-refactor TALER_AgeMask.mask -> TALER_AgeMask.bits

also: fix off-by-one in TALER_age_restriction_commit
2022-03-02 10:59:42 +01:00 · 2022-03-02 10:59:42 +01:00 · 7624db4efd
commit 7624db4efd
parent 4978b1e966
15 changed files with 64 additions and 60 deletions
--- a/src/benchmark/taler-aggregator-benchmark.c
+++ b/src/benchmark/taler-aggregator-benchmark.c
@ -530,7 +530,7 @@ run (void *cls,
    {
      uint64_t seed;
      struct TALER_AgeMask mask = {
-        .mask = 1 || 1 << 8 || 1 << 12 || 1 << 16 || 1 << 18
+        .bits = 1 || 1 << 8 || 1 << 12 || 1 << 16 || 1 << 18
      };
      struct TALER_AgeCommitmentProof acp = {0};
--- a/src/exchange-tools/taler-exchange-offline.c
+++ b/src/exchange-tools/taler-exchange-offline.c
@ -3260,7 +3260,7 @@ load_age_mask (const char*section_name)
  static const struct TALER_AgeMask null_mask = {0};
  enum GNUNET_GenericReturnValue ret;
-  if (age_mask.mask == 0)
+  if (age_mask.bits == 0)
    return null_mask;
  if (GNUNET_OK != (GNUNET_CONFIGURATION_have_value (
--- a/src/exchange/taler-exchange-httpd_extensions.c
+++ b/src/exchange/taler-exchange-httpd_extensions.c
@ -131,7 +131,7 @@ extension_update_event_cb (void *cls,
  /* Special case age restriction: Update global flag and mask  */
  if (TALER_Extension_AgeRestriction == type)
  {
-    TEH_age_mask.mask = 0;
+    TEH_age_mask.bits = 0;
    TEH_age_restriction_enabled =
      TALER_extensions_age_restriction_is_enabled ();
    if (TEH_age_restriction_enabled)
--- a/src/exchange/taler-exchange-httpd_keys.c
+++ b/src/exchange/taler-exchange-httpd_keys.c
@ -797,7 +797,7 @@ load_age_mask (const char*section_name)
  static const struct TALER_AgeMask null_mask = {0};
  struct TALER_AgeMask age_mask = TALER_extensions_age_restriction_ageMask ();
-  if (age_mask.mask == 0)
+  if (age_mask.bits == 0)
    return null_mask;
  if (GNUNET_OK != (GNUNET_CONFIGURATION_have_value (
@ -2120,7 +2120,7 @@ finish_keys_response (struct TEH_KeyStateHandle *ksh)
         * the properties of the denomination.  Also, we build up the right
         * hash for the corresponding array. */
        if (TEH_age_restriction_enabled &&
-            (0 != dk->denom_pub.age_mask.mask))
+            (0 != dk->denom_pub.age_mask.bits))
        {
          have_age_restricted_denoms = true;
          array = age_restricted_denoms;
--- a/src/exchangedb/plugin_exchangedb_postgres.c
+++ b/src/exchangedb/plugin_exchangedb_postgres.c
@ -3146,13 +3146,13 @@ postgres_insert_denomination_info (
    TALER_PQ_query_param_amount_nbo (&issue->properties.fees.deposit),
    TALER_PQ_query_param_amount_nbo (&issue->properties.fees.refresh),
    TALER_PQ_query_param_amount_nbo (&issue->properties.fees.refund),
-    GNUNET_PQ_query_param_uint32 (&denom_pub->age_mask.mask),
+    GNUNET_PQ_query_param_uint32 (&denom_pub->age_mask.bits),
    GNUNET_PQ_query_param_end
  };
  struct TALER_DenomFeeSet fees;
-  GNUNET_assert (denom_pub->age_mask.mask ==
+  GNUNET_assert (denom_pub->age_mask.bits ==
-                 issue->age_mask.mask);
+                 issue->age_mask.bits);
  TALER_denom_pub_hash (denom_pub,
                        &denom_hash);
  GNUNET_assert (0 ==
@ -3225,7 +3225,7 @@ postgres_get_denomination_info (
    TALER_PQ_RESULT_SPEC_AMOUNT_NBO ("fee_refund",
                                     &issue->properties.fees.refund),
    GNUNET_PQ_result_spec_uint32 ("age_mask",
-                                  &issue->age_mask.mask),
+                                  &issue->age_mask.bits),
