From d08705329a45637efa21a6ffac9851b6a4b0a0cd Mon Sep 17 00:00:00 2001
From: Scott Nonnenberg <scott@nonnenberg.com>
Date: Wed, 14 Feb 2018 11:35:16 -0800
Subject: [PATCH] Throw error if asked to jump forward in chain by over 2000
 (#43)

As libsignal-protocol-java has had for more than three years. This check
was present when it was first pulled out into its own repo in late 2014:

https://github.com/signalapp/libsignal-protocol-java/blob/60800e155612bea797eed93c67046a23d26054cc/src/main/java/org/whispersystems/libaxolotl/SessionCipher.java#L383
---
 dist/libsignal-protocol.js | 4 ++++
 src/SessionCipher.js       | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/dist/libsignal-protocol.js b/dist/libsignal-protocol.js
index 9b23382..3aefe7b 100644
--- a/dist/libsignal-protocol.js
+++ b/dist/libsignal-protocol.js
@@ -36303,6 +36303,10 @@ SessionCipher.prototype = {
           return Promise.resolve(); // Already calculated
       }
 
+      if (counter - chain.chainKey.counter > 2000) {
+          throw new Error('Over 2000 messages into the future!');
+      }
+
       if (chain.chainKey.key === undefined) {
           throw new Error("Got invalid request to extend chain after it was already closed");
       }
diff --git a/src/SessionCipher.js b/src/SessionCipher.js
index 14d3f2d..29b2f67 100644
--- a/src/SessionCipher.js
+++ b/src/SessionCipher.js
@@ -287,6 +287,10 @@ SessionCipher.prototype = {
           return Promise.resolve(); // Already calculated
       }
 
+      if (counter - chain.chainKey.counter > 2000) {
+          throw new Error('Over 2000 messages into the future!');
+      }
+
       if (chain.chainKey.key === undefined) {
           throw new Error("Got invalid request to extend chain after it was already closed");
       }