From fe32159673160c5db8dc2f30f9b9b913ffaaf16a Mon Sep 17 00:00:00 2001
From: Greg Fitzgerald <garious@gmail.com>
Date: Mon, 2 Apr 2018 21:07:38 -0600
Subject: [PATCH] Add a test to ensure witness data continues to be hashed

---
 src/entry.rs | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/src/entry.rs b/src/entry.rs
index e9d13157f2..e672e71c04 100644
--- a/src/entry.rs
+++ b/src/entry.rs
@@ -113,6 +113,7 @@ pub fn next_tick(start_hash: &Hash, num_hashes: u64) -> Entry {
 #[cfg(test)]
 mod tests {
     use super::*;
+    use chrono::prelude::*;
     use entry::create_entry;
     use event::Event;
     use hash::hash;
@@ -146,6 +147,23 @@ mod tests {
         assert!(!e0.verify(&zero));
     }
 
+    #[test]
+    fn test_witness_reorder_attack() {
+        let zero = Hash::default();
+
+        // First, verify entries
+        let keypair = KeyPair::new();
+        let tr0 = Event::new_timestamp(&keypair, Utc::now());
+        let tr1 = Event::new_signature(&keypair, Default::default());
+        let mut e0 = create_entry(&zero, 0, vec![tr0.clone(), tr1.clone()]);
+        assert!(e0.verify(&zero));
+
+        // Next, swap two witness events and ensure verification fails.
+        e0.events[0] = tr1; // <-- attack
+        e0.events[1] = tr0;
+        assert!(!e0.verify(&zero));
+    }
+
     #[test]
     fn test_next_tick() {
         let zero = Hash::default();