Linux counter_validate() RFC6479 replay detection modifies bitmap before authentication?

[Leon Woestenberg]

Hello all,

I am trying to understand a few details in WireGuard protocol, looking
at the Linux kernel WireGuard implementation if I am unsure about the
description from the paper. One question I have:

Does counter_validate() in the receive path update the bitmap from the
Type 4 counter (their_counter) before the received Type 4 packet was
authenticated?

Regards,

Leon.