implement csr max request elements

src/exchange/taler-exchange-httpd_csr.c

@@ -63,7 +63,15 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
       return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
   }
   csr_requests_num = json_array_size (csr_requests);
-  // FIXME: check number of requests against an upper bound
+  if (TALER_MAX_FRESH_COINS <= csr_requests_num)
+  {
+    return TALER_MHD_reply_with_error (
+      rc->connection,
+      MHD_HTTP_BAD_REQUEST,
+      // FIXME: generalize error message
+      TALER_EC_EXCHANGE_REFRESHES_REVEAL_NEW_DENOMS_ARRAY_SIZE_EXCESSIVE,
+      NULL);
+  }
   struct TALER_CsNonce nonces[GNUNET_NZL (csr_requests_num)];
   struct TALER_DenominationHash denom_pub_hashes[GNUNET_NZL (csr_requests_num)];
   for (unsigned int i = 0; i < csr_requests_num; i++)
@@ -86,7 +94,6 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
                                       csr_spec,
                                       i,
                                       -1);
-    GNUNET_JSON_parse_free (csr_spec);
     if (GNUNET_OK != res)
       return (GNUNET_NO == res) ? MHD_YES : MHD_NO;
   }
@@ -158,6 +165,7 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
     }
 
     // derive r_pub
+    // FIXME: bundle all requests into one derivation request (TEH_keys_..., crypto helper, security module)
     ec = TEH_keys_denomination_cs_r_pub (denom_pub_hash,
                                          nonce,
                                          r_pub);

src/exchange/taler-exchange-httpd_refreshes_reveal.c

@@ -31,12 +31,6 @@
 #include "taler-exchange-httpd_keys.h"
 
 
-/**
- * Maximum number of fresh coins we allow per refresh operation.
- */
-#define MAX_FRESH_COINS 256
-
-
 /**
  * Send a response for "/refreshes/$RCH/reveal".
  *
@@ -305,7 +299,7 @@ resolve_refreshes_reveal_denominations (struct MHD_Connection *connection,
                                         const json_t *coin_evs)
 {
   unsigned int num_fresh_coins = json_array_size (new_denoms_h_json);
-  /* We know num_fresh_coins is bounded by #MAX_FRESH_COINS, so this is safe */
+  /* We know num_fresh_coins is bounded by #TALER_MAX_FRESH_COINS, so this is safe */
   const struct TEH_DenominationKey *dks[num_fresh_coins];
   struct TALER_RefreshCoinData rcds[num_fresh_coins];
   struct TALER_EXCHANGEDB_RefreshRevealedCoin rrcs[num_fresh_coins];
@@ -610,7 +604,7 @@ handle_refreshes_reveal_json (struct MHD_Connection *connection,
   unsigned int num_tprivs = json_array_size (tp_json);
 
   GNUNET_assert (num_tprivs == TALER_CNC_KAPPA - 1); /* checked just earlier */
-  if ( (num_fresh_coins >= MAX_FRESH_COINS) ||
+  if ( (num_fresh_coins >= TALER_MAX_FRESH_COINS) ||
        (0 == num_fresh_coins) )
   {
     GNUNET_break_op (0);

src/include/taler_crypto_lib.h

@@ -1557,6 +1557,12 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
 /* ****************** Refresh crypto primitives ************* */
 
 
+/**
+ * Maximum number of fresh coins we allow per refresh operation.
+ */
+#define TALER_MAX_FRESH_COINS 256
+
+
 /**
  * Given the coin and the transfer private keys, compute the
  * transfer secret.  (Technically, we only need one of the two