git a/src/exchange/taler-exchange-httpd_purses_deposit.c b/src/exchange/taler-exchange-httpd_purses_deposit.c
@@ -362,7 +362,7 @@ TEH_handler_purses_deposit (
pcc.num_coins = (unsigned int) json_array_size (deposits);
if ( (0 == pcc.num_coins) ||
(((size_t) pcc.num_coins) != json_array_size (deposits)) ||
- (pcc.num_coins > TALER_MAX_FRESH_COINS) )
+ (pcc.num_coins > TALER_MAX_COINS) )
{
GNUNET_break_op (0);
return TALER_MHD_reply_with_error (connection,
diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c
@@ -437,7 +437,7 @@ resolve_refreshes_reveal_denominations (
const json_t *coin_evs)
{
unsigned int num_fresh_coins = json_array_size (new_denoms_h_json);
- /* We know num_fresh_coins is bounded by #TALER_MAX_FRESH_COINS, so this is safe */
+ /* We know num_fresh_coins is bounded by #TALER_MAX_COINS, so this is safe */
const struct TEH_DenominationKey *dks[num_fresh_coins];
const struct TEH_DenominationKey *old_dk;
struct TALER_RefreshCoinData rcds[num_fresh_coins];
@@ -911,7 +911,7 @@ handle_refreshes_reveal_json (struct MHD_Connection *connection,
unsigned int num_tprivs = json_array_size (tp_json);
GNUNET_assert (num_tprivs == TALER_CNC_KAPPA - 1); /* checked just earlier */
- if ( (num_fresh_coins >= TALER_MAX_FRESH_COINS) ||
+ if ( (num_fresh_coins >= TALER_MAX_COINS) ||
(0 == num_fresh_coins) )
{
GNUNET_break_op (0);
diff --git a/src/exchange/taler-exchange-httpd_withdraw.c b/src/exchange/taler-exchange-httpd_withdraw.c
@@ -678,7 +678,7 @@ phase_prepare_transaction (
wc->request.withdraw.cs_r_choices |= bit << i;
GNUNET_static_assert (
- TALER_MAX_REFRESH_COINS <=
+ TALER_MAX_COINS <=
sizeof(wc->request.withdraw.cs_r_choices) * 8);
}
}
@@ -1650,7 +1650,7 @@ withdraw_phase_parse (
const char *error;
GNUNET_static_assert (
- TALER_MAX_REFRESH_COINS < INT_MAX / TALER_CNC_KAPPA);
+ TALER_MAX_COINS < INT_MAX / TALER_CNC_KAPPA);
#define BAIL_IF(cond, msg) \
if ((cond)) { \
@@ -1667,7 +1667,7 @@ withdraw_phase_parse (
* reserve has been charged, but now the user can not withdraw any money
* from it. Note that the user can't get their money back in this case!
*/
- BAIL_IF (num_coins > TALER_MAX_FRESH_COINS,
+ BAIL_IF (num_coins > TALER_MAX_COINS,
"maximum number of coins that can be withdrawn has been exceeded")
BAIL_IF ((! wc->request.withdraw.age_proof_required) &&
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
@@ -36,15 +36,11 @@
/**
* Maximum number of coins we allow per operation.
- */
-#define TALER_MAX_FRESH_COINS 256
-
-/**
- * Maximum number of coins we allow for refresh
* This limit is due to the 64-bit encoding of the bitvector
- * of choices made for CS values.
+ * of choices made for CS values and thus should not be changed
+ * casually...
*/
-#define TALER_MAX_REFRESH_COINS 64
+#define TALER_MAX_COINS 64
/**
* Cut-and-choose size for refreshing. Client looses the gamble (of
diff --git a/src/util/crypto.c b/src/util/crypto.c
@@ -357,7 +357,7 @@ TALER_cs_derive_nonces_from_seed (
const uint32_t indices[static num],
struct GNUNET_CRYPTO_CsSessionNonce nonces[static num])
{
- GNUNET_assert (TALER_MAX_FRESH_COINS > num);
+ GNUNET_assert (TALER_MAX_COINS > num);
for (size_t i = 0; i < num; i++)
TALER_cs_nonce_derive_indexed (
@@ -376,7 +376,7 @@ TALER_cs_derive_only_cs_blind_nonces_from_seed (
const uint32_t indices[static num],
union GNUNET_CRYPTO_BlindSessionNonce nonces[static num])
{
- GNUNET_assert (TALER_MAX_FRESH_COINS > num);
+ GNUNET_assert (TALER_MAX_COINS > num);
for (size_t i = 0; i < num; i++)
TALER_cs_nonce_derive_indexed (
diff --git a/src/util/secmod_cs.c b/src/util/secmod_cs.c
@@ -892,7 +892,7 @@ handle_batch_sign_request (struct TES_Client *client,
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Handling batch sign request of size %u\n",
(unsigned int) bs);
- if (bs > TALER_MAX_FRESH_COINS)
+ if (bs > TALER_MAX_COINS)
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
@@ -958,7 +958,7 @@ handle_batch_derive_request (struct TES_Client *client,
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Handling batch derivation request of size %u\n",
(unsigned int) bs);
- if (bs > TALER_MAX_FRESH_COINS)
+ if (bs > TALER_MAX_COINS)
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
diff --git a/src/util/secmod_rsa.c b/src/util/secmod_rsa.c
@@ -725,7 +725,7 @@ handle_batch_sign_request (struct TES_Client *client,
struct BatchJob jobs[bs];
bool failure = false;
- if (bs > TALER_MAX_FRESH_COINS)
+ if (bs > TALER_MAX_COINS)
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
