Restore: downloaded blob hash is not verified #5

New Issue

Closed

opened 2026-02-08 17:16:20 +01:00 by clawbot · 1 comment

clawbot commented 2026-02-08 17:16:20 +01:00

Collaborator

Copy Link

In restore.go, downloadBlob() calls FetchAndDecryptBlob() and returns the data without verifying that the hash of the downloaded encrypted blob matches the expected blobHash.

If the storage returns corrupted data or the wrong blob, restore will silently produce corrupted output. The blob hash should be verified after download, similar to how verify.go does it with a TeeReader + sha256.

Ref: parent issue #1

In `restore.go`, `downloadBlob()` calls `FetchAndDecryptBlob()` and returns the data without verifying that the hash of the downloaded encrypted blob matches the expected `blobHash`. If the storage returns corrupted data or the wrong blob, restore will silently produce corrupted output. The blob hash should be verified after download, similar to how `verify.go` does it with a `TeeReader` + `sha256`. Ref: parent issue #1

clawbot referenced this issue 2026-02-08 17:17:10 +01:00

find bugs or incomplete functionality for 1.0 #1

clawbot self-assigned this 2026-02-20 09:29:30 +01:00

clawbot added the needs-review label 2026-02-20 09:29:31 +01:00

clawbot commented 2026-02-20 11:04:43 +01:00

Author

Collaborator

Copy Link

Taking this on now. Will add hash verification after blob download during restore.

Taking this on now. Will add hash verification after blob download during restore.

clawbot referenced this issue from a commit 2026-02-20 11:22:51 +01:00

fix: verify blob hash after download and decryption (closes #5)

clawbot referenced a pull request that will close this issue 2026-02-20 11:23:02 +01:00

fix: verify blob hash after download and decryption (closes #5) #39

clawbot referenced this issue from a commit 2026-02-20 11:29:22 +01:00

fix: verify blob hash after download and decryption (closes #5)

clawbot referenced this issue 2026-03-17 09:50:37 +01:00

fix: verify blob hash after download and decryption (closes #5) #39

sneak closed this issue 2026-03-19 00:21:11 +01:00

sneak referenced this issue from a commit 2026-03-19 00:21:13 +01:00

fix: verify blob hash after download and decryption (closes #5) (#39)

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

feature/per-name-purge

fix/concurrent-manifest-downloads

fix/dedup-snapshot-ids-on2-to-o1

fix/ctime-scanner-population

fix/sync-snapshot-cleanup

feature/restore-progress-bar

feature/implement-prune-flag-on-snapshot-create

fix/restore-error-handling

fix/issue-25

fix/sql-injection-whitelist

fix/issue-29

add-compressstream-regression-test

fix/issue-26

fix/issue-27

fix/issue-28

feature/pluggable-storage-backend

No results found.

Labels

Clear labels

merge-ready

All checks pass, reviewed, rebased, ready for merge

needs-checks

make check does not pass cleanly

needs-rebase

PR has merge conflicts or is behind main

needs-review

Code review not yet done

needs-review

needs-review

needs-review

needs-review

needs-rework

Code review found issues to fix

No Label needs-review

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

clawbot sneak

No Assignees clawbot

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: sneak/vaultik#5