From ab3da7cf64907297b7763e465113f32c658f2f00 Mon Sep 17 00:00:00 2001
From: Andreas Fackler <AndreasFackler@gmx.de>
Date: Tue, 27 Aug 2019 11:13:06 +0200
Subject: [PATCH] Validate JoinPlan.

---
 .../dynamic_honey_badger.rs                   | 28 ++++++++++++++-----
 src/dynamic_honey_badger/error.rs             |  3 ++
 2 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/src/dynamic_honey_badger/dynamic_honey_badger.rs b/src/dynamic_honey_badger/dynamic_honey_badger.rs
index 6156987..0a52afd 100644
--- a/src/dynamic_honey_badger/dynamic_honey_badger.rs
+++ b/src/dynamic_honey_badger/dynamic_honey_badger.rs
@@ -100,6 +100,10 @@ where
         era: u64,
         epoch: u64,
     ) -> Self {
+        assert!(
+            netinfo.all_ids().eq(pub_keys.keys()),
+            "Every validator must have a public key."
+        );
         let max_future_epochs = params.max_future_epochs;
         let our_id = netinfo.our_id().clone();
         let honey_badger = HoneyBadger::builder(netinfo)
@@ -134,15 +138,25 @@ where
             pub_key_set,
             params,
         } = join_plan;
+        let new_pub_keys_opt = match change {
+            ChangeState::InProgress(Change::EncryptionSchedule(..)) | ChangeState::None => None,
+            ChangeState::InProgress(Change::NodeChange(pks)) => Some(pks.clone()),
+            ChangeState::Complete(change) => {
+                let valid = match change {
+                    Change::EncryptionSchedule(schedule) => schedule == params.encryption_schedule,
+                    Change::NodeChange(new_pub_keys) => new_pub_keys == pub_keys,
+                };
+                if !valid {
+                    return Err(Error::InvalidJoinPlan);
+                }
+                None
+            }
+        };
         let netinfo = Arc::new(NetworkInfo::new(our_id, None, pub_key_set, pub_keys.keys()));
         let mut dhb = DynamicHoneyBadger::new(secret_key, pub_keys, netinfo, params, era, 0);
-        let step = match change {
-            ChangeState::InProgress(Change::NodeChange(new_pub_keys)) => {
-                dhb.update_key_gen(join_plan.era, new_pub_keys, rng)?
-            }
-            ChangeState::InProgress(Change::EncryptionSchedule(..))
-            | ChangeState::None
-            | ChangeState::Complete(..) => Step::default(),
+        let step = match new_pub_keys_opt {
+            Some(new_pub_keys) => dhb.update_key_gen(era, new_pub_keys, rng)?,
+            None => Step::default(),
         };
         Ok((dhb, step))
     }
diff --git a/src/dynamic_honey_badger/error.rs b/src/dynamic_honey_badger/error.rs
index d2316fa..22ea149 100644
--- a/src/dynamic_honey_badger/error.rs
+++ b/src/dynamic_honey_badger/error.rs
@@ -22,6 +22,9 @@ pub enum Error {
     /// Failed to handle a `SyncKeyGen` message.
     #[fail(display = "Error handling SyncKeyGen message: {}", _0)]
     SyncKeyGen(sync_key_gen::Error),
+    /// The join plan contains contradictory information.
+    #[fail(display = "Invalid Join Plan")]
+    InvalidJoinPlan,
     /// Unknown sender
     #[fail(display = "Unknown sender")]
     UnknownSender,