From 7f07951668635882d092443722265f83f97bb6e7 Mon Sep 17 00:00:00 2001
From: Ian Goldberg <iang@uwaterloo.ca>
Date: Fri, 30 Apr 2021 16:44:53 -0400
Subject: [PATCH] Don't forget to check the credential against the seen list

---
 crates/lox-library/src/migration.rs | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/crates/lox-library/src/migration.rs b/crates/lox-library/src/migration.rs
index 4450fdc..8e096fb 100644
--- a/crates/lox-library/src/migration.rs
+++ b/crates/lox-library/src/migration.rs
@@ -41,6 +41,7 @@ use zkp::ProofError;
 use zkp::Transcript;
 
 use super::cred;
+use super::dup_filter::SeenType;
 use super::{BridgeAuth, IssuerPubKey};
 use super::{CMZ_A, CMZ_A_TABLE, CMZ_B, CMZ_B_TABLE};
 
@@ -387,6 +388,12 @@ impl BridgeAuth {
             },
         )?;
 
+        // Ensure the id has not been seen before, and add it to the
+        // seen list.
+        if self.id_filter.filter(&req.id) == SeenType::Seen {
+            return Err(ProofError::VerificationFailure);
+        }
+
         // Blind issuing of the new Lox credential
 
         // Choose a random server id component to add to the client's