Restore: downloaded blob hash is not verified #5

New Issue

Open

opened 2026-02-08 17:16:20 +01:00 by clawbot · 1 comment

clawbot commented 2026-02-08 17:16:20 +01:00

Collaborator

Copy Link

In restore.go, downloadBlob() calls FetchAndDecryptBlob() and returns the data without verifying that the hash of the downloaded encrypted blob matches the expected blobHash.

If the storage returns corrupted data or the wrong blob, restore will silently produce corrupted output. The blob hash should be verified after download, similar to how verify.go does it with a TeeReader + sha256.

Ref: parent issue #1

In `restore.go`, `downloadBlob()` calls `FetchAndDecryptBlob()` and returns the data without verifying that the hash of the downloaded encrypted blob matches the expected `blobHash`. If the storage returns corrupted data or the wrong blob, restore will silently produce corrupted output. The blob hash should be verified after download, similar to how `verify.go` does it with a `TeeReader` + `sha256`. Ref: parent issue #1

clawbot referenced this issue 2026-02-08 17:17:10 +01:00

find bugs or incomplete functionality for 1.0 #1

clawbot self-assigned this 2026-02-20 09:29:30 +01:00

clawbot added the

needs-review

label 2026-02-20 09:29:31 +01:00

clawbot commented 2026-02-20 11:04:43 +01:00

Author

Collaborator

Copy Link

Taking this on now. Will add hash verification after blob download during restore.

Taking this on now. Will add hash verification after blob download during restore.

clawbot referenced this issue from a commit 2026-02-20 11:22:51 +01:00

fix: verify blob hash after download and decryption (closes #5)

clawbot referenced a pull request that will close this issue 2026-02-20 11:23:02 +01:00

fix: verify blob hash after download and decryption (closes #5) #39

clawbot referenced this issue from a commit 2026-02-20 11:29:22 +01:00

fix: verify blob hash after download and decryption (closes #5)

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

refactor/break-up-long-methods

add-make-check

fix/verify-blob-hash

feat/restore-progress-bar

feature/restore-progress-bar

feature/implement-prune-flag-on-snapshot-create

fix/restore-error-handling

fix/issue-25

fix/sql-injection-whitelist

fix/issue-29

add-compressstream-regression-test

fix/issue-26

fix/issue-27

fix/issue-28

feature/pluggable-storage-backend

No results found.

Labels

Clear labels   

bot

Agent's turn to work

  

merge-ready

All checks pass, reviewed, rebased, ready for merge

  

needs-checks

make check does not pass cleanly

  

needs-rebase

PR has merge conflicts or is behind main

  

needs-review

Code review not yet done

  

needs-rework

Code review found issues to fix

No Label

bot

merge-ready

needs-checks

needs-rebase

needs-review

needs-rework

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

clawbot

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: sneak/vaultik#5

No description provided.