X-Git-Url: https://git.ozlabs.org/?p=ccan;a=blobdiff_plain;f=ccan%2Fcrypto%2Fshachain%2Fshachain.c;h=a14d95b8cd4d4c665dca18ab88313f90677e314d;hp=c66196f71d881ce5e19b9bc088d66b9d2fc8b03b;hb=9fc07111603c6e892ed768f900465282314b2982;hpb=954082d1b37e2e0be7816f53255965a99dd1b2ee

diff --git a/ccan/crypto/shachain/shachain.c b/ccan/crypto/shachain/shachain.c
index c66196f7..a14d95b8 100644
--- a/ccan/crypto/shachain/shachain.c
+++ b/ccan/crypto/shachain/shachain.c
@@ -49,7 +49,7 @@ void shachain_init(struct shachain *shachain)
 	shachain->num_valid = 0;
 }
 
-void shachain_add_hash(struct shachain *chain,
+bool shachain_add_hash(struct shachain *chain,
 		       shachain_index_t index, const struct sha256 *hash)
 {
 	int i;
@@ -57,8 +57,16 @@ void shachain_add_hash(struct shachain *chain,
 	for (i = 0; i < chain->num_valid; i++) {
 		/* If we could derive this value, we don't need it,
 		 * not any others (since they're in order). */
-		if (can_derive(index, chain->known[i].index))
+		if (can_derive(index, chain->known[i].index)) {
+			struct sha256 expect;
+
+			/* Make sure the others derive as expected! */
+			derive(index, chain->known[i].index, hash, &expect);
+			if (memcmp(&expect, &chain->known[i].hash,
+				   sizeof(expect)) != 0)
+				return false;
 			break;
+		}
 	}
 
 	/* This can happen if you skip indices! */
@@ -66,6 +74,7 @@ void shachain_add_hash(struct shachain *chain,
 	chain->known[i].index = index;
 	chain->known[i].hash = *hash;
 	chain->num_valid = i+1;
+	return true;
 }
 
 bool shachain_get_hash(const struct shachain *chain,