crypto/shachain: enforce that indexes have to be added incrementally.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

diff --git a/ccan/crypto/shachain/shachain.c b/ccan/crypto/shachain/shachain.c
index a14d95b8cd4d4c665dca18ab88313f90677e314d..94d7d6466c0a05b4fdac6c57b9bcbc6f3b9b0f13 100644 (file)
--- a/ccan/crypto/shachain/shachain.c
+++ b/ccan/crypto/shachain/shachain.c
@@ -44,9 +44,10 @@ void shachain_from_seed(const struct sha256 *seed, shachain_index_t index,
        derive((shachain_index_t)-1ULL, index, seed, hash);
 }
 
-void shachain_init(struct shachain *shachain)
+void shachain_init(struct shachain *chain)
 {
-       shachain->num_valid = 0;
+       chain->num_valid = 0;
+       chain->max_index = 0;
 }
 
 bool shachain_add_hash(struct shachain *chain,
@@ -54,6 +55,10 @@ bool shachain_add_hash(struct shachain *chain,
 {
        int i;
 
+       /* You have to insert them in order! */
+       assert(index == chain->max_index + 1 ||
+              (index == 0 && chain->num_valid == 0));
+       
        for (i = 0; i < chain->num_valid; i++) {
                /* If we could derive this value, we don't need it,
                 * not any others (since they're in order). */
@@ -74,6 +79,7 @@ bool shachain_add_hash(struct shachain *chain,
        chain->known[i].index = index;
        chain->known[i].hash = *hash;
        chain->num_valid = i+1;
+       chain->max_index = index;
        return true;
 }
 

diff --git a/ccan/crypto/shachain/shachain.h b/ccan/crypto/shachain/shachain.h
index 39d6f3c4c6897b73112fa6ba02646c3dfb5e5115..f3c9ad7038d32484b53fa58a2030757e17484371 100644 (file)
--- a/ccan/crypto/shachain/shachain.h
+++ b/ccan/crypto/shachain/shachain.h
@@ -15,6 +15,7 @@ void shachain_from_seed(const struct sha256 *seed, shachain_index_t index,
                        struct sha256 *hash);
 
 struct shachain {
+       shachain_index_t max_index;
        unsigned int num_valid;
        struct {
                shachain_index_t index;