    GNUNET_PQ_result_spec_end
  };
@ -3316,7 +3316,7 @@ domination_cb_helper (void *cls,
      TALER_PQ_result_spec_denom_pub ("denom_pub",
                                      &denom_pub),
      GNUNET_PQ_result_spec_uint32 ("age_mask",
-                                    &issue.age_mask.mask),
+                                    &issue.age_mask.bits),
      GNUNET_PQ_result_spec_end
    };
@ -3464,7 +3464,7 @@ dominations_cb_helper (void *cls,
      TALER_PQ_result_spec_denom_pub ("denom_pub",
                                      &denom_pub),
      GNUNET_PQ_result_spec_uint32 ("age_mask",
-                                    &meta.age_mask.mask),
+                                    &meta.age_mask.bits),
      GNUNET_PQ_result_spec_end
    };
@ -10329,7 +10329,7 @@ postgres_lookup_denomination_key (
    TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refund",
                                 &meta->fees.refund),
    GNUNET_PQ_result_spec_uint32 ("age_mask",
-                                  &meta->age_mask.mask),
+                                  &meta->age_mask.bits),
    GNUNET_PQ_result_spec_end
  };
@ -10373,7 +10373,7 @@ postgres_add_denomination_key (
    TALER_PQ_query_param_amount (&meta->fees.deposit),
    TALER_PQ_query_param_amount (&meta->fees.refresh),
    TALER_PQ_query_param_amount (&meta->fees.refund),
-    GNUNET_PQ_query_param_uint32 (&meta->age_mask.mask),
+    GNUNET_PQ_query_param_uint32 (&meta->age_mask.bits),
    GNUNET_PQ_query_param_end
  };
--- a/src/extensions/extension_age_restriction.c
+++ b/src/extensions/extension_age_restriction.c
@ -64,7 +64,7 @@ TALER_parse_age_group_string (
      if (prev >= val)
        return GNUNET_SYSERR;
-      mask->mask |= 1 << val;
+      mask->bits |= 1 << val;
      prev = val;
      val = 0;
      continue;
@ -82,8 +82,8 @@ TALER_parse_age_group_string (
  if (0>val || 32<=val || prev>=val)
    return GNUNET_SYSERR;
-  mask->mask |= (1 << val);
+  mask->bits |= (1 << val);
-  mask->mask |= 1; // mark zeroth group, too
+  mask->bits |= 1; // mark zeroth group, too
  return GNUNET_OK;
 }
@ -100,7 +100,7 @@ char *
 TALER_age_mask_to_string (
  const struct TALER_AgeMask *m)
 {
-  uint32_t mask = m->mask;
+  uint32_t bits = m->bits;
  unsigned int n = 0;
  char *buf = GNUNET_malloc (32 * 3); // max characters possible
  char *pos = buf;
@ -110,11 +110,11 @@ TALER_age_mask_to_string (
    return buf;
  }
-  while (mask != 0)
+  while (bits != 0)
  {
-    mask >>= 1;
+    bits >>= 1;
    n++;
-    if (0 == (mask & 1))
+    if (0 == (bits & 1))
    {
      continue;
    }
@ -125,7 +125,7 @@ TALER_age_mask_to_string (
    }
    *(pos++) = '0' + n % 10;
-    if (0 != (mask >> 1))
+    if (0 != (bits >> 1))
    {
      *(pos++) = ':';
    }
@ -160,7 +160,7 @@ age_restriction_disable (
    this->config_json = NULL;
  }
-  _config.mask.mask = 0;
+  _config.mask.bits = 0;
  _config.num_groups = 0;
 }
@ -212,23 +212,23 @@ age_restriction_load_taler_config (
    return GNUNET_SYSERR;
-  mask.mask = TALER_EXTENSION_AGE_RESTRICTION_DEFAULT_AGE_MASK;
+  mask.bits = TALER_EXTENSION_AGE_RESTRICTION_DEFAULT_AGE_MASK;
  ret = GNUNET_OK;
  if (groups != NULL)
  {
    ret = TALER_parse_age_group_string (groups, &mask);
    if (GNUNET_OK != ret)
-      mask.mask = TALER_EXTENSION_AGE_RESTRICTION_DEFAULT_AGE_MASK;
+      mask.bits = TALER_EXTENSION_AGE_RESTRICTION_DEFAULT_AGE_MASK;
  }
  if (GNUNET_OK == ret)
  {
    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
-                "setting age mask to %x with #groups: %d\n", mask.mask,
+                "setting age mask to %x with #groups: %d\n", mask.bits,
-                __builtin_popcount (mask.mask) - 1);
+                __builtin_popcount (mask.bits) - 1);
-    _config.mask.mask = mask.mask;
+    _config.mask.bits = mask.bits;
-    _config.num_groups = __builtin_popcount (mask.mask) - 1; /* no underflow, first bit always set */
+    _config.num_groups = __builtin_popcount (mask.bits) - 1; /* no underflow, first bit always set */
    this->config = &_config;
    /* Note: we do now have _config set, however this->config_json is NOT set,
@ -266,16 +266,16 @@ age_restriction_load_json_config (
  if (TALER_Extension_AgeRestriction != this->type)
    return GNUNET_SYSERR;
-  _config.mask.mask = mask.mask;
+  _config.mask.bits = mask.bits;
  _config.num_groups = 0;
-  if (mask.mask > 0)
+  if (mask.bits > 0)
  {
    /* if the mask is not zero, the first bit MUST be set */
-    if (0 == (mask.mask & 1))
+    if (0 == (mask.bits & 1))
      return GNUNET_SYSERR;
-    _config.num_groups = __builtin_popcount (mask.mask) - 1;
+    _config.num_groups = __builtin_popcount (mask.bits) - 1;
  }
  this->config = &_config;
@ -358,7 +358,7 @@ struct TALER_Extension _extension_age_restriction = {
 bool
 TALER_extensions_age_restriction_is_configured ()
 {
-  return (0 != _config.mask.mask);
+  return (0 != _config.mask.bits);
 }
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@ -850,7 +850,7 @@ struct TALER_BlindedDenominationSignature
 */
 struct TALER_AgeMask
 {
-  uint32_t mask;
+  uint32_t bits;
 };
 /**
--- a/src/json/json_helper.c
+++ b/src/json/json_helper.c
@ -253,7 +253,7 @@ parse_denom_pub (void *cls,
    GNUNET_JSON_spec_string ("cipher",
                             &cipher),
    GNUNET_JSON_spec_uint32 ("age_mask",
-                             &denom_pub->age_mask.mask),
+                             &denom_pub->age_mask.bits),
    GNUNET_JSON_spec_end ()
  };
  const char *emsg;
--- a/src/json/json_pack.c
+++ b/src/json/json_pack.c
@ -64,7 +64,7 @@ TALER_JSON_pack_denom_pub (
          GNUNET_JSON_pack_string ("cipher",
                                   "RSA"),
          GNUNET_JSON_pack_uint64 ("age_mask",
-                                   pk->age_mask.mask),
+                                   pk->age_mask.bits),
          GNUNET_JSON_pack_rsa_public_key ("rsa_public_key",
                                           pk->details.rsa_public_key));
    break;
@ -74,7 +74,7 @@ TALER_JSON_pack_denom_pub (
          GNUNET_JSON_pack_string ("cipher",
                                   "CS"),
          GNUNET_JSON_pack_uint64 ("age_mask",
-                                   pk->age_mask.mask),
+                                   pk->age_mask.bits),
          GNUNET_JSON_pack_data_varsize ("cs_public_key",
                                         &pk->details.cs_public_key,
                                         sizeof (pk->details.cs_public_key)));
--- a/src/pq/pq_query_helper.c
+++ b/src/pq/pq_query_helper.c
@ -186,7 +186,7 @@ qconv_denom_pub (void *cls,
  GNUNET_assert (scratch_length > 0);
  GNUNET_break (NULL == cls);
  be[0] = htonl ((uint32_t) denom_pub->cipher);
-  be[1] = htonl (denom_pub->age_mask.mask);
+  be[1] = htonl (denom_pub->age_mask.bits);
  switch (denom_pub->cipher)
  {
  case TALER_DENOMINATION_RSA:
--- a/src/pq/pq_result_helper.c
+++ b/src/pq/pq_result_helper.c
@ -426,7 +426,7 @@ extract_denom_pub (void *cls,
  res += sizeof (be);
  len -= sizeof (be);
  pk->cipher = ntohl (be[0]);
-  pk->age_mask.mask = ntohl (be[1]);
+  pk->age_mask.bits = ntohl (be[1]);
  switch (pk->cipher)
  {
  case TALER_DENOMINATION_RSA:
--- a/src/testing/testing_api_cmd_refresh.c
+++ b/src/testing/testing_api_cmd_refresh.c
@ -1115,7 +1115,7 @@ melt_run (void *cls,
    /* Melt amount starts with the melt fee of the old coin; we'll add the
       values and withdraw fees of the fresh coins next */
    melt_amount = melt_denom_pub->fees.refresh;
-    age_restricted = melt_denom_pub->key.age_mask.mask != 0;
+    age_restricted = melt_denom_pub->key.age_mask.bits != 0;
    for (unsigned int i = 0; i<num_fresh_coins; i++)
    {
      const struct TALER_EXCHANGE_DenomPublicKey *fresh_pk;
--- a/src/testing/testing_api_helpers_exchange.c
+++ b/src/testing/testing_api_helpers_exchange.c
@ -425,7 +425,7 @@ TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys,
         (GNUNET_TIME_timestamp_cmp (now,
                                     <,
                                     pk->withdraw_valid_until)) &&
-         (age_restricted == (0 != pk->key.age_mask.mask)) )
+         (age_restricted == (0 != pk->key.age_mask.bits)) )
      return pk;
  }
  /* do 2nd pass to check if expiration times are to blame for
@ -442,7 +442,7 @@ TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys,
          GNUNET_TIME_timestamp_cmp (now,
                                     >,
                                     pk->withdraw_valid_until) ) &&
-         (age_restricted == (0 != pk->key.age_mask.mask)) )
+         (age_restricted == (0 != pk->key.age_mask.bits)) )
    {
      GNUNET_log
        (GNUNET_ERROR_TYPE_WARNING,
--- a/src/util/age_restriction.c
+++ b/src/util/age_restriction.c
@ -38,7 +38,7 @@ TALER_age_commitment_hash (
    return;
  }
-  GNUNET_assert (__builtin_popcount (commitment->mask.mask) - 1 ==
+  GNUNET_assert (__builtin_popcount (commitment->mask.bits) - 1 ==
                 commitment->num);
  hash_context = GNUNET_CRYPTO_hash_context_start ();
@ -67,7 +67,7 @@ get_age_group (
  const struct TALER_AgeMask *mask,
  uint8_t age)
 {
-  uint32_t m = mask->mask;
+  uint32_t m = mask->bits;
  uint8_t i = 0;
  while (m > 0)
@ -89,26 +89,29 @@ TALER_age_restriction_commit (
  const uint64_t salt,
  struct TALER_AgeCommitmentProof *new)
 {
-  uint8_t num_pub = __builtin_popcount (mask->mask) - 1;
+  uint8_t num_pub = __builtin_popcount (mask->bits) - 1;
-  uint8_t num_priv = get_age_group (mask, age) - 1;
+  uint8_t num_priv = get_age_group (mask, age);
  size_t i;
  GNUNET_assert (NULL != new);
-  GNUNET_assert (mask->mask & 1); /* fist bit must have been set */
+  GNUNET_assert (mask->bits & 1); /* fist bit must have been set */
  GNUNET_assert (0 <= num_priv);
  GNUNET_assert (31 > num_priv);
  GNUNET_assert (num_priv <= num_pub);
-  new->commitment.mask.mask = mask->mask;
+  new->commitment.mask.bits = mask->bits;
  new->commitment.num = num_pub;
  new->proof.num = num_priv;
  new->proof.priv = NULL;
  new->commitment.pub = GNUNET_new_array (
    num_pub,
    struct TALER_AgeCommitmentPublicKeyP);
-  new->proof.priv = GNUNET_new_array (
+
-    num_priv,
+  if (0 < num_priv)
-    struct TALER_AgeCommitmentPrivateKeyP);
+    new->proof.priv = GNUNET_new_array (
      num_priv,
      struct TALER_AgeCommitmentPrivateKeyP);
  /* Create as many private keys as we need and fill the rest of the
   * public keys with valid curve points.
@ -143,7 +146,8 @@ TALER_age_restriction_commit (
 FAIL:
  GNUNET_free (new->commitment.pub);
-  GNUNET_free (new->proof.priv);
+  if (NULL != new->proof.priv)
    GNUNET_free (new->proof.priv);
  return GNUNET_SYSERR;
 }
@ -199,7 +203,7 @@ TALER_age_commitment_derive (
  GNUNET_assert (NULL != new);
  GNUNET_assert (orig->commitment.num== __builtin_popcount (
-                   orig->commitment.mask.mask) - 1);
+                   orig->commitment.mask.bits) - 1);
  GNUNET_assert (orig->proof.num <= orig->commitment.num);
  new->commitment.mask = orig->commitment.mask;
@ -305,7 +309,7 @@ TALER_age_commitment_attest (
    return GNUNET_OK;
  }
-  if (group > cp->proof.num)
+  if (group >= cp->proof.num)
    return GNUNET_NO;
  {
@ -316,7 +320,7 @@ TALER_age_commitment_attest (
      .age = age
    };
-    GNUNET_CRYPTO_eddsa_sign (&cp->proof.priv[group].eddsa_priv,
+    GNUNET_CRYPTO_eddsa_sign (&cp->proof.priv[group - 1].eddsa_priv,
                              &at,
                              &attest->eddsa_signature);
  }
@ -345,7 +349,7 @@ TALER_age_commitment_verify (
  if (0 == group)
    return GNUNET_OK;
-  if (group > comm->num)
+  if (group >= comm->num)
    return GNUNET_NO;
  {
@ -360,7 +364,7 @@ TALER_age_commitment_verify (
      GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_AGE_ATTESTATION,
                                  &at,
                                  &attest->eddsa_signature,
-                                  &comm->pub[group].eddsa_pub);
+                                  &comm->pub[group - 1].eddsa_pub);
  }
 }
--- a/src/util/denom.c
+++ b/src/util/denom.c
@ -230,7 +230,7 @@ TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub,
                      struct TALER_DenominationHashP *denom_hash)
 {
  uint32_t opt[2] = {
-    htonl (denom_pub->age_mask.mask),
+    htonl (denom_pub->age_mask.bits),
    htonl ((uint32_t) denom_pub->cipher)
  };
  struct GNUNET_HashContext *hc;
@ -558,8 +558,8 @@ TALER_denom_pub_cmp (const struct TALER_DenominationPublicKey *denom1,
 {
  if (denom1->cipher != denom2->cipher)
    return (denom1->cipher > denom2->cipher) ? 1 : -1;
-  if (denom1->age_mask.mask != denom2->age_mask.mask)
+  if (denom1->age_mask.bits != denom2->age_mask.bits)
-    return (denom1->age_mask.mask > denom2->age_mask.mask) ? 1 : -1;
+    return (denom1->age_mask.bits > denom2->age_mask.bits) ? 1 : -1;
  switch (denom1->cipher)
  {
  case TALER_DENOMINATION_INVALID: