From 518c32e1afe5473f209ec67879ad543dddea8bdb Mon Sep 17 00:00:00 2001 From: Martin Stein Date: Tue, 19 Mar 2024 13:55:25 +0100 Subject: [PATCH] tresor: don't decode superblock before hash check Superblock_control::Initialize used to decode a read superblock before checking its hash. This is not necessary but may cause the operation to end up in a decoding error on a superblock that is not the desired one anyway. Ref #5077 --- repos/gems/src/lib/tresor/superblock_control.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/repos/gems/src/lib/tresor/superblock_control.cc b/repos/gems/src/lib/tresor/superblock_control.cc index 1a5e673feb..f4e7670108 100644 --- a/repos/gems/src/lib/tresor/superblock_control.cc +++ b/repos/gems/src/lib/tresor/superblock_control.cc @@ -529,8 +529,8 @@ bool Superblock_control::Initialize::execute(Execute_attr const &attr) case READ_BLOCK: progress |= _read_block.execute(attr.block_io); break; case READ_BLOCK_SUCCEEDED: - _sb_ciphertext.decode_from_blk(_blk); if (check_hash(_blk, _hash)) { + _sb_ciphertext.decode_from_blk(_blk); _gen = _sb_ciphertext.snapshots.items[_sb_ciphertext.snapshots.newest_snap_idx()].gen; attr.sb.copy_all_but_key_values_from(_sb_ciphertext); _decrypt_key.generate(_helper, DECRYPT_KEY, DECRYPT_CURR_KEY_SUCCEEDED, progress, attr.sb.current_key.value, _sb_ciphertext.current_key.value